{ CC_WRITE, KRB5_CC_WRITE },
{ CC_LOCKED, KRB5_FCC_INTERNAL /* XXX */ },
{ CC_BAD_API_VERSION, KRB5_FCC_INTERNAL /* XXX */ },
- { CC_NO_EXIST, KRB5_FCC_INTERNAL /* XXX */ },
+ { CC_NO_EXIST, KRB5_FCC_NOFILE },
{ CC_NOT_SUPP, KRB5_FCC_INTERNAL /* XXX */ },
{ CC_BAD_PARM, KRB5_FCC_INTERNAL /* XXX */ },
{ CC_ERR_CACHE_ATTACH, KRB5_FCC_INTERNAL /* XXX */ },
{
const struct err_xlate *p;
- for (p = err_xlate_table; p->e2err; p++) {
- if (err == p->e2err)
- return p->pqerr;
+ for (p = err_xlate_table; p->cc_err; p++) {
+ if (err == p->cc_err)
+ return p->krb5_err;
}
return KRB5_FCC_INTERNAL; /* XXX we need a miscellaneous return */
}
+static krb5_error_code stdcc_setup(krb5_context context,
+ stdccCacheDataPtr ccapi_data)
+{
+ int err;
+
+ /* make sure the API has been intialized */
+ if (gCntrlBlock == NULL) {
+ err = cc_initialize(&gCntrlBlock, CC_API_VER_1, NULL, NULL);
+ if (err != CC_NOERROR)
+ return cc_err_xlate(err);
+ }
+
+ /*
+ * No ccapi_data structure, so we don't need to make sure the
+ * ccache exists.
+ */
+ if (!ccapi_data)
+ return 0;
+
+ /*
+ * The ccache already exists
+ */
+ if (ccapi_data->NamedCache)
+ return 0;
+
+ err = cc_open(gCntrlBlock, ccapi_data->cache_name,
+ CC_CRED_V5, 0L, &ccapi_data->NamedCache);
+ if (err == CC_NOTFOUND)
+ err = CC_NO_EXIST;
+ if (err == CC_NOERROR)
+ return 0;
+
+ ccapi_data->NamedCache = NULL;
+ return cc_err_xlate(err);
+}
+
+
/*
* -- generate_new --------------------------------
*
(krb5_context context, krb5_ccache *id )
{
krb5_ccache newCache = NULL;
+ krb5_error_code retval;
stdccCacheDataPtr ccapi_data = NULL;
char *name = NULL;
cc_time_t time;
int err;
+
+ if ((retval = stdcc_setup(context, NULL)))
+ return retval;
- /* make sure the API has been intialized */
- if (gCntrlBlock == NULL) {
- err = cc_initialize(&gCntrlBlock, CC_API_VER_1, NULL, NULL);
- if (err != CC_NOERROR)
- return cc_err_xlate(err);
- }
-
retval = KRB5_CC_NOMEM;
if (!(newCache = (krb5_ccache) malloc(sizeof(struct _krb5_ccache))))
goto errout;
- if (!(ccapi_ptr = (stdccCacheDataPtr)malloc(sizeof(stdccCacheData))))
+ if (!(ccapi_data = (stdccCacheDataPtr)malloc(sizeof(stdccCacheData))))
goto errout;
- if (!(cName = malloc(strlen(residual)+1)))
+ if (!(name = malloc(256)))
goto errout;
/* create a unique name */
/* setup some fields */
newCache->ops = &krb5_cc_stdcc_ops;
newCache->data = ccapi_data;
- ccapi_data->ccache_name = name;
+ ccapi_data->cache_name = name;
/* return a pointer to the new cache */
*id = newCache;
errout:
if (newCache)
free(newCache);
- if (ccapi_ptr)
- free(ccapi_ptr);
- if (cName)
+ if (ccapi_data)
+ free(ccapi_data);
+ if (name)
free(name);
return retval;
}
krb5_error_code retval;
char *cName;
- /* make sure the API has been intialized */
- if (gCntrlBlock == NULL) {
- err = cc_initialize(&gCntrlBlock, CC_API_VER_1, NULL, NULL);
- if (err != CC_NOERROR)
- return cc_err_xlate(err);
- }
-
+ if ((retval = stdcc_setup(context, NULL)))
+ return retval;
+
retval = KRB5_CC_NOMEM;
if (!(newCache = (krb5_ccache) malloc(sizeof(struct _krb5_ccache))))
goto errout;
- if (!(ccapi_ptr = (stdccCacheDataPtr)malloc(sizeof(stdccCacheData))))
+ if (!(ccapi_data = (stdccCacheDataPtr)malloc(sizeof(stdccCacheData))))
goto errout;
if (!(cName = malloc(strlen(residual)+1)))
goto errout;
newCache->ops = &krb5_cc_stdcc_ops;
- newCache->data = ccapi_ptr;
- ccapi_ptr->ccache_name = cName;
+ newCache->data = ccapi_data;
+ ccapi_data->cache_name = cName;
strcpy(cName, residual);
err = cc_open(gCntrlBlock, cName, CC_CRED_V5, 0L,
- &ccapi_ptr->NamedCache);
+ &ccapi_data->NamedCache);
if (err != CC_NOERROR)
- ccapi_ptr->NamedCache = NULL;
+ ccapi_data->NamedCache = NULL;
/* return new cache structure */
*id = newCache;
errout:
if (newCache)
free(newCache);
- if (ccapi_ptr)
- free(ccapi_ptr);
+ if (ccapi_data)
+ free(ccapi_data);
if (cName)
free(cName);
return retval;
char *cName = NULL;
krb5_error_code retval;
+ if ((retval = stdcc_setup(context, NULL)))
+ return retval;
+
/* test id for null */
if (id == NULL) return KRB5_CC_NOMEM;
- /* test for initialized API */
- if (gCntrlBlock == NULL)
- return KRB5_FCC_INTERNAL; /* XXX better error code? */
-
if ((retval = krb5_unparse_name(context, princ, &cName)))
return retval;
err = cc_open(gCntrlBlock, ccapi_data->cache_name,
CC_CRED_V5, 0L,
&ccapi_data->NamedCache);
- if (err != CC_NO_ERROR)
+ if (err != CC_NOERROR)
ccapi_data->NamedCache = NULL;
}
if (ccapi_data->NamedCache)
cc_destroy(gCntrlBlock, &ccapi_data->NamedCache);
- err = cc_create(gCntrlBlock, ccapi_data->ccache_name, cName,
+ err = cc_create(gCntrlBlock, ccapi_data->cache_name, cName,
CC_CRED_V5, 0L, &ccapi_data->NamedCache);
krb5_free_unparsed_name(context, cName);
krb5_error_code KRB5_CALLCONV krb5_stdcc_store
(krb5_context context, krb5_ccache id , krb5_creds *creds )
{
+ krb5_error_code retval;
stdccCacheDataPtr ccapi_data = id->data;
cred_union *cu = NULL;
int err;
-
- /* test for initialized API */
- if (gCntrlBlock == NULL)
- return KRB5_FCC_INTERNAL; /* XXX better error code? */
+ if ((retval = stdcc_setup(context, ccapi_data)))
+ return retval;
+
/* copy the fields from the almost identical structures */
dupK5toCC(context, creds, &cu);
krb5_error_code KRB5_CALLCONV krb5_stdcc_start_seq_get
(krb5_context context, krb5_ccache id , krb5_cc_cursor *cursor )
{
+ stdccCacheDataPtr ccapi_data = id->data;
+ krb5_error_code retval;
+
+ if ((retval = stdcc_setup(context, ccapi_data)))
+ return retval;
+
/* all we have to do is initialize the cursor */
*cursor = NULL;
return 0;
(krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor,
krb5_creds *creds)
{
+ krb5_error_code retval;
+ stdccCacheDataPtr ccapi_data = id->data;
int err;
cred_union *credU = NULL;
- /* test for initialized API */
- if (gCntrlBlock == NULL)
- return KRB5_FCC_INTERNAL; /* XXX better error code? */
-
- err = cc_seq_fetch_creds(gCntrlBlock,
- ((stdccCacheDataPtr)(id->data))->NamedCache,
- &credU, (ccache_cit **)cursor);
+ if ((retval = stdcc_setup(context, ccapi_data)))
+ return retval;
+ err = cc_seq_fetch_creds(gCntrlBlock, ccapi_data->NamedCache,
+ &credU, (ccache_cit **)cursor);
if (err != CC_NOERROR)
return cc_err_xlate(err);
krb5_creds *mcreds,
krb5_creds *creds )
{
+ krb5_error_code retval;
krb5_cc_cursor curs = NULL;
krb5_creds *fetchcreds;
+ if ((retval = stdcc_setup(context, NULL)))
+ return retval;
+
fetchcreds = (krb5_creds *)malloc(sizeof(krb5_creds));
if (fetchcreds == NULL) return KRB5_CC_NOMEM;
krb5_error_code KRB5_CALLCONV krb5_stdcc_end_seq_get
(krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor)
{
-
+ krb5_error_code retval;
+ stdccCacheDataPtr ccapi_data = NULL;
+ int err;
+ cred_union *credU = NULL;
+
+ ccapi_data = id->data;
+
+ if ((retval = stdcc_setup(context, ccapi_data)))
+ return retval;
+
+ if (*cursor == NULL)
+ return 0;
+
/*
- * the limitation of the Ccache api and the seq calls
- * causes trouble. cursor might have already been freed
- * and anyways it is in the mac's heap so we need FreePtr
- * but all i have is free
+ * Finish calling cc_seq_fetch_creds to clear out the cursor
*/
- /* FreePtr(*cursor); */
-
- /* LEAK IT! */
- *cursor = NULL;
-
+ while (*cursor) {
+ err = cc_seq_fetch_creds(gCntrlBlock, ccapi_data->NamedCache,
+ &credU, (ccache_cit **)cursor);
+ if (err)
+ break;
+
+ cc_free_creds(gCntrlBlock, &credU);
+ }
+
return(0);
}
krb5_error_code KRB5_CALLCONV
krb5_stdcc_close(krb5_context context, krb5_ccache id)
{
+ krb5_error_code retval;
+ stdccCacheDataPtr ccapi_data = id->data;
+
+ if ((retval = stdcc_setup(context, NULL)))
+ return retval;
+
/* free it */
- if (id->data != NULL) {
- free((stdccCacheDataPtr)(id->data));
- /* null it out */
- (stdccCacheDataPtr)(id->data) = NULL;
+ if (ccapi_data) {
+ if (ccapi_data->cache_name)
+ free(ccapi_data->cache_name);
+ if (ccapi_data->NamedCache)
+ cc_close(gCntrlBlock, &ccapi_data->NamedCache);
+ free(ccapi_data);
+ id->data = NULL;
}
-
- /*
- * I suppose we ought to check if id is null before doing
- * this, but no other place in krb5 does... -smcguire
- */
free(id);
- id = NULL;
-
return 0;
}
krb5_error_code KRB5_CALLCONV
krb5_stdcc_destroy (krb5_context context, krb5_ccache id)
{
-
int err;
+ krb5_error_code retval;
+ stdccCacheDataPtr ccapi_data = id->data;
- /* test for initialized API */
- if (gCntrlBlock == NULL)
- return KRB5_FCC_INTERNAL; /* XXX better error code? */
-
- /* destroy the named cache */
- err = cc_destroy(gCntrlBlock,
- &(((stdccCacheDataPtr)(id->data))->NamedCache));
-
- /* free the pointer to the record that held the pointer to the cache */
- free((stdccCacheDataPtr)(id->data));
+ if ((retval = stdcc_setup(context, ccapi_data))) {
+ if (retval == KRB5_FCC_NOFILE)
+ return 0;
+ return retval;
+ }
- /* null it out */
- (stdccCacheDataPtr)(id->data) = NULL;
+ /* destroy the named cache */
+ err = cc_destroy(gCntrlBlock, &ccapi_data->NamedCache);
- return err;
+ return cc_err_xlate(err);
}
/*
char * KRB5_CALLCONV krb5_stdcc_get_name
(krb5_context context, krb5_ccache id )
{
- char *ret = NULL;
- int err;
-
- /* test for initialized API */
- if (gCntrlBlock == NULL)
- return NULL;
-
- /* just a wrapper */
- err = cc_get_name(gCntrlBlock,
- (((stdccCacheDataPtr)(id->data))->NamedCache), &ret);
-
- if (err != CC_NOERROR)
- return ret;
- else
- return NULL;
+ char *name = NULL;
+ stdccCacheDataPtr ccapi_data = id->data;
+
+ if (!ccapi_data)
+ return 0;
+
+ return (ccapi_data->cache_name);
}
+
/* get_principal
*
* - return the principal associated with the named cache
krb5_error_code KRB5_CALLCONV krb5_stdcc_get_principal
(krb5_context context, krb5_ccache id , krb5_principal *princ)
{
- int err;
- char *name = NULL;
+ int err;
+ char *name = NULL;
+ stdccCacheDataPtr ccapi_data = id->data;
+ krb5_error_code retval;
- /* test for initialized API */
- if (gCntrlBlock == NULL)
- return KRB5_FCC_INTERNAL; /* XXX better error code? */
+ if ((retval = stdcc_setup(context, ccapi_data)))
+ return retval;
/* another wrapper */
- err = cc_get_principal(gCntrlBlock,
- (((stdccCacheDataPtr)(id->data))->NamedCache),
+ err = cc_get_principal(gCntrlBlock, ccapi_data->NamedCache,
&name);
if (err != CC_NOERROR)
/* turn it into a krb principal */
err = krb5_parse_name(context, name, princ);
-
-#if defined(macintosh)
- /*
- * have to do something special on the Mac because name has
- * been allocated with
- * Mac memory routine NewPtr and held in memory
- */
- if (name != NULL) {
- UnholdMemory(name,GetPtrSize(name));
- DisposePtr(name);
- }
-#else
- if (name != NULL)
- free(name);
-#endif
+ cc_free_principal(gCntrlBlock, &name);
+
return err;
}
krb5_error_code KRB5_CALLCONV krb5_stdcc_set_flags
(krb5_context context, krb5_ccache id , krb5_flags flags)
{
+ stdccCacheDataPtr ccapi_data = id->data;
+ krb5_error_code retval;
+
+ if ((retval = stdcc_setup(context, ccapi_data)))
+ return retval;
+
return 0;
}
{
cred_union *cu = NULL;
int err;
+ stdccCacheDataPtr ccapi_data = id->data;
+ krb5_error_code retval;
+
+ if ((retval = stdcc_setup(context, ccapi_data))) {
+ if (retval == KRB5_FCC_NOFILE)
+ return 0;
+ return retval;
+ }
- /* test for initialized API */
- if (gCntrlBlock == NULL)
- return KRB5_FCC_INTERNAL; /* XXX better error code? */
-
/* convert to a cred union */
dupK5toCC(context, creds, &cu);
/* remove it */
- err = cc_remove_cred(gCntrlBlock,
- (((stdccCacheDataPtr)(id->data))->NamedCache),
- *cu);
+ err = cc_remove_cred(gCntrlBlock, ccapi_data->NamedCache, *cu);
if (err != CC_NOERROR)
return cc_err_xlate(err);
/* free the temp cred union */
err = cc_free_creds(gCntrlBlock, &cu);
- if (err != CC_NOERROR) return err;
+ if (err != CC_NOERROR)
+ return cc_err_xlate(err);
return 0;
}
-
-// stdcc_util.c
-// utility functions used in implementing the ccache api for krb5
-// not publicly exported
-// Frank Dabek, July 1998
+/*
+ * stdcc_util.c
+ * utility functions used in implementing the ccache api for krb5
+ * not publicly exported
+ * Frank Dabek, July 1998
+ */
#include <stdlib.h>
#include <string.h>
#endif
#if defined(macintosh)
-//stolen from CCacheUtils.c
-// -- NewSafePtrSys -----------------
-// - analagous to NewSafePtr but memory is allocated in the system heap
+/*
+ * stolen from CCacheUtils.c
+ * -- NewSafePtrSys -----------------
+ * - analagous to NewSafePtr but memory is allocated in the system heap
+ */
static Ptr NewSafePtrSys(long size) {
Ptr retPtr;
}
#endif
-// CopyCCDataArrayToK5
-// - copy and translate the null terminated arrays of data records
-// used in k5 tickets
+/*
+ * CopyCCDataArrayToK5
+ * - copy and translate the null terminated arrays of data records
+ * used in k5 tickets
+ */
int copyCCDataArrayToK5(cc_creds *cc, krb5_creds *kc, char whichArray) {
cc_data *ccAdr, **cbase;
if (whichArray == kAddressArray) {
- //check pointer
+ /* check pointer */
if (cc->addresses == NULL) {
kc->addresses = NULL;
- return 0; }
+ return 0;
+ }
} else if (whichArray == kAuthDataArray) {
- //check pointer
+ /* check pointer */
if (cc->authdata == NULL) {
kc->authdata = NULL;
- return 0; }
- } else return -1;
+ return 0;
+ }
+ } else
+ return -1;
cbase = (whichArray == kAddressArray) ? cc->addresses : cc->authdata;
- //calc number of records
+ /* calc number of records */
while (*cbase++ != NULL) numRecords++;
- //allocate new array
+ /* allocate new array */
constKBase = kbase = (krb5_address **)malloc((numRecords+1)*sizeof(char *));
//reset base
cbase = (whichArray == kAddressArray) ? cc->addresses : cc->authdata;
return 0;
}
-// copyK5DataArrayToCC
-// - analagous to above, but in the other direction
+/*
+ * copyK5DataArrayToCC
+ * - analagous to above, but in the other direction
+ */
int copyK5DataArrayToCC(krb5_creds *kc, cc_creds *cc, char whichArray) {
cc_data *ccAdr, **cbase, **constCBase;
return 0;
}
+/*
+ * dupcctok5
+ * - allocate an empty k5 style ticket and copy info from the cc_creds ticket
+ */
-// dupcctok5
-// - allocate an empty k5 style ticket and copy info from the cc_creds ticket
void dupCCtoK5(krb5_context context, cc_creds *src, krb5_creds *dest) {
int err;
- //allocate and copy
- //copy all of those damn fields back
+ /*
+ * allocate and copy
+ * copy all of those damn fields back
+ */
err = krb5_parse_name(context, src->client, &(dest->client));
err = krb5_parse_name(context, src->server, &(dest->server));
if (err) return; //parsename fails w/o krb5.ini for example
- //copy keyblock
+ /* copy keyblock */
dest->keyblock.enctype = src->keyblock.type;
dest->keyblock.length = src->keyblock.length;
dest->keyblock.contents = (krb5_octet *)malloc(dest->keyblock.length);
memcpy(dest->keyblock.contents, src->keyblock.data, dest->keyblock.length);
- //copy times
+ /* copy times *//
dest->times.authtime = src->authtime;
dest->times.starttime = src->starttime;
dest->times.endtime = src->endtime;
dest->is_skey = src->is_skey;
dest->ticket_flags = src->ticket_flags;
- //more branching fields
+ /* more branching fields */
copyCCDataArrayToK5(src, dest, kAddressArray);
dest->ticket.length = src->ticket.length;
dest->ticket.data = (char *)malloc(src->ticket.length);
(dest->second_ticket).data = ( char *)malloc(src->second_ticket.length);
memcpy(dest->second_ticket.data, src->second_ticket.data, src->second_ticket.length);
- //zero out magic number
+ /* zero out magic number */
dest->magic = 0;
- //later
- //copyCCDataArrayToK5(src, dest, kAuthDataArray);
- //krb5 docs say that authdata can be nulled out if we
- //only want default behavior
+ /*
+ * later
+ * copyCCDataArrayToK5(src, dest, kAuthDataArray);
+ * krb5 docs say that authdata can be nulled out if we
+ * only want default behavior
+ */
dest->authdata = NULL;
return;
}
-// dupK5toCC
-// - analagous to above but in the reverse direction
-void dupK5toCC(krb5_context context, krb5_creds *creds, cred_union **cu) {
-
- cc_creds *c;
- int err;
- #ifdef macintosh
- char *tempname = NULL;
- #endif
+/*
+ * dupK5toCC
+ * - analagous to above but in the reverse direction
+ */
+void dupK5toCC(krb5_context context, krb5_creds *creds, cred_union **cu)
+{
+ cc_creds *c;
+ int err;
+#ifdef macintosh
+ char *tempname = NULL;
+#endif
- if (cu == NULL) return;
+ if (cu == NULL) return;
- //allocate the cred_union
- *cu = (cred_union *)sys_alloc(sizeof(cred_union));
- if ((*cu) == NULL) return;
+ /* allocate the cred_union */
+ *cu = (cred_union *)sys_alloc(sizeof(cred_union));
+ if ((*cu) == NULL)
+ return;
- (*cu)->cred_type = CC_CRED_V5;
+ (*cu)->cred_type = CC_CRED_V5;
- //allocate creds structure (and install)
- c = (cc_creds *)sys_alloc(sizeof(cc_creds));
- if (c == NULL) return;
- (*cu)->cred.pV5Cred = c;
+ /* allocate creds structure (and install) */
+ c = (cc_creds *)sys_alloc(sizeof(cc_creds));
+ if (c == NULL) return;
+ (*cu)->cred.pV5Cred = c;
- //convert krb5 principals to flat principals
- #ifdef macintosh
- //and make sure the memory for c->client and c->server is on the system heap with NewPtr
- //for the Mac (krb5_unparse_name puts it in appl heap with malloc)
- err = krb5_unparse_name(context, creds->client, &tempname);
- c->client = sys_alloc(strlen(tempname));
- if (c->client != NULL)
- strcpy(c->client,tempname);
- free(tempname);
- tempname = NULL;
+ /* convert krb5 principals to flat principals */
+#ifdef macintosh
+ /*
+ * and make sure the memory for c->client and c->server is on
+ * the system heap with NewPtr for the Mac (krb5_unparse_name
+ * puts it in appl heap with malloc)
+ */
+ err = krb5_unparse_name(context, creds->client, &tempname);
+ c->client = sys_alloc(strlen(tempname));
+ if (c->client != NULL)
+ strcpy(c->client,tempname);
+ free(tempname);
+ tempname = NULL;
- err = krb5_unparse_name(context, creds->server, &tempname);
- c->server = sys_alloc(strlen(tempname));
- if (c->server != NULL)
- strcpy(c->server,tempname);
- free(tempname);
- #else
- err = krb5_unparse_name(context, creds->client, &(c->client));
- err = krb5_unparse_name(context, creds->server, &(c->server));
- #endif
- if (err) return;
+ err = krb5_unparse_name(context, creds->server, &tempname);
+ c->server = sys_alloc(strlen(tempname));
+ if (c->server != NULL)
+ strcpy(c->server,tempname);
+ free(tempname);
+#else
+ err = krb5_unparse_name(context, creds->client, &(c->client));
+ err = krb5_unparse_name(context, creds->server, &(c->server));
+#endif
+ if (err) return;
- //copy more fields
- c->keyblock.type = creds->keyblock.enctype;
- c->keyblock.length = creds->keyblock.length;
+ /* copy more fields */
+ c->keyblock.type = creds->keyblock.enctype;
+ c->keyblock.length = creds->keyblock.length;
- if (creds->keyblock.contents != NULL) {
- c->keyblock.data = (unsigned char *)sys_alloc(creds->keyblock.length);
- memcpy(c->keyblock.data, creds->keyblock.contents, creds->keyblock.length);
- } else {
- c->keyblock.data = NULL;
- }
+ if (creds->keyblock.contents != NULL) {
+ c->keyblock.data = (unsigned char *)sys_alloc(creds->keyblock.length);
+ memcpy(c->keyblock.data, creds->keyblock.contents, creds->keyblock.length);
+ } else {
+ c->keyblock.data = NULL;
+ }
- c->authtime = creds->times.authtime;
- c->starttime = creds->times.starttime;
- c->endtime = creds->times.endtime;
- c->renew_till = creds->times.renew_till;
- c->is_skey = creds->is_skey;
- c->ticket_flags = creds->ticket_flags;
+ c->authtime = creds->times.authtime;
+ c->starttime = creds->times.starttime;
+ c->endtime = creds->times.endtime;
+ c->renew_till = creds->times.renew_till;
+ c->is_skey = creds->is_skey;
+ c->ticket_flags = creds->ticket_flags;
- copyK5DataArrayToCC(creds, c, kAddressArray);
+ copyK5DataArrayToCC(creds, c, kAddressArray);
- c->ticket.length = creds->ticket.length;
- if (creds->ticket.data != NULL) {
- c->ticket.data = (unsigned char *)sys_alloc(creds->ticket.length);
- memcpy(c->ticket.data, creds->ticket.data, creds->ticket.length);
- } else {
- c->ticket.data = NULL;
- }
+ c->ticket.length = creds->ticket.length;
+ if (creds->ticket.data != NULL) {
+ c->ticket.data = (unsigned char *)sys_alloc(creds->ticket.length);
+ memcpy(c->ticket.data, creds->ticket.data, creds->ticket.length);
+ } else {
+ c->ticket.data = NULL;
+ }
- c->second_ticket.length = creds->second_ticket.length;
- if (creds->second_ticket.data != NULL) {
- c->second_ticket.data = (unsigned char *)sys_alloc(creds->second_ticket.length);
- memcpy(c->second_ticket.data, creds->second_ticket.data, creds->second_ticket.length);
- } else {
- c->second_ticket.data = NULL;
- }
+ c->second_ticket.length = creds->second_ticket.length;
+ if (creds->second_ticket.data != NULL) {
+ c->second_ticket.data = (unsigned char *)sys_alloc(creds->second_ticket.length);
+ memcpy(c->second_ticket.data, creds->second_ticket.data, creds->second_ticket.length);
+ } else {
+ c->second_ticket.data = NULL;
+ }
- c->authdata = NULL;
+ c->authdata = NULL;
return;
}
-// bitTst
-// - utility function for below function
+/*
+ * bitTst
+ * - utility function for below function
+ */
int bitTst(int var, int mask) {
return var & mask;
}
-// stdccCredsMatch
-// - check to see if the creds match based on the whichFields variable
-// NOTE: if whichfields is zero we are now comparing 'standard fields.'
-// This is the bug that was killing fetch for a week. The behaviour
-// is what krb5 expects, however.
-int stdccCredsMatch(krb5_context context, krb5_creds *base, krb5_creds *match, int whichfields) {
-
+/* stdccCredsMatch
+ * - check to see if the creds match based on the whichFields variable
+ * NOTE: if whichfields is zero we are now comparing 'standard fields.'
+ * This is the bug that was killing fetch for a
+ * week. The behaviour is what krb5 expects, however.
+ */
+int stdccCredsMatch(krb5_context context, krb5_creds *base,
+ krb5_creds *match, int whichfields)
+{
krb5_ticket_times b, m;
krb5_authdata **bp, **mp;
krb5_boolean retval;
- //always check the standard fields
+ /* always check the standard fields */
if ((krb5_principal_compare(context, base->client, match->client) &&
krb5_principal_compare(context, base->server, match->server)) == FALSE)
return FALSE;
if (bitTst(whichfields, KRB5_TC_MATCH_TIMES)) {
- //test for matching times
- //according to the file cache implementation we do:
+ /*
+ * test for matching times
+ * according to the file cache implementation we do:
+ */
if (match->times.renew_till) {
- if (match->times.renew_till > base->times.renew_till)
- return FALSE; /* this one expires too late */
- }
- if (match->times.endtime) {
- if (match->times.endtime > base->times.endtime)
- return FALSE; /* this one expires too late */
- }
- } //continue search
+ if (match->times.renew_till > base->times.renew_till)
+ return FALSE; /* this one expires too late */
+ }
+ if (match->times.endtime) {
+ if (match->times.endtime > base->times.endtime)
+ return FALSE; /* this one expires too late */
+ }
+ }
if (bitTst(whichfields, KRB5_TC_MATCH_IS_SKEY))
if (base->is_skey != match->is_skey) return FALSE;
projects / krb5.git / commitdiff