From 84a4ed4ba0d4d291948353949f1d16c7fd53e969 Mon Sep 17 00:00:00 2001 From: Theodore Tso Date: Fri, 5 Feb 1999 05:31:17 +0000 Subject: [PATCH] Initial rototilling of these functions to make them more krb5 library API compliant. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11149 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/krb5/ccache/ccapi/Makefile.in | 4 +- src/lib/krb5/ccache/ccapi/stdcc.c | 295 ++++++++++++++----------- src/lib/krb5/ccache/ccapi/stdcc_util.c | 269 ++++++++++++---------- 3 files changed, 318 insertions(+), 250 deletions(-) diff --git a/src/lib/krb5/ccache/ccapi/Makefile.in b/src/lib/krb5/ccache/ccapi/Makefile.in index 445731bfc..649983fe5 100644 --- a/src/lib/krb5/ccache/ccapi/Makefile.in +++ b/src/lib/krb5/ccache/ccapi/Makefile.in @@ -2,7 +2,9 @@ thisconfigdir=./../.. myfulldir=lib/krb5/ccache/ccapi mydir=ccache/ccapi BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) +CFLAGS = $(CCOPTS) $(DEFS) $(WIN_INCLUDES) + +##DOS##WIN_INCLUDES = -I$(SRCTOP)\windows\lib ##DOS##BUILDTOP = ..\..\..\.. ##DOS##PREFIXDIR = ccache\file diff --git a/src/lib/krb5/ccache/ccapi/stdcc.c b/src/lib/krb5/ccache/ccapi/stdcc.c index 830985855..4912ba159 100644 --- a/src/lib/krb5/ccache/ccapi/stdcc.c +++ b/src/lib/krb5/ccache/ccapi/stdcc.c @@ -76,7 +76,7 @@ static const struct err_xlate err_xlate_table[] = { CC_WRITE, KRB5_CC_WRITE }, { CC_LOCKED, KRB5_FCC_INTERNAL /* XXX */ }, { CC_BAD_API_VERSION, KRB5_FCC_INTERNAL /* XXX */ }, - { CC_NO_EXIST, KRB5_FCC_INTERNAL /* XXX */ }, + { CC_NO_EXIST, KRB5_FCC_NOFILE }, { CC_NOT_SUPP, KRB5_FCC_INTERNAL /* XXX */ }, { CC_BAD_PARM, KRB5_FCC_INTERNAL /* XXX */ }, { CC_ERR_CACHE_ATTACH, KRB5_FCC_INTERNAL /* XXX */ }, @@ -90,13 +90,50 @@ static krb5_error_code cc_err_xlate(int err) { const struct err_xlate *p; - for (p = err_xlate_table; p->e2err; p++) { - if (err == p->e2err) - return p->pqerr; + for (p = err_xlate_table; p->cc_err; p++) { + if (err == p->cc_err) + return p->krb5_err; } return KRB5_FCC_INTERNAL; /* XXX we need a miscellaneous return */ } +static krb5_error_code stdcc_setup(krb5_context context, + stdccCacheDataPtr ccapi_data) +{ + int err; + + /* make sure the API has been intialized */ + if (gCntrlBlock == NULL) { + err = cc_initialize(&gCntrlBlock, CC_API_VER_1, NULL, NULL); + if (err != CC_NOERROR) + return cc_err_xlate(err); + } + + /* + * No ccapi_data structure, so we don't need to make sure the + * ccache exists. + */ + if (!ccapi_data) + return 0; + + /* + * The ccache already exists + */ + if (ccapi_data->NamedCache) + return 0; + + err = cc_open(gCntrlBlock, ccapi_data->cache_name, + CC_CRED_V5, 0L, &ccapi_data->NamedCache); + if (err == CC_NOTFOUND) + err = CC_NO_EXIST; + if (err == CC_NOERROR) + return 0; + + ccapi_data->NamedCache = NULL; + return cc_err_xlate(err); +} + + /* * -- generate_new -------------------------------- * @@ -107,24 +144,21 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_generate_new (krb5_context context, krb5_ccache *id ) { krb5_ccache newCache = NULL; + krb5_error_code retval; stdccCacheDataPtr ccapi_data = NULL; char *name = NULL; cc_time_t time; int err; + + if ((retval = stdcc_setup(context, NULL))) + return retval; - /* make sure the API has been intialized */ - if (gCntrlBlock == NULL) { - err = cc_initialize(&gCntrlBlock, CC_API_VER_1, NULL, NULL); - if (err != CC_NOERROR) - return cc_err_xlate(err); - } - retval = KRB5_CC_NOMEM; if (!(newCache = (krb5_ccache) malloc(sizeof(struct _krb5_ccache)))) goto errout; - if (!(ccapi_ptr = (stdccCacheDataPtr)malloc(sizeof(stdccCacheData)))) + if (!(ccapi_data = (stdccCacheDataPtr)malloc(sizeof(stdccCacheData)))) goto errout; - if (!(cName = malloc(strlen(residual)+1))) + if (!(name = malloc(256))) goto errout; /* create a unique name */ @@ -142,7 +176,7 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_generate_new /* setup some fields */ newCache->ops = &krb5_cc_stdcc_ops; newCache->data = ccapi_data; - ccapi_data->ccache_name = name; + ccapi_data->cache_name = name; /* return a pointer to the new cache */ *id = newCache; @@ -152,9 +186,9 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_generate_new errout: if (newCache) free(newCache); - if (ccapi_ptr) - free(ccapi_ptr); - if (cName) + if (ccapi_data) + free(ccapi_data); + if (name) free(name); return retval; } @@ -173,33 +207,29 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_resolve krb5_error_code retval; char *cName; - /* make sure the API has been intialized */ - if (gCntrlBlock == NULL) { - err = cc_initialize(&gCntrlBlock, CC_API_VER_1, NULL, NULL); - if (err != CC_NOERROR) - return cc_err_xlate(err); - } - + if ((retval = stdcc_setup(context, NULL))) + return retval; + retval = KRB5_CC_NOMEM; if (!(newCache = (krb5_ccache) malloc(sizeof(struct _krb5_ccache)))) goto errout; - if (!(ccapi_ptr = (stdccCacheDataPtr)malloc(sizeof(stdccCacheData)))) + if (!(ccapi_data = (stdccCacheDataPtr)malloc(sizeof(stdccCacheData)))) goto errout; if (!(cName = malloc(strlen(residual)+1))) goto errout; newCache->ops = &krb5_cc_stdcc_ops; - newCache->data = ccapi_ptr; - ccapi_ptr->ccache_name = cName; + newCache->data = ccapi_data; + ccapi_data->cache_name = cName; strcpy(cName, residual); err = cc_open(gCntrlBlock, cName, CC_CRED_V5, 0L, - &ccapi_ptr->NamedCache); + &ccapi_data->NamedCache); if (err != CC_NOERROR) - ccapi_ptr->NamedCache = NULL; + ccapi_data->NamedCache = NULL; /* return new cache structure */ *id = newCache; @@ -209,8 +239,8 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_resolve errout: if (newCache) free(newCache); - if (ccapi_ptr) - free(ccapi_ptr); + if (ccapi_data) + free(ccapi_data); if (cName) free(cName); return retval; @@ -231,13 +261,12 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_initialize char *cName = NULL; krb5_error_code retval; + if ((retval = stdcc_setup(context, NULL))) + return retval; + /* test id for null */ if (id == NULL) return KRB5_CC_NOMEM; - /* test for initialized API */ - if (gCntrlBlock == NULL) - return KRB5_FCC_INTERNAL; /* XXX better error code? */ - if ((retval = krb5_unparse_name(context, princ, &cName))) return retval; @@ -247,14 +276,14 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_initialize err = cc_open(gCntrlBlock, ccapi_data->cache_name, CC_CRED_V5, 0L, &ccapi_data->NamedCache); - if (err != CC_NO_ERROR) + if (err != CC_NOERROR) ccapi_data->NamedCache = NULL; } if (ccapi_data->NamedCache) cc_destroy(gCntrlBlock, &ccapi_data->NamedCache); - err = cc_create(gCntrlBlock, ccapi_data->ccache_name, cName, + err = cc_create(gCntrlBlock, ccapi_data->cache_name, cName, CC_CRED_V5, 0L, &ccapi_data->NamedCache); krb5_free_unparsed_name(context, cName); @@ -272,14 +301,14 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_initialize krb5_error_code KRB5_CALLCONV krb5_stdcc_store (krb5_context context, krb5_ccache id , krb5_creds *creds ) { + krb5_error_code retval; stdccCacheDataPtr ccapi_data = id->data; cred_union *cu = NULL; int err; - - /* test for initialized API */ - if (gCntrlBlock == NULL) - return KRB5_FCC_INTERNAL; /* XXX better error code? */ + if ((retval = stdcc_setup(context, ccapi_data))) + return retval; + /* copy the fields from the almost identical structures */ dupK5toCC(context, creds, &cu); @@ -306,6 +335,12 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_store krb5_error_code KRB5_CALLCONV krb5_stdcc_start_seq_get (krb5_context context, krb5_ccache id , krb5_cc_cursor *cursor ) { + stdccCacheDataPtr ccapi_data = id->data; + krb5_error_code retval; + + if ((retval = stdcc_setup(context, ccapi_data))) + return retval; + /* all we have to do is initialize the cursor */ *cursor = NULL; return 0; @@ -321,17 +356,16 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_next_cred (krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor, krb5_creds *creds) { + krb5_error_code retval; + stdccCacheDataPtr ccapi_data = id->data; int err; cred_union *credU = NULL; - /* test for initialized API */ - if (gCntrlBlock == NULL) - return KRB5_FCC_INTERNAL; /* XXX better error code? */ - - err = cc_seq_fetch_creds(gCntrlBlock, - ((stdccCacheDataPtr)(id->data))->NamedCache, - &credU, (ccache_cit **)cursor); + if ((retval = stdcc_setup(context, ccapi_data))) + return retval; + err = cc_seq_fetch_creds(gCntrlBlock, ccapi_data->NamedCache, + &credU, (ccache_cit **)cursor); if (err != CC_NOERROR) return cc_err_xlate(err); @@ -357,9 +391,13 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_retrieve krb5_creds *mcreds, krb5_creds *creds ) { + krb5_error_code retval; krb5_cc_cursor curs = NULL; krb5_creds *fetchcreds; + if ((retval = stdcc_setup(context, NULL))) + return retval; + fetchcreds = (krb5_creds *)malloc(sizeof(krb5_creds)); if (fetchcreds == NULL) return KRB5_CC_NOMEM; @@ -400,18 +438,31 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_retrieve krb5_error_code KRB5_CALLCONV krb5_stdcc_end_seq_get (krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor) { - + krb5_error_code retval; + stdccCacheDataPtr ccapi_data = NULL; + int err; + cred_union *credU = NULL; + + ccapi_data = id->data; + + if ((retval = stdcc_setup(context, ccapi_data))) + return retval; + + if (*cursor == NULL) + return 0; + /* - * the limitation of the Ccache api and the seq calls - * causes trouble. cursor might have already been freed - * and anyways it is in the mac's heap so we need FreePtr - * but all i have is free + * Finish calling cc_seq_fetch_creds to clear out the cursor */ - /* FreePtr(*cursor); */ - - /* LEAK IT! */ - *cursor = NULL; - + while (*cursor) { + err = cc_seq_fetch_creds(gCntrlBlock, ccapi_data->NamedCache, + &credU, (ccache_cit **)cursor); + if (err) + break; + + cc_free_creds(gCntrlBlock, &credU); + } + return(0); } @@ -423,22 +474,24 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_end_seq_get krb5_error_code KRB5_CALLCONV krb5_stdcc_close(krb5_context context, krb5_ccache id) { + krb5_error_code retval; + stdccCacheDataPtr ccapi_data = id->data; + + if ((retval = stdcc_setup(context, NULL))) + return retval; + /* free it */ - if (id->data != NULL) { - free((stdccCacheDataPtr)(id->data)); - /* null it out */ - (stdccCacheDataPtr)(id->data) = NULL; + if (ccapi_data) { + if (ccapi_data->cache_name) + free(ccapi_data->cache_name); + if (ccapi_data->NamedCache) + cc_close(gCntrlBlock, &ccapi_data->NamedCache); + free(ccapi_data); + id->data = NULL; } - - /* - * I suppose we ought to check if id is null before doing - * this, but no other place in krb5 does... -smcguire - */ free(id); - id = NULL; - return 0; } @@ -450,24 +503,20 @@ krb5_stdcc_close(krb5_context context, krb5_ccache id) krb5_error_code KRB5_CALLCONV krb5_stdcc_destroy (krb5_context context, krb5_ccache id) { - int err; + krb5_error_code retval; + stdccCacheDataPtr ccapi_data = id->data; - /* test for initialized API */ - if (gCntrlBlock == NULL) - return KRB5_FCC_INTERNAL; /* XXX better error code? */ - - /* destroy the named cache */ - err = cc_destroy(gCntrlBlock, - &(((stdccCacheDataPtr)(id->data))->NamedCache)); - - /* free the pointer to the record that held the pointer to the cache */ - free((stdccCacheDataPtr)(id->data)); + if ((retval = stdcc_setup(context, ccapi_data))) { + if (retval == KRB5_FCC_NOFILE) + return 0; + return retval; + } - /* null it out */ - (stdccCacheDataPtr)(id->data) = NULL; + /* destroy the named cache */ + err = cc_destroy(gCntrlBlock, &ccapi_data->NamedCache); - return err; + return cc_err_xlate(err); } /* @@ -478,23 +527,16 @@ krb5_stdcc_destroy (krb5_context context, krb5_ccache id) char * KRB5_CALLCONV krb5_stdcc_get_name (krb5_context context, krb5_ccache id ) { - char *ret = NULL; - int err; - - /* test for initialized API */ - if (gCntrlBlock == NULL) - return NULL; - - /* just a wrapper */ - err = cc_get_name(gCntrlBlock, - (((stdccCacheDataPtr)(id->data))->NamedCache), &ret); - - if (err != CC_NOERROR) - return ret; - else - return NULL; + char *name = NULL; + stdccCacheDataPtr ccapi_data = id->data; + + if (!ccapi_data) + return 0; + + return (ccapi_data->cache_name); } + /* get_principal * * - return the principal associated with the named cache @@ -502,16 +544,16 @@ char * KRB5_CALLCONV krb5_stdcc_get_name krb5_error_code KRB5_CALLCONV krb5_stdcc_get_principal (krb5_context context, krb5_ccache id , krb5_principal *princ) { - int err; - char *name = NULL; + int err; + char *name = NULL; + stdccCacheDataPtr ccapi_data = id->data; + krb5_error_code retval; - /* test for initialized API */ - if (gCntrlBlock == NULL) - return KRB5_FCC_INTERNAL; /* XXX better error code? */ + if ((retval = stdcc_setup(context, ccapi_data))) + return retval; /* another wrapper */ - err = cc_get_principal(gCntrlBlock, - (((stdccCacheDataPtr)(id->data))->NamedCache), + err = cc_get_principal(gCntrlBlock, ccapi_data->NamedCache, &name); if (err != CC_NOERROR) @@ -519,22 +561,9 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_get_principal /* turn it into a krb principal */ err = krb5_parse_name(context, name, princ); - -#if defined(macintosh) - /* - * have to do something special on the Mac because name has - * been allocated with - * Mac memory routine NewPtr and held in memory - */ - if (name != NULL) { - UnholdMemory(name,GetPtrSize(name)); - DisposePtr(name); - } -#else - if (name != NULL) - free(name); -#endif + cc_free_principal(gCntrlBlock, &name); + return err; } @@ -546,6 +575,12 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_get_principal krb5_error_code KRB5_CALLCONV krb5_stdcc_set_flags (krb5_context context, krb5_ccache id , krb5_flags flags) { + stdccCacheDataPtr ccapi_data = id->data; + krb5_error_code retval; + + if ((retval = stdcc_setup(context, ccapi_data))) + return retval; + return 0; } @@ -560,25 +595,27 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_remove { cred_union *cu = NULL; int err; + stdccCacheDataPtr ccapi_data = id->data; + krb5_error_code retval; + + if ((retval = stdcc_setup(context, ccapi_data))) { + if (retval == KRB5_FCC_NOFILE) + return 0; + return retval; + } - /* test for initialized API */ - if (gCntrlBlock == NULL) - return KRB5_FCC_INTERNAL; /* XXX better error code? */ - /* convert to a cred union */ dupK5toCC(context, creds, &cu); /* remove it */ - err = cc_remove_cred(gCntrlBlock, - (((stdccCacheDataPtr)(id->data))->NamedCache), - *cu); + err = cc_remove_cred(gCntrlBlock, ccapi_data->NamedCache, *cu); if (err != CC_NOERROR) return cc_err_xlate(err); /* free the temp cred union */ err = cc_free_creds(gCntrlBlock, &cu); - if (err != CC_NOERROR) return err; + if (err != CC_NOERROR) + return cc_err_xlate(err); return 0; } - diff --git a/src/lib/krb5/ccache/ccapi/stdcc_util.c b/src/lib/krb5/ccache/ccapi/stdcc_util.c index 77baf6f5e..3741e22eb 100644 --- a/src/lib/krb5/ccache/ccapi/stdcc_util.c +++ b/src/lib/krb5/ccache/ccapi/stdcc_util.c @@ -1,7 +1,9 @@ -// stdcc_util.c -// utility functions used in implementing the ccache api for krb5 -// not publicly exported -// Frank Dabek, July 1998 +/* + * stdcc_util.c + * utility functions used in implementing the ccache api for krb5 + * not publicly exported + * Frank Dabek, July 1998 + */ #include #include @@ -31,9 +33,11 @@ #endif #if defined(macintosh) -//stolen from CCacheUtils.c -// -- NewSafePtrSys ----------------- -// - analagous to NewSafePtr but memory is allocated in the system heap +/* + * stolen from CCacheUtils.c + * -- NewSafePtrSys ----------------- + * - analagous to NewSafePtr but memory is allocated in the system heap + */ static Ptr NewSafePtrSys(long size) { Ptr retPtr; @@ -47,9 +51,11 @@ static Ptr NewSafePtrSys(long size) { } #endif -// CopyCCDataArrayToK5 -// - copy and translate the null terminated arrays of data records -// used in k5 tickets +/* + * CopyCCDataArrayToK5 + * - copy and translate the null terminated arrays of data records + * used in k5 tickets + */ int copyCCDataArrayToK5(cc_creds *cc, krb5_creds *kc, char whichArray) { cc_data *ccAdr, **cbase; @@ -58,22 +64,25 @@ int copyCCDataArrayToK5(cc_creds *cc, krb5_creds *kc, char whichArray) { if (whichArray == kAddressArray) { - //check pointer + /* check pointer */ if (cc->addresses == NULL) { kc->addresses = NULL; - return 0; } + return 0; + } } else if (whichArray == kAuthDataArray) { - //check pointer + /* check pointer */ if (cc->authdata == NULL) { kc->authdata = NULL; - return 0; } - } else return -1; + return 0; + } + } else + return -1; cbase = (whichArray == kAddressArray) ? cc->addresses : cc->authdata; - //calc number of records + /* calc number of records */ while (*cbase++ != NULL) numRecords++; - //allocate new array + /* allocate new array */ constKBase = kbase = (krb5_address **)malloc((numRecords+1)*sizeof(char *)); //reset base cbase = (whichArray == kAddressArray) ? cc->addresses : cc->authdata; @@ -101,8 +110,10 @@ int copyCCDataArrayToK5(cc_creds *cc, krb5_creds *kc, char whichArray) { return 0; } -// copyK5DataArrayToCC -// - analagous to above, but in the other direction +/* + * copyK5DataArrayToCC + * - analagous to above, but in the other direction + */ int copyK5DataArrayToCC(krb5_creds *kc, cc_creds *cc, char whichArray) { cc_data *ccAdr, **cbase, **constCBase; @@ -153,26 +164,30 @@ int copyK5DataArrayToCC(krb5_creds *kc, cc_creds *cc, char whichArray) { return 0; } +/* + * dupcctok5 + * - allocate an empty k5 style ticket and copy info from the cc_creds ticket + */ -// dupcctok5 -// - allocate an empty k5 style ticket and copy info from the cc_creds ticket void dupCCtoK5(krb5_context context, cc_creds *src, krb5_creds *dest) { int err; - //allocate and copy - //copy all of those damn fields back + /* + * allocate and copy + * copy all of those damn fields back + */ err = krb5_parse_name(context, src->client, &(dest->client)); err = krb5_parse_name(context, src->server, &(dest->server)); if (err) return; //parsename fails w/o krb5.ini for example - //copy keyblock + /* copy keyblock */ dest->keyblock.enctype = src->keyblock.type; dest->keyblock.length = src->keyblock.length; dest->keyblock.contents = (krb5_octet *)malloc(dest->keyblock.length); memcpy(dest->keyblock.contents, src->keyblock.data, dest->keyblock.length); - //copy times + /* copy times *// dest->times.authtime = src->authtime; dest->times.starttime = src->starttime; dest->times.endtime = src->endtime; @@ -180,7 +195,7 @@ void dupCCtoK5(krb5_context context, cc_creds *src, krb5_creds *dest) { dest->is_skey = src->is_skey; dest->ticket_flags = src->ticket_flags; - //more branching fields + /* more branching fields */ copyCCDataArrayToK5(src, dest, kAddressArray); dest->ticket.length = src->ticket.length; dest->ticket.data = (char *)malloc(src->ticket.length); @@ -189,139 +204,153 @@ void dupCCtoK5(krb5_context context, cc_creds *src, krb5_creds *dest) { (dest->second_ticket).data = ( char *)malloc(src->second_ticket.length); memcpy(dest->second_ticket.data, src->second_ticket.data, src->second_ticket.length); - //zero out magic number + /* zero out magic number */ dest->magic = 0; - //later - //copyCCDataArrayToK5(src, dest, kAuthDataArray); - //krb5 docs say that authdata can be nulled out if we - //only want default behavior + /* + * later + * copyCCDataArrayToK5(src, dest, kAuthDataArray); + * krb5 docs say that authdata can be nulled out if we + * only want default behavior + */ dest->authdata = NULL; return; } -// dupK5toCC -// - analagous to above but in the reverse direction -void dupK5toCC(krb5_context context, krb5_creds *creds, cred_union **cu) { - - cc_creds *c; - int err; - #ifdef macintosh - char *tempname = NULL; - #endif +/* + * dupK5toCC + * - analagous to above but in the reverse direction + */ +void dupK5toCC(krb5_context context, krb5_creds *creds, cred_union **cu) +{ + cc_creds *c; + int err; +#ifdef macintosh + char *tempname = NULL; +#endif - if (cu == NULL) return; + if (cu == NULL) return; - //allocate the cred_union - *cu = (cred_union *)sys_alloc(sizeof(cred_union)); - if ((*cu) == NULL) return; + /* allocate the cred_union */ + *cu = (cred_union *)sys_alloc(sizeof(cred_union)); + if ((*cu) == NULL) + return; - (*cu)->cred_type = CC_CRED_V5; + (*cu)->cred_type = CC_CRED_V5; - //allocate creds structure (and install) - c = (cc_creds *)sys_alloc(sizeof(cc_creds)); - if (c == NULL) return; - (*cu)->cred.pV5Cred = c; + /* allocate creds structure (and install) */ + c = (cc_creds *)sys_alloc(sizeof(cc_creds)); + if (c == NULL) return; + (*cu)->cred.pV5Cred = c; - //convert krb5 principals to flat principals - #ifdef macintosh - //and make sure the memory for c->client and c->server is on the system heap with NewPtr - //for the Mac (krb5_unparse_name puts it in appl heap with malloc) - err = krb5_unparse_name(context, creds->client, &tempname); - c->client = sys_alloc(strlen(tempname)); - if (c->client != NULL) - strcpy(c->client,tempname); - free(tempname); - tempname = NULL; + /* convert krb5 principals to flat principals */ +#ifdef macintosh + /* + * and make sure the memory for c->client and c->server is on + * the system heap with NewPtr for the Mac (krb5_unparse_name + * puts it in appl heap with malloc) + */ + err = krb5_unparse_name(context, creds->client, &tempname); + c->client = sys_alloc(strlen(tempname)); + if (c->client != NULL) + strcpy(c->client,tempname); + free(tempname); + tempname = NULL; - err = krb5_unparse_name(context, creds->server, &tempname); - c->server = sys_alloc(strlen(tempname)); - if (c->server != NULL) - strcpy(c->server,tempname); - free(tempname); - #else - err = krb5_unparse_name(context, creds->client, &(c->client)); - err = krb5_unparse_name(context, creds->server, &(c->server)); - #endif - if (err) return; + err = krb5_unparse_name(context, creds->server, &tempname); + c->server = sys_alloc(strlen(tempname)); + if (c->server != NULL) + strcpy(c->server,tempname); + free(tempname); +#else + err = krb5_unparse_name(context, creds->client, &(c->client)); + err = krb5_unparse_name(context, creds->server, &(c->server)); +#endif + if (err) return; - //copy more fields - c->keyblock.type = creds->keyblock.enctype; - c->keyblock.length = creds->keyblock.length; + /* copy more fields */ + c->keyblock.type = creds->keyblock.enctype; + c->keyblock.length = creds->keyblock.length; - if (creds->keyblock.contents != NULL) { - c->keyblock.data = (unsigned char *)sys_alloc(creds->keyblock.length); - memcpy(c->keyblock.data, creds->keyblock.contents, creds->keyblock.length); - } else { - c->keyblock.data = NULL; - } + if (creds->keyblock.contents != NULL) { + c->keyblock.data = (unsigned char *)sys_alloc(creds->keyblock.length); + memcpy(c->keyblock.data, creds->keyblock.contents, creds->keyblock.length); + } else { + c->keyblock.data = NULL; + } - c->authtime = creds->times.authtime; - c->starttime = creds->times.starttime; - c->endtime = creds->times.endtime; - c->renew_till = creds->times.renew_till; - c->is_skey = creds->is_skey; - c->ticket_flags = creds->ticket_flags; + c->authtime = creds->times.authtime; + c->starttime = creds->times.starttime; + c->endtime = creds->times.endtime; + c->renew_till = creds->times.renew_till; + c->is_skey = creds->is_skey; + c->ticket_flags = creds->ticket_flags; - copyK5DataArrayToCC(creds, c, kAddressArray); + copyK5DataArrayToCC(creds, c, kAddressArray); - c->ticket.length = creds->ticket.length; - if (creds->ticket.data != NULL) { - c->ticket.data = (unsigned char *)sys_alloc(creds->ticket.length); - memcpy(c->ticket.data, creds->ticket.data, creds->ticket.length); - } else { - c->ticket.data = NULL; - } + c->ticket.length = creds->ticket.length; + if (creds->ticket.data != NULL) { + c->ticket.data = (unsigned char *)sys_alloc(creds->ticket.length); + memcpy(c->ticket.data, creds->ticket.data, creds->ticket.length); + } else { + c->ticket.data = NULL; + } - c->second_ticket.length = creds->second_ticket.length; - if (creds->second_ticket.data != NULL) { - c->second_ticket.data = (unsigned char *)sys_alloc(creds->second_ticket.length); - memcpy(c->second_ticket.data, creds->second_ticket.data, creds->second_ticket.length); - } else { - c->second_ticket.data = NULL; - } + c->second_ticket.length = creds->second_ticket.length; + if (creds->second_ticket.data != NULL) { + c->second_ticket.data = (unsigned char *)sys_alloc(creds->second_ticket.length); + memcpy(c->second_ticket.data, creds->second_ticket.data, creds->second_ticket.length); + } else { + c->second_ticket.data = NULL; + } - c->authdata = NULL; + c->authdata = NULL; return; } -// bitTst -// - utility function for below function +/* + * bitTst + * - utility function for below function + */ int bitTst(int var, int mask) { return var & mask; } -// stdccCredsMatch -// - check to see if the creds match based on the whichFields variable -// NOTE: if whichfields is zero we are now comparing 'standard fields.' -// This is the bug that was killing fetch for a week. The behaviour -// is what krb5 expects, however. -int stdccCredsMatch(krb5_context context, krb5_creds *base, krb5_creds *match, int whichfields) { - +/* stdccCredsMatch + * - check to see if the creds match based on the whichFields variable + * NOTE: if whichfields is zero we are now comparing 'standard fields.' + * This is the bug that was killing fetch for a + * week. The behaviour is what krb5 expects, however. + */ +int stdccCredsMatch(krb5_context context, krb5_creds *base, + krb5_creds *match, int whichfields) +{ krb5_ticket_times b, m; krb5_authdata **bp, **mp; krb5_boolean retval; - //always check the standard fields + /* always check the standard fields */ if ((krb5_principal_compare(context, base->client, match->client) && krb5_principal_compare(context, base->server, match->server)) == FALSE) return FALSE; if (bitTst(whichfields, KRB5_TC_MATCH_TIMES)) { - //test for matching times - //according to the file cache implementation we do: + /* + * test for matching times + * according to the file cache implementation we do: + */ if (match->times.renew_till) { - if (match->times.renew_till > base->times.renew_till) - return FALSE; /* this one expires too late */ - } - if (match->times.endtime) { - if (match->times.endtime > base->times.endtime) - return FALSE; /* this one expires too late */ - } - } //continue search + if (match->times.renew_till > base->times.renew_till) + return FALSE; /* this one expires too late */ + } + if (match->times.endtime) { + if (match->times.endtime > base->times.endtime) + return FALSE; /* this one expires too late */ + } + } if (bitTst(whichfields, KRB5_TC_MATCH_IS_SKEY)) if (base->is_skey != match->is_skey) return FALSE; -- 2.26.2