/* General-purpose forwarding routines. These routines may be put into */
/* libkrb5.a to allow widespread use */
-#ifdef KERBEROS
+#if defined(KERBEROS) || defined(KRB5)
#include <stdio.h>
#include <pwd.h>
#include <netdb.h>
if (!rhost || !(hp = gethostbyname(rhost)))
return KRB5_ERR_BAD_HOSTNAME;
- remote_host = malloc(strlen(hp->h_name)+1);
+ remote_host = (char *) malloc(strlen(hp->h_name)+1);
if (!remote_host)
- return ENOMEM;
+ return ENOMEM;
strcpy(remote_host, hp->h_name);
if (retval = krb5_get_host_realm(remote_host, &hrealms)) {
ret_cred.enc_part.etype = etype;
ret_cred.enc_part.kvno = 0;
- cred_enc_part.creds = (krb5_cred_enc_struct **)
- calloc(2, sizeof(*cred_enc_part.creds));
- if (!cred_enc_part.creds) {
+ cred_enc_part.ticket_info = (krb5_cred_info **)
+ calloc(2, sizeof(*cred_enc_part.ticket_info));
+ if (!cred_enc_part.ticket_info) {
krb5_free_tickets(ret_cred.tickets);
return ENOMEM;
}
- cred_enc_part.creds[0] = (krb5_cred_enc_struct *)
- malloc(sizeof(*cred_enc_part.creds[0]));
- if (!cred_enc_part.creds[0]) {
+ cred_enc_part.ticket_info[0] = (krb5_cred_info *)
+ malloc(sizeof(*cred_enc_part.ticket_info[0]));
+ if (!cred_enc_part.ticket_info[0]) {
krb5_free_tickets(ret_cred.tickets);
krb5_free_cred_enc_part(cred_enc_part);
return ENOMEM;
}
- cred_enc_part.creds[0]->session = dec_rep->enc_part2->session;
- cred_enc_part.creds[0]->nonce = 0;
+ cred_enc_part.nonce = 0;
- if (retval = krb5_us_timeofday(&cred_enc_part.creds[0]->timestamp,
- &cred_enc_part.creds[0]->usec))
+ if (retval = krb5_us_timeofday(&cred_enc_part.timestamp,
+ &cred_enc_part.usec))
return retval;
- cred_enc_part.creds[0]->s_address = (krb5_address *)sender_addr;
- cred_enc_part.creds[0]->r_address = (krb5_address *)recv_addr;
- cred_enc_part.creds[0]->client = dec_rep->client;
- cred_enc_part.creds[0]->server = dec_rep->enc_part2->server;
- cred_enc_part.creds[0]->flags = dec_rep->enc_part2->flags;
- cred_enc_part.creds[0]->times = dec_rep->enc_part2->times;
- cred_enc_part.creds[0]->caddrs = dec_rep->enc_part2->caddrs;
+ cred_enc_part.s_address = (krb5_address *)sender_addr;
+ cred_enc_part.r_address = (krb5_address *)recv_addr;
+
+ cred_enc_part.ticket_info[0]->session = dec_rep->enc_part2->session;
+ cred_enc_part.ticket_info[0]->client = dec_rep->client;
+ cred_enc_part.ticket_info[0]->server = dec_rep->enc_part2->server;
+ cred_enc_part.ticket_info[0]->flags = dec_rep->enc_part2->flags;
+ cred_enc_part.ticket_info[0]->times = dec_rep->enc_part2->times;
+ cred_enc_part.ticket_info[0]->caddrs = dec_rep->enc_part2->caddrs;
- cred_enc_part.creds[1] = 0;
+ cred_enc_part.ticket_info[1] = 0;
/* start by encoding to-be-encrypted part of the message */
cleanup_mesg();
return retval;
}
- if (!in_clock_skew(credmsg_enc_part->creds[0]->timestamp)) {
+ if (!in_clock_skew(credmsg_enc_part->timestamp)) {
cleanup_mesg();
return KRB5KRB_AP_ERR_SKEW;
}
- if (sender_addr && credmsg_enc_part->creds[0]->s_address &&
+ if (sender_addr && credmsg_enc_part->s_address &&
!krb5_address_compare(sender_addr,
- credmsg_enc_part->creds[0]->s_address)) {
+ credmsg_enc_part->s_address)) {
cleanup_mesg();
return KRB5KRB_AP_ERR_BADADDR;
}
- if (recv_addr && credmsg_enc_part->creds[0]->r_address &&
+ if (recv_addr && credmsg_enc_part->r_address &&
!krb5_address_compare(recv_addr,
- credmsg_enc_part->creds[0]->r_address)) {
+ credmsg_enc_part->r_address)) {
cleanup_mesg();
return KRB5KRB_AP_ERR_BADADDR;
}
- if (credmsg_enc_part->creds[0]->r_address) {
+ if (credmsg_enc_part->r_address) {
krb5_address **our_addrs;
if (retval = krb5_os_localaddr(&our_addrs)) {
cleanup_mesg();
return retval;
}
- if (!krb5_address_search(credmsg_enc_part->creds[0]->r_address,
+ if (!krb5_address_search(credmsg_enc_part->r_address,
our_addrs)) {
krb5_free_addresses(our_addrs);
cleanup_mesg();
krb5_free_addresses(our_addrs);
}
- if (retval = krb5_copy_principal(credmsg_enc_part->creds[0]->client,
+ if (retval = krb5_copy_principal(credmsg_enc_part->ticket_info[0]->client,
&creds->client)) {
return(retval);
}
- if (retval = krb5_copy_principal(credmsg_enc_part->creds[0]->server,
+ if (retval = krb5_copy_principal(credmsg_enc_part->ticket_info[0]->server,
&creds->server)) {
return(retval);
}
if (retval =
- krb5_copy_keyblock_contents(credmsg_enc_part->creds[0]->session,
+ krb5_copy_keyblock_contents(credmsg_enc_part->ticket_info[0]->session,
&creds->keyblock)) {
return(retval);
}
#define clean() {\
memset((char *)creds->keyblock.contents, 0, creds->keyblock.length);}
- creds->times = credmsg_enc_part->creds[0]->times;
+ creds->times = credmsg_enc_part->ticket_info[0]->times;
creds->is_skey = FALSE;
- creds->ticket_flags = credmsg_enc_part->creds[0]->flags;
+ creds->ticket_flags = credmsg_enc_part->ticket_info[0]->flags;
- if (retval = krb5_copy_addresses(credmsg_enc_part->creds[0]->caddrs,
+ if (retval = krb5_copy_addresses(credmsg_enc_part->ticket_info[0]->caddrs,
&creds->addresses)) {
clean();
return(retval);
/* Time set */
typedef struct _krb5_ticket_times {
- krb5_timestamp authtime;
+ krb5_timestamp authtime; /* XXX ? should ktime in KDC_REP == authtime
+ in ticket? otherwise client can't get this */
krb5_timestamp starttime; /* optional in ticket, if not present,
use authtime */
krb5_timestamp endtime;
krb5_enc_data enc_part; /* encrypted part */
} krb5_cred;
-typedef struct _krb5_cred_enc_struct {
+typedef struct _krb5_cred_info {
krb5_keyblock* session; /* session key used to encrypt */
/* ticket */
- krb5_int32 nonce; /* nonce, optional */
- krb5_timestamp timestamp; /* client time */
- krb5_int32 usec; /* microsecond portion of time */
- krb5_address *s_address; /* sender address, optional */
- krb5_address *r_address; /* recipient address, optional */
krb5_principal client; /* client name/realm, optional */
krb5_principal server; /* server name/realm, optional */
krb5_flags flags; /* ticket flags, optional */
krb5_ticket_times times; /* auth, start, end, renew_till, */
/* optional */
krb5_address **caddrs; /* array of ptrs to addresses */
-} krb5_cred_enc_struct;
+} krb5_cred_info;
typedef struct _krb5_cred_enc_part {
- krb5_cred_enc_struct **creds;
+ krb5_int32 nonce; /* nonce, optional */
+ krb5_timestamp timestamp; /* client time */
+ krb5_int32 usec; /* microsecond portion of time */
+ krb5_address *s_address; /* sender address, optional */
+ krb5_address *r_address; /* recipient address, optional */
+ krb5_cred_info **ticket_info;
} krb5_cred_enc_part;
/* these need to be here so the typedefs are available for the prototypes */
r-address[5] HostAddress OPTIONAL -- recip's addr
}
--- These two definitions are added to allow easy forwarding of
--- credentials.
+-- The KRB-CRED message allows easy forwarding of credentials.
KRB-CRED ::= [APPLICATION 22] SEQUENCE {
pvno[0] INTEGER,
enc-part[3] EncryptedData -- EncKrbCredPart
}
-EncKrbCredPart ::= [APPLICATION 29] SEQUENCE OF SEQUENCE {
- key[0] EncryptionKey,
+EncKrbCredPart ::= [APPLICATION 29] SEQUENCE {
+ ticket-info[0] SEQUENCE OF KRB-CRED-INFO,
nonce[1] INTEGER OPTIONAL,
- timestamp[2] KerberosTime,
- usec[3] INTEGER,
+ timestamp[2] KerberosTime OPTIONAL,
+ usec[3] INTEGER OPTIONAL,
s-address[4] HostAddress OPTIONAL,
- r-address[5] HostAddress OPTIONAL,
- prealm[6] Realm OPTIONAL,
- pname[7] PrincipalName OPTIONAL,
- flags[8] TicketFlags OPTIONAL,
- authtime[9] KerberosTime OPTIONAL,
- starttime[10] KerberosTime OPTIONAL,
- endtime[11] KerberosTime OPTIONAL,
- renew-till[12] KerberosTime OPTIONAL,
- srealm[13] Realm OPTIONAL,
- sname[14] PrincipalName OPTIONAL,
- caddr[15] HostAddresses OPTIONAL
+ r-address[5] HostAddress OPTIONAL
+}
+
+KRB-CRED-INFO ::= SEQUENCE {
+ key[0] EncryptionKey,
+ prealm[1] Realm OPTIONAL,
+ pname[2] PrincipalName OPTIONAL,
+ flags[3] TicketFlags OPTIONAL,
+ authtime[4] KerberosTime OPTIONAL,
+ starttime[5] KerberosTime OPTIONAL,
+ endtime[6] KerberosTime OPTIONAL,
+ renew-till[7] KerberosTime OPTIONAL,
+ srealm[8] Realm OPTIONAL,
+ sname[9] PrincipalName OPTIONAL,
+ caddr[10] HostAddresses OPTIONAL
}
KRB-ERROR ::= [APPLICATION 30] SEQUENCE {
{
register krb5_cred_enc_part *retval;
register int i;
- register const struct type_KRB5_EncKrbCredPart *rv;
- register const struct element_KRB5_14 *rv2;
+ register const struct element_KRB5_13 *rv;
retval = (krb5_cred_enc_part *)xmalloc(sizeof(*retval));
if (!retval) {
}
xbzero((char *)retval, sizeof(*retval));
- for (i = 0, rv = val; rv; i++, rv = rv->next);
+ /* Count ticket_info */
+ for (i = 0, rv = val->ticket__info; rv; i++, rv = rv->next);
/* plus one for null terminator */
- retval->creds = (krb5_cred_enc_struct **) xcalloc(i + 1, sizeof(*retval->creds));
- if (!retval->creds) {
+ retval->ticket_info = (krb5_cred_info **)
+ xcalloc(i + 1, sizeof(*retval->ticket_info));
+ if (!retval->ticket_info) {
nomem:
*error = ENOMEM;
return(0);
}
-
- for (i = 0, rv = val; rv; rv = rv->next, i++) {
- rv2 = rv->element_KRB5_13;
- retval->creds[i] = (krb5_cred_enc_struct *) xmalloc(sizeof(*retval->creds[i]));
- if (!retval->creds[i]) {
- krb5_free_cred_enc_part(retval);
- goto nomem;
- }
- xbzero((char *)retval->creds[i], sizeof(*retval->creds[i]));
-
- retval->creds[i]->session = KRB5_EncryptionKey2krb5_keyblock(rv2->key, error);
- if (!retval->creds[i]->session) {
- xfree(retval->creds[i]);
- return(0);
- }
-
- if (rv2->optionals & opt_KRB5_element_KRB5_14_nonce)
- retval->creds[i]->nonce = rv2->nonce;
- else
- retval->creds[i]->nonce = 0;
-
- retval->creds[i]->timestamp = gentime2unix(rv2->timestamp, error);
+
+ if (val->optionals & opt_KRB5_EncKrbCredPart_nonce)
+ retval->nonce = val->nonce;
+ else
+ retval->nonce = 0;
+
+ if (val->timestamp) {
+ retval->timestamp = gentime2unix(val->timestamp, error);
if (*error) {
errout:
- krb5_free_cred_enc_part(retval->creds[i]);
+ krb5_free_cred_enc_part(retval);
return(0);
}
- retval->creds[i]->usec = rv2->usec;
-
- if (rv2->s__address) {
- retval->creds[i]->s_address = KRB5_HostAddress2krb5_addr(rv2->s__address,
- error);
- if (!retval->creds[i]->s_address) {
- goto errout;
- }
+ }
+
+ if (val->optionals & opt_KRB5_EncKrbCredPart_usec)
+ retval->usec = val->usec;
+ else
+ retval->timestamp = 0;
+
+ if (val->s__address) {
+ retval->s_address =
+ KRB5_HostAddress2krb5_addr(val->s__address,
+ error);
+ if (!retval->s_address) {
+ goto errout;
}
-
- if (rv2->r__address) {
- retval->creds[i]->r_address = KRB5_HostAddress2krb5_addr(rv2->r__address,
- error);
- if (!retval->creds[i]->r_address) {
- goto errout;
- }
+ }
+
+ if (val->r__address) {
+ retval->r_address =
+ KRB5_HostAddress2krb5_addr(val->r__address,
+ error);
+ if (!retval->r_address) {
+ goto errout;
+ }
+ }
+
+ for (i = 0, rv = val->ticket__info; rv; rv = rv->next, i++) {
+ retval->ticket_info[i] = (krb5_cred_info *)
+ xmalloc(sizeof(*retval->ticket_info[i]));
+ if (!retval->ticket_info[i]) {
+ krb5_free_cred_enc_part(retval);
+ goto nomem;
}
+ xbzero((char *)retval->ticket_info[i],
+ sizeof(*retval->ticket_info[i]));
+
+ retval->ticket_info[i]->session =
+ KRB5_EncryptionKey2krb5_keyblock(rv->KRB__CRED__INFO->key, error);
+ if (!retval->ticket_info[i]->session)
+ goto errout;
- if (rv2->pname && rv2->prealm) {
- retval->creds[i]->client = KRB5_PrincipalName2krb5_principal(rv2->pname,
- rv2->prealm,
- error);
- if (!retval->creds[i]->client) {
- goto errout;
- }
+ if (rv->KRB__CRED__INFO->pname && rv->KRB__CRED__INFO->prealm) {
+ retval->ticket_info[i]->client =
+ KRB5_PrincipalName2krb5_principal(rv->KRB__CRED__INFO->pname,
+ rv->KRB__CRED__INFO->prealm,
+ error);
+ if (!retval->ticket_info[i]->client)
+ goto errout;
}
- if (rv2->sname && rv2->srealm) {
- retval->creds[i]->server = KRB5_PrincipalName2krb5_principal(rv2->sname,
- rv2->srealm,
- error);
- if (!retval->creds[i]->server) {
- goto errout;
- }
+ if (rv->KRB__CRED__INFO->sname && rv->KRB__CRED__INFO->srealm) {
+ retval->ticket_info[i]->server =
+ KRB5_PrincipalName2krb5_principal(rv->KRB__CRED__INFO->sname,
+ rv->KRB__CRED__INFO->srealm,
+ error);
+ if (!retval->ticket_info[i]->server)
+ goto errout;
}
- if (rv2->flags) {
- retval->creds[i]->flags = KRB5_TicketFlags2krb5_flags(rv2->flags, error);
- if (*error) {
- xfree(retval->creds[i]);
- return(0);
- }
+ if (rv->KRB__CRED__INFO->flags) {
+ retval->ticket_info[i]->flags =
+ KRB5_TicketFlags2krb5_flags(rv->KRB__CRED__INFO->flags, error);
+ if (*error)
+ goto errout;
}
- if (rv2->authtime) {
- retval->creds[i]->times.authtime = gentime2unix(rv2->authtime, error);
- if (*error) {
- goto errout;
- }
+ if (rv->KRB__CRED__INFO->authtime) {
+ retval->ticket_info[i]->times.authtime =
+ gentime2unix(rv->KRB__CRED__INFO->authtime, error);
+ if (*error)
+ goto errout;
}
- if (rv2->starttime) {
- retval->creds[i]->times.starttime = gentime2unix(rv2->starttime, error);
- if (*error) {
- goto errout;
- }
+ if (rv->KRB__CRED__INFO->starttime) {
+ retval->ticket_info[i]->times.starttime =
+ gentime2unix(rv->KRB__CRED__INFO->starttime, error);
+ if (*error)
+ goto errout;
}
- if (rv2->endtime) {
- retval->creds[i]->times.endtime = gentime2unix(rv2->endtime, error);
- if (*error) {
- goto errout;
- }
+ if (rv->KRB__CRED__INFO->endtime) {
+ retval->ticket_info[i]->times.endtime =
+ gentime2unix(rv->KRB__CRED__INFO->endtime, error);
+ if (*error)
+ goto errout;
}
- if ((retval->creds[i]->flags & TKT_FLG_RENEWABLE) && rv2->renew__till) {
- retval->creds[i]->times.renew_till = gentime2unix(rv2->renew__till, error);
- if (*error) {
- goto errout;
- }
+ if ((retval->ticket_info[i]->flags & TKT_FLG_RENEWABLE) &&
+ rv->KRB__CRED__INFO->renew__till) {
+ retval->ticket_info[i]->times.renew_till =
+ gentime2unix(rv->KRB__CRED__INFO->renew__till, error);
+ if (*error)
+ goto errout;
}
- if (rv2->caddr) {
- retval->creds[i]->caddrs = KRB5_HostAddresses2krb5_address(rv2->caddr,
- error);
- if (!retval->creds[i]->caddrs) {
- goto errout;
- }
+ if (rv->KRB__CRED__INFO->caddr) {
+ retval->ticket_info[i]->caddrs =
+ KRB5_HostAddresses2krb5_address(rv->KRB__CRED__INFO->caddr,
+ error);
+ if (!retval->ticket_info[i]->caddrs)
+ goto errout;
}
}
- retval->creds[i] = 0;
+
+ retval->ticket_info[i] = 0;
return(retval);
}
const register krb5_cred_enc_part *val;
register int *error;
{
- register struct type_KRB5_EncKrbCredPart *retval = 0, *rv1 = 0, *rv2;
- register krb5_cred_enc_struct * const *temp;
+ struct type_KRB5_EncKrbCredPart *retval = 0;
+ register struct element_KRB5_13 *rv1 = 0, *rv2;
+ register krb5_cred_info * const *temp;
register int i;
- for (i = 0, temp = val->creds; *temp; temp++, i++, rv1 = rv2) {
-
- rv2 = (struct type_KRB5_EncKrbCredPart *) xmalloc(sizeof(*rv2));
- if (!rv2) {
+ retval = (struct type_KRB5_EncKrbCredPart *) xmalloc(sizeof(*retval));
+ if (!retval) {
+ *error = ENOMEM;
+ return(0);
+ }
+ xbzero((char *)retval, sizeof (*retval));
+
+ if (val->nonce) {
+ retval->nonce = val->nonce;
+ retval->optionals |= opt_KRB5_EncKrbCredPart_nonce;
+ }
+
+ if (val->timestamp) {
+ retval->timestamp = unix2gentime(val->timestamp, error);
+ if (!retval->timestamp) {
+ errout:
if (retval)
- free_KRB5_EncKrbCredPart(retval);
+ free_KRB5_EncKrbCredPart(retval);
*error = ENOMEM;
return(0);
}
+ }
+
+ if (val->usec) {
+ retval->usec = val->usec;
+ retval->optionals |= opt_KRB5_EncKrbCredPart_usec;
+ }
+
+ if (val->s_address) {
+ retval->s__address =
+ krb5_addr2KRB5_HostAddress(val->s_address, error);
+ if (!retval->s__address) {
+ goto errout;
+ }
+ }
+
+ if (val->r_address) {
+ retval->r__address =
+ krb5_addr2KRB5_HostAddress(val->r_address, error);
+ if (!retval->r__address) {
+ goto errout;
+ }
+ }
+
+ for (i = 0, temp = val->ticket_info; *temp; temp++, i++, rv1 = rv2) {
+
+ rv2 = (struct element_KRB5_13 *) xmalloc(sizeof(*rv2));
+ if (!rv2)
+ goto errout;
+
xbzero((char *)rv2, sizeof (*rv2));
if (rv1)
rv1->next = rv2;
- if (!retval)
- retval = rv2;
+ if (!retval->ticket__info)
+ retval->ticket__info = rv2;
- rv2->element_KRB5_13 = (struct element_KRB5_14 *)
- xmalloc(sizeof(*(rv2->element_KRB5_13)));
- if (!rv2->element_KRB5_13) {
- errout:
- if (retval)
- free_KRB5_EncKrbCredPart(retval);
- *error = ENOMEM;
- return(0);
- }
- xbzero((char *)rv2->element_KRB5_13, sizeof (*rv2->element_KRB5_13));
-
- rv2->element_KRB5_13->key =
- krb5_keyblock2KRB5_EncryptionKey(val->creds[i]->session, error);
- if (!rv2->element_KRB5_13->key) {
- goto errout;
- }
-
- if (val->creds[i]->nonce) {
- rv2->element_KRB5_13->nonce = val->creds[i]->nonce;
- rv2->element_KRB5_13->optionals |= opt_KRB5_element_KRB5_14_nonce;
- }
-
- rv2->element_KRB5_13->timestamp = unix2gentime(val->creds[i]->timestamp, error);
- if (!rv2->element_KRB5_13->timestamp) {
+ rv2->KRB__CRED__INFO = (struct type_KRB5_KRB__CRED__INFO *)
+ xmalloc(sizeof(*(rv2->KRB__CRED__INFO)));
+ if (!rv2->KRB__CRED__INFO)
+ goto errout;
+ xbzero((char *)rv2->KRB__CRED__INFO, sizeof (*rv2->KRB__CRED__INFO));
+
+ rv2->KRB__CRED__INFO->key =
+ krb5_keyblock2KRB5_EncryptionKey(val->ticket_info[i]->session,
+ error);
+ if (!rv2->KRB__CRED__INFO->key) {
goto errout;
}
- rv2->element_KRB5_13->usec = val->creds[i]->usec;
-
- if (val->creds[i]->s_address) {
- rv2->element_KRB5_13->s__address =
- krb5_addr2KRB5_HostAddress(val->creds[i]->s_address, error);
- if (!rv2->element_KRB5_13->s__address) {
+ if (val->ticket_info[i]->client) {
+ rv2->KRB__CRED__INFO->prealm =
+ krb5_data2qbuf(krb5_princ_realm(val->ticket_info[i]->client));
+ if (!rv2->KRB__CRED__INFO->prealm) {
goto errout;
}
- }
-
- if (val->creds[i]->r_address) {
- rv2->element_KRB5_13->r__address =
- krb5_addr2KRB5_HostAddress(val->creds[i]->r_address, error);
- if (!rv2->element_KRB5_13->r__address) {
+ rv2->KRB__CRED__INFO->pname =
+ krb5_principal2KRB5_PrincipalName(val->ticket_info[i]->client,
+ error);
+ if (!rv2->KRB__CRED__INFO->pname) {
goto errout;
}
}
- if (val->creds[i]->client) {
- rv2->element_KRB5_13->prealm =
- krb5_data2qbuf(krb5_princ_realm(val->creds[i]->client));
- if (!rv2->element_KRB5_13->prealm) {
- goto errout;
- }
- rv2->element_KRB5_13->pname =
- krb5_principal2KRB5_PrincipalName(val->creds[i]->client, error);
- if (!rv2->element_KRB5_13->pname) {
+ if (val->ticket_info[i]->flags) {
+ rv2->KRB__CRED__INFO->flags =
+ krb5_flags2KRB5_TicketFlags(val->ticket_info[i]->flags, error);
+ if (!rv2->KRB__CRED__INFO->flags) {
goto errout;
}
}
- if (val->creds[i]->flags) {
- rv2->element_KRB5_13->flags =
- krb5_flags2KRB5_TicketFlags(val->creds[i]->flags, error);
- if (!rv2->element_KRB5_13->flags) {
+ if (val->ticket_info[i]->times.authtime) {
+ rv2->KRB__CRED__INFO->authtime =
+ unix2gentime(val->ticket_info[i]->times.authtime, error);
+ if (!rv2->KRB__CRED__INFO->authtime) {
goto errout;
}
}
-
- rv2->element_KRB5_13->authtime =
- unix2gentime(val->creds[i]->times.authtime, error);
- if (!rv2->element_KRB5_13->authtime) {
- goto errout;
- }
- if (val->creds[i]->times.starttime) {
- rv2->element_KRB5_13->starttime =
- unix2gentime(val->creds[i]->times.starttime, error);
- if (!rv2->element_KRB5_13->starttime) {
+
+ if (val->ticket_info[i]->times.starttime) {
+ rv2->KRB__CRED__INFO->starttime =
+ unix2gentime(val->ticket_info[i]->times.starttime, error);
+ if (!rv2->KRB__CRED__INFO->starttime) {
goto errout;
}
}
- rv2->element_KRB5_13->endtime =
- unix2gentime(val->creds[i]->times.endtime, error);
- if (!rv2->element_KRB5_13->endtime) {
- goto errout;
+
+ if (val->ticket_info[i]->times.endtime) {
+ rv2->KRB__CRED__INFO->endtime =
+ unix2gentime(val->ticket_info[i]->times.endtime, error);
+ if (!rv2->KRB__CRED__INFO->endtime) {
+ goto errout;
+ }
}
- if (val->creds[i]->flags & TKT_FLG_RENEWABLE) {
- rv2->element_KRB5_13->renew__till =
- unix2gentime(val->creds[i]->times.renew_till, error);
- if (!rv2->element_KRB5_13->renew__till) {
+
+ if (val->ticket_info[i]->flags & TKT_FLG_RENEWABLE) {
+ rv2->KRB__CRED__INFO->renew__till =
+ unix2gentime(val->ticket_info[i]->times.renew_till, error);
+ if (!rv2->KRB__CRED__INFO->renew__till) {
goto errout;
}
}
- if (val->creds[i]->server) {
- rv2->element_KRB5_13->srealm =
- krb5_data2qbuf(krb5_princ_realm(val->creds[i]->server));
- if (!rv2->element_KRB5_13->srealm) {
+ if (val->ticket_info[i]->server) {
+ rv2->KRB__CRED__INFO->srealm =
+ krb5_data2qbuf(krb5_princ_realm(val->ticket_info[i]->server));
+ if (!rv2->KRB__CRED__INFO->srealm) {
*error = ENOMEM;
goto errout;
}
- rv2->element_KRB5_13->sname =
- krb5_principal2KRB5_PrincipalName(val->creds[i]->server, error);
- if (!rv2->element_KRB5_13->sname) {
+ rv2->KRB__CRED__INFO->sname =
+ krb5_principal2KRB5_PrincipalName(val->ticket_info[i]->server,
+ error);
+ if (!rv2->KRB__CRED__INFO->sname) {
goto errout;
}
}
- if (val->creds[i]->caddrs) {
- rv2->element_KRB5_13->caddr =
- krb5_address2KRB5_HostAddresses(val->creds[i]->caddrs, error);
- if (!rv2->element_KRB5_13->caddr) {
+ if (val->ticket_info[i]->caddrs) {
+ rv2->KRB__CRED__INFO->caddr =
+ krb5_address2KRB5_HostAddresses(val->ticket_info[i]->caddrs,
+ error);
+ if (!rv2->KRB__CRED__INFO->caddr) {
goto errout;
}
}
}
- if (retval == 0)
- *error = ISODE_LOCAL_ERR_MISSING_PART;
-
return(retval);
}
* struct type_KRB5_PasswdData {
* integer passwd__sequence__count;
* /* SEQUENCE OF */
- * struct element_KRB5_15 {
+ * struct element_KRB5_14 {
* struct type_KRB5_PasswdSequence *PasswdSequence;
- * struct element_KRB5_15 *next;
+ * struct element_KRB5_14 *next;
* } *passwd__sequence;
* };
*
register int *error;
{
register struct type_KRB5_PasswdData *retval = 0;
- register struct element_KRB5_15 *passwdseq = 0, *rv1 = 0, *rv2;
+ register struct element_KRB5_14 *passwdseq = 0, *rv1 = 0, *rv2;
passwd_phrase_element **temp;
register int i;
for ( i = 0, temp = (passwd_phrase_element **) val->element;
*temp;
temp++, i++, rv1 = rv2){
- if ((rv2 = (struct element_KRB5_15 *) xcalloc(1,
+ if ((rv2 = (struct element_KRB5_14 *) xcalloc(1,
sizeof(*rv2))) == NULL) {;
*error = ENOMEM;
errout:
{
register krb5_pwd_data *retval;
register passwd_phrase_element **element;
- register struct element_KRB5_15 *seq_ptr, *rv;
+ register struct element_KRB5_14 *seq_ptr, *rv;
register int i;
krb5_free_cred_enc_part(val)
register krb5_cred_enc_part *val;
{
- register krb5_cred_enc_struct **temp;
+ register krb5_cred_info **temp;
- for (temp = val->creds; *temp; temp++) {
+ if (val->r_address)
+ krb5_free_address(val->r_address);
+ if (val->s_address)
+ krb5_free_address(val->s_address);
+
+ for (temp = val->ticket_info; *temp; temp++) {
if ((*temp)->session)
krb5_free_keyblock((*temp)->session);
- if ((*temp)->r_address)
- krb5_free_address((*temp)->r_address);
- if ((*temp)->s_address)
- krb5_free_address((*temp)->s_address);
if ((*temp)->client)
krb5_free_principal((*temp)->client);
if ((*temp)->server)