/*\r
* Copyright (c) 2005 Massachusetts Institute of Technology\r
+* Copyright (c) 2006,2007 Secure Endpoints Inc.\r
*\r
* Permission is hereby granted, free of charge, to any person\r
* obtaining a copy of this software and associated documentation\r
/* $Id$ */\r
\r
/* Originally this was krb5routines.c in Leash sources. Subsequently\r
-modified and adapted for NetIDMgr */\r
+ * modified and adapted for NetIDMgr */\r
\r
#include<krbcred.h>\r
#include<kherror.h>\r
krb5_cc_cursor KRBv5Cursor;\r
krb5_creds KRBv5Credentials;\r
krb5_ticket *tkt=NULL;\r
- char *ClientName;\r
- char *PrincipalName;\r
+ char *ClientName = NULL;\r
+ char *PrincipalName = NULL;\r
wchar_t wbuf[256]; /* temporary conversion buffer */\r
wchar_t wcc_name[KRB5_MAXCCH_CCNAME]; /* credential cache name */\r
- char *sServerName;\r
+ char *sServerName = NULL;\r
khm_handle ident = NULL;\r
khm_handle cred = NULL;\r
time_t tt;\r
khm_krb5_list_tickets(krb5_context *krbv5Context)\r
{\r
krb5_context ctx = NULL;\r
- krb5_ccache cache = 0;\r
+ krb5_ccache cache = NULL;\r
krb5_error_code code = 0;\r
- apiCB * cc_ctx = 0;\r
+ apiCB * cc_ctx = NULL;\r
struct _infoNC ** pNCi = NULL;\r
int i;\r
khm_int32 t;\r
void * p_data)\r
{\r
krb5_error_code code = 0;\r
- krb5_context ctx = 0;\r
- krb5_ccache cc = 0;\r
- krb5_principal me = 0;\r
- char* name = 0;\r
+ krb5_context ctx = NULL;\r
+ krb5_ccache cc = NULL;\r
+ krb5_principal me = NULL;\r
+ char* name = NULL;\r
krb5_creds my_creds;\r
krb5_get_init_creds_opt options;\r
krb5_address ** addrs = NULL;\r
long code = 0;\r
krb5_ccache cc = 0;\r
\r
- StringCbPrintfA(ccname, sizeof(ccname), "API:TempCache%8x", rnd);\r
+ StringCbPrintfA(ccname, sizeof(ccname), "MEMORY:TempCache%8x", rnd);\r
\r
code = pkrb5_cc_resolve(ctx, ccname, &cc);\r
\r
g_fjob.password,\r
g_fjob.ccache,\r
g_fjob.lifetime,\r
- g_fjob.forwardable,\r
- g_fjob.proxiable,\r
- (g_fjob.renewable ? g_fjob.renew_life : 0),\r
+ g_fjob.valid_principal ? g_fjob.forwardable : 0,\r
+ g_fjob.valid_principal ? g_fjob.proxiable : 0,\r
+ (g_fjob.valid_principal && g_fjob.renewable ? g_fjob.renew_life : 0),\r
g_fjob.addressless,\r
g_fjob.publicIP,\r
k5_kinit_prompter,\r
\r
/* we can't possibly have succeeded without a\r
password */\r
- if(g_fjob.code && is_k5_identpro) {\r
+ if(g_fjob.code == KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN && \r
+ is_k5_identpro) {\r
kcdb_identity_set_flags(ident,\r
KCDB_IDENT_FLAG_INVALID,\r
KCDB_IDENT_FLAG_INVALID);\r