From: Jeffrey Altman Date: Fri, 10 Sep 2004 19:33:39 +0000 (+0000) Subject: * cc_mslsa.c: Implement krb5_lcc_initialize() X-Git-Tag: krb5-1.4-beta1~92 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=870b1c33852f7e0a36fbac41043d4d60caa67eb9;p=krb5.git * cc_mslsa.c: Implement krb5_lcc_initialize() Remove all tickets from the cache which have a client principal that matches the input principal. ticket: 2705 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16737 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/krb5/ccache/ChangeLog b/src/lib/krb5/ccache/ChangeLog index 42ae60354..1d51b69fa 100644 --- a/src/lib/krb5/ccache/ChangeLog +++ b/src/lib/krb5/ccache/ChangeLog @@ -1,3 +1,8 @@ +2004-09-10 Jeffrey Altman + * cc_mslsa.c: Implement krb5_lcc_initialize() + Remove all tickets from the cache which have a client + principal that matches the input principal. + 2004-09-10 Jeffrey Altman * cc_mslsa.c: Correct test for KerbQueryTicketCacheExMessage diff --git a/src/lib/krb5/ccache/cc_mslsa.c b/src/lib/krb5/ccache/cc_mslsa.c index 9b8025c77..f594c895a 100644 --- a/src/lib/krb5/ccache/cc_mslsa.c +++ b/src/lib/krb5/ccache/cc_mslsa.c @@ -1917,19 +1917,43 @@ krb5_lcc_resolve (krb5_context context, krb5_ccache *id, const char *residual) } /* - * return success although we do not do anything - * perhaps we could purge all existing tickets but that is - * probably not wise - */ +* return success although we do not do anything +* We should delete all tickets belonging to the specified principal +*/ + +static krb5_error_code KRB5_CALLCONV +krb5_lcc_remove_cred(krb5_context context, krb5_ccache id, krb5_flags flags, + krb5_creds *creds); + static krb5_error_code KRB5_CALLCONV krb5_lcc_initialize(krb5_context context, krb5_ccache id, krb5_principal princ) { + krb5_cc_cursor cursor; + krb5_error_code code; + krb5_creds cred; + if (!is_windows_2000()) return KRB5_FCC_NOFILE; - return KRB5_OK; -} + code = krb5_cc_start_seq_get(context, id, &cursor); + if (code) + return code; + while ( !(code = krb5_cc_next_cred(context, id, &cursor, &cred)) ) + { + if ( krb5_principal_compare(context, princ, cred.client) ) { + code = krb5_lcc_remove_cred(context, id, 0, &cred); + } + krb5_free_cred_contents(context, &cred); + } + + if (code == KRB5_CC_END || code == KRB5_CC_NOTFOUND) + { + krb5_cc_end_seq_get(context, id, &cursor); + return KRB5_OK; + } + return code; +} /* * Modifies: