From c7be845049b1a2f2ad98c8c55d86a693b8ab359f Mon Sep 17 00:00:00 2001 From: Barry Jaspan Date: Fri, 19 Jan 1990 18:11:15 +0000 Subject: [PATCH] This file is mostly right, but calls an undefined macro/function. Also, the concept non-exactly matching times is VAGUE. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@153 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/krb5/ccache/file/fcc_retrv.c | 61 ++++++++++++++++++++++++++-- 1 file changed, 57 insertions(+), 4 deletions(-) diff --git a/src/lib/krb5/ccache/file/fcc_retrv.c b/src/lib/krb5/ccache/file/fcc_retrv.c index 2668fa008..cdda70e5d 100644 --- a/src/lib/krb5/ccache/file/fcc_retrv.c +++ b/src/lib/krb5/ccache/file/fcc_retrv.c @@ -18,11 +18,25 @@ static char fcc_retrieve_c[] = "$Id$"; #include "fcc.h" +#define set(bits) (whichfields & bits) +#define flags_match(a,b) (a & b == a) +#define times_match_exact(t1,t2) (bcmp(&t1, &t2, sizeof(t1)) == 0) +#define times_match times_match_exact /* XXX WRONG! XXX */ + /* * Effects: - * Searches the file cred cache is for a credential matching mcreds. - * If one if found, it is returned in creds, which should be freed by - * the caller with krb5_free_credentials(). + * Searches the file cred cache is for a credential matching mcreds, + * with the fields specified by whichfields. If one if found, it is + * returned in creds, which should be freed by the caller with + * krb5_free_credentials(). + * + * The fields are interpreted in the following way (all constants are + * preceded by KRB5_TC_). MATCH_IS_SKEY requires the is_skey field to + * match exactly. MATCH_TIMES requires the requested lifetime to be + * at least as great as that specified; MATCH_TIMES_EXACT requires the + * requested lifetime to be exactly that specified. MATCH_FLAGS + * requires only the set bits in mcreds be set in creds; + * MATCH_FLAGS_EXACT requires all bits to match. * * Errors: * system errors @@ -36,5 +50,44 @@ krb5_fcc_retrieve(id, whichfields, mcreds, creds) krb5_creds *mcreds; krb5_creds *creds; { - /* Just a wrapper for the sequential search routines */ + /* This function could be considerably faster if it kept indexing */ + /* information.. sounds like a "next version" idea to me. :-) */ + + krb5_cc_cursor *cursor; + krb5_error_code kret; + + kret = krb5_fcc_start_seq_get(id, cursor); + if (kret != KRB5_OK) + return kret; + + while ((kret = krb5_fcc_next_cred(id, creds, cursor)) == KRB5_OK) { + if (standard_fields_match(mcreds, creds) + && + (! set(KRB5_TC_MATCH_IS_SKEY) || + mcreds->is_skey == creds->is_skey) + && + (! set(KRB5_TC_MATCH_FLAGS_EXACT) || + mcreds->ticket_flags == creds->ticket_flags) + && + (! set(KRB5_TC_MATCH_FLAGS) || + flags_match(mcreds->ticket_flags, creds->ticket_flags)) + && + (! set(KRB5_TC_MATCH_TIMES_EXACT) || + times_match_exact(mcreds->times, creds->times)) + && + (! set(KRB5_TC_MATCH_TIMES) || + times_match(mcreds->times, creds->times))) + { + krb5_fcc_end_seq_get(id, cursor); + return KRB5_OK; + } + + /* This one doesn't match */ + krb5_free_credentials(creds); + } + + /* If we get here, a match wasn't found */ + krb5_fcc_end_seq_get(id, cursor); + return KRB5_NOTFOUND; } + -- 2.26.2