Merged in ISI's modified CRED-INFO patches
authorTheodore Tso <tytso@mit.edu>
Wed, 22 Sep 1993 00:43:22 +0000 (00:43 +0000)
committerTheodore Tso <tytso@mit.edu>
Wed, 22 Sep 1993 00:43:22 +0000 (00:43 +0000)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@2647 dc483132-0cff-0310-8789-dd5450dbe970

src/appl/bsd/forward.c
src/include/krb5/krb5.h
src/lib/krb5/asn.1/KRB5-asn.py
src/lib/krb5/asn.1/crep2kcrep.c
src/lib/krb5/asn.1/kcrep2crep.c
src/lib/krb5/asn.1/kpwds2pwds.c
src/lib/krb5/asn.1/pwds2kpwds.c
src/lib/krb5/free/f_cred_enc.c

index cdeb878736af5170e83a96f92bc926e73d5cd697..cef8ec6faf2439579e1230066f003333edcf8df6 100644 (file)
@@ -30,7 +30,7 @@ static char *rcsid_forward_c =
 /* General-purpose forwarding routines. These routines may be put into */
 /* libkrb5.a to allow widespread use */ 
 
-#ifdef KERBEROS
+#if defined(KERBEROS) || defined(KRB5)
 #include <stdio.h>
 #include <pwd.h>
 #include <netdb.h>
@@ -76,9 +76,9 @@ get_for_creds(etype, sumtype, rhost, client, enc_key, forwardable, outbuf)
     if (!rhost || !(hp = gethostbyname(rhost)))
       return KRB5_ERR_BAD_HOSTNAME;
 
-    remote_host = malloc(strlen(hp->h_name)+1);
+    remote_host = (char *) malloc(strlen(hp->h_name)+1);
     if (!remote_host)
-           return ENOMEM;
+      return ENOMEM;
     strcpy(remote_host, hp->h_name);
 
     if (retval = krb5_get_host_realm(remote_host, &hrealms)) {
@@ -266,35 +266,36 @@ krb5_data *outbuf;
     ret_cred.enc_part.etype = etype; 
     ret_cred.enc_part.kvno = 0;
 
-    cred_enc_part.creds = (krb5_cred_enc_struct **) 
-      calloc(2, sizeof(*cred_enc_part.creds));
-    if (!cred_enc_part.creds) {
+    cred_enc_part.ticket_info = (krb5_cred_info **) 
+      calloc(2, sizeof(*cred_enc_part.ticket_info));
+    if (!cred_enc_part.ticket_info) {
        krb5_free_tickets(ret_cred.tickets);
        return ENOMEM;
     }
-    cred_enc_part.creds[0] = (krb5_cred_enc_struct *) 
-      malloc(sizeof(*cred_enc_part.creds[0]));
-    if (!cred_enc_part.creds[0]) {
+    cred_enc_part.ticket_info[0] = (krb5_cred_info *) 
+      malloc(sizeof(*cred_enc_part.ticket_info[0]));
+    if (!cred_enc_part.ticket_info[0]) {
        krb5_free_tickets(ret_cred.tickets);
        krb5_free_cred_enc_part(cred_enc_part);
        return ENOMEM;
     }
-    cred_enc_part.creds[0]->session = dec_rep->enc_part2->session;
-    cred_enc_part.creds[0]->nonce = 0;
+    cred_enc_part.nonce = 0;
 
-    if (retval = krb5_us_timeofday(&cred_enc_part.creds[0]->timestamp,
-                                  &cred_enc_part.creds[0]->usec))
+    if (retval = krb5_us_timeofday(&cred_enc_part.timestamp,
+                                  &cred_enc_part.usec))
       return retval;
 
-    cred_enc_part.creds[0]->s_address = (krb5_address *)sender_addr;
-    cred_enc_part.creds[0]->r_address = (krb5_address *)recv_addr;
-    cred_enc_part.creds[0]->client = dec_rep->client;
-    cred_enc_part.creds[0]->server = dec_rep->enc_part2->server;
-    cred_enc_part.creds[0]->flags  = dec_rep->enc_part2->flags;
-    cred_enc_part.creds[0]->times  = dec_rep->enc_part2->times;
-    cred_enc_part.creds[0]->caddrs = dec_rep->enc_part2->caddrs;
+    cred_enc_part.s_address = (krb5_address *)sender_addr;
+    cred_enc_part.r_address = (krb5_address *)recv_addr;
+
+    cred_enc_part.ticket_info[0]->session = dec_rep->enc_part2->session;
+    cred_enc_part.ticket_info[0]->client = dec_rep->client;
+    cred_enc_part.ticket_info[0]->server = dec_rep->enc_part2->server;
+    cred_enc_part.ticket_info[0]->flags  = dec_rep->enc_part2->flags;
+    cred_enc_part.ticket_info[0]->times  = dec_rep->enc_part2->times;
+    cred_enc_part.ticket_info[0]->caddrs = dec_rep->enc_part2->caddrs;
 
-    cred_enc_part.creds[1] = 0;
+    cred_enc_part.ticket_info[1] = 0;
 
     /* start by encoding to-be-encrypted part of the message */
 
@@ -535,32 +536,32 @@ const krb5_address *recv_addr;    /* optional */
        cleanup_mesg();
        return retval;
     }
-    if (!in_clock_skew(credmsg_enc_part->creds[0]->timestamp)) {
+    if (!in_clock_skew(credmsg_enc_part->timestamp)) {
        cleanup_mesg();  
        return KRB5KRB_AP_ERR_SKEW;
     }
 
-    if (sender_addr && credmsg_enc_part->creds[0]->s_address &&
+    if (sender_addr && credmsg_enc_part->s_address &&
        !krb5_address_compare(sender_addr, 
-                             credmsg_enc_part->creds[0]->s_address)) {
+                             credmsg_enc_part->s_address)) {
        cleanup_mesg();
        return KRB5KRB_AP_ERR_BADADDR;
     }
-    if (recv_addr && credmsg_enc_part->creds[0]->r_address &&
+    if (recv_addr && credmsg_enc_part->r_address &&
        !krb5_address_compare(recv_addr, 
-                             credmsg_enc_part->creds[0]->r_address)) {
+                             credmsg_enc_part->r_address)) {
        cleanup_mesg();
        return KRB5KRB_AP_ERR_BADADDR;
     }      
 
-    if (credmsg_enc_part->creds[0]->r_address) {
+    if (credmsg_enc_part->r_address) {
        krb5_address **our_addrs;
        
        if (retval = krb5_os_localaddr(&our_addrs)) {
            cleanup_mesg();
            return retval;
        }
-       if (!krb5_address_search(credmsg_enc_part->creds[0]->r_address, 
+       if (!krb5_address_search(credmsg_enc_part->r_address, 
                                 our_addrs)) {
            krb5_free_addresses(our_addrs);
            cleanup_mesg();
@@ -569,18 +570,18 @@ const krb5_address *recv_addr;    /* optional */
        krb5_free_addresses(our_addrs);
     }
 
-    if (retval = krb5_copy_principal(credmsg_enc_part->creds[0]->client,
+    if (retval = krb5_copy_principal(credmsg_enc_part->ticket_info[0]->client,
                                     &creds->client)) {
        return(retval);
     }
 
-    if (retval = krb5_copy_principal(credmsg_enc_part->creds[0]->server,
+    if (retval = krb5_copy_principal(credmsg_enc_part->ticket_info[0]->server,
                                     &creds->server)) {
        return(retval);
     }  
 
     if (retval =
-       krb5_copy_keyblock_contents(credmsg_enc_part->creds[0]->session, 
+       krb5_copy_keyblock_contents(credmsg_enc_part->ticket_info[0]->session, 
                                    &creds->keyblock)) {
        return(retval);
     }
@@ -589,11 +590,11 @@ const krb5_address *recv_addr;    /* optional */
 #define clean() {\
        memset((char *)creds->keyblock.contents, 0, creds->keyblock.length);}
 
-    creds->times = credmsg_enc_part->creds[0]->times;
+    creds->times = credmsg_enc_part->ticket_info[0]->times;
     creds->is_skey = FALSE;
-    creds->ticket_flags = credmsg_enc_part->creds[0]->flags;
+    creds->ticket_flags = credmsg_enc_part->ticket_info[0]->flags;
 
-    if (retval = krb5_copy_addresses(credmsg_enc_part->creds[0]->caddrs,
+    if (retval = krb5_copy_addresses(credmsg_enc_part->ticket_info[0]->caddrs,
                                     &creds->addresses)) {
        clean();
        return(retval);
index c7c082cc969bd85042f2322f56cb9ad74c45c501..15a4bddcc724185e0027a8f3438b25964768d7ac 100644 (file)
@@ -47,7 +47,8 @@
 
 /* Time set */
 typedef struct _krb5_ticket_times {
-    krb5_timestamp authtime;
+    krb5_timestamp authtime; /* XXX ? should ktime in KDC_REP == authtime
+                               in ticket? otherwise client can't get this */ 
     krb5_timestamp starttime;          /* optional in ticket, if not present,
                                           use authtime */
     krb5_timestamp endtime;
@@ -245,24 +246,24 @@ typedef struct _krb5_cred {
     krb5_enc_data enc_part;            /* encrypted part */
 } krb5_cred;
 
-typedef struct _krb5_cred_enc_struct {
+typedef struct _krb5_cred_info {
     krb5_keyblock* session;             /* session key used to encrypt */
                                        /* ticket */
-    krb5_int32 nonce;                  /* nonce, optional */
-    krb5_timestamp timestamp;          /* client time */
-    krb5_int32 usec;                   /* microsecond portion of time */
-    krb5_address *s_address;           /* sender address, optional */
-    krb5_address *r_address;           /* recipient address, optional */
     krb5_principal client;              /* client name/realm, optional */
     krb5_principal server;              /* server name/realm, optional */
     krb5_flags flags;                  /* ticket flags, optional */
     krb5_ticket_times times;           /* auth, start, end, renew_till, */
                                         /* optional */
     krb5_address **caddrs;             /* array of ptrs to addresses */
-} krb5_cred_enc_struct;
+} krb5_cred_info;
 
 typedef struct _krb5_cred_enc_part {
-    krb5_cred_enc_struct **creds;
+    krb5_int32 nonce;                   /* nonce, optional */
+    krb5_timestamp timestamp;           /* client time */
+    krb5_int32 usec;                    /* microsecond portion of time */
+    krb5_address *s_address;            /* sender address, optional */
+    krb5_address *r_address;            /* recipient address, optional */
+    krb5_cred_info **ticket_info;
 } krb5_cred_enc_part;    
 
 /* these need to be here so the typedefs are available for the prototypes */
index 6f42b9d9dcbcaf241406cfca545aaa43127725a2..60a66f6f95c4d13dbb9a352d55b179a93f6fe73b 100644 (file)
@@ -255,8 +255,7 @@ EncKrbPrivPart ::=  [APPLICATION 28] SEQUENCE {
        r-address[5]    HostAddress OPTIONAL    -- recip's addr 
 }
 
--- These two definitions are added to allow easy forwarding of 
--- credentials.
+-- The KRB-CRED message allows easy forwarding of credentials.
 
 KRB-CRED ::= [APPLICATION 22] SEQUENCE {
        pvno[0]         INTEGER,
@@ -265,23 +264,27 @@ KRB-CRED ::= [APPLICATION 22] SEQUENCE {
        enc-part[3]     EncryptedData -- EncKrbCredPart 
 }
 
-EncKrbCredPart ::= [APPLICATION 29] SEQUENCE OF SEQUENCE {
-       key[0]          EncryptionKey,
+EncKrbCredPart ::= [APPLICATION 29] SEQUENCE {
+       ticket-info[0]  SEQUENCE OF KRB-CRED-INFO,      
        nonce[1]        INTEGER OPTIONAL,
-       timestamp[2]    KerberosTime,
-       usec[3]         INTEGER,
+       timestamp[2]    KerberosTime OPTIONAL,
+       usec[3]         INTEGER OPTIONAL,
        s-address[4]    HostAddress OPTIONAL,
-       r-address[5]    HostAddress OPTIONAL,
-        prealm[6]      Realm OPTIONAL,
-        pname[7]       PrincipalName OPTIONAL,
-        flags[8]       TicketFlags OPTIONAL,
-        authtime[9]    KerberosTime OPTIONAL,
-        starttime[10]  KerberosTime OPTIONAL,
-        endtime[11]    KerberosTime OPTIONAL,
-        renew-till[12]         KerberosTime OPTIONAL,
-        srealm[13]     Realm OPTIONAL,
-        sname[14]      PrincipalName OPTIONAL,
-        caddr[15]      HostAddresses OPTIONAL 
+       r-address[5]    HostAddress OPTIONAL
+}
+
+KRB-CRED-INFO  ::=     SEQUENCE {
+       key[0]          EncryptionKey,
+        prealm[1]      Realm OPTIONAL,
+        pname[2]       PrincipalName OPTIONAL,
+        flags[3]       TicketFlags OPTIONAL,
+        authtime[4]    KerberosTime OPTIONAL,
+        starttime[5]   KerberosTime OPTIONAL,
+        endtime[6]     KerberosTime OPTIONAL,
+        renew-till[7]  KerberosTime OPTIONAL,
+        srealm[8]      Realm OPTIONAL,
+        sname[9]       PrincipalName OPTIONAL,
+        caddr[10]      HostAddresses OPTIONAL 
 }
 
 KRB-ERROR ::=  [APPLICATION 30] SEQUENCE {
index 8428eb5127fd1143b8ee95db71dcfdab047193bb..11cae366d988b13ccb471881ec72a056c38f4aba 100644 (file)
@@ -48,8 +48,7 @@ register int *error;
 {
     register krb5_cred_enc_part *retval;
     register int i;
-    register const struct type_KRB5_EncKrbCredPart *rv;
-    register const struct element_KRB5_14 *rv2;
+    register const struct element_KRB5_13 *rv;
 
     retval = (krb5_cred_enc_part *)xmalloc(sizeof(*retval));
     if (!retval) {
@@ -58,122 +57,133 @@ register int *error;
     }
     xbzero((char *)retval, sizeof(*retval));
 
-    for (i = 0, rv = val; rv; i++, rv = rv->next);
+    /* Count ticket_info */
+    for (i = 0, rv = val->ticket__info; rv; i++, rv = rv->next);
 
     /* plus one for null terminator */
-    retval->creds = (krb5_cred_enc_struct **) xcalloc(i + 1, sizeof(*retval->creds));
-    if (!retval->creds) {
+    retval->ticket_info = (krb5_cred_info **) 
+      xcalloc(i + 1, sizeof(*retval->ticket_info));
+    if (!retval->ticket_info) {
     nomem:
        *error = ENOMEM;
        return(0);
     }
-
-    for (i = 0, rv = val; rv; rv = rv->next, i++) {
-       rv2 = rv->element_KRB5_13;
-       retval->creds[i] = (krb5_cred_enc_struct *) xmalloc(sizeof(*retval->creds[i]));
-       if (!retval->creds[i]) {
-           krb5_free_cred_enc_part(retval);
-           goto nomem;
-       }
-       xbzero((char *)retval->creds[i], sizeof(*retval->creds[i]));
-
-       retval->creds[i]->session = KRB5_EncryptionKey2krb5_keyblock(rv2->key, error);
-       if (!retval->creds[i]->session) {
-           xfree(retval->creds[i]);
-           return(0);
-       }
-       
-       if (rv2->optionals & opt_KRB5_element_KRB5_14_nonce)
-         retval->creds[i]->nonce = rv2->nonce;
-       else
-         retval->creds[i]->nonce = 0;
-       
-       retval->creds[i]->timestamp = gentime2unix(rv2->timestamp, error);
+    
+    if (val->optionals & opt_KRB5_EncKrbCredPart_nonce)
+      retval->nonce = val->nonce;
+    else
+      retval->nonce = 0;
+    
+    if (val->timestamp) {
+       retval->timestamp = gentime2unix(val->timestamp, error);
        if (*error) {
          errout:
-           krb5_free_cred_enc_part(retval->creds[i]);
+           krb5_free_cred_enc_part(retval);
            return(0);
        }
-       retval->creds[i]->usec = rv2->usec;
-       
-       if (rv2->s__address) {
-           retval->creds[i]->s_address = KRB5_HostAddress2krb5_addr(rv2->s__address, 
-                                                                    error);
-           if (!retval->creds[i]->s_address) {
-               goto errout;
-           }
+    }
+    
+    if (val->optionals & opt_KRB5_EncKrbCredPart_usec)
+      retval->usec = val->usec;
+    else
+      retval->timestamp = 0;
+    
+    if (val->s__address) {
+       retval->s_address = 
+         KRB5_HostAddress2krb5_addr(val->s__address, 
+                                    error);
+       if (!retval->s_address) {
+           goto errout;
        }
-       
-       if (rv2->r__address) {
-           retval->creds[i]->r_address = KRB5_HostAddress2krb5_addr(rv2->r__address, 
-                                                                    error); 
-           if (!retval->creds[i]->r_address) {
-               goto errout;
-           }
+    }
+    
+    if (val->r__address) {
+       retval->r_address =
+         KRB5_HostAddress2krb5_addr(val->r__address, 
+                                    error); 
+       if (!retval->r_address) {
+           goto errout;
+       }
+    }
+    
+    for (i = 0, rv = val->ticket__info; rv; rv = rv->next, i++) {
+       retval->ticket_info[i] = (krb5_cred_info *) 
+         xmalloc(sizeof(*retval->ticket_info[i]));
+       if (!retval->ticket_info[i]) {
+           krb5_free_cred_enc_part(retval);
+           goto nomem;
        }
+       xbzero((char *)retval->ticket_info[i], 
+              sizeof(*retval->ticket_info[i]));
+
+       retval->ticket_info[i]->session = 
+         KRB5_EncryptionKey2krb5_keyblock(rv->KRB__CRED__INFO->key, error);
+       if (!retval->ticket_info[i]->session)
+         goto errout;
        
-       if (rv2->pname && rv2->prealm) {
-           retval->creds[i]->client = KRB5_PrincipalName2krb5_principal(rv2->pname,
-                                                                        rv2->prealm,
-                                                                        error);
-           if (!retval->creds[i]->client) {
-               goto errout;
-           }
+       if (rv->KRB__CRED__INFO->pname && rv->KRB__CRED__INFO->prealm) {
+           retval->ticket_info[i]->client = 
+             KRB5_PrincipalName2krb5_principal(rv->KRB__CRED__INFO->pname,
+                                               rv->KRB__CRED__INFO->prealm,
+                                               error);
+           if (!retval->ticket_info[i]->client)
+             goto errout;
        }
        
-       if (rv2->sname && rv2->srealm) {
-           retval->creds[i]->server = KRB5_PrincipalName2krb5_principal(rv2->sname,
-                                                                        rv2->srealm,
-                                                                        error);
-           if (!retval->creds[i]->server) {
-               goto errout;
-           }
+       if (rv->KRB__CRED__INFO->sname && rv->KRB__CRED__INFO->srealm) {
+           retval->ticket_info[i]->server = 
+             KRB5_PrincipalName2krb5_principal(rv->KRB__CRED__INFO->sname,
+                                               rv->KRB__CRED__INFO->srealm,
+                                               error);
+           if (!retval->ticket_info[i]->server)
+             goto errout;
        }
        
-       if (rv2->flags) {
-           retval->creds[i]->flags = KRB5_TicketFlags2krb5_flags(rv2->flags, error);
-           if (*error) {
-               xfree(retval->creds[i]);
-               return(0);
-           }
+       if (rv->KRB__CRED__INFO->flags) {
+           retval->ticket_info[i]->flags =
+             KRB5_TicketFlags2krb5_flags(rv->KRB__CRED__INFO->flags, error);
+           if (*error)
+             goto errout;
        }
        
-       if (rv2->authtime) {
-           retval->creds[i]->times.authtime = gentime2unix(rv2->authtime, error);
-           if (*error) {
-               goto errout;
-           }   
+       if (rv->KRB__CRED__INFO->authtime) {
+           retval->ticket_info[i]->times.authtime =
+             gentime2unix(rv->KRB__CRED__INFO->authtime, error);
+           if (*error) 
+             goto errout;
        }
        
-       if (rv2->starttime) {
-           retval->creds[i]->times.starttime = gentime2unix(rv2->starttime, error);
-           if (*error) {
-               goto errout;
-           }   
+       if (rv->KRB__CRED__INFO->starttime) {
+           retval->ticket_info[i]->times.starttime = 
+             gentime2unix(rv->KRB__CRED__INFO->starttime, error);
+           if (*error)
+             goto errout;
        }
        
-       if (rv2->endtime) {
-           retval->creds[i]->times.endtime = gentime2unix(rv2->endtime, error);
-           if (*error) {
-               goto errout;
-           }   
+       if (rv->KRB__CRED__INFO->endtime) {
+           retval->ticket_info[i]->times.endtime = 
+             gentime2unix(rv->KRB__CRED__INFO->endtime, error);
+           if (*error)
+             goto errout;
        }
        
-       if ((retval->creds[i]->flags & TKT_FLG_RENEWABLE) && rv2->renew__till) {
-           retval->creds[i]->times.renew_till = gentime2unix(rv2->renew__till, error);
-           if (*error) {
-               goto errout;
-           }   
+       if ((retval->ticket_info[i]->flags & TKT_FLG_RENEWABLE) && 
+           rv->KRB__CRED__INFO->renew__till) {
+           retval->ticket_info[i]->times.renew_till = 
+             gentime2unix(rv->KRB__CRED__INFO->renew__till, error);
+           if (*error)
+             goto errout;
        }
        
-       if (rv2->caddr) {
-           retval->creds[i]->caddrs = KRB5_HostAddresses2krb5_address(rv2->caddr, 
-                                                                      error);
-           if (!retval->creds[i]->caddrs) {
-               goto errout;
-           }
+       if (rv->KRB__CRED__INFO->caddr) {
+           retval->ticket_info[i]->caddrs = 
+             KRB5_HostAddresses2krb5_address(rv->KRB__CRED__INFO->caddr, 
+                                             error);
+           if (!retval->ticket_info[i]->caddrs)
+             goto errout;
        }
     }
-    retval->creds[i] = 0;
+
+    retval->ticket_info[i] = 0;
     return(retval);
 }
index 4ab1d666f698498b2d263cf6ff6f0d1c6a8b36b2..3c48216a048b7bd6fe923cbed7961a13ed7d3d62 100644 (file)
@@ -46,143 +46,160 @@ krb5_cred_enc_part2KRB5_EncKrbCredPart(val, error)
 const register krb5_cred_enc_part *val;
 register int *error;
 {
-    register struct type_KRB5_EncKrbCredPart *retval = 0, *rv1 = 0, *rv2;
-    register krb5_cred_enc_struct * const *temp;
+    struct type_KRB5_EncKrbCredPart *retval = 0;
+    register struct element_KRB5_13 *rv1 = 0, *rv2;
+    register krb5_cred_info * const *temp;
     register int i;
 
-    for (i = 0, temp = val->creds; *temp; temp++, i++, rv1 = rv2) {
-       
-       rv2 = (struct type_KRB5_EncKrbCredPart *) xmalloc(sizeof(*rv2));
-       if (!rv2) {
+    retval = (struct type_KRB5_EncKrbCredPart *) xmalloc(sizeof(*retval));
+    if (!retval) {
+       *error = ENOMEM;
+       return(0);
+    }
+    xbzero((char *)retval, sizeof (*retval));
+
+    if (val->nonce) {
+       retval->nonce = val->nonce;
+       retval->optionals |= opt_KRB5_EncKrbCredPart_nonce;
+    }
+    
+    if (val->timestamp) {
+       retval->timestamp = unix2gentime(val->timestamp, error);
+       if (!retval->timestamp) {
+         errout:
            if (retval)
-               free_KRB5_EncKrbCredPart(retval);
+             free_KRB5_EncKrbCredPart(retval);
            *error = ENOMEM;
            return(0);
        }
+    }
+    
+    if (val->usec) {
+       retval->usec = val->usec;
+       retval->optionals |= opt_KRB5_EncKrbCredPart_usec;
+    }
+    
+    if (val->s_address) {
+       retval->s__address =
+         krb5_addr2KRB5_HostAddress(val->s_address, error); 
+       if (!retval->s__address) {
+           goto errout;
+       }
+    }
+    
+    if (val->r_address) {
+       retval->r__address =
+         krb5_addr2KRB5_HostAddress(val->r_address, error); 
+       if (!retval->r__address) {
+           goto errout;
+       }
+    }
+       
+    for (i = 0, temp = val->ticket_info; *temp; temp++, i++, rv1 = rv2) {
+       
+       rv2 = (struct element_KRB5_13 *) xmalloc(sizeof(*rv2));
+       if (!rv2)
+         goto errout;
+
         xbzero((char *)rv2, sizeof (*rv2));
 
         if (rv1)
             rv1->next = rv2;
 
-        if (!retval)
-            retval = rv2;
+        if (!retval->ticket__info)
+            retval->ticket__info = rv2;
 
-       rv2->element_KRB5_13 = (struct element_KRB5_14 *)
-           xmalloc(sizeof(*(rv2->element_KRB5_13)));
-       if (!rv2->element_KRB5_13) {
-         errout:
-           if (retval)
-               free_KRB5_EncKrbCredPart(retval);
-           *error = ENOMEM;
-           return(0);
-       } 
-        xbzero((char *)rv2->element_KRB5_13, sizeof (*rv2->element_KRB5_13));
-       
-       rv2->element_KRB5_13->key =
-         krb5_keyblock2KRB5_EncryptionKey(val->creds[i]->session, error);
-       if (!rv2->element_KRB5_13->key) {
-           goto errout;
-       }
-       
-       if (val->creds[i]->nonce) {
-           rv2->element_KRB5_13->nonce = val->creds[i]->nonce;
-           rv2->element_KRB5_13->optionals |= opt_KRB5_element_KRB5_14_nonce;
-       }
-       
-       rv2->element_KRB5_13->timestamp = unix2gentime(val->creds[i]->timestamp, error);
-       if (!rv2->element_KRB5_13->timestamp) {
+       rv2->KRB__CRED__INFO = (struct type_KRB5_KRB__CRED__INFO *)
+            xmalloc(sizeof(*(rv2->KRB__CRED__INFO)));
+        if (!rv2->KRB__CRED__INFO)
+            goto errout;
+        xbzero((char *)rv2->KRB__CRED__INFO, sizeof (*rv2->KRB__CRED__INFO));
+
+       rv2->KRB__CRED__INFO->key =
+         krb5_keyblock2KRB5_EncryptionKey(val->ticket_info[i]->session, 
+                                          error);
+       if (!rv2->KRB__CRED__INFO->key) {
            goto errout;
        }
        
-       rv2->element_KRB5_13->usec = val->creds[i]->usec;
-       
-       if (val->creds[i]->s_address) {
-           rv2->element_KRB5_13->s__address =
-             krb5_addr2KRB5_HostAddress(val->creds[i]->s_address, error); 
-           if (!rv2->element_KRB5_13->s__address) {
+       if (val->ticket_info[i]->client) {
+           rv2->KRB__CRED__INFO->prealm =
+             krb5_data2qbuf(krb5_princ_realm(val->ticket_info[i]->client)); 
+           if (!rv2->KRB__CRED__INFO->prealm) {
                goto errout;
            }
-       }
-       if (val->creds[i]->r_address) {
-           rv2->element_KRB5_13->r__address =
-             krb5_addr2KRB5_HostAddress(val->creds[i]->r_address, error); 
-           if (!rv2->element_KRB5_13->r__address) {
+           rv2->KRB__CRED__INFO->pname =
+             krb5_principal2KRB5_PrincipalName(val->ticket_info[i]->client, 
+                                               error); 
+           if (!rv2->KRB__CRED__INFO->pname) {
                goto errout;
            }
        }
        
-       if (val->creds[i]->client) {
-           rv2->element_KRB5_13->prealm =
-             krb5_data2qbuf(krb5_princ_realm(val->creds[i]->client)); 
-           if (!rv2->element_KRB5_13->prealm) {
-               goto errout;
-           }
-           rv2->element_KRB5_13->pname =
-             krb5_principal2KRB5_PrincipalName(val->creds[i]->client, error); 
-           if (!rv2->element_KRB5_13->pname) {
+       if (val->ticket_info[i]->flags) {
+           rv2->KRB__CRED__INFO->flags =
+             krb5_flags2KRB5_TicketFlags(val->ticket_info[i]->flags, error); 
+           if (!rv2->KRB__CRED__INFO->flags) {
                goto errout;
            }
        }
        
-       if (val->creds[i]->flags) {
-           rv2->element_KRB5_13->flags =
-             krb5_flags2KRB5_TicketFlags(val->creds[i]->flags, error); 
-           if (!rv2->element_KRB5_13->flags) {
+       if (val->ticket_info[i]->times.authtime) {
+           rv2->KRB__CRED__INFO->authtime =
+             unix2gentime(val->ticket_info[i]->times.authtime, error); 
+           if (!rv2->KRB__CRED__INFO->authtime) {
                goto errout;
            }
        }
-       
-       rv2->element_KRB5_13->authtime =
-         unix2gentime(val->creds[i]->times.authtime, error); 
-       if (!rv2->element_KRB5_13->authtime) {
-           goto errout;
-       }
-       if (val->creds[i]->times.starttime) {
-           rv2->element_KRB5_13->starttime =
-             unix2gentime(val->creds[i]->times.starttime, error); 
-           if (!rv2->element_KRB5_13->starttime) {
+
+       if (val->ticket_info[i]->times.starttime) {
+           rv2->KRB__CRED__INFO->starttime =
+             unix2gentime(val->ticket_info[i]->times.starttime, error); 
+           if (!rv2->KRB__CRED__INFO->starttime) {
                goto errout;
            }
        }
-       rv2->element_KRB5_13->endtime =
-         unix2gentime(val->creds[i]->times.endtime, error); 
-       if (!rv2->element_KRB5_13->endtime) {
-           goto errout;
+
+       if (val->ticket_info[i]->times.endtime) {
+           rv2->KRB__CRED__INFO->endtime =
+             unix2gentime(val->ticket_info[i]->times.endtime, error); 
+           if (!rv2->KRB__CRED__INFO->endtime) {
+               goto errout;
+           }
        }
-       if (val->creds[i]->flags & TKT_FLG_RENEWABLE) {
-           rv2->element_KRB5_13->renew__till =
-             unix2gentime(val->creds[i]->times.renew_till, error); 
-           if (!rv2->element_KRB5_13->renew__till) {
+
+       if (val->ticket_info[i]->flags & TKT_FLG_RENEWABLE) {
+           rv2->KRB__CRED__INFO->renew__till =
+             unix2gentime(val->ticket_info[i]->times.renew_till, error); 
+           if (!rv2->KRB__CRED__INFO->renew__till) {
                goto errout;
            }
        }
        
-       if (val->creds[i]->server) {
-           rv2->element_KRB5_13->srealm =
-             krb5_data2qbuf(krb5_princ_realm(val->creds[i]->server)); 
-           if (!rv2->element_KRB5_13->srealm) {
+       if (val->ticket_info[i]->server) {
+           rv2->KRB__CRED__INFO->srealm =
+             krb5_data2qbuf(krb5_princ_realm(val->ticket_info[i]->server)); 
+           if (!rv2->KRB__CRED__INFO->srealm) {
                *error = ENOMEM;
                goto errout;
            }
-           rv2->element_KRB5_13->sname =
-             krb5_principal2KRB5_PrincipalName(val->creds[i]->server, error); 
-           if (!rv2->element_KRB5_13->sname) {
+           rv2->KRB__CRED__INFO->sname =
+             krb5_principal2KRB5_PrincipalName(val->ticket_info[i]->server, 
+                                               error); 
+           if (!rv2->KRB__CRED__INFO->sname) {
                goto errout;
            }
        }
 
-       if (val->creds[i]->caddrs) {
-           rv2->element_KRB5_13->caddr =
-             krb5_address2KRB5_HostAddresses(val->creds[i]->caddrs, error); 
-           if (!rv2->element_KRB5_13->caddr) {
+       if (val->ticket_info[i]->caddrs) {
+           rv2->KRB__CRED__INFO->caddr =
+             krb5_address2KRB5_HostAddresses(val->ticket_info[i]->caddrs, 
+                                             error); 
+           if (!rv2->KRB__CRED__INFO->caddr) {
                goto errout;
            }
        }
     }
 
-    if (retval == 0)
-       *error = ISODE_LOCAL_ERR_MISSING_PART;
-
     return(retval);
 }
index 33559132c10ad29d30a878e51d6955efc34cd78a..473c8eca56339f222db8c759f24808ac5d5a4da6 100644 (file)
@@ -43,9 +43,9 @@
  *     struct type_KRB5_PasswdData {
  *        integer     passwd__sequence__count;
  *                     /* SEQUENCE OF */
- *        struct element_KRB5_15 {
+ *        struct element_KRB5_14 {
  *            struct type_KRB5_PasswdSequence *PasswdSequence;
- *            struct element_KRB5_15 *next;
+ *            struct element_KRB5_14 *next;
  *        } *passwd__sequence;
  *     };
  *
@@ -76,7 +76,7 @@ register const krb5_pwd_data *val;
 register int *error;
 {
     register struct type_KRB5_PasswdData *retval = 0;
-    register struct element_KRB5_15 *passwdseq = 0, *rv1 = 0, *rv2;
+    register struct element_KRB5_14 *passwdseq = 0, *rv1 = 0, *rv2;
     passwd_phrase_element **temp;
     register int i;
 
@@ -93,7 +93,7 @@ register int *error;
        for ( i = 0, temp = (passwd_phrase_element **) val->element; 
                *temp; 
                temp++, i++, rv1 = rv2){
-           if ((rv2 = (struct element_KRB5_15 *) xcalloc(1, 
+           if ((rv2 = (struct element_KRB5_14 *) xcalloc(1, 
                        sizeof(*rv2))) == NULL) {;
                *error = ENOMEM;
                errout:
index 4cbaeff44ec07c34ffd4b51e22dae19ddbaf7445..9d408a10d4965c523aa512e0449d0d93bcbde2bc 100644 (file)
@@ -46,7 +46,7 @@ register int *error;
 {
     register krb5_pwd_data *retval;
     register passwd_phrase_element **element;
-    register struct element_KRB5_15 *seq_ptr, *rv;
+    register struct element_KRB5_14 *seq_ptr, *rv;
     register int i;
 
 
index e7151c364be9e46b788c891831c89b62fd24ffa6..46a3df1d957f11fe2b8609741367b92eb61568bd 100644 (file)
@@ -37,15 +37,16 @@ void
 krb5_free_cred_enc_part(val)
 register krb5_cred_enc_part *val;
 {
-    register krb5_cred_enc_struct **temp;
+    register krb5_cred_info **temp;
     
-    for (temp = val->creds; *temp; temp++) {
+    if (val->r_address)
+      krb5_free_address(val->r_address);
+    if (val->s_address)
+      krb5_free_address(val->s_address);
+
+    for (temp = val->ticket_info; *temp; temp++) {
        if ((*temp)->session)
          krb5_free_keyblock((*temp)->session);
-       if ((*temp)->r_address)
-         krb5_free_address((*temp)->r_address);
-       if ((*temp)->s_address)
-         krb5_free_address((*temp)->s_address);
        if ((*temp)->client)
          krb5_free_principal((*temp)->client);
        if ((*temp)->server)