* \brief Acquire a new initial credential and store it in a ccache.
*/
kim_error kim_ccache_create_new (kim_ccache *out_ccache,
- kim_identity in_client_identity,
- kim_options in_options);
+ kim_identity in_client_identity,
+ kim_options in_options);
/*!
* \param out_ccache on exit, a ccache object for a ccache containing a newly acquired
* unavailable, acquire and store a new initial credential.
*/
kim_error kim_ccache_create_new_if_needed (kim_ccache *out_ccache,
- kim_identity in_client_identity,
- kim_options in_options);
+ kim_identity in_client_identity,
+ kim_options in_options);
/*!
* \param out_ccache on exit, a ccache object for a ccache containing a TGT
* credential. Must be freed with kim_ccache_free().
- * \param in_client_identity a client identity to obtain a credential for.
+ * \param in_client_identity a client identity to find a ccache for. If
+ * \a in_client_identity is #KIM_IDENTITY_ANY, this
+ * function returns the default ccache
+ * (ie: is equivalent to #kim_ccache_create_from_default()).
* \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure.
* \brief Find a ccache for a client identity in the cache collection.
*/
kim_error kim_ccache_create_from_client_identity (kim_ccache *out_ccache,
- kim_identity in_client_identity);
+ kim_identity in_client_identity);
/*!
* \param out_ccache on exit, a new ccache object containing an initial credential
* \brief Acquire a new initial credential from a keytab and store it in a ccache.
*/
kim_error kim_ccache_create_from_keytab (kim_ccache *out_ccache,
- kim_identity in_identity,
- kim_options in_options,
- kim_string in_keytab);
+ kim_identity in_identity,
+ kim_options in_options,
+ kim_string in_keytab);
/*!
* \param out_ccache on exit, a ccache object for the default ccache.
* \brief Get a ccache for a ccache type and name.
*/
kim_error kim_ccache_create_from_type_and_name (kim_ccache *out_ccache,
- kim_string in_type,
- kim_string in_name);
+ kim_string in_type,
+ kim_string in_name);
/*!
* \param out_ccache on exit, a new ccache object which is a copy of in_krb5_ccache.
* \brief Get a ccache for a krb5 ccache.
*/
kim_error kim_ccache_create_from_krb5_ccache (kim_ccache *out_ccache,
- krb5_context in_krb5_context,
- krb5_ccache in_krb5_ccache);
+ krb5_context in_krb5_context,
+ krb5_ccache in_krb5_ccache);
/*!
* \param out_ccache on exit, the new ccache object which is a copy of in_ccache.
* \brief Copy a ccache.
*/
kim_error kim_ccache_copy (kim_ccache *out_ccache,
- kim_ccache in_ccache);
+ kim_ccache in_ccache);
/*!
* \param in_ccache a ccache object.
* \brief Get the name of a ccache.
*/
kim_error kim_ccache_get_name (kim_ccache in_ccache,
- kim_string *out_name);
+ kim_string *out_name);
/*!
* \param in_ccache a ccache object.
* \brief Get the type of a ccache.
*/
kim_error kim_ccache_get_type (kim_ccache in_ccache,
- kim_string *out_type);
+ kim_string *out_type);
/*!
* \param in_ccache a ccache object.
* \brief Verify the TGT in a ccache.
*/
kim_error kim_ccache_verify (kim_ccache in_ccache,
- kim_identity in_service_identity,
- kim_string in_keytab,
- kim_boolean in_fail_if_no_service_key);
+ kim_identity in_service_identity,
+ kim_string in_keytab,
+ kim_boolean in_fail_if_no_service_key);
/*!
* \param in_ccache a ccache object containing a TGT to be renewed.
* \brief Renew the TGT in a ccache.
*/
kim_error kim_ccache_renew (kim_ccache in_ccache,
- kim_options in_options);
+ kim_options in_options);
/*!
* \param in_ccache a ccache object containing a TGT to be validated.
* \brief Validate the TGT in a ccache.
*/
kim_error kim_ccache_validate (kim_ccache in_ccache,
- kim_options in_options);
+ kim_options in_options);
/*!
* \param io_ccache a ccache object to be destroyed. Set to NULL on exit.
kim_error kim_ccache_create_new_if_needed (kim_ccache *out_ccache,
kim_identity in_client_identity,
kim_options in_options)
+{
+ return check_error (kim_ccache_create_new_if_needed_with_password (out_ccache,
+ in_client_identity,
+ in_options,
+ NULL));
+}
+
+/* ------------------------------------------------------------------------ */
+
+kim_error kim_ccache_create_new_if_needed_with_password (kim_ccache *out_ccache,
+ kim_identity in_client_identity,
+ kim_options in_options,
+ kim_string in_password)
{
kim_error err = KIM_NO_ERROR;
kim_ccache ccache = NULL;
if (!err) {
kim_credential_state state;
- err = kim_ccache_create_from_client_identity (&ccache, in_client_identity);
+ err = kim_ccache_create_from_client_identity (&ccache,
+ in_client_identity);
if (!err) {
err = kim_ccache_get_state (ccache, &state);
if (!ccache) {
/* ccache does not already exist, create a new one */
- err = kim_ccache_create_new (&ccache, in_client_identity, in_options);
+ err = kim_ccache_create_new_with_password (&ccache,
+ in_client_identity,
+ in_options,
+ in_password);
}
}
kim_identity in_client_identity)
{
kim_error err = KIM_NO_ERROR;
- kim_ccache_iterator iterator = NULL;
- kim_boolean found = FALSE;
- if (!err && !out_ccache ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
- if (!err && !in_client_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); }
+ if (!err && !out_ccache) { err = check_error (KIM_NULL_PARAMETER_ERR); }
- if (!err) {
+ if (!err && in_client_identity) {
+ kim_ccache_iterator iterator = NULL;
+ kim_boolean found = FALSE;
+
err = kim_ccache_iterator_create (&iterator);
- }
-
- while (!err && !found) {
- kim_ccache ccache = NULL;
- kim_identity identity = NULL;
- kim_comparison comparison;
- err = kim_ccache_iterator_next (iterator, &ccache);
-
- if (!err && !ccache) {
- kim_string string = NULL;
+ while (!err && !found) {
+ kim_ccache ccache = NULL;
+ kim_identity identity = NULL;
+ kim_comparison comparison;
+
+ err = kim_ccache_iterator_next (iterator, &ccache);
+
+ if (!err && !ccache) {
+ kim_string string = NULL;
+
+ err = kim_identity_get_display_string (in_client_identity,
+ &string);
+
+ if (!err) {
+ err = kim_error_set_message_for_code (KIM_NO_SUCH_PRINCIPAL_ERR,
+ string);
+ }
+
+ kim_string_free (&string);
+ }
- err = kim_identity_get_display_string (in_client_identity, &string);
+ if (!err) {
+ err = kim_ccache_get_client_identity (ccache, &identity);
+ }
if (!err) {
- err = kim_error_set_message_for_code (KIM_NO_SUCH_PRINCIPAL_ERR,
- string);
+ err = kim_identity_compare (in_client_identity, identity,
+ &comparison);
}
- kim_string_free (&string);
- }
-
- if (!err) {
- err = kim_ccache_get_client_identity (ccache, &identity);
- }
-
- if (!err) {
- err = kim_identity_compare (in_client_identity, identity, &comparison);
+ if (!err && kim_comparison_is_equal_to (comparison)) {
+ found = 1;
+ *out_ccache = ccache;
+ ccache = NULL;
+ }
+
+ kim_identity_free (&identity);
+ kim_ccache_free (&ccache);
}
- if (!err && kim_comparison_is_equal_to (comparison)) {
- found = 1;
- *out_ccache = ccache;
- ccache = NULL;
- }
+ kim_ccache_iterator_free (&iterator);
- kim_identity_free (&identity);
- kim_ccache_free (&ccache);
+ } else if (!err) {
+ /* in_client_identity is NULL, get default ccache */
+ err = kim_ccache_create_from_default (out_ccache);
}
- kim_ccache_iterator_free (&iterator);
-
return check_error (err);
}
#include <kim/kim.h>
+kim_error kim_ccache_create_new_if_needed_with_password (kim_ccache *out_ccache,
+ kim_identity in_client_identity,
+ kim_options in_options,
+ kim_string in_password);
+
kim_error kim_ccache_create_new_with_password (kim_ccache *out_ccache,
kim_identity in_client_identity,
kim_options in_options,
kim_identity identity = NULL;
if (!err) {
- err = kim_ccache_create_from_client_identity (&ccache,
- inPrincipal);
-
- if (err) {
- /* ccache does not already exist, create a new one */
- err = kim_ccache_create_new (&ccache, inPrincipal, inLoginOptions);
- }
+ err = kim_ccache_create_new_if_needed (&ccache,
+ inPrincipal,
+ inLoginOptions);
}
if (!err && outPrincipal) {
kim_error err = KIM_NO_ERROR;
kim_ccache ccache = NULL;
- err = kim_ccache_create_from_client_identity (&ccache, inPrincipal);
+ if (!err) {
+ err = kim_ccache_create_from_client_identity (&ccache, inPrincipal);
+ }
if (!err) {
err = kim_ccache_destroy (&ccache);
/* ------------------------------------------------------------------------ */
-
-/* Kerberos Login dialog low level functions */
-
KLStatus KLAcquireInitialTicketsWithPassword (KLPrincipal inPrincipal,
KLLoginOptions inLoginOptions,
const char *inPassword,
kim_ccache ccache = NULL;
if (!err) {
- err = kim_ccache_create_from_client_identity (&ccache,
- inPrincipal);
-
- if (err) {
- /* ccache does not already exist, create a new one */
- err = kim_ccache_create_new_with_password (&ccache,
- inPrincipal,
- inLoginOptions,
- inPassword);
- }
+ err = kim_ccache_create_new_if_needed_with_password (&ccache,
+ inPrincipal,
+ inLoginOptions,
+ inPassword);
}
if (!err && outCredCacheName) {
if (!outFoundValidTickets) { err = kl_check_error (klParameterErr); }
if (!err) {
- if (inPrincipal) {
- err = kim_ccache_create_from_client_identity (&ccache, inPrincipal);
- } else {
- err = kim_ccache_create_from_default (&ccache);
- }
+ err = kim_ccache_create_from_client_identity (&ccache, inPrincipal);
}
if (!err) {
if (!err && outPrincipal) {
err = kim_ccache_get_client_identity (ccache, &identity);
+ if (err) {
+ err = KIM_NO_ERROR;
+ identity = NULL;
+ }
}
if (!err && outCredCacheName) {