int err;
//make sure the API has been intialized
- if (gCntrlBlock == NULL) cc_initialize(&gCntrlBlock, CC_API_VER_1, NULL, NULL);
+ if (gCntrlBlock == NULL) {
+ err = cc_initialize(&gCntrlBlock, CC_API_VER_1, NULL, NULL);
+ if (err != CC_NOERROR) return err;
+ }
//allocate the cache structure
newCache = (krb5_ccache) malloc(sizeof(struct _krb5_ccache));
int err,pos;
char *cName;
- if (gCntrlBlock == NULL) cc_initialize(&gCntrlBlock, CC_API_VER_1, NULL, NULL);
-
+ //make sure the API has been intialized
+ if (gCntrlBlock == NULL) {
+ err = cc_initialize(&gCntrlBlock, CC_API_VER_1, NULL, NULL);
+ if (err != CC_NOERROR) return err;
+ }
+
newCache = (krb5_ccache) malloc(sizeof(struct _krb5_ccache));
if (newCache == NULL) return KRB5_CC_NOMEM;
{
- int err,err1, found;
- char cName[kStringLiteralLen];
- ccache_p *testNC;
+ int err, err1, found;
+ //char cName[kStringLiteralLen];
+ char *cName = nil;
+ ccache_p *testNC = NULL;
ccache_it *it;
- char *p, *targetName;
+ char *p = NULL, *targetName = NULL;
//test id for null
if (id == NULL) return KRB5_CC_NOMEM;
if (gCntrlBlock == NULL)
return CC_NO_EXIST;
- //create a principal name for the named cache
- sprintf(cName, "%s@%s", krb5_princ_name(context, princ)->data, krb5_princ_realm(context, princ)->data);
+ //create a principal name for the named cache
+ err = krb5_unparse_name(context, princ, &cName);
+ if (err)
+ return(err);
+
+ //sprintf(cName, "%s@%s", krb5_princ_name(context, princ)->data, krb5_princ_realm(context, princ)->data);
//look for a cache already extant for this principal
it = NULL;
cc_get_name(gCntrlBlock, testNC, &targetName);
}
cc_free_principal(gCntrlBlock, p);
+ err1 = cc_close(gCntrlBlock, &testNC);
}
- err1 = cc_close(gCntrlBlock, &testNC);
}
if (!found)
//we didn't find one with the name we were looking for, use the one we had and change the name
cc_set_principal(gCntrlBlock, (((stdccCacheDataPtr)(id->data))->NamedCache), CC_CRED_V5, cName);
else {
- //we found a cache for this guy, lets trash ours and use that one
- cc_destroy(gCntrlBlock, &(((stdccCacheDataPtr)(id->data))->NamedCache));
+ //we found a cache for this guy, lets trash ours and use that one - let's not; sgm 10/7/98
+ //cc_destroy(gCntrlBlock, &(((stdccCacheDataPtr)(id->data))->NamedCache));
err = cc_open(gCntrlBlock, targetName, CC_CRED_V5, 0L, &(((stdccCacheDataPtr)(id->data))->NamedCache));
if (err != CC_NOERROR) return err; //error opening
cc_free_name(gCntrlBlock, targetName);
}
+ free(cName);
+
return CC_NOERROR;
}
krb5_error_code krb5_stdcc_store
(krb5_context context, krb5_ccache id , krb5_creds *creds ) {
- cred_union *cu;
+ cred_union *cu = NULL;
int err;
krb5_creds *creds ) {
int err;
- cred_union *credU;
- cc_creds *c;
+ cred_union *credU = NULL;
+ cc_creds *c = NULL;
err = cc_seq_fetch_creds(gCntrlBlock, ((stdccCacheDataPtr)(id->data))->NamedCache,
&credU, (ccache_it **)cursor);
krb5_creds *mcreds,
krb5_creds *creds ) {
- krb5_cc_cursor curs;
+ krb5_cc_cursor curs = NULL;
krb5_creds *fetchcreds;
fetchcreds = (krb5_creds *)malloc(sizeof(krb5_creds));
+ if (fetchcreds == NULL) return KRB5_CC_NOMEM;
//we're going to use the iterators
krb5_stdcc_start_seq_get(context, id, &curs);
char * krb5_stdcc_get_name
(krb5_context context, krb5_ccache id ) {
- char *ret;
+ char *ret = NULL;
int err;
//just a wrapper
krb5_stdcc_get_principal (krb5_context context, krb5_ccache id , krb5_principal *princ ) {
int err;
- char *name;
+ char *name = NULL;
//another wrapper
err = cc_get_principal(gCntrlBlock, (((stdccCacheDataPtr)(id->data))->NamedCache), &name);
krb5_error_code krb5_stdcc_remove
(krb5_context context, krb5_ccache id , krb5_flags flags, krb5_creds *creds ) {
- cred_union *cu;
+ cred_union *cu = NULL;
int err;
//convert to a cred union
#define fieldSize 255
+/* on the Mac, we need the calls which allocate memory for the Credentials Cache to use
+ Ptr's in the system help, so that they stay global and so that bad things don't happen
+ when we call DisposePtr() on them. However, on other systems, malloc is probably the
+ right thing to use.
+ So for any place where we allocate memory for the Credentials Cache, use sys_alloc() and
+ define it accordingly.
+*/
+
+#if defined(macintosh)
+#define sys_alloc(size) NewSafePtrSys(size)
+#else
+#define sys_alloc(size) malloc(size)
+#endif
+
+#if defined(macintosh)
+//stolen from CCacheUtils.c
+// -- NewSafePtrSys -----------------
+// - analagous to NewSafePtr but memory is allocated in the system heap
+Ptr NewSafePtrSys(long size) {
+
+ Ptr retPtr;
+
+ retPtr = NewPtrSys(size);
+
+ if (retPtr != NULL)
+ HoldMemory(retPtr, size);
+
+ return retPtr;
+}
+#endif
+
// CopyCCDataArrayToK5
// - copy and translate the null terminated arrays of data records
// used in k5 tickets
//calc number of records
while (*kbase++ != NULL) numRecords++;
//allocate new array
- constCBase = cbase = (cc_data **)malloc((numRecords+1)*sizeof(char *));
+ constCBase = cbase = (cc_data **)sys_alloc((numRecords+1)*sizeof(char *));
//reset base
kbase = (whichArray == kAddressArray) ? kc->addresses : (krb5_address **)kc->authdata;
//copy records
while (*kbase != NULL) {
- *cbase = (cc_data *)malloc(sizeof(krb5_address));
+ *cbase = (cc_data *)sys_alloc(sizeof(krb5_address));
kAdr = *kbase;
ccAdr = *cbase;
ccAdr->type = kAdr->addrtype;
ccAdr->length = kAdr->length;
- ccAdr->data = (unsigned char *)malloc(ccAdr->length);
+ ccAdr->data = (unsigned char *)sys_alloc(ccAdr->length);
memcpy(ccAdr->data, kAdr->contents, kAdr->length);
//next element please
kbase++; cbase++;
// - analagous to above but in the reverse direction
void dupK52cc(krb5_context context, krb5_creds *creds, cred_union **cu) {
- krb5_address **tA;
- krb5_authdata **tAd;
- cc_creds *c;
- int err;
+ krb5_address **tA;
+ krb5_authdata **tAd;
+ cc_creds *c;
+ int err;
+ #ifdef macintosh
+ char *tempname = NULL;
+ #endif
if (cu == NULL) return;
//allocate the cred_union
- *cu = (cred_union *)malloc(sizeof(cred_union));
+ *cu = (cred_union *)sys_alloc(sizeof(cred_union));
if ((*cu) == NULL) return;
(*cu)->cred_type = CC_CRED_V5;
//allocate creds structure (and install)
- c = (cc_creds *)malloc(sizeof(cc_creds));
+ c = (cc_creds *)sys_alloc(sizeof(cc_creds));
if (c == NULL) return;
(*cu)->cred.pV5Cred = c;
//convert krb5 principals to flat principals
+ #ifdef macintosh
+ //and make sure the memory for c->client and c->server is on the system heap with NewPtr
+ //for the Mac (krb5_unparse_name puts it in appl heap with malloc)
+ err = krb5_unparse_name(context, creds->client, &tempname);
+ c->client = sys_alloc(strlen(tempname));
+ if (c->client != NULL)
+ strcpy(c->client,tempname);
+ free(tempname);
+ tempname = NULL;
+
+ err = krb5_unparse_name(context, creds->server, &tempname);
+ c->server = sys_alloc(strlen(tempname));
+ if (c->server != NULL)
+ strcpy(c->server,tempname);
+ free(tempname);
+ #else
err = krb5_unparse_name(context, creds->client, &(c->client));
err = krb5_unparse_name(context, creds->server, &(c->server));
+ #endif
if (err) return;
//copy more fields
c->keyblock.type = creds->keyblock.enctype;
c->keyblock.length = creds->keyblock.length;
- c->keyblock.data = (unsigned char *)malloc(creds->keyblock.length);
- memcpy(c->keyblock.data, creds->keyblock.contents, creds->keyblock.length);
+
+ if (creds->keyblock.contents != NULL) {
+ c->keyblock.data = (unsigned char *)sys_alloc(creds->keyblock.length);
+ memcpy(c->keyblock.data, creds->keyblock.contents, creds->keyblock.length);
+ } else {
+ c->keyblock.data = NULL;
+ }
+
c->authtime = creds->times.authtime;
c->starttime = creds->times.starttime;
c->endtime = creds->times.endtime;
copyK5DataArrayToCC(creds, c, kAddressArray);
c->ticket.length = creds->ticket.length;
- c->ticket.data = (unsigned char *)malloc(creds->ticket.length);
- memcpy(c->ticket.data, creds->ticket.data, creds->ticket.length);
+ if (creds->ticket.data != NULL) {
+ c->ticket.data = (unsigned char *)sys_alloc(creds->ticket.length);
+ memcpy(c->ticket.data, creds->ticket.data, creds->ticket.length);
+ } else {
+ c->ticket.data = NULL;
+ }
+
c->second_ticket.length = creds->second_ticket.length;
- c->second_ticket.data = (unsigned char *)malloc(creds->second_ticket.length);
- memcpy(c->second_ticket.data, creds->second_ticket.data, creds->second_ticket.length);
-
+ if (creds->second_ticket.data != NULL) {
+ c->second_ticket.data = (unsigned char *)sys_alloc(creds->second_ticket.length);
+ memcpy(c->second_ticket.data, creds->second_ticket.data, creds->second_ticket.length);
+ } else {
+ c->second_ticket.data = NULL;
+ }
+
c->authdata = NULL;
return;