+Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu)
+
+ * Added krb5_context to all krb5_routines
+
Thu Oct 13 17:23:08 1994 Theodore Y. Ts'o (tytso@maytag)
* configure.in: Add ISODE_DEFS
*/
krb5_error_code
-krb5_cc_register(DECLARG(krb5_cc_ops *,ops),
- DECLARG(krb5_boolean,override))
-OLDDECLARG(krb5_cc_ops *,ops)
-OLDDECLARG(krb5_boolean,override)
+krb5_cc_register(context, ops, override)
+ krb5_context context;
+ krb5_cc_ops *ops;
+ krb5_boolean override;
{
struct krb5_cc_typelist *t;
for (t = cc_typehead;t && strcmp(t->ops->prefix,ops->prefix);t = t->next)
* particular cache type.
*/
-krb5_error_code krb5_cc_resolve (name, cache)
- char *name;
- krb5_ccache *cache;
+krb5_error_code krb5_cc_resolve (context, name, cache)
+ krb5_context context;
+ char *name;
+ krb5_ccache *cache;
{
struct krb5_cc_typelist *tlist;
char *pfx, *resid, *cp;
cp = strchr (name, ':');
if (!cp) {
if (krb5_cc_dfl_ops)
- return (*krb5_cc_dfl_ops->resolve)(cache, name);
+ return (*krb5_cc_dfl_ops->resolve)(context, cache, name);
else
return KRB5_CC_BADNAME;
}
for (tlist = cc_typehead; tlist; tlist = tlist->next) {
if (strcmp (tlist->ops->prefix, pfx) == 0) {
free(pfx);
- return (*tlist->ops->resolve)(cache, resid);
+ return (*tlist->ops->resolve)(context, cache, resid);
}
}
if (krb5_cc_dfl_ops && !strcmp (pfx, krb5_cc_dfl_ops->prefix)) {
free (pfx);
- return (*krb5_cc_dfl_ops->resolve)(cache, resid);
+ return (*krb5_cc_dfl_ops->resolve)(context, cache, resid);
}
free(pfx);
return KRB5_CC_UNKNOWN_TYPE;
#include <krb5/krb5.h>
-krb5_error_code krb5_cc_default(ccache)
-krb5_ccache *ccache;
+krb5_error_code krb5_cc_default(context, ccache)
+ krb5_context context;
+ krb5_ccache *ccache;
{
- return krb5_cc_resolve(krb5_cc_default_name(), ccache);
+ return krb5_cc_resolve(context, krb5_cc_default_name(context), ccache);
}
+Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu)
+
+ * Added krb5_context to all krb5_routines
+
Wed Dec 7 16:58:59 1994 <tytso@rsx-11.mit.edu>
* fcc_write.c (krb5_fcc_store_addrs): If a null addresses is
#define KRB5_FCC_PROTO__
/* fcc_close.c */
-krb5_error_code krb5_fcc_close PROTOTYPE((krb5_ccache id ));
+krb5_error_code krb5_fcc_close
+ PROTOTYPE((krb5_context, krb5_ccache id ));
/* fcc_defnam.c */
-char *krb5_fcc_default_name PROTOTYPE((void ));
+char *krb5_fcc_default_name
+ PROTOTYPE((krb5_context));
/* fcc_destry.c */
-krb5_error_code krb5_fcc_destroy PROTOTYPE((krb5_ccache id ));
+krb5_error_code krb5_fcc_destroy
+ PROTOTYPE((krb5_context, krb5_ccache id ));
/* fcc_eseq.c */
-krb5_error_code krb5_fcc_end_seq_get PROTOTYPE((krb5_ccache id , krb5_cc_cursor *cursor ));
+krb5_error_code krb5_fcc_end_seq_get
+ PROTOTYPE((krb5_context, krb5_ccache id , krb5_cc_cursor *cursor ));
/* fcc_gennew.c */
-krb5_error_code krb5_fcc_generate_new PROTOTYPE((krb5_ccache *id ));
+krb5_error_code krb5_fcc_generate_new
+ PROTOTYPE((krb5_context, krb5_ccache *id ));
/* fcc_getnam.c */
-char *krb5_fcc_get_name PROTOTYPE((krb5_ccache id ));
+char *krb5_fcc_get_name
+ PROTOTYPE((krb5_context, krb5_ccache id ));
/* fcc_gprin.c */
-krb5_error_code krb5_fcc_get_principal PROTOTYPE((krb5_ccache id , krb5_principal *princ ));
+krb5_error_code krb5_fcc_get_principal
+ PROTOTYPE((krb5_context, krb5_ccache id , krb5_principal *princ ));
/* fcc_init.c */
-krb5_error_code krb5_fcc_initialize PROTOTYPE((krb5_ccache id , krb5_principal princ ));
+krb5_error_code krb5_fcc_initialize
+ PROTOTYPE((krb5_context, krb5_ccache id , krb5_principal princ ));
/* fcc_nseq.c */
-krb5_error_code krb5_fcc_next_cred PROTOTYPE((krb5_ccache id , krb5_cc_cursor *cursor , krb5_creds *creds ));
+krb5_error_code krb5_fcc_next_cred
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_cc_cursor *cursor ,
+ krb5_creds *creds ));
/* fcc_read.c */
-krb5_error_code krb5_fcc_read_principal PROTOTYPE((krb5_ccache id , krb5_principal *princ ));
-krb5_error_code krb5_fcc_read_keyblock PROTOTYPE((krb5_ccache id , krb5_keyblock *keyblock ));
-krb5_error_code krb5_fcc_read_data PROTOTYPE((krb5_ccache id , krb5_data *data ));
-krb5_error_code krb5_fcc_read_int32 PROTOTYPE((krb5_ccache id , krb5_int32 *i ));
-krb5_error_code krb5_fcc_read_ui_2 PROTOTYPE((krb5_ccache id , krb5_ui_2 *i ));
-krb5_error_code krb5_fcc_read_octet PROTOTYPE((krb5_ccache id , krb5_octet *i ));
-krb5_error_code krb5_fcc_read_times PROTOTYPE((krb5_ccache id , krb5_ticket_times *t ));
-krb5_error_code krb5_fcc_read_addrs PROTOTYPE((krb5_ccache, krb5_address ***));
-krb5_error_code krb5_fcc_read_addr PROTOTYPE((krb5_ccache, krb5_address *));
-krb5_error_code krb5_fcc_read_authdata PROTOTYPE((krb5_ccache , krb5_authdata ***));
-krb5_error_code krb5_fcc_read_authdatum PROTOTYPE((krb5_ccache , krb5_authdata *));
+krb5_error_code krb5_fcc_read_principal
+ PROTOTYPE((krb5_context, krb5_ccache id , krb5_principal *princ ));
+krb5_error_code krb5_fcc_read_keyblock
+ PROTOTYPE((krb5_context, krb5_ccache id , krb5_keyblock *keyblock ));
+krb5_error_code krb5_fcc_read_data
+ PROTOTYPE((krb5_context, krb5_ccache id , krb5_data *data ));
+krb5_error_code krb5_fcc_read_int32
+ PROTOTYPE((krb5_context, krb5_ccache id , krb5_int32 *i ));
+krb5_error_code krb5_fcc_read_ui_2
+ PROTOTYPE((krb5_context, krb5_ccache id , krb5_ui_2 *i ));
+krb5_error_code krb5_fcc_read_octet
+ PROTOTYPE((krb5_context, krb5_ccache id , krb5_octet *i ));
+krb5_error_code krb5_fcc_read_times
+ PROTOTYPE((krb5_context, krb5_ccache id , krb5_ticket_times *t ));
+krb5_error_code krb5_fcc_read_addrs
+ PROTOTYPE((krb5_context, krb5_ccache, krb5_address ***));
+krb5_error_code krb5_fcc_read_addr
+ PROTOTYPE((krb5_context, krb5_ccache, krb5_address *));
+krb5_error_code krb5_fcc_read_authdata
+ PROTOTYPE((krb5_context, krb5_ccache , krb5_authdata ***));
+krb5_error_code krb5_fcc_read_authdatum
+ PROTOTYPE((krb5_context, krb5_ccache , krb5_authdata *));
/* fcc_reslv.c */
-krb5_error_code krb5_fcc_resolve PROTOTYPE((krb5_ccache *id , char *residual ));
+krb5_error_code krb5_fcc_resolve
+ PROTOTYPE((krb5_context, krb5_ccache *id , char *residual ));
/* fcc_retrv.c */
-krb5_error_code krb5_fcc_retrieve PROTOTYPE((krb5_ccache id , krb5_flags whichfields , krb5_creds *mcreds , krb5_creds *creds ));
+krb5_error_code krb5_fcc_retrieve
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_flags whichfields ,
+ krb5_creds *mcreds ,
+ krb5_creds *creds ));
/* fcc_sseq.c */
-krb5_error_code krb5_fcc_start_seq_get PROTOTYPE((krb5_ccache id , krb5_cc_cursor *cursor ));
+krb5_error_code krb5_fcc_start_seq_get
+ PROTOTYPE((krb5_context, krb5_ccache id , krb5_cc_cursor *cursor ));
/* fcc_store.c */
-krb5_error_code krb5_fcc_store PROTOTYPE((krb5_ccache id , krb5_creds *creds ));
+krb5_error_code krb5_fcc_store
+ PROTOTYPE((krb5_context, krb5_ccache id , krb5_creds *creds ));
/* fcc_skip.c */
-krb5_error_code krb5_fcc_skip_principal PROTOTYPE((krb5_ccache id ));
+krb5_error_code krb5_fcc_skip_principal
+ PROTOTYPE((krb5_context, krb5_ccache id ));
/* fcc_sflags.c */
-krb5_error_code krb5_fcc_set_flags PROTOTYPE((krb5_ccache id , krb5_flags flags ));
+krb5_error_code krb5_fcc_set_flags
+ PROTOTYPE((krb5_context, krb5_ccache id , krb5_flags flags ));
/* fcc_ops.c */
extern krb5_cc_ops krb5_cc_file_ops;
/* fcc_write.c */
-krb5_error_code krb5_fcc_write PROTOTYPE((krb5_ccache id , krb5_pointer buf , int len ));
-krb5_error_code krb5_fcc_store_principal PROTOTYPE((krb5_ccache id , krb5_principal princ ));
-krb5_error_code krb5_fcc_store_keyblock PROTOTYPE((krb5_ccache id , krb5_keyblock *keyblock ));
-krb5_error_code krb5_fcc_store_data PROTOTYPE((krb5_ccache id , krb5_data *data ));
-krb5_error_code krb5_fcc_store_int32 PROTOTYPE((krb5_ccache id , krb5_int32 i ));
-krb5_error_code krb5_fcc_store_ui_2 PROTOTYPE((krb5_ccache id , krb5_int32 i ));
-krb5_error_code krb5_fcc_store_octet PROTOTYPE((krb5_ccache id , krb5_int32 i ));
-krb5_error_code krb5_fcc_store_times PROTOTYPE((krb5_ccache id , krb5_ticket_times *t ));
-krb5_error_code krb5_fcc_store_addrs PROTOTYPE((krb5_ccache , krb5_address ** ));
-krb5_error_code krb5_fcc_store_addr PROTOTYPE((krb5_ccache , krb5_address * ));
-krb5_error_code krb5_fcc_store_authdata PROTOTYPE((krb5_ccache , krb5_authdata **));
-krb5_error_code krb5_fcc_store_authdatum PROTOTYPE((krb5_ccache , krb5_authdata *));
+krb5_error_code krb5_fcc_write
+ PROTOTYPE((krb5_context, krb5_ccache id , krb5_pointer buf , int len ));
+krb5_error_code krb5_fcc_store_principal
+ PROTOTYPE((krb5_context, krb5_ccache id , krb5_principal princ ));
+krb5_error_code krb5_fcc_store_keyblock
+ PROTOTYPE((krb5_context, krb5_ccache id , krb5_keyblock *keyblock ));
+krb5_error_code krb5_fcc_store_data
+ PROTOTYPE((krb5_context, krb5_ccache id , krb5_data *data ));
+krb5_error_code krb5_fcc_store_int32
+ PROTOTYPE((krb5_context, krb5_ccache id , krb5_int32 i ));
+krb5_error_code krb5_fcc_store_ui_2
+ PROTOTYPE((krb5_context, krb5_ccache id , krb5_int32 i ));
+krb5_error_code krb5_fcc_store_octet
+ PROTOTYPE((krb5_context, krb5_ccache id , krb5_int32 i ));
+krb5_error_code krb5_fcc_store_times
+ PROTOTYPE((krb5_context, krb5_ccache id , krb5_ticket_times *t ));
+krb5_error_code krb5_fcc_store_addrs
+ PROTOTYPE((krb5_context, krb5_ccache , krb5_address ** ));
+krb5_error_code krb5_fcc_store_addr
+ PROTOTYPE((krb5_context, krb5_ccache , krb5_address * ));
+krb5_error_code krb5_fcc_store_authdata
+ PROTOTYPE((krb5_context, krb5_ccache , krb5_authdata **));
+krb5_error_code krb5_fcc_store_authdatum
+ PROTOTYPE((krb5_context, krb5_ccache , krb5_authdata *));
/* fcc_errs.c */
-krb5_error_code krb5_fcc_interpret PROTOTYPE((int ));
+krb5_error_code krb5_fcc_interpret
+ PROTOTYPE((krb5_context, int ));
/* fcc_maybe.c */
-krb5_error_code krb5_fcc_close_file PROTOTYPE((krb5_ccache));
-krb5_error_code krb5_fcc_open_file PROTOTYPE((krb5_ccache, int));
+krb5_error_code krb5_fcc_close_file
+ PROTOTYPE((krb5_context, krb5_ccache));
+krb5_error_code krb5_fcc_open_file
+ PROTOTYPE((krb5_context, krb5_ccache, int));
#endif /* KRB5_FCC_PROTO__ */
off_t pos;
} krb5_fcc_cursor;
-#define MAYBE_OPEN(ID, MODE) \
+#define MAYBE_OPEN(CONTEXT, ID, MODE) \
{ \
if (OPENCLOSE (ID)) { \
- krb5_error_code maybe_open_ret = krb5_fcc_open_file (ID,MODE); \
+ krb5_error_code maybe_open_ret = krb5_fcc_open_file (CONTEXT,ID,MODE); \
if (maybe_open_ret) return maybe_open_ret; } }
-#define MAYBE_CLOSE(ID, RET) \
+#define MAYBE_CLOSE(CONTEXT, ID, RET) \
{ \
if (OPENCLOSE (ID)) { \
- krb5_error_code maybe_close_ret = krb5_fcc_close_file (ID); \
+ krb5_error_code maybe_close_ret = krb5_fcc_close_file (CONTEXT,ID); \
if (!(RET)) RET = maybe_close_ret; } }
-#define MAYBE_CLOSE_IGNORE(ID) \
+#define MAYBE_CLOSE_IGNORE(CONTEXT, ID) \
{ \
if (OPENCLOSE (ID)) { \
- (void) krb5_fcc_close_file (ID); } }
+ (void) krb5_fcc_close_file (CONTEXT,ID); } }
/* DO NOT ADD ANYTHING AFTER THIS #endif */
#endif /* __KRB5_FILE_CCACHE__ */
* associated with the cache.
*/
krb5_error_code
-krb5_fcc_close(id)
+krb5_fcc_close(context, id)
+ krb5_context context;
krb5_ccache id;
{
register int closeval = KRB5_OK;
if (((krb5_fcc_data *) id->data)->fd >= 0)
- krb5_fcc_close_file(id);
+ krb5_fcc_close_file(context, id);
krb5_xfree(((krb5_fcc_data *) id->data)->filename);
krb5_xfree(((krb5_fcc_data *) id->data));
*/
char *
-krb5_fcc_default_name ()
+krb5_fcc_default_name (context)
+ krb5_context context;
{
char *krb5ccache, *getenv();
int len;
* Errors:
* system errors
*/
-krb5_error_code krb5_fcc_destroy(id)
+krb5_error_code krb5_fcc_destroy(context, id)
+ krb5_context context;
krb5_ccache id;
{
struct stat buf;
if (OPENCLOSE(id)) {
ret = open(((krb5_fcc_data *) id->data)->filename, O_RDWR, 0);
if (ret < 0) {
- ret = krb5_fcc_interpret(errno);
+ ret = krb5_fcc_interpret(context, errno);
goto cleanup;
}
((krb5_fcc_data *) id->data)->fd = ret;
ret = unlink(((krb5_fcc_data *) id->data)->filename);
if (ret < 0) {
- ret = krb5_fcc_interpret(errno);
+ ret = krb5_fcc_interpret(context, errno);
if (OPENCLOSE(id)) {
(void) close(((krb5_fcc_data *)id->data)->fd);
((krb5_fcc_data *) id->data)->fd = -1;
ret = fstat(((krb5_fcc_data *) id->data)->fd, &buf);
if (ret < 0) {
- ret = krb5_fcc_interpret(errno);
+ ret = krb5_fcc_interpret(context, errno);
if (OPENCLOSE(id)) {
(void) close(((krb5_fcc_data *)id->data)->fd);
((krb5_fcc_data *) id->data)->fd = -1;
memset(zeros, 0, BUFSIZ);
for (i=0; i < size / BUFSIZ; i++)
if (write(((krb5_fcc_data *) id->data)->fd, zeros, BUFSIZ) < 0) {
- ret = krb5_fcc_interpret(errno);
+ ret = krb5_fcc_interpret(context, errno);
if (OPENCLOSE(id)) {
(void) close(((krb5_fcc_data *)id->data)->fd);
((krb5_fcc_data *) id->data)->fd = -1;
}
if (write(((krb5_fcc_data *) id->data)->fd, zeros, size % BUFSIZ) < 0) {
- ret = krb5_fcc_interpret(errno);
+ ret = krb5_fcc_interpret(context, errno);
if (OPENCLOSE(id)) {
(void) close(((krb5_fcc_data *)id->data)->fd);
((krb5_fcc_data *) id->data)->fd = -1;
((krb5_fcc_data *) id->data)->fd = -1;
if (ret)
- ret = krb5_fcc_interpret(errno);
+ ret = krb5_fcc_interpret(context, errno);
cleanup:
krb5_xfree(((krb5_fcc_data *) id->data)->filename);
#include "fcc.h"
krb5_error_code
-krb5_fcc_interpret(errnum)
+krb5_fcc_interpret(context, errnum)
+ krb5_context context;
int errnum;
{
register int retval;
*/
/* ARGSUSED */
krb5_error_code
-krb5_fcc_end_seq_get(id, cursor)
+krb5_fcc_end_seq_get(context, id, cursor)
+ krb5_context context;
krb5_ccache id;
krb5_cc_cursor *cursor;
{
/* don't close; it may be left open by the caller,
and if not, fcc_start_seq_get and/or fcc_next_cred will do the
MAYBE_CLOSE.
- MAYBE_CLOSE(id, kret); */
+ MAYBE_CLOSE(context, id, kret); */
krb5_xfree((krb5_fcc_cursor *) *cursor);
return kret;
* system errors (from open)
*/
krb5_error_code
-krb5_fcc_generate_new (id)
+krb5_fcc_generate_new (context, id)
+ krb5_context context;
krb5_ccache *id;
{
krb5_ccache lid;
ret = open(((krb5_fcc_data *) lid->data)->filename,
O_CREAT | O_EXCL | O_WRONLY, 0);
if (ret == -1) {
- retcode = krb5_fcc_interpret(errno);
+ retcode = krb5_fcc_interpret(context, errno);
goto err_out;
} else {
krb5_int16 fcc_fvno = htons(KRB5_FCC_DEFAULT_FVNO);
errsave = errno;
(void) close(ret);
(void) unlink(((krb5_fcc_data *) lid->data)->filename);
- retcode = (cnt == -1) ? krb5_fcc_interpret(errsave) : KRB5_CC_IO;
+ retcode = (cnt == -1) ? krb5_fcc_interpret(context, errsave) : KRB5_CC_IO;
goto err_out;
}
if (close(ret) == -1) {
errsave = errno;
(void) unlink(((krb5_fcc_data *) lid->data)->filename);
- retcode = krb5_fcc_interpret(errsave);
+ retcode = krb5_fcc_interpret(context, errsave);
goto err_out;
}
* The name of the file cred cache id.
*/
char *
-krb5_fcc_get_name (id)
+krb5_fcc_get_name (context, id)
+ krb5_context context;
krb5_ccache id;
{
return (char *) ((krb5_fcc_data *) id->data)->filename;
* KRB5_CC_NOMEM
*/
krb5_error_code
-krb5_fcc_get_principal(id, princ)
+krb5_fcc_get_principal(context, id, princ)
+ krb5_context context;
krb5_ccache id;
krb5_principal *princ;
{
krb5_error_code kret = KRB5_OK;
- MAYBE_OPEN(id, FCC_OPEN_RDONLY);
+ MAYBE_OPEN(context, id, FCC_OPEN_RDONLY);
/* make sure we're beyond the vno */
lseek(((krb5_fcc_data *) id->data)->fd, sizeof(krb5_int16), SEEK_SET);
- kret = krb5_fcc_read_principal(id, princ);
+ kret = krb5_fcc_read_principal(context, id, princ);
- MAYBE_CLOSE(id, kret);
+ MAYBE_CLOSE(context, id, kret);
return kret;
}
* permission errors
*/
krb5_error_code
-krb5_fcc_initialize(id, princ)
+krb5_fcc_initialize(context, id, princ)
+ krb5_context context;
krb5_ccache id;
krb5_principal princ;
{
int ret = KRB5_OK;
- MAYBE_OPEN(id, FCC_OPEN_AND_ERASE);
+ MAYBE_OPEN(context, id, FCC_OPEN_AND_ERASE);
#ifdef NOFCHMOD
ret = chmod(((krb5_fcc_data *) id->data)->filename, S_IREAD | S_IWRITE);
ret = fchmod(((krb5_fcc_data *) id->data)->fd, S_IREAD | S_IWRITE);
#endif
if (ret == -1) {
- ret = krb5_fcc_interpret(errno);
- MAYBE_CLOSE(id, ret);
+ ret = krb5_fcc_interpret(context, errno);
+ MAYBE_CLOSE(context, id, ret);
return ret;
}
- krb5_fcc_store_principal(id, princ);
+ krb5_fcc_store_principal(context, id, princ);
- MAYBE_CLOSE(id, ret);
+ MAYBE_CLOSE(context, id, ret);
return ret;
}
}
krb5_error_code
-krb5_fcc_close_file (id)
+krb5_fcc_close_file (context, id)
+ krb5_context context;
krb5_ccache id;
{
int ret;
if (retval)
return retval;
else
- return (ret == -1) ? krb5_fcc_interpret (errno) : 0;
+ return (ret == -1) ? krb5_fcc_interpret (context, errno) : 0;
}
krb5_error_code
-krb5_fcc_open_file (id, mode)
+krb5_fcc_open_file (context, id, mode)
+ krb5_context context;
krb5_ccache id;
int mode;
{
fd = open (data->filename, open_flag, 0600);
if (fd == -1)
- return krb5_fcc_interpret (errno);
+ return krb5_fcc_interpret (context, errno);
if (retval = fcc_lock_file(data, fd, LOCK_IT)) {
(void) close(fd);
errsave = errno;
(void) fcc_lock_file(data, fd, UNLOCK_IT);
(void) close(fd);
- return (cnt == -1) ? krb5_fcc_interpret(errsave) : KRB5_CC_IO;
+ return (cnt == -1) ? krb5_fcc_interpret(context, errsave) : KRB5_CC_IO;
}
} else {
/* verify a valid version number is there */
* system errors
*/
krb5_error_code
-krb5_fcc_next_cred(id, cursor, creds)
+krb5_fcc_next_cred(context, id, cursor, creds)
+ krb5_context context;
krb5_ccache id;
krb5_cc_cursor *cursor;
krb5_creds *creds;
memset((char *)creds, 0, sizeof(*creds));
- MAYBE_OPEN(id, FCC_OPEN_RDONLY);
+ MAYBE_OPEN(context, id, FCC_OPEN_RDONLY);
fcursor = (krb5_fcc_cursor *) *cursor;
ret = lseek(((krb5_fcc_data *) id->data)->fd, fcursor->pos, SEEK_SET);
if (ret < 0) {
- ret = krb5_fcc_interpret(errno);
- MAYBE_CLOSE(id, ret);
+ ret = krb5_fcc_interpret(context, errno);
+ MAYBE_CLOSE(context, id, ret);
return ret;
}
- kret = krb5_fcc_read_principal(id, &creds->client);
+ kret = krb5_fcc_read_principal(context, id, &creds->client);
TCHECK(kret);
- kret = krb5_fcc_read_principal(id, &creds->server);
+ kret = krb5_fcc_read_principal(context, id, &creds->server);
TCHECK(kret);
- kret = krb5_fcc_read_keyblock(id, &creds->keyblock);
+ kret = krb5_fcc_read_keyblock(context, id, &creds->keyblock);
TCHECK(kret);
- kret = krb5_fcc_read_times(id, &creds->times);
+ kret = krb5_fcc_read_times(context, id, &creds->times);
TCHECK(kret);
- kret = krb5_fcc_read_octet(id, &octet);
+ kret = krb5_fcc_read_octet(context, id, &octet);
TCHECK(kret);
creds->is_skey = octet;
- kret = krb5_fcc_read_int32(id, &int32);
+ kret = krb5_fcc_read_int32(context, id, &int32);
TCHECK(kret);
creds->ticket_flags = int32;
- kret = krb5_fcc_read_addrs(id, &creds->addresses);
+ kret = krb5_fcc_read_addrs(context, id, &creds->addresses);
TCHECK(kret);
- kret = krb5_fcc_read_authdata(id, &creds->authdata);
+ kret = krb5_fcc_read_authdata(context, id, &creds->authdata);
TCHECK(kret);
- kret = krb5_fcc_read_data(id, &creds->ticket);
+ kret = krb5_fcc_read_data(context, id, &creds->ticket);
TCHECK(kret);
- kret = krb5_fcc_read_data(id, &creds->second_ticket);
+ kret = krb5_fcc_read_data(context, id, &creds->second_ticket);
TCHECK(kret);
fcursor->pos = lseek(((krb5_fcc_data *) id->data)->fd, 0, SEEK_CUR);
cursor = (krb5_cc_cursor *) fcursor;
lose:
- MAYBE_CLOSE(id, kret); /* won't overwrite kret
+ MAYBE_CLOSE(context, id, kret); /* won't overwrite kret
if already set */
if (kret != KRB5_OK)
- krb5_free_cred_contents(creds);
+ krb5_free_cred_contents(context, creds);
return kret;
}
* system errors (read)
*/
krb5_error_code
-krb5_fcc_read(id, buf, len)
+krb5_fcc_read(context, id, buf, len)
+ krb5_context context;
krb5_ccache id;
krb5_pointer buf;
int len;
ret = read(((krb5_fcc_data *) id->data)->fd, (char *) buf, len);
if (ret == -1)
- return krb5_fcc_interpret(errno);
+ return krb5_fcc_interpret(context, errno);
else if (ret != len)
return KRB5_CC_END;
else
*/
krb5_error_code
-krb5_fcc_read_principal(id, princ)
+krb5_fcc_read_principal(context, id, princ)
+ krb5_context context;
krb5_ccache id;
krb5_principal *princ;
{
type = KRB5_NT_UNKNOWN;
} else {
/* Read principal type */
- kret = krb5_fcc_read_int32(id, &type);
+ kret = krb5_fcc_read_int32(context, id, &type);
if (kret != KRB5_OK)
return kret;
}
/* Read the number of components */
- kret = krb5_fcc_read_int32(id, &length);
+ kret = krb5_fcc_read_int32(context, id, &length);
if (kret != KRB5_OK)
return kret;
tmpprinc->length = length;
tmpprinc->type = type;
- kret = krb5_fcc_read_data(id, krb5_princ_realm(tmpprinc));
+ kret = krb5_fcc_read_data(context, id, krb5_princ_realm(context, tmpprinc));
i = 0;
CHECK(kret);
for (i=0; i < length; i++) {
- kret = krb5_fcc_read_data(id, krb5_princ_component(tmpprinc, i));
+ kret = krb5_fcc_read_data(context, id, krb5_princ_component(context, tmpprinc, i));
CHECK(kret);
}
*princ = tmpprinc;
errout:
while(--i >= 0)
- free(krb5_princ_component(tmpprinc, i)->data);
+ free(krb5_princ_component(context, tmpprinc, i)->data);
free((char *)tmpprinc->data);
free((char *)tmpprinc);
return kret;
}
krb5_error_code
-krb5_fcc_read_addrs(id, addrs)
+krb5_fcc_read_addrs(context, id, addrs)
+ krb5_context context;
krb5_ccache id;
krb5_address ***addrs;
{
*addrs = 0;
/* Read the number of components */
- kret = krb5_fcc_read_int32(id, &length);
+ kret = krb5_fcc_read_int32(context, id, &length);
CHECK(kret);
/* Make *addrs able to hold length pointers to krb5_address structs
for (i=0; i < length; i++) {
(*addrs)[i] = (krb5_address *) malloc(sizeof(krb5_address));
if ((*addrs)[i] == NULL) {
- krb5_free_addresses(*addrs);
+ krb5_free_addresses(context, *addrs);
return KRB5_CC_NOMEM;
}
- kret = krb5_fcc_read_addr(id, (*addrs)[i]);
+ kret = krb5_fcc_read_addr(context, id, (*addrs)[i]);
CHECK(kret);
}
return KRB5_OK;
errout:
if (*addrs)
- krb5_free_addresses(*addrs);
+ krb5_free_addresses(context, *addrs);
return kret;
}
krb5_error_code
-krb5_fcc_read_keyblock(id, keyblock)
+krb5_fcc_read_keyblock(context, id, keyblock)
+ krb5_context context;
krb5_ccache id;
krb5_keyblock *keyblock;
{
keyblock->magic = KV5M_KEYBLOCK;
keyblock->contents = 0;
- kret = krb5_fcc_read_ui_2(id, &ui2);
+ kret = krb5_fcc_read_ui_2(context, id, &ui2);
keyblock->keytype = ui2;
CHECK(kret);
if ((data->version == KRB5_FCC_FVNO_1) ||
(data->version == KRB5_FCC_FVNO_2))
keyblock->etype = ETYPE_UNKNOWN;
else {
- kret = krb5_fcc_read_ui_2(id, &ui2);
+ kret = krb5_fcc_read_ui_2(context, id, &ui2);
keyblock->etype = ui2;
CHECK(kret);
}
- kret = krb5_fcc_read_int32(id, &int32);
+ kret = krb5_fcc_read_int32(context, id, &int32);
CHECK(kret);
keyblock->length = int32;
if ( keyblock->length == 0 )
if (keyblock->contents == NULL)
return KRB5_CC_NOMEM;
- kret = krb5_fcc_read(id, keyblock->contents, keyblock->length);
+ kret = krb5_fcc_read(context, id, keyblock->contents, keyblock->length);
if (kret)
goto errout;
}
krb5_error_code
-krb5_fcc_read_data(id, data)
+krb5_fcc_read_data(context, id, data)
+ krb5_context context;
krb5_ccache id;
krb5_data *data;
{
data->magic = KV5M_DATA;
data->data = 0;
- kret = krb5_fcc_read_int32(id, &data->length);
+ kret = krb5_fcc_read_int32(context, id, &data->length);
CHECK(kret);
if (data->length == 0) {
if (data->data == NULL)
return KRB5_CC_NOMEM;
- kret = krb5_fcc_read(id, data->data, data->length);
+ kret = krb5_fcc_read(context, id, data->data, data->length);
CHECK(kret);
data->data[data->length] = 0; /* Null terminate, just in case.... */
}
krb5_error_code
-krb5_fcc_read_addr(id, addr)
+krb5_fcc_read_addr(context, id, addr)
+ krb5_context context;
krb5_ccache id;
krb5_address *addr;
{
addr->magic = KV5M_ADDRESS;
addr->contents = 0;
- kret = krb5_fcc_read_ui_2(id, &ui2);
+ kret = krb5_fcc_read_ui_2(context, id, &ui2);
CHECK(kret);
addr->addrtype = ui2;
- kret = krb5_fcc_read_int32(id, &int32);
+ kret = krb5_fcc_read_int32(context, id, &int32);
CHECK(kret);
addr->length = int32;
if (addr->contents == NULL)
return KRB5_CC_NOMEM;
- kret = krb5_fcc_read(id, addr->contents, addr->length);
+ kret = krb5_fcc_read(context, id, addr->contents, addr->length);
CHECK(kret);
return KRB5_OK;
}
krb5_error_code
-krb5_fcc_read_int32(id, i)
+krb5_fcc_read_int32(context, id, i)
+ krb5_context context;
krb5_ccache id;
krb5_int32 *i;
{
if ((data->version == KRB5_FCC_FVNO_1) ||
(data->version == KRB5_FCC_FVNO_2))
- return krb5_fcc_read(id, (krb5_pointer) i, sizeof(krb5_int32));
+ return krb5_fcc_read(context, id, (krb5_pointer) i, sizeof(krb5_int32));
else {
- retval = krb5_fcc_read(id, buf, 4);
+ retval = krb5_fcc_read(context, id, buf, 4);
if (retval)
return retval;
*i = (((((buf[0] << 8) + buf[1]) << 8 ) + buf[2]) << 8) + buf[3];
}
krb5_error_code
-krb5_fcc_read_ui_2(id, i)
+krb5_fcc_read_ui_2(context, id, i)
+ krb5_context context;
krb5_ccache id;
krb5_ui_2 *i;
{
if ((data->version == KRB5_FCC_FVNO_1) ||
(data->version == KRB5_FCC_FVNO_2))
- return krb5_fcc_read(id, (krb5_pointer) i, sizeof(krb5_ui_2));
+ return krb5_fcc_read(context, id, (krb5_pointer) i, sizeof(krb5_ui_2));
else {
- retval = krb5_fcc_read(id, buf, 2);
+ retval = krb5_fcc_read(context, id, buf, 2);
if (retval)
return retval;
*i = (buf[0] << 8) + buf[1];
}
krb5_error_code
-krb5_fcc_read_octet(id, i)
+krb5_fcc_read_octet(context, id, i)
+ krb5_context context;
krb5_ccache id;
krb5_octet *i;
{
- return krb5_fcc_read(id, (krb5_pointer) i, 1);
+ return krb5_fcc_read(context, id, (krb5_pointer) i, 1);
}
krb5_error_code
-krb5_fcc_read_times(id, t)
+krb5_fcc_read_times(context, id, t)
+ krb5_context context;
krb5_ccache id;
krb5_ticket_times *t;
{
if ((data->version == KRB5_FCC_FVNO_1) ||
(data->version == KRB5_FCC_FVNO_2))
- return krb5_fcc_read(id, (krb5_pointer) t, sizeof(krb5_ticket_times));
+ return krb5_fcc_read(context, id, (krb5_pointer) t, sizeof(krb5_ticket_times));
else {
- retval = krb5_fcc_read_int32(id, &i);
+ retval = krb5_fcc_read_int32(context, id, &i);
CHECK(retval);
t->authtime = i;
- retval = krb5_fcc_read_int32(id, &i);
+ retval = krb5_fcc_read_int32(context, id, &i);
CHECK(retval);
t->starttime = i;
- retval = krb5_fcc_read_int32(id, &i);
+ retval = krb5_fcc_read_int32(context, id, &i);
CHECK(retval);
t->endtime = i;
- retval = krb5_fcc_read_int32(id, &i);
+ retval = krb5_fcc_read_int32(context, id, &i);
CHECK(retval);
t->renew_till = i;
}
}
krb5_error_code
-krb5_fcc_read_authdata(id, a)
+krb5_fcc_read_authdata(context, id, a)
+ krb5_context context;
krb5_ccache id;
krb5_authdata ***a;
{
*a = 0;
/* Read the number of components */
- kret = krb5_fcc_read_int32(id, &length);
+ kret = krb5_fcc_read_int32(context, id, &length);
CHECK(kret);
if (length == 0)
for (i=0; i < length; i++) {
(*a)[i] = (krb5_authdata *) malloc(sizeof(krb5_authdata));
if ((*a)[i] == NULL) {
- krb5_free_authdata(*a);
+ krb5_free_authdata(context, *a);
return KRB5_CC_NOMEM;
}
- kret = krb5_fcc_read_authdatum(id, (*a)[i]);
+ kret = krb5_fcc_read_authdatum(context, id, (*a)[i]);
CHECK(kret);
}
return KRB5_OK;
errout:
if (*a)
- krb5_free_authdata(*a);
+ krb5_free_authdata(context, *a);
return kret;
}
krb5_error_code
-krb5_fcc_read_authdatum(id, a)
+krb5_fcc_read_authdatum(context, id, a)
+ krb5_context context;
krb5_ccache id;
krb5_authdata *a;
{
a->magic = KV5M_AUTHDATA;
a->contents = NULL;
- kret = krb5_fcc_read_ui_2(id, &a->ad_type);
+ kret = krb5_fcc_read_ui_2(context, id, &a->ad_type);
CHECK(kret);
- kret = krb5_fcc_read_int32(id, &int32);
+ kret = krb5_fcc_read_int32(context, id, &int32);
CHECK(kret);
a->length = int32;
if (a->contents == NULL)
return KRB5_CC_NOMEM;
- kret = krb5_fcc_read(id, a->contents, a->length);
+ kret = krb5_fcc_read(context, id, a->contents, a->length);
CHECK(kret);
return KRB5_OK;
* permission errors
*/
krb5_error_code
-krb5_fcc_resolve (id, residual)
+krb5_fcc_resolve (context, id, residual)
+ krb5_context context;
krb5_ccache *id;
char *residual;
{
static krb5_boolean times_match PROTOTYPE((const krb5_ticket_times *,
const krb5_ticket_times *));
static krb5_boolean standard_fields_match
- PROTOTYPE((const krb5_creds *,
+ PROTOTYPE((krb5_context,
+ const krb5_creds *,
const krb5_creds *));
static krb5_boolean srvname_match
- PROTOTYPE((const krb5_creds *,
+ PROTOTYPE((krb5_context,
+ const krb5_creds *,
const krb5_creds *));
static krb5_boolean authdata_match
* KRB5_CC_NOMEM
*/
krb5_error_code
-krb5_fcc_retrieve(id, whichfields, mcreds, creds)
+krb5_fcc_retrieve(context, id, whichfields, mcreds, creds)
+ krb5_context context;
krb5_ccache id;
krb5_flags whichfields;
krb5_creds *mcreds;
krb5_error_code kret;
krb5_creds fetchcreds;
- kret = krb5_fcc_start_seq_get(id, &cursor);
+ kret = krb5_fcc_start_seq_get(context, id, &cursor);
if (kret != KRB5_OK)
return kret;
- while ((kret = krb5_fcc_next_cred(id, &cursor, &fetchcreds)) == KRB5_OK) {
+ while ((kret = krb5_fcc_next_cred(context, id, &cursor, &fetchcreds)) == KRB5_OK) {
if (((set(KRB5_TC_MATCH_SRV_NAMEONLY) &&
- srvname_match(mcreds, &fetchcreds)) ||
- standard_fields_match(mcreds, &fetchcreds))
+ srvname_match(context, mcreds, &fetchcreds)) ||
+ standard_fields_match(context, mcreds, &fetchcreds))
&&
(! set(KRB5_TC_MATCH_IS_SKEY) ||
mcreds->is_skey == fetchcreds.is_skey)
data_match (&mcreds->second_ticket, &fetchcreds.second_ticket))
)
{
- krb5_fcc_end_seq_get(id, &cursor);
+ krb5_fcc_end_seq_get(context, id, &cursor);
*creds = fetchcreds;
return KRB5_OK;
}
/* This one doesn't match */
- krb5_free_cred_contents(&fetchcreds);
+ krb5_free_cred_contents(context, &fetchcreds);
}
/* If we get here, a match wasn't found */
- krb5_fcc_end_seq_get(id, &cursor);
+ krb5_fcc_end_seq_get(context, id, &cursor);
return KRB5_CC_NOTFOUND;
}
}
static krb5_boolean
-standard_fields_match(mcreds, creds)
+standard_fields_match(context, mcreds, creds)
+ krb5_context context;
register const krb5_creds *mcreds, *creds;
{
- return (krb5_principal_compare(mcreds->client,creds->client) &&
- krb5_principal_compare(mcreds->server,creds->server));
+ return (krb5_principal_compare(context, mcreds->client,creds->client) &&
+ krb5_principal_compare(context, mcreds->server,creds->server));
}
/* only match the server name portion, not the server realm portion */
static krb5_boolean
-srvname_match(mcreds, creds)
+srvname_match(context, mcreds, creds)
+ krb5_context context;
register const krb5_creds *mcreds, *creds;
{
krb5_boolean retval;
krb5_principal_data p1, p2;
- retval = krb5_principal_compare(mcreds->client,creds->client);
+ retval = krb5_principal_compare(context, mcreds->client,creds->client);
if (retval != TRUE)
return retval;
/*
p1 = *mcreds->server;
p2 = *creds->server;
p1.realm = p2.realm;
- return krb5_principal_compare(&p1, &p2);
+ return krb5_principal_compare(context, &p1, &p2);
}
static krb5_boolean
* Sets the operational flags of id to flags.
*/
krb5_error_code
-krb5_fcc_set_flags(id, flags)
+krb5_fcc_set_flags(context, id, flags)
+ krb5_context context;
krb5_ccache id;
krb5_flags flags;
{
if (flags & KRB5_TC_OPENCLOSE) {
/* asking to turn on OPENCLOSE mode */
if (!OPENCLOSE(id)) {
- (void) krb5_fcc_close_file (id);
+ (void) krb5_fcc_close_file (context, id);
}
} else {
/* asking to turn off OPENCLOSE mode, meaning it must be
left open. We open if it's not yet open */
- MAYBE_OPEN(id, FCC_OPEN_RDONLY);
+ MAYBE_OPEN(context, id, FCC_OPEN_RDONLY);
}
((krb5_fcc_data *) id->data)->flags = flags;
#include "fcc.h"
krb5_error_code
-krb5_fcc_skip_principal(id)
+krb5_fcc_skip_principal(context, id)
+ krb5_context context;
krb5_ccache id;
{
krb5_error_code kret;
krb5_principal princ;
- kret = krb5_fcc_read_principal(id, &princ);
+ kret = krb5_fcc_read_principal(context, id, &princ);
if (kret != KRB5_OK)
return kret;
- krb5_free_principal(princ);
+ krb5_free_principal(context, princ);
return KRB5_OK;
}
* system errors
*/
krb5_error_code
-krb5_fcc_start_seq_get(id, cursor)
+krb5_fcc_start_seq_get(context, id, cursor)
+ krb5_context context;
krb5_ccache id;
krb5_cc_cursor *cursor;
{
if (fcursor == NULL)
return KRB5_CC_NOMEM;
if (OPENCLOSE(id)) {
- ret = krb5_fcc_open_file(id, FCC_OPEN_RDONLY);
+ ret = krb5_fcc_open_file(context, id, FCC_OPEN_RDONLY);
if (ret) {
krb5_xfree(fcursor);
return ret;
/* Make sure we start reading right after the primary principal */
- krb5_fcc_skip_principal(id);
+ krb5_fcc_skip_principal(context, id);
fcursor->pos = lseek(((krb5_fcc_data *) id->data)->fd, 0, SEEK_CUR);
*cursor = (krb5_cc_cursor) fcursor;
- MAYBE_CLOSE(id, ret);
+ MAYBE_CLOSE(context, id, ret);
return ret;
}
* storage failure errors
*/
krb5_error_code
-krb5_fcc_store(id, creds)
+krb5_fcc_store(context, id, creds)
+ krb5_context context;
krb5_ccache id;
krb5_creds *creds;
{
#define TCHECK(ret) if (ret != KRB5_OK) goto lose;
krb5_error_code ret;
- MAYBE_OPEN(id, FCC_OPEN_RDWR);
+ MAYBE_OPEN(context, id, FCC_OPEN_RDWR);
/* Make sure we are writing to the end of the file */
ret = lseek(((krb5_fcc_data *) id->data)->fd, 0, SEEK_END);
if (ret < 0) {
- MAYBE_CLOSE_IGNORE(id);
- return krb5_fcc_interpret(errno);
+ MAYBE_CLOSE_IGNORE(context, id);
+ return krb5_fcc_interpret(context, errno);
}
- ret = krb5_fcc_store_principal(id, creds->client);
+ ret = krb5_fcc_store_principal(context, id, creds->client);
TCHECK(ret);
- ret = krb5_fcc_store_principal(id, creds->server);
+ ret = krb5_fcc_store_principal(context, id, creds->server);
TCHECK(ret);
- ret = krb5_fcc_store_keyblock(id, &creds->keyblock);
+ ret = krb5_fcc_store_keyblock(context, id, &creds->keyblock);
TCHECK(ret);
- ret = krb5_fcc_store_times(id, &creds->times);
+ ret = krb5_fcc_store_times(context, id, &creds->times);
TCHECK(ret);
- ret = krb5_fcc_store_octet(id, creds->is_skey);
+ ret = krb5_fcc_store_octet(context, id, creds->is_skey);
TCHECK(ret);
- ret = krb5_fcc_store_int32(id, creds->ticket_flags);
+ ret = krb5_fcc_store_int32(context, id, creds->ticket_flags);
TCHECK(ret);
- ret = krb5_fcc_store_addrs(id, creds->addresses);
+ ret = krb5_fcc_store_addrs(context, id, creds->addresses);
TCHECK(ret);
- ret = krb5_fcc_store_authdata(id, creds->authdata);
+ ret = krb5_fcc_store_authdata(context, id, creds->authdata);
TCHECK(ret);
- ret = krb5_fcc_store_data(id, &creds->ticket);
+ ret = krb5_fcc_store_data(context, id, &creds->ticket);
TCHECK(ret);
- ret = krb5_fcc_store_data(id, &creds->second_ticket);
+ ret = krb5_fcc_store_data(context, id, &creds->second_ticket);
TCHECK(ret);
lose:
- MAYBE_CLOSE(id, ret);
+ MAYBE_CLOSE(context, id, ret);
return ret;
#undef TCHECK
}
init_test_cred();
- kret = krb5_fcc_resolve(&id, "/tmp/tkt_test");
+ kret = krb5_fcc_resolve(context, &id, "/tmp/tkt_test");
CHECK(kret, "resolve");
- kret = krb5_fcc_initialize(id, test_creds.client);
+ kret = krb5_fcc_initialize(context, id, test_creds.client);
CHECK(kret, "initialize");
- kret = krb5_fcc_store(id, &test_creds);
+ kret = krb5_fcc_store(context, id, &test_creds);
CHECK(kret, "store");
- kret = krb5_fcc_start_seq_get(id, &cursor);
+ kret = krb5_fcc_start_seq_get(context, id, &cursor);
CHECK(kret, "start_seq_get");
kret = 0;
while (kret != KRB5_CC_END) {
printf("Calling next_cred\n");
- kret = krb5_fcc_next_cred(id, &cursor, &creds);
+ kret = krb5_fcc_next_cred(context, id, &cursor, &creds);
CHECK(kret, "next_cred");
}
- kret = krb5_fcc_end_seq_get(id, &cursor);
+ kret = krb5_fcc_end_seq_get(context, id, &cursor);
CHECK(kret, "end_seq_get");
- kret = krb5_fcc_destroy(id);
+ kret = krb5_fcc_destroy(context, id);
CHECK(kret, "destroy");
- kret = krb5_fcc_close(id);
+ kret = krb5_fcc_close(context, id);
CHECK(kret, "close");
}
* system errors
*/
krb5_error_code
-krb5_fcc_write(id, buf, len)
+krb5_fcc_write(context, id, buf, len)
+ krb5_context context;
krb5_ccache id;
krb5_pointer buf;
int len;
ret = write(((krb5_fcc_data *)id->data)->fd, (char *) buf, len);
if (ret < 0)
- return krb5_fcc_interpret(errno);
+ return krb5_fcc_interpret(context, errno);
if (ret != len)
return KRB5_CC_WRITE;
return KRB5_OK;
*/
krb5_error_code
-krb5_fcc_store_principal(id, princ)
+krb5_fcc_store_principal(context, id, princ)
+ krb5_context context;
krb5_ccache id;
krb5_principal princ;
{
krb5_error_code ret;
krb5_int32 i, length, tmp, type;
- type = krb5_princ_type(princ);
- tmp = length = krb5_princ_size(princ);
+ type = krb5_princ_type(context, princ);
+ tmp = length = krb5_princ_size(context, princ);
if (data->version == KRB5_FCC_FVNO_1) {
/*
*/
tmp++;
} else {
- ret = krb5_fcc_store_int32(id, type);
+ ret = krb5_fcc_store_int32(context, id, type);
CHECK(ret);
}
- ret = krb5_fcc_store_int32(id, tmp);
+ ret = krb5_fcc_store_int32(context, id, tmp);
CHECK(ret);
- ret = krb5_fcc_store_data(id, krb5_princ_realm(princ));
+ ret = krb5_fcc_store_data(context, id, krb5_princ_realm(context, princ));
CHECK(ret);
for (i=0; i < length; i++) {
- ret = krb5_fcc_store_data(id, krb5_princ_component(princ, i));
+ ret = krb5_fcc_store_data(context, id, krb5_princ_component(context, princ, i));
CHECK(ret);
}
}
krb5_error_code
-krb5_fcc_store_addrs(id, addrs)
+krb5_fcc_store_addrs(context, id, addrs)
+ krb5_context context;
krb5_ccache id;
krb5_address ** addrs;
{
length += 1;
}
- ret = krb5_fcc_store_int32(id, length);
+ ret = krb5_fcc_store_int32(context, id, length);
CHECK(ret);
for (i=0; i < length; i++) {
- ret = krb5_fcc_store_addr(id, addrs[i]);
+ ret = krb5_fcc_store_addr(context, id, addrs[i]);
CHECK(ret);
}
}
krb5_error_code
-krb5_fcc_store_keyblock(id, keyblock)
+krb5_fcc_store_keyblock(context, id, keyblock)
+ krb5_context context;
krb5_ccache id;
krb5_keyblock *keyblock;
{
krb5_fcc_data *data = (krb5_fcc_data *)id->data;
krb5_error_code ret;
- ret = krb5_fcc_store_ui_2(id, keyblock->keytype);
+ ret = krb5_fcc_store_ui_2(context, id, keyblock->keytype);
CHECK(ret);
if ((data->version != KRB5_FCC_FVNO_1) &&
(data->version != KRB5_FCC_FVNO_2)) {
- ret = krb5_fcc_store_ui_2(id, keyblock->etype);
+ ret = krb5_fcc_store_ui_2(context, id, keyblock->etype);
CHECK(ret);
}
- ret = krb5_fcc_store_int32(id, keyblock->length);
+ ret = krb5_fcc_store_int32(context, id, keyblock->length);
CHECK(ret);
- return krb5_fcc_write(id, (char *) keyblock->contents, keyblock->length);
+ return krb5_fcc_write(context, id, (char *) keyblock->contents, keyblock->length);
}
krb5_error_code
-krb5_fcc_store_addr(id, addr)
+krb5_fcc_store_addr(context, id, addr)
+ krb5_context context;
krb5_ccache id;
krb5_address *addr;
{
krb5_error_code ret;
- ret = krb5_fcc_store_ui_2(id, addr->addrtype);
+ ret = krb5_fcc_store_ui_2(context, id, addr->addrtype);
CHECK(ret);
- ret = krb5_fcc_store_int32(id, addr->length);
+ ret = krb5_fcc_store_int32(context, id, addr->length);
CHECK(ret);
- return krb5_fcc_write(id, (char *) addr->contents, addr->length);
+ return krb5_fcc_write(context, id, (char *) addr->contents, addr->length);
}
krb5_error_code
-krb5_fcc_store_data(id, data)
+krb5_fcc_store_data(context, id, data)
+ krb5_context context;
krb5_ccache id;
krb5_data *data;
{
krb5_error_code ret;
- ret = krb5_fcc_store_int32(id, data->length);
+ ret = krb5_fcc_store_int32(context, id, data->length);
CHECK(ret);
- return krb5_fcc_write(id, data->data, data->length);
+ return krb5_fcc_write(context, id, data->data, data->length);
}
krb5_error_code
-krb5_fcc_store_int32(id, i)
+krb5_fcc_store_int32(context, id, i)
+ krb5_context context;
krb5_ccache id;
krb5_int32 i;
{
if ((data->version == KRB5_FCC_FVNO_1) ||
(data->version == KRB5_FCC_FVNO_2))
- return krb5_fcc_write(id, (char *) &i, sizeof(krb5_int32));
+ return krb5_fcc_write(context, id, (char *) &i, sizeof(krb5_int32));
else {
buf[3] = i & 0xFF;
i >>= 8;
i >>= 8;
buf[0] = i & 0xFF;
- return krb5_fcc_write(id, buf, 4);
+ return krb5_fcc_write(context, id, buf, 4);
}
}
krb5_error_code
-krb5_fcc_store_ui_2(id, i)
+krb5_fcc_store_ui_2(context, id, i)
+ krb5_context context;
krb5_ccache id;
krb5_int32 i;
{
if ((data->version == KRB5_FCC_FVNO_1) ||
(data->version == KRB5_FCC_FVNO_2)) {
ibuf = i;
- return krb5_fcc_write(id, (char *) &ibuf, sizeof(krb5_ui_2));
+ return krb5_fcc_write(context, id, (char *) &ibuf, sizeof(krb5_ui_2));
} else {
buf[1] = i & 0xFF;
i >>= 8;
buf[0] = i & 0xFF;
- return krb5_fcc_write(id, buf, 2);
+ return krb5_fcc_write(context, id, buf, 2);
}
}
krb5_error_code
-krb5_fcc_store_octet(id, i)
+krb5_fcc_store_octet(context, id, i)
+ krb5_context context;
krb5_ccache id;
krb5_int32 i;
{
krb5_octet ibuf;
ibuf = i;
- return krb5_fcc_write(id, (char *) &ibuf, 1);
+ return krb5_fcc_write(context, id, (char *) &ibuf, 1);
}
krb5_error_code
-krb5_fcc_store_times(id, t)
+krb5_fcc_store_times(context, id, t)
+ krb5_context context;
krb5_ccache id;
krb5_ticket_times *t;
{
if ((data->version == KRB5_FCC_FVNO_1) ||
(data->version == KRB5_FCC_FVNO_2))
- return krb5_fcc_write(id, (char *) t, sizeof(krb5_ticket_times));
+ return krb5_fcc_write(context, id, (char *) t, sizeof(krb5_ticket_times));
else {
- retval = krb5_fcc_store_int32(id, t->authtime);
+ retval = krb5_fcc_store_int32(context, id, t->authtime);
CHECK(retval);
- retval = krb5_fcc_store_int32(id, t->starttime);
+ retval = krb5_fcc_store_int32(context, id, t->starttime);
CHECK(retval);
- retval = krb5_fcc_store_int32(id, t->endtime);
+ retval = krb5_fcc_store_int32(context, id, t->endtime);
CHECK(retval);
- retval = krb5_fcc_store_int32(id, t->renew_till);
+ retval = krb5_fcc_store_int32(context, id, t->renew_till);
CHECK(retval);
return 0;
}
}
krb5_error_code
-krb5_fcc_store_authdata(id, a)
+krb5_fcc_store_authdata(context, id, a)
+ krb5_context context;
krb5_ccache id;
krb5_authdata **a;
{
length++;
}
- ret = krb5_fcc_store_int32(id, length);
+ ret = krb5_fcc_store_int32(context, id, length);
CHECK(ret);
for (i=0; i<length; i++) {
- ret = krb5_fcc_store_authdatum (id, a[i]);
+ ret = krb5_fcc_store_authdatum (context, id, a[i]);
CHECK(ret);
}
return KRB5_OK;
}
krb5_error_code
-krb5_fcc_store_authdatum (id, a)
+krb5_fcc_store_authdatum (context, id, a)
+ krb5_context context;
krb5_ccache id;
krb5_authdata *a;
{
krb5_error_code ret;
- ret = krb5_fcc_store_ui_2(id, a->ad_type);
+ ret = krb5_fcc_store_ui_2(context, id, a->ad_type);
CHECK(ret);
- ret = krb5_fcc_store_int32(id, a->length);
+ ret = krb5_fcc_store_int32(context, id, a->length);
CHECK(ret);
- return krb5_fcc_write(id, (krb5_pointer) a->contents, a->length);
+ return krb5_fcc_write(context, id, (krb5_pointer) a->contents, a->length);
}
+Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu)
+
+ * Added krb5_context to all krb5_routines
+
Tue Dec 13 15:42:50 1994 <tytso@rsx-11.mit.edu>
* scc_write.c (krb5_scc_store_addrs): If a null addresses is
#define KRB5_SCC_PROTO__
/* scc_close.c */
-krb5_error_code krb5_scc_close PROTOTYPE((krb5_ccache id ));
+krb5_error_code krb5_scc_close
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ));
/* scc_defnam.c */
-char *krb5_scc_default_name PROTOTYPE((void ));
+char *krb5_scc_default_name
+ PROTOTYPE((krb5_context));
/* scc_destry.c */
-krb5_error_code krb5_scc_destroy PROTOTYPE((krb5_ccache id ));
+krb5_error_code krb5_scc_destroy
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ));
/* scc_eseq.c */
-krb5_error_code krb5_scc_end_seq_get PROTOTYPE((krb5_ccache id , krb5_cc_cursor *cursor ));
+krb5_error_code krb5_scc_end_seq_get
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_cc_cursor *cursor ));
/* scc_gennew.c */
-krb5_error_code krb5_scc_generate_new PROTOTYPE((krb5_ccache *id ));
+krb5_error_code krb5_scc_generate_new
+ PROTOTYPE((krb5_context,
+ krb5_ccache *id ));
/* scc_getnam.c */
-char *krb5_scc_get_name PROTOTYPE((krb5_ccache id ));
+char *krb5_scc_get_name
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ));
/* scc_gprin.c */
-krb5_error_code krb5_scc_get_principal PROTOTYPE((krb5_ccache id , krb5_principal *princ ));
+krb5_error_code krb5_scc_get_principal
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_principal *princ ));
/* scc_init.c */
-krb5_error_code krb5_scc_initialize PROTOTYPE((krb5_ccache id , krb5_principal princ ));
+krb5_error_code krb5_scc_initialize
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_principal princ ));
/* scc_maybe.c */
-krb5_error_code krb5_scc_close_file PROTOTYPE((krb5_ccache));
-krb5_error_code krb5_scc_open_file PROTOTYPE((krb5_ccache,int));
+krb5_error_code krb5_scc_close_file
+ PROTOTYPE((krb5_context,
+ krb5_ccache));
+krb5_error_code krb5_scc_open_file
+ PROTOTYPE((krb5_context,
+ krb5_ccache,
+ int));
/* scc_nseq.c */
-krb5_error_code krb5_scc_next_cred PROTOTYPE((krb5_ccache id , krb5_cc_cursor *cursor , krb5_creds *creds ));
+krb5_error_code krb5_scc_next_cred
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_cc_cursor *cursor ,
+ krb5_creds *creds ));
/* scc_read.c */
-krb5_error_code krb5_scc_read_principal PROTOTYPE((krb5_ccache id , krb5_principal *princ ));
-krb5_error_code krb5_scc_read_keyblock PROTOTYPE((krb5_ccache id , krb5_keyblock *keyblock ));
-krb5_error_code krb5_scc_read_data PROTOTYPE((krb5_ccache id , krb5_data *data ));
-krb5_error_code krb5_scc_read_int32 PROTOTYPE((krb5_ccache id , krb5_int32 *i ));
-krb5_error_code krb5_scc_read_ui_2 PROTOTYPE((krb5_ccache id , krb5_ui_2 *i ));
-krb5_error_code krb5_scc_read_octet PROTOTYPE((krb5_ccache id , krb5_octet *i ));
-krb5_error_code krb5_scc_read_times PROTOTYPE((krb5_ccache id , krb5_ticket_times *t ));
-krb5_error_code krb5_scc_read_addrs PROTOTYPE((krb5_ccache, krb5_address ***));
-krb5_error_code krb5_scc_read_addr PROTOTYPE((krb5_ccache, krb5_address *));
-krb5_error_code krb5_scc_read_authdata PROTOTYPE((krb5_ccache, krb5_authdata***));
-krb5_error_code krb5_scc_read_authdatum PROTOTYPE((krb5_ccache, krb5_authdata*));
+krb5_error_code krb5_scc_read_principal
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_principal *princ ));
+krb5_error_code krb5_scc_read_keyblock
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_keyblock *keyblock ));
+krb5_error_code krb5_scc_read_data
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_data *data ));
+krb5_error_code krb5_scc_read_int32
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_int32 *i ));
+krb5_error_code krb5_scc_read_ui_2
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_ui_2 *i ));
+krb5_error_code krb5_scc_read_octet
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_octet *i ));
+krb5_error_code krb5_scc_read_times
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_ticket_times *t ));
+krb5_error_code krb5_scc_read_addrs
+ PROTOTYPE((krb5_context,
+ krb5_ccache,
+ krb5_address ***));
+krb5_error_code krb5_scc_read_addr
+ PROTOTYPE((krb5_context,
+ krb5_ccache,
+ krb5_address *));
+krb5_error_code krb5_scc_read_authdata
+ PROTOTYPE((krb5_context,
+ krb5_ccache,
+ krb5_authdata***));
+krb5_error_code krb5_scc_read_authdatum
+ PROTOTYPE((krb5_context,
+ krb5_ccache,
+ krb5_authdata*));
/* scc_reslv.c */
-krb5_error_code krb5_scc_resolve PROTOTYPE((krb5_ccache *id , char *residual ));
+krb5_error_code krb5_scc_resolve
+ PROTOTYPE((krb5_context,
+ krb5_ccache *id ,
+ char *residual ));
/* scc_retrv.c */
-krb5_error_code krb5_scc_retrieve PROTOTYPE((krb5_ccache id , krb5_flags whichfields , krb5_creds *mcreds , krb5_creds *creds ));
+krb5_error_code krb5_scc_retrieve
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_flags whichfields ,
+ krb5_creds *mcreds ,
+ krb5_creds *creds ));
/* scc_sseq.c */
-krb5_error_code krb5_scc_start_seq_get PROTOTYPE((krb5_ccache id , krb5_cc_cursor *cursor ));
+krb5_error_code krb5_scc_start_seq_get
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_cc_cursor *cursor ));
/* scc_store.c */
-krb5_error_code krb5_scc_store PROTOTYPE((krb5_ccache id , krb5_creds *creds ));
+krb5_error_code krb5_scc_store
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_creds *creds ));
/* scc_skip.c */
-krb5_error_code krb5_scc_skip_principal PROTOTYPE((krb5_ccache id ));
+krb5_error_code krb5_scc_skip_principal
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ));
/* scc_sflags.c */
-krb5_error_code krb5_scc_set_flags PROTOTYPE((krb5_ccache id , krb5_flags flags ));
+krb5_error_code krb5_scc_set_flags
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_flags flags ));
/* scc_ops.c */
extern krb5_cc_ops krb5_scc_ops;
/* scc_write.c */
-krb5_error_code krb5_scc_write PROTOTYPE((krb5_ccache id , krb5_pointer buf , int len ));
-krb5_error_code krb5_scc_store_principal PROTOTYPE((krb5_ccache id , krb5_principal princ ));
-krb5_error_code krb5_scc_store_keyblock PROTOTYPE((krb5_ccache id , krb5_keyblock *keyblock ));
-krb5_error_code krb5_scc_store_data PROTOTYPE((krb5_ccache id , krb5_data *data ));
-krb5_error_code krb5_scc_store_int32 PROTOTYPE((krb5_ccache id , krb5_int32 i ));
-krb5_error_code krb5_scc_store_ui_2 PROTOTYPE((krb5_ccache id , krb5_int32 i ));
-krb5_error_code krb5_scc_store_octet PROTOTYPE((krb5_ccache id , krb5_int32 i ));
-krb5_error_code krb5_scc_store_times PROTOTYPE((krb5_ccache id , krb5_ticket_times *t ));
-krb5_error_code krb5_scc_store_addrs PROTOTYPE((krb5_ccache , krb5_address ** ));
-krb5_error_code krb5_scc_store_addr PROTOTYPE((krb5_ccache , krb5_address * ));
-krb5_error_code krb5_scc_store_authdata PROTOTYPE((krb5_ccache, krb5_authdata **));
-krb5_error_code krb5_scc_store_authdatum PROTOTYPE((krb5_ccache, krb5_authdata *));
+krb5_error_code krb5_scc_write
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_pointer buf ,
+ int len ));
+krb5_error_code krb5_scc_store_principal
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_principal princ ));
+krb5_error_code krb5_scc_store_keyblock
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_keyblock *keyblock ));
+krb5_error_code krb5_scc_store_data
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_data *data ));
+krb5_error_code krb5_scc_store_int32
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_int32 i ));
+krb5_error_code krb5_scc_store_ui_2
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_int32 i ));
+krb5_error_code krb5_scc_store_octet
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_int32 i ));
+krb5_error_code krb5_scc_store_times
+ PROTOTYPE((krb5_context,
+ krb5_ccache id ,
+ krb5_ticket_times *t ));
+krb5_error_code krb5_scc_store_addrs
+ PROTOTYPE((krb5_context,
+ krb5_ccache ,
+ krb5_address ** ));
+krb5_error_code krb5_scc_store_addr
+ PROTOTYPE((krb5_context,
+ krb5_ccache ,
+ krb5_address * ));
+krb5_error_code krb5_scc_store_authdata
+ PROTOTYPE((krb5_context,
+ krb5_ccache,
+ krb5_authdata **));
+krb5_error_code krb5_scc_store_authdatum
+ PROTOTYPE((krb5_context,
+ krb5_ccache,
+ krb5_authdata *));
/* scc_errs.c */
-krb5_error_code krb5_scc_interpret PROTOTYPE((int ));
+krb5_error_code krb5_scc_interpret
+ PROTOTYPE((krb5_context,
+ int ));
#endif /* KRB5_SCC_PROTO__ */
long pos;
} krb5_scc_cursor;
-#define MAYBE_OPEN(ID, MODE) \
+#define MAYBE_OPEN(context, ID, MODE) \
{ \
if (OPENCLOSE (ID)) { \
- krb5_error_code maybe_open_ret = krb5_scc_open_file (ID,MODE); \
+ krb5_error_code maybe_open_ret = krb5_scc_open_file (context, ID,MODE); \
if (maybe_open_ret) return maybe_open_ret; } }
-#define MAYBE_CLOSE(ID, RET) \
+#define MAYBE_CLOSE(context, ID, RET) \
{ \
if (OPENCLOSE (ID)) { \
- krb5_error_code maybe_close_ret = krb5_scc_close_file (ID); \
+ krb5_error_code maybe_close_ret = krb5_scc_close_file (context, ID); \
if (!(RET)) RET = maybe_close_ret; } }
/* DO NOT ADD ANYTHING AFTER THIS #endif */
* associated with the cache.
*/
krb5_error_code
-krb5_scc_close(id)
+krb5_scc_close(context, id)
+ krb5_context context;
krb5_ccache id;
{
register int closeval = KRB5_OK;
closeval = fclose (data->file);
data->file = 0;
if (closeval == -1) {
- closeval = krb5_scc_interpret(errno);
+ closeval = krb5_scc_interpret(context, errno);
} else
closeval = KRB5_OK;
*/
char *
-krb5_scc_default_name ()
+krb5_scc_default_name (context)
+ krb5_context context;
{
char *krb5ccache, *getenv();
int len;
* Errors:
* system errors
*/
-krb5_error_code krb5_scc_destroy(id)
+krb5_error_code krb5_scc_destroy(context, id)
+ krb5_context context;
krb5_ccache id;
{
#if 0
ret = remove (data->filename);
if (ret < 0) {
- ret = krb5_scc_interpret(errno);
+ ret = krb5_scc_interpret(context, errno);
if (OPENCLOSE(id)) {
(void) fclose(data->file);
data->file = 0;
*/
ret = fstat(fileno(data->file), &buf);
if (ret < 0) {
- ret = krb5_scc_interpret(errno);
+ ret = krb5_scc_interpret(context, errno);
if (OPENCLOSE(id)) {
(void) fclose(data->file);
data->file = 0;
memset (zeros, 0, BUFSIZ);
for (i=0; i < size / BUFSIZ; i++)
if (fwrite(data->file, zeros, BUFSIZ) < 0) {
- ret = krb5_scc_interpret(errno);
+ ret = krb5_scc_interpret(context, errno);
if (OPENCLOSE(id)) {
(void) fclose(data->file);
data->file = 0;
}
if (fwrite(data->file, zeros, size % BUFSIZ) < 0) {
- ret = krb5_scc_interpret(errno);
+ ret = krb5_scc_interpret(context, errno);
if (OPENCLOSE(id)) {
(void) fclose(data->file);
data->file = 0;
#endif
if (ret)
- ret = krb5_scc_interpret(errno);
+ ret = krb5_scc_interpret(context, errno);
cleanup:
krb5_xfree(data->filename);
#include "scc.h"
krb5_error_code
-krb5_scc_interpret(errnum)
+krb5_scc_interpret(context, errnum)
+ krb5_context context;
int errnum;
{
register int retval;
*/
/* ARGSUSED */
krb5_error_code
-krb5_scc_end_seq_get(id, cursor)
+krb5_scc_end_seq_get(context, id, cursor)
+ krb5_context context;
krb5_ccache id;
krb5_cc_cursor *cursor;
{
int ret = KRB5_OK;
-/* MAYBE_CLOSE (id, ret);*/
+/* MAYBE_CLOSE (context, id, ret);*/
krb5_xfree((krb5_scc_cursor *) *cursor);
* system errors (from open)
*/
krb5_error_code
-krb5_scc_generate_new (id)
+krb5_scc_generate_new (context, id)
+ krb5_context context;
krb5_ccache *id;
{
krb5_ccache lid;
f = fopen (((krb5_scc_data *) lid->data)->filename, "w+");
#endif
if (!f) {
- retcode = krb5_scc_interpret (errno);
+ retcode = krb5_scc_interpret (context, errno);
goto err_out;
} else {
krb5_int16 scc_fvno = htons(KRB5_SCC_DEFAULT_FVNO);
if (!fwrite((char *)&scc_fvno, sizeof(scc_fvno), 1, f)) {
- retcode = krb5_scc_interpret(errno);
+ retcode = krb5_scc_interpret(context, errno);
(void) fclose(f);
(void) remove(((krb5_scc_data *) lid->data)->filename);
goto err_out;
}
if (fclose(f) == EOF) {
- retcode = krb5_scc_interpret(errno);
+ retcode = krb5_scc_interpret(context, errno);
(void) remove(((krb5_scc_data *) lid->data)->filename);
goto err_out;
}
* The name of the file cred cache id.
*/
char *
-krb5_scc_get_name (id)
+krb5_scc_get_name (context, id)
+ krb5_context context;
krb5_ccache id;
{
return (char *) ((krb5_scc_data *) id->data)->filename;
* KRB5_CC_NOMEM
*/
krb5_error_code
-krb5_scc_get_principal(id, princ)
+krb5_scc_get_principal(context, id, princ)
+ krb5_context context;
krb5_ccache id;
krb5_principal *princ;
{
krb5_error_code kret;
- MAYBE_OPEN (id, SCC_OPEN_RDONLY);
+ MAYBE_OPEN (context, id, SCC_OPEN_RDONLY);
/* skip over vno at beginning of file */
fseek(((krb5_scc_data *) id->data)->file, sizeof(krb5_int16), 0);
- kret = krb5_scc_read_principal(id, princ);
+ kret = krb5_scc_read_principal(context, id, princ);
- MAYBE_CLOSE (id, kret);
+ MAYBE_CLOSE (context, id, kret);
return kret;
}
* permission errors
*/
krb5_error_code
-krb5_scc_initialize(id, princ)
+krb5_scc_initialize(context, id, princ)
+ krb5_context context;
krb5_ccache id;
krb5_principal princ;
{
int ret;
- ret = krb5_scc_open_file (id, SCC_OPEN_AND_ERASE);
+ ret = krb5_scc_open_file (context, id, SCC_OPEN_AND_ERASE);
if (ret < 0)
- return krb5_scc_interpret(errno);
+ return krb5_scc_interpret(context, errno);
#if 0
ret = fchmod(((krb5_scc_data *) id->data)->fd, S_IREAD | S_IWRITE);
if (ret == -1) {
- ret = krb5_scc_interpret(errno);
+ ret = krb5_scc_interpret(context, errno);
if (OPENCLOSE(id)) {
close(((krb5_scc_data *)id->data)->fd);
((krb5_scc_data *) id->data)->fd = -1;
return ret;
}
#endif
- krb5_scc_store_principal(id, princ);
+ krb5_scc_store_principal(context, id, princ);
- MAYBE_CLOSE (id, ret);
+ MAYBE_CLOSE (context, id, ret);
return ret;
}
int krb5_scc_default_format = KRB5_SCC_DEFAULT_FVNO;
krb5_error_code
-krb5_scc_close_file (id)
+krb5_scc_close_file (context, id)
+ krb5_context context;
krb5_ccache id;
{
krb5_scc_data *data;
memset (data->stdio_buffer, 0, sizeof (data->stdio_buffer));
if (ret == EOF) {
int errsave = errno;
- (void) krb5_unlock_file(data->file, data->filename);
+ (void) krb5_unlock_file(context, data->file, data->filename);
(void) fclose (data->file);
data->file = 0;
- return krb5_scc_interpret (errsave);
+ return krb5_scc_interpret (context, errsave);
}
- retval = krb5_unlock_file(data->file, data->filename);
+ retval = krb5_unlock_file(context, data->file, data->filename);
ret = fclose (data->file);
data->file = 0;
if (retval)
return retval;
else
- return ret ? krb5_scc_interpret (errno) : 0;
+ return ret ? krb5_scc_interpret (context, errno) : 0;
}
krb5_error_code
-krb5_scc_open_file (id, mode)
+krb5_scc_open_file (context, id, mode)
+ krb5_context context;
krb5_ccache id;
int mode;
{
data = (krb5_scc_data *) id->data;
if (data->file) {
/* Don't know what state it's in; shut down and start anew. */
- (void) krb5_unlock_file(data->file, data->filename);
+ (void) krb5_unlock_file(context, data->file, data->filename);
(void) fclose (data->file);
data->file = 0;
}
f = fopen (data->filename, open_flag);
if (!f)
- return krb5_scc_interpret (errno);
+ return krb5_scc_interpret (context, errno);
#ifdef HAS_SETVBUF
setvbuf(f, data->stdio_buffer, _IOFBF, sizeof (data->stdio_buffer));
#else
#endif
switch (mode) {
case SCC_OPEN_RDONLY:
- if (retval = krb5_lock_file(f, data->filename, KRB5_LOCKMODE_SHARED)) {
+ if (retval = krb5_lock_file(context, f, data->filename, KRB5_LOCKMODE_SHARED)) {
(void) fclose(f);
return retval;
}
break;
case SCC_OPEN_RDWR:
case SCC_OPEN_AND_ERASE:
- if (retval = krb5_lock_file(f, data->filename,
+ if (retval = krb5_lock_file(context, f, data->filename,
KRB5_LOCKMODE_EXCLUSIVE)) {
(void) fclose(f);
return retval;
data->version = krb5_scc_default_format;
if (!fwrite((char *)&scc_fvno, sizeof(scc_fvno), 1, f)) {
errsave = errno;
- (void) krb5_unlock_file(f, data->filename);
+ (void) krb5_unlock_file(context, f, data->filename);
(void) fclose(f);
- return krb5_scc_interpret(errsave);
+ return krb5_scc_interpret(context, errsave);
}
} else {
/* verify a valid version number is there */
if (!fread((char *)&scc_fvno, sizeof(scc_fvno), 1, f)) {
- (void) krb5_unlock_file(f, data->filename);
+ (void) krb5_unlock_file(context, f, data->filename);
(void) fclose(f);
return KRB5_CCACHE_BADVNO;
}
if ((scc_fvno != htons(KRB5_SCC_FVNO_1)) &&
(scc_fvno != htons(KRB5_SCC_FVNO_2)) &&
(scc_fvno != htons(KRB5_SCC_FVNO_3))) {
- (void) krb5_unlock_file(f, data->filename);
+ (void) krb5_unlock_file(context, f, data->filename);
(void) fclose(f);
return KRB5_CCACHE_BADVNO;
}
* system errors
*/
krb5_error_code
-krb5_scc_next_cred(id, cursor, creds)
+krb5_scc_next_cred(context, id, cursor, creds)
+ krb5_context context;
krb5_ccache id;
krb5_cc_cursor *cursor;
krb5_creds *creds;
Z (addresses);
#undef Z
- MAYBE_OPEN (id, SCC_OPEN_RDONLY);
+ MAYBE_OPEN (context, id, SCC_OPEN_RDONLY);
fcursor = (krb5_scc_cursor *) *cursor;
ret = fseek(((krb5_scc_data *) id->data)->file, fcursor->pos, 0);
if (ret < 0) {
- ret = krb5_scc_interpret(errno);
- MAYBE_CLOSE (id, ret);
+ ret = krb5_scc_interpret(context, errno);
+ MAYBE_CLOSE (context, id, ret);
return ret;
}
- kret = krb5_scc_read_principal(id, &creds->client);
+ kret = krb5_scc_read_principal(context, id, &creds->client);
TCHECK(kret);
- kret = krb5_scc_read_principal(id, &creds->server);
+ kret = krb5_scc_read_principal(context, id, &creds->server);
TCHECK(kret);
- kret = krb5_scc_read_keyblock(id, &creds->keyblock);
+ kret = krb5_scc_read_keyblock(context, id, &creds->keyblock);
TCHECK(kret);
- kret = krb5_scc_read_times(id, &creds->times);
+ kret = krb5_scc_read_times(context, id, &creds->times);
TCHECK(kret);
- kret = krb5_scc_read_octet(id, &octet);
+ kret = krb5_scc_read_octet(context, id, &octet);
TCHECK(kret);
creds->is_skey = octet;
- kret = krb5_scc_read_int32(id, &int32);
+ kret = krb5_scc_read_int32(context, id, &int32);
TCHECK(kret);
creds->ticket_flags = int32;
- kret = krb5_scc_read_addrs(id, &creds->addresses);
+ kret = krb5_scc_read_addrs(context, id, &creds->addresses);
TCHECK(kret);
- kret = krb5_scc_read_authdata (id, &creds->authdata);
+ kret = krb5_scc_read_authdata (context, id, &creds->authdata);
TCHECK (kret);
- kret = krb5_scc_read_data(id, &creds->ticket);
+ kret = krb5_scc_read_data(context, id, &creds->ticket);
TCHECK(kret);
- kret = krb5_scc_read_data(id, &creds->second_ticket);
+ kret = krb5_scc_read_data(context, id, &creds->second_ticket);
TCHECK(kret);
fcursor->pos = ftell(((krb5_scc_data *) id->data)->file);
lose:
if (kret != KRB5_OK) {
- krb5_free_cred_contents(creds);
+ krb5_free_cred_contents(context, creds);
}
- MAYBE_CLOSE (id, kret);
+ MAYBE_CLOSE (context, id, kret);
return kret;
}
* system errors (read)
*/
krb5_error_code
-krb5_scc_read(id, buf, len)
+krb5_scc_read(context, id, buf, len)
+ krb5_context context;
krb5_ccache id;
krb5_pointer buf;
int len;
errno = 0;
ret = fread((char *) buf, 1, len, ((krb5_scc_data *) id->data)->file);
if ((ret == 0) && errno)
- return krb5_scc_interpret(errno);
+ return krb5_scc_interpret(context, errno);
else if (ret != len)
return KRB5_CC_END;
else
*/
krb5_error_code
-krb5_scc_read_principal(id, princ)
+krb5_scc_read_principal(context, id, princ)
+ krb5_context context;
krb5_ccache id;
krb5_principal *princ;
{
type = KRB5_NT_UNKNOWN;
} else {
/* Read principal type */
- kret = krb5_scc_read_int32(id, &type);
+ kret = krb5_scc_read_int32(context, id, &type);
if (kret != KRB5_OK)
return kret;
}
/* Read the number of components */
- kret = krb5_scc_read_int32(id, &length);
+ kret = krb5_scc_read_int32(context, id, &length);
if (kret != KRB5_OK)
return kret;
tmpprinc->length = length;
tmpprinc->type = type;
- kret = krb5_scc_read_data(id, krb5_princ_realm(tmpprinc));
+ kret = krb5_scc_read_data(context, id, krb5_princ_realm(context, tmpprinc));
i = 0;
CHECK(kret);
for (i=0; i < length; i++) {
- kret = krb5_scc_read_data(id, krb5_princ_component(tmpprinc, i));
+ kret = krb5_scc_read_data(context, id, krb5_princ_component(context, tmpprinc, i));
CHECK(kret);
}
*princ = tmpprinc;
errout:
while(--i >= 0)
- free(krb5_princ_component(tmpprinc, i)->data);
+ free(krb5_princ_component(context, tmpprinc, i)->data);
free((char *)tmpprinc->data);
free((char *)tmpprinc);
return kret;
}
krb5_error_code
-krb5_scc_read_addrs(id, addrs)
+krb5_scc_read_addrs(context, id, addrs)
+ krb5_context context;
krb5_ccache id;
krb5_address ***addrs;
{
*addrs = 0;
/* Read the number of components */
- kret = krb5_scc_read_int32(id, &length);
+ kret = krb5_scc_read_int32(context, id, &length);
CHECK(kret);
/* Make *addrs able to hold length pointers to krb5_address structs
for (i=0; i < length; i++) {
(*addrs)[i] = (krb5_address *) malloc(sizeof(krb5_address));
if ((*addrs)[i] == NULL) {
- krb5_free_addresses(*addrs);
+ krb5_free_addresses(context, *addrs);
return KRB5_CC_NOMEM;
}
- kret = krb5_scc_read_addr(id, (*addrs)[i]);
+ kret = krb5_scc_read_addr(context, id, (*addrs)[i]);
CHECK(kret);
}
return KRB5_OK;
errout:
if (*addrs)
- krb5_free_addresses(*addrs);
+ krb5_free_addresses(context, *addrs);
return kret;
}
krb5_error_code
-krb5_scc_read_keyblock(id, keyblock)
+krb5_scc_read_keyblock(context, id, keyblock)
+ krb5_context context;
krb5_ccache id;
krb5_keyblock *keyblock;
{
keyblock->magic = KV5M_KEYBLOCK;
keyblock->contents = 0;
- kret = krb5_scc_read_ui_2(id, &ui2);
+ kret = krb5_scc_read_ui_2(context, id, &ui2);
keyblock->keytype = ui2;
CHECK(kret);
if ((data->version == KRB5_SCC_FVNO_1) ||
(data->version == KRB5_SCC_FVNO_2))
keyblock->etype = ETYPE_UNKNOWN;
else {
- kret = krb5_scc_read_ui_2(id, &ui2);
+ kret = krb5_scc_read_ui_2(context, id, &ui2);
keyblock->etype = ui2;
CHECK(kret);
}
- kret = krb5_scc_read_int32(id, &int32);
+ kret = krb5_scc_read_int32(context, id, &int32);
CHECK(kret);
keyblock->length = int32;
if ( keyblock->length == 0 )
if (keyblock->contents == NULL)
return KRB5_CC_NOMEM;
- kret = krb5_scc_read(id, keyblock->contents, keyblock->length);
+ kret = krb5_scc_read(context, id, keyblock->contents, keyblock->length);
if (kret)
goto errout;
}
krb5_error_code
-krb5_scc_read_data(id, data)
+krb5_scc_read_data(context, id, data)
+ krb5_context context;
krb5_ccache id;
krb5_data *data;
{
data->magic = KV5M_DATA;
data->data = 0;
- kret = krb5_scc_read_int32(id, &data->length);
+ kret = krb5_scc_read_int32(context, id, &data->length);
CHECK(kret);
if (data->length == 0) {
if (data->data == NULL)
return KRB5_CC_NOMEM;
- kret = krb5_scc_read(id, data->data, data->length);
+ kret = krb5_scc_read(context, id, data->data, data->length);
CHECK(kret);
data->data[data->length] = 0; /* Null terminate, just in case.... */
}
krb5_error_code
-krb5_scc_read_addr(id, addr)
+krb5_scc_read_addr(context, id, addr)
+ krb5_context context;
krb5_ccache id;
krb5_address *addr;
{
addr->magic = KV5M_ADDRESS;
addr->contents = 0;
- kret = krb5_scc_read_ui_2(id, &ui2);
+ kret = krb5_scc_read_ui_2(context, id, &ui2);
CHECK(kret);
addr->addrtype = ui2;
- kret = krb5_scc_read_int32(id, &int32);
+ kret = krb5_scc_read_int32(context, id, &int32);
CHECK(kret);
addr->length = int32;
if (addr->contents == NULL)
return KRB5_CC_NOMEM;
- kret = krb5_scc_read(id, addr->contents, addr->length);
+ kret = krb5_scc_read(context, id, addr->contents, addr->length);
CHECK(kret);
return KRB5_OK;
}
krb5_error_code
-krb5_scc_read_int32(id, i)
+krb5_scc_read_int32(context, id, i)
+ krb5_context context;
krb5_ccache id;
krb5_int32 *i;
{
if ((data->version == KRB5_SCC_FVNO_1) ||
(data->version == KRB5_SCC_FVNO_2))
- return krb5_scc_read(id, (krb5_pointer) i, sizeof(krb5_int32));
+ return krb5_scc_read(context, id, (krb5_pointer) i, sizeof(krb5_int32));
else {
- retval = krb5_scc_read(id, buf, 4);
+ retval = krb5_scc_read(context, id, buf, 4);
if (retval)
return retval;
*i = (((((buf[0] << 8) + buf[1]) << 8 ) + buf[2]) << 8) + buf[3];
}
krb5_error_code
-krb5_scc_read_ui_2(id, i)
+krb5_scc_read_ui_2(context, id, i)
+ krb5_context context;
krb5_ccache id;
krb5_ui_2 *i;
{
if ((data->version == KRB5_SCC_FVNO_1) ||
(data->version == KRB5_SCC_FVNO_2))
- return krb5_scc_read(id, (krb5_pointer) i, sizeof(krb5_ui_2));
+ return krb5_scc_read(context, id, (krb5_pointer) i, sizeof(krb5_ui_2));
else {
- retval = krb5_scc_read(id, buf, 2);
+ retval = krb5_scc_read(context, id, buf, 2);
if (retval)
return retval;
*i = (buf[0] << 8) + buf[1];
}
krb5_error_code
-krb5_scc_read_octet(id, i)
+krb5_scc_read_octet(context, id, i)
+ krb5_context context;
krb5_ccache id;
krb5_octet *i;
{
- return krb5_scc_read(id, (krb5_pointer) i, 1);
+ return krb5_scc_read(context, id, (krb5_pointer) i, 1);
}
krb5_error_code
-krb5_scc_read_times(id, t)
+krb5_scc_read_times(context, id, t)
+ krb5_context context;
krb5_ccache id;
krb5_ticket_times *t;
{
if ((data->version == KRB5_SCC_FVNO_1) ||
(data->version == KRB5_SCC_FVNO_2))
- return krb5_scc_read(id, (krb5_pointer) t, sizeof(krb5_ticket_times));
+ return krb5_scc_read(context, id, (krb5_pointer) t, sizeof(krb5_ticket_times));
else {
- retval = krb5_scc_read_int32(id, &i);
+ retval = krb5_scc_read_int32(context, id, &i);
CHECK(retval);
t->authtime = i;
- retval = krb5_scc_read_int32(id, &i);
+ retval = krb5_scc_read_int32(context, id, &i);
CHECK(retval);
t->starttime = i;
- retval = krb5_scc_read_int32(id, &i);
+ retval = krb5_scc_read_int32(context, id, &i);
CHECK(retval);
t->endtime = i;
- retval = krb5_scc_read_int32(id, &i);
+ retval = krb5_scc_read_int32(context, id, &i);
CHECK(retval);
t->renew_till = i;
}
}
krb5_error_code
-krb5_scc_read_authdata(id, a)
+krb5_scc_read_authdata(context, id, a)
+ krb5_context context;
krb5_ccache id;
krb5_authdata ***a;
{
*a = 0;
/* Read the number of components */
- kret = krb5_scc_read_int32(id, &length);
+ kret = krb5_scc_read_int32(context, id, &length);
CHECK(kret);
if (length == 0)
for (i=0; i < length; i++) {
(*a)[i] = (krb5_authdata *) malloc(sizeof(krb5_authdata));
if ((*a)[i] == NULL) {
- krb5_free_authdata(*a);
+ krb5_free_authdata(context, *a);
return KRB5_CC_NOMEM;
}
- kret = krb5_scc_read_authdatum(id, (*a)[i]);
+ kret = krb5_scc_read_authdatum(context, id, (*a)[i]);
CHECK(kret);
}
return KRB5_OK;
errout:
if (*a)
- krb5_free_authdata(*a);
+ krb5_free_authdata(context, *a);
return kret;
}
krb5_error_code
-krb5_scc_read_authdatum(id, a)
+krb5_scc_read_authdatum(context, id, a)
+ krb5_context context;
krb5_ccache id;
krb5_authdata *a;
{
a->magic = KV5M_AUTHDATA;
a->contents = NULL;
- kret = krb5_scc_read_ui_2(id, &a->ad_type);
+ kret = krb5_scc_read_ui_2(context, id, &a->ad_type);
CHECK(kret);
- kret = krb5_scc_read_int32(id, &int32);
+ kret = krb5_scc_read_int32(context, id, &int32);
CHECK(kret);
a->length = int32;
if (a->contents == NULL)
return KRB5_CC_NOMEM;
- kret = krb5_scc_read(id, a->contents, a->length);
+ kret = krb5_scc_read(context, id, a->contents, a->length);
CHECK(kret);
return KRB5_OK;
* permission errors
*/
krb5_error_code
-krb5_scc_resolve (id, residual)
+krb5_scc_resolve (context, id, residual)
+ krb5_context context;
krb5_ccache *id;
char *residual;
{
}
static krb5_boolean
-standard_fields_match(mcreds, creds)
+standard_fields_match(context, mcreds, creds)
+ krb5_context context;
register const krb5_creds *mcreds, *creds;
{
- return (krb5_principal_compare(mcreds->client,creds->client) &&
- krb5_principal_compare(mcreds->server,creds->server));
+ return (krb5_principal_compare(context, mcreds->client,creds->client) &&
+ krb5_principal_compare(context, mcreds->server,creds->server));
}
/* only match the server name portion, not the server realm portion */
static krb5_boolean
-srvname_match(mcreds, creds)
+srvname_match(context, mcreds, creds)
+ krb5_context context;
register const krb5_creds *mcreds, *creds;
{
krb5_boolean retval;
krb5_principal_data p1, p2;
- retval = krb5_principal_compare(mcreds->client,creds->client);
+ retval = krb5_principal_compare(context, mcreds->client,creds->client);
if (retval != TRUE)
return retval;
/*
p1 = *mcreds->server;
p2 = *creds->server;
p1.realm = p2.realm;
- return krb5_principal_compare(&p1, &p2);
+ return krb5_principal_compare(context, &p1, &p2);
}
* KRB5_CC_NOMEM
*/
krb5_error_code
-krb5_scc_retrieve(id, whichfields, mcreds, creds)
+krb5_scc_retrieve(context, id, whichfields, mcreds, creds)
+ krb5_context context;
krb5_ccache id;
krb5_flags whichfields;
krb5_creds *mcreds;
krb5_error_code kret;
krb5_creds fetchcreds;
- kret = krb5_scc_start_seq_get(id, &cursor);
+ kret = krb5_scc_start_seq_get(context, id, &cursor);
if (kret != KRB5_OK)
return kret;
- while ((kret = krb5_scc_next_cred(id, &cursor, &fetchcreds)) == KRB5_OK) {
+ while ((kret = krb5_scc_next_cred(context, id, &cursor, &fetchcreds)) == KRB5_OK) {
if (((set(KRB5_TC_MATCH_SRV_NAMEONLY) &&
srvname_match(mcreds, &fetchcreds)) ||
standard_fields_match(mcreds, &fetchcreds))
data_match (&mcreds->second_ticket, &fetchcreds.second_ticket))
)
{
- krb5_scc_end_seq_get(id, &cursor);
+ krb5_scc_end_seq_get(context, id, &cursor);
*creds = fetchcreds;
return KRB5_OK;
}
/* This one doesn't match */
- krb5_free_cred_contents(&fetchcreds);
+ krb5_free_cred_contents(context, &fetchcreds);
}
/* If we get here, a match wasn't found */
- krb5_scc_end_seq_get(id, &cursor);
+ krb5_scc_end_seq_get(context, id, &cursor);
return KRB5_CC_NOTFOUND;
}
* Sets the operational flags of id to flags.
*/
krb5_error_code
-krb5_scc_set_flags(id, flags)
+krb5_scc_set_flags(context, id, flags)
+ krb5_context context;
krb5_ccache id;
krb5_flags flags;
{
if (flags & KRB5_TC_OPENCLOSE) {
/* asking to turn on OPENCLOSE mode */
if (!OPENCLOSE(id))
- ret = krb5_scc_close_file (id);
+ ret = krb5_scc_close_file (context, id);
} else {
/* asking to turn off OPENCLOSE mode, meaning it must be
left open. We open if it's not yet open */
if (OPENCLOSE(id)) {
- ret = krb5_scc_open_file (id, SCC_OPEN_RDWR);
+ ret = krb5_scc_open_file (context, id, SCC_OPEN_RDWR);
}
}
#include "scc.h"
krb5_error_code
-krb5_scc_skip_principal(id)
+krb5_scc_skip_principal(context, id)
+ krb5_context context;
krb5_ccache id;
{
krb5_error_code kret;
krb5_principal princ;
- kret = krb5_scc_read_principal(id, &princ);
+ kret = krb5_scc_read_principal(context, id, &princ);
if (kret != KRB5_OK)
return kret;
- krb5_free_principal(princ);
+ krb5_free_principal(context, princ);
return KRB5_OK;
}
* system errors
*/
krb5_error_code
-krb5_scc_start_seq_get(id, cursor)
+krb5_scc_start_seq_get(context, id, cursor)
+ krb5_context context;
krb5_ccache id;
krb5_cc_cursor *cursor;
{
return KRB5_CC_NOMEM;
/* Make sure we start reading right after the primary principal */
- MAYBE_OPEN (id, SCC_OPEN_RDONLY);
+ MAYBE_OPEN (context, id, SCC_OPEN_RDONLY);
/* skip over vno at beginning of file */
fseek(((krb5_scc_data *) id->data)->file, sizeof(krb5_int16), 0);
- krb5_scc_skip_principal(id);
+ krb5_scc_skip_principal(context, id);
fcursor->pos = ftell(((krb5_scc_data *) id->data)->file);
*cursor = (krb5_cc_cursor) fcursor;
- MAYBE_CLOSE (id, ret);
+ MAYBE_CLOSE (context, id, ret);
return(ret);
}
* storage failure errors
*/
krb5_error_code
-krb5_scc_store(id, creds)
+krb5_scc_store(context, id, creds)
+ krb5_context context;
krb5_ccache id;
krb5_creds *creds;
{
krb5_error_code ret;
/* Make sure we are writing to the end of the file */
- MAYBE_OPEN (id, SCC_OPEN_RDWR);
+ MAYBE_OPEN (context, id, SCC_OPEN_RDWR);
ret = fseek(((krb5_scc_data *) id->data)->file, 0, 2);
if (ret < 0)
- return krb5_scc_interpret(errno);
+ return krb5_scc_interpret(context, errno);
- ret = krb5_scc_store_principal(id, creds->client);
+ ret = krb5_scc_store_principal(context, id, creds->client);
TCHECK(ret);
- ret = krb5_scc_store_principal(id, creds->server);
+ ret = krb5_scc_store_principal(context, id, creds->server);
TCHECK(ret);
- ret = krb5_scc_store_keyblock(id, &creds->keyblock);
+ ret = krb5_scc_store_keyblock(context, id, &creds->keyblock);
TCHECK(ret);
- ret = krb5_scc_store_times(id, &creds->times);
+ ret = krb5_scc_store_times(context, id, &creds->times);
TCHECK(ret);
- ret = krb5_scc_store_octet(id, creds->is_skey);
+ ret = krb5_scc_store_octet(context, id, creds->is_skey);
TCHECK(ret);
- ret = krb5_scc_store_int32(id, creds->ticket_flags);
+ ret = krb5_scc_store_int32(context, id, creds->ticket_flags);
TCHECK(ret);
- ret = krb5_scc_store_addrs(id, creds->addresses);
+ ret = krb5_scc_store_addrs(context, id, creds->addresses);
TCHECK(ret);
- ret = krb5_scc_store_authdata(id, creds->authdata);
+ ret = krb5_scc_store_authdata(context, id, creds->authdata);
TCHECK(ret);
- ret = krb5_scc_store_data(id, &creds->ticket);
+ ret = krb5_scc_store_data(context, id, &creds->ticket);
TCHECK(ret);
- ret = krb5_scc_store_data(id, &creds->second_ticket);
+ ret = krb5_scc_store_data(context, id, &creds->second_ticket);
TCHECK(ret);
lose:
- MAYBE_CLOSE (id, ret);
+ MAYBE_CLOSE (context, id, ret);
return ret;
#undef TCHECK
}
init_test_cred();
- kret = krb5_scc_resolve(&id, "/tmp/tkt_test");
+ kret = krb5_scc_resolve(context, &id, "/tmp/tkt_test");
CHECK(kret, "resolve");
- kret = krb5_scc_initialize(id, test_creds.client);
+ kret = krb5_scc_initialize(context, id, test_creds.client);
CHECK(kret, "initialize");
kret = krb5_scc_store(id, &test_creds);
CHECK(kret, "store");
* system errors
*/
krb5_error_code
-krb5_scc_write(id, buf, len)
+krb5_scc_write(context, id, buf, len)
+ krb5_context context;
krb5_ccache id;
krb5_pointer buf;
int len;
errno = 0;
ret = fwrite((char *) buf, 1, len, ((krb5_scc_data *)id->data)->file);
if ((ret == 0) && errno) {
- return krb5_scc_interpret (errno);
+ return krb5_scc_interpret (context, errno);
} else if (ret != len)
return KRB5_CC_END;
return KRB5_OK;
*/
krb5_error_code
-krb5_scc_store_principal(id, princ)
+krb5_scc_store_principal(context, id, princ)
+ krb5_context context;
krb5_ccache id;
krb5_principal princ;
{
krb5_error_code ret;
krb5_int32 i, length, tmp, type;
- type = krb5_princ_type(princ);
- tmp = length = krb5_princ_size(princ);
+ type = krb5_princ_type(context, princ);
+ tmp = length = krb5_princ_size(context, princ);
if (data->version == KRB5_SCC_FVNO_1) {
/*
*/
tmp++;
} else {
- ret = krb5_scc_store_int32(id, type);
+ ret = krb5_scc_store_int32(context, id, type);
CHECK(ret);
}
- ret = krb5_scc_store_int32(id, tmp);
+ ret = krb5_scc_store_int32(context, id, tmp);
CHECK(ret);
- ret = krb5_scc_store_data(id, krb5_princ_realm(princ));
+ ret = krb5_scc_store_data(context, id, krb5_princ_realm(context, princ));
CHECK(ret);
for (i=0; i < length; i++) {
- ret = krb5_scc_store_data(id, krb5_princ_component(princ, i));
+ ret = krb5_scc_store_data(context, id,
+ krb5_princ_component(context, princ, i));
CHECK(ret);
}
}
krb5_error_code
-krb5_scc_store_addrs(id, addrs)
+krb5_scc_store_addrs(context, id, addrs)
+ krb5_context context;
krb5_ccache id;
krb5_address ** addrs;
{
length += 1;
}
- ret = krb5_scc_store_int32(id, length);
+ ret = krb5_scc_store_int32(context, id, length);
CHECK(ret);
for (i=0; i < length; i++) {
- ret = krb5_scc_store_addr(id, addrs[i]);
+ ret = krb5_scc_store_addr(context, id, addrs[i]);
CHECK(ret);
}
}
krb5_error_code
-krb5_scc_store_keyblock(id, keyblock)
+krb5_scc_store_keyblock(context, id, keyblock)
+ krb5_context context;
krb5_ccache id;
krb5_keyblock *keyblock;
{
krb5_scc_data *data = (krb5_scc_data *)id->data;
krb5_error_code ret;
- ret = krb5_scc_store_ui_2(id, keyblock->keytype);
+ ret = krb5_scc_store_ui_2(context, id, keyblock->keytype);
CHECK(ret);
if ((data->version != KRB5_SCC_FVNO_1) &&
(data->version != KRB5_SCC_FVNO_2)) {
- ret = krb5_scc_store_ui_2(id, keyblock->etype);
+ ret = krb5_scc_store_ui_2(context, id, keyblock->etype);
CHECK(ret);
}
- ret = krb5_scc_store_int32(id, keyblock->length);
+ ret = krb5_scc_store_int32(context, id, keyblock->length);
CHECK(ret);
- return krb5_scc_write(id, (char *) keyblock->contents, keyblock->length);
+ return krb5_scc_write(context, id, (char *) keyblock->contents, keyblock->length);
}
krb5_error_code
-krb5_scc_store_addr(id, addr)
+krb5_scc_store_addr(context, id, addr)
+ krb5_context context;
krb5_ccache id;
krb5_address *addr;
{
krb5_error_code ret;
- ret = krb5_scc_store_ui_2(id, addr->addrtype);
+ ret = krb5_scc_store_ui_2(context, id, addr->addrtype);
CHECK(ret);
- ret = krb5_scc_store_int32(id, addr->length);
+ ret = krb5_scc_store_int32(context, id, addr->length);
CHECK(ret);
- return krb5_scc_write(id, (char *) addr->contents, addr->length);
+ return krb5_scc_write(context, id, (char *) addr->contents, addr->length);
}
krb5_error_code
-krb5_scc_store_data(id, data)
+krb5_scc_store_data(context, id, data)
+ krb5_context context;
krb5_ccache id;
krb5_data *data;
{
krb5_error_code ret;
- ret = krb5_scc_store_int32(id, data->length);
+ ret = krb5_scc_store_int32(context, id, data->length);
CHECK(ret);
- return krb5_scc_write(id, data->data, data->length);
+ return krb5_scc_write(context, id, data->data, data->length);
}
krb5_error_code
-krb5_scc_store_int32(id, i)
+krb5_scc_store_int32(context, id, i)
+ krb5_context context;
krb5_ccache id;
krb5_int32 i;
{
if ((data->version == KRB5_SCC_FVNO_1) ||
(data->version == KRB5_SCC_FVNO_2))
- return krb5_scc_write(id, (char *) &i, sizeof(krb5_int32));
+ return krb5_scc_write(context, id, (char *) &i, sizeof(krb5_int32));
else {
buf[3] = i & 0xFF;
i >>= 8;
i >>= 8;
buf[0] = i & 0xFF;
- return krb5_scc_write(id, buf, 4);
+ return krb5_scc_write(context, id, buf, 4);
}
}
krb5_error_code
-krb5_scc_store_ui_2(id, i)
+krb5_scc_store_ui_2(context, id, i)
+ krb5_context context;
krb5_ccache id;
krb5_int32 i;
{
if ((data->version == KRB5_SCC_FVNO_1) ||
(data->version == KRB5_SCC_FVNO_2)) {
ibuf = i;
- return krb5_scc_write(id, (char *) &ibuf, sizeof(krb5_ui_2));
+ return krb5_scc_write(context, id, (char *) &ibuf, sizeof(krb5_ui_2));
} else {
buf[1] = i & 0xFF;
i >>= 8;
buf[0] = i & 0xFF;
- return krb5_scc_write(id, buf, 2);
+ return krb5_scc_write(context, id, buf, 2);
}
}
krb5_error_code
-krb5_scc_store_octet(id, i)
+krb5_scc_store_octet(context, id, i)
+ krb5_context context;
krb5_ccache id;
krb5_int32 i;
{
krb5_octet ibuf;
ibuf = i;
- return krb5_scc_write(id, (char *) &ibuf, 1);
+ return krb5_scc_write(context, id, (char *) &ibuf, 1);
}
krb5_error_code
-krb5_scc_store_times(id, t)
+krb5_scc_store_times(context, id, t)
+ krb5_context context;
krb5_ccache id;
krb5_ticket_times *t;
{
if ((data->version == KRB5_SCC_FVNO_1) ||
(data->version == KRB5_SCC_FVNO_2))
- return krb5_scc_write(id, (char *) t, sizeof(krb5_ticket_times));
+ return krb5_scc_write(context, id, (char *) t, sizeof(krb5_ticket_times));
else {
- retval = krb5_scc_store_int32(id, t->authtime);
+ retval = krb5_scc_store_int32(context, id, t->authtime);
CHECK(retval);
- retval = krb5_scc_store_int32(id, t->starttime);
+ retval = krb5_scc_store_int32(context, id, t->starttime);
CHECK(retval);
- retval = krb5_scc_store_int32(id, t->endtime);
+ retval = krb5_scc_store_int32(context, id, t->endtime);
CHECK(retval);
- retval = krb5_scc_store_int32(id, t->renew_till);
+ retval = krb5_scc_store_int32(context, id, t->renew_till);
CHECK(retval);
return 0;
}
}
krb5_error_code
-krb5_scc_store_authdata(id, a)
+krb5_scc_store_authdata(context, id, a)
+ krb5_context context;
krb5_ccache id;
krb5_authdata **a;
{
length++;
}
- ret = krb5_scc_store_int32(id, length);
+ ret = krb5_scc_store_int32(context, id, length);
CHECK(ret);
for (i=0; i<length; i++) {
- ret = krb5_scc_store_authdatum (id, a[i]);
+ ret = krb5_scc_store_authdatum (context, id, a[i]);
CHECK(ret);
}
return KRB5_OK;
}
krb5_error_code
-krb5_scc_store_authdatum (id, a)
+krb5_scc_store_authdatum (context, id, a)
+ krb5_context context;
krb5_ccache id;
krb5_authdata *a;
{
krb5_error_code ret;
- ret = krb5_scc_store_ui_2(id, a->ad_type);
+ ret = krb5_scc_store_ui_2(context, id, a->ad_type);
CHECK(ret);
- ret = krb5_scc_store_int32(id, a->length);
+ ret = krb5_scc_store_int32(context, id, a->length);
CHECK(ret);
- return krb5_scc_write(id, (krb5_pointer) a->contents, a->length);
+ return krb5_scc_write(context, id, (krb5_pointer) a->contents, a->length);
}
#include <krb5/krb5.h>
void
-krb5_init_ets PROTOTYPE((void))
+krb5_init_ets PROTOTYPE((krb5_context context))
{
static int initialized = 0;
+Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu)
+
+ * Added krb5_context to all krb5_routines
+
Thu Oct 13 17:24:51 1994 Theodore Y. Ts'o (tytso@maytag)
* configure.in: Add ISODE_DEFS
#include <krb5/ext-proto.h>
void
-krb5_free_address(val)
-krb5_address *val;
+krb5_free_address(context, val)
+ krb5_context context;
+ krb5_address *val;
{
if (val->contents)
krb5_xfree(val->contents);
#include <krb5/ext-proto.h>
void
-krb5_free_addresses(val)
-krb5_address **val;
+krb5_free_addresses(context, val)
+ krb5_context context;
+ krb5_address **val;
{
register krb5_address **temp;
#include <krb5/ext-proto.h>
void
-krb5_free_ap_rep(val)
-register krb5_ap_rep *val;
+krb5_free_ap_rep(context, val)
+ krb5_context context;
+ register krb5_ap_rep *val;
{
if (val->enc_part.ciphertext.data)
krb5_xfree(val->enc_part.ciphertext.data);
#include <krb5/ext-proto.h>
void
-krb5_free_ap_req(val)
-register krb5_ap_req *val;
+krb5_free_ap_req(context, val)
+ krb5_context context;
+ register krb5_ap_req *val;
{
if (val->ticket)
- krb5_free_ticket(val->ticket);
+ krb5_free_ticket(context, val->ticket);
if (val->authenticator.ciphertext.data)
krb5_xfree(val->authenticator.ciphertext.data);
krb5_xfree(val);
#include <krb5/ext-proto.h>
void
-krb5_free_ap_rep_enc_part(val)
-krb5_ap_rep_enc_part *val;
+krb5_free_ap_rep_enc_part(context, val)
+ krb5_context context;
+ krb5_ap_rep_enc_part *val;
{
if (val->subkey)
- krb5_free_keyblock(val->subkey);
+ krb5_free_keyblock(context, val->subkey);
krb5_xfree(val);
return;
}
#include <krb5/ext-proto.h>
void
-krb5_free_authenticator_contents(val)
-krb5_authenticator *val;
+krb5_free_authenticator_contents(context, val)
+ krb5_context context;
+ krb5_authenticator *val;
{
if (val->checksum)
- krb5_free_checksum(val->checksum);
+ krb5_free_checksum(context, val->checksum);
if (val->client)
- krb5_free_principal(val->client);
+ krb5_free_principal(context, val->client);
if (val->subkey)
- krb5_free_keyblock(val->subkey);
+ krb5_free_keyblock(context, val->subkey);
if (val->authorization_data)
- krb5_free_authdata(val->authorization_data);
+ krb5_free_authdata(context, val->authorization_data);
return;
}
#include <krb5/ext-proto.h>
void
-krb5_free_authdata(val)
+krb5_free_authdata(context, val)
+ krb5_context context;
krb5_authdata **val;
{
register krb5_authdata **temp;
#include <krb5/ext-proto.h>
void
-krb5_free_authenticator(val)
-krb5_authenticator *val;
+krb5_free_authenticator(context, val)
+ krb5_context context;
+ krb5_authenticator *val;
{
if (val->checksum)
- krb5_free_checksum(val->checksum);
+ krb5_free_checksum(context, val->checksum);
if (val->client)
- krb5_free_principal(val->client);
+ krb5_free_principal(context, val->client);
if (val->subkey)
- krb5_free_keyblock(val->subkey);
+ krb5_free_keyblock(context, val->subkey);
if (val->authorization_data)
- krb5_free_authdata(val->authorization_data);
+ krb5_free_authdata(context, val->authorization_data);
krb5_xfree(val);
return;
}
#include <krb5/ext-proto.h>
void
-krb5_free_checksum(val)
-register krb5_checksum *val;
+krb5_free_checksum(context, val)
+ krb5_context context;
+ register krb5_checksum *val;
{
if (val->contents)
krb5_xfree(val->contents);
#include <krb5/ext-proto.h>
void
-krb5_free_cred(val)
-register krb5_cred *val;
+krb5_free_cred(context, val)
+ krb5_context context;
+ register krb5_cred *val;
{
if (val->tickets)
- krb5_free_tickets(val->tickets);
+ krb5_free_tickets(context, val->tickets);
if (val->enc_part.ciphertext.data)
krb5_xfree(val->enc_part.ciphertext.data);
krb5_xfree(val);
*/
void
-krb5_free_cred_contents(val)
-krb5_creds *val;
+krb5_free_cred_contents(context, val)
+ krb5_context context;
+ krb5_creds *val;
{
if (val->client)
- krb5_free_principal(val->client);
+ krb5_free_principal(context, val->client);
if (val->server)
- krb5_free_principal(val->server);
+ krb5_free_principal(context, val->server);
if (val->keyblock.contents) {
memset((char *)val->keyblock.contents, 0, val->keyblock.length);
krb5_xfree(val->keyblock.contents);
if (val->second_ticket.data)
krb5_xfree(val->second_ticket.data);
if (val->addresses)
- krb5_free_addresses(val->addresses);
+ krb5_free_addresses(context, val->addresses);
if (val->authdata)
- krb5_free_authdata(val->authdata);
+ krb5_free_authdata(context, val->authdata);
return;
}
#include <krb5/ext-proto.h>
void
-krb5_free_cred_enc_part(val)
-register krb5_cred_enc_part *val;
+krb5_free_cred_enc_part(context, val)
+ krb5_context context;
+ register krb5_cred_enc_part *val;
{
register krb5_cred_info **temp;
if (val->r_address)
- krb5_free_address(val->r_address);
+ krb5_free_address(context, val->r_address);
if (val->s_address)
- krb5_free_address(val->s_address);
+ krb5_free_address(context, val->s_address);
if (val->ticket_info) {
for (temp = val->ticket_info; *temp; temp++) {
if ((*temp)->session)
- krb5_free_keyblock((*temp)->session);
+ krb5_free_keyblock(context, (*temp)->session);
if ((*temp)->client)
- krb5_free_principal((*temp)->client);
+ krb5_free_principal(context, (*temp)->client);
if ((*temp)->server)
- krb5_free_principal((*temp)->server);
+ krb5_free_principal(context, (*temp)->server);
if ((*temp)->caddrs)
- krb5_free_addresses((*temp)->caddrs);
+ krb5_free_addresses(context, (*temp)->caddrs);
krb5_xfree((*temp));
}
krb5_xfree(val->ticket_info);
#include <krb5/ext-proto.h>
void
-krb5_free_creds(val)
-krb5_creds *val;
+krb5_free_creds(context, val)
+ krb5_context context;
+ krb5_creds *val;
{
- krb5_free_cred_contents(val);
+ krb5_free_cred_contents(context, val);
krb5_xfree(val);
return;
}
#include <krb5/ext-proto.h>
void
-krb5_free_enc_kdc_rep_part(val)
-register krb5_enc_kdc_rep_part *val;
+krb5_free_enc_kdc_rep_part(context, val)
+ krb5_context context;
+ register krb5_enc_kdc_rep_part *val;
{
if (val->session)
- krb5_free_keyblock(val->session);
+ krb5_free_keyblock(context, val->session);
if (val->last_req)
- krb5_free_last_req(val->last_req);
+ krb5_free_last_req(context, val->last_req);
if (val->server)
- krb5_free_principal(val->server);
+ krb5_free_principal(context, val->server);
if (val->caddrs)
- krb5_free_addresses(val->caddrs);
+ krb5_free_addresses(context, val->caddrs);
krb5_xfree(val);
return;
}
#include <krb5/ext-proto.h>
void
-krb5_free_enc_tkt_part(val)
-krb5_enc_tkt_part *val;
+krb5_free_enc_tkt_part(context, val)
+ krb5_context context;
+ krb5_enc_tkt_part *val;
{
if (val->session)
- krb5_free_keyblock(val->session);
+ krb5_free_keyblock(context, val->session);
if (val->client)
- krb5_free_principal(val->client);
+ krb5_free_principal(context, val->client);
if (val->transited.tr_contents.data)
krb5_xfree(val->transited.tr_contents.data);
if (val->caddrs)
- krb5_free_addresses(val->caddrs);
+ krb5_free_addresses(context, val->caddrs);
if (val->authorization_data)
- krb5_free_authdata(val->authorization_data);
+ krb5_free_authdata(context, val->authorization_data);
krb5_xfree(val);
return;
}
#include <krb5/ext-proto.h>
void
-krb5_free_error(val)
-register krb5_error *val;
+krb5_free_error(context, val)
+ krb5_context context;
+ register krb5_error *val;
{
if (val->client)
- krb5_free_principal(val->client);
+ krb5_free_principal(context, val->client);
if (val->server)
- krb5_free_principal(val->server);
+ krb5_free_principal(context, val->server);
if (val->text.data)
krb5_xfree(val->text.data);
if (val->e_data.data)
#include <krb5/ext-proto.h>
void
-krb5_free_kdc_rep(val)
+krb5_free_kdc_rep(context, val)
+ krb5_context context;
krb5_kdc_rep *val;
{
if (val->padata)
- krb5_free_pa_data(val->padata);
+ krb5_free_pa_data(context, val->padata);
if (val->client)
- krb5_free_principal(val->client);
+ krb5_free_principal(context, val->client);
if (val->ticket)
- krb5_free_ticket(val->ticket);
+ krb5_free_ticket(context, val->ticket);
if (val->enc_part.ciphertext.data)
krb5_xfree(val->enc_part.ciphertext.data);
if (val->enc_part2)
- krb5_free_enc_kdc_rep_part(val->enc_part2);
+ krb5_free_enc_kdc_rep_part(context, val->enc_part2);
krb5_xfree(val);
return;
}
#include <krb5/ext-proto.h>
void
-krb5_free_kdc_req(val)
-krb5_kdc_req *val;
+krb5_free_kdc_req(context, val)
+ krb5_context context;
+ krb5_kdc_req *val;
{
if (val->padata)
- krb5_free_pa_data(val->padata);
+ krb5_free_pa_data(context, val->padata);
if (val->client)
- krb5_free_principal(val->client);
+ krb5_free_principal(context, val->client);
if (val->server)
- krb5_free_principal(val->server);
+ krb5_free_principal(context, val->server);
if (val->etype)
krb5_xfree(val->etype);
if (val->addresses)
- krb5_free_addresses(val->addresses);
+ krb5_free_addresses(context, val->addresses);
if (val->authorization_data.ciphertext.data)
krb5_xfree(val->authorization_data.ciphertext.data);
if (val->unenc_authdata)
- krb5_free_authdata(val->unenc_authdata);
+ krb5_free_authdata(context, val->unenc_authdata);
if (val->second_ticket)
- krb5_free_tickets(val->second_ticket);
+ krb5_free_tickets(context, val->second_ticket);
krb5_xfree(val);
return;
}
#include <krb5/ext-proto.h>
void
-krb5_free_keyblock(val)
-register krb5_keyblock *val;
+krb5_free_keyblock(context, val)
+ krb5_context context;
+ register krb5_keyblock *val;
{
if (val->contents) {
memset((char *)val->contents, 0, val->length);
#include <krb5/ext-proto.h>
void
-krb5_free_last_req(val)
-krb5_last_req_entry **val;
+krb5_free_last_req(context, val)
+ krb5_context context;
+ krb5_last_req_entry **val;
{
register krb5_last_req_entry **temp;
#include <krb5/ext-proto.h>
void
-krb5_free_pa_data(val)
-krb5_pa_data **val;
+krb5_free_pa_data(context, val)
+ krb5_context context;
+ krb5_pa_data **val;
{
register krb5_pa_data **temp;
#include <krb5/ext-proto.h>
void
-krb5_free_principal(val)
-krb5_principal val;
+krb5_free_principal(context, val)
+ krb5_context context;
+ krb5_principal val;
{
register int i;
return;
if (val->data) {
- i = krb5_princ_size(val);
+ i = krb5_princ_size(context, val);
while(--i >= 0)
- free(krb5_princ_component(val, i)->data);
+ free(krb5_princ_component(context, val, i)->data);
krb5_xfree(val->data);
}
if (val->realm.data)
#include <krb5/ext-proto.h>
void
-krb5_free_priv(val)
+krb5_free_priv(context, val)
+ krb5_context context;
register krb5_priv *val;
{
if (val->enc_part.ciphertext.data)
#include <krb5/ext-proto.h>
void
-krb5_free_priv_enc_part(val)
-register krb5_priv_enc_part *val;
+krb5_free_priv_enc_part(context, val)
+ krb5_context context;
+ register krb5_priv_enc_part *val;
{
if (val->user_data.data)
krb5_xfree(val->user_data.data);
if (val->r_address)
- krb5_free_address(val->r_address);
+ krb5_free_address(context, val->r_address);
if (val->s_address)
- krb5_free_address(val->s_address);
+ krb5_free_address(context, val->s_address);
krb5_xfree(val);
return;
}
#include <krb5/ext-proto.h>
void
-krb5_free_pwd_data(val)
+krb5_free_pwd_data(context, val)
+ krb5_context context;
krb5_pwd_data *val;
{
if (val->element)
- krb5_free_pwd_sequences(val->element);
+ krb5_free_pwd_sequences(context, val->element);
krb5_xfree(val);
return;
}
#include <krb5/ext-proto.h>
void
-krb5_free_pwd_sequences(val)
-passwd_phrase_element **val;
+krb5_free_pwd_sequences(context, val)
+ krb5_context context;
+ passwd_phrase_element **val;
{
if ((*val)->passwd)
krb5_xfree((*val)->passwd);
#include <krb5/ext-proto.h>
void
-krb5_free_safe(val)
-register krb5_safe *val;
+krb5_free_safe(context, val)
+ krb5_context context;
+ register krb5_safe *val;
{
if (val->user_data.data)
krb5_xfree(val->user_data.data);
if (val->r_address)
- krb5_free_address(val->r_address);
+ krb5_free_address(context, val->r_address);
if (val->s_address)
- krb5_free_address(val->s_address);
+ krb5_free_address(context, val->s_address);
if (val->checksum)
- krb5_free_checksum(val->checksum);
+ krb5_free_checksum(context, val->checksum);
krb5_xfree(val);
return;
}
#include <krb5/ext-proto.h>
void
-krb5_free_tgt_creds(tgts)
-krb5_creds **tgts;
+krb5_free_tgt_creds(context, tgts)
+ krb5_context context;
+ krb5_creds **tgts;
{
register krb5_creds **tgtpp;
for (tgtpp = tgts; *tgtpp; tgtpp++)
- krb5_free_creds(*tgtpp);
+ krb5_free_creds(context, *tgtpp);
krb5_xfree(tgts);
}
#include <krb5/ext-proto.h>
void
-krb5_free_ticket(val)
-krb5_ticket *val;
+krb5_free_ticket(context, val)
+ krb5_context context;
+ krb5_ticket *val;
{
if (val->server)
- krb5_free_principal(val->server);
+ krb5_free_principal(context, val->server);
if (val->enc_part.ciphertext.data)
krb5_xfree(val->enc_part.ciphertext.data);
if (val->enc_part2)
- krb5_free_enc_tkt_part(val->enc_part2);
+ krb5_free_enc_tkt_part(context, val->enc_part2);
krb5_xfree(val);
return;
}
#include <krb5/ext-proto.h>
void
-krb5_free_tickets(val)
-krb5_ticket **val;
+krb5_free_tickets(context, val)
+ krb5_context context;
+ krb5_ticket **val;
{
register krb5_ticket **temp;
for (temp = val; *temp; temp++)
- krb5_free_ticket(*temp);
+ krb5_free_ticket(context, *temp);
krb5_xfree(val);
return;
}
#include <krb5/ext-proto.h>
void
-krb5_free_tkt_authent(val)
-krb5_tkt_authent *val;
+krb5_free_tkt_authent(context, val)
+ krb5_context context;
+ krb5_tkt_authent *val;
{
if (val->ticket)
- krb5_free_ticket(val->ticket);
+ krb5_free_ticket(context, val->ticket);
if (val->authenticator)
- krb5_free_authenticator(val->authenticator);
+ krb5_free_authenticator(context, val->authenticator);
krb5_xfree(val);
return;
}
+Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu)
+
+ * Added krb5_context to all krb5_routines
+
Fri Oct 14 23:09:02 1994 Theodore Y. Ts'o (tytso@dcl)
* configure.in: Add ISODE_DEFS rule.
#include <krb5/krb5.h>
krb5_error_code
-krb5_kt_add_entry (id, entry)
-krb5_keytab id;
-krb5_keytab_entry *entry;
+krb5_kt_add_entry (context, id, entry)
+ krb5_context context;
+ krb5_keytab id;
+ krb5_keytab_entry *entry;
{
if (id->ops->add)
- return (*id->ops->add)(id, entry);
+ return (*id->ops->add)(context, id, entry);
else
return KRB5_KT_NOWRITE;
}
*/
krb5_error_code
-krb5_kt_register(ops)
-krb5_kt_ops *ops;
+krb5_kt_register(context, ops)
+ krb5_context context;
+ krb5_kt_ops *ops;
{
struct krb5_kt_typelist *t;
for (t = kt_typehead;t && strcmp(t->ops->prefix,ops->prefix);t = t->next)
* particular keytab type.
*/
-krb5_error_code krb5_kt_resolve (name, ktid)
+krb5_error_code krb5_kt_resolve (context, name, ktid)
+ krb5_context context;
const char *name;
krb5_keytab *ktid;
{
cp = strchr (name, ':');
if (!cp) {
- return (*krb5_kt_dfl_ops.resolve)(name, ktid);
+ return (*krb5_kt_dfl_ops.resolve)(context, name, ktid);
}
pfxlen = cp - (char *)name;
for (tlist = kt_typehead; tlist; tlist = tlist->next) {
if (strcmp (tlist->ops->prefix, pfx) == 0) {
free(pfx);
- return (*tlist->ops->resolve)(resid, ktid);
+ return (*tlist->ops->resolve)(context, resid, ktid);
}
}
free(pfx);
#include <krb5/krb5.h>
#include <stdio.h>
-krb5_error_code krb5_kt_default(id)
-krb5_keytab *id;
+krb5_error_code krb5_kt_default(context, id)
+ krb5_context context;
+ krb5_keytab *id;
{
char defname[BUFSIZ];
krb5_error_code retval;
- if (retval = krb5_kt_default_name(defname, sizeof(defname)))
+ if (retval = krb5_kt_default_name(context, defname, sizeof(defname)))
return retval;
- return krb5_kt_resolve(defname, id);
+ return krb5_kt_resolve(context, defname, id);
}
#include <krb5/ext-proto.h>
krb5_error_code
-krb5_kt_free_entry (entry)
-krb5_keytab_entry *entry;
+krb5_kt_free_entry (context, entry)
+ krb5_context context;
+ krb5_keytab_entry *entry;
{
if (!entry)
return 0;
- krb5_free_principal(entry->principal);
+ krb5_free_principal(context, entry->principal);
if (entry->key.contents) {
memset((char *)entry->key.contents, 0, entry->key.length);
krb5_xfree(entry->key.contents);
#include <krb5/krb5.h>
krb5_error_code
-krb5_kt_remove_entry (id, entry)
-krb5_keytab id;
-krb5_keytab_entry *entry;
+krb5_kt_remove_entry (context, id, entry)
+ krb5_context context;
+ krb5_keytab id;
+ krb5_keytab_entry *entry;
{
if (id->ops->remove)
- return (*id->ops->remove)(id, entry);
+ return (*id->ops->remove)(context, id, entry);
else
return KRB5_KT_NOWRITE;
}
#define KSUCCESS 0
krb5_error_code
-krb5_kt_read_service_key(DECLARG(krb5_pointer, keyprocarg),
- DECLARG(krb5_principal, principal),
- DECLARG(krb5_kvno, vno),
- DECLARG(krb5_keyblock **, key))
-OLDDECLARG(krb5_pointer, keyprocarg)
-OLDDECLARG(krb5_principal, principal)
-OLDDECLARG(krb5_kvno, vno)
-OLDDECLARG(krb5_keyblock **, key)
+krb5_kt_read_service_key(context, keyprocarg, principal, vno, key)
+ krb5_context context;
+ krb5_pointer keyprocarg;
+ krb5_principal principal;
+ krb5_kvno vno;
+ krb5_keyblock ** key;
/*
effects: If keyprocarg is not NULL, it is taken to be
the name of a keytab. Otherwise, the default
* Get the name of the file that we should use.
*/
if (!keyprocarg) {
- if ((kerror = krb5_kt_default_name((char *)keytabname,
+ if ((kerror = krb5_kt_default_name(context, (char *)keytabname,
sizeof(keytabname) - 1))!= KSUCCESS)
return (kerror);
} else {
sizeof(keytabname) - 1);
}
- if (kerror = krb5_kt_resolve((char *)keytabname, &id))
+ if (kerror = krb5_kt_resolve(context, (char *)keytabname, &id))
return (kerror);
- kerror = krb5_kt_get_entry(id, principal, vno, &entry);
- krb5_kt_close(id);
+ kerror = krb5_kt_get_entry(context, id, principal, vno, &entry);
+ krb5_kt_close(context, id);
if (kerror)
return(kerror);
- krb5_copy_keyblock(&entry.key, key);
+ krb5_copy_keyblock(context, &entry.key, key);
- krb5_kt_free_entry(&entry);
+ krb5_kt_free_entry(context, &entry);
return (KSUCCESS);
}
+Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu)
+
+ * Added krb5_context to all krb5_routines
+
Mon Dec 19 21:55:44 1994 Theodore Y. Ts'o (tytso@dcl)
* init_ctx.c: New file. Initializes and frees the krb5_context
* If the two addresses are the same, return TRUE, else return FALSE
*/
krb5_boolean
-krb5_address_compare(addr1, addr2)
-const krb5_address *addr1;
-const krb5_address *addr2;
+krb5_address_compare(context, addr1, addr2)
+ krb5_context context;
+ const krb5_address *addr1;
+ const krb5_address *addr2;
{
if (addr1->addrtype != addr2->addrtype)
return(FALSE);
* < 0 if first is less than 2nd, > 0 if first is greater than 2nd.
*/
int
-krb5_address_order(addr1, addr2)
-register const krb5_address *addr1;
-register const krb5_address *addr2;
+krb5_address_order(context, addr1, addr2)
+ krb5_context context;
+ register const krb5_address *addr1;
+ register const krb5_address *addr2;
{
int dir;
register int i;
* if not listed, return FALSE
*/
krb5_boolean
-krb5_address_search(addr, addrlist)
-const krb5_address *addr;
-krb5_address * const * addrlist;
+krb5_address_search(context, addr, addrlist)
+ krb5_context context;
+ const krb5_address *addr;
+ krb5_address * const * addrlist;
{
if (!addrlist)
return TRUE;
for (; *addrlist; addrlist++) {
- if (krb5_address_compare(addr, *addrlist))
+ if (krb5_address_compare(context, addr, *addrlist))
return TRUE;
}
return FALSE;
krb5_error_code
#if __STDC__ || defined(STDARG_PROTOTYPES)
-krb5_build_principal_ext(krb5_principal *princ, int rlen,
- const char *realm, ...)
+krb5_build_principal_ext(krb5_context context, krb5_principal * princ, int rlen, const char * realm, ...)
#else
-krb5_build_principal_ext(princ, rlen, realm, va_alist)
-krb5_principal *princ;
-int rlen;
-const char *realm;
-va_dcl
+krb5_build_principal_ext(context, princ, rlen, realm, va_alist)
+ krb5_context context;
+ krb5_principal *princ;
+ int rlen;
+ const char *realm;
+ va_dcl
#endif
{
va_list ap;
krb5_xfree(princ_ret);
return ENOMEM;
}
- krb5_princ_set_realm_length(princ_ret, rlen);
- krb5_princ_set_realm_data(princ_ret, tmpdata);
+ krb5_princ_set_realm_length(context, princ_ret, rlen);
+ krb5_princ_set_realm_data(context, princ_ret, tmpdata);
memcpy(tmpdata, realm, rlen);
tmpdata[rlen] = 0;
}
va_end(ap);
*princ = princ_ret;
- krb5_princ_type(princ_ret) = KRB5_NT_UNKNOWN;
+ krb5_princ_type(context, princ_ret) = KRB5_NT_UNKNOWN;
return 0;
free_out:
#include <krb5/ext-proto.h>
krb5_error_code
-krb5_build_principal_va(princ, rlen, realm, ap)
-krb5_principal princ;
-int rlen;
-const char *realm;
-va_list ap;
+krb5_build_principal_va(context, princ, rlen, realm, ap)
+ krb5_context context;
+ krb5_principal princ;
+ int rlen;
+ const char *realm;
+ va_list ap;
{
register int i, count = 0;
register char *next;
data = (krb5_data *) malloc(sizeof(krb5_data) * count);
if (data == 0)
return ENOMEM;
- krb5_princ_set_realm_length(princ, rlen);
+ krb5_princ_set_realm_length(context, princ, rlen);
tmpdata = malloc(rlen);
if (!tmpdata) {
free (data);
return ENOMEM;
}
- krb5_princ_set_realm_data(princ, tmpdata);
+ krb5_princ_set_realm_data(context, princ, tmpdata);
memcpy(tmpdata, realm, rlen);
/* process rest of components */
krb5_error_code
#if __STDC__ || defined(STDARG_PROTOTYPES)
-krb5_build_principal(krb5_principal *princ, int rlen, const char *realm, ...)
+krb5_build_principal(krb5_context context, krb5_principal * princ, int rlen,
+ const char * realm, ...)
#else
-krb5_build_principal(princ, rlen, realm, va_alist)
-krb5_principal *princ;
-int rlen;
-const char *realm;
-va_dcl
+krb5_build_principal(context, princ, rlen, realm, va_alist)
+ krb5_context context;
+ krb5_principal *princ;
+ int rlen;
+ const char *realm;
+ va_dcl
#endif
{
va_list ap;
#else
va_start(ap);
#endif
- retval = krb5_build_principal_va(pr_ret, rlen, realm, ap);
+ retval = krb5_build_principal_va(context, pr_ret, rlen, realm, ap);
va_end(ap);
if (retval == 0)
*princ = pr_ret;
#define MAX_REALM_LN 500
-krb5_error_code krb5_check_transited_list(trans, realm1, realm2)
+krb5_error_code krb5_check_transited_list(context, trans, realm1, realm2)
+ krb5_context context;
krb5_data *trans;
krb5_data *realm1;
krb5_data *realm2;
trans_length = trans->data[trans->length-1] ?
trans->length : trans->length - 1;
- if (retval = krb5_walk_realm_tree(realm1, realm2, &tgs_list,
+ if (retval = krb5_walk_realm_tree(context, realm1, realm2, &tgs_list,
KRB5_REALM_BRANCH_CHAR)) {
return(retval);
}
if (*(nextp-1) == '.') strcat(next, prev);
retval = KRB5KRB_AP_ERR_ILL_CR_TKT;
for (j = 0; tgs_list[j]; j++) {
- if (strlen(next) == krb5_princ_realm(tgs_list[j])->length &&
- !memcmp(next, krb5_princ_realm(tgs_list[j])->data,
+ if (strlen(next) == krb5_princ_realm(context, tgs_list[j])->length &&
+ !memcmp(next, krb5_princ_realm(context, tgs_list[j])->data,
strlen(next))) {
retval = 0;
break;
}
finish:
- krb5_free_realm_tree(tgs_list);
+ krb5_free_realm_tree(context, tgs_list);
return(retval);
}
#define KRB5_RECVAUTH_V5 5
krb5_error_code
-krb5_compat_recvauth(/* IN */
+krb5_compat_recvauth(context,
+ /* IN */
fdp, appl_version, server, sender_addr, fetch_from,
keyproc, keyprocarg, rc_type, flags,
v4_options, v4_service, v4_instance, v4_faddr, v4_laddr,
/* OUT */
auth_sys, seq_number, client, ticket, authent,
v4_kdata, v4_schedule, v4_version)
+ krb5_context context;
krb5_pointer fdp;
char *appl_version;
krb5_principal server;
KTEXT v4_ticket; /* storage for client's ticket */
#endif
- if ((retval = krb5_net_read(fd, vers.vers, 4)) != 4)
+ if ((retval = krb5_net_read(context, fd, vers.vers, 4)) != 4)
return((retval < 0) ? errno : ECONNABORTED);
#ifdef KRB5_KRB4_COMPAT
* We must be talking to a V4 sendauth; read in the
* rest of the version string and make sure.
*/
- if ((retval = krb5_net_read(fd, vers.vers, 4)) != 4)
+ if ((retval = krb5_net_read(context, fd, vers.vers, 4)) != 4)
return((retval < 0) ? errno : ECONNABORTED);
if (strncmp(vers.vers, KRB_V4_SENDAUTH_VERS+4, 4))
if (!buf)
return ENOMEM;
- length = krb5_net_read(fd, buf, len);
+ length = krb5_net_read(context, fd, buf, len);
if (len != length) {
krb5_xfree(buf);
if (len < 0)
*auth_sys = KRB5_RECVAUTH_V5;
- retval = krb5_recvauth(fdp, appl_version, server, sender_addr,
+ retval = krb5_recvauth(context, fdp, appl_version, server, sender_addr,
fetch_from,
keyproc, keyprocarg, rc_type,
flags | KRB5_RECVAUTH_SKIP_VERSION,
/* XXX This calls for a new error code */
#define KRB5_INVALID_PRINCIPAL KRB5_LNAME_BADFORMAT
-krb5_error_code krb5_524_conv_principal(princ, name, inst, realm)
- const krb5_principal princ;
- char *name;
- char *inst;
- char *realm;
+krb5_error_code krb5_524_conv_principal(context, princ, name, inst, realm)
+ krb5_context context;
+ const krb5_principal princ;
+ char *name;
+ char *inst;
+ char *realm;
{
struct krb_convert *p;
krb5_data *comp;
char *c;
*name = *inst = '\0';
- switch (krb5_princ_size(princ)) {
+ switch (krb5_princ_size(context, princ)) {
case 2:
/* Check if this principal is listed in the table */
- comp = krb5_princ_component(princ, 0);
+ comp = krb5_princ_component(context, princ, 0);
p = sconv_list;
while (p->v4_str) {
if (strncmp(p->v5_str, comp->data, comp->length) == 0) {
/* instance's domain name if requested */
strcpy(name, p->v4_str);
if (p->flags & DO_REALM_CONVERSION) {
- comp = krb5_princ_component(princ, 1);
+ comp = krb5_princ_component(context, princ, 1);
c = strnchr(comp->data, '.', comp->length);
if (!c || (c - comp->data) > INST_SZ - 1)
return KRB5_INVALID_PRINCIPAL;
/* If inst isn't set, the service isn't listed in the table, */
/* so just copy it. */
if (*inst == '\0') {
- comp = krb5_princ_component(princ, 1);
+ comp = krb5_princ_component(context, princ, 1);
if (comp->length >= INST_SZ - 1)
return KRB5_INVALID_PRINCIPAL;
strncpy(inst, comp->data, comp->length);
case 1:
/* name may have been set above; otherwise, just copy it */
if (*name == '\0') {
- comp = krb5_princ_component(princ, 0);
+ comp = krb5_princ_component(context, princ, 0);
if (comp->length >= ANAME_SZ)
return KRB5_INVALID_PRINCIPAL;
strncpy(name, comp->data, comp->length);
return KRB5_INVALID_PRINCIPAL;
}
- comp = krb5_princ_realm(princ);
+ comp = krb5_princ_realm(context, princ);
if (comp->length > REALM_SZ - 1)
return KRB5_INVALID_PRINCIPAL;
strncpy(realm, comp->data, comp->length);
return 0;
}
-krb5_error_code krb5_425_conv_principal(name, instance, realm, princ)
+krb5_error_code krb5_425_conv_principal(context, name, instance, realm, princ)
+ krb5_context context;
const char *name;
const char *instance;
const char *realm;
name = p->v5_str;
if (p->flags & DO_REALM_CONVERSION) {
strcpy(buf, instance);
- retval = krb5_get_realm_domain(realm, &domain);
+ retval = krb5_get_realm_domain(context, realm, &domain);
if (retval)
return retval;
if (domain) {
}
not_service:
- return(krb5_build_principal(princ, strlen(realm), realm, name,
+ return(krb5_build_principal(context, princ, strlen(realm), realm, name,
instance, 0));
}
#include <krb5/ext-proto.h>
static krb5_error_code
-krb5_copy_addr(inad, outad)
+krb5_copy_addr(context, inad, outad)
+ krb5_context context;
const krb5_address *inad;
krb5_address **outad;
{
* Copy an address array, with fresh allocation.
*/
krb5_error_code
-krb5_copy_addresses(inaddr, outaddr)
-krb5_address * const * inaddr;
-krb5_address ***outaddr;
+krb5_copy_addresses(context, inaddr, outaddr)
+ krb5_context context;
+ krb5_address * const * inaddr;
+ krb5_address ***outaddr;
{
krb5_error_code retval;
krb5_address ** tempaddr;
return ENOMEM;
for (nelems = 0; inaddr[nelems]; nelems++) {
- retval = krb5_copy_addr(inaddr[nelems], &tempaddr[nelems]);
+ retval = krb5_copy_addr(context, inaddr[nelems], &tempaddr[nelems]);
if (retval) {
- krb5_free_addresses(tempaddr);
+ krb5_free_addresses(context, tempaddr);
return retval;
}
}
* returns failure, but it will not change the contents of the list.
*/
krb5_error_code
-krb5_append_addresses(inaddr, outaddr)
-krb5_address * const * inaddr;
-krb5_address ***outaddr;
+krb5_append_addresses(context, inaddr, outaddr)
+ krb5_context context;
+ krb5_address * const * inaddr;
+ krb5_address ***outaddr;
{
krb5_error_code retval;
krb5_address ** tempaddr;
for (nelems = 0; inaddr[nelems]; nelems++) {
- retval = krb5_copy_addr(inaddr[nelems],
+ retval = krb5_copy_addr(context, inaddr[nelems],
&tempaddr[norigelems + nelems]);
if (retval)
goto cleanup;
cleanup:
while (--nelems >= 0)
- krb5_free_address(tempaddr[norigelems + nelems]);
+ krb5_free_address(context, tempaddr[norigelems + nelems]);
/* Try to allocate a smaller amount of memory for *outaddr. */
tempaddr = (krb5_address **) realloc((char *)tempaddr,
#include <krb5/ext-proto.h>
krb5_error_code
-krb5_copy_authenticator(authfrom, authto)
+krb5_copy_authenticator(context, authfrom, authto)
+ krb5_context context;
const krb5_authenticator *authfrom;
krb5_authenticator **authto;
{
return ENOMEM;
*tempto = *authfrom;
- retval = krb5_copy_principal(authfrom->client, &tempto->client);
+ retval = krb5_copy_principal(context, authfrom->client, &tempto->client);
if (retval) {
krb5_xfree(tempto);
return retval;
}
if (authfrom->checksum &&
- (retval = krb5_copy_checksum(authfrom->checksum, &tempto->checksum))) {
- krb5_free_principal(tempto->client);
+ (retval = krb5_copy_checksum(context, authfrom->checksum, &tempto->checksum))) {
+ krb5_free_principal(context, tempto->client);
krb5_xfree(tempto);
return retval;
}
if (authfrom->subkey) {
- retval = krb5_copy_keyblock(authfrom->subkey, &tempto->subkey);
+ retval = krb5_copy_keyblock(context, authfrom->subkey, &tempto->subkey);
if (retval) {
krb5_xfree(tempto->subkey);
- krb5_free_checksum(tempto->checksum);
- krb5_free_principal(tempto->client);
+ krb5_free_checksum(context, tempto->checksum);
+ krb5_free_principal(context, tempto->client);
krb5_xfree(tempto);
return retval;
}
}
if (authfrom->authorization_data) {
- retval = krb5_copy_authdata(authfrom->authorization_data,
+ retval = krb5_copy_authdata(context, authfrom->authorization_data,
&tempto->authorization_data);
if (retval) {
krb5_xfree(tempto->subkey);
- krb5_free_checksum(tempto->checksum);
- krb5_free_principal(tempto->client);
- krb5_free_authdata(tempto->authorization_data);
+ krb5_free_checksum(context, tempto->checksum);
+ krb5_free_principal(context, tempto->client);
+ krb5_free_authdata(context, tempto->authorization_data);
krb5_xfree(tempto);
return retval;
}
#include <krb5/ext-proto.h>
static krb5_error_code
-krb5_copy_authdatum(inad, outad)
+krb5_copy_authdatum(context, inad, outad)
+ krb5_context context;
const krb5_authdata *inad;
krb5_authdata **outad;
{
* Copy an authdata array, with fresh allocation.
*/
krb5_error_code
-krb5_copy_authdata(inauthdat, outauthdat)
+krb5_copy_authdata(context, inauthdat, outauthdat)
+ krb5_context context;
krb5_authdata * const * inauthdat;
krb5_authdata ***outauthdat;
{
return ENOMEM;
for (nelems = 0; inauthdat[nelems]; nelems++) {
- retval = krb5_copy_authdatum(inauthdat[nelems],
+ retval = krb5_copy_authdatum(context, inauthdat[nelems],
&tempauthdat[nelems]);
if (retval) {
- krb5_free_authdata(tempauthdat);
+ krb5_free_authdata(context, tempauthdat);
return retval;
}
}
#include <krb5/ext-proto.h>
krb5_error_code
-krb5_copy_checksum(ckfrom, ckto)
-const krb5_checksum *ckfrom;
-krb5_checksum **ckto;
+krb5_copy_checksum(context, ckfrom, ckto)
+ krb5_context context;
+ const krb5_checksum *ckfrom;
+ krb5_checksum **ckto;
{
krb5_checksum *tempto;
*/
krb5_error_code
-krb5_copy_creds(incred, outcred)
-const krb5_creds *incred;
-krb5_creds **outcred;
+krb5_copy_creds(context, incred, outcred)
+ krb5_context context;
+ const krb5_creds *incred;
+ krb5_creds **outcred;
{
krb5_creds *tempcred;
krb5_error_code retval;
return ENOMEM;
*tempcred = *incred; /* copy everything quickly */
- retval = krb5_copy_principal(incred->client, &tempcred->client);
+ retval = krb5_copy_principal(context, incred->client, &tempcred->client);
if (retval)
goto cleanlast;
- retval = krb5_copy_principal(incred->server, &tempcred->server);
+ retval = krb5_copy_principal(context, incred->server, &tempcred->server);
if (retval)
goto cleanclient;
- retval = krb5_copy_keyblock_contents(&incred->keyblock,
+ retval = krb5_copy_keyblock_contents(context, &incred->keyblock,
&tempcred->keyblock);
if (retval)
goto cleanserver;
- retval = krb5_copy_addresses(incred->addresses, &tempcred->addresses);
+ retval = krb5_copy_addresses(context, incred->addresses, &tempcred->addresses);
if (retval)
goto cleanblock;
- retval = krb5_copy_data(&incred->ticket, &scratch);
+ retval = krb5_copy_data(context, &incred->ticket, &scratch);
if (retval)
goto cleanaddrs;
tempcred->ticket = *scratch;
krb5_xfree(scratch);
- retval = krb5_copy_data(&incred->second_ticket, &scratch);
+ retval = krb5_copy_data(context, &incred->second_ticket, &scratch);
if (retval)
goto cleanticket;
tempcred->second_ticket = *scratch;
krb5_xfree(scratch);
- retval = krb5_copy_authdata(incred->authdata,&tempcred->authdata);
+ retval = krb5_copy_authdata(context, incred->authdata,&tempcred->authdata);
if (retval)
goto clearticket;
cleanticket:
free(tempcred->ticket.data);
cleanaddrs:
- krb5_free_addresses(tempcred->addresses);
+ krb5_free_addresses(context, tempcred->addresses);
cleanblock:
krb5_xfree(tempcred->keyblock.contents);
cleanserver:
- krb5_free_principal(tempcred->server);
+ krb5_free_principal(context, tempcred->server);
cleanclient:
- krb5_free_principal(tempcred->client);
+ krb5_free_principal(context, tempcred->client);
cleanlast:
krb5_xfree(tempcred);
return retval;
* Copy a data structure, with fresh allocation.
*/
krb5_error_code
-krb5_copy_data(indata, outdata)
-const krb5_data *indata;
-krb5_data **outdata;
+krb5_copy_data(context, indata, outdata)
+ krb5_context context;
+ const krb5_data *indata;
+ krb5_data **outdata;
{
krb5_data *tempdata;
* Copy a keyblock, including alloc'ed storage.
*/
krb5_error_code
-krb5_copy_keyblock(from, to)
-const krb5_keyblock *from;
-krb5_keyblock **to;
+krb5_copy_keyblock(context, from, to)
+ krb5_context context;
+ const krb5_keyblock *from;
+ krb5_keyblock **to;
{
krb5_keyblock *new_key;
* Copy a principal structure, with fresh allocation.
*/
krb5_error_code
-krb5_copy_principal(inprinc, outprinc)
-krb5_const_principal inprinc;
-krb5_principal *outprinc;
+krb5_copy_principal(context, inprinc, outprinc)
+ krb5_context context;
+ krb5_const_principal inprinc;
+ krb5_principal *outprinc;
{
register krb5_principal tempprinc;
register int i, nelems;
*tempprinc = *inprinc; /* Copy all of the non-allocated pieces */
- nelems = krb5_princ_size(inprinc);
+ nelems = krb5_princ_size(context, inprinc);
tempprinc->data = malloc(nelems * sizeof(krb5_data));
if (tempprinc->data == 0) {
}
for (i = 0; i < nelems; i++) {
- int len = krb5_princ_component(inprinc, i)->length;
- krb5_princ_component(tempprinc, i)->length = len;
- if ((krb5_princ_component(tempprinc, i)->data = malloc(len)) == 0) {
+ int len = krb5_princ_component(context, inprinc, i)->length;
+ krb5_princ_component(context, tempprinc, i)->length = len;
+ if ((krb5_princ_component(context, tempprinc, i)->data = malloc(len)) == 0) {
while (--i >= 0)
- free(krb5_princ_component(tempprinc, i)->data);
+ free(krb5_princ_component(context, tempprinc, i)->data);
free (tempprinc->data);
free (tempprinc);
return ENOMEM;
}
- memcpy(krb5_princ_component(tempprinc, i)->data,
- krb5_princ_component(inprinc, i)->data, len);
+ memcpy(krb5_princ_component(context, tempprinc, i)->data,
+ krb5_princ_component(context, inprinc, i)->data, len);
}
tempprinc->realm.data =
malloc(tempprinc->realm.length = inprinc->realm.length);
if (!tempprinc->realm.data) {
for (i = 0; i < nelems; i++)
- free(krb5_princ_component(tempprinc, i)->data);
+ free(krb5_princ_component(context, tempprinc, i)->data);
free(tempprinc->data);
free(tempprinc);
return ENOMEM;
#include <krb5/ext-proto.h>
static krb5_error_code
-krb5_copy_enc_tkt_part(partfrom, partto)
-const krb5_enc_tkt_part *partfrom;
-krb5_enc_tkt_part **partto;
+krb5_copy_enc_tkt_part(context, partfrom, partto)
+ krb5_context context;
+ const krb5_enc_tkt_part *partfrom;
+ krb5_enc_tkt_part **partto;
{
krb5_error_code retval;
krb5_enc_tkt_part *tempto;
if (!(tempto = (krb5_enc_tkt_part *)malloc(sizeof(*tempto))))
return ENOMEM;
*tempto = *partfrom;
- retval = krb5_copy_keyblock(partfrom->session,
+ retval = krb5_copy_keyblock(context, partfrom->session,
&tempto->session);
if (retval) {
krb5_xfree(tempto);
return retval;
}
- retval = krb5_copy_principal(partfrom->client, &tempto->client);
+ retval = krb5_copy_principal(context, partfrom->client, &tempto->client);
if (retval) {
- krb5_free_keyblock(tempto->session);
+ krb5_free_keyblock(context, tempto->session);
krb5_xfree(tempto);
return retval;
}
tempto->transited.tr_contents.data =
malloc(partfrom->transited.tr_contents.length);
if (!tempto->transited.tr_contents.data) {
- krb5_free_principal(tempto->client);
- krb5_free_keyblock(tempto->session);
+ krb5_free_principal(context, tempto->client);
+ krb5_free_keyblock(context, tempto->session);
krb5_xfree(tempto);
return ENOMEM;
}
partfrom->transited.tr_contents.length);
}
- retval = krb5_copy_addresses(partfrom->caddrs, &tempto->caddrs);
+ retval = krb5_copy_addresses(context, partfrom->caddrs, &tempto->caddrs);
if (retval) {
krb5_xfree(tempto->transited.tr_contents.data);
- krb5_free_principal(tempto->client);
- krb5_free_keyblock(tempto->session);
+ krb5_free_principal(context, tempto->client);
+ krb5_free_keyblock(context, tempto->session);
krb5_xfree(tempto);
return retval;
}
if (partfrom->authorization_data) {
- retval = krb5_copy_authdata(partfrom->authorization_data,
+ retval = krb5_copy_authdata(context, partfrom->authorization_data,
&tempto->authorization_data);
if (retval) {
- krb5_free_addresses(tempto->caddrs);
+ krb5_free_addresses(context, tempto->caddrs);
krb5_xfree(tempto->transited.tr_contents.data);
- krb5_free_principal(tempto->client);
- krb5_free_keyblock(tempto->session);
+ krb5_free_principal(context, tempto->client);
+ krb5_free_keyblock(context, tempto->session);
krb5_xfree(tempto);
return retval;
}
}
krb5_error_code
-krb5_copy_ticket(from, pto)
-const krb5_ticket *from;
-krb5_ticket **pto;
+krb5_copy_ticket(context, from, pto)
+ krb5_context context;
+ const krb5_ticket *from;
+ krb5_ticket **pto;
{
krb5_error_code retval;
krb5_ticket *tempto;
if (!(tempto = (krb5_ticket *)malloc(sizeof(*tempto))))
return ENOMEM;
*tempto = *from;
- retval = krb5_copy_principal(from->server, &tempto->server);
+ retval = krb5_copy_principal(context, from->server, &tempto->server);
if (retval) {
krb5_xfree(tempto);
return retval;
}
- retval = krb5_copy_data(&from->enc_part.ciphertext, &scratch);
+ retval = krb5_copy_data(context, &from->enc_part.ciphertext, &scratch);
if (retval) {
- krb5_free_principal(tempto->server);
+ krb5_free_principal(context, tempto->server);
krb5_xfree(tempto);
return retval;
}
tempto->enc_part.ciphertext = *scratch;
krb5_xfree(scratch);
- retval = krb5_copy_enc_tkt_part(from->enc_part2, &tempto->enc_part2);
+ retval = krb5_copy_enc_tkt_part(context, from->enc_part2, &tempto->enc_part2);
if (retval) {
krb5_xfree(tempto->enc_part.ciphertext.data);
- krb5_free_principal(tempto->server);
+ krb5_free_principal(context, tempto->server);
krb5_xfree(tempto);
return retval;
}
* Copy a keyblock, including alloc'ed storage.
*/
krb5_error_code
-krb5_copy_keyblock_contents(from, to)
-const krb5_keyblock *from;
-krb5_keyblock *to;
+krb5_copy_keyblock_contents(context, from, to)
+ krb5_context context;
+ const krb5_keyblock *from;
+ krb5_keyblock *to;
{
*to = *from;
to->contents = (krb5_octet *)malloc(to->length);
*/
krb5_error_code
-krb5_decode_kdc_rep(DECLARG(krb5_data *, enc_rep),
- DECLARG(const krb5_keyblock *, key),
- DECLARG(const krb5_enctype, etype),
- DECLARG(krb5_kdc_rep **, dec_rep))
-OLDDECLARG(krb5_data *, enc_rep)
-OLDDECLARG(const krb5_keyblock *, key)
-OLDDECLARG(const krb5_enctype, etype)
-OLDDECLARG(krb5_kdc_rep **, dec_rep)
+krb5_decode_kdc_rep(context, enc_rep, key, etype, dec_rep)
+ krb5_context context;
+ krb5_data * enc_rep;
+ const krb5_keyblock * key;
+ const krb5_enctype etype;
+ krb5_kdc_rep ** dec_rep;
{
krb5_error_code retval;
krb5_kdc_rep *local_dec_rep;
return retval;
if (local_dec_rep->enc_part.etype != etype) {
- krb5_free_kdc_rep(local_dec_rep);
+ krb5_free_kdc_rep(context, local_dec_rep);
return KRB5_WRONG_ETYPE;
}
- retval = krb5_kdc_rep_decrypt_proc(key, 0, local_dec_rep);
+ retval = krb5_kdc_rep_decrypt_proc(context, key, 0, local_dec_rep);
if (retval) {
- krb5_free_kdc_rep(local_dec_rep);
+ krb5_free_kdc_rep(context, local_dec_rep);
return(retval);
}
*dec_rep = local_dec_rep;
*/
krb5_error_code
-krb5_decrypt_tkt_part(srv_key, ticket)
-const krb5_keyblock *srv_key;
-register krb5_ticket *ticket;
+krb5_decrypt_tkt_part(context, srv_key, ticket)
+ krb5_context context;
+ const krb5_keyblock *srv_key;
+ register krb5_ticket *ticket;
{
krb5_enc_tkt_part *dec_tkt_part;
krb5_encrypt_block eblock;
/* put together an eblock for this encryption */
- krb5_use_cstype(&eblock, ticket->enc_part.etype);
+ krb5_use_cstype(context, &eblock, ticket->enc_part.etype);
scratch.length = ticket->enc_part.ciphertext.length;
if (!(scratch.data = malloc(ticket->enc_part.ciphertext.length)))
return(ENOMEM);
/* do any necessary key pre-processing */
- retval = krb5_process_key(&eblock, srv_key);
+ retval = krb5_process_key(context, &eblock, srv_key);
if (retval) {
free(scratch.data);
return(retval);
}
/* call the encryption routine */
- retval = krb5_decrypt((krb5_pointer) ticket->enc_part.ciphertext.data,
+ retval = krb5_decrypt(context, (krb5_pointer) ticket->enc_part.ciphertext.data,
(krb5_pointer) scratch.data,
scratch.length, &eblock, 0);
if (retval) {
- (void) krb5_finish_key(&eblock);
+ (void) krb5_finish_key(context, &eblock);
free(scratch.data);
return retval;
}
#define clean_scratch() {memset(scratch.data, 0, scratch.length); \
free(scratch.data);}
- retval = krb5_finish_key(&eblock);
+ retval = krb5_finish_key(context, &eblock);
if (retval) {
clean_scratch();
/* due to argument promotion rules, we need to use the DECLARG/OLDDECLARG
stuff... */
krb5_error_code
-krb5_encode_kdc_rep(DECLARG(const krb5_msgtype, type),
- DECLARG(const krb5_enc_kdc_rep_part *, encpart),
- DECLARG(krb5_encrypt_block *, eblock),
- DECLARG(const krb5_keyblock *, client_key),
- DECLARG(krb5_kdc_rep *, dec_rep),
- DECLARG(krb5_data **, enc_rep))
-OLDDECLARG(const krb5_msgtype, type)
-OLDDECLARG(const krb5_enc_kdc_rep_part *, encpart)
-OLDDECLARG(krb5_encrypt_block *, eblock)
-OLDDECLARG(const krb5_keyblock *, client_key)
-OLDDECLARG(krb5_kdc_rep *, dec_rep)
-OLDDECLARG(krb5_data **, enc_rep)
+krb5_encode_kdc_rep(context, type, encpart, eblock, client_key, dec_rep, enc_rep)
+ krb5_context context;
+ const krb5_msgtype type;
+ const krb5_enc_kdc_rep_part * encpart;
+ krb5_encrypt_block * eblock;
+ const krb5_keyblock * client_key;
+ krb5_kdc_rep * dec_rep;
+ krb5_data ** enc_rep;
{
krb5_data *scratch;
krb5_error_code retval;
memset(&tmp_encpart, 0, sizeof(tmp_encpart));
#define cleanup_scratch() { (void) memset(scratch->data, 0, scratch->length); \
-krb5_free_data(scratch); }
+krb5_free_data(context, scratch); }
dec_rep->enc_part.ciphertext.length =
krb5_encrypt_size(scratch->length, eblock->crypto_entry);
dec_rep->enc_part.ciphertext.length = 0; \
dec_rep->enc_part.ciphertext.data = 0;}
- retval = krb5_process_key(eblock, client_key);
+ retval = krb5_process_key(context, eblock, client_key);
if (retval) {
goto clean_encpart;
}
-#define cleanup_prockey() {(void) krb5_finish_key(eblock);}
+#define cleanup_prockey() {(void) krb5_finish_key(context, eblock);}
- retval = krb5_encrypt((krb5_pointer) scratch->data,
+ retval = krb5_encrypt(context, (krb5_pointer) scratch->data,
(krb5_pointer) dec_rep->enc_part.ciphertext.data,
scratch->length, eblock, 0);
if (retval) {
goto clean_prockey;
}
- dec_rep->enc_part.etype = krb5_eblock_enctype(eblock);
+ dec_rep->enc_part.etype = krb5_eblock_enctype(context, eblock);
/* do some cleanup */
cleanup_scratch();
- retval = krb5_finish_key(eblock);
+ retval = krb5_finish_key(context, eblock);
if (retval) {
cleanup_encpart();
return retval;
*/
krb5_error_code
-krb5_encrypt_tkt_part(eblock, srv_key, dec_ticket)
-krb5_encrypt_block *eblock;
-const krb5_keyblock *srv_key;
-register krb5_ticket *dec_ticket;
+krb5_encrypt_tkt_part(context, eblock, srv_key, dec_ticket)
+ krb5_context context;
+ krb5_encrypt_block *eblock;
+ const krb5_keyblock *srv_key;
+ register krb5_ticket *dec_ticket;
{
krb5_data *scratch;
krb5_error_code retval;
}
#define cleanup_scratch() { (void) memset(scratch->data, 0, scratch->length); \
-krb5_free_data(scratch); }
+krb5_free_data(context, scratch); }
dec_ticket->enc_part.ciphertext.length =
krb5_encrypt_size(scratch->length, eblock->crypto_entry);
dec_ticket->enc_part.ciphertext.data = 0;}
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(eblock, srv_key)) {
+ if (retval = krb5_process_key(context, eblock, srv_key)) {
goto clean_encpart;
}
-#define cleanup_prockey() {(void) krb5_finish_key(eblock);}
+#define cleanup_prockey() {(void) krb5_finish_key(context, eblock);}
/* call the encryption routine */
- if (retval = krb5_encrypt((krb5_pointer) scratch->data,
+ if (retval = krb5_encrypt(context, (krb5_pointer) scratch->data,
(krb5_pointer) dec_ticket->enc_part.ciphertext.data,
scratch->length, eblock, 0)) {
goto clean_prockey;
}
- dec_ticket->enc_part.etype = krb5_eblock_enctype(eblock);
+ dec_ticket->enc_part.etype = krb5_eblock_enctype(context, eblock);
/* ticket is now assembled-- do some cleanup */
cleanup_scratch();
- if (retval = krb5_finish_key(eblock)) {
+ if (retval = krb5_finish_key(context, eblock)) {
cleanup_encpart();
return retval;
}
* < 0 if first is less than 2nd, > 0 if first is greater than 2nd.
*/
int
-krb5_fulladdr_order(addr1, addr2)
-register const krb5_fulladdr *addr1;
-register const krb5_fulladdr *addr2;
+krb5_fulladdr_order(context, addr1, addr2)
+ krb5_context context;
+ register const krb5_fulladdr *addr1;
+ register const krb5_fulladdr *addr2;
{
int dir;
const int minlen = min(addr1->address->length, addr2->address->length);
#include <krb5/ext-proto.h>
void
-krb5_free_realm_tree(realms)
-krb5_principal *realms;
+krb5_free_realm_tree(context, realms)
+ krb5_context context;
+ krb5_principal *realms;
{
register krb5_principal *nrealms = realms;
while (*nrealms) {
- krb5_free_principal(*nrealms);
+ krb5_free_principal(context, *nrealms);
nrealms++;
}
krb5_xfree(realms);
#include "int-proto.h"
krb5_error_code
-#if defined(NARROW_PROTOTYPES)
-krb5_get_cred_via_2tgt (krb5_creds * tgt,
- const krb5_flags kdcoptions,
- const krb5_enctype etype,
- const krb5_cksumtype sumtype,
- register krb5_creds *cred)
-#else
-krb5_get_cred_via_2tgt (tgt, kdcoptions, etype, sumtype, cred)
-krb5_creds *tgt;
-const krb5_flags kdcoptions;
-const krb5_enctype etype;
-const krb5_cksumtype sumtype;
-register krb5_creds * cred;
-#endif
+krb5_get_cred_via_2tgt (context, tgt, kdcoptions, etype, sumtype, cred)
+ krb5_context context;
+ krb5_creds *tgt;
+ const krb5_flags kdcoptions;
+ const krb5_enctype etype;
+ const krb5_cksumtype sumtype;
+ register krb5_creds * cred;
{
krb5_error_code retval;
#if 0
/* tgt->client must be equal to cred->client */
/* tgt->server must be equal to krbtgt/realmof(cred->client) */
- if (!krb5_principal_compare(tgt->client, cred->client))
+ if (!krb5_principal_compare(context, tgt->client, cred->client))
return KRB5_PRINC_NOMATCH;
if (!tgt->ticket.length)
return(KRB5_NO_2ND_TKT);
#if 0 /* What does this do? */
- if (retval = krb5_tgtname(krb5_princ_realm(cred->server),
- krb5_princ_realm(cred->client), &tempprinc))
+ if (retval = krb5_tgtname(context, krb5_princ_realm(cred->server),
+ krb5_princ_realm(context, cred->client), &tempprinc))
return(retval);
- if (!krb5_principal_compare(tempprinc, tgt->server)) {
- krb5_free_principal(tempprinc);
+ if (!krb5_principal_compare(context, tempprinc, tgt->server)) {
+ krb5_free_principal(context, tempprinc);
return KRB5_PRINC_NOMATCH;
}
- krb5_free_principal(tempprinc);
+ krb5_free_principal(context, tempprinc);
#endif
if (!(kdcoptions & KDC_OPT_ENC_TKT_IN_SKEY))
return KRB5_INVALID_FLAGS;
- if (retval = krb5_send_tgs(kdcoptions, &cred->times, etype, sumtype,
+ if (retval = krb5_send_tgs(context, kdcoptions, &cred->times, etype, sumtype,
cred->server,
tgt->addresses,
cred->authdata,
}
retval = err_reply->error + ERROR_TABLE_BASE_krb5;
- krb5_free_error(err_reply);
+ krb5_free_error(context, err_reply);
free(tgsrep.response.data);
return retval;
}
- retval = krb5_decode_kdc_rep(&tgsrep.response, &tgt->keyblock,
+ retval = krb5_decode_kdc_rep(context, &tgsrep.response, &tgt->keyblock,
etype, &dec_rep);
free(tgsrep.response.data);
if (retval)
/* now it's decrypted and ready for prime time */
- if (!krb5_principal_compare(dec_rep->client, tgt->client)) {
+ if (!krb5_principal_compare(context, dec_rep->client, tgt->client)) {
retval = KRB5_KDCREP_MODIFIED;
goto errout;
}
}
cred->keyblock.magic = KV5M_KEYBLOCK;
cred->keyblock.etype = dec_rep->ticket->enc_part.etype;
- if (retval = krb5_copy_keyblock_contents(dec_rep->enc_part2->session,
+ if (retval = krb5_copy_keyblock_contents(context, dec_rep->enc_part2->session,
&cred->keyblock))
goto errout;
cred->ticket_flags = dec_rep->enc_part2->flags;
cred->is_skey = TRUE;
if (cred->addresses)
- krb5_free_addresses(cred->addresses);
+ krb5_free_addresses(context, cred->addresses);
if (dec_rep->enc_part2->caddrs)
- retval = krb5_copy_addresses(dec_rep->enc_part2->caddrs,
+ retval = krb5_copy_addresses(context, dec_rep->enc_part2->caddrs,
&cred->addresses);
else
/* no addresses in the list means we got what we had */
- retval = krb5_copy_addresses(tgt->addresses, &cred->addresses);
+ retval = krb5_copy_addresses(context, tgt->addresses, &cred->addresses);
if (retval)
goto errout;
if (cred->server)
- krb5_free_principal(cred->server);
- if (retval = krb5_copy_principal(dec_rep->enc_part2->server,
+ krb5_free_principal(context, cred->server);
+ if (retval = krb5_copy_principal(context, dec_rep->enc_part2->server,
&cred->server))
goto errout;
cred->keyblock.contents = 0;
}
if (cred->addresses) {
- krb5_free_addresses(cred->addresses);
+ krb5_free_addresses(context, cred->addresses);
cred->addresses = 0;
}
if (cred->server) {
- krb5_free_principal(cred->server);
+ krb5_free_principal(context, cred->server);
cred->server = 0;
}
}
memset((char *)dec_rep->enc_part2->session->contents, 0,
dec_rep->enc_part2->session->length);
- krb5_free_kdc_rep(dec_rep);
+ krb5_free_kdc_rep(context, dec_rep);
return retval;
}
#define TGT_ETYPE \
krb5_keytype_array[tgt.keyblock.keytype]->system->proto_enctype;
-
-#ifdef __STDC__
-krb5_error_code krb5_get_cred_from_kdc(
- krb5_ccache ccache,
- krb5_creds *cred,
- krb5_creds ***tgts
-)
-#else
-krb5_error_code krb5_get_cred_from_kdc(ccache, cred, tgts)
- krb5_ccache ccache;
- krb5_creds *cred;
- krb5_creds ***tgts;
-#endif
+krb5_error_code krb5_get_cred_from_kdc(context, ccache, cred, tgts)
+ krb5_context context;
+ krb5_ccache ccache;
+ krb5_creds *cred;
+ krb5_creds ***tgts;
{
krb5_creds **ret_tgts = NULL;
int ntgts = 0;
* (the ticket may be issued by some other intermediate
* realm's KDC; so we use KRB5_TC_MATCH_SRV_NAMEONLY)
*/
- if (retval = krb5_copy_principal(cred->client, &tgtq.client))
+ if (retval = krb5_copy_principal(context, cred->client, &tgtq.client))
goto cleanup;
/* get target tgt from cache */
- if (retval = krb5_tgtname(krb5_princ_realm(cred->server),
- krb5_princ_realm(cred->client),
+ if (retval = krb5_tgtname(context, krb5_princ_realm(context, cred->server),
+ krb5_princ_realm(context, cred->client),
&int_server)) {
goto cleanup;
}
- if (retval = krb5_copy_principal(int_server, &tgtq.server)) {
+ if (retval = krb5_copy_principal(context, int_server, &tgtq.server)) {
goto cleanup;
}
- if (retval = krb5_cc_retrieve_cred(ccache,
+ if (retval = krb5_cc_retrieve_cred(context, ccache,
KRB5_TC_MATCH_SRV_NAMEONLY,
&tgtq,
&tgt)) {
* didn't find it in the cache so it is time to get a local
* tgt and walk the realms tree.
*/
- krb5_free_principal(int_server);
+ krb5_free_principal(context, int_server);
int_server = NULL;
- if (retval = krb5_tgtname(krb5_princ_realm(cred->client),
- krb5_princ_realm(cred->client),
+ if (retval = krb5_tgtname(context,
+ krb5_princ_realm(context, cred->client),
+ krb5_princ_realm(context, cred->client),
&int_server)) {
goto cleanup;
}
- krb5_free_cred_contents(&tgtq);
+ krb5_free_cred_contents(context, &tgtq);
memset((char *)&tgtq, 0, sizeof(tgtq));
- if(retval = krb5_copy_principal(cred->client, &tgtq.client))
+ if(retval = krb5_copy_principal(context, cred->client, &tgtq.client))
goto cleanup;
- if(retval = krb5_copy_principal(int_server, &tgtq.server))
+ if(retval = krb5_copy_principal(context, int_server, &tgtq.server))
goto cleanup;
- if (retval = krb5_cc_retrieve_cred(ccache,
+ if (retval = krb5_cc_retrieve_cred(context, ccache,
KRB5_TC_MATCH_SRV_NAMEONLY,
&tgtq,
&tgt)) {
/* get a list of realms to consult */
- if (retval = krb5_walk_realm_tree(krb5_princ_realm(cred->client),
- krb5_princ_realm(cred->server),
+ if (retval = krb5_walk_realm_tree(context,
+ krb5_princ_realm(context, cred->client),
+ krb5_princ_realm(context, cred->server),
&tgs_list,
KRB5_REALM_BRANCH_CHAR)) {
goto cleanup;
/* look in cache for a tgt for the destination */
- krb5_free_cred_contents(&tgtq);
+ krb5_free_cred_contents(context, &tgtq);
memset(&tgtq, 0, sizeof(tgtq));
- if(retval = krb5_copy_principal(tgt.client, &tgtq.client))
+ if(retval = krb5_copy_principal(context, tgt.client, &tgtq.client))
goto cleanup;
- krb5_free_principal(int_server);
+ krb5_free_principal(context, int_server);
int_server = NULL;
- if (retval = krb5_tgtname(krb5_princ_realm(cred->server),
- krb5_princ_realm(*top_server),
+ if (retval = krb5_tgtname(context,
+ krb5_princ_realm(context, cred->server),
+ krb5_princ_realm(context, *top_server),
&int_server)) {
goto cleanup;
}
- if(retval = krb5_copy_principal(int_server, &tgtq.server))
+ if(retval = krb5_copy_principal(context, int_server, &tgtq.server))
goto cleanup;
- if (retval = krb5_cc_retrieve_cred(ccache,
+ if (retval = krb5_cc_retrieve_cred(context, ccache,
KRB5_TC_MATCH_SRV_NAMEONLY,
&tgtq,
&tgt)) {
goto cleanup;
}
- krb5_free_cred_contents(&tgtq);
+ krb5_free_cred_contents(context, &tgtq);
memset(&tgtq, 0, sizeof(tgtq));
tgtq.times = tgt.times;
- if (retval = krb5_copy_principal(tgt.client, &tgtq.client))
+ if (retval = krb5_copy_principal(context, tgt.client, &tgtq.client))
goto cleanup;
- if(retval = krb5_copy_principal(int_server, &tgtq.server))
+ if(retval = krb5_copy_principal(context, int_server, &tgtq.server))
goto cleanup;
tgtq.is_skey = FALSE;
tgtq.ticket_flags = tgt.ticket_flags;
etype = TGT_ETYPE;
- if(retval = krb5_get_cred_via_tgt(&tgt,
+ if(retval = krb5_get_cred_via_tgt(context, &tgt,
FLAGS2OPTS(tgtq.ticket_flags),
etype,
krb5_kdc_req_sumtype,
for (next_server = tgs_list + nservers - 1;
next_server > top_server;
next_server--) {
- krb5_free_cred_contents(&tgtq);
+ krb5_free_cred_contents(context, &tgtq);
memset(&tgtq, 0, sizeof(tgtq));
- if (retval = krb5_copy_principal(tgt.client, &tgtq.client))
+ if (retval = krb5_copy_principal(context, tgt.client, &tgtq.client))
goto cleanup;
- krb5_free_principal(int_server);
+ krb5_free_principal(context, int_server);
int_server = NULL;
- if (retval = krb5_tgtname(krb5_princ_realm(*next_server),
- krb5_princ_realm(*top_server),
+ if (retval = krb5_tgtname(context,
+ krb5_princ_realm(context, *next_server),
+ krb5_princ_realm(context, *top_server),
&int_server)) {
goto cleanup;
}
- if(retval = krb5_copy_principal(int_server, &tgtq.server))
+ if(retval = krb5_copy_principal(context, int_server, &tgtq.server))
goto cleanup;
- if(retval = krb5_cc_retrieve_cred(ccache,
+ if(retval = krb5_cc_retrieve_cred(context, ccache,
KRB5_TC_MATCH_SRV_NAMEONLY,
&tgtq,
&tgt)) {
goto cleanup;
}
- krb5_free_cred_contents(&tgtq);
+ krb5_free_cred_contents(context, &tgtq);
memset(&tgtq, 0, sizeof(tgtq));
tgtq.times = tgt.times;
- if (retval = krb5_copy_principal(tgt.client, &tgtq.client))
+ if (retval = krb5_copy_principal(context, tgt.client, &tgtq.client))
goto cleanup;
- if(retval = krb5_copy_principal(int_server, &tgtq.server))
+ if(retval = krb5_copy_principal(context, int_server, &tgtq.server))
goto cleanup;
tgtq.is_skey = FALSE;
tgtq.ticket_flags = tgt.ticket_flags;
etype = TGT_ETYPE;
- if (retval = krb5_get_cred_via_tgt(&tgt,
+ if (retval = krb5_get_cred_via_tgt(context, &tgt,
FLAGS2OPTS(tgtq.ticket_flags),
etype,
krb5_kdc_req_sumtype,
}
/* save tgt in return array */
- if (retval = krb5_copy_creds(&tgtq, &ret_tgts[ntgts])) {
+ if (retval = krb5_copy_creds(context, &tgtq, &ret_tgts[ntgts])) {
goto cleanup;
}
*/
for (next_server = top_server; *next_server; next_server++) {
- krb5_data *realm_1 = krb5_princ_component(next_server[0], 1);
- krb5_data *realm_2 = krb5_princ_component(tgtq.server, 1);
+ krb5_data *realm_1 = krb5_princ_component(context, next_server[0], 1);
+ krb5_data *realm_2 = krb5_princ_component(context, tgtq.server, 1);
if (realm_1->length == realm_2->length &&
!memcmp(realm_1->data, realm_2->data, realm_1->length)) {
break;
goto cleanup;
}
- if (retval = krb5_copy_creds(&tgtq, &ret_tgts[ntgts])) {
+ if (retval = krb5_copy_creds(context, &tgtq, &ret_tgts[ntgts])) {
goto cleanup;
}
etype = TGT_ETYPE;
if (cred->second_ticket.length) {
- retval = krb5_get_cred_via_2tgt(&tgt,
+ retval = krb5_get_cred_via_2tgt(context, &tgt,
KDC_OPT_ENC_TKT_IN_SKEY |
FLAGS2OPTS(tgt.ticket_flags),
etype,
cred);
}
else {
- retval = krb5_get_cred_via_tgt(&tgt,
+ retval = krb5_get_cred_via_tgt(context, &tgt,
FLAGS2OPTS(tgt.ticket_flags),
etype,
krb5_kdc_req_sumtype,
cleanup:
- if(tgs_list) krb5_free_realm_tree(tgs_list);
- krb5_free_cred_contents(&tgtq);
- if (int_server) krb5_free_principal(int_server);
+ if(tgs_list) krb5_free_realm_tree(context, tgs_list);
+ krb5_free_cred_contents(context, &tgtq);
+ if (int_server) krb5_free_principal(context, int_server);
if (ntgts == 0) {
*tgts = NULL;
if (ret_tgts) free(ret_tgts);
- krb5_free_cred_contents(&tgt);
+ krb5_free_cred_contents(context, &tgt);
}
return(retval);
}
#include "int-proto.h"
krb5_error_code
-krb5_get_cred_via_tgt (DECLARG(krb5_creds *, tgt),
- DECLARG(const krb5_flags, kdcoptions),
- DECLARG(const krb5_enctype, etype),
- DECLARG(const krb5_cksumtype, sumtype),
- DECLARG(krb5_creds *, cred))
-OLDDECLARG(krb5_creds *, tgt)
-OLDDECLARG(const krb5_flags, kdcoptions)
-OLDDECLARG(const krb5_enctype, etype)
-OLDDECLARG(const krb5_cksumtype, sumtype)
-OLDDECLARG(krb5_creds *, cred)
+krb5_get_cred_via_tgt (context, tgt, kdcoptions, etype, sumtype, cred)
+ krb5_context context;
+ krb5_creds * tgt;
+ const krb5_flags kdcoptions;
+ const krb5_enctype etype;
+ const krb5_cksumtype sumtype;
+ krb5_creds * cred;
{
krb5_error_code retval;
krb5_principal tempprinc;
/* tgt->client must be equal to cred->client */
- if (!krb5_principal_compare(tgt->client, cred->client))
+ if (!krb5_principal_compare(context, tgt->client, cred->client))
return KRB5_PRINC_NOMATCH;
if (!tgt->ticket.length)
/* tgt->server must be equal to */
/* krbtgt/realmof(cred->server)@realmof(tgt->server) */
- if(retval = krb5_tgtname(krb5_princ_realm(cred->server),
- krb5_princ_realm(tgt->server), &tempprinc))
+ if(retval = krb5_tgtname(context,
+ krb5_princ_realm(context, cred->server),
+ krb5_princ_realm(context, tgt->server), &tempprinc))
return(retval);
- if (!krb5_principal_compare(tempprinc, tgt->server)) {
- krb5_free_principal(tempprinc);
+ if (!krb5_principal_compare(context, tempprinc, tgt->server)) {
+ krb5_free_principal(context, tempprinc);
return KRB5_PRINC_NOMATCH;
}
- krb5_free_principal(tempprinc);
+ krb5_free_principal(context, tempprinc);
- if (retval = krb5_send_tgs(kdcoptions, &cred->times, etype, sumtype,
+ if (retval = krb5_send_tgs(context, kdcoptions, &cred->times, etype, sumtype,
cred->server,
tgt->addresses,
cred->authdata,
/* XXX need access to the actual assembled request...
need a change to send_tgs */
if ((err_reply->ctime != request.ctime) ||
- !krb5_principal_compare(err_reply->server, request.server) ||
- !krb5_principal_compare(err_reply->client, request.client))
+ !krb5_principal_compare(context, err_reply->server, request.server) ||
+ !krb5_principal_compare(context, err_reply->client, request.client))
retval = KRB5_KDCREP_MODIFIED;
else
#endif
retval = err_reply->error + ERROR_TABLE_BASE_krb5;
- krb5_free_error(err_reply);
+ krb5_free_error(context, err_reply);
cleanup();
return retval;
}
- retval = krb5_decode_kdc_rep(&tgsrep.response,
+ retval = krb5_decode_kdc_rep(context, &tgsrep.response,
&tgt->keyblock,
etype, /* enctype */
&dec_rep);
#define cleanup() {\
memset((char *)dec_rep->enc_part2->session->contents, 0,\
dec_rep->enc_part2->session->length);\
- krb5_free_kdc_rep(dec_rep); }
+ krb5_free_kdc_rep(context, dec_rep); }
if (dec_rep->msg_type != KRB5_TGS_REP) {
retval = KRB5KRB_AP_ERR_MSG_TYPE;
/* now it's decrypted and ready for prime time */
- if (!krb5_principal_compare(dec_rep->client, tgt->client)) {
+ if (!krb5_principal_compare(context, dec_rep->client, tgt->client)) {
cleanup();
return KRB5_KDCREP_MODIFIED;
}
}
cred->keyblock.magic = KV5M_KEYBLOCK;
cred->keyblock.etype = dec_rep->ticket->enc_part.etype;
- if (retval = krb5_copy_keyblock_contents(dec_rep->enc_part2->session,
+ if (retval = krb5_copy_keyblock_contents(context, dec_rep->enc_part2->session,
&cred->keyblock)) {
cleanup();
return retval;
#undef cleanup
#define cleanup() {\
memset((char *)cred->keyblock.contents, 0, cred->keyblock.length);\
- krb5_free_kdc_rep(dec_rep); }
+ krb5_free_kdc_rep(context, dec_rep); }
cred->times = dec_rep->enc_part2->times;
#if 0
/* XXX probably need access to the request */
/* check the contents for sanity: */
- if (!krb5_principal_compare(dec_rep->client, request.client)
- || !krb5_principal_compare(dec_rep->enc_part2->server, request.server)
- || !krb5_principal_compare(dec_rep->ticket->server, request.server)
+ if (!krb5_principal_compare(context, dec_rep->client, request.client)
+ || !krb5_principal_compare(context, dec_rep->enc_part2->server, request.server)
+ || !krb5_principal_compare(context, dec_rep->ticket->server, request.server)
|| (request.nonce != dec_rep->enc_part2->nonce)
/* XXX check for extraneous flags */
- /* XXX || (!krb5_addresses_compare(addrs, dec_rep->enc_part2->caddrs)) */
+ /* XXX || (!krb5_addresses_compare(context, addrs, dec_rep->enc_part2->caddrs)) */
|| ((request.from != 0) &&
(request.from != dec_rep->enc_part2->times.starttime))
|| ((request.till != 0) &&
cred->ticket_flags = dec_rep->enc_part2->flags;
cred->is_skey = FALSE;
if (cred->addresses) {
- krb5_free_addresses(cred->addresses);
+ krb5_free_addresses(context, cred->addresses);
}
if (dec_rep->enc_part2->caddrs) {
- if (retval = krb5_copy_addresses(dec_rep->enc_part2->caddrs,
+ if (retval = krb5_copy_addresses(context, dec_rep->enc_part2->caddrs,
&cred->addresses)) {
cleanup();
return retval;
}
} else {
/* no addresses in the list means we got what we had */
- if (retval = krb5_copy_addresses(tgt->addresses,
+ if (retval = krb5_copy_addresses(context, tgt->addresses,
&cred->addresses)) {
cleanup();
return retval;
* Free cred->server before overwriting it.
*/
if (cred->server)
- krb5_free_principal(cred->server);
- if (retval = krb5_copy_principal(dec_rep->enc_part2->server,
+ krb5_free_principal(context, cred->server);
+ if (retval = krb5_copy_principal(context, dec_rep->enc_part2->server,
&cred->server)) {
cleanup();
return retval;
if (retval = encode_krb5_ticket(dec_rep->ticket, &scratch)) {
cleanup();
- krb5_free_addresses(cred->addresses);
+ krb5_free_addresses(context, cred->addresses);
return retval;
}
cred->ticket = *scratch;
krb5_xfree(scratch);
- krb5_free_kdc_rep(dec_rep);
+ krb5_free_kdc_rep(context, dec_rep);
return retval;
}
#endif
krb5_error_code
-krb5_generate_seq_number(key, seqno)
-const krb5_keyblock *key;
-krb5_int32 *seqno;
+krb5_generate_seq_number(context, key, seqno)
+ krb5_context context;
+ const krb5_keyblock *key;
+ krb5_int32 *seqno;
{
krb5_pointer random_state;
krb5_encrypt_block eblock;
if (!valid_keytype(key->keytype))
return KRB5_PROG_KEYTYPE_NOSUPP;
- krb5_use_keytype(&eblock, key->keytype);
+ krb5_use_keytype(context, &eblock, key->keytype);
- if (retval = krb5_init_random_key(&eblock, key, &random_state))
+ if (retval = krb5_init_random_key(context, &eblock, key, &random_state))
return(retval);
- if (retval = krb5_random_key(&eblock, random_state, &subkey)) {
- (void) krb5_finish_random_key(&eblock, &random_state);
+ if (retval = krb5_random_key(context, &eblock, random_state, &subkey)) {
+ (void) krb5_finish_random_key(context, &eblock, &random_state);
return retval;
}
/* ignore the error if any, since we've already gotten the key out */
- if (retval = krb5_finish_random_key(&eblock, &random_state)) {
- krb5_free_keyblock(subkey);
+ if (retval = krb5_finish_random_key(context, &eblock, &random_state)) {
+ krb5_free_keyblock(context, subkey);
return retval;
}
retval = ENOMEM;
goto cleanup;
}
- if (retval = krb5_process_key(&eblock, subkey)) {
+ if (retval = krb5_process_key(context, &eblock, subkey)) {
goto cleanup;
}
- if (retval = krb5_us_timeofday(&timenow.seconds,
+ if (retval = krb5_us_timeofday(context, &timenow.seconds,
&timenow.microseconds)) {
goto cleanup;
}
memcpy((char *)intmp, (char *)&timenow, sizeof(timenow));
- retval = krb5_encrypt((krb5_pointer)intmp, (krb5_pointer)outtmp,
+ retval = krb5_encrypt(context, (krb5_pointer)intmp, (krb5_pointer)outtmp,
sizeof(timenow), &eblock, 0);
- (void) krb5_finish_key(&eblock);
+ (void) krb5_finish_key(context, &eblock);
if (retval)
goto cleanup;
cleanup:
if (subkey)
- krb5_free_keyblock(subkey);
+ krb5_free_keyblock(context, subkey);
if (intmp)
krb5_xfree(intmp);
if (outtmp)
#include <krb5/ext-proto.h>
krb5_error_code
-krb5_generate_subkey(key, subkey)
-const krb5_keyblock *key;
-krb5_keyblock **subkey;
+krb5_generate_subkey(context, key, subkey)
+ krb5_context context;
+ const krb5_keyblock *key;
+ krb5_keyblock **subkey;
{
krb5_pointer random_state;
krb5_encrypt_block eblock;
if (!valid_keytype(key->keytype))
return KRB5_PROG_KEYTYPE_NOSUPP;
- krb5_use_keytype(&eblock, key->keytype);
+ krb5_use_keytype(context, &eblock, key->keytype);
- if (retval = krb5_init_random_key(&eblock, key, &random_state))
+ if (retval = krb5_init_random_key(context, &eblock, key, &random_state))
return(retval);
*subkey = (krb5_keyblock *)malloc(sizeof(**subkey));
if (!*subkey) {
- (void) krb5_finish_random_key(&eblock, &random_state);
+ (void) krb5_finish_random_key(context, &eblock, &random_state);
return ENOMEM;
}
- if (retval = krb5_random_key(&eblock, random_state, subkey)) {
- (void) krb5_finish_random_key(&eblock, &random_state);
+ if (retval = krb5_random_key(context, &eblock, random_state, subkey)) {
+ (void) krb5_finish_random_key(context, &eblock, &random_state);
krb5_xfree(*subkey);
return retval;
}
/* ignore the error if any, since we've already gotten the key out */
- (void) krb5_finish_random_key(&eblock, &random_state);
+ (void) krb5_finish_random_key(context, &eblock, &random_state);
return 0;
}
#include <krb5/ext-proto.h>
krb5_error_code
-krb5_get_credentials(options, ccache, creds)
-const krb5_flags options;
-krb5_ccache ccache;
-krb5_creds *creds;
+krb5_get_credentials(context, options, ccache, creds)
+ krb5_context context;
+ const krb5_flags options;
+ krb5_ccache ccache;
+ krb5_creds *creds;
{
krb5_error_code retval, rv2;
krb5_creds **tgts;
return KRB5_NO_2ND_TKT;
}
- retval = krb5_cc_retrieve_cred(ccache, fields, &mcreds, &ncreds);
+ retval = krb5_cc_retrieve_cred(context, ccache, fields, &mcreds, &ncreds);
if (retval == 0) {
- krb5_free_cred_contents(creds);
+ krb5_free_cred_contents(context, creds);
*creds = ncreds;
}
if (retval != KRB5_CC_NOTFOUND || options & KRB5_GC_CACHED)
return retval;
- retval = krb5_get_cred_from_kdc(ccache, creds, &tgts);
+ retval = krb5_get_cred_from_kdc(context, ccache, creds, &tgts);
if (tgts) {
register int i = 0;
while (tgts[i]) {
- if (rv2 = krb5_cc_store_cred(ccache, tgts[i])) {
+ if (rv2 = krb5_cc_store_cred(context, ccache, tgts[i])) {
retval = rv2;
break;
}
i++;
}
- krb5_free_tgt_creds(tgts);
+ krb5_free_tgt_creds(context, tgts);
}
if (!retval)
- retval = krb5_cc_store_cred(ccache, creds);
+ retval = krb5_cc_store_cred(context, ccache, creds);
return retval;
}
/* Get a TGT for use at the remote host */
krb5_error_code
-krb5_get_for_creds(etype, sumtype, rhost, client, enc_key, forwardable, outbuf)
+krb5_get_for_creds(context, etype, sumtype, rhost, client, enc_key, forwardable, outbuf)
+ krb5_context context;
const krb5_enctype etype;
const krb5_cksumtype sumtype;
char *rhost;
}
strcpy(remote_host, hp->h_name);
- if (retval = krb5_get_host_realm(remote_host, &hrealms))
+ if (retval = krb5_get_host_realm(context, remote_host, &hrealms))
goto errout;
if (!hrealms[0]) {
retval = KRB5_ERR_HOST_REALM_UNKNOWN;
}
addrs[i] = 0;
- if (retval = krb5_copy_principal(client, &creds.client))
+ if (retval = krb5_copy_principal(context, client, &creds.client))
goto errout;
- if (retval = krb5_build_principal_ext(&creds.server,
+ if (retval = krb5_build_principal_ext(context, &creds.server,
strlen(hrealms[0]),
hrealms[0],
KRB5_TGS_NAME_SIZE,
goto errout;
creds.times.starttime = 0;
- if (retval = krb5_timeofday(&now))
+ if (retval = krb5_timeofday(context, &now))
goto errout;
creds.times.endtime = now + KRB5_DEFAULT_LIFE;
creds.times.renew_till = 0;
- if (retval = krb5_cc_default(&cc))
+ if (retval = krb5_cc_default(context, &cc))
goto errout;
/* fetch tgt directly from cache */
- retval = krb5_cc_retrieve_cred (cc,
+ retval = krb5_cc_retrieve_cred (context, cc,
KRB5_TC_MATCH_SRV_NAMEONLY,
&creds,
&tgt);
- krb5_cc_close(cc);
+ krb5_cc_close(context, cc);
if (retval)
goto errout;
/* tgt->client must be equal to creds.client */
- if (!krb5_principal_compare(tgt.client, creds.client)) {
+ if (!krb5_principal_compare(context, tgt.client, creds.client)) {
retval = KRB5_PRINC_NOMATCH;
goto errout;
}
if (!forwardable) /* Reset KDC_OPT_FORWARDABLE */
kdcoptions &= ~(KDC_OPT_FORWARDABLE);
- if (retval = krb5_send_tgs(kdcoptions, &creds.times, etype, sumtype,
+ if (retval = krb5_send_tgs(context, kdcoptions, &creds.times, etype, sumtype,
tgt.server,
addrs,
creds.authdata,
retval = err_reply->error + ERROR_TABLE_BASE_krb5;
- krb5_free_error(err_reply);
+ krb5_free_error(context, err_reply);
goto errout;
}
- if (retval = krb5_decode_kdc_rep(&tgsrep.response,
+ if (retval = krb5_decode_kdc_rep(context, &tgsrep.response,
&tgt.keyblock,
etype, /* enctype */
&dec_rep))
/* now it's decrypted and ready for prime time */
- if (!krb5_principal_compare(dec_rep->client, tgt.client)) {
+ if (!krb5_principal_compare(context, dec_rep->client, tgt.client)) {
retval = KRB5_KDCREP_MODIFIED;
goto errout;
}
- retval = krb5_mk_cred(dec_rep, etype, enc_key, 0, 0, outbuf);
+ retval = krb5_mk_cred(context, dec_rep, etype, enc_key, 0, 0, outbuf);
errout:
if (remote_host)
if (hrealms)
krb5_xfree(hrealms);
if (addrs)
- krb5_free_addresses(addrs);
- krb5_free_cred_contents(&creds);
+ krb5_free_addresses(context, addrs);
+ krb5_free_cred_contents(context, &creds);
if (tgsrep.response.data)
free(tgsrep.response.data);
if (dec_rep)
- krb5_free_kdc_rep(dec_rep);
+ krb5_free_kdc_rep(context, dec_rep);
return retval;
}
/* widen this prototype if need be */
#include <krb5/widen.h>
-typedef krb5_error_code (*git_key_proc) PROTOTYPE((const krb5_keytype,
+typedef krb5_error_code (*git_key_proc) PROTOTYPE((krb5_context,
+ const krb5_keytype,
krb5_keyblock **,
krb5_const_pointer,
krb5_pa_data **));
#include <krb5/narrow.h>
-typedef krb5_error_code (*git_decrypt_proc) PROTOTYPE((const krb5_keyblock *,
+typedef krb5_error_code (*git_decrypt_proc) PROTOTYPE((krb5_context,
+ const krb5_keyblock *,
krb5_const_pointer,
krb5_kdc_rep * ));
krb5_error_code
-krb5_get_in_tkt(DECLARG(const krb5_flags, options),
- DECLARG(krb5_address * const *, addrs),
- DECLARG(const krb5_preauthtype, pre_auth_type),
- DECLARG(const krb5_enctype, etype),
- DECLARG(const krb5_keytype, keytype),
- DECLARG(git_key_proc, key_proc),
- DECLARG(krb5_const_pointer, keyseed),
- DECLARG(git_decrypt_proc, decrypt_proc),
- DECLARG(krb5_const_pointer, decryptarg),
- DECLARG(krb5_creds *, creds),
- DECLARG(krb5_ccache, ccache),
- DECLARG(krb5_kdc_rep **, ret_as_reply))
-OLDDECLARG(const krb5_flags, options)
-OLDDECLARG(krb5_address * const *, addrs)
-OLDDECLARG(const krb5_preauthtype, pre_auth_type)
-OLDDECLARG(const krb5_enctype, etype)
-OLDDECLARG(const krb5_keytype, keytype)
-OLDDECLARG(git_key_proc, key_proc)
-OLDDECLARG(krb5_const_pointer, keyseed)
-OLDDECLARG(git_decrypt_proc, decrypt_proc)
-OLDDECLARG(krb5_const_pointer, decryptarg)
-OLDDECLARG(krb5_creds *, creds)
-OLDDECLARG(krb5_ccache, ccache)
-OLDDECLARG(krb5_kdc_rep **, ret_as_reply)
+krb5_get_in_tkt(context, options, addrs, pre_auth_type, etype, keytype,
+ key_proc, keyseed, decrypt_proc, decryptarg, creds,
+ ccache, ret_as_reply)
+ krb5_context context;
+ const krb5_flags options;
+ krb5_address * const * addrs;
+ const krb5_preauthtype pre_auth_type;
+ const krb5_enctype etype;
+ const krb5_keytype keytype;
+ git_key_proc key_proc;
+ krb5_const_pointer keyseed;
+ git_decrypt_proc decrypt_proc;
+ krb5_const_pointer decryptarg;
+ krb5_creds * creds;
+ krb5_ccache ccache;
+ krb5_kdc_rep ** ret_as_reply;
{
krb5_kdc_req request;
krb5_kdc_rep *as_reply = 0;
krb5_timestamp time_now;
krb5_pa_data *padata;
- if (! krb5_realm_compare(creds->client, creds->server))
+ if (! krb5_realm_compare(context, creds->client, creds->server))
return KRB5_IN_TKT_REALM_MISMATCH;
if (ret_as_reply)
* default. But if we're changing salts, because of a
* realm renaming, or some such, this won't work.
*/
- retval = (*key_proc)(keytype, &decrypt_key, keyseed, 0);
+ retval = (*key_proc)(context, keytype, &decrypt_key, keyseed, 0);
if (retval)
return retval;
request.padata = (krb5_pa_data **) malloc(sizeof(krb5_pa_data *)
goto cleanup;
}
- retval = krb5_obtain_padata(pre_auth_type, creds->client,
+ retval = krb5_obtain_padata(context, pre_auth_type, creds->client,
request.addresses, decrypt_key,
&padata);
if (retval)
request.from = creds->times.starttime;
request.till = creds->times.endtime;
request.rtime = creds->times.renew_till;
- if (retval = krb5_timeofday(&time_now))
+ if (retval = krb5_timeofday(context, &time_now))
goto cleanup;
/* XXX we know they are the same size... */
if (retval = encode_krb5_as_req(&request, &packet))
goto cleanup;
- retval = krb5_sendto_kdc(packet, krb5_princ_realm(creds->client), &reply);
- krb5_free_data(packet);
+ retval = krb5_sendto_kdc(context, packet,
+ krb5_princ_realm(context, creds->client), &reply);
+ krb5_free_data(context, packet);
if (retval)
goto cleanup;
/* it was an error */
if ((err_reply->ctime != request.nonce) ||
- !krb5_principal_compare(err_reply->server, request.server) ||
- !krb5_principal_compare(err_reply->client, request.client))
+ !krb5_principal_compare(context, err_reply->server, request.server) ||
+ !krb5_principal_compare(context, err_reply->client, request.client))
retval = KRB5_KDCREP_MODIFIED;
else
retval = err_reply->error + ERROR_TABLE_BASE_krb5;
/* XXX somehow make error msg text available to application? */
- krb5_free_error(err_reply);
+ krb5_free_error(context, err_reply);
goto cleanup;
}
/* Generate the key, if we haven't done so already. */
if (!decrypt_key) {
- if (retval = (*key_proc)(keytype, &decrypt_key, keyseed,
+ if (retval = (*key_proc)(context, keytype, &decrypt_key, keyseed,
as_reply->padata))
goto cleanup;
}
- if (retval = (*decrypt_proc)(decrypt_key, decryptarg, as_reply))
+ if (retval = (*decrypt_proc)(context, decrypt_key, decryptarg, as_reply))
goto cleanup;
- krb5_free_keyblock(decrypt_key);
+ krb5_free_keyblock(context, decrypt_key);
decrypt_key = 0;
/* check the contents for sanity: */
if (!as_reply->enc_part2->times.starttime)
as_reply->enc_part2->times.starttime =
as_reply->enc_part2->times.authtime;
- if (!krb5_principal_compare(as_reply->client, request.client)
- || !krb5_principal_compare(as_reply->enc_part2->server, request.server)
- || !krb5_principal_compare(as_reply->ticket->server, request.server)
+ if (!krb5_principal_compare(context, as_reply->client, request.client)
+ || !krb5_principal_compare(context, as_reply->enc_part2->server, request.server)
+ || !krb5_principal_compare(context, as_reply->ticket->server, request.server)
|| (request.nonce != as_reply->enc_part2->nonce)
/* XXX check for extraneous flags */
- /* XXX || (!krb5_addresses_compare(addrs, as_reply->enc_part2->caddrs)) */
+ /* XXX || (!krb5_addresses_compare(context, addrs, as_reply->enc_part2->caddrs)) */
|| ((request.from != 0) &&
(request.from != as_reply->enc_part2->times.starttime))
|| ((request.till != 0) &&
/* XXX issue warning if as_reply->enc_part2->key_exp is nearby */
/* fill in the credentials */
- if (retval = krb5_copy_keyblock_contents(as_reply->enc_part2->session,
+ if (retval = krb5_copy_keyblock_contents(context,
+ as_reply->enc_part2->session,
&creds->keyblock))
goto cleanup;
creds->keyblock.etype = as_reply->ticket->enc_part.etype;
creds->is_skey = FALSE; /* this is an AS_REQ, so cannot
be encrypted in skey */
creds->ticket_flags = as_reply->enc_part2->flags;
- if (retval = krb5_copy_addresses(as_reply->enc_part2->caddrs,
+ if (retval = krb5_copy_addresses(context, as_reply->enc_part2->caddrs,
&creds->addresses))
goto cred_cleanup;
krb5_xfree(packet);
/* store it in the ccache! */
- if (retval = krb5_cc_store_cred(ccache, creds))
+ if (retval = krb5_cc_store_cred(context, ccache, creds))
goto cred_cleanup;
if (ret_as_reply) {
cleanup:
if (as_reply)
- krb5_free_kdc_rep(as_reply);
+ krb5_free_kdc_rep(context, as_reply);
if (reply.data)
free(reply.data);
if (decrypt_key)
- krb5_free_keyblock(decrypt_key);
+ krb5_free_keyblock(context, decrypt_key);
if (request.padata)
free(request.padata);
if (!addrs)
- krb5_free_addresses(request.addresses);
+ krb5_free_addresses(context, request.addresses);
return retval;
/*
creds->ticket.data = 0;
}
if (creds->addresses) {
- krb5_free_addresses(creds->addresses);
+ krb5_free_addresses(context, creds->addresses);
creds->addresses = 0;
}
goto cleanup;
#include <krb5/widen.h>
static krb5_error_code
-pwd_keyproc(DECLARG(const krb5_keytype, type),
- DECLARG(krb5_keyblock **, key),
- DECLARG(krb5_const_pointer, keyseed),
- DECLARG(krb5_pa_data **,padata))
-OLDDECLARG(const krb5_keytype, type)
-OLDDECLARG(krb5_keyblock **, key)
-OLDDECLARG(krb5_const_pointer, keyseed)
-OLDDECLARG(krb5_pa_data **,padata)
+pwd_keyproc(context, type, key, keyseed, padata)
+ krb5_context context;
+ const krb5_keytype type;
+ krb5_keyblock ** key;
+ krb5_const_pointer keyseed;
+ krb5_pa_data ** padata;
#include <krb5/narrow.h>
{
krb5_data salt;
if (!valid_keytype(type))
return KRB5_PROG_KEYTYPE_NOSUPP;
- krb5_use_keytype(&eblock, type);
+ krb5_use_keytype(context, &eblock, type);
if (padata) {
krb5_pa_data **ptr;
arg = (const struct pwd_keyproc_arg *)keyseed;
if (!use_salt) {
/* need to use flattened principal */
- if (retval = krb5_principal2salt(arg->who, &salt))
+ if (retval = krb5_principal2salt(context, arg->who, &salt))
return(retval);
f_salt = 1;
}
if (!arg->password.length) {
- if (retval = krb5_read_password(krb5_default_pwd_prompt1,
+ if (retval = krb5_read_password(context, krb5_default_pwd_prompt1,
0,
pwdbuf, &pwsize)) {
if (f_salt) krb5_xfree(salt.data);
if (f_salt) krb5_xfree(salt.data);
return ENOMEM;
}
- retval = krb5_string_to_key(&eblock, type, *key, &arg->password, &salt);
+ retval = krb5_string_to_key(context, &eblock, type, *key, &arg->password, &salt);
if (retval) {
krb5_xfree(*key);
if (f_salt) krb5_xfree(salt.data);
returns system errors, encryption errors
*/
krb5_error_code
-krb5_get_in_tkt_with_password(DECLARG(const krb5_flags, options),
- DECLARG(krb5_address * const *, addrs),
- DECLARG(const krb5_preauthtype, pre_auth_type),
- DECLARG(const krb5_enctype, etype),
- DECLARG(const krb5_keytype, keytype),
- DECLARG(const char *, password),
- DECLARG(krb5_ccache, ccache),
- DECLARG(krb5_creds *, creds),
- DECLARG(krb5_kdc_rep **, ret_as_reply))
-OLDDECLARG(const krb5_flags, options)
-OLDDECLARG(krb5_address * const *, addrs)
-OLDDECLARG(const krb5_preauthtype, pre_auth_type)
-OLDDECLARG(const krb5_enctype, etype)
-OLDDECLARG(const krb5_keytype, keytype)
-OLDDECLARG(const char *, password)
-OLDDECLARG(krb5_ccache, ccache)
-OLDDECLARG(krb5_creds *, creds)
-OLDDECLARG(krb5_kdc_rep **, ret_as_reply)
+krb5_get_in_tkt_with_password(context, options, addrs, pre_auth_type, etype,
+ keytype, password, ccache, creds, ret_as_reply)
+ krb5_context context;
+ const krb5_flags options;
+ krb5_address * const * addrs;
+ const krb5_preauthtype pre_auth_type;
+ const krb5_enctype etype;
+ const krb5_keytype keytype;
+ const char * password;
+ krb5_ccache ccache;
+ krb5_creds * creds;
+ krb5_kdc_rep ** ret_as_reply;
{
krb5_error_code retval;
struct pwd_keyproc_arg keyseed;
keyseed.password.length = 0;
keyseed.who = creds->client;
- retval = krb5_get_in_tkt(options, addrs, pre_auth_type, etype,
+ retval = krb5_get_in_tkt(context, options, addrs, pre_auth_type, etype,
keytype, pwd_keyproc, (krb5_pointer) &keyseed,
krb5_kdc_rep_decrypt_proc, 0,
creds, ccache, ret_as_reply);
*/
#include <krb5/widen.h>
static krb5_error_code
-skey_keyproc(DECLARG(const krb5_keytype, type),
- DECLARG(krb5_keyblock **, key),
- DECLARG(krb5_const_pointer, keyseed),
- DECLARG(krb5_pa_data **, padata))
-OLDDECLARG(const krb5_keytype, type)
-OLDDECLARG(krb5_keyblock **, key)
-OLDDECLARG(krb5_const_pointer, keyseed)
-OLDDECLARG(krb5_pa_data **,padata)
+skey_keyproc(context, type, key, keyseed, padata)
+ krb5_context context;
+ const krb5_keytype type;
+ krb5_keyblock ** key;
+ krb5_const_pointer keyseed;
+ krb5_pa_data ** padata;
#include <krb5/narrow.h>
{
krb5_keyblock *realkey;
if (arg->client) {
/* do keytab stuff */
/* else we need to fetch from system key place */
- if (retval = krb5_kt_default(&kt_id))
+ if (retval = krb5_kt_default(context, &kt_id))
return retval;
- if (retval = krb5_kt_get_entry(kt_id, arg->client,
+ if (retval = krb5_kt_get_entry(context, kt_id, arg->client,
0, /* don't have vno available */
&kt_ent))
return retval;
}
-#define cleanup() {if (arg->client) (void) krb5_kt_free_entry(&kt_ent);}
+#define cleanup() {if (arg->client) (void) krb5_kt_free_entry(context, &kt_ent);}
if (arg->key)
- retval = krb5_copy_keyblock(arg->key, &realkey);
+ retval = krb5_copy_keyblock(context, arg->key, &realkey);
else
- retval = krb5_copy_keyblock(&kt_ent.key, &realkey);
+ retval = krb5_copy_keyblock(context, &kt_ent.key, &realkey);
if (retval) {
cleanup();
return retval;
}
if (realkey->keytype != type) {
- krb5_free_keyblock(realkey);
+ krb5_free_keyblock(context, realkey);
cleanup();
return KRB5_PROG_ETYPE_NOSUPP;
}
*/
krb5_error_code
-krb5_get_in_tkt_with_skey(DECLARG(const krb5_flags, options),
- DECLARG(krb5_address * const *, addrs),
- DECLARG(const krb5_preauthtype, pre_auth_type),
- DECLARG(const krb5_enctype, etype),
- DECLARG(const krb5_keyblock *,key),
- DECLARG(krb5_ccache, ccache),
- DECLARG(krb5_creds *,creds),
- DECLARG(krb5_kdc_rep **, ret_as_reply))
-OLDDECLARG(const krb5_flags, options)
-OLDDECLARG(krb5_address * const *, addrs)
-OLDDECLARG(const krb5_preauthtype, pre_auth_type)
-OLDDECLARG(const krb5_enctype, etype)
-OLDDECLARG(const krb5_keyblock *,key)
-OLDDECLARG(krb5_ccache, ccache)
-OLDDECLARG(krb5_creds *, creds)
-OLDDECLARG(krb5_kdc_rep **, ret_as_reply)
+krb5_get_in_tkt_with_skey(context, options, addrs, pre_auth_type, etype,
+ key, ccache, creds, ret_as_reply)
+ krb5_context context;
+ const krb5_flags options;
+ krb5_address * const * addrs;
+ const krb5_preauthtype pre_auth_type;
+ const krb5_enctype etype;
+ const krb5_keyblock * key;
+ krb5_ccache ccache;
+ krb5_creds * creds;
+ krb5_kdc_rep ** ret_as_reply;
{
struct skey_keyproc_arg arg;
keytype = krb5_csarray[etype]->system->proto_keytype;
}
- return (krb5_get_in_tkt(options, addrs, pre_auth_type, etype, keytype,
- skey_keyproc, (krb5_pointer) &arg,
+ return (krb5_get_in_tkt(context, options, addrs, pre_auth_type, etype,
+ keytype, skey_keyproc, (krb5_pointer) &arg,
krb5_kdc_rep_decrypt_proc, 0, creds,
ccache, ret_as_reply));
}
#include <krb5/widen.h>
krb5_error_code krb5_tgtname
- PROTOTYPE((const krb5_data *,
+ PROTOTYPE((krb5_context context,
+ const krb5_data *,
const krb5_data *,
krb5_principal *));
krb5_error_code krb5_get_cred_via_tgt
- PROTOTYPE((krb5_creds *,
+ PROTOTYPE((krb5_context context,
+ krb5_creds *,
const krb5_flags,
const krb5_enctype,
const krb5_cksumtype,
/*ARGSUSED*/
krb5_error_code
-krb5_kdc_rep_decrypt_proc(DECLARG(const krb5_keyblock *, key),
- DECLARG(krb5_const_pointer, decryptarg),
- DECLARG(krb5_kdc_rep *, dec_rep))
-OLDDECLARG(const krb5_keyblock *, key)
-OLDDECLARG(krb5_const_pointer, decryptarg)
-OLDDECLARG(krb5_kdc_rep *, dec_rep)
+krb5_kdc_rep_decrypt_proc(context, key, decryptarg, dec_rep)
+ krb5_context context;
+ const krb5_keyblock * key;
+ krb5_const_pointer decryptarg;
+ krb5_kdc_rep * dec_rep;
{
krb5_error_code retval;
krb5_encrypt_block eblock;
/* put together an eblock for this encryption */
- krb5_use_cstype(&eblock, dec_rep->enc_part.etype);
+ krb5_use_cstype(context, &eblock, dec_rep->enc_part.etype);
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(&eblock, key)) {
+ if (retval = krb5_process_key(context, &eblock, key)) {
free(scratch.data);
return(retval);
}
/* call the decryption routine */
- if (retval = krb5_decrypt((krb5_pointer) dec_rep->enc_part.ciphertext.data,
+ if (retval = krb5_decrypt(context, (krb5_pointer) dec_rep->enc_part.ciphertext.data,
(krb5_pointer) scratch.data,
scratch.length, &eblock, 0)) {
- (void) krb5_finish_key(&eblock);
+ (void) krb5_finish_key(context, &eblock);
free(scratch.data);
return retval;
}
#define clean_scratch() {memset(scratch.data, 0, scratch.length); \
free(scratch.data);}
- if (retval = krb5_finish_key(&eblock)) {
+ if (retval = krb5_finish_key(context, &eblock)) {
clean_scratch();
return retval;
}
/* Create asn.1 encoded KRB-CRED message from the kdc reply. */
krb5_error_code
-krb5_mk_cred(dec_rep, etype, key, sender_addr, recv_addr, outbuf)
-krb5_kdc_rep *dec_rep;
-krb5_enctype etype;
-krb5_keyblock *key;
-krb5_address *sender_addr;
-krb5_address *recv_addr;
-krb5_data *outbuf;
+krb5_mk_cred(context, dec_rep, etype, key, sender_addr, recv_addr, outbuf)
+ krb5_context context;
+ krb5_kdc_rep *dec_rep;
+ krb5_enctype etype;
+ krb5_keyblock *key;
+ krb5_address *sender_addr;
+ krb5_address *recv_addr;
+ krb5_data *outbuf;
{
krb5_error_code retval;
krb5_encrypt_block eblock;
cred_enc_part.ticket_info = (krb5_cred_info **)
calloc(2, sizeof(*cred_enc_part.ticket_info));
if (!cred_enc_part.ticket_info) {
- krb5_free_tickets(ret_cred.tickets);
+ krb5_free_tickets(context, ret_cred.tickets);
return ENOMEM;
}
cred_enc_part.ticket_info[0] = (krb5_cred_info *)
malloc(sizeof(*cred_enc_part.ticket_info[0]));
if (!cred_enc_part.ticket_info[0]) {
- krb5_free_tickets(ret_cred.tickets);
- krb5_free_cred_enc_part(cred_enc_part);
+ krb5_free_tickets(context, ret_cred.tickets);
+ krb5_free_cred_enc_part(context, cred_enc_part);
return ENOMEM;
}
cred_enc_part.nonce = 0;
- if (retval = krb5_us_timeofday(&cred_enc_part.timestamp,
+ if (retval = krb5_us_timeofday(context, &cred_enc_part.timestamp,
&cred_enc_part.usec))
return retval;
if (retval = encode_krb5_enc_cred_part(&cred_enc_part, &scratch))
return retval;
-#define cleanup_scratch() { (void) memset(scratch->data, 0, scratch->length); krb5_free_data(scratch); }
+#define cleanup_scratch() { (void) memset(scratch->data, 0, scratch->length); krb5_free_data(context, scratch); }
/* put together an eblock for this encryption */
- krb5_use_cstype(&eblock, etype);
+ krb5_use_cstype(context, &eblock, etype);
ret_cred.enc_part.ciphertext.length = krb5_encrypt_size(scratch->length,
eblock.crypto_entry);
/* add padding area, and zero it */
ret_cred.enc_part.ciphertext.data = 0;}
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(&eblock, key)) {
+ if (retval = krb5_process_key(context, &eblock, key)) {
goto clean_encpart;
}
-#define cleanup_prockey() {(void) krb5_finish_key(&eblock);}
+#define cleanup_prockey() {(void) krb5_finish_key(context, &eblock);}
/* call the encryption routine */
- if (retval = krb5_encrypt((krb5_pointer) scratch->data,
+ if (retval = krb5_encrypt(context, (krb5_pointer) scratch->data,
(krb5_pointer)
ret_cred.enc_part.ciphertext.data,
scratch->length, &eblock,
/* private message is now assembled-- do some cleanup */
cleanup_scratch();
- if (retval = krb5_finish_key(&eblock)) {
+ if (retval = krb5_finish_key(context, &eblock)) {
cleanup_encpart();
return retval;
}
returns system errors
*/
krb5_error_code
-krb5_mk_error(dec_err, enc_err)
-const krb5_error *dec_err;
-krb5_data *enc_err;
+krb5_mk_error(context, dec_err, enc_err)
+ krb5_context context;
+ const krb5_error *dec_err;
+ krb5_data *enc_err;
{
krb5_error_code retval;
krb5_data *new_enc_err;
returns system errors
*/
krb5_error_code
-krb5_mk_priv(DECLARG(const krb5_data *, userdata),
- DECLARG(const krb5_enctype, etype),
- DECLARG(const krb5_keyblock *, key),
- DECLARG(const krb5_address *, sender_addr),
- DECLARG(const krb5_address *, recv_addr),
- DECLARG(krb5_int32, seq_number),
- DECLARG(krb5_int32, priv_flags),
- DECLARG(krb5_rcache, rcache),
- DECLARG(krb5_pointer, i_vector),
- DECLARG(krb5_data *, outbuf))
-OLDDECLARG(const krb5_data *, userdata)
-OLDDECLARG(const krb5_enctype, etype)
-OLDDECLARG(const krb5_keyblock *, key)
-OLDDECLARG(const krb5_address *, sender_addr)
-OLDDECLARG(const krb5_address *, recv_addr)
-OLDDECLARG(krb5_int32, seq_number)
-OLDDECLARG(krb5_int32, priv_flags)
-OLDDECLARG(krb5_rcache, rcache)
-OLDDECLARG(krb5_pointer, i_vector)
-OLDDECLARG(krb5_data *, outbuf)
+krb5_mk_priv(context, userdata, etype, key, sender_addr, recv_addr,
+ seq_number, priv_flags, rcache, i_vector, outbuf)
+ krb5_context context;
+ const krb5_data * userdata;
+ const krb5_enctype etype;
+ const krb5_keyblock * key;
+ const krb5_address * sender_addr;
+ const krb5_address * recv_addr;
+ krb5_int32 seq_number;
+ krb5_int32 priv_flags;
+ krb5_rcache rcache;
+ krb5_pointer i_vector;
+ krb5_data * outbuf;
{
krb5_error_code retval;
krb5_encrypt_block eblock;
if (!rcache)
/* gotta provide an rcache in this case... */
return KRB5_RC_REQUIRED;
- if (retval = krb5_us_timeofday(&privmsg_enc_part.timestamp,
+ if (retval = krb5_us_timeofday(context, &privmsg_enc_part.timestamp,
&privmsg_enc_part.usec))
return retval;
} else
if (retval = encode_krb5_enc_priv_part(&privmsg_enc_part, &scratch))
return retval;
-#define cleanup_scratch() { (void) memset(scratch->data, 0, scratch->length); krb5_free_data(scratch); }
+#define cleanup_scratch() { (void) memset(scratch->data, 0, scratch->length); krb5_free_data(context, scratch); }
/* put together an eblock for this encryption */
- krb5_use_cstype(&eblock, etype);
+ krb5_use_cstype(context, &eblock, etype);
privmsg.enc_part.ciphertext.length = krb5_encrypt_size(scratch->length,
eblock.crypto_entry);
/* add padding area, and zero it */
privmsg.enc_part.ciphertext.data = 0;}
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(&eblock, key)) {
+ if (retval = krb5_process_key(context, &eblock, key)) {
goto clean_encpart;
}
-#define cleanup_prockey() {(void) krb5_finish_key(&eblock);}
+#define cleanup_prockey() {(void) krb5_finish_key(context, &eblock);}
/* call the encryption routine */
- if (retval = krb5_encrypt((krb5_pointer) scratch->data,
+ if (retval = krb5_encrypt(context, (krb5_pointer) scratch->data,
(krb5_pointer) privmsg.enc_part.ciphertext.data,
scratch->length, &eblock,
i_vector)) {
/* private message is now assembled-- do some cleanup */
cleanup_scratch();
- if (retval = krb5_finish_key(&eblock)) {
+ if (retval = krb5_finish_key(context, &eblock)) {
cleanup_encpart();
return retval;
}
if (!(priv_flags & KRB5_PRIV_NOTIME)) {
krb5_donot_replay replay;
- if (retval = krb5_gen_replay_name(sender_addr, "_priv",
+ if (retval = krb5_gen_replay_name(context, sender_addr, "_priv",
&replay.client)) {
cleanup_scratch();
return retval;
replay.server = ""; /* XXX */
replay.cusec = privmsg_enc_part.usec;
replay.ctime = privmsg_enc_part.timestamp;
- if (retval = krb5_rc_store(rcache, &replay)) {
+ if (retval = krb5_rc_store(context, rcache, &replay)) {
/* should we really error out here? XXX */
cleanup_scratch();
krb5_xfree(replay.client);
*/
krb5_error_code
-krb5_mk_rep(repl, kblock, outbuf)
-const krb5_ap_rep_enc_part *repl;
-const krb5_keyblock *kblock;
-krb5_data *outbuf;
+krb5_mk_rep(context, repl, kblock, outbuf)
+ krb5_context context;
+ const krb5_ap_rep_enc_part *repl;
+ const krb5_keyblock *kblock;
+ krb5_data *outbuf;
{
krb5_error_code retval;
krb5_data *scratch;
return retval;
#define cleanup_scratch() { (void) memset(scratch->data, 0, scratch->length); \
-krb5_free_data(scratch); }
+krb5_free_data(context, scratch); }
/* put together an eblock for this encryption */
- krb5_use_cstype(&eblock, etype);
+ krb5_use_cstype(context, &eblock, etype);
reply.enc_part.etype = etype;
reply.enc_part.kvno = 0; /* XXX user set? */
reply.enc_part.ciphertext.length = 0; reply.enc_part.ciphertext.data = 0;}
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(&eblock, kblock)) {
+ if (retval = krb5_process_key(context, &eblock, kblock)) {
goto clean_encpart;
}
-#define cleanup_prockey() {(void) krb5_finish_key(&eblock);}
+#define cleanup_prockey() {(void) krb5_finish_key(context, &eblock);}
/* call the encryption routine */
- if (retval = krb5_encrypt((krb5_pointer) scratch->data,
+ if (retval = krb5_encrypt(context, (krb5_pointer) scratch->data,
(krb5_pointer) reply.enc_part.ciphertext.data,
scratch->length, &eblock, 0)) {
goto clean_prockey;
/* encrypted part now assembled-- do some cleanup */
cleanup_scratch();
- if (retval = krb5_finish_key(&eblock)) {
+ if (retval = krb5_finish_key(context, &eblock)) {
cleanup_encpart();
return retval;
}
extern krb5_flags krb5_kdc_default_options;
krb5_error_code
-krb5_mk_req(server, ap_req_options, checksum, ccache, outbuf)
-krb5_const_principal server;
-const krb5_flags ap_req_options;
-const krb5_checksum *checksum;
-krb5_ccache ccache;
-krb5_data *outbuf;
+krb5_mk_req(context, server, ap_req_options, checksum, ccache, outbuf)
+ krb5_context context;
+ krb5_const_principal server;
+ const krb5_flags ap_req_options;
+ const krb5_checksum *checksum;
+ krb5_ccache ccache;
+ krb5_data *outbuf;
{
krb5_error_code retval;
krb5_creds creds;
/* obtain ticket & session key */
memset((char *)&creds, 0, sizeof(creds));
- if (retval = krb5_copy_principal(server, &creds.server))
+ if (retval = krb5_copy_principal(context, server, &creds.server))
goto errout;
- if (retval = krb5_cc_get_principal(ccache, &creds.client))
+ if (retval = krb5_cc_get_principal(context, ccache, &creds.client))
goto errout;
/* creds.times.endtime = 0; -- memset 0 takes care of this
zero means "as long as possible" */
zero means no session keytype
preference */
- if (retval = krb5_get_credentials(krb5_kdc_default_options,
+ if (retval = krb5_get_credentials(context, krb5_kdc_default_options,
ccache,
&creds))
goto errout;
- retval = krb5_mk_req_extended(ap_req_options,
+ retval = krb5_mk_req_extended(context, ap_req_options,
checksum,
krb5_kdc_default_options,
0, /* no sequence number */
outbuf);
errout:
- krb5_free_cred_contents(&creds);
+ krb5_free_cred_contents(context, &creds);
return retval;
}
*/
static krb5_error_code
-krb5_generate_authenticator PROTOTYPE(( krb5_authenticator *, krb5_principal,
+krb5_generate_authenticator PROTOTYPE((krb5_context,
+ krb5_authenticator *, krb5_principal,
const krb5_checksum *, krb5_keyblock *,
krb5_int32, krb5_authdata ** ));
krb5_error_code
-krb5_mk_req_extended(ap_req_options, checksum, kdc_options,
+krb5_mk_req_extended(context, ap_req_options, checksum, kdc_options,
sequence, newkey, ccache, creds, authentp, outbuf)
-const krb5_flags ap_req_options;
-const krb5_checksum *checksum;
-const krb5_flags kdc_options;
-krb5_int32 sequence;
-krb5_keyblock **newkey;
-krb5_ccache ccache;
-krb5_creds *creds;
-krb5_authenticator *authentp;
-krb5_data *outbuf;
+ krb5_context context;
+ const krb5_flags ap_req_options;
+ const krb5_checksum *checksum;
+ const krb5_flags kdc_options;
+ krb5_int32 sequence;
+ krb5_keyblock **newkey;
+ krb5_ccache ccache;
+ krb5_creds *creds;
+ krb5_authenticator *authentp;
+ krb5_data *outbuf;
{
krb5_error_code retval;
krb5_ap_req request;
if (!creds->ticket.length) {
/* go get creds */
- if (retval = krb5_get_credentials(kdc_options,
+ if (retval = krb5_get_credentials(context, kdc_options,
ccache,
creds))
return(retval);
request.ap_options = ap_req_options;
if (newkey) {
- if (retval = krb5_generate_subkey(&creds->keyblock, newkey))
+ if (retval = krb5_generate_subkey(context, &creds->keyblock, newkey))
goto cleanup;
}
- if (retval = krb5_generate_authenticator(&authent, creds->client, checksum,
+ if (retval = krb5_generate_authenticator(context, &authent, creds->client, checksum,
newkey ? *newkey : 0,
sequence, creds->authdata))
goto cleanup;
if (authentp)
*authentp = authent;
else
- krb5_free_authenticator_contents(&authent);
+ krb5_free_authenticator_contents(context, &authent);
/* put together an eblock for this encryption */
- krb5_use_cstype(&eblock, etype);
+ krb5_use_cstype(context, &eblock, etype);
request.authenticator.etype = etype;
request.authenticator.kvno = 0;
request.authenticator.ciphertext.length =
}
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(&eblock, &creds->keyblock))
+ if (retval = krb5_process_key(context, &eblock, &creds->keyblock))
goto cleanup;
cleanup_key++;
/* call the encryption routine */
- if (retval = krb5_encrypt((krb5_pointer) scratch->data,
+ if (retval = krb5_encrypt(context, (krb5_pointer) scratch->data,
(krb5_pointer) request.authenticator.ciphertext.data,
scratch->length, &eblock, 0))
goto cleanup;
- if (retval = krb5_finish_key(&eblock))
+ if (retval = krb5_finish_key(context, &eblock))
goto cleanup;
cleanup_key = 0;
cleanup:
if (request.ticket)
- krb5_free_ticket(request.ticket);
+ krb5_free_ticket(context, request.ticket);
if (request.authenticator.ciphertext.data) {
(void) memset(request.authenticator.ciphertext.data, 0,
request.authenticator.ciphertext.length);
free(request.authenticator.ciphertext.data);
}
if (newkey && *newkey)
- krb5_free_keyblock(*newkey);
+ krb5_free_keyblock(context, *newkey);
if (scratch) {
memset(scratch->data, 0, scratch->length);
krb5_xfree(scratch->data);
krb5_xfree(scratch);
}
if (cleanup_key)
- krb5_finish_key(&eblock);
+ krb5_finish_key(context, &eblock);
return retval;
}
static krb5_error_code
-krb5_generate_authenticator(authent, client, cksum, key, seq_number, authorization)
-krb5_authenticator *authent;
-krb5_principal client;
-const krb5_checksum *cksum;
-krb5_keyblock *key;
-krb5_int32 seq_number;
-krb5_authdata **authorization;
+krb5_generate_authenticator(context, authent, client, cksum, key, seq_number, authorization)
+ krb5_context context;
+ krb5_authenticator *authent;
+ krb5_principal client;
+ const krb5_checksum *cksum;
+ krb5_keyblock *key;
+ krb5_int32 seq_number;
+ krb5_authdata **authorization;
{
krb5_error_code retval;
authent->client = client;
authent->checksum = (krb5_checksum *)cksum;
if (key) {
- retval = krb5_copy_keyblock(key, &authent->subkey);
+ retval = krb5_copy_keyblock(context, key, &authent->subkey);
if (retval)
return retval;
} else
authent->seq_number = seq_number;
authent->authorization_data = authorization;
- return(krb5_us_timeofday(&authent->ctime, &authent->cusec));
+ return(krb5_us_timeofday(context, &authent->ctime, &authent->cusec));
}
returns system errors
*/
krb5_error_code
-krb5_mk_safe(DECLARG(const krb5_data *, userdata),
- DECLARG(const krb5_cksumtype, sumtype),
- DECLARG(const krb5_keyblock *, key),
- DECLARG(const krb5_address *, sender_addr),
- DECLARG(const krb5_address *, recv_addr),
- DECLARG(krb5_int32, seq_number),
- DECLARG(krb5_int32, safe_flags),
- DECLARG(krb5_rcache, rcache),
- DECLARG(krb5_data *, outbuf))
-OLDDECLARG(const krb5_data *, userdata)
-OLDDECLARG(const krb5_cksumtype, sumtype)
-OLDDECLARG(const krb5_keyblock *, key)
-OLDDECLARG(const krb5_address *, sender_addr)
-OLDDECLARG(const krb5_address *, recv_addr)
-OLDDECLARG(krb5_int32, seq_number)
-OLDDECLARG(krb5_int32, safe_flags)
-OLDDECLARG(krb5_rcache, rcache)
-OLDDECLARG(krb5_data *, outbuf)
+krb5_mk_safe(context, userdata, sumtype, key, sender_addr, recv_addr,
+ seq_number, safe_flags, rcache, outbuf)
+ krb5_context context;
+ const krb5_data * userdata;
+ const krb5_cksumtype sumtype;
+ const krb5_keyblock * key;
+ const krb5_address * sender_addr;
+ const krb5_address * recv_addr;
+ krb5_int32 seq_number;
+ krb5_int32 safe_flags;
+ krb5_rcache rcache;
+ krb5_data * outbuf;
{
krb5_error_code retval;
krb5_safe safemsg;
if (!rcache)
/* gotta provide an rcache in this case... */
return KRB5_RC_REQUIRED;
- if (retval = krb5_us_timeofday(&safemsg.timestamp, &safemsg.usec))
+ if (retval = krb5_us_timeofday(context, &safemsg.timestamp, &safemsg.usec))
return retval;
} else
safemsg.timestamp = 0, safemsg.usec = 0;
#define clean_scratch() {(void) memset((char *)scratch->data, 0,\
scratch->length); \
- krb5_free_data(scratch);}
+ krb5_free_data(context, scratch);}
if (!(safe_checksum.contents =
- (krb5_octet *) malloc(krb5_checksum_size(sumtype)))) {
+ (krb5_octet *) malloc(krb5_checksum_size(context, sumtype)))) {
clean_scratch();
return ENOMEM;
}
- if (retval = krb5_calculate_checksum(sumtype, scratch->data,
+ if (retval = krb5_calculate_checksum(context, sumtype, scratch->data,
scratch->length,
(krb5_pointer) key->contents,
key->length, &safe_checksum)) {
if (!(safe_flags & KRB5_SAFE_NOTIME)) {
krb5_donot_replay replay;
- if (retval = krb5_gen_replay_name(sender_addr, "_safe",
+ if (retval = krb5_gen_replay_name(context, sender_addr, "_safe",
&replay.client)) {
clean_scratch();
return retval;
replay.server = ""; /* XXX */
replay.cusec = safemsg.usec;
replay.ctime = safemsg.timestamp;
- if (retval = krb5_rc_store(rcache, &replay)) {
+ if (retval = krb5_rc_store(context, rcache, &replay)) {
/* should we really error out here? XXX */
clean_scratch();
krb5_xfree(replay.client);
* that arbitrarily large multi-component names are a Good Thing.....
*/
krb5_error_code
-krb5_parse_name(name, nprincipal)
+krb5_parse_name(context, name, nprincipal)
+ krb5_context context;
const char *name;
krb5_principal *nprincipal;
{
*/
if (!parsed_realm) {
if (!default_realm) {
- retval = krb5_get_default_realm(&default_realm);
+ retval = krb5_get_default_realm(context, &default_realm);
if (retval) {
krb5_xfree(principal->data);
krb5_xfree((char *)principal);
}
default_realm_size = strlen(default_realm);
}
- krb5_princ_realm(principal)->length = default_realm_size;
+ krb5_princ_realm(context, principal)->length = default_realm_size;
realmsize = default_realm_size;
}
/*
cp++;
size++;
} else if (c == COMPONENT_SEP) {
- krb5_princ_component(principal, i)->length = size;
+ krb5_princ_component(context, principal, i)->length = size;
size = 0;
i++;
} else if (c == REALM_SEP) {
- krb5_princ_component(principal, i)->length = size;
+ krb5_princ_component(context, principal, i)->length = size;
size = 0;
parsed_realm = cp+1;
} else
size++;
}
if (parsed_realm)
- krb5_princ_realm(principal)->length = size;
+ krb5_princ_realm(context, principal)->length = size;
else
- krb5_princ_component(principal, i)->length = size;
+ krb5_princ_component(context, principal, i)->length = size;
if (i + 1 != components) {
fprintf(stderr,
"Programming error in krb5_parse_name!");
* principal structure
*/
for (i=0; i < components; i++)
- krb5_princ_component(principal, i)->length = fcompsize[i];
- krb5_princ_realm(principal)->length = realmsize;
+ krb5_princ_component(context, principal, i)->length = fcompsize[i];
+ krb5_princ_realm(context, principal)->length = realmsize;
}
/*
* Now, we need to allocate the space for the strings themselves.....
krb5_xfree(principal);
return ENOMEM;
}
- krb5_princ_set_realm_data(principal, tmpdata);
+ krb5_princ_set_realm_data(context, principal, tmpdata);
for (i=0; i < components; i++) {
char *tmpdata =
- malloc(krb5_princ_component(principal, i)->length + 1);
+ malloc(krb5_princ_component(context, principal, i)->length + 1);
if (!tmpdata) {
for (i--; i >= 0; i--)
- krb5_xfree(krb5_princ_component(principal, i)->data);
- krb5_xfree(krb5_princ_realm(principal)->data);
+ krb5_xfree(krb5_princ_component(context, principal, i)->data);
+ krb5_xfree(krb5_princ_realm(context, principal)->data);
krb5_xfree(principal->data);
krb5_xfree(principal);
return(ENOMEM);
}
- krb5_princ_component(principal, i)->data = tmpdata;
+ krb5_princ_component(context, principal, i)->data = tmpdata;
}
/*
* time filling in the krb5_principal structure which we just
* allocated.
*/
- q = krb5_princ_component(principal, 0)->data;
+ q = krb5_princ_component(context, principal, 0)->data;
for (i=0,cp = name; c = *cp; cp++) {
if (c == QUOTECHAR) {
cp++;
i++;
*q++ = '\0';
if (c == COMPONENT_SEP)
- q = krb5_princ_component(principal, i)->data;
+ q = krb5_princ_component(context, principal, i)->data;
else
- q = krb5_princ_realm(principal)->data;
+ q = krb5_princ_realm(context, principal)->data;
} else
*q++ = c;
}
*q++ = '\0';
if (!parsed_realm)
- strcpy(krb5_princ_realm(principal)->data, default_realm);
+ strcpy(krb5_princ_realm(context, principal)->data, default_realm);
/*
* Alright, we're done. Now stuff a pointer to this monstrosity
* into the return variable, and let's get out of here.
*/
- krb5_princ_type(principal) = KRB5_NT_PRINCIPAL;
+ krb5_princ_type(context, principal) = KRB5_NT_PRINCIPAL;
*nprincipal = principal;
return(0);
}
* Convert a krb5_principal into the default salt for that principal.
*/
krb5_error_code
-krb5_principal2salt_internal(pr, ret, use_realm)
-register krb5_const_principal pr;
-krb5_data *ret;
-int use_realm;
+krb5_principal2salt_internal(context, pr, ret, use_realm)
+ krb5_context context;
+ register krb5_const_principal pr;
+ krb5_data *ret;
+ int use_realm;
{
int size = 0, offset = 0;
int nelem;
return 0;
}
- nelem = krb5_princ_size(pr);
+ nelem = krb5_princ_size(context, pr);
if (use_realm)
- size += krb5_princ_realm(pr)->length;
+ size += krb5_princ_realm(context, pr)->length;
for (i = 0; i < nelem; i++)
- size += krb5_princ_component(pr, i)->length;
+ size += krb5_princ_component(context, pr, i)->length;
ret->length = size;
if (!(ret->data = malloc (size)))
return ENOMEM;
if (use_realm) {
- offset = krb5_princ_realm(pr)->length;
- memcpy(ret->data, krb5_princ_realm(pr)->data, offset);
+ offset = krb5_princ_realm(context, pr)->length;
+ memcpy(ret->data, krb5_princ_realm(context, pr)->data, offset);
}
for (i = 0; i < nelem; i++) {
- memcpy(&ret->data[offset], krb5_princ_component(pr, i)->data,
- krb5_princ_component(pr, i)->length);
- offset += krb5_princ_component(pr, i)->length;
+ memcpy(&ret->data[offset], krb5_princ_component(context, pr, i)->data,
+ krb5_princ_component(context, pr, i)->length);
+ offset += krb5_princ_component(context, pr, i)->length;
}
return 0;
}
krb5_error_code
-krb5_principal2salt(pr, ret)
-register krb5_const_principal pr;
-krb5_data *ret;
+krb5_principal2salt(context, pr, ret)
+ krb5_context context;
+ register krb5_const_principal pr;
+ krb5_data *ret;
{
- return krb5_principal2salt_internal(pr, ret, 1);
+ return krb5_principal2salt_internal(context, pr, ret, 1);
}
krb5_error_code
-krb5_principal2salt_norealm(pr, ret)
-register krb5_const_principal pr;
-krb5_data *ret;
+krb5_principal2salt_norealm(context, pr, ret)
+ krb5_context context;
+ register krb5_const_principal pr;
+ krb5_data *ret;
{
- return krb5_principal2salt_internal(pr, ret, 0);
+ return krb5_principal2salt_internal(context, pr, ret, 0);
}
* Note: This is a first crack at what any preauthentication will need...
*/
krb5_error_code
-krb5_obtain_padata(type, client, src_addr, encrypt_key, ret_data)
+krb5_obtain_padata(context, type, client, src_addr, encrypt_key, ret_data)
+ krb5_context context;
int type; /*IN: Preauth type */
krb5_principal client; /*IN: requestor */
krb5_address **src_addr; /*IN: array of ptrs to addresses */
if (retval)
goto error_out;
- retval = (*p_system->obtain)( client, src_addr, data );
+ retval = (*p_system->obtain)(context, client, src_addr, data );
if (retval)
goto error_out;
retval = KRB5_PREAUTH_NO_KEY;
goto error_out;
}
- krb5_use_keytype(&eblock, encrypt_key->keytype);
+ krb5_use_keytype(context, &eblock, encrypt_key->keytype);
/* do any necessay key pre-processing */
- retval = krb5_process_key(&eblock, encrypt_key);
+ retval = krb5_process_key(context, &eblock, encrypt_key);
if (retval)
goto error_out;
eblock.crypto_entry) + 4;
if(!(scratch.data = malloc(scratch.length))){
- (void) krb5_finish_key(&eblock);
+ (void) krb5_finish_key(context, &eblock);
retval = ENOMEM;
goto error_out;
}
scratch.data[3] = data->length;
/* Encrypt preauth data in encryption key */
- if (retval = krb5_encrypt((krb5_pointer) data->contents,
+ if (retval = krb5_encrypt(context, (krb5_pointer) data->contents,
(char *) scratch.data + 4,
data->length, &eblock, 0)) {
- (void) krb5_finish_key(&eblock);
+ (void) krb5_finish_key(context, &eblock);
free(scratch.data);
goto error_out;
}
- (void) krb5_finish_key(&eblock);
+ (void) krb5_finish_key(context, &eblock);
free(data->contents);
data->length = scratch.length;
*/
krb5_error_code
-krb5_verify_padata(data,client,src_addr, decrypt_key, req_id, flags)
+krb5_verify_padata(context, data,client,src_addr, decrypt_key, req_id, flags)
+ krb5_context context;
krb5_pa_data *data; /*IN: padata */
krb5_principal client; /*IN: requestor */
krb5_address **src_addr; /*IN: array of ptrs to addresses */
if (!decrypt_key)
return(EINVAL);
- krb5_use_keytype(&eblock, decrypt_key->keytype);
+ krb5_use_keytype(context, &eblock, decrypt_key->keytype);
scratch.length = data->length;
if (!(scratch.data = (char *)malloc(scratch.length))) {
}
/* do any necessay key pre-processing */
- retval = krb5_process_key(&eblock,decrypt_key);
+ retval = krb5_process_key(context, &eblock,decrypt_key);
if (retval) {
free(scratch.data);
return(retval);
}
/* Decrypt data */
- retval = krb5_decrypt((char *) data->contents + 4,
+ retval = krb5_decrypt(context, (char *) data->contents + 4,
(krb5_pointer) scratch.data,
scratch.length - 4, &eblock, 0);
if (retval) {
- (void) krb5_finish_key(&eblock);
+ (void) krb5_finish_key(context, &eblock);
free(scratch.data);
return(retval);
}
scratch.length = data->length;
}
- retval = (*p_system->verify)(client, src_addr, &scratch);
+ retval = (*p_system->verify)(context, client, src_addr, &scratch);
if (free_scratch)
free(scratch.data);
if (retval)
replay detection. */
/* MUST malloc cksum.contents */
cksum.contents = (krb5_octet *)calloc(1,
- krb5_checksum_size(CKSUMTYPE_CRC32));
+ krb5_checksum_size(context, CKSUMTYPE_CRC32));
if (!cksum.contents) return(1);
- if (krb5_calculate_checksum(CKSUMTYPE_CRC32,
+ if (krb5_calculate_checksum(context, CKSUMTYPE_CRC32,
data->contents,
data->length,
0, /* seed is ignored */
int seeded = 0 ; /* Used by srand below */
krb5_error_code
-get_unixtime_padata(client, src_addr, pa_data)
+get_unixtime_padata(context, client, src_addr, pa_data)
+ krb5_context context;
krb5_principal client;
krb5_address **src_addr;
krb5_pa_data *pa_data;
if (!tmp)
return(ENOMEM);
- retval = krb5_timeofday(&kdc_time);
+ retval = krb5_timeofday(context, &kdc_time);
if (retval)
return retval;
if ( !seeded) {
}
krb5_error_code
-verify_unixtime_padata(client, src_addr, data)
+verify_unixtime_padata(context, client, src_addr, data)
+ krb5_context context;
krb5_principal client;
krb5_address **src_addr;
krb5_data *data;
patime += (int) tmp[11] << 8;
patime += tmp[12];
- retval = krb5_timeofday(¤ttime);
+ retval = krb5_timeofday(context, ¤ttime);
if (retval)
return retval;
memset((char *)&sd,0, sizeof (sd));
memset((char *) username, 0, sizeof(username));
- memcpy((char *) username, krb5_princ_component(client,0)->data,
- krb5_princ_component(client,0)->length);
+ memcpy((char *) username, krb5_princ_component(context, client,0)->data,
+ krb5_princ_component(context, client,0)->length);
/* If Instance then Append */
- if (krb5_princ_size(client) > 1 ) {
- if (strncmp(krb5_princ_realm(client)->data,
- krb5_princ_component(client,1)->data,
- krb5_princ_component(client,1)->length) ||
- krb5_princ_realm(client)->length !=
- krb5_princ_component(client,1)->length) {
+ if (krb5_princ_size(context, client) > 1 ) {
+ if (strncmp(krb5_princ_realm(context, client)->data,
+ krb5_princ_component(context, client,1)->data,
+ krb5_princ_component(context, client,1)->length) ||
+ krb5_princ_realm(context, client)->length !=
+ krb5_princ_component(context, client,1)->length) {
strncat(username,"/",1);
- strncat(username,krb5_princ_component(client,1)->data,
- krb5_princ_component(client,1)->length);
+ strncat(username,krb5_princ_component(context, client,1)->data,
+ krb5_princ_component(context, client,1)->length);
}
}
if (retval = sd_check(data->data,username,&sd) != ACM_OK) {
} else {
char *username = 0;
- krb5_unparse_name(client,&username);
+ krb5_unparse_name(context, client,&username);
syslog(LOG_INFO,
"%s Provided Securid but this KDC does not support Securid",
username);
}
#else
krb5_error_code
-verify_securid_padata(client, src_addr, data)
+verify_securid_padata(context, client, src_addr, data)
+ krb5_context context;
krb5_principal client;
krb5_address **src_addr;
krb5_data *data;
{
char *username = 0;
- krb5_unparse_name(client,&username);
+ krb5_unparse_name(context, client,&username);
syslog(LOG_INFO,
"%s Provided Securid but this KDC does not support Securid",
username);
static char *krb5_SecureId_prompt = "\nEnter Your SecurId Access Code Prepended with Your PIN\n (or a \'#\'if Your PIN is entered on the card keypad): ";
krb5_error_code
-get_securid_padata(client,src_addr,pa_data)
+get_securid_padata(context, client,src_addr,pa_data)
+ krb5_context context;
krb5_principal client;
krb5_address **src_addr;
krb5_pa_data *pa_data;
int retval = 0;
tempsize = sizeof(temp) - 1;
- if (krb5_read_password(krb5_SecureId_prompt, 0, temp, &tempsize))
+ if (krb5_read_password(context, krb5_SecureId_prompt, 0, temp, &tempsize))
return(KRB5_PARSE_ILLCHAR);
temp[tempsize] = '\0';
#include <krb5/ext-proto.h>
krb5_boolean
-krb5_realm_compare(princ1, princ2)
-krb5_const_principal princ1;
-krb5_const_principal princ2;
+krb5_realm_compare(context, princ1, princ2)
+ krb5_context context;
+ krb5_const_principal princ1;
+ krb5_const_principal princ2;
{
- if (krb5_princ_realm(princ1)->length != krb5_princ_realm(princ2)->length ||
- memcmp (krb5_princ_realm(princ1)->data, krb5_princ_realm(princ2)->data,
- krb5_princ_realm(princ2)->length))
+ if (krb5_princ_realm(context, princ1)->length !=
+ krb5_princ_realm(context, princ2)->length ||
+ memcmp (krb5_princ_realm(context, princ1)->data,
+ krb5_princ_realm(context, princ2)->data,
+ krb5_princ_realm(context, princ2)->length))
return FALSE;
return TRUE;
}
krb5_boolean
-krb5_principal_compare(princ1, princ2)
-krb5_const_principal princ1;
-krb5_const_principal princ2;
+krb5_principal_compare(context, princ1, princ2)
+ krb5_context context;
+ krb5_const_principal princ1;
+ krb5_const_principal princ2;
{
register int i, nelem;
- nelem = krb5_princ_size(princ1);
- if (nelem != krb5_princ_size(princ2))
+ nelem = krb5_princ_size(context, princ1);
+ if (nelem != krb5_princ_size(context, princ2))
return FALSE;
- if (! krb5_realm_compare(princ1, princ2))
+ if (! krb5_realm_compare(context, princ1, princ2))
return FALSE;
for (i = 0; i < nelem; i++) {
- register const krb5_data *p1 = krb5_princ_component(princ1, i);
- register const krb5_data *p2 = krb5_princ_component(princ2, i);
+ register const krb5_data *p1 = krb5_princ_component(context, princ1, i);
+ register const krb5_data *p2 = krb5_princ_component(context, princ2, i);
if (p1->length != p2->length ||
memcmp(p1->data, p2->data, p1->length))
return FALSE;
/* Decode the KRB-CRED message, and return creds */
krb5_error_code
-krb5_rd_cred(inbuf, key, creds, sender_addr, recv_addr)
-const krb5_data *inbuf;
-const krb5_keyblock *key;
-krb5_creds *creds; /* Filled in */
-const krb5_address *sender_addr; /* optional */
-const krb5_address *recv_addr; /* optional */
+krb5_rd_cred(context, inbuf, key, creds, sender_addr, recv_addr)
+ krb5_context context;
+ const krb5_data *inbuf;
+ const krb5_keyblock *key;
+ krb5_creds *creds; /* Filled in */
+ const krb5_address *sender_addr; /* optional */
+ const krb5_address *recv_addr; /* optional */
{
krb5_error_code retval;
krb5_encrypt_block eblock;
/* put together an eblock for this decryption */
- krb5_use_cstype(&eblock, credmsg->enc_part.etype);
+ krb5_use_cstype(context, &eblock, credmsg->enc_part.etype);
scratch->length = credmsg->enc_part.ciphertext.length;
if (!(scratch->data = malloc(scratch->length))) {
}
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(&eblock, key)) {
+ if (retval = krb5_process_key(context, &eblock, key)) {
cleanup_credmsg();
cleanup_scratch();
return retval;
}
-#define cleanup_prockey() {(void) krb5_finish_key(&eblock);}
+#define cleanup_prockey() {(void) krb5_finish_key(context, &eblock);}
/* call the decryption routine */
- if (retval = krb5_decrypt((krb5_pointer) credmsg->enc_part.ciphertext.data,
+ if (retval = krb5_decrypt(context, (krb5_pointer) credmsg->enc_part.ciphertext.data,
(krb5_pointer) scratch->data,
scratch->length, &eblock,
0)) {
cleanup_credmsg();
- if (retval = krb5_finish_key(&eblock)) {
+ if (retval = krb5_finish_key(context, &eblock)) {
cleanup_scratch();
return retval;
}
#define cleanup_mesg() {(void)krb5_xfree(credmsg_enc_part);}
- if (retval = krb5_timeofday(¤ttime)) {
+ if (retval = krb5_timeofday(context, ¤ttime)) {
cleanup_mesg();
return retval;
}
}
if (sender_addr && credmsg_enc_part->s_address &&
- !krb5_address_compare(sender_addr,
+ !krb5_address_compare(context, sender_addr,
credmsg_enc_part->s_address)) {
cleanup_mesg();
return KRB5KRB_AP_ERR_BADADDR;
}
if (recv_addr && credmsg_enc_part->r_address &&
- !krb5_address_compare(recv_addr,
+ !krb5_address_compare(context, recv_addr,
credmsg_enc_part->r_address)) {
cleanup_mesg();
return KRB5KRB_AP_ERR_BADADDR;
cleanup_mesg();
return retval;
}
- if (!krb5_address_search(credmsg_enc_part->r_address,
+ if (!krb5_address_search(context, credmsg_enc_part->r_address,
our_addrs)) {
- krb5_free_addresses(our_addrs);
+ krb5_free_addresses(context, our_addrs);
cleanup_mesg();
return KRB5KRB_AP_ERR_BADADDR;
}
- krb5_free_addresses(our_addrs);
+ krb5_free_addresses(context, our_addrs);
}
- if (retval = krb5_copy_principal(credmsg_enc_part->ticket_info[0]->client,
+ if (retval = krb5_copy_principal(context, credmsg_enc_part->ticket_info[0]->client,
&creds->client)) {
return(retval);
}
- if (retval = krb5_copy_principal(credmsg_enc_part->ticket_info[0]->server,
+ if (retval = krb5_copy_principal(context, credmsg_enc_part->ticket_info[0]->server,
&creds->server)) {
return(retval);
}
if (retval =
- krb5_copy_keyblock_contents(credmsg_enc_part->ticket_info[0]->session,
+ krb5_copy_keyblock_contents(context, credmsg_enc_part->ticket_info[0]->session,
&creds->keyblock)) {
return(retval);
}
creds->is_skey = FALSE;
creds->ticket_flags = credmsg_enc_part->ticket_info[0]->flags;
- if (retval = krb5_copy_addresses(credmsg_enc_part->ticket_info[0]->caddrs,
+ if (retval = krb5_copy_addresses(context, credmsg_enc_part->ticket_info[0]->caddrs,
&creds->addresses)) {
clean();
return(retval);
*/
krb5_error_code
-krb5_rd_error( enc_errbuf, dec_error)
-const krb5_data *enc_errbuf;
-krb5_error **dec_error;
+krb5_rd_error(context, enc_errbuf, dec_error)
+ krb5_context context;
+ const krb5_data *enc_errbuf;
+ krb5_error **dec_error;
{
if (!krb5_is_krb_error(enc_errbuf))
return KRB5KRB_AP_ERR_MSG_TYPE;
*/
krb5_error_code
-krb5_rd_priv(DECLARG(const krb5_data *, inbuf),
- DECLARG(const krb5_keyblock *, key),
- DECLARG(const krb5_address *, sender_addr),
- DECLARG(const krb5_address *, recv_addr),
- DECLARG(krb5_int32, seq_number),
- DECLARG(krb5_int32, priv_flags),
- DECLARG(krb5_pointer, i_vector),
- DECLARG(krb5_rcache, rcache),
- DECLARG(krb5_data *, outbuf))
-OLDDECLARG(const krb5_data *, inbuf)
-OLDDECLARG(const krb5_keyblock *, key)
-OLDDECLARG(const krb5_address *, sender_addr)
-OLDDECLARG(const krb5_address *, recv_addr)
-OLDDECLARG(krb5_int32, seq_number)
-OLDDECLARG(krb5_int32, priv_flags)
-OLDDECLARG(krb5_pointer, i_vector)
-OLDDECLARG(krb5_rcache, rcache)
-OLDDECLARG(krb5_data *, outbuf)
+krb5_rd_priv(context, inbuf, key, sender_addr, recv_addr, seq_number,
+ priv_flags, i_vector, rcache, outbuf)
+ krb5_context context;
+ const krb5_data * inbuf;
+ const krb5_keyblock * key;
+ const krb5_address * sender_addr;
+ const krb5_address * recv_addr;
+ krb5_int32 seq_number;
+ krb5_int32 priv_flags;
+ krb5_pointer i_vector;
+ krb5_rcache rcache;
+ krb5_data * outbuf;
{
krb5_error_code retval;
krb5_encrypt_block eblock;
/* put together an eblock for this decryption */
- krb5_use_cstype(&eblock, privmsg->enc_part.etype);
+ krb5_use_cstype(context, &eblock, privmsg->enc_part.etype);
scratch.length = privmsg->enc_part.ciphertext.length;
if (!(scratch.data = malloc(scratch.length))) {
#define cleanup_scratch() {(void)memset(scratch.data, 0, scratch.length); (void)krb5_xfree(scratch.data);}
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(&eblock, key)) {
+ if (retval = krb5_process_key(context, &eblock, key)) {
cleanup_privmsg();
cleanup_scratch();
return retval;
}
-#define cleanup_prockey() {(void) krb5_finish_key(&eblock);}
+#define cleanup_prockey() {(void) krb5_finish_key(context, &eblock);}
/* call the decryption routine */
- if (retval = krb5_decrypt((krb5_pointer) privmsg->enc_part.ciphertext.data,
+ if (retval = krb5_decrypt(context, (krb5_pointer) privmsg->enc_part.ciphertext.data,
(krb5_pointer) scratch.data,
scratch.length, &eblock,
i_vector)) {
cleanup_privmsg();
- if (retval = krb5_finish_key(&eblock)) {
+ if (retval = krb5_finish_key(context, &eblock)) {
cleanup_scratch();
return retval;
}
if (!(priv_flags & KRB5_PRIV_NOTIME)) {
krb5_donot_replay replay;
- if (retval = krb5_timeofday(¤ttime)) {
+ if (retval = krb5_timeofday(context, ¤ttime)) {
cleanup_data();
cleanup_mesg();
return retval;
cleanup_mesg();
return KRB5_RC_REQUIRED;
}
- if (retval = krb5_gen_replay_name(sender_addr, "_priv",
+ if (retval = krb5_gen_replay_name(context, sender_addr, "_priv",
&replay.client)) {
cleanup_data();
cleanup_mesg();
replay.server = ""; /* XXX */
replay.cusec = privmsg_enc_part->usec;
replay.ctime = privmsg_enc_part->timestamp;
- if (retval = krb5_rc_store(rcache, &replay)) {
+ if (retval = krb5_rc_store(context, rcache, &replay)) {
krb5_xfree(replay.client);
cleanup_data();
cleanup_mesg();
return KRB5KRB_AP_ERR_BADORDER;
}
- if (!krb5_address_compare(sender_addr, privmsg_enc_part->s_address)) {
+ if (!krb5_address_compare(context, sender_addr, privmsg_enc_part->s_address)) {
cleanup_data();
cleanup_mesg();
return KRB5KRB_AP_ERR_BADADDR;
if (privmsg_enc_part->r_address) {
if (recv_addr) {
- if (!krb5_address_compare(recv_addr,
+ if (!krb5_address_compare(context, recv_addr,
privmsg_enc_part->r_address)) {
cleanup_data();
cleanup_mesg();
cleanup_mesg();
return retval;
}
- if (!krb5_address_search(privmsg_enc_part->r_address, our_addrs)) {
- krb5_free_addresses(our_addrs);
+ if (!krb5_address_search(context, privmsg_enc_part->r_address, our_addrs)) {
+ krb5_free_addresses(context, our_addrs);
cleanup_data();
cleanup_mesg();
return KRB5KRB_AP_ERR_BADADDR;
}
- krb5_free_addresses(our_addrs);
+ krb5_free_addresses(context, our_addrs);
}
}
*/
krb5_error_code
-krb5_rd_rep(inbuf, kblock, repl)
-const krb5_data *inbuf;
-const krb5_keyblock *kblock;
-krb5_ap_rep_enc_part **repl;
+krb5_rd_rep(context, inbuf, kblock, repl)
+ krb5_context context;
+ const krb5_data *inbuf;
+ const krb5_keyblock *kblock;
+ krb5_ap_rep_enc_part **repl;
{
krb5_error_code retval;
krb5_ap_rep *reply;
/* put together an eblock for this encryption */
if (!valid_etype(reply->enc_part.etype)) {
- krb5_free_ap_rep(reply);
+ krb5_free_ap_rep(context, reply);
return KRB5_PROG_ETYPE_NOSUPP;
}
- krb5_use_cstype(&eblock, reply->enc_part.etype);
+ krb5_use_cstype(context, &eblock, reply->enc_part.etype);
scratch.length = reply->enc_part.ciphertext.length;
if (!(scratch.data = malloc(scratch.length))) {
- krb5_free_ap_rep(reply);
+ krb5_free_ap_rep(context, reply);
return(ENOMEM);
}
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(&eblock, kblock)) {
+ if (retval = krb5_process_key(context, &eblock, kblock)) {
errout:
free(scratch.data);
- krb5_free_ap_rep(reply);
+ krb5_free_ap_rep(context, reply);
return(retval);
}
/* call the encryption routine */
- if (retval = krb5_decrypt((krb5_pointer) reply->enc_part.ciphertext.data,
+ if (retval = krb5_decrypt(context, (krb5_pointer) reply->enc_part.ciphertext.data,
(krb5_pointer) scratch.data,
scratch.length, &eblock, 0)) {
- (void) krb5_finish_key(&eblock);
+ (void) krb5_finish_key(context, &eblock);
goto errout;
}
#define clean_scratch() {memset(scratch.data, 0, scratch.length); \
free(scratch.data);}
/* finished with the top-level encoding of the ap_rep */
- krb5_free_ap_rep(reply);
- if (retval = krb5_finish_key(&eblock)) {
+ krb5_free_ap_rep(context, reply);
+ if (retval = krb5_finish_key(context, &eblock)) {
clean_scratch();
return retval;
#include <krb5/narrow.h>
krb5_error_code
-krb5_rd_req(inbuf, server, sender_addr, fetchfrom, keyproc, keyprocarg,
- rcache, authdat)
-const krb5_data *inbuf;
-krb5_const_principal server;
-const krb5_address *sender_addr;
-const char * fetchfrom;
-rdreq_key_proc keyproc;
-krb5_pointer keyprocarg;
-krb5_rcache rcache;
-krb5_tkt_authent **authdat;
+krb5_rd_req(context, inbuf, server, sender_addr, fetchfrom, keyproc,
+ keyprocarg, rcache, authdat)
+ krb5_context context;
+ const krb5_data *inbuf;
+ krb5_const_principal server;
+ const krb5_address *sender_addr;
+ const char * fetchfrom;
+ krb5_rdreq_key_proc keyproc;
+ krb5_pointer keyprocarg;
+ krb5_rcache rcache;
+ krb5_tkt_authent **authdat;
{
krb5_error_code retval;
krb5_ap_req *request;
}
- retval = krb5_rd_req_decoded(request, server, sender_addr, fetchfrom,
- keyproc, keyprocarg, rcache, authdat);
- krb5_free_ap_req(request);
+ retval = krb5_rd_req_decoded(context, request, server, sender_addr,
+ fetchfrom, keyproc, keyprocarg, rcache,
+ authdat);
+ krb5_free_ap_req(context, request);
return retval;
}
#include <krb5/widen.h>
static krb5_error_code decrypt_authenticator
- PROTOTYPE((const krb5_ap_req *, krb5_authenticator **));
+ PROTOTYPE((krb5_context, const krb5_ap_req *, krb5_authenticator **));
typedef krb5_error_code (*rdreq_key_proc)
- PROTOTYPE((krb5_pointer, krb5_principal, krb5_kvno, krb5_keyblock **));
+ PROTOTYPE((krb5_context, krb5_pointer, krb5_principal,
+ krb5_kvno, krb5_keyblock **));
/* and back to normal... */
#include <krb5/narrow.h>
#define in_clock_skew(date) (abs((date)-currenttime) < krb5_clockskew)
krb5_error_code
-krb5_rd_req_decoded(req, server, sender_addr, fetchfrom, keyproc, keyprocarg,
- rcache, authdat)
-const krb5_ap_req *req;
-krb5_const_principal server;
-const krb5_address *sender_addr;
-const char * fetchfrom;
-rdreq_key_proc keyproc;
-krb5_pointer keyprocarg;
-krb5_rcache rcache;
-krb5_tkt_authent **authdat;
+krb5_rd_req_decoded(context, req, server, sender_addr, fetchfrom, keyproc,
+ keyprocarg, rcache, authdat)
+ krb5_context context;
+ const krb5_ap_req *req;
+ krb5_const_principal server;
+ const krb5_address *sender_addr;
+ const char * fetchfrom;
+ rdreq_key_proc keyproc;
+ krb5_pointer keyprocarg;
+ krb5_rcache rcache;
+ krb5_tkt_authent **authdat;
{
krb5_error_code retval = 0;
krb5_keyblock *tkt_key = NULL;
krb5_timestamp currenttime, starttime;
krb5_tkt_authent *tktauthent = NULL;
- if (server && !krb5_principal_compare(server, req->ticket->server))
+ if (server && !krb5_principal_compare(context, server, req->ticket->server))
return KRB5KRB_AP_WRONG_PRINC;
/* if (req->ap_options & AP_OPTS_USE_SESSION_KEY)
/* fetch a server key */
if (keyproc) {
- retval = (*keyproc)(keyprocarg, req->ticket->server,
+ retval = (*keyproc)(context, keyprocarg, req->ticket->server,
req->ticket->enc_part.kvno, &tkt_key);
} else {
krb5_keytab keytabid;
if (fetchfrom) {
/* use the named keytab */
- retval = krb5_kt_resolve(fetchfrom, &keytabid);
+ retval = krb5_kt_resolve(context, fetchfrom, &keytabid);
} else {
/* use default keytab */
- retval = krb5_kt_default(&keytabid);
+ retval = krb5_kt_default(context, &keytabid);
}
if (!retval) {
- retval = krb5_kt_get_entry(keytabid, req->ticket->server,
+ retval = krb5_kt_get_entry(context, keytabid, req->ticket->server,
req->ticket->enc_part.kvno, &ktentry);
- (void) krb5_kt_close(keytabid);
+ (void) krb5_kt_close(context, keytabid);
if (!retval) {
- retval = krb5_copy_keyblock(&ktentry.key, &tkt_key);
- (void) krb5_kt_free_entry(&ktentry);
+ retval = krb5_copy_keyblock(context, &ktentry.key, &tkt_key);
+ (void) krb5_kt_free_entry(context, &ktentry);
}
}
}
return retval; /* some error in getting the key */
/* decrypt the ticket */
- if (retval = krb5_decrypt_tkt_part(tkt_key, req->ticket)) {
- krb5_free_keyblock(tkt_key);
+ if (retval = krb5_decrypt_tkt_part(context, tkt_key, req->ticket)) {
+ krb5_free_keyblock(context, tkt_key);
return(retval);
}
memset((char *)tktauthent, 0, sizeof(*tktauthent));
- if (retval = decrypt_authenticator(req, &tktauthent->authenticator))
+ if (retval = decrypt_authenticator(context, req, &tktauthent->authenticator))
goto cleanup;
*authdat = NULL; /* Set authdat to tktauthent when we finish */
- if (!krb5_principal_compare(tktauthent->authenticator->client,
+ if (!krb5_principal_compare(context, tktauthent->authenticator->client,
req->ticket->enc_part2->client)) {
retval = KRB5KRB_AP_ERR_BADMATCH;
goto cleanup;
}
- if (sender_addr && !krb5_address_search(sender_addr, req->ticket->enc_part2->caddrs)) {
+ if (sender_addr && !krb5_address_search(context, sender_addr, req->ticket->enc_part2->caddrs)) {
retval = KRB5KRB_AP_ERR_BADADDR;
goto cleanup;
}
- if (retval = krb5_timeofday(¤ttime))
+
+ if (retval = krb5_timeofday(context, ¤ttime))
goto cleanup;
if (!in_clock_skew(tktauthent->authenticator->ctime)) {
retval = KRB5KRB_AP_ERR_SKEW;
/* No cross-realm tickets */
{ char *lrealm;
- krb5_data *realm = krb5_princ_realm(req->ticket->enc_part2->client);
+ krb5_data *realm = krb5_princ_realm(context, req->ticket->enc_part2->client);
krb5_transited *trans = &(req->ticket->enc_part2->transited);
/* If the transited list is empty, then we have at most one hop */
/* So we also have to check that the client's realm is the local one */
- krb5_get_default_realm(&lrealm);
+ krb5_get_default_realm(context, &lrealm);
if ((trans->tr_contents.data && trans->tr_contents.data[0]) ||
strlen(lrealm) != realm->length ||
memcmp(lrealm, realm->data, strlen(lrealm))) {
{ int i;
krb5_data lrealm;
- krb5_data *realm = krb5_princ_realm(req->ticket->enc_part2->client);
+ krb5_data *realm = krb5_princ_realm(context, req->ticket->enc_part2->client);
krb5_transited *trans = &(req->ticket->enc_part2->transited);
/* If the transited list is not empty, then check that all realms */
/* and the local realm. */
if (trans->tr_contents.data && trans->tr_contents.data[0]) {
- krb5_get_default_realm(&(lrealm.data));
+ krb5_get_default_realm(context, &(lrealm.data));
lrealm.length = strlen(lrealm.data);
- retval = krb5_check_transited_list(&(trans->tr_contents), realm,
+ retval = krb5_check_transited_list(context, &(trans->tr_contents), realm,
&lrealm);
free(lrealm.data);
}
krb5_donot_replay rep;
tktauthent->ticket = req->ticket; /* Temporary; allocated below */
- retval = krb5_auth_to_rep(tktauthent, &rep);
+ retval = krb5_auth_to_rep(context, tktauthent, &rep);
tktauthent->ticket = 0; /* Don't allow cleanup to free
original ticket. */
if (retval)
goto cleanup;
- retval = krb5_rc_store(rcache, &rep);
+ retval = krb5_rc_store(context, rcache, &rep);
krb5_xfree(rep.server);
krb5_xfree(rep.client);
if (retval)
retval = KRB5KRB_AP_ERR_TKT_INVALID;
goto cleanup;
}
- retval = krb5_copy_ticket(req->ticket, &tktauthent->ticket);
+ retval = krb5_copy_ticket(context, req->ticket, &tktauthent->ticket);
cleanup:
if (tktauthent) {
if (retval) {
- krb5_free_tkt_authent(tktauthent);
+ krb5_free_tkt_authent(context, tktauthent);
} else {
tktauthent->ap_options = req->ap_options;
*authdat = tktauthent;
if (retval && req->ticket->enc_part2) {
/* only free if we're erroring out...otherwise some
applications will need the output. */
- krb5_free_enc_tkt_part(req->ticket->enc_part2);
+ krb5_free_enc_tkt_part(context, req->ticket->enc_part2);
req->ticket->enc_part2 = NULL;
}
if (tkt_key)
- krb5_free_keyblock(tkt_key);
+ krb5_free_keyblock(context, tkt_key);
return retval;
}
static krb5_error_code
-decrypt_authenticator(request, authpp)
-const krb5_ap_req *request;
-krb5_authenticator **authpp;
+decrypt_authenticator(context, request, authpp)
+ krb5_context context;
+ const krb5_ap_req *request;
+ krb5_authenticator **authpp;
{
krb5_authenticator *local_auth;
krb5_error_code retval;
if (!valid_etype(request->authenticator.etype))
return KRB5_PROG_ETYPE_NOSUPP;
- krb5_use_cstype(&eblock, request->authenticator.etype);
+ krb5_use_cstype(context, &eblock, request->authenticator.etype);
scratch.length = request->authenticator.ciphertext.length;
if (!(scratch.data = malloc(scratch.length)))
return(ENOMEM);
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(&eblock, sesskey)) {
+ if (retval = krb5_process_key(context, &eblock, sesskey)) {
free(scratch.data);
return(retval);
}
/* call the encryption routine */
- if (retval = krb5_decrypt((krb5_pointer) request->authenticator.ciphertext.data,
+ if (retval = krb5_decrypt(context, (krb5_pointer) request->authenticator.ciphertext.data,
(krb5_pointer) scratch.data,
scratch.length, &eblock, 0)) {
- (void) krb5_finish_key(&eblock);
+ (void) krb5_finish_key(context, &eblock);
free(scratch.data);
return retval;
}
#define clean_scratch() {memset(scratch.data, 0, scratch.length); \
free(scratch.data);}
- if (retval = krb5_finish_key(&eblock)) {
+ if (retval = krb5_finish_key(context, &eblock)) {
clean_scratch();
return retval;
*/
krb5_error_code
-krb5_rd_req_simple(inbuf, server, sender_addr, authdat)
-const krb5_data *inbuf;
-krb5_const_principal server;
-const krb5_address *sender_addr;
-krb5_tkt_authent **authdat;
+krb5_rd_req_simple(context, inbuf, server, sender_addr, authdat)
+ krb5_context context;
+ const krb5_data *inbuf;
+ krb5_const_principal server;
+ const krb5_address *sender_addr;
+ krb5_tkt_authent **authdat;
{
krb5_error_code retval;
krb5_rcache rcache = 0;
if (server) {
- retval = krb5_get_server_rcache(krb5_princ_component(server, 0),
+ retval = krb5_get_server_rcache(context,
+ krb5_princ_component(context, server, 0),
&rcache);
if (retval)
goto cleanup;
}
- retval = krb5_rd_req(inbuf, server, sender_addr, 0, 0, 0,
+ retval = krb5_rd_req(context, inbuf, server, sender_addr, 0, 0, 0,
rcache, authdat);
cleanup:
if (rcache)
- krb5_rc_close(rcache);
+ krb5_rc_close(context, rcache);
return retval;
}
returns system errors, integrity errors
*/
krb5_error_code
-krb5_rd_safe(inbuf, key, sender_addr, recv_addr, seq_number, safe_flags,
- rcache, outbuf)
-const krb5_data *inbuf;
-const krb5_keyblock *key;
-const krb5_address *sender_addr;
-const krb5_address *recv_addr;
-krb5_int32 seq_number;
-krb5_int32 safe_flags;
-krb5_rcache rcache;
-krb5_data *outbuf;
+krb5_rd_safe(context, inbuf, key, sender_addr, recv_addr, seq_number,
+ safe_flags, rcache, outbuf)
+ krb5_context context;
+ const krb5_data *inbuf;
+ const krb5_keyblock *key;
+ const krb5_address *sender_addr;
+ const krb5_address *recv_addr;
+ krb5_int32 seq_number;
+ krb5_int32 safe_flags;
+ krb5_rcache rcache;
+ krb5_data *outbuf;
{
krb5_error_code retval;
krb5_safe *message;
if (retval = decode_krb5_safe(inbuf, &message))
return retval;
-#define cleanup() krb5_free_safe(message)
+#define cleanup() krb5_free_safe(context, message)
if (!valid_cksumtype(message->checksum->checksum_type)) {
cleanup();
if (!(safe_flags & KRB5_SAFE_NOTIME)) {
krb5_donot_replay replay;
- if (retval = krb5_timeofday(¤ttime)) {
+ if (retval = krb5_timeofday(context, ¤ttime)) {
cleanup();
return retval;
}
cleanup();
return KRB5_RC_REQUIRED;
}
- if (retval = krb5_gen_replay_name(sender_addr, "_safe",
+ if (retval = krb5_gen_replay_name(context, sender_addr, "_safe",
&replay.client)) {
cleanup();
return retval;
replay.server = ""; /* XXX */
replay.cusec = message->usec;
replay.ctime = message->timestamp;
- if (retval = krb5_rc_store(rcache, &replay)) {
+ if (retval = krb5_rc_store(context, rcache, &replay)) {
krb5_xfree(replay.client);
cleanup();
return retval;
return KRB5KRB_AP_ERR_BADORDER;
}
- if (!krb5_address_compare(sender_addr, message->s_address)) {
+ if (!krb5_address_compare(context, sender_addr, message->s_address)) {
cleanup();
return KRB5KRB_AP_ERR_BADADDR;
}
if (message->r_address) {
if (recv_addr) {
- if (!krb5_address_compare(recv_addr, message->r_address)) {
+ if (!krb5_address_compare(context, recv_addr, message->r_address)) {
cleanup();
return KRB5KRB_AP_ERR_BADADDR;
}
} else {
krb5_address **our_addrs;
- if (retval = krb5_os_localaddr(&our_addrs)) {
+ if (retval = krb5_os_localaddr( &our_addrs)) {
cleanup();
return retval;
}
- if (!krb5_address_search(message->r_address, our_addrs)) {
- krb5_free_addresses(our_addrs);
+ if (!krb5_address_search(context, message->r_address, our_addrs)) {
+ krb5_free_addresses(context, our_addrs);
cleanup();
return KRB5KRB_AP_ERR_BADADDR;
}
- krb5_free_addresses(our_addrs);
+ krb5_free_addresses(context, our_addrs);
}
}
message->checksum = his_cksum;
if (!(our_cksum.contents = (krb5_octet *)
- malloc(krb5_checksum_size(his_cksum->checksum_type)))) {
+ malloc(krb5_checksum_size(context, his_cksum->checksum_type)))) {
cleanup();
return ENOMEM;
}
#undef cleanup
-#define cleanup() {krb5_free_safe(message); krb5_xfree(our_cksum.contents);}
+#define cleanup() {krb5_free_safe(context, message); krb5_xfree(our_cksum.contents);}
- retval = krb5_calculate_checksum(his_cksum->checksum_type,
+ retval = krb5_calculate_checksum(context, his_cksum->checksum_type,
scratch->data, scratch->length,
(krb5_pointer) key->contents,
key->length, &our_cksum);
(void) memset((char *)scratch->data, 0, scratch->length);
- krb5_free_data(scratch);
+ krb5_free_data(context, scratch);
if (retval) {
cleanup();
krb5_xfree(our_cksum.contents);
if (message->s_address)
- krb5_free_address(message->s_address);
+ krb5_free_address(context, message->s_address);
if (message->r_address)
- krb5_free_address(message->r_address);
- krb5_free_checksum(his_cksum);
+ krb5_free_address(context, message->r_address);
+ krb5_free_checksum(context, his_cksum);
krb5_xfree(message);
return 0;
static char *sendauth_version = "KRB5_SENDAUTH_V1.0";
krb5_error_code
-krb5_recvauth(/* IN */
+krb5_recvauth(context,
+ /* IN */
fd, appl_version, server, sender_addr, fetch_from,
keyproc, keyprocarg, rc_type, flags,
/* OUT */
seq_number, client, ticket, authent)
+ krb5_context context;
krb5_pointer fd;
char *appl_version;
krb5_principal server;
/*
* First read the sendauth version string and check it.
*/
- if (retval = krb5_read_message(fd, &inbuf))
+ if (retval = krb5_read_message(context, fd, &inbuf))
return(retval);
if (strcmp(inbuf.data, sendauth_version)) {
krb5_xfree(inbuf.data);
/*
* Do the same thing for the application version string.
*/
- if (retval = krb5_read_message(fd, &inbuf))
+ if (retval = krb5_read_message(context, fd, &inbuf))
return(retval);
if (strcmp(inbuf.data, appl_version)) {
krb5_xfree(inbuf.data);
* Now we actually write the response. If the response is non-zero,
* exit with a return value of problem
*/
- if ((krb5_net_write(*((int *) fd), (char *)&response, 1)) < 0) {
+ if ((krb5_net_write(context, *((int *) fd), (char *)&response, 1)) < 0) {
return(problem); /* We'll return the top-level problem */
}
if (problem)
if (!(rcache = (krb5_rcache) malloc(sizeof(*rcache))))
problem = ENOMEM;
if (!problem)
- problem = krb5_rc_resolve_type(&rcache,
+ problem = krb5_rc_resolve_type(context, &rcache,
rc_type ? rc_type : "dfl");
cachename = NULL;
if (server) {
- server_name = krb5_princ_component(server, 0);
+ server_name = krb5_princ_component(context, server, 0);
} else {
null_server.data = "default";
null_server.length = 7;
strcpy(cachename, rc_base ? rc_base : "rc_");
strncat(cachename, server_name->data, server_name->length);
cachename[server_name->length+strlen(rc_base)] = '\0';
- problem = krb5_rc_resolve(rcache, cachename);
+ problem = krb5_rc_resolve(context, rcache, cachename);
}
if (!problem) {
- if (krb5_rc_recover(rcache))
+ if (krb5_rc_recover(context, rcache))
/*
* If the rc_recover didn't work, then try
* initializing the replay cache.
*/
- problem = krb5_rc_initialize(rcache, krb5_clockskew);
+ problem = krb5_rc_initialize(context, rcache, krb5_clockskew);
if (problem) {
- krb5_rc_close(rcache);
+ krb5_rc_close(context, rcache);
rcache = NULL;
}
}
/*
* Now, let's read the AP_REQ message and decode it
*/
- if (retval = krb5_read_message(fd, &inbuf)) {
- (void) krb5_rc_close(rcache);
+ if (retval = krb5_read_message(context, fd, &inbuf)) {
+ (void) krb5_rc_close(context, rcache);
if (cachename)
free(cachename);
return(retval);
authdat = 0; /* so we can tell if we need to
free it later... */
if (!problem)
- problem = krb5_rd_req(&inbuf, server, sender_addr, fetch_from,
+ problem = krb5_rd_req(context, &inbuf, server, sender_addr, fetch_from,
keyproc, keyprocarg, rcache, &authdat);
krb5_xfree(inbuf.data);
if (rcache)
- retval = krb5_rc_close(rcache);
+ retval = krb5_rc_close(context, rcache);
if (!problem && retval)
problem = retval;
if (cachename)
const char *message;
memset((char *)&error, 0, sizeof(error));
- krb5_us_timeofday(&error.stime, &error.susec);
+ krb5_us_timeofday(context, &error.stime, &error.susec);
error.server = server;
error.error = problem - ERROR_TABLE_BASE_krb5;
if (error.error > 127)
if (!(error.text.data = malloc(error.text.length)))
return(ENOMEM);
strcpy(error.text.data, message);
- if (retval = krb5_mk_error(&error, &outbuf)) {
+ if (retval = krb5_mk_error(context, &error, &outbuf)) {
free(error.text.data);
return(retval);
}
outbuf.length = 0;
outbuf.data = 0;
}
- if (retval = krb5_write_message(fd, &outbuf)) {
+ if (retval = krb5_write_message(context, fd, &outbuf)) {
if (outbuf.data)
krb5_xfree(outbuf.data);
if (!problem)
- krb5_free_tkt_authent(authdat);
+ krb5_free_tkt_authent(context, authdat);
return(retval);
}
if (problem) {
/*
* We sent back an error, we need to return
*/
- if (authdat) krb5_free_tkt_authent(authdat);
+ if (authdat) krb5_free_tkt_authent(context, authdat);
return(problem);
}
/*
* Generate a random sequence number
*/
if (seq_number &&
- (retval = krb5_generate_seq_number(authdat->ticket->enc_part2->session,
- seq_number))) {
- krb5_free_tkt_authent(authdat);
+ (retval = krb5_generate_seq_number(context,
+ authdat->ticket->enc_part2->session, seq_number))) {
+ krb5_free_tkt_authent(context, authdat);
return(retval);
}
else
repl.seq_number = 0;
- if (retval = krb5_mk_rep(&repl,
+ if (retval = krb5_mk_rep(context, &repl,
authdat->ticket->enc_part2->session,
&outbuf)) {
- krb5_free_tkt_authent(authdat);
+ krb5_free_tkt_authent(context, authdat);
return(retval);
}
- if (retval = krb5_write_message(fd, &outbuf)) {
+ if (retval = krb5_write_message(context, fd, &outbuf)) {
krb5_xfree(outbuf.data);
- krb5_free_tkt_authent(authdat);
+ krb5_free_tkt_authent(context, authdat);
return(retval);
}
krb5_xfree(outbuf.data);
*/
if (client)
if (retval =
- krb5_copy_principal(authdat->ticket->enc_part2->client,
+ krb5_copy_principal(context, authdat->ticket->enc_part2->client,
client)) {
- krb5_free_tkt_authent(authdat);
+ krb5_free_tkt_authent(context, authdat);
return(retval);
}
/*
if (ticket)
*ticket = authdat->ticket;
else
- krb5_free_ticket(authdat->ticket);
+ krb5_free_ticket(context, authdat->ticket);
if (authent)
*authent = authdat->authenticator;
else
- krb5_free_authenticator(authdat->authenticator);
+ krb5_free_authenticator(context, authdat->authenticator);
krb5_xfree(authdat);
return 0;
}
returns system errors
*/
krb5_error_code
-krb5_send_tgs(DECLARG(const krb5_flags, kdcoptions),
- DECLARG(const krb5_ticket_times *,timestruct),
- DECLARG(const krb5_enctype, etype),
- DECLARG(const krb5_cksumtype, sumtype),
- DECLARG(krb5_const_principal, sname),
- DECLARG(krb5_address * const *, addrs),
- DECLARG(krb5_authdata * const *,authorization_data),
- DECLARG(krb5_pa_data * const *, padata),
- DECLARG(const krb5_data *,second_ticket),
- DECLARG(krb5_creds *,usecred),
- DECLARG(krb5_response *,rep))
-OLDDECLARG(const krb5_flags, kdcoptions)
-OLDDECLARG(const krb5_ticket_times *,timestruct)
-OLDDECLARG(const krb5_enctype, etype)
-OLDDECLARG(const krb5_cksumtype, sumtype)
-OLDDECLARG(krb5_const_principal, sname)
-OLDDECLARG(krb5_address * const *, addrs)
-OLDDECLARG(krb5_authdata * const *,authorization_data)
-OLDDECLARG(krb5_pa_data * const *, padata)
-OLDDECLARG(const krb5_data *,second_ticket)
-OLDDECLARG(krb5_creds *,usecred)
-OLDDECLARG(krb5_response *,rep)
+krb5_send_tgs(context, kdcoptions, timestruct, etype, sumtype, sname, addrs,
+ authorization_data, padata, second_ticket, usecred, rep)
+ krb5_context context;
+ const krb5_flags kdcoptions;
+ const krb5_ticket_times * timestruct;
+ const krb5_enctype etype;
+ const krb5_cksumtype sumtype;
+ krb5_const_principal sname;
+ krb5_address * const * addrs;
+ krb5_authdata * const * authorization_data;
+ krb5_pa_data * const * padata;
+ const krb5_data * second_ticket;
+ krb5_creds * usecred;
+ krb5_response * rep;
{
krb5_error_code retval;
krb5_kdc_req tgsreq;
tgsreq.from = timestruct->starttime;
tgsreq.till = timestruct->endtime;
tgsreq.rtime = timestruct->renew_till;
- if (retval = krb5_timeofday(&time_now))
+ if (retval = krb5_timeofday(context, &time_now))
return(retval);
/* XXX we know they are the same size... */
tgsreq.nonce = (krb5_int32) time_now;
if (retval = encode_krb5_authdata(authorization_data, &scratch))
return(retval);
- krb5_use_cstype(&eblock, etype);
+ krb5_use_cstype(context, &eblock, etype);
tgsreq.authorization_data.etype = etype;
tgsreq.authorization_data.kvno = 0; /* ticket session key has */
/* no version */
tgsreq.authorization_data.ciphertext.length =
- krb5_encrypt_size(scratch->length,
- eblock.crypto_entry);
+ krb5_encrypt_size(scratch->length, eblock.crypto_entry);
/* add padding area, and zero it */
if (!(scratch->data = realloc(scratch->data,
tgsreq.authorization_data.ciphertext.length))) {
tgsreq.authorization_data.ciphertext.length - scratch->length);
if (!(tgsreq.authorization_data.ciphertext.data =
malloc(tgsreq.authorization_data.ciphertext.length))) {
- krb5_free_data(scratch);
+ krb5_free_data(context, scratch);
return ENOMEM;
}
- if (retval = krb5_process_key(&eblock, &usecred->keyblock)) {
- krb5_free_data(scratch);
+ if (retval = krb5_process_key(context, &eblock, &usecred->keyblock)) {
+ krb5_free_data(context, scratch);
return retval;
}
/* call the encryption routine */
- if (retval = krb5_encrypt((krb5_pointer) scratch->data,
+ if (retval = krb5_encrypt(context, (krb5_pointer) scratch->data,
(krb5_pointer) tgsreq.authorization_data.ciphertext.data,
scratch->length, &eblock, 0)) {
- (void) krb5_finish_key(&eblock);
+ (void) krb5_finish_key(context, &eblock);
krb5_xfree(tgsreq.authorization_data.ciphertext.data);
- krb5_free_data(scratch);
+ krb5_free_data(context, scratch);
return retval;
}
- krb5_free_data(scratch);
- if (retval = krb5_finish_key(&eblock)) {
+ krb5_free_data(context, scratch);
+ if (retval = krb5_finish_key(context, &eblock)) {
krb5_xfree(tgsreq.authorization_data.ciphertext.data);
return retval;
}
retval = encode_krb5_kdc_req_body(&tgsreq, &scratch);
if (retval) {
if (sec_ticket)
- krb5_free_ticket(sec_ticket);
+ krb5_free_ticket(context, sec_ticket);
cleanup_authdata();
return(retval);
}
if (!(ap_checksum.contents = (krb5_octet *)
- malloc(krb5_checksum_size(sumtype)))) {
+ malloc(krb5_checksum_size(context, sumtype)))) {
if (sec_ticket)
- krb5_free_ticket(sec_ticket);
- krb5_free_data(scratch);
+ krb5_free_ticket(context, sec_ticket);
+ krb5_free_data(context, scratch);
cleanup_authdata();
return ENOMEM;
}
- if (retval = krb5_calculate_checksum(sumtype,
+ if (retval = krb5_calculate_checksum(context, sumtype,
scratch->data,
scratch->length,
(krb5_pointer) usecred->keyblock.contents,
usecred->keyblock.length,
&ap_checksum)) {
if (sec_ticket)
- krb5_free_ticket(sec_ticket);
+ krb5_free_ticket(context, sec_ticket);
krb5_xfree(ap_checksum.contents);
- krb5_free_data(scratch);
+ krb5_free_data(context, scratch);
cleanup_authdata();
return retval;
}
/* done with body */
- krb5_free_data(scratch);
+ krb5_free_data(context, scratch);
#define cleanup() {krb5_xfree(ap_checksum.contents);\
- if (sec_ticket) krb5_free_ticket(sec_ticket);}
+ if (sec_ticket) krb5_free_ticket(context, sec_ticket);}
/* attach ap_req to the tgsreq */
/*
* Get an ap_req.
*/
- if (retval = krb5_mk_req_extended (0L /* no ap options */,
+ if (retval = krb5_mk_req_extended (context,
+ 0L /* no ap options */,
&ap_checksum,
0L, /* don't need kdc_options for this */
0, /* no initial sequence */
return(retval);
}
if (sec_ticket)
- krb5_free_ticket(sec_ticket);
+ krb5_free_ticket(context, sec_ticket);
cleanup_authdata();
krb5_xfree(combined_padata);
krb5_xfree(ap_req_padata.contents);
#define cleanup() {krb5_xfree(ap_checksum.contents);}
/* now send request & get response from KDC */
- retval = krb5_sendto_kdc(scratch, krb5_princ_realm(sname),
+ retval = krb5_sendto_kdc(context, scratch,
+ krb5_princ_realm(context, sname),
&rep->response);
- krb5_free_data(scratch);
+ krb5_free_data(context, scratch);
cleanup();
if (retval) {
return retval;
static char *sendauth_version = "KRB5_SENDAUTH_V1.0";
krb5_error_code
-krb5_sendauth(/* IN */
+krb5_sendauth(context,
+ /* IN */
fd, appl_version, client, server, ap_req_options,
checksump,
/* IN/OUT */
/* OUT */
sequence, newkey,
error, rep_result)
+ krb5_context context;
krb5_pointer fd;
char *appl_version;
krb5_principal client;
*/
outbuf.length = strlen(sendauth_version) + 1;
outbuf.data = sendauth_version;
- if (retval = krb5_write_message(fd, &outbuf))
+ if (retval = krb5_write_message(context, fd, &outbuf))
return(retval);
outbuf.length = strlen(appl_version) + 1;
outbuf.data = appl_version;
- if (retval = krb5_write_message(fd, &outbuf))
+ if (retval = krb5_write_message(context, fd, &outbuf))
return(retval);
/*
* Now, read back a byte: 0 means no error, 1 means bad sendauth
* version, 2 means bad application version
*/
- if ((len = krb5_net_read(*((int *) fd), (char *)&result, 1)) != 1)
+ if ((len = krb5_net_read(context, *((int *) fd), (char *)&result, 1)) != 1)
return((len < 0) ? errno : ECONNABORTED);
if (result == 1)
return(KRB5_SENDAUTH_BADAUTHVERS);
if (!credsp || !credsp->ticket.length) {
if (ccache)
use_ccache = ccache;
- else if (retval = krb5_cc_default(&use_ccache))
+ else if (retval = krb5_cc_default(context, &use_ccache))
goto error_return;
}
if (!credsp) {
- if (retval = krb5_copy_principal(server, &creds.server))
+ if (retval = krb5_copy_principal(context, server, &creds.server))
goto error_return;
if (client)
- retval = krb5_copy_principal(client, &creds.client);
+ retval = krb5_copy_principal(context, client, &creds.client);
else
- retval = krb5_cc_get_principal(use_ccache,
+ retval = krb5_cc_get_principal(context, use_ccache,
&creds.client);
if (retval) {
- krb5_free_principal(creds.server);
+ krb5_free_principal(context, creds.server);
goto error_return;
}
/* creds.times.endtime = 0; -- memset 0 takes care of this
credsp = &creds;
}
if (!credsp->ticket.length) {
- if (retval = krb5_get_credentials(kdc_options,
+ if (retval = krb5_get_credentials(context, kdc_options,
use_ccache,
credsp))
goto error_return;
* Generate a random sequence number
*/
if (sequence &&
- (retval = krb5_generate_seq_number(&credsp->keyblock, sequence)))
+ (retval = krb5_generate_seq_number(context, &credsp->keyblock, sequence)))
goto error_return;
/*
* OK, get the authentication header!
*/
- if (retval = krb5_mk_req_extended(ap_req_options, checksump,
+ if (retval = krb5_mk_req_extended(context, ap_req_options, checksump,
kdc_options,
sequence ? *sequence : 0, newkey,
use_ccache, credsp, &authent,
* First write the length of the AP_REQ message, then write
* the message itself.
*/
- retval = krb5_write_message(fd, &outbuf);
+ retval = krb5_write_message(context, fd, &outbuf);
free(outbuf.data);
if (retval)
goto error_return;
* authentication was rejected, and we need to return the
* error structure.
*/
- if (retval = krb5_read_message(fd, &inbuf))
+ if (retval = krb5_read_message(context, fd, &inbuf))
goto error_return;
if (inbuf.length) {
if (error) {
- if (retval = krb5_rd_error(&inbuf, error)) {
+ if (retval = krb5_rd_error(context, &inbuf, error)) {
krb5_xfree(inbuf.data);
goto error_return;
}
if ((ap_req_options & AP_OPTS_MUTUAL_REQUIRED)) {
krb5_ap_rep_enc_part *repl = 0;
- if (retval = krb5_read_message(fd, &inbuf))
+ if (retval = krb5_read_message(context, fd, &inbuf))
goto error_return;
- retval = krb5_rd_rep(&inbuf, &credsp->keyblock, &repl);
+ retval = krb5_rd_rep(context, &inbuf, &credsp->keyblock, &repl);
krb5_xfree(inbuf.data);
if (retval || ((repl->ctime != authent.ctime) ||
(repl->cusec != authent.cusec)))
retval = KRB5_SENDAUTH_MUTUAL_FAILED;
if (retval) {
if (repl)
- krb5_free_ap_rep_enc_part(repl);
+ krb5_free_ap_rep_enc_part(context, repl);
goto error_return;
}
/*
if (rep_result)
*rep_result = repl;
else
- krb5_free_ap_rep_enc_part(repl);
+ krb5_free_ap_rep_enc_part(context, repl);
}
retval = 0; /* Normal return */
error_return:
if (!ccache && use_ccache)
- krb5_cc_close(use_ccache);
- krb5_free_cred_contents(&creds);
- krb5_free_authenticator_contents(&authent);
+ krb5_cc_close(context, use_ccache);
+ krb5_free_cred_contents(context, &creds);
+ krb5_free_authenticator_contents(context, &authent);
return(retval);
}
#include <stdio.h>
krb5_error_code
-krb5_get_server_rcache(piece, rcptr)
-const krb5_data *piece;
-krb5_rcache *rcptr;
+krb5_get_server_rcache(context, piece, rcptr)
+ krb5_context context;
+ const krb5_data *piece;
+ krb5_rcache *rcptr;
{
krb5_rcache rcache = 0;
char *cachename = 0;
if (!rcache)
return ENOMEM;
- retval = krb5_rc_resolve_type(&rcache, "dfl");
+ retval = krb5_rc_resolve_type(context, &rcache, "dfl");
if (retval) goto cleanup;
len = piece->length + 3 + 1;
}
cachename[p++] = '\0';
- if (retval = krb5_rc_resolve(rcache, cachename))
+ if (retval = krb5_rc_resolve(context, rcache, cachename))
goto cleanup;
/*
* First try to recover the replay cache; if that doesn't work,
* initialize it.
*/
- if (krb5_rc_recover(rcache)) {
- if (retval = krb5_rc_initialize(rcache, krb5_clockskew)) {
- krb5_rc_close(rcache);
+ if (krb5_rc_recover(context, rcache)) {
+ if (retval = krb5_rc_initialize(context, rcache, krb5_clockskew)) {
+ krb5_rc_close(context, rcache);
rcache = 0;
goto cleanup;
}
char *name;
krb5_error_code retval;
- krb5_init_ets();
+ krb5_init_ets(context);
if (argc < 3 && argc > 4) {
fprintf(stderr,
if (argc == 4)
realm_branch_char = argv[3][0];
- retval = krb5_walk_realm_tree(&client, &server, &tree,
+ retval = krb5_walk_realm_tree(context, &client, &server, &tree,
realm_branch_char);
if (retval) {
com_err("krb5_walk_realm_tree", retval, "");
}
for (p = tree; *p; p++) {
- retval = krb5_unparse_name(*p, &name);
+ retval = krb5_unparse_name(context, *p, &name);
if (retval) {
com_err("krb5_unprase_name", retval, "");
exit(2);
free(name);
}
- krb5_free_realm_tree(tree);
+ krb5_free_realm_tree(context, tree);
exit(0);
}
/* This is an internal-only function, used by krb5_get_cred_from_kdc() */
krb5_error_code
-krb5_tgtname(server, client, tgtprinc)
-const krb5_data *server, *client;
-krb5_principal *tgtprinc;
+krb5_tgtname(context, server, client, tgtprinc)
+ krb5_context context;
+ const krb5_data *server, *client;
+ krb5_principal *tgtprinc;
{
- return krb5_build_principal_ext(tgtprinc, client->length, client->data,
+ return krb5_build_principal_ext(context, tgtprinc, client->length, client->data,
KRB5_TGS_NAME_SIZE, KRB5_TGS_NAME,
server->length, server->data,
0);
#define COMPONENT_SEP '/'
krb5_error_code
-krb5_unparse_name_ext(principal, name, size)
-krb5_const_principal principal;
-register char **name;
-int *size;
+krb5_unparse_name_ext(context, principal, name, size)
+ krb5_context context;
+ krb5_const_principal principal;
+ register char **name;
+ int *size;
{
register char *cp, *q;
register int i,j;
int length, nelem;
register int totalsize = 0;
- cp = krb5_princ_realm(principal)->data;
- length = krb5_princ_realm(principal)->length;
+ cp = krb5_princ_realm(context, principal)->data;
+ length = krb5_princ_realm(context, principal)->length;
totalsize += length;
for (j = 0; j < length; j++,cp++)
if (*cp == REALM_SEP || *cp == COMPONENT_SEP ||
totalsize++;
totalsize++; /* This is for the separator */
- nelem = krb5_princ_size(principal);
+ nelem = krb5_princ_size(context, principal);
for (i = 0; i < nelem; i++) {
- cp = krb5_princ_component(principal, i)->data;
- length = krb5_princ_component(principal, i)->length;
+ cp = krb5_princ_component(context, principal, i)->data;
+ length = krb5_princ_component(context, principal, i)->length;
totalsize += length;
for (j=0; j < length; j++,cp++)
if (*cp == REALM_SEP || *cp == COMPONENT_SEP ||
q = *name;
for (i = 0; i < nelem; i++) {
- cp = krb5_princ_component(principal, i)->data;
- length = krb5_princ_component(principal, i)->length;
+ cp = krb5_princ_component(context, principal, i)->data;
+ length = krb5_princ_component(context, principal, i)->length;
for (j=0; j < length; j++,cp++) {
switch (*cp) {
case COMPONENT_SEP:
q--; /* Back up last component separator */
*q++ = REALM_SEP;
- cp = krb5_princ_realm(principal)->data;
- length = krb5_princ_realm(principal)->length;
+ cp = krb5_princ_realm(context, principal)->data;
+ length = krb5_princ_realm(context, principal)->length;
for (j=0; j < length; j++,cp++) {
switch (*cp) {
case COMPONENT_SEP:
}
krb5_error_code
-krb5_unparse_name(principal, name)
-krb5_const_principal principal;
-register char **name;
+krb5_unparse_name(context, principal, name)
+ krb5_context context;
+ krb5_const_principal principal;
+ register char **name;
{
*name = NULL;
- return(krb5_unparse_name_ext(principal, name, NULL));
+ return(krb5_unparse_name_ext(context, principal, name, NULL));
}
#endif
krb5_error_code
-#ifdef NARROW_PROTOTYPES
-krb5_walk_realm_tree(const krb5_data *client, const krb5_data *server,
- krb5_principal **tree, char realm_branch_char)
-#else
-krb5_walk_realm_tree(client, server, tree, realm_branch_char)
-const krb5_data *client, *server;
-krb5_principal **tree;
-char realm_branch_char;
-#endif
+krb5_walk_realm_tree(context, client, server, tree, realm_branch_char)
+ krb5_context context;
+ const krb5_data *client, *server;
+ krb5_principal **tree;
{
krb5_error_code retval;
krb5_principal *rettree;
return ENOMEM;
}
i = 1;
- if (retval = krb5_tgtname(client,
+ if (retval = krb5_tgtname(context, client,
client, &rettree[0])) {
krb5_xfree(rettree);
return retval;
tmpsrealm.data = ccp;
tmpsrealm.length = client->length -
(ccp - client->data);
- if (retval = krb5_tgtname(&tmpsrealm, &tmpcrealm, &rettree[i])) {
+ if (retval = krb5_tgtname(context, &tmpsrealm, &tmpcrealm, &rettree[i])) {
while (i) {
- krb5_free_principal(rettree[i-1]);
+ krb5_free_principal(context, rettree[i-1]);
i--;
}
krb5_xfree(rettree);
tmpsrealm.data = com_sdot + 1;
tmpsrealm.length = server->length -
(com_sdot + 1 - server->data);
- if (retval = krb5_tgtname(&tmpsrealm, &tmpcrealm, &rettree[i])) {
+ if (retval = krb5_tgtname(context, &tmpsrealm, &tmpcrealm, &rettree[i])) {
while (i) {
- krb5_free_principal(rettree[i-1]);
+ krb5_free_principal(context, rettree[i-1]);
i--;
}
krb5_xfree(rettree);
tmpsrealm.data = scp + 1;
tmpsrealm.length = server->length -
(scp + 1 - server->data);
- if (retval = krb5_tgtname(&tmpsrealm, &tmpcrealm, &rettree[i])) {
+ if (retval = krb5_tgtname(context, &tmpsrealm, &tmpcrealm, &rettree[i])) {
while (i) {
- krb5_free_principal(rettree[i-1]);
+ krb5_free_principal(context, rettree[i-1]);
i--;
}
krb5_xfree(rettree);
tmpcrealm.data = prevscp;
tmpcrealm.length = server->length -
(prevscp - server->data);
- if (retval = krb5_tgtname(server, &tmpcrealm,
+ if (retval = krb5_tgtname(context, server, &tmpcrealm,
&rettree[i])) {
while (i) {
- krb5_free_principal(rettree[i-1]);
+ krb5_free_principal(context, rettree[i-1]);
i--;
}
krb5_xfree(rettree);
projects / krb5.git / commitdiff