From 75038fe398bf0d8a718aba63dac4b3bba8cac9a4 Mon Sep 17 00:00:00 2001 From: Tom Yu Date: Mon, 12 Dec 2011 20:45:49 +0000 Subject: [PATCH] kfw fixes: krb5_get_init_creds_opt_init->krb5_get_init_creds_opt_alloc Should enable leash to generate config credentials (needs verification!) Signed-off-by: Kevin Wasserman ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25559 dc483132-0cff-0310-8789-dd5450dbe970 --- src/windows/include/loadfuncs-krb5.h | 25 +++++++++++++++++ src/windows/leashdll/krb5routines.c | 40 ++++++++++++++-------------- src/windows/leashdll/leashdll.c | 6 +++++ src/windows/leashdll/leashdll.h | 3 +++ 4 files changed, 54 insertions(+), 20 deletions(-) diff --git a/src/windows/include/loadfuncs-krb5.h b/src/windows/include/loadfuncs-krb5.h index b577a95cd..bff0ceae5 100644 --- a/src/windows/include/loadfuncs-krb5.h +++ b/src/windows/include/loadfuncs-krb5.h @@ -1383,6 +1383,22 @@ TYPEDEF_FUNC( krb5_prompt prompts[]) ); +TYPEDEF_FUNC( + krb5_error_code, + KRB5_CALLCONV, + krb5_get_init_creds_opt_alloc, + (krb5_context ctx, + krb5_get_init_creds_opt **opt) + ); + +TYPEDEF_FUNC( + void, + KRB5_CALLCONV, + krb5_get_init_creds_opt_free, + (krb5_context ctx, + krb5_get_init_creds_opt *opt) + ); + TYPEDEF_FUNC( void, KRB5_CALLCONV, @@ -1465,6 +1481,15 @@ TYPEDEF_FUNC( int prompt) ); +TYPEDEF_FUNC( + krb5_error_code, + KRB5_CALLCONV, + krb5_get_init_creds_opt_set_out_ccache, + (krb5_context context, + krb5_get_init_creds_opt *opt, + krb5_ccache ccache) + ); + TYPEDEF_FUNC( krb5_error_code, KRB5_CALLCONV, diff --git a/src/windows/leashdll/krb5routines.c b/src/windows/leashdll/krb5routines.c index ccd9dd8ce..b98abe7fa 100644 --- a/src/windows/leashdll/krb5routines.c +++ b/src/windows/leashdll/krb5routines.c @@ -835,14 +835,13 @@ DWORD publicIP krb5_principal me = 0; char* name = 0; krb5_creds my_creds; - krb5_get_init_creds_opt options; + krb5_get_init_creds_opt * options = NULL; krb5_address ** addrs = NULL; int i = 0, addr_count = 0; if (!pkrb5_init_context) return 0; - pkrb5_get_init_creds_opt_init(&options); memset(&my_creds, 0, sizeof(my_creds)); if (alt_ctx) @@ -855,6 +854,9 @@ DWORD publicIP if (code) goto cleanup; } + code = pkrb5_get_init_creds_opt_alloc(ctx, &options); + if (code) goto cleanup; + code = pkrb5_cc_default(ctx, &cc); if (code) goto cleanup; @@ -873,15 +875,15 @@ DWORD publicIP renew_life *= 5*60; if (lifetime) - pkrb5_get_init_creds_opt_set_tkt_life(&options, lifetime); - pkrb5_get_init_creds_opt_set_forwardable(&options, - forwardable ? 1 : 0); - pkrb5_get_init_creds_opt_set_proxiable(&options, - proxiable ? 1 : 0); - pkrb5_get_init_creds_opt_set_renew_life(&options, - renew_life); + pkrb5_get_init_creds_opt_set_tkt_life(options, lifetime); + pkrb5_get_init_creds_opt_set_forwardable(options, + forwardable ? 1 : 0); + pkrb5_get_init_creds_opt_set_proxiable(options, + proxiable ? 1 : 0); + pkrb5_get_init_creds_opt_set_renew_life(options, + renew_life); if (addressless) - pkrb5_get_init_creds_opt_set_address_list(&options,NULL); + pkrb5_get_init_creds_opt_set_address_list(options,NULL); else { if (publicIP) { @@ -937,11 +939,15 @@ DWORD publicIP netIPAddr = htonl(publicIP); memcpy(addrs[i]->contents,&netIPAddr,4); - pkrb5_get_init_creds_opt_set_address_list(&options,addrs); + pkrb5_get_init_creds_opt_set_address_list(options,addrs); } } + code = pkrb5_get_init_creds_opt_set_out_ccache(ctx, options, cc); + if (code) + goto cleanup; + code = pkrb5_get_init_creds_password(ctx, &my_creds, me, @@ -950,15 +956,7 @@ DWORD publicIP hParent, // prompter data 0, // start time 0, // service name - &options); - if (code) goto cleanup; - - code = pkrb5_cc_initialize(ctx, cc, me); - if (code) goto cleanup; - - code = pkrb5_cc_store_cred(ctx, cc, &my_creds); - if (code) goto cleanup; - + options); cleanup: if ( addrs ) { for ( i=0;i