From: Alexandra Ellwood Date: Wed, 24 Sep 2008 22:11:20 +0000 (+0000) Subject: Fixed bugs in command line change password support. X-Git-Tag: krb5-1.7-alpha1~422 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=27b9fecf38319efcce64761ab678d04c302300f2;p=krb5.git Fixed bugs in command line change password support. Removed low level change password functions from export list because they require a UI context. Added kim_ccache functions needed by klist to export list. ticket: 6055 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20749 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/include/kim/kim_ccache.h b/src/include/kim/kim_ccache.h index 5e41e9bc8..73789eabb 100644 --- a/src/include/kim/kim_ccache.h +++ b/src/include/kim/kim_ccache.h @@ -352,6 +352,17 @@ kim_error kim_ccache_create_from_keytab (kim_ccache *out_ccache, */ kim_error kim_ccache_create_from_default (kim_ccache *out_ccache); +/*! + * \param out_ccache on exit, a ccache object for the ccache identified by + * \a in_display_name. Must be freed with kim_ccache_free(). + * \param in_display_name a ccache display name string (ie: "TYPE:NAME"). + * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. + * \note This API is used to obtain a kim_ccache for a ccache name entered by the user. + * \brief Get a ccache for a ccache display name. + */ +kim_error kim_ccache_create_from_display_name (kim_ccache *out_ccache, + kim_string in_display_name); + /*! * \param out_ccache on exit, a ccache object for the ccache identified by * \a in_type and \a in_name. Must be freed with kim_ccache_free(). @@ -388,6 +399,19 @@ kim_error kim_ccache_create_from_krb5_ccache (kim_ccache *out_ccache, kim_error kim_ccache_copy (kim_ccache *out_ccache, kim_ccache in_ccache); +/*! + * \param in_ccache a ccache object. + * \param in_compare_to_ccache a ccache object. + * \param out_comparison on exit, a comparison of \a in_ccache and + * \a in_compare_to_ccache which determines whether + * or not the two ccache objects refer to the same ccache. + * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. + * \brief Compare ccache objects. + */ +kim_error kim_ccache_compare (kim_ccache in_ccache, + kim_ccache in_compare_to_ccache, + kim_boolean *out_equal); + /*! * \param in_ccache a ccache object. * \param in_krb5_context a krb5 context which will be used to create out_krb5_ccache. @@ -397,8 +421,8 @@ kim_error kim_ccache_copy (kim_ccache *out_ccache, * \brief Get a krb5 ccache for a ccache. */ kim_error kim_ccache_get_krb5_ccache (kim_ccache in_ccache, - krb5_context in_krb5_context, - krb5_ccache *out_krb5_ccache); + krb5_context in_krb5_context, + krb5_ccache *out_krb5_ccache); /*! * \param in_ccache a ccache object. diff --git a/src/include/kim/kim_credential.h b/src/include/kim/kim_credential.h index c25b02e90..678c2a314 100644 --- a/src/include/kim/kim_credential.h +++ b/src/include/kim/kim_credential.h @@ -256,7 +256,7 @@ typedef int kim_credential_state; * Valid credentials may be renewed up until their renewal expiration time. * Renewing credentials acquires a fresh set of credentials with a full lifetime * without resending secrets to the KDC (such as a password). If credentials are - * not renewable, this function will return an error. + * not renewable, this function will return a renewal expiration time of 0. * * * See \ref kim_credential_reference and \ref kim_credential_iterator_reference for @@ -350,21 +350,6 @@ kim_error kim_credential_create_from_krb5_creds (kim_credential *out_credential, krb5_context in_krb5_context, krb5_creds *in_krb5_creds); -/*! - * \param out_credential on exit, a new credential object containing a change - * password credential for \a in_identity. - * Must be freed with kim_credential_free(). - * \param in_identity a client identity to obtain a change password credential for. - * \param in_old_password the current password for \a in_identity. May be - * an expired password. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Obtain a credential for changing an identity's password. - * \sa kim_credential_change_password - */ -kim_error kim_credential_create_for_change_password (kim_credential *out_credential, - kim_identity in_identity, - kim_string in_old_password); - /*! * \param out_credential on exit, a new credential object which is a copy of \a in_credential. * Must be freed with kim_credential_free(). @@ -460,17 +445,6 @@ kim_error kim_credential_get_expiration_time (kim_credential in_credential, kim_error kim_credential_get_renewal_expiration_time (kim_credential in_credential, kim_time *out_renewal_expiration_time); -/*! - * \param in_credential a credential object. - * \param out_ticket_flags on exit, the krb5 ticket flags for \a in_credential. - * See krb5 API documentation for the meaning of these flags. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the krb5 ticket_flags for a credential. - */ -kim_error kim_credential_get_krb5_ticket_flags (kim_credential in_credential, - krb5_flags *out_ticket_flags); - - /*! * \param in_credential a credential object. * \param in_client_identity a client identity. @@ -529,39 +503,6 @@ kim_error kim_credential_renew (kim_credential *io_credential, kim_error kim_credential_validate (kim_credential *io_credential, kim_options in_options); -/*! - * \param in_credential a credential object containing a change - * password credential. Use - * #kim_credential_create_for_change_password to obtain - * a change password credential. - * \param in_identity an identity to change the password for. May - * be different than the identity the credential - * is for. - * \param in_new_password the password to change the identity to. - * \param out_rejected_err on exit, 0 if the password change was - * successful or an error describing why the - * new password was rejected. - * \param out_rejected_message on exit, if \a out_rejected_err is non-zero - * this argument will contain an error message - * for \a out_rejected_err. Pass NULL if you - * do not want this error string. Must be - * freed with #kim_string_free(); - * \param out_rejected_description on exit, if \a out_rejected_err is non-zero - * this argument will contain an string describing - * why \a in_new_password was rejected. Pass NULL - * if you do not want this error string. Must be - * freed with #kim_string_free(); - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Change an identity's password. - * \sa kim_credential_create_for_change_password - */ -kim_error kim_credential_change_password (kim_credential in_credential, - kim_identity in_identity, - kim_string in_new_password, - kim_error *out_rejected_err, - kim_string *out_rejected_message, - kim_string *out_rejected_description); - /*! * \param io_credential the credential object to be freed. Set to NULL on exit. * \brief Free memory associated with a credential object. diff --git a/src/kim/lib/kim-lite.exports b/src/kim/lib/kim-lite.exports index 708d2753c..96699c808 100644 --- a/src/kim/lib/kim-lite.exports +++ b/src/kim/lib/kim-lite.exports @@ -80,7 +80,6 @@ kim_credential_iterator_free kim_credential_create_new kim_credential_create_from_krb5_creds -kim_credential_create_for_change_password kim_credential_copy kim_credential_get_krb5_creds kim_credential_get_client_identity @@ -90,11 +89,9 @@ kim_credential_get_state kim_credential_get_start_time kim_credential_get_expiration_time kim_credential_get_renewal_expiration_time -kim_credential_get_krb5_ticket_flags kim_credential_store kim_credential_renew kim_credential_validate -kim_credential_change_password kim_credential_free kim_ccache_iterator_create @@ -106,8 +103,10 @@ kim_ccache_create_new_if_needed kim_ccache_create_from_client_identity kim_ccache_create_from_default kim_ccache_create_from_type_and_name +kim_ccache_create_from_display_name kim_ccache_create_from_krb5_ccache kim_ccache_copy +kim_ccache_compare kim_ccache_get_krb5_ccache kim_ccache_get_name kim_ccache_get_type diff --git a/src/kim/lib/kim.exports b/src/kim/lib/kim.exports index bdacd6299..96359632e 100644 --- a/src/kim/lib/kim.exports +++ b/src/kim/lib/kim.exports @@ -81,7 +81,6 @@ kim_credential_iterator_free kim_credential_create_new kim_credential_create_from_keytab kim_credential_create_from_krb5_creds -kim_credential_create_for_change_password kim_credential_copy kim_credential_get_krb5_creds kim_credential_get_client_identity @@ -91,12 +90,10 @@ kim_credential_get_state kim_credential_get_start_time kim_credential_get_expiration_time kim_credential_get_renewal_expiration_time -kim_credential_get_krb5_ticket_flags kim_credential_store kim_credential_verify kim_credential_renew kim_credential_validate -kim_credential_change_password kim_credential_free kim_ccache_iterator_create @@ -109,8 +106,10 @@ kim_ccache_create_from_client_identity kim_ccache_create_from_keytab kim_ccache_create_from_default kim_ccache_create_from_type_and_name +kim_ccache_create_from_display_name kim_ccache_create_from_krb5_ccache kim_ccache_copy +kim_ccache_compare kim_ccache_get_krb5_ccache kim_ccache_get_name kim_ccache_get_type diff --git a/src/kim/lib/kim_ccache_private.h b/src/kim/lib/kim_ccache_private.h index 1abd00464..7856935c4 100644 --- a/src/kim/lib/kim_ccache_private.h +++ b/src/kim/lib/kim_ccache_private.h @@ -29,11 +29,5 @@ #include -kim_error kim_ccache_create_from_display_name (kim_ccache *out_ccache, - kim_string in_display_name); - -kim_error kim_ccache_compare (kim_ccache in_ccache, - kim_ccache in_compare_to_ccache, - kim_boolean *out_equal); #endif /* KIM_CCACHE_PRIVATE_H */ diff --git a/src/kim/lib/kim_credential.c b/src/kim/lib/kim_credential.c index 36c6ca1b6..f77be0993 100644 --- a/src/kim/lib/kim_credential.c +++ b/src/kim/lib/kim_credential.c @@ -1,7 +1,7 @@ /* * $Header$ * - * Copyright 2006 Massachusetts Institute of Technology. + * Copyright 2006-2008 Massachusetts Institute of Technology. * All Rights Reserved. * * Export of this software from the United States of America may @@ -31,6 +31,7 @@ struct kim_credential_iterator_opaque { krb5_context context; krb5_ccache ccache; krb5_cc_cursor cursor; + krb5_flags old_flags; }; struct kim_credential_iterator_opaque kim_credential_iterator_initializer = { NULL, NULL, NULL }; @@ -65,6 +66,24 @@ kim_error kim_credential_iterator_create (kim_credential_iterator *out_credentia &credential_iterator->ccache); } + if (!err) { + /* Turn off OPENCLOSE mode */ + err = krb5_error (credential_iterator->context, + krb5_cc_get_flags (credential_iterator->context, + credential_iterator->ccache, + &credential_iterator->old_flags)); + + if (!err && credential_iterator->old_flags & KRB5_TC_OPENCLOSE) { + krb5_flags new_flags = credential_iterator->old_flags & ~KRB5_TC_OPENCLOSE; + + err = krb5_error (credential_iterator->context, + krb5_cc_set_flags (credential_iterator->context, + credential_iterator->ccache, + new_flags)); + if (err == KRB5_FCC_NOFILE) { err = KIM_NO_ERROR; } + } + } + if (!err) { err = krb5_error (credential_iterator->context, krb5_cc_start_seq_get (credential_iterator->context, @@ -129,6 +148,10 @@ void kim_credential_iterator_free (kim_credential_iterator *io_credential_iterat krb5_cc_end_seq_get ((*io_credential_iterator)->context, (*io_credential_iterator)->ccache, &(*io_credential_iterator)->cursor); + + krb5_cc_set_flags ((*io_credential_iterator)->context, + (*io_credential_iterator)->ccache, + (*io_credential_iterator)->old_flags); } krb5_cc_close ((*io_credential_iterator)->context, (*io_credential_iterator)->ccache); @@ -467,22 +490,19 @@ kim_error kim_credential_create_from_krb5_creds (kim_credential *out_credential, return check_error (err); } - /* ------------------------------------------------------------------------ */ -kim_error kim_credential_create_for_change_password (kim_credential *out_credential, - kim_identity in_identity, - kim_string in_old_password) +kim_error kim_credential_create_for_change_password (kim_credential *out_credential, + kim_identity in_identity, + kim_string in_old_password, + kim_ui_context *in_ui_context) { kim_error err = KIM_NO_ERROR; kim_credential credential = NULL; kim_string realm = NULL; kim_string service = NULL; - kim_ui_context context; krb5_principal principal = NULL; kim_string service_format = "kadmin/changepw@%s"; - kim_boolean ui_inited = 0; - kim_boolean done = 0; if (!err && !out_credential ) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } @@ -511,14 +531,6 @@ kim_error kim_credential_create_for_change_password (kim_credential *out_credent } if (!err) { - err = kim_ui_init (&context); - if (!err) { - context.identity = in_identity; /* used by kim_ui_prompter */ - ui_inited = 1; - } - } - - while (!err && !done) { krb5_creds creds; kim_boolean free_creds = 0; krb5_get_init_creds_opt opts; @@ -535,7 +547,8 @@ kim_error kim_credential_create_for_change_password (kim_credential *out_credent principal, (char *) in_old_password, kim_ui_prompter, - &context, 0, (char *) service, + in_ui_context, 0, + (char *) service, &opts)); if (!err) { free_creds = 1; } @@ -545,33 +558,17 @@ kim_error kim_credential_create_for_change_password (kim_credential *out_credent &creds, &credential->creds)); } - - if (!err || err == KIM_USER_CANCELED_ERR) { - /* new creds obtained or the user gave up */ - done = 1; - - } else { - /* new creds failed, report error to user */ - err = kim_ui_handle_kim_error (&context, in_identity, - kim_ui_error_type_change_password, - err); - } - + if (free_creds) { krb5_free_cred_contents (credential->context, &creds); } } - if (ui_inited) { - kim_error fini_err = kim_ui_fini (&context); - if (!err) { err = check_error (fini_err); } - } - + if (principal) { krb5_free_principal (credential->context, principal); } + if (!err) { *out_credential = credential; credential = NULL; } - if (principal ) { krb5_free_principal (credential->context, principal); } - kim_string_free (&realm); kim_string_free (&service); kim_credential_free (&credential); @@ -833,23 +830,6 @@ kim_error kim_credential_get_renewal_expiration_time (kim_credential in_credent /* ------------------------------------------------------------------------ */ -kim_error kim_credential_get_krb5_ticket_flags (kim_credential in_credential, - krb5_flags *out_ticket_flags) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_credential ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_ticket_flags) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - *out_ticket_flags = in_credential->creds->ticket_flags; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - kim_error kim_credential_store (kim_credential in_credential, kim_identity in_client_identity, kim_ccache *out_ccache) @@ -1188,130 +1168,6 @@ kim_error kim_credential_validate (kim_credential *io_credential, /* ------------------------------------------------------------------------ */ -kim_error kim_credential_change_password (kim_credential in_credential, - kim_identity in_identity, - kim_string in_new_password, - kim_error *out_rejected_err, - kim_string *out_rejected_message, - kim_string *out_rejected_description) -{ - kim_error err = KIM_NO_ERROR; - krb5_principal principal = NULL; - int rejected_code = 0; - krb5_data message_data; - krb5_data description_data; - - if (!err && !in_credential ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_new_password ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_rejected_err) { err = check_error (KIM_NULL_PARAMETER_ERR); } - /* out_rejected_message and out_rejected_description may be NULL */ - - if (!err) { - err = kim_identity_get_krb5_principal (in_identity, - in_credential->context, - &principal); - } - - if (!err) { - err = krb5_error (in_credential->context, - krb5_principal_compare (in_credential->context, - in_credential->creds->client, - principal)); - } - - if (!err) { - if (krb5_principal_compare (in_credential->context, - in_credential->creds->client, - principal)) { - /* Same principal, change the password normally */ - err = krb5_error (in_credential->context, - krb5_change_password (in_credential->context, - in_credential->creds, - (char *) in_new_password, - &rejected_code, - &message_data, - &description_data)); - } else { - /* Different principal, use set change password protocol */ - err = krb5_error (in_credential->context, - krb5_set_password (in_credential->context, - in_credential->creds, - (char *) in_new_password, - principal, - &rejected_code, - &message_data, - &description_data)); - } - - } - - if (!err && rejected_code) { - kim_string rejected_message = NULL; - kim_string rejected_description = NULL; - - if (!err) { - if (message_data.data && message_data.length > 0) { - err = kim_string_create_from_buffer (&rejected_message, - message_data.data, - message_data.length); - } else { - err = kim_os_string_create_localized (&rejected_message, - "KLStringChangePasswordFailed"); - } - } - - if (!err) { - if (description_data.data && description_data.length > 0) { - err = kim_string_create_from_buffer (&rejected_description, - description_data.data, - description_data.length); - } else { - err = kim_os_string_create_localized (&rejected_description, - "KLStringPasswordRejected"); - } - } - - if (!err) { - char *c; - - // replace all \n and \r characters with spaces - for (c = (char *) rejected_message; *c != '\0'; c++) { - if ((*c == '\n') || (*c == '\r')) { *c = ' '; } - } - - for (c = (char *) rejected_description; *c != '\0'; c++) { - if ((*c == '\n') || (*c == '\r')) { *c = ' '; } - } - } - - if (!err) { - if (out_rejected_message) { - *out_rejected_message = rejected_message; - rejected_message = NULL; - } - - if (out_rejected_description) { - *out_rejected_description = rejected_description; - rejected_description = NULL; - } - } - - kim_string_free (&rejected_message); - kim_string_free (&rejected_description); - - krb5_free_data_contents (in_credential->context, &message_data); - krb5_free_data_contents (in_credential->context, &description_data); - } - - if (!err) { - *out_rejected_err = rejected_code; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - void kim_credential_free (kim_credential *io_credential) { if (io_credential && *io_credential) { diff --git a/src/kim/lib/kim_credential_private.h b/src/kim/lib/kim_credential_private.h new file mode 100644 index 000000000..f5045ad85 --- /dev/null +++ b/src/kim/lib/kim_credential_private.h @@ -0,0 +1,38 @@ +/* + * $Header$ + * + * Copyright 2006 Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +#ifndef KIM_CREDENTIAL_PRIVATE_H +#define KIM_CREDENTIAL_PRIVATE_H + +#include +#include "kim_ui_private.h" + +kim_error kim_credential_create_for_change_password (kim_credential *out_credential, + kim_identity in_identity, + kim_string in_old_password, + kim_ui_context *in_ui_context); + +#endif /* KIM_CREDENTIAL_PRIVATE_H */ diff --git a/src/kim/lib/kim_identity.c b/src/kim/lib/kim_identity.c index 7a5b68a9f..1ef30c257 100644 --- a/src/kim/lib/kim_identity.c +++ b/src/kim/lib/kim_identity.c @@ -534,6 +534,123 @@ kim_error kim_identity_is_tgt_service (kim_identity in_identity, return check_error (err); } + +/* ------------------------------------------------------------------------ */ + +static kim_error kim_identity_change_password_with_credential (kim_identity in_identity, + kim_credential in_credential, + kim_string in_new_password, + kim_ui_context *in_ui_context, + kim_error *out_rejected_err, + kim_string *out_rejected_message, + kim_string *out_rejected_description) +{ + kim_error err = KIM_NO_ERROR; + krb5_creds *creds = NULL; + int rejected_err = 0; + krb5_data message_data; + krb5_data description_data; + + if (!err && !in_credential ) { err = check_error (KIM_NULL_PARAMETER_ERR); } + if (!err && !in_new_password ) { err = check_error (KIM_NULL_PARAMETER_ERR); } + if (!err && !in_ui_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); } + if (!err && !out_rejected_err) { err = check_error (KIM_NULL_PARAMETER_ERR); } + + if (!err) { + err = kim_credential_get_krb5_creds (in_credential, + in_identity->context, + &creds); + } + + if (!err) { + if (krb5_principal_compare (in_identity->context, + in_identity->principal, + creds->client)) { + /* Same principal, change the password normally */ + err = krb5_error (in_identity->context, + krb5_change_password (in_identity->context, + creds, + (char *) in_new_password, + &rejected_err, + &message_data, + &description_data)); + } else { + /* Different principal, use set change password protocol */ + err = krb5_error (in_identity->context, + krb5_set_password (in_identity->context, + creds, + (char *) in_new_password, + in_identity->principal, + &rejected_err, + &message_data, + &description_data)); + } + + } + + if (!err && rejected_err) { + kim_string rejected_message = NULL; + kim_string rejected_description = NULL; + + if (message_data.data && message_data.length > 0) { + err = kim_string_create_from_buffer (&rejected_message, + message_data.data, + message_data.length); + } else { + err = kim_os_string_create_localized (&rejected_message, + "KLStringChangePasswordFailed"); + } + + if (!err) { + if (description_data.data && description_data.length > 0) { + err = kim_string_create_from_buffer (&rejected_description, + description_data.data, + description_data.length); + } else { + err = kim_os_string_create_localized (&rejected_description, + "KLStringPasswordRejected"); + } + } + + if (!err && in_ui_context->type != kim_ui_type_cli) { + char *c; + + // replace all \n and \r characters with spaces + for (c = (char *) rejected_message; *c != '\0'; c++) { + if ((*c == '\n') || (*c == '\r')) { *c = ' '; } + } + + for (c = (char *) rejected_description; *c != '\0'; c++) { + if ((*c == '\n') || (*c == '\r')) { *c = ' '; } + } + } + + if (!err) { + if (out_rejected_message) { + *out_rejected_message = rejected_message; + rejected_message = NULL; + } + if (out_rejected_description) { + *out_rejected_description = rejected_description; + rejected_description = NULL; + } + } + + kim_string_free (&rejected_message); + kim_string_free (&rejected_description); + + krb5_free_data_contents (in_identity->context, &message_data); + krb5_free_data_contents (in_identity->context, &description_data); + } + + if (!err) { + /* do this after reporting errors so we don't double report rejection */ + *out_rejected_err = rejected_err; + } + + return check_error (err); +} + /* ------------------------------------------------------------------------ */ kim_error kim_identity_change_password (kim_identity in_identity) @@ -583,38 +700,39 @@ kim_error kim_identity_change_password (kim_identity in_identity) } else { err = kim_credential_create_for_change_password (&credential, in_identity, - old_password); + old_password, + &context); } if (!err) { - err = kim_credential_change_password (credential, - in_identity, - new_password, - &rejected_err, - &rejected_message, - &rejected_description); - + err = kim_identity_change_password_with_credential (in_identity, + credential, + new_password, + &context, + &rejected_err, + &rejected_message, + &rejected_description); } kim_credential_free (&credential); } - if (!err || err == KIM_USER_CANCELED_ERR) { - /* password change succeeded or the user gave up */ - done = 1; - - } else if (!err && rejected_err) { + if (!err && rejected_err) { /* Password rejected, report it to the user */ err = kim_ui_handle_error (&context, in_identity, rejected_err, rejected_message, rejected_description); - - } else { - /* Password change failed, report error to user */ + + } else if (err && err != KIM_USER_CANCELED_ERR) { + /* new creds failed, report error to user */ err = kim_ui_handle_kim_error (&context, in_identity, kim_ui_error_type_change_password, - err); + err); + + } else { + /* password change succeeded or the user gave up */ + done = 1; } kim_string_free (&rejected_message); diff --git a/src/kim/lib/kim_private.h b/src/kim/lib/kim_private.h index 0a8cdbdfa..7a86d7e0a 100644 --- a/src/kim/lib/kim_private.h +++ b/src/kim/lib/kim_private.h @@ -40,6 +40,7 @@ #include "kim_error_private.h" #include "kim_identity_private.h" #include "kim_ccache_private.h" +#include "kim_credential_private.h" #include "kim_options_private.h" #include "kim_preferences_private.h" #include "kim_selection_hints_private.h" diff --git a/src/kim/lib/kim_ui.c b/src/kim/lib/kim_ui.c index a87e150ba..4c1ad8b62 100644 --- a/src/kim/lib/kim_ui.c +++ b/src/kim/lib/kim_ui.c @@ -59,18 +59,18 @@ kim_error kim_ui_init (kim_ui_context *io_context) #endif /* LEAN_CLIENT */ io_context->type = kim_ui_type_gui_plugin; - err = kim_ui_plugin_init ((kim_ui_plugin_context *) &io_context->tcontext); + err = kim_ui_plugin_init (io_context); #ifndef LEAN_CLIENT if (err) { io_context->type = kim_ui_type_gui_builtin; - err = kim_os_ui_gui_init ((kim_ui_gui_context *) &io_context->tcontext); + err = kim_os_ui_gui_init (io_context); } } else if (environment == KIM_UI_ENVIRONMENT_CLI) { io_context->type = kim_ui_type_cli; - err = kim_ui_cli_init ((kim_ui_cli_context *) &io_context->tcontext); + err = kim_ui_cli_init (io_context); } else { io_context->type = kim_ui_type_none; @@ -99,16 +99,16 @@ kim_error kim_ui_enter_identity (kim_ui_context *in_context, if (!err) { if (in_context->type == kim_ui_type_gui_plugin) { - err = kim_ui_plugin_enter_identity ((kim_ui_plugin_context) in_context->tcontext, + err = kim_ui_plugin_enter_identity (in_context, out_identity); #ifndef LEAN_CLIENT } else if (in_context->type == kim_ui_type_gui_builtin) { - err = kim_os_ui_gui_enter_identity ((kim_ui_gui_context) in_context->tcontext, + err = kim_os_ui_gui_enter_identity (in_context, out_identity); } else if (in_context->type == kim_ui_type_cli) { - err = kim_ui_cli_enter_identity ((kim_ui_cli_context) in_context->tcontext, + err = kim_ui_cli_enter_identity (in_context, out_identity); #endif /* LEAN_CLIENT */ @@ -135,18 +135,18 @@ kim_error kim_ui_select_identity (kim_ui_context *in_context, if (!err) { if (in_context->type == kim_ui_type_gui_plugin) { - err = kim_ui_plugin_select_identity ((kim_ui_plugin_context) in_context->tcontext, + err = kim_ui_plugin_select_identity (in_context, in_hints, out_identity); #ifndef LEAN_CLIENT } else if (in_context->type == kim_ui_type_gui_builtin) { - err = kim_os_ui_gui_select_identity ((kim_ui_gui_context) in_context->tcontext, + err = kim_os_ui_gui_select_identity (in_context, in_hints, out_identity); } else if (in_context->type == kim_ui_type_cli) { - err = kim_ui_cli_select_identity ((kim_ui_cli_context) in_context->tcontext, + err = kim_ui_cli_select_identity (in_context, in_hints, out_identity); @@ -200,7 +200,7 @@ krb5_error_code kim_ui_prompter (krb5_context in_krb5_context, if (!got_saved_password) { if (context->type == kim_ui_type_gui_plugin) { - err = kim_ui_plugin_auth_prompt ((kim_ui_plugin_context) context->tcontext, + err = kim_ui_plugin_auth_prompt (context, context->identity, type, in_prompts[i].hidden, @@ -211,7 +211,7 @@ krb5_error_code kim_ui_prompter (krb5_context in_krb5_context, #ifndef LEAN_CLIENT } else if (context->type == kim_ui_type_gui_builtin) { - err = kim_os_ui_gui_auth_prompt ((kim_ui_gui_context) context->tcontext, + err = kim_os_ui_gui_auth_prompt (context, context->identity, type, in_prompts[i].hidden, @@ -221,7 +221,7 @@ krb5_error_code kim_ui_prompter (krb5_context in_krb5_context, &reply); } else if (context->type == kim_ui_type_cli) { - err = kim_ui_cli_auth_prompt ((kim_ui_cli_context) context->tcontext, + err = kim_ui_cli_auth_prompt (context, context->identity, type, in_prompts[i].hidden, @@ -283,7 +283,7 @@ kim_error kim_ui_change_password (kim_ui_context *in_context, if (!err) { if (in_context->type == kim_ui_type_gui_plugin) { - err = kim_ui_plugin_change_password ((kim_ui_plugin_context) in_context->tcontext, + err = kim_ui_plugin_change_password (in_context, in_identity, in_old_password_expired, out_old_password, @@ -292,7 +292,7 @@ kim_error kim_ui_change_password (kim_ui_context *in_context, #ifndef LEAN_CLIENT } else if (in_context->type == kim_ui_type_gui_builtin) { - err = kim_os_ui_gui_change_password ((kim_ui_gui_context) in_context->tcontext, + err = kim_os_ui_gui_change_password (in_context, in_identity, in_old_password_expired, out_old_password, @@ -300,7 +300,7 @@ kim_error kim_ui_change_password (kim_ui_context *in_context, out_verify_password); } else if (in_context->type == kim_ui_type_cli) { - err = kim_ui_cli_change_password ((kim_ui_cli_context) in_context->tcontext, + err = kim_ui_cli_change_password (in_context, in_identity, in_old_password_expired, out_old_password, @@ -384,7 +384,7 @@ kim_error kim_ui_handle_error (kim_ui_context *in_context, if (!err) { if (in_context->type == kim_ui_type_gui_plugin) { - err = kim_ui_plugin_handle_error ((kim_ui_plugin_context) in_context->tcontext, + err = kim_ui_plugin_handle_error (in_context, in_identity, in_error, in_error_message, @@ -392,14 +392,14 @@ kim_error kim_ui_handle_error (kim_ui_context *in_context, #ifndef LEAN_CLIENT } else if (in_context->type == kim_ui_type_gui_builtin) { - err = kim_os_ui_gui_handle_error ((kim_ui_gui_context) in_context->tcontext, + err = kim_os_ui_gui_handle_error (in_context, in_identity, in_error, in_error_message, in_error_description); } else if (in_context->type == kim_ui_type_cli) { - err = kim_ui_cli_handle_error ((kim_ui_cli_context) in_context->tcontext, + err = kim_ui_cli_handle_error (in_context, in_identity, in_error, in_error_message, @@ -421,16 +421,16 @@ void kim_ui_free_string (kim_ui_context *in_context, { if (in_context && io_string && *io_string) { if (in_context->type == kim_ui_type_gui_plugin) { - kim_ui_plugin_free_string ((kim_ui_plugin_context) in_context->tcontext, + kim_ui_plugin_free_string (in_context, io_string); #ifndef LEAN_CLIENT } else if (in_context->type == kim_ui_type_gui_builtin) { - kim_os_ui_gui_free_string ((kim_ui_gui_context) in_context->tcontext, + kim_os_ui_gui_free_string (in_context, io_string); } else if (in_context->type == kim_ui_type_cli) { - kim_ui_cli_free_string ((kim_ui_cli_context) in_context->tcontext, + kim_ui_cli_free_string (in_context, io_string); #endif /* LEAN_CLIENT */ @@ -448,14 +448,14 @@ kim_error kim_ui_fini (kim_ui_context *io_context) if (!err) { if (io_context->type == kim_ui_type_gui_plugin) { - err = kim_ui_plugin_fini ((kim_ui_plugin_context *) &io_context->tcontext); + err = kim_ui_plugin_fini (io_context); #ifndef LEAN_CLIENT } else if (io_context->type == kim_ui_type_gui_builtin) { - err = kim_os_ui_gui_fini ((kim_ui_gui_context *) &io_context->tcontext); + err = kim_os_ui_gui_fini (io_context); } else if (io_context->type == kim_ui_type_cli) { - err = kim_ui_cli_fini ((kim_ui_cli_context *) &io_context->tcontext); + err = kim_ui_cli_fini (io_context); #endif /* LEAN_CLIENT */ } else { diff --git a/src/kim/lib/kim_ui_cli.c b/src/kim/lib/kim_ui_cli.c index 898b58086..79f28e0ff 100644 --- a/src/kim/lib/kim_ui_cli.c +++ b/src/kim/lib/kim_ui_cli.c @@ -89,23 +89,24 @@ static kim_error kim_ui_cli_read_string (kim_string *out_string, /* ------------------------------------------------------------------------ */ -kim_error kim_ui_cli_init (kim_ui_cli_context *out_context) +kim_error kim_ui_cli_init (kim_ui_context *io_context) { - *out_context = NULL; + if (io_context) { + io_context->tcontext = NULL; + } return KIM_NO_ERROR; } /* ------------------------------------------------------------------------ */ -kim_error kim_ui_cli_enter_identity (kim_ui_cli_context in_context, - kim_identity *out_identity) +kim_error kim_ui_cli_enter_identity (kim_ui_context *in_context, + kim_identity *out_identity) { kim_error err = KIM_NO_ERROR; kim_string enter_identity_string = NULL; kim_string identity_string = NULL; - if (!err && !in_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err && !out_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err) { @@ -130,13 +131,12 @@ kim_error kim_ui_cli_enter_identity (kim_ui_cli_context in_context, /* ------------------------------------------------------------------------ */ -kim_error kim_ui_cli_select_identity (kim_ui_cli_context in_context, +kim_error kim_ui_cli_select_identity (kim_ui_context *in_context, kim_selection_hints in_hints, kim_identity *out_identity) { kim_error err = KIM_NO_ERROR; - if (!err && !in_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err && !in_hints ) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err && !out_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } @@ -149,7 +149,7 @@ kim_error kim_ui_cli_select_identity (kim_ui_cli_context in_context, /* ------------------------------------------------------------------------ */ -kim_error kim_ui_cli_auth_prompt (kim_ui_cli_context in_context, +kim_error kim_ui_cli_auth_prompt (kim_ui_context *in_context, kim_identity in_identity, kim_prompt_type in_type, kim_boolean in_hide_reply, @@ -160,7 +160,6 @@ kim_error kim_ui_cli_auth_prompt (kim_ui_cli_context in_context, { kim_error err = KIM_NO_ERROR; - if (!err && !in_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err && !in_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err && !out_reply ) { err = check_error (KIM_NULL_PARAMETER_ERR); } /* in_title, in_message or in_description may be NULL */ @@ -304,12 +303,12 @@ static kim_error kim_ui_cli_ask_change_password (kim_string in_identity_string) /* ------------------------------------------------------------------------ */ -kim_error kim_ui_cli_change_password (kim_ui_cli_context in_context, - kim_identity in_identity, - kim_boolean in_old_password_expired, - char **out_old_password, - char **out_new_password, - char **out_verify_password) +kim_error kim_ui_cli_change_password (kim_ui_context *in_context, + kim_identity in_identity, + kim_boolean in_old_password_expired, + char **out_old_password, + char **out_new_password, + char **out_verify_password) { kim_error err = KIM_NO_ERROR; kim_string enter_old_password_format = NULL; @@ -319,8 +318,8 @@ kim_error kim_ui_cli_change_password (kim_ui_cli_context in_context, kim_string old_password = NULL; kim_string new_password = NULL; kim_string verify_password = NULL; + kim_boolean done = 0; - if (!err && !in_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err && !out_old_password ) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err && !out_new_password ) { err = check_error (KIM_NULL_PARAMETER_ERR); } @@ -349,16 +348,28 @@ kim_error kim_ui_cli_change_password (kim_ui_cli_context in_context, "KLStringEnterVerifyPassword"); } - if (!err) { + while (!err && !done) { + kim_string_free (&old_password); + err = kim_ui_cli_read_string (&old_password, 1, enter_old_password_format, identity_string); - } - - if (!err) { - err = kim_credential_create_for_change_password (&in_context, - in_identity, - old_password); + + if (!err) { + err = kim_credential_create_for_change_password ((kim_credential *) &in_context->tcontext, + in_identity, + old_password, + in_context); + } + + if (err && err != KIM_USER_CANCELED_ERR) { + /* new creds failed, report error to user */ + err = kim_ui_handle_kim_error (in_context, in_identity, + kim_ui_error_type_change_password, + err); + } else { + done = 1; + } } if (!err) { @@ -395,20 +406,19 @@ kim_error kim_ui_cli_change_password (kim_ui_cli_context in_context, /* ------------------------------------------------------------------------ */ -kim_error kim_ui_cli_handle_error (kim_ui_cli_context in_context, - kim_identity in_identity, - kim_error in_error, - kim_string in_error_message, - kim_string in_error_description) +kim_error kim_ui_cli_handle_error (kim_ui_context *in_context, + kim_identity in_identity, + kim_error in_error, + kim_string in_error_message, + kim_string in_error_description) { kim_error err = KIM_NO_ERROR; - if (!err && !in_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err && !in_error_message ) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err && !in_error_description) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err) { - fprintf (stdout, "%s: %s\n", in_error_message, in_error_description); + fprintf (stdout, "%s\n%s\n\n", in_error_message, in_error_description); } return check_error (err); @@ -416,18 +426,18 @@ kim_error kim_ui_cli_handle_error (kim_ui_cli_context in_context, /* ------------------------------------------------------------------------ */ -void kim_ui_cli_free_string (kim_ui_cli_context in_context, - char **io_string) +void kim_ui_cli_free_string (kim_ui_context *in_context, + char **io_string) { kim_string_free ((kim_string *) io_string); } /* ------------------------------------------------------------------------ */ -kim_error kim_ui_cli_fini (kim_ui_cli_context *io_context) +kim_error kim_ui_cli_fini (kim_ui_context *io_context) { - if (io_context && *io_context) { - kim_credential_free (io_context); + if (io_context) { + kim_credential_free ((kim_credential *) &io_context->tcontext); } return KIM_NO_ERROR; diff --git a/src/kim/lib/kim_ui_cli_private.h b/src/kim/lib/kim_ui_cli_private.h index 89011aa3a..872fb4b22 100644 --- a/src/kim/lib/kim_ui_cli_private.h +++ b/src/kim/lib/kim_ui_cli_private.h @@ -34,16 +34,16 @@ typedef kim_credential kim_ui_cli_context; -kim_error kim_ui_cli_init (kim_ui_cli_context *out_context); +kim_error kim_ui_cli_init (kim_ui_context *io_context); -kim_error kim_ui_cli_enter_identity (kim_ui_cli_context in_context, - kim_identity *out_identity); +kim_error kim_ui_cli_enter_identity (kim_ui_context *in_context, + kim_identity *out_identity); -kim_error kim_ui_cli_select_identity (kim_ui_cli_context in_context, +kim_error kim_ui_cli_select_identity (kim_ui_context *in_context, kim_selection_hints in_hints, kim_identity *out_identity); -kim_error kim_ui_cli_auth_prompt (kim_ui_cli_context in_context, +kim_error kim_ui_cli_auth_prompt (kim_ui_context *in_context, kim_identity in_identity, kim_prompt_type in_type, kim_boolean in_hide_reply, @@ -52,23 +52,23 @@ kim_error kim_ui_cli_auth_prompt (kim_ui_cli_context in_context, kim_string in_description, char **out_reply); -kim_error kim_ui_cli_change_password (kim_ui_cli_context in_context, - kim_identity in_identity, - kim_boolean in_old_password_expired, - char **out_old_password, - char **out_new_password, - char **out_verify_password); +kim_error kim_ui_cli_change_password (kim_ui_context *in_context, + kim_identity in_identity, + kim_boolean in_old_password_expired, + char **out_old_password, + char **out_new_password, + char **out_verify_password); -kim_error kim_ui_cli_handle_error (kim_ui_cli_context in_context, - kim_identity in_identity, - kim_error in_error, - kim_string in_error_message, - kim_string in_error_description); +kim_error kim_ui_cli_handle_error (kim_ui_context *in_context, + kim_identity in_identity, + kim_error in_error, + kim_string in_error_message, + kim_string in_error_description); -void kim_ui_cli_free_string (kim_ui_cli_context in_context, - char **io_string); +void kim_ui_cli_free_string (kim_ui_context *in_context, + char **io_string); -kim_error kim_ui_cli_fini (kim_ui_cli_context *io_context); +kim_error kim_ui_cli_fini (kim_ui_context *in_context); #endif /* LEAN_CLIENT */ diff --git a/src/kim/lib/kim_ui_gui_private.h b/src/kim/lib/kim_ui_gui_private.h index 9792f53d5..b89cf348f 100644 --- a/src/kim/lib/kim_ui_gui_private.h +++ b/src/kim/lib/kim_ui_gui_private.h @@ -34,17 +34,16 @@ struct kim_ui_gui_context; typedef struct kim_ui_gui_context *kim_ui_gui_context; +kim_error kim_os_ui_gui_init (kim_ui_context *io_context); -kim_error kim_os_ui_gui_init (kim_ui_gui_context *out_context); +kim_error kim_os_ui_gui_enter_identity (kim_ui_context *in_context, + kim_identity *out_identity); -kim_error kim_os_ui_gui_enter_identity (kim_ui_gui_context in_context, - kim_identity *out_identity); - -kim_error kim_os_ui_gui_select_identity (kim_ui_gui_context in_context, +kim_error kim_os_ui_gui_select_identity (kim_ui_context *in_context, kim_selection_hints in_hints, kim_identity *out_identity); -kim_error kim_os_ui_gui_auth_prompt (kim_ui_gui_context in_context, +kim_error kim_os_ui_gui_auth_prompt (kim_ui_context *in_context, kim_identity in_identity, kim_prompt_type in_type, kim_boolean in_hide_reply, @@ -53,23 +52,23 @@ kim_error kim_os_ui_gui_auth_prompt (kim_ui_gui_context in_context, kim_string in_description, char **out_reply); -kim_error kim_os_ui_gui_change_password (kim_ui_gui_context in_context, - kim_identity in_identity, - kim_boolean in_old_password_expired, - char **out_old_password, - char **out_new_password, - char **out_verify_password); +kim_error kim_os_ui_gui_change_password (kim_ui_context *in_context, + kim_identity in_identity, + kim_boolean in_old_password_expired, + char **out_old_password, + char **out_new_password, + char **out_verify_password); -kim_error kim_os_ui_gui_handle_error (kim_ui_gui_context in_context, - kim_identity in_identity, - kim_error in_error, - kim_string in_error_message, - kim_string in_error_description); +kim_error kim_os_ui_gui_handle_error (kim_ui_context *in_context, + kim_identity in_identity, + kim_error in_error, + kim_string in_error_message, + kim_string in_error_description); -void kim_os_ui_gui_free_string (kim_ui_gui_context in_context, - char **io_string); +void kim_os_ui_gui_free_string (kim_ui_context *in_context, + char **io_string); -kim_error kim_os_ui_gui_fini (kim_ui_gui_context *io_context); +kim_error kim_os_ui_gui_fini (kim_ui_context *in_context); #endif /* LEAN_CLIENT */ diff --git a/src/kim/lib/kim_ui_plugin.c b/src/kim/lib/kim_ui_plugin.c index f1b5db923..49cceaeb4 100644 --- a/src/kim/lib/kim_ui_plugin.c +++ b/src/kim/lib/kim_ui_plugin.c @@ -95,13 +95,13 @@ static kim_error kim_ui_plugin_context_allocate (kim_ui_plugin_context *out_cont /* ------------------------------------------------------------------------ */ -kim_error kim_ui_plugin_init (kim_ui_plugin_context *out_context) +kim_error kim_ui_plugin_init (kim_ui_context *io_context) { kim_error err = KIM_NO_ERROR; kim_ui_plugin_context context = NULL; struct errinfo einfo; - if (!err && !out_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } + if (!err && !io_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err) { err = kim_ui_plugin_context_allocate (&context); @@ -145,7 +145,7 @@ kim_error kim_ui_plugin_init (kim_ui_plugin_context *out_context) } if (!err) { - *out_context = context; + io_context->tcontext = context; context = NULL; } @@ -156,8 +156,8 @@ kim_error kim_ui_plugin_init (kim_ui_plugin_context *out_context) /* ------------------------------------------------------------------------ */ -kim_error kim_ui_plugin_enter_identity (kim_ui_plugin_context in_context, - kim_identity *out_identity) +kim_error kim_ui_plugin_enter_identity (kim_ui_context *in_context, + kim_identity *out_identity) { kim_error err = KIM_NO_ERROR; @@ -165,8 +165,10 @@ kim_error kim_ui_plugin_enter_identity (kim_ui_plugin_context in_context, if (!err && !out_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err) { - err = in_context->ftable->enter_identity (in_context->plugin_context, - out_identity); + kim_ui_plugin_context context = (kim_ui_plugin_context) in_context->tcontext; + + err = context->ftable->enter_identity (context->plugin_context, + out_identity); } return check_error (err); @@ -174,9 +176,9 @@ kim_error kim_ui_plugin_enter_identity (kim_ui_plugin_context in_context, /* ------------------------------------------------------------------------ */ -kim_error kim_ui_plugin_select_identity (kim_ui_plugin_context in_context, - kim_selection_hints in_hints, - kim_identity *out_identity) +kim_error kim_ui_plugin_select_identity (kim_ui_context *in_context, + kim_selection_hints in_hints, + kim_identity *out_identity) { kim_error err = KIM_NO_ERROR; @@ -185,9 +187,11 @@ kim_error kim_ui_plugin_select_identity (kim_ui_plugin_context in_context, if (!err && !out_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err) { - err = in_context->ftable->select_identity (in_context->plugin_context, - in_hints, - out_identity); + kim_ui_plugin_context context = (kim_ui_plugin_context) in_context->tcontext; + + err = context->ftable->select_identity (context->plugin_context, + in_hints, + out_identity); } return check_error (err); @@ -195,14 +199,14 @@ kim_error kim_ui_plugin_select_identity (kim_ui_plugin_context in_context, /* ------------------------------------------------------------------------ */ -kim_error kim_ui_plugin_auth_prompt (kim_ui_plugin_context in_context, - kim_identity in_identity, - kim_prompt_type in_type, - kim_boolean in_hide_reply, - kim_string in_title, - kim_string in_message, - kim_string in_description, - char **out_reply) +kim_error kim_ui_plugin_auth_prompt (kim_ui_context *in_context, + kim_identity in_identity, + kim_prompt_type in_type, + kim_boolean in_hide_reply, + kim_string in_title, + kim_string in_message, + kim_string in_description, + char **out_reply) { kim_error err = KIM_NO_ERROR; @@ -212,14 +216,16 @@ kim_error kim_ui_plugin_auth_prompt (kim_ui_plugin_context in_context, /* in_title, in_message or in_description may be NULL */ if (!err) { - err = in_context->ftable->auth_prompt (in_context->plugin_context, - in_identity, - in_type, - in_hide_reply, - in_title, - in_message, - in_description, - out_reply); + kim_ui_plugin_context context = (kim_ui_plugin_context) in_context->tcontext; + + err = context->ftable->auth_prompt (context->plugin_context, + in_identity, + in_type, + in_hide_reply, + in_title, + in_message, + in_description, + out_reply); } return check_error (err); @@ -227,12 +233,12 @@ kim_error kim_ui_plugin_auth_prompt (kim_ui_plugin_context in_context, /* ------------------------------------------------------------------------ */ -kim_error kim_ui_plugin_change_password (kim_ui_plugin_context in_context, - kim_identity in_identity, - kim_boolean in_old_password_expired, - char **out_old_password, - char **out_new_password, - char **out_verify_password) +kim_error kim_ui_plugin_change_password (kim_ui_context *in_context, + kim_identity in_identity, + kim_boolean in_old_password_expired, + char **out_old_password, + char **out_new_password, + char **out_verify_password) { kim_error err = KIM_NO_ERROR; @@ -243,12 +249,14 @@ kim_error kim_ui_plugin_change_password (kim_ui_plugin_context in_context, if (!err && !out_verify_password) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err) { - err = in_context->ftable->change_password (in_context->plugin_context, - in_identity, - in_old_password_expired, - out_old_password, - out_new_password, - out_verify_password); + kim_ui_plugin_context context = (kim_ui_plugin_context) in_context->tcontext; + + err = context->ftable->change_password (context->plugin_context, + in_identity, + in_old_password_expired, + out_old_password, + out_new_password, + out_verify_password); } return check_error (err); @@ -256,11 +264,11 @@ kim_error kim_ui_plugin_change_password (kim_ui_plugin_context in_context, /* ------------------------------------------------------------------------ */ -kim_error kim_ui_plugin_handle_error (kim_ui_plugin_context in_context, - kim_identity in_identity, - kim_error in_error, - kim_string in_error_message, - kim_string in_error_description) +kim_error kim_ui_plugin_handle_error (kim_ui_context *in_context, + kim_identity in_identity, + kim_error in_error, + kim_string in_error_message, + kim_string in_error_description) { kim_error err = KIM_NO_ERROR; @@ -269,11 +277,13 @@ kim_error kim_ui_plugin_handle_error (kim_ui_plugin_context in_context, if (!err && !in_error_description) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err) { - err = in_context->ftable->handle_error (in_context->plugin_context, - in_identity, - in_error, - in_error_message, - in_error_description); + kim_ui_plugin_context context = (kim_ui_plugin_context) in_context->tcontext; + + err = context->ftable->handle_error (context->plugin_context, + in_identity, + in_error, + in_error_message, + in_error_description); } return check_error (err); @@ -281,8 +291,8 @@ kim_error kim_ui_plugin_handle_error (kim_ui_plugin_context in_context, /* ------------------------------------------------------------------------ */ -void kim_ui_plugin_free_string (kim_ui_plugin_context in_context, - char **io_string) +void kim_ui_plugin_free_string (kim_ui_context *in_context, + char **io_string) { kim_error err = KIM_NO_ERROR; @@ -290,27 +300,33 @@ void kim_ui_plugin_free_string (kim_ui_plugin_context in_context, if (!err && !io_string ) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err) { - in_context->ftable->free_string (in_context->plugin_context, - io_string); + kim_ui_plugin_context context = (kim_ui_plugin_context) in_context->tcontext; + + context->ftable->free_string (context->plugin_context, + io_string); } } /* ------------------------------------------------------------------------ */ -kim_error kim_ui_plugin_fini (kim_ui_plugin_context *io_context) +kim_error kim_ui_plugin_fini (kim_ui_context *io_context) { kim_error err = KIM_NO_ERROR; if (!err && !io_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && *io_context) { - err = (*io_context)->ftable->fini (&(*io_context)->plugin_context); - } - if (!err) { - kim_ui_plugin_context_free (io_context); + kim_ui_plugin_context context = (kim_ui_plugin_context) io_context->tcontext; + + if (context) { + err = context->ftable->fini (&context->plugin_context); + } + + if (!err) { + kim_ui_plugin_context_free (&context); + io_context->tcontext = NULL; + } } - return check_error (err); } diff --git a/src/kim/lib/kim_ui_plugin_private.h b/src/kim/lib/kim_ui_plugin_private.h index c39447df0..e4d354764 100644 --- a/src/kim/lib/kim_ui_plugin_private.h +++ b/src/kim/lib/kim_ui_plugin_private.h @@ -33,40 +33,40 @@ struct kim_ui_plugin_context; typedef struct kim_ui_plugin_context *kim_ui_plugin_context; -kim_error kim_ui_plugin_init (kim_ui_plugin_context *out_context); +kim_error kim_ui_plugin_init (kim_ui_context *io_context); -kim_error kim_ui_plugin_enter_identity (kim_ui_plugin_context in_context, - kim_identity *out_identity); +kim_error kim_ui_plugin_enter_identity (kim_ui_context *in_context, + kim_identity *out_identity); -kim_error kim_ui_plugin_select_identity (kim_ui_plugin_context in_context, - kim_selection_hints in_hints, - kim_identity *out_identity); +kim_error kim_ui_plugin_select_identity (kim_ui_context *in_context, + kim_selection_hints in_hints, + kim_identity *out_identity); -kim_error kim_ui_plugin_auth_prompt (kim_ui_plugin_context in_context, - kim_identity in_identity, - kim_prompt_type in_type, - kim_boolean in_hide_reply, - kim_string in_title, - kim_string in_message, - kim_string in_description, - char **out_reply); +kim_error kim_ui_plugin_auth_prompt (kim_ui_context *in_context, + kim_identity in_identity, + kim_prompt_type in_type, + kim_boolean in_hide_reply, + kim_string in_title, + kim_string in_message, + kim_string in_description, + char **out_reply); -kim_error kim_ui_plugin_change_password (kim_ui_plugin_context in_context, - kim_identity in_identity, - kim_boolean in_old_password_expired, - char **out_old_password, - char **out_new_password, - char **out_verify_password); +kim_error kim_ui_plugin_change_password (kim_ui_context *in_context, + kim_identity in_identity, + kim_boolean in_old_password_expired, + char **out_old_password, + char **out_new_password, + char **out_verify_password); -kim_error kim_ui_plugin_handle_error (kim_ui_plugin_context in_context, - kim_identity in_identity, - kim_error in_error, - kim_string in_error_message, - kim_string in_error_description); +kim_error kim_ui_plugin_handle_error (kim_ui_context *in_context, + kim_identity in_identity, + kim_error in_error, + kim_string in_error_message, + kim_string in_error_description); -void kim_ui_plugin_free_string (kim_ui_plugin_context in_context, - char **io_string); +void kim_ui_plugin_free_string (kim_ui_context *in_context, + char **io_string); -kim_error kim_ui_plugin_fini (kim_ui_plugin_context *io_context); +kim_error kim_ui_plugin_fini (kim_ui_context *in_context); #endif /* KIM_UI_PLUGIN_PRIVATE_H */ diff --git a/src/kim/lib/mac/kim_os_ui_gui.c b/src/kim/lib/mac/kim_os_ui_gui.c index c755a7894..afebb0504 100644 --- a/src/kim/lib/mac/kim_os_ui_gui.c +++ b/src/kim/lib/mac/kim_os_ui_gui.c @@ -71,12 +71,12 @@ static kim_error kim_os_ui_gui_context_allocate (kim_ui_gui_context *out_context /* ------------------------------------------------------------------------ */ -kim_error kim_os_ui_gui_init (kim_ui_gui_context *out_context) +kim_error kim_os_ui_gui_init (kim_ui_context *io_context) { kim_error err = KIM_NO_ERROR; kim_ui_gui_context context = NULL; - if (!err && !out_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } + if (!err && !io_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err) { err = kim_os_ui_gui_context_allocate (&context); @@ -86,7 +86,7 @@ kim_error kim_os_ui_gui_init (kim_ui_gui_context *out_context) } if (!err) { - *out_context = context; + io_context->tcontext = context; context = NULL; } @@ -97,8 +97,8 @@ kim_error kim_os_ui_gui_init (kim_ui_gui_context *out_context) /* ------------------------------------------------------------------------ */ -kim_error kim_os_ui_gui_enter_identity (kim_ui_gui_context in_context, - kim_identity *out_identity) +kim_error kim_os_ui_gui_enter_identity (kim_ui_context *in_context, + kim_identity *out_identity) { kim_error err = KIM_NO_ERROR; @@ -106,6 +106,8 @@ kim_error kim_os_ui_gui_enter_identity (kim_ui_gui_context in_context, if (!err && !out_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err) { + kim_ui_gui_context context = (kim_ui_gui_context) in_context->tcontext; + } return check_error (err); @@ -113,7 +115,7 @@ kim_error kim_os_ui_gui_enter_identity (kim_ui_gui_context in_context, /* ------------------------------------------------------------------------ */ -kim_error kim_os_ui_gui_select_identity (kim_ui_gui_context in_context, +kim_error kim_os_ui_gui_select_identity (kim_ui_context *in_context, kim_selection_hints in_hints, kim_identity *out_identity) { @@ -124,6 +126,8 @@ kim_error kim_os_ui_gui_select_identity (kim_ui_gui_context in_context, if (!err && !out_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err) { + kim_ui_gui_context context = (kim_ui_gui_context) in_context->tcontext; + } return check_error (err); @@ -131,14 +135,14 @@ kim_error kim_os_ui_gui_select_identity (kim_ui_gui_context in_context, /* ------------------------------------------------------------------------ */ -kim_error kim_os_ui_gui_auth_prompt (kim_ui_gui_context in_context, - kim_identity in_identity, - kim_prompt_type in_type, - kim_boolean in_hide_reply, - kim_string in_title, - kim_string in_message, - kim_string in_description, - char **out_reply) +kim_error kim_os_ui_gui_auth_prompt (kim_ui_context *in_context, + kim_identity in_identity, + kim_prompt_type in_type, + kim_boolean in_hide_reply, + kim_string in_title, + kim_string in_message, + kim_string in_description, + char **out_reply) { kim_error err = KIM_NO_ERROR; @@ -148,6 +152,8 @@ kim_error kim_os_ui_gui_auth_prompt (kim_ui_gui_context in_context, /* in_title, in_message or in_description may be NULL */ if (!err) { + kim_ui_gui_context context = (kim_ui_gui_context) in_context->tcontext; + } return check_error (err); @@ -155,7 +161,7 @@ kim_error kim_os_ui_gui_auth_prompt (kim_ui_gui_context in_context, /* ------------------------------------------------------------------------ */ -kim_error kim_os_ui_gui_change_password (kim_ui_gui_context in_context, +kim_error kim_os_ui_gui_change_password (kim_ui_context *in_context, kim_identity in_identity, kim_boolean in_old_password_expired, char **out_old_password, @@ -171,6 +177,8 @@ kim_error kim_os_ui_gui_change_password (kim_ui_gui_context in_context, if (!err && !out_verify_password) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err) { + kim_ui_gui_context context = (kim_ui_gui_context) in_context->tcontext; + } return check_error (err); @@ -178,7 +186,7 @@ kim_error kim_os_ui_gui_change_password (kim_ui_gui_context in_context, /* ------------------------------------------------------------------------ */ -kim_error kim_os_ui_gui_handle_error (kim_ui_gui_context in_context, +kim_error kim_os_ui_gui_handle_error (kim_ui_context *in_context, kim_identity in_identity, kim_error in_error, kim_string in_error_message, @@ -191,6 +199,8 @@ kim_error kim_os_ui_gui_handle_error (kim_ui_gui_context in_context, if (!err && !in_error_description) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err) { + kim_ui_gui_context context = (kim_ui_gui_context) in_context->tcontext; + } return check_error (err); @@ -198,7 +208,7 @@ kim_error kim_os_ui_gui_handle_error (kim_ui_gui_context in_context, /* ------------------------------------------------------------------------ */ -void kim_os_ui_gui_free_string (kim_ui_gui_context in_context, +void kim_os_ui_gui_free_string (kim_ui_context *in_context, char **io_string) { kim_string_free ((kim_string *) io_string); @@ -206,19 +216,20 @@ void kim_os_ui_gui_free_string (kim_ui_gui_context in_context, /* ------------------------------------------------------------------------ */ -kim_error kim_os_ui_gui_fini (kim_ui_gui_context *io_context) +kim_error kim_os_ui_gui_fini (kim_ui_context *io_context) { kim_error err = KIM_NO_ERROR; if (!err && !io_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && *io_context) { - } - if (!err) { - kim_os_ui_gui_context_free (io_context); - } - + kim_ui_gui_context context = (kim_ui_gui_context) io_context->tcontext; + + if (!err) { + kim_os_ui_gui_context_free (&context); + io_context->tcontext = NULL; + } + } return check_error (err); }