struct _krb5_init_creds_context;
typedef struct _krb5_init_creds_context *krb5_init_creds_context;
+#define KRB5_INIT_CREDS_STEP_FLAG_CONTINUE 0x1 /* More responses needed */
+
void KRB5_CALLCONV
krb5_init_creds_free(krb5_context context, krb5_init_creds_context ctx);
void KRB5_CALLCONV
krb5_tkt_creds_free(krb5_context context, krb5_tkt_creds_context ctx);
-#define KRB5_TKT_CREDS_CONTINUE 1 /* Another KDC response is needed. */
+#define KRB5_TKT_CREDS_STEP_FLAG_CONTINUE 0x1 /* More responses needed. */
/**
* Process a response and generate the next request to acquire credentials.
*
* On the first call, @a in should be empty or NULL. If more responses are
* needed, the @a flags output parameter will contain @a
- * KRB5_TKT_CREDS_CONTINUE. In this case, the caller must transport @a out to
- * a KDC for @a realm and receive a response, which should be provided as @a
- * in to the next call.
+ * KRB5_TKT_CREDS_STEP_FLAG_CONTINUE. In that case, the caller must transport
+ * @a out to a KDC for @a realm and receive a response, which should be
+ * provided as @a in to the next call.
*
* @param[in] context A krb5 library context (see krb5_init_context())
* @param[in] ctx A TGS acquisition context (see krb5_tkt_creds_init())
*ctx->caller_out = out_copy;
*ctx->caller_realm = realm_copy;
- *ctx->caller_flags = KRB5_TKT_CREDS_CONTINUE;
+ *ctx->caller_flags = KRB5_TKT_CREDS_STEP_FLAG_CONTINUE;
return 0;
cleanup:
&flags);
if (code == KRB5KRB_ERR_RESPONSE_TOO_BIG && !tcp_only)
tcp_only = 1;
- else if (code != 0 || !(flags & KRB5_TKT_CREDS_CONTINUE))
+ else if (code != 0 || !(flags & KRB5_TKT_CREDS_STEP_FLAG_CONTINUE))
break;
krb5_free_data_contents(context, &reply);
&flags);
if (code == KRB5KRB_ERR_RESPONSE_TOO_BIG && !tcp_only)
tcp_only = 1;
- else if (code != 0 || (flags & 1) == 0)
+ else if (code != 0 || !(flags & KRB5_INIT_CREDS_STEP_FLAG_CONTINUE))
break;
krb5_free_data_contents(context, &reply);
krb5_init_creds_context ctx,
krb5_creds *creds)
{
- if ((ctx->flags & KRB5_INIT_CREDS_STEP_FLAG_COMPLETE) == 0)
+ if (!ctx->complete)
return KRB5_NO_TKT_SUPPLIED;
return krb5int_copy_creds_contents(context, &ctx->cred, creds);
krb5_init_creds_context ctx,
krb5_ticket_times *times)
{
- if ((ctx->flags & KRB5_INIT_CREDS_STEP_FLAG_COMPLETE) == 0)
+ if (!ctx->complete)
return KRB5_NO_TKT_SUPPLIED;
*times = ctx->cred.times;
/* success */
code = 0;
- ctx->flags |= KRB5_INIT_CREDS_STEP_FLAG_COMPLETE;
+ ctx->complete = TRUE;
cleanup:
krb5_free_pa_data(context, padata);
realm->data = NULL;
realm->length = 0;
- if (ctx->flags & KRB5_INIT_CREDS_STEP_FLAG_COMPLETE)
- goto cleanup;
+ if (ctx->complete)
+ return EINVAL;
if (in->length != 0) {
code = init_creds_step_reply(context, ctx, in);
}
goto copy_realm;
}
- if (code != 0 || (ctx->flags & KRB5_INIT_CREDS_STEP_FLAG_COMPLETE))
+ if (code != 0 || ctx->complete)
goto cleanup;
}
}
}
- *flags = (ctx->flags & KRB5_INIT_CREDS_STEP_FLAG_COMPLETE) ? 0 : 1;
-
+ *flags = ctx->complete ? 0 : KRB5_INIT_CREDS_STEP_FLAG_CONTINUE;
return code;
}
krb5_deltat start_time;
krb5_deltat tkt_life;
krb5_deltat renew_life;
- unsigned int flags;
+ krb5_boolean complete;
unsigned int loopcount;
krb5_data password;
krb5_error *err_reply;
krb5_boolean sent_nontrivial_preauth;
};
-#define KRB5_INIT_CREDS_STEP_FLAG_COMPLETE 0x1
-
krb5_error_code
krb5_get_as_key_password(krb5_context context,
krb5_principal client,
projects / krb5.git / commitdiff