long oldmask;
#endif
struct sockaddr_in sin, from, local_laddr;
- krb5_creds *ret_cred = 0;
+ krb5_creds *get_cred, *ret_cred;
char c;
int lport = START_PORT;
struct hostent *hp;
return(-1);
}
- if (!(ret_cred = (krb5_creds *)calloc(1,sizeof(*ret_cred)))){
+ if (!(get_cred = (krb5_creds *)calloc(1, sizeof(krb5_creds)))) {
fprintf(stderr,"kcmd: no memory\n");
return(-1);
}
status = krb5_sname_to_principal(bsd_context, host_save,service,
- KRB5_NT_SRV_HST, &ret_cred->server);
+ KRB5_NT_SRV_HST, &get_cred->server);
if (status) {
fprintf(stderr, "kcmd: krb5_sname_to_principal failed: %s\n",
error_message(status));
strcpy(rdata.data, realm);
/* XXX we should free the old realm first */
- krb5_princ_set_realm(bsd_context, ret_cred->server, &rdata);
+ krb5_princ_set_realm(bsd_context, get_cred->server, &rdata);
}
#ifdef POSIX_SIGNALS
sigemptyset(&urgmask);
sigsetmask(oldmask);
#endif /* POSIX_SIGNALS */
if (tmpstr) krb5_xfree(tmpstr);
- krb5_free_creds(bsd_context, ret_cred);
+ krb5_free_creds(bsd_context, get_cred);
return (-1);
}
#ifdef HAVE_SETOWN
sigsetmask(oldmask);
#endif /* POSIX_SIGNALS */
if (tmpstr) krb5_xfree(tmpstr);
- krb5_free_creds(bsd_context, ret_cred);
+ krb5_free_creds(bsd_context, get_cred);
return (-1);
}
lport--;
status = krb5_cc_default(bsd_context, &cc);
if (status) goto bad3;
- status = krb5_cc_get_principal(bsd_context, cc, &ret_cred->client);
+ status = krb5_cc_get_principal(bsd_context, cc, &get_cred->client);
if (status) goto bad3;
/* Get ticket from credentials cache or kdc */
- status = krb5_get_credentials(bsd_context, 0, cc, ret_cred);
+ status = krb5_get_credentials(bsd_context, 0, cc, get_cred, &ret_cred);
+ krb5_free_creds(bsd_context, get_cred);
if (status) goto bad3;
/* Reset internal flags; these should not be sent. */
seqno,
0, /* don't need a subsession key */
&error, /* No error return */
- &rep_ret);
+ &rep_ret, NULL);
if (status) {
printf("Couldn't authenticate to server: %s\n", error_message(status));
if (error) {
if (tmpstr) krb5_xfree(tmpstr);
/* pass back credentials if wanted */
- if (cred) krb5_copy_creds(bsd_context, ret_cred,cred);
+ if (cred) krb5_copy_creds(bsd_context, ret_cred, cred);
krb5_free_creds(bsd_context, ret_cred);
return (0);
int sin_len;
char *princ; /* principal in credentials cache */
krb5_ccache cc;
- krb5_creds creds;
+ krb5_creds in_creds, *out_creds;
krb5_data reply, princ_data;
krb5_tkt_authent *authdat;
krb5_error_code status;
krb5_address faddr;
-
if (status = krb5_cc_default(bsd_context, &cc)){
fprintf(stderr,"rcp: send_auth failed krb5_cc_default : %s\n",
error_message(status));
exit(1);
}
- memset ((char*)&creds, 0, sizeof(creds));
+ memset ((char*)&in_creds, 0, sizeof(krb5_creds));
- if (status = krb5_cc_get_principal(bsd_context, cc, &creds.client)){
+ if (status = krb5_cc_get_principal(bsd_context, cc, &in_creds.client)){
fprintf(stderr,
"rcp: send_auth failed krb5_cc_get_principal : %s\n",
error_message(status));
exit(1);
}
- if (status = krb5_unparse_name(bsd_context, creds.client, &princ)){
+ if (status = krb5_unparse_name(bsd_context, in_creds.client, &princ)){
fprintf(stderr,"rcp: send_auth failed krb5_parse_name : %s\n",
error_message(status));
krb5_cc_close(bsd_context, cc);
exit(1);
}
- if (status = krb5_build_principal_ext(bsd_context, &creds.server,
- krb5_princ_realm(bsd_context, creds.client)->length,
- krb5_princ_realm(bsd_context, creds.client)->data,
+ if (status = krb5_build_principal_ext(bsd_context, &in_creds.server,
+ krb5_princ_realm(bsd_context,in_creds.client)->length,
+ krb5_princ_realm(bsd_context,in_creds.client)->data,
6, "krbtgt",
- krb5_princ_realm(bsd_context, creds.client)->length,
- krb5_princ_realm(bsd_context, creds.client)->data,
+ krb5_princ_realm(bsd_context,in_creds.client)->length,
+ krb5_princ_realm(bsd_context,in_creds.client)->data,
0)){
fprintf(stderr,
"rcp: send_auth failed krb5_build_principal_ext : %s\n",
}
/* Get TGT from credentials cache */
- if (status = krb5_get_credentials(bsd_context, KRB5_GC_CACHED, cc, &creds)){
+ if (status = krb5_get_credentials(bsd_context, KRB5_GC_CACHED, cc,
+ &in_creds, &out_creds)){
fprintf(stderr,
"rcp: send_auth failed krb5_get_credentials: %s\n",
error_message(status));
exit(1);
}
krb5_xfree(princ);
- status = krb5_write_message(bsd_context, (krb5_pointer)&rem, &creds.ticket);
+ status = krb5_write_message(bsd_context, (krb5_pointer)&rem,
+ &out_creds->ticket);
if (status){
fprintf(stderr,
"rcp: send_auth failed krb5_write_message: %s\n",
&faddr,
0, /* no fetchfrom */
tgt_keyproc,
- (krb5_pointer)&creds, /* credentials as arg to
+ (krb5_pointer)out_creds, /* credentials as arg to
keyproc */
0, /* no rcache for the moment XXX */
&authdat);
krb5_copy_keyblock(bsd_context, authdat->ticket->enc_part2->session,
&session_key);
krb5_free_tkt_authent(bsd_context, authdat);
- krb5_free_cred_contents(bsd_context, &creds);
+ krb5_free_creds(bsd_context, out_creds);
krb5_use_keytype(bsd_context, &eblock, session_key->keytype);
if ( status = krb5_process_key(bsd_context, &eblock,
answer_auth()
{
krb5_data pname_data, msg;
- krb5_creds creds;
+ krb5_creds creds, *new_creds;
krb5_ccache cc;
krb5_error_code status;
extern krb5_flags krb5_kdc_default_options;
}
krb5_xfree(pname_data.data);
- if (status = krb5_get_credentials(bsd_context, KRB5_GC_USER_USER, cc, &creds)){
+ if (status = krb5_get_credentials(bsd_context, KRB5_GC_USER_USER, cc,
+ &creds, &new_creds)){
krb5_cc_destroy(bsd_context, cc);
krb5_cc_close(bsd_context, cc);
exit(1);
}
if (status = krb5_mk_req_extended(bsd_context, AP_OPTS_USE_SESSION_KEY,
- 0, /* no application checksum here */
- krb5_kdc_default_options,
+ 0, /* no application checksum here */
0,
- 0, /* no need for subkey */
- cc,
- &creds,
- 0, /* don't need authenticator copy */
+ 0, /* no need for subkey */
+ new_creds,
+ 0, /* don't need authenticator copy */
&msg)) {
krb5_cc_destroy(bsd_context, cc);
krb5_cc_close(bsd_context, cc);
}
/* setup eblock for des_read and write */
- krb5_copy_keyblock(bsd_context, &creds.keyblock,&session_key);
+ krb5_copy_keyblock(bsd_context, &new_creds->keyblock,&session_key);
/* cleanup */
krb5_free_cred_contents(bsd_context, &creds);
+ krb5_free_creds(bsd_context, new_creds);
/* OK process key */
krb5_use_keytype(bsd_context, &eblock, session_key->keytype);
projects / krb5.git / commitdiff