1*0a6a1f1dSLionel Sambuc /* $NetBSD: acache.c,v 1.1.1.2 2014/04/24 12:45:49 pettai Exp $ */
2ebfedea0SLionel Sambuc
3ebfedea0SLionel Sambuc /*
4ebfedea0SLionel Sambuc * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan
5ebfedea0SLionel Sambuc * (Royal Institute of Technology, Stockholm, Sweden).
6ebfedea0SLionel Sambuc * All rights reserved.
7ebfedea0SLionel Sambuc *
8ebfedea0SLionel Sambuc * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
9ebfedea0SLionel Sambuc *
10ebfedea0SLionel Sambuc * Redistribution and use in source and binary forms, with or without
11ebfedea0SLionel Sambuc * modification, are permitted provided that the following conditions
12ebfedea0SLionel Sambuc * are met:
13ebfedea0SLionel Sambuc *
14ebfedea0SLionel Sambuc * 1. Redistributions of source code must retain the above copyright
15ebfedea0SLionel Sambuc * notice, this list of conditions and the following disclaimer.
16ebfedea0SLionel Sambuc *
17ebfedea0SLionel Sambuc * 2. Redistributions in binary form must reproduce the above copyright
18ebfedea0SLionel Sambuc * notice, this list of conditions and the following disclaimer in the
19ebfedea0SLionel Sambuc * documentation and/or other materials provided with the distribution.
20ebfedea0SLionel Sambuc *
21ebfedea0SLionel Sambuc * 3. Neither the name of the Institute nor the names of its contributors
22ebfedea0SLionel Sambuc * may be used to endorse or promote products derived from this software
23ebfedea0SLionel Sambuc * without specific prior written permission.
24ebfedea0SLionel Sambuc *
25ebfedea0SLionel Sambuc * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
26ebfedea0SLionel Sambuc * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
27ebfedea0SLionel Sambuc * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
28ebfedea0SLionel Sambuc * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
29ebfedea0SLionel Sambuc * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
30ebfedea0SLionel Sambuc * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
31ebfedea0SLionel Sambuc * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
32ebfedea0SLionel Sambuc * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
33ebfedea0SLionel Sambuc * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
34ebfedea0SLionel Sambuc * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35ebfedea0SLionel Sambuc * SUCH DAMAGE.
36ebfedea0SLionel Sambuc */
37ebfedea0SLionel Sambuc
38ebfedea0SLionel Sambuc #include "krb5_locl.h"
39ebfedea0SLionel Sambuc #include <krb5/krb5_ccapi.h>
40ebfedea0SLionel Sambuc #ifdef HAVE_DLFCN_H
41ebfedea0SLionel Sambuc #include <dlfcn.h>
42ebfedea0SLionel Sambuc #endif
43ebfedea0SLionel Sambuc
44ebfedea0SLionel Sambuc #ifndef KCM_IS_API_CACHE
45ebfedea0SLionel Sambuc
46ebfedea0SLionel Sambuc static HEIMDAL_MUTEX acc_mutex = HEIMDAL_MUTEX_INITIALIZER;
47ebfedea0SLionel Sambuc static cc_initialize_func init_func;
48ebfedea0SLionel Sambuc static void (KRB5_CALLCONV *set_target_uid)(uid_t);
49ebfedea0SLionel Sambuc static void (KRB5_CALLCONV *clear_target)(void);
50ebfedea0SLionel Sambuc
51ebfedea0SLionel Sambuc #ifdef HAVE_DLOPEN
52ebfedea0SLionel Sambuc static void *cc_handle;
53ebfedea0SLionel Sambuc #endif
54ebfedea0SLionel Sambuc
55ebfedea0SLionel Sambuc typedef struct krb5_acc {
56ebfedea0SLionel Sambuc char *cache_name;
57ebfedea0SLionel Sambuc cc_context_t context;
58ebfedea0SLionel Sambuc cc_ccache_t ccache;
59ebfedea0SLionel Sambuc } krb5_acc;
60ebfedea0SLionel Sambuc
61ebfedea0SLionel Sambuc static krb5_error_code KRB5_CALLCONV acc_close(krb5_context, krb5_ccache);
62ebfedea0SLionel Sambuc
63ebfedea0SLionel Sambuc #define ACACHE(X) ((krb5_acc *)(X)->data.data)
64ebfedea0SLionel Sambuc
65ebfedea0SLionel Sambuc static const struct {
66ebfedea0SLionel Sambuc cc_int32 error;
67ebfedea0SLionel Sambuc krb5_error_code ret;
68ebfedea0SLionel Sambuc } cc_errors[] = {
69ebfedea0SLionel Sambuc { ccErrBadName, KRB5_CC_BADNAME },
70ebfedea0SLionel Sambuc { ccErrCredentialsNotFound, KRB5_CC_NOTFOUND },
71ebfedea0SLionel Sambuc { ccErrCCacheNotFound, KRB5_FCC_NOFILE },
72ebfedea0SLionel Sambuc { ccErrContextNotFound, KRB5_CC_NOTFOUND },
73ebfedea0SLionel Sambuc { ccIteratorEnd, KRB5_CC_END },
74ebfedea0SLionel Sambuc { ccErrNoMem, KRB5_CC_NOMEM },
75ebfedea0SLionel Sambuc { ccErrServerUnavailable, KRB5_CC_NOSUPP },
76ebfedea0SLionel Sambuc { ccErrInvalidCCache, KRB5_CC_BADNAME },
77ebfedea0SLionel Sambuc { ccNoError, 0 }
78ebfedea0SLionel Sambuc };
79ebfedea0SLionel Sambuc
80ebfedea0SLionel Sambuc static krb5_error_code
translate_cc_error(krb5_context context,cc_int32 error)81ebfedea0SLionel Sambuc translate_cc_error(krb5_context context, cc_int32 error)
82ebfedea0SLionel Sambuc {
83*0a6a1f1dSLionel Sambuc size_t i;
84ebfedea0SLionel Sambuc krb5_clear_error_message(context);
85ebfedea0SLionel Sambuc for(i = 0; i < sizeof(cc_errors)/sizeof(cc_errors[0]); i++)
86ebfedea0SLionel Sambuc if (cc_errors[i].error == error)
87ebfedea0SLionel Sambuc return cc_errors[i].ret;
88ebfedea0SLionel Sambuc return KRB5_FCC_INTERNAL;
89ebfedea0SLionel Sambuc }
90ebfedea0SLionel Sambuc
91ebfedea0SLionel Sambuc static krb5_error_code
init_ccapi(krb5_context context)92ebfedea0SLionel Sambuc init_ccapi(krb5_context context)
93ebfedea0SLionel Sambuc {
94ebfedea0SLionel Sambuc const char *lib = NULL;
95ebfedea0SLionel Sambuc
96ebfedea0SLionel Sambuc HEIMDAL_MUTEX_lock(&acc_mutex);
97ebfedea0SLionel Sambuc if (init_func) {
98ebfedea0SLionel Sambuc HEIMDAL_MUTEX_unlock(&acc_mutex);
99ebfedea0SLionel Sambuc if (context)
100ebfedea0SLionel Sambuc krb5_clear_error_message(context);
101ebfedea0SLionel Sambuc return 0;
102ebfedea0SLionel Sambuc }
103ebfedea0SLionel Sambuc
104ebfedea0SLionel Sambuc if (context)
105ebfedea0SLionel Sambuc lib = krb5_config_get_string(context, NULL,
106ebfedea0SLionel Sambuc "libdefaults", "ccapi_library",
107ebfedea0SLionel Sambuc NULL);
108ebfedea0SLionel Sambuc if (lib == NULL) {
109ebfedea0SLionel Sambuc #ifdef __APPLE__
110ebfedea0SLionel Sambuc lib = "/System/Library/Frameworks/Kerberos.framework/Kerberos";
111ebfedea0SLionel Sambuc #elif defined(KRB5_USE_PATH_TOKENS) && defined(_WIN32)
112ebfedea0SLionel Sambuc lib = "%{LIBDIR}/libkrb5_cc.dll";
113ebfedea0SLionel Sambuc #else
114ebfedea0SLionel Sambuc lib = "/usr/lib/libkrb5_cc.so";
115ebfedea0SLionel Sambuc #endif
116ebfedea0SLionel Sambuc }
117ebfedea0SLionel Sambuc
118ebfedea0SLionel Sambuc #ifdef HAVE_DLOPEN
119ebfedea0SLionel Sambuc
120ebfedea0SLionel Sambuc #ifndef RTLD_LAZY
121ebfedea0SLionel Sambuc #define RTLD_LAZY 0
122ebfedea0SLionel Sambuc #endif
123ebfedea0SLionel Sambuc #ifndef RTLD_LOCAL
124ebfedea0SLionel Sambuc #define RTLD_LOCAL 0
125ebfedea0SLionel Sambuc #endif
126ebfedea0SLionel Sambuc
127ebfedea0SLionel Sambuc #ifdef KRB5_USE_PATH_TOKENS
128ebfedea0SLionel Sambuc {
129ebfedea0SLionel Sambuc char * explib = NULL;
130ebfedea0SLionel Sambuc if (_krb5_expand_path_tokens(context, lib, &explib) == 0) {
131ebfedea0SLionel Sambuc cc_handle = dlopen(explib, RTLD_LAZY|RTLD_LOCAL);
132ebfedea0SLionel Sambuc free(explib);
133ebfedea0SLionel Sambuc }
134ebfedea0SLionel Sambuc }
135ebfedea0SLionel Sambuc #else
136ebfedea0SLionel Sambuc cc_handle = dlopen(lib, RTLD_LAZY|RTLD_LOCAL);
137ebfedea0SLionel Sambuc #endif
138ebfedea0SLionel Sambuc
139ebfedea0SLionel Sambuc if (cc_handle == NULL) {
140ebfedea0SLionel Sambuc HEIMDAL_MUTEX_unlock(&acc_mutex);
141ebfedea0SLionel Sambuc if (context)
142ebfedea0SLionel Sambuc krb5_set_error_message(context, KRB5_CC_NOSUPP,
143ebfedea0SLionel Sambuc N_("Failed to load API cache module %s", "file"),
144ebfedea0SLionel Sambuc lib);
145ebfedea0SLionel Sambuc return KRB5_CC_NOSUPP;
146ebfedea0SLionel Sambuc }
147ebfedea0SLionel Sambuc
148ebfedea0SLionel Sambuc init_func = (cc_initialize_func)dlsym(cc_handle, "cc_initialize");
149ebfedea0SLionel Sambuc set_target_uid = (void (KRB5_CALLCONV *)(uid_t))
150ebfedea0SLionel Sambuc dlsym(cc_handle, "krb5_ipc_client_set_target_uid");
151ebfedea0SLionel Sambuc clear_target = (void (KRB5_CALLCONV *)(void))
152ebfedea0SLionel Sambuc dlsym(cc_handle, "krb5_ipc_client_clear_target");
153ebfedea0SLionel Sambuc HEIMDAL_MUTEX_unlock(&acc_mutex);
154ebfedea0SLionel Sambuc if (init_func == NULL) {
155ebfedea0SLionel Sambuc if (context)
156ebfedea0SLionel Sambuc krb5_set_error_message(context, KRB5_CC_NOSUPP,
157ebfedea0SLionel Sambuc N_("Failed to find cc_initialize"
158ebfedea0SLionel Sambuc "in %s: %s", "file, error"), lib, dlerror());
159ebfedea0SLionel Sambuc dlclose(cc_handle);
160ebfedea0SLionel Sambuc return KRB5_CC_NOSUPP;
161ebfedea0SLionel Sambuc }
162ebfedea0SLionel Sambuc
163ebfedea0SLionel Sambuc return 0;
164ebfedea0SLionel Sambuc #else
165ebfedea0SLionel Sambuc HEIMDAL_MUTEX_unlock(&acc_mutex);
166ebfedea0SLionel Sambuc if (context)
167ebfedea0SLionel Sambuc krb5_set_error_message(context, KRB5_CC_NOSUPP,
168ebfedea0SLionel Sambuc N_("no support for shared object", ""));
169ebfedea0SLionel Sambuc return KRB5_CC_NOSUPP;
170ebfedea0SLionel Sambuc #endif
171ebfedea0SLionel Sambuc }
172ebfedea0SLionel Sambuc
173ebfedea0SLionel Sambuc void
_heim_krb5_ipc_client_set_target_uid(uid_t uid)174ebfedea0SLionel Sambuc _heim_krb5_ipc_client_set_target_uid(uid_t uid)
175ebfedea0SLionel Sambuc {
176ebfedea0SLionel Sambuc init_ccapi(NULL);
177ebfedea0SLionel Sambuc if (set_target_uid != NULL)
178ebfedea0SLionel Sambuc (*set_target_uid)(uid);
179ebfedea0SLionel Sambuc }
180ebfedea0SLionel Sambuc
181ebfedea0SLionel Sambuc void
_heim_krb5_ipc_client_clear_target(void)182ebfedea0SLionel Sambuc _heim_krb5_ipc_client_clear_target(void)
183ebfedea0SLionel Sambuc {
184ebfedea0SLionel Sambuc init_ccapi(NULL);
185ebfedea0SLionel Sambuc if (clear_target != NULL)
186ebfedea0SLionel Sambuc (*clear_target)();
187ebfedea0SLionel Sambuc }
188ebfedea0SLionel Sambuc
189ebfedea0SLionel Sambuc static krb5_error_code
make_cred_from_ccred(krb5_context context,const cc_credentials_v5_t * incred,krb5_creds * cred)190ebfedea0SLionel Sambuc make_cred_from_ccred(krb5_context context,
191ebfedea0SLionel Sambuc const cc_credentials_v5_t *incred,
192ebfedea0SLionel Sambuc krb5_creds *cred)
193ebfedea0SLionel Sambuc {
194ebfedea0SLionel Sambuc krb5_error_code ret;
195ebfedea0SLionel Sambuc unsigned int i;
196ebfedea0SLionel Sambuc
197ebfedea0SLionel Sambuc memset(cred, 0, sizeof(*cred));
198ebfedea0SLionel Sambuc
199ebfedea0SLionel Sambuc ret = krb5_parse_name(context, incred->client, &cred->client);
200ebfedea0SLionel Sambuc if (ret)
201ebfedea0SLionel Sambuc goto fail;
202ebfedea0SLionel Sambuc
203ebfedea0SLionel Sambuc ret = krb5_parse_name(context, incred->server, &cred->server);
204ebfedea0SLionel Sambuc if (ret)
205ebfedea0SLionel Sambuc goto fail;
206ebfedea0SLionel Sambuc
207ebfedea0SLionel Sambuc cred->session.keytype = incred->keyblock.type;
208ebfedea0SLionel Sambuc cred->session.keyvalue.length = incred->keyblock.length;
209ebfedea0SLionel Sambuc cred->session.keyvalue.data = malloc(incred->keyblock.length);
210ebfedea0SLionel Sambuc if (cred->session.keyvalue.data == NULL)
211ebfedea0SLionel Sambuc goto nomem;
212ebfedea0SLionel Sambuc memcpy(cred->session.keyvalue.data, incred->keyblock.data,
213ebfedea0SLionel Sambuc incred->keyblock.length);
214ebfedea0SLionel Sambuc
215ebfedea0SLionel Sambuc cred->times.authtime = incred->authtime;
216ebfedea0SLionel Sambuc cred->times.starttime = incred->starttime;
217ebfedea0SLionel Sambuc cred->times.endtime = incred->endtime;
218ebfedea0SLionel Sambuc cred->times.renew_till = incred->renew_till;
219ebfedea0SLionel Sambuc
220ebfedea0SLionel Sambuc ret = krb5_data_copy(&cred->ticket,
221ebfedea0SLionel Sambuc incred->ticket.data,
222ebfedea0SLionel Sambuc incred->ticket.length);
223ebfedea0SLionel Sambuc if (ret)
224ebfedea0SLionel Sambuc goto nomem;
225ebfedea0SLionel Sambuc
226ebfedea0SLionel Sambuc ret = krb5_data_copy(&cred->second_ticket,
227ebfedea0SLionel Sambuc incred->second_ticket.data,
228ebfedea0SLionel Sambuc incred->second_ticket.length);
229ebfedea0SLionel Sambuc if (ret)
230ebfedea0SLionel Sambuc goto nomem;
231ebfedea0SLionel Sambuc
232ebfedea0SLionel Sambuc cred->authdata.val = NULL;
233ebfedea0SLionel Sambuc cred->authdata.len = 0;
234ebfedea0SLionel Sambuc
235ebfedea0SLionel Sambuc cred->addresses.val = NULL;
236ebfedea0SLionel Sambuc cred->addresses.len = 0;
237ebfedea0SLionel Sambuc
238ebfedea0SLionel Sambuc for (i = 0; incred->authdata && incred->authdata[i]; i++)
239ebfedea0SLionel Sambuc ;
240ebfedea0SLionel Sambuc
241ebfedea0SLionel Sambuc if (i) {
242ebfedea0SLionel Sambuc cred->authdata.val = calloc(i, sizeof(cred->authdata.val[0]));
243ebfedea0SLionel Sambuc if (cred->authdata.val == NULL)
244ebfedea0SLionel Sambuc goto nomem;
245ebfedea0SLionel Sambuc cred->authdata.len = i;
246ebfedea0SLionel Sambuc for (i = 0; i < cred->authdata.len; i++) {
247ebfedea0SLionel Sambuc cred->authdata.val[i].ad_type = incred->authdata[i]->type;
248ebfedea0SLionel Sambuc ret = krb5_data_copy(&cred->authdata.val[i].ad_data,
249ebfedea0SLionel Sambuc incred->authdata[i]->data,
250ebfedea0SLionel Sambuc incred->authdata[i]->length);
251ebfedea0SLionel Sambuc if (ret)
252ebfedea0SLionel Sambuc goto nomem;
253ebfedea0SLionel Sambuc }
254ebfedea0SLionel Sambuc }
255ebfedea0SLionel Sambuc
256ebfedea0SLionel Sambuc for (i = 0; incred->addresses && incred->addresses[i]; i++)
257ebfedea0SLionel Sambuc ;
258ebfedea0SLionel Sambuc
259ebfedea0SLionel Sambuc if (i) {
260ebfedea0SLionel Sambuc cred->addresses.val = calloc(i, sizeof(cred->addresses.val[0]));
261ebfedea0SLionel Sambuc if (cred->addresses.val == NULL)
262ebfedea0SLionel Sambuc goto nomem;
263ebfedea0SLionel Sambuc cred->addresses.len = i;
264ebfedea0SLionel Sambuc
265ebfedea0SLionel Sambuc for (i = 0; i < cred->addresses.len; i++) {
266ebfedea0SLionel Sambuc cred->addresses.val[i].addr_type = incred->addresses[i]->type;
267ebfedea0SLionel Sambuc ret = krb5_data_copy(&cred->addresses.val[i].address,
268ebfedea0SLionel Sambuc incred->addresses[i]->data,
269ebfedea0SLionel Sambuc incred->addresses[i]->length);
270ebfedea0SLionel Sambuc if (ret)
271ebfedea0SLionel Sambuc goto nomem;
272ebfedea0SLionel Sambuc }
273ebfedea0SLionel Sambuc }
274ebfedea0SLionel Sambuc
275ebfedea0SLionel Sambuc cred->flags.i = 0;
276ebfedea0SLionel Sambuc if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_FORWARDABLE)
277ebfedea0SLionel Sambuc cred->flags.b.forwardable = 1;
278ebfedea0SLionel Sambuc if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_FORWARDED)
279ebfedea0SLionel Sambuc cred->flags.b.forwarded = 1;
280ebfedea0SLionel Sambuc if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_PROXIABLE)
281ebfedea0SLionel Sambuc cred->flags.b.proxiable = 1;
282ebfedea0SLionel Sambuc if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_PROXY)
283ebfedea0SLionel Sambuc cred->flags.b.proxy = 1;
284ebfedea0SLionel Sambuc if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_MAY_POSTDATE)
285ebfedea0SLionel Sambuc cred->flags.b.may_postdate = 1;
286ebfedea0SLionel Sambuc if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_POSTDATED)
287ebfedea0SLionel Sambuc cred->flags.b.postdated = 1;
288ebfedea0SLionel Sambuc if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_INVALID)
289ebfedea0SLionel Sambuc cred->flags.b.invalid = 1;
290ebfedea0SLionel Sambuc if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_RENEWABLE)
291ebfedea0SLionel Sambuc cred->flags.b.renewable = 1;
292ebfedea0SLionel Sambuc if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_INITIAL)
293ebfedea0SLionel Sambuc cred->flags.b.initial = 1;
294ebfedea0SLionel Sambuc if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_PRE_AUTH)
295ebfedea0SLionel Sambuc cred->flags.b.pre_authent = 1;
296ebfedea0SLionel Sambuc if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_HW_AUTH)
297ebfedea0SLionel Sambuc cred->flags.b.hw_authent = 1;
298ebfedea0SLionel Sambuc if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_TRANSIT_POLICY_CHECKED)
299ebfedea0SLionel Sambuc cred->flags.b.transited_policy_checked = 1;
300ebfedea0SLionel Sambuc if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_OK_AS_DELEGATE)
301ebfedea0SLionel Sambuc cred->flags.b.ok_as_delegate = 1;
302ebfedea0SLionel Sambuc if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_ANONYMOUS)
303ebfedea0SLionel Sambuc cred->flags.b.anonymous = 1;
304ebfedea0SLionel Sambuc
305ebfedea0SLionel Sambuc return 0;
306ebfedea0SLionel Sambuc
307ebfedea0SLionel Sambuc nomem:
308ebfedea0SLionel Sambuc ret = ENOMEM;
309ebfedea0SLionel Sambuc krb5_set_error_message(context, ret, N_("malloc: out of memory", "malloc"));
310ebfedea0SLionel Sambuc
311ebfedea0SLionel Sambuc fail:
312ebfedea0SLionel Sambuc krb5_free_cred_contents(context, cred);
313ebfedea0SLionel Sambuc return ret;
314ebfedea0SLionel Sambuc }
315ebfedea0SLionel Sambuc
316ebfedea0SLionel Sambuc static void
free_ccred(cc_credentials_v5_t * cred)317ebfedea0SLionel Sambuc free_ccred(cc_credentials_v5_t *cred)
318ebfedea0SLionel Sambuc {
319ebfedea0SLionel Sambuc int i;
320ebfedea0SLionel Sambuc
321ebfedea0SLionel Sambuc if (cred->addresses) {
322ebfedea0SLionel Sambuc for (i = 0; cred->addresses[i] != 0; i++) {
323ebfedea0SLionel Sambuc if (cred->addresses[i]->data)
324ebfedea0SLionel Sambuc free(cred->addresses[i]->data);
325ebfedea0SLionel Sambuc free(cred->addresses[i]);
326ebfedea0SLionel Sambuc }
327ebfedea0SLionel Sambuc free(cred->addresses);
328ebfedea0SLionel Sambuc }
329ebfedea0SLionel Sambuc if (cred->server)
330ebfedea0SLionel Sambuc free(cred->server);
331ebfedea0SLionel Sambuc if (cred->client)
332ebfedea0SLionel Sambuc free(cred->client);
333ebfedea0SLionel Sambuc memset(cred, 0, sizeof(*cred));
334ebfedea0SLionel Sambuc }
335ebfedea0SLionel Sambuc
336ebfedea0SLionel Sambuc static krb5_error_code
make_ccred_from_cred(krb5_context context,const krb5_creds * incred,cc_credentials_v5_t * cred)337ebfedea0SLionel Sambuc make_ccred_from_cred(krb5_context context,
338ebfedea0SLionel Sambuc const krb5_creds *incred,
339ebfedea0SLionel Sambuc cc_credentials_v5_t *cred)
340ebfedea0SLionel Sambuc {
341ebfedea0SLionel Sambuc krb5_error_code ret;
342*0a6a1f1dSLionel Sambuc size_t i;
343ebfedea0SLionel Sambuc
344ebfedea0SLionel Sambuc memset(cred, 0, sizeof(*cred));
345ebfedea0SLionel Sambuc
346ebfedea0SLionel Sambuc ret = krb5_unparse_name(context, incred->client, &cred->client);
347ebfedea0SLionel Sambuc if (ret)
348ebfedea0SLionel Sambuc goto fail;
349ebfedea0SLionel Sambuc
350ebfedea0SLionel Sambuc ret = krb5_unparse_name(context, incred->server, &cred->server);
351ebfedea0SLionel Sambuc if (ret)
352ebfedea0SLionel Sambuc goto fail;
353ebfedea0SLionel Sambuc
354ebfedea0SLionel Sambuc cred->keyblock.type = incred->session.keytype;
355ebfedea0SLionel Sambuc cred->keyblock.length = incred->session.keyvalue.length;
356ebfedea0SLionel Sambuc cred->keyblock.data = incred->session.keyvalue.data;
357ebfedea0SLionel Sambuc
358ebfedea0SLionel Sambuc cred->authtime = incred->times.authtime;
359ebfedea0SLionel Sambuc cred->starttime = incred->times.starttime;
360ebfedea0SLionel Sambuc cred->endtime = incred->times.endtime;
361ebfedea0SLionel Sambuc cred->renew_till = incred->times.renew_till;
362ebfedea0SLionel Sambuc
363ebfedea0SLionel Sambuc cred->ticket.length = incred->ticket.length;
364ebfedea0SLionel Sambuc cred->ticket.data = incred->ticket.data;
365ebfedea0SLionel Sambuc
366ebfedea0SLionel Sambuc cred->second_ticket.length = incred->second_ticket.length;
367ebfedea0SLionel Sambuc cred->second_ticket.data = incred->second_ticket.data;
368ebfedea0SLionel Sambuc
369ebfedea0SLionel Sambuc /* XXX this one should also be filled in */
370ebfedea0SLionel Sambuc cred->authdata = NULL;
371ebfedea0SLionel Sambuc
372ebfedea0SLionel Sambuc cred->addresses = calloc(incred->addresses.len + 1,
373ebfedea0SLionel Sambuc sizeof(cred->addresses[0]));
374ebfedea0SLionel Sambuc if (cred->addresses == NULL) {
375ebfedea0SLionel Sambuc
376ebfedea0SLionel Sambuc ret = ENOMEM;
377ebfedea0SLionel Sambuc goto fail;
378ebfedea0SLionel Sambuc }
379ebfedea0SLionel Sambuc
380ebfedea0SLionel Sambuc for (i = 0; i < incred->addresses.len; i++) {
381ebfedea0SLionel Sambuc cc_data *addr;
382ebfedea0SLionel Sambuc addr = malloc(sizeof(*addr));
383ebfedea0SLionel Sambuc if (addr == NULL) {
384ebfedea0SLionel Sambuc ret = ENOMEM;
385ebfedea0SLionel Sambuc goto fail;
386ebfedea0SLionel Sambuc }
387ebfedea0SLionel Sambuc addr->type = incred->addresses.val[i].addr_type;
388ebfedea0SLionel Sambuc addr->length = incred->addresses.val[i].address.length;
389ebfedea0SLionel Sambuc addr->data = malloc(addr->length);
390ebfedea0SLionel Sambuc if (addr->data == NULL) {
391ebfedea0SLionel Sambuc free(addr);
392ebfedea0SLionel Sambuc ret = ENOMEM;
393ebfedea0SLionel Sambuc goto fail;
394ebfedea0SLionel Sambuc }
395ebfedea0SLionel Sambuc memcpy(addr->data, incred->addresses.val[i].address.data,
396ebfedea0SLionel Sambuc addr->length);
397ebfedea0SLionel Sambuc cred->addresses[i] = addr;
398ebfedea0SLionel Sambuc }
399ebfedea0SLionel Sambuc cred->addresses[i] = NULL;
400ebfedea0SLionel Sambuc
401ebfedea0SLionel Sambuc cred->ticket_flags = 0;
402ebfedea0SLionel Sambuc if (incred->flags.b.forwardable)
403ebfedea0SLionel Sambuc cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_FORWARDABLE;
404ebfedea0SLionel Sambuc if (incred->flags.b.forwarded)
405ebfedea0SLionel Sambuc cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_FORWARDED;
406ebfedea0SLionel Sambuc if (incred->flags.b.proxiable)
407ebfedea0SLionel Sambuc cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_PROXIABLE;
408ebfedea0SLionel Sambuc if (incred->flags.b.proxy)
409ebfedea0SLionel Sambuc cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_PROXY;
410ebfedea0SLionel Sambuc if (incred->flags.b.may_postdate)
411ebfedea0SLionel Sambuc cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_MAY_POSTDATE;
412ebfedea0SLionel Sambuc if (incred->flags.b.postdated)
413ebfedea0SLionel Sambuc cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_POSTDATED;
414ebfedea0SLionel Sambuc if (incred->flags.b.invalid)
415ebfedea0SLionel Sambuc cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_INVALID;
416ebfedea0SLionel Sambuc if (incred->flags.b.renewable)
417ebfedea0SLionel Sambuc cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_RENEWABLE;
418ebfedea0SLionel Sambuc if (incred->flags.b.initial)
419ebfedea0SLionel Sambuc cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_INITIAL;
420ebfedea0SLionel Sambuc if (incred->flags.b.pre_authent)
421ebfedea0SLionel Sambuc cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_PRE_AUTH;
422ebfedea0SLionel Sambuc if (incred->flags.b.hw_authent)
423ebfedea0SLionel Sambuc cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_HW_AUTH;
424ebfedea0SLionel Sambuc if (incred->flags.b.transited_policy_checked)
425ebfedea0SLionel Sambuc cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_TRANSIT_POLICY_CHECKED;
426ebfedea0SLionel Sambuc if (incred->flags.b.ok_as_delegate)
427ebfedea0SLionel Sambuc cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_OK_AS_DELEGATE;
428ebfedea0SLionel Sambuc if (incred->flags.b.anonymous)
429ebfedea0SLionel Sambuc cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_ANONYMOUS;
430ebfedea0SLionel Sambuc
431ebfedea0SLionel Sambuc return 0;
432ebfedea0SLionel Sambuc
433ebfedea0SLionel Sambuc fail:
434ebfedea0SLionel Sambuc free_ccred(cred);
435ebfedea0SLionel Sambuc
436ebfedea0SLionel Sambuc krb5_clear_error_message(context);
437ebfedea0SLionel Sambuc return ret;
438ebfedea0SLionel Sambuc }
439ebfedea0SLionel Sambuc
440ebfedea0SLionel Sambuc static cc_int32
get_cc_name(krb5_acc * a)441ebfedea0SLionel Sambuc get_cc_name(krb5_acc *a)
442ebfedea0SLionel Sambuc {
443ebfedea0SLionel Sambuc cc_string_t name;
444ebfedea0SLionel Sambuc cc_int32 error;
445ebfedea0SLionel Sambuc
446ebfedea0SLionel Sambuc error = (*a->ccache->func->get_name)(a->ccache, &name);
447ebfedea0SLionel Sambuc if (error)
448ebfedea0SLionel Sambuc return error;
449ebfedea0SLionel Sambuc
450ebfedea0SLionel Sambuc a->cache_name = strdup(name->data);
451ebfedea0SLionel Sambuc (*name->func->release)(name);
452ebfedea0SLionel Sambuc if (a->cache_name == NULL)
453ebfedea0SLionel Sambuc return ccErrNoMem;
454ebfedea0SLionel Sambuc return ccNoError;
455ebfedea0SLionel Sambuc }
456ebfedea0SLionel Sambuc
457ebfedea0SLionel Sambuc
458ebfedea0SLionel Sambuc static const char* KRB5_CALLCONV
acc_get_name(krb5_context context,krb5_ccache id)459ebfedea0SLionel Sambuc acc_get_name(krb5_context context,
460ebfedea0SLionel Sambuc krb5_ccache id)
461ebfedea0SLionel Sambuc {
462ebfedea0SLionel Sambuc krb5_acc *a = ACACHE(id);
463ebfedea0SLionel Sambuc int32_t error;
464ebfedea0SLionel Sambuc
465ebfedea0SLionel Sambuc if (a->cache_name == NULL) {
466ebfedea0SLionel Sambuc krb5_error_code ret;
467ebfedea0SLionel Sambuc krb5_principal principal;
468ebfedea0SLionel Sambuc char *name;
469ebfedea0SLionel Sambuc
470ebfedea0SLionel Sambuc ret = _krb5_get_default_principal_local(context, &principal);
471ebfedea0SLionel Sambuc if (ret)
472ebfedea0SLionel Sambuc return NULL;
473ebfedea0SLionel Sambuc
474ebfedea0SLionel Sambuc ret = krb5_unparse_name(context, principal, &name);
475ebfedea0SLionel Sambuc krb5_free_principal(context, principal);
476ebfedea0SLionel Sambuc if (ret)
477ebfedea0SLionel Sambuc return NULL;
478ebfedea0SLionel Sambuc
479ebfedea0SLionel Sambuc error = (*a->context->func->create_new_ccache)(a->context,
480ebfedea0SLionel Sambuc cc_credentials_v5,
481ebfedea0SLionel Sambuc name,
482ebfedea0SLionel Sambuc &a->ccache);
483ebfedea0SLionel Sambuc krb5_xfree(name);
484ebfedea0SLionel Sambuc if (error)
485ebfedea0SLionel Sambuc return NULL;
486ebfedea0SLionel Sambuc
487ebfedea0SLionel Sambuc error = get_cc_name(a);
488ebfedea0SLionel Sambuc if (error)
489ebfedea0SLionel Sambuc return NULL;
490ebfedea0SLionel Sambuc }
491ebfedea0SLionel Sambuc
492ebfedea0SLionel Sambuc return a->cache_name;
493ebfedea0SLionel Sambuc }
494ebfedea0SLionel Sambuc
495ebfedea0SLionel Sambuc static krb5_error_code KRB5_CALLCONV
acc_alloc(krb5_context context,krb5_ccache * id)496ebfedea0SLionel Sambuc acc_alloc(krb5_context context, krb5_ccache *id)
497ebfedea0SLionel Sambuc {
498ebfedea0SLionel Sambuc krb5_error_code ret;
499ebfedea0SLionel Sambuc cc_int32 error;
500ebfedea0SLionel Sambuc krb5_acc *a;
501ebfedea0SLionel Sambuc
502ebfedea0SLionel Sambuc ret = init_ccapi(context);
503ebfedea0SLionel Sambuc if (ret)
504ebfedea0SLionel Sambuc return ret;
505ebfedea0SLionel Sambuc
506ebfedea0SLionel Sambuc ret = krb5_data_alloc(&(*id)->data, sizeof(*a));
507ebfedea0SLionel Sambuc if (ret) {
508ebfedea0SLionel Sambuc krb5_clear_error_message(context);
509ebfedea0SLionel Sambuc return ret;
510ebfedea0SLionel Sambuc }
511ebfedea0SLionel Sambuc
512ebfedea0SLionel Sambuc a = ACACHE(*id);
513ebfedea0SLionel Sambuc
514ebfedea0SLionel Sambuc error = (*init_func)(&a->context, ccapi_version_3, NULL, NULL);
515ebfedea0SLionel Sambuc if (error) {
516ebfedea0SLionel Sambuc krb5_data_free(&(*id)->data);
517ebfedea0SLionel Sambuc return translate_cc_error(context, error);
518ebfedea0SLionel Sambuc }
519ebfedea0SLionel Sambuc
520ebfedea0SLionel Sambuc a->cache_name = NULL;
521ebfedea0SLionel Sambuc
522ebfedea0SLionel Sambuc return 0;
523ebfedea0SLionel Sambuc }
524ebfedea0SLionel Sambuc
525ebfedea0SLionel Sambuc static krb5_error_code KRB5_CALLCONV
acc_resolve(krb5_context context,krb5_ccache * id,const char * res)526ebfedea0SLionel Sambuc acc_resolve(krb5_context context, krb5_ccache *id, const char *res)
527ebfedea0SLionel Sambuc {
528ebfedea0SLionel Sambuc krb5_error_code ret;
529ebfedea0SLionel Sambuc cc_int32 error;
530ebfedea0SLionel Sambuc krb5_acc *a;
531ebfedea0SLionel Sambuc
532ebfedea0SLionel Sambuc ret = acc_alloc(context, id);
533ebfedea0SLionel Sambuc if (ret)
534ebfedea0SLionel Sambuc return ret;
535ebfedea0SLionel Sambuc
536ebfedea0SLionel Sambuc a = ACACHE(*id);
537ebfedea0SLionel Sambuc
538ebfedea0SLionel Sambuc error = (*a->context->func->open_ccache)(a->context, res, &a->ccache);
539ebfedea0SLionel Sambuc if (error == ccNoError) {
540ebfedea0SLionel Sambuc cc_time_t offset;
541ebfedea0SLionel Sambuc error = get_cc_name(a);
542ebfedea0SLionel Sambuc if (error != ccNoError) {
543ebfedea0SLionel Sambuc acc_close(context, *id);
544ebfedea0SLionel Sambuc *id = NULL;
545ebfedea0SLionel Sambuc return translate_cc_error(context, error);
546ebfedea0SLionel Sambuc }
547ebfedea0SLionel Sambuc
548ebfedea0SLionel Sambuc error = (*a->ccache->func->get_kdc_time_offset)(a->ccache,
549ebfedea0SLionel Sambuc cc_credentials_v5,
550ebfedea0SLionel Sambuc &offset);
551ebfedea0SLionel Sambuc if (error == 0)
552ebfedea0SLionel Sambuc context->kdc_sec_offset = offset;
553ebfedea0SLionel Sambuc
554ebfedea0SLionel Sambuc } else if (error == ccErrCCacheNotFound) {
555ebfedea0SLionel Sambuc a->ccache = NULL;
556ebfedea0SLionel Sambuc a->cache_name = NULL;
557ebfedea0SLionel Sambuc } else {
558ebfedea0SLionel Sambuc *id = NULL;
559ebfedea0SLionel Sambuc return translate_cc_error(context, error);
560ebfedea0SLionel Sambuc }
561ebfedea0SLionel Sambuc
562ebfedea0SLionel Sambuc return 0;
563ebfedea0SLionel Sambuc }
564ebfedea0SLionel Sambuc
565ebfedea0SLionel Sambuc static krb5_error_code KRB5_CALLCONV
acc_gen_new(krb5_context context,krb5_ccache * id)566ebfedea0SLionel Sambuc acc_gen_new(krb5_context context, krb5_ccache *id)
567ebfedea0SLionel Sambuc {
568ebfedea0SLionel Sambuc krb5_error_code ret;
569ebfedea0SLionel Sambuc krb5_acc *a;
570ebfedea0SLionel Sambuc
571ebfedea0SLionel Sambuc ret = acc_alloc(context, id);
572ebfedea0SLionel Sambuc if (ret)
573ebfedea0SLionel Sambuc return ret;
574ebfedea0SLionel Sambuc
575ebfedea0SLionel Sambuc a = ACACHE(*id);
576ebfedea0SLionel Sambuc
577ebfedea0SLionel Sambuc a->ccache = NULL;
578ebfedea0SLionel Sambuc a->cache_name = NULL;
579ebfedea0SLionel Sambuc
580ebfedea0SLionel Sambuc return 0;
581ebfedea0SLionel Sambuc }
582ebfedea0SLionel Sambuc
583ebfedea0SLionel Sambuc static krb5_error_code KRB5_CALLCONV
acc_initialize(krb5_context context,krb5_ccache id,krb5_principal primary_principal)584ebfedea0SLionel Sambuc acc_initialize(krb5_context context,
585ebfedea0SLionel Sambuc krb5_ccache id,
586ebfedea0SLionel Sambuc krb5_principal primary_principal)
587ebfedea0SLionel Sambuc {
588ebfedea0SLionel Sambuc krb5_acc *a = ACACHE(id);
589ebfedea0SLionel Sambuc krb5_error_code ret;
590ebfedea0SLionel Sambuc int32_t error;
591ebfedea0SLionel Sambuc char *name;
592ebfedea0SLionel Sambuc
593ebfedea0SLionel Sambuc ret = krb5_unparse_name(context, primary_principal, &name);
594ebfedea0SLionel Sambuc if (ret)
595ebfedea0SLionel Sambuc return ret;
596ebfedea0SLionel Sambuc
597ebfedea0SLionel Sambuc if (a->cache_name == NULL) {
598ebfedea0SLionel Sambuc error = (*a->context->func->create_new_ccache)(a->context,
599ebfedea0SLionel Sambuc cc_credentials_v5,
600ebfedea0SLionel Sambuc name,
601ebfedea0SLionel Sambuc &a->ccache);
602ebfedea0SLionel Sambuc free(name);
603ebfedea0SLionel Sambuc if (error == ccNoError)
604ebfedea0SLionel Sambuc error = get_cc_name(a);
605ebfedea0SLionel Sambuc } else {
606ebfedea0SLionel Sambuc cc_credentials_iterator_t iter;
607ebfedea0SLionel Sambuc cc_credentials_t ccred;
608ebfedea0SLionel Sambuc
609ebfedea0SLionel Sambuc error = (*a->ccache->func->new_credentials_iterator)(a->ccache, &iter);
610ebfedea0SLionel Sambuc if (error) {
611ebfedea0SLionel Sambuc free(name);
612ebfedea0SLionel Sambuc return translate_cc_error(context, error);
613ebfedea0SLionel Sambuc }
614ebfedea0SLionel Sambuc
615ebfedea0SLionel Sambuc while (1) {
616ebfedea0SLionel Sambuc error = (*iter->func->next)(iter, &ccred);
617ebfedea0SLionel Sambuc if (error)
618ebfedea0SLionel Sambuc break;
619ebfedea0SLionel Sambuc (*a->ccache->func->remove_credentials)(a->ccache, ccred);
620ebfedea0SLionel Sambuc (*ccred->func->release)(ccred);
621ebfedea0SLionel Sambuc }
622ebfedea0SLionel Sambuc (*iter->func->release)(iter);
623ebfedea0SLionel Sambuc
624ebfedea0SLionel Sambuc error = (*a->ccache->func->set_principal)(a->ccache,
625ebfedea0SLionel Sambuc cc_credentials_v5,
626ebfedea0SLionel Sambuc name);
627ebfedea0SLionel Sambuc }
628ebfedea0SLionel Sambuc
629ebfedea0SLionel Sambuc if (error == 0 && context->kdc_sec_offset)
630ebfedea0SLionel Sambuc error = (*a->ccache->func->set_kdc_time_offset)(a->ccache,
631ebfedea0SLionel Sambuc cc_credentials_v5,
632ebfedea0SLionel Sambuc context->kdc_sec_offset);
633ebfedea0SLionel Sambuc
634ebfedea0SLionel Sambuc return translate_cc_error(context, error);
635ebfedea0SLionel Sambuc }
636ebfedea0SLionel Sambuc
637ebfedea0SLionel Sambuc static krb5_error_code KRB5_CALLCONV
acc_close(krb5_context context,krb5_ccache id)638ebfedea0SLionel Sambuc acc_close(krb5_context context,
639ebfedea0SLionel Sambuc krb5_ccache id)
640ebfedea0SLionel Sambuc {
641ebfedea0SLionel Sambuc krb5_acc *a = ACACHE(id);
642ebfedea0SLionel Sambuc
643ebfedea0SLionel Sambuc if (a->ccache) {
644ebfedea0SLionel Sambuc (*a->ccache->func->release)(a->ccache);
645ebfedea0SLionel Sambuc a->ccache = NULL;
646ebfedea0SLionel Sambuc }
647ebfedea0SLionel Sambuc if (a->cache_name) {
648ebfedea0SLionel Sambuc free(a->cache_name);
649ebfedea0SLionel Sambuc a->cache_name = NULL;
650ebfedea0SLionel Sambuc }
651ebfedea0SLionel Sambuc if (a->context) {
652ebfedea0SLionel Sambuc (*a->context->func->release)(a->context);
653ebfedea0SLionel Sambuc a->context = NULL;
654ebfedea0SLionel Sambuc }
655ebfedea0SLionel Sambuc krb5_data_free(&id->data);
656ebfedea0SLionel Sambuc return 0;
657ebfedea0SLionel Sambuc }
658ebfedea0SLionel Sambuc
659ebfedea0SLionel Sambuc static krb5_error_code KRB5_CALLCONV
acc_destroy(krb5_context context,krb5_ccache id)660ebfedea0SLionel Sambuc acc_destroy(krb5_context context,
661ebfedea0SLionel Sambuc krb5_ccache id)
662ebfedea0SLionel Sambuc {
663ebfedea0SLionel Sambuc krb5_acc *a = ACACHE(id);
664ebfedea0SLionel Sambuc cc_int32 error = 0;
665ebfedea0SLionel Sambuc
666ebfedea0SLionel Sambuc if (a->ccache) {
667ebfedea0SLionel Sambuc error = (*a->ccache->func->destroy)(a->ccache);
668ebfedea0SLionel Sambuc a->ccache = NULL;
669ebfedea0SLionel Sambuc }
670ebfedea0SLionel Sambuc if (a->context) {
671ebfedea0SLionel Sambuc error = (a->context->func->release)(a->context);
672ebfedea0SLionel Sambuc a->context = NULL;
673ebfedea0SLionel Sambuc }
674ebfedea0SLionel Sambuc return translate_cc_error(context, error);
675ebfedea0SLionel Sambuc }
676ebfedea0SLionel Sambuc
677ebfedea0SLionel Sambuc static krb5_error_code KRB5_CALLCONV
acc_store_cred(krb5_context context,krb5_ccache id,krb5_creds * creds)678ebfedea0SLionel Sambuc acc_store_cred(krb5_context context,
679ebfedea0SLionel Sambuc krb5_ccache id,
680ebfedea0SLionel Sambuc krb5_creds *creds)
681ebfedea0SLionel Sambuc {
682ebfedea0SLionel Sambuc krb5_acc *a = ACACHE(id);
683ebfedea0SLionel Sambuc cc_credentials_union cred;
684ebfedea0SLionel Sambuc cc_credentials_v5_t v5cred;
685ebfedea0SLionel Sambuc krb5_error_code ret;
686ebfedea0SLionel Sambuc cc_int32 error;
687ebfedea0SLionel Sambuc
688ebfedea0SLionel Sambuc if (a->ccache == NULL) {
689ebfedea0SLionel Sambuc krb5_set_error_message(context, KRB5_CC_NOTFOUND,
690ebfedea0SLionel Sambuc N_("No API credential found", ""));
691ebfedea0SLionel Sambuc return KRB5_CC_NOTFOUND;
692ebfedea0SLionel Sambuc }
693ebfedea0SLionel Sambuc
694ebfedea0SLionel Sambuc cred.version = cc_credentials_v5;
695ebfedea0SLionel Sambuc cred.credentials.credentials_v5 = &v5cred;
696ebfedea0SLionel Sambuc
697ebfedea0SLionel Sambuc ret = make_ccred_from_cred(context,
698ebfedea0SLionel Sambuc creds,
699ebfedea0SLionel Sambuc &v5cred);
700ebfedea0SLionel Sambuc if (ret)
701ebfedea0SLionel Sambuc return ret;
702ebfedea0SLionel Sambuc
703ebfedea0SLionel Sambuc error = (*a->ccache->func->store_credentials)(a->ccache, &cred);
704ebfedea0SLionel Sambuc if (error)
705ebfedea0SLionel Sambuc ret = translate_cc_error(context, error);
706ebfedea0SLionel Sambuc
707ebfedea0SLionel Sambuc free_ccred(&v5cred);
708ebfedea0SLionel Sambuc
709ebfedea0SLionel Sambuc return ret;
710ebfedea0SLionel Sambuc }
711ebfedea0SLionel Sambuc
712ebfedea0SLionel Sambuc static krb5_error_code KRB5_CALLCONV
acc_get_principal(krb5_context context,krb5_ccache id,krb5_principal * principal)713ebfedea0SLionel Sambuc acc_get_principal(krb5_context context,
714ebfedea0SLionel Sambuc krb5_ccache id,
715ebfedea0SLionel Sambuc krb5_principal *principal)
716ebfedea0SLionel Sambuc {
717ebfedea0SLionel Sambuc krb5_acc *a = ACACHE(id);
718ebfedea0SLionel Sambuc krb5_error_code ret;
719ebfedea0SLionel Sambuc int32_t error;
720ebfedea0SLionel Sambuc cc_string_t name;
721ebfedea0SLionel Sambuc
722ebfedea0SLionel Sambuc if (a->ccache == NULL) {
723ebfedea0SLionel Sambuc krb5_set_error_message(context, KRB5_CC_NOTFOUND,
724ebfedea0SLionel Sambuc N_("No API credential found", ""));
725ebfedea0SLionel Sambuc return KRB5_CC_NOTFOUND;
726ebfedea0SLionel Sambuc }
727ebfedea0SLionel Sambuc
728ebfedea0SLionel Sambuc error = (*a->ccache->func->get_principal)(a->ccache,
729ebfedea0SLionel Sambuc cc_credentials_v5,
730ebfedea0SLionel Sambuc &name);
731ebfedea0SLionel Sambuc if (error)
732ebfedea0SLionel Sambuc return translate_cc_error(context, error);
733ebfedea0SLionel Sambuc
734ebfedea0SLionel Sambuc ret = krb5_parse_name(context, name->data, principal);
735ebfedea0SLionel Sambuc
736ebfedea0SLionel Sambuc (*name->func->release)(name);
737ebfedea0SLionel Sambuc return ret;
738ebfedea0SLionel Sambuc }
739ebfedea0SLionel Sambuc
740ebfedea0SLionel Sambuc static krb5_error_code KRB5_CALLCONV
acc_get_first(krb5_context context,krb5_ccache id,krb5_cc_cursor * cursor)741ebfedea0SLionel Sambuc acc_get_first (krb5_context context,
742ebfedea0SLionel Sambuc krb5_ccache id,
743ebfedea0SLionel Sambuc krb5_cc_cursor *cursor)
744ebfedea0SLionel Sambuc {
745ebfedea0SLionel Sambuc cc_credentials_iterator_t iter;
746ebfedea0SLionel Sambuc krb5_acc *a = ACACHE(id);
747ebfedea0SLionel Sambuc int32_t error;
748ebfedea0SLionel Sambuc
749ebfedea0SLionel Sambuc if (a->ccache == NULL) {
750ebfedea0SLionel Sambuc krb5_set_error_message(context, KRB5_CC_NOTFOUND,
751ebfedea0SLionel Sambuc N_("No API credential found", ""));
752ebfedea0SLionel Sambuc return KRB5_CC_NOTFOUND;
753ebfedea0SLionel Sambuc }
754ebfedea0SLionel Sambuc
755ebfedea0SLionel Sambuc error = (*a->ccache->func->new_credentials_iterator)(a->ccache, &iter);
756ebfedea0SLionel Sambuc if (error) {
757ebfedea0SLionel Sambuc krb5_clear_error_message(context);
758ebfedea0SLionel Sambuc return ENOENT;
759ebfedea0SLionel Sambuc }
760ebfedea0SLionel Sambuc *cursor = iter;
761ebfedea0SLionel Sambuc return 0;
762ebfedea0SLionel Sambuc }
763ebfedea0SLionel Sambuc
764ebfedea0SLionel Sambuc
765ebfedea0SLionel Sambuc static krb5_error_code KRB5_CALLCONV
acc_get_next(krb5_context context,krb5_ccache id,krb5_cc_cursor * cursor,krb5_creds * creds)766ebfedea0SLionel Sambuc acc_get_next (krb5_context context,
767ebfedea0SLionel Sambuc krb5_ccache id,
768ebfedea0SLionel Sambuc krb5_cc_cursor *cursor,
769ebfedea0SLionel Sambuc krb5_creds *creds)
770ebfedea0SLionel Sambuc {
771ebfedea0SLionel Sambuc cc_credentials_iterator_t iter = *cursor;
772ebfedea0SLionel Sambuc cc_credentials_t cred;
773ebfedea0SLionel Sambuc krb5_error_code ret;
774ebfedea0SLionel Sambuc int32_t error;
775ebfedea0SLionel Sambuc
776ebfedea0SLionel Sambuc while (1) {
777ebfedea0SLionel Sambuc error = (*iter->func->next)(iter, &cred);
778ebfedea0SLionel Sambuc if (error)
779ebfedea0SLionel Sambuc return translate_cc_error(context, error);
780ebfedea0SLionel Sambuc if (cred->data->version == cc_credentials_v5)
781ebfedea0SLionel Sambuc break;
782ebfedea0SLionel Sambuc (*cred->func->release)(cred);
783ebfedea0SLionel Sambuc }
784ebfedea0SLionel Sambuc
785ebfedea0SLionel Sambuc ret = make_cred_from_ccred(context,
786ebfedea0SLionel Sambuc cred->data->credentials.credentials_v5,
787ebfedea0SLionel Sambuc creds);
788ebfedea0SLionel Sambuc (*cred->func->release)(cred);
789ebfedea0SLionel Sambuc return ret;
790ebfedea0SLionel Sambuc }
791ebfedea0SLionel Sambuc
792ebfedea0SLionel Sambuc static krb5_error_code KRB5_CALLCONV
acc_end_get(krb5_context context,krb5_ccache id,krb5_cc_cursor * cursor)793ebfedea0SLionel Sambuc acc_end_get (krb5_context context,
794ebfedea0SLionel Sambuc krb5_ccache id,
795ebfedea0SLionel Sambuc krb5_cc_cursor *cursor)
796ebfedea0SLionel Sambuc {
797ebfedea0SLionel Sambuc cc_credentials_iterator_t iter = *cursor;
798ebfedea0SLionel Sambuc (*iter->func->release)(iter);
799ebfedea0SLionel Sambuc return 0;
800ebfedea0SLionel Sambuc }
801ebfedea0SLionel Sambuc
802ebfedea0SLionel Sambuc static krb5_error_code KRB5_CALLCONV
acc_remove_cred(krb5_context context,krb5_ccache id,krb5_flags which,krb5_creds * cred)803ebfedea0SLionel Sambuc acc_remove_cred(krb5_context context,
804ebfedea0SLionel Sambuc krb5_ccache id,
805ebfedea0SLionel Sambuc krb5_flags which,
806ebfedea0SLionel Sambuc krb5_creds *cred)
807ebfedea0SLionel Sambuc {
808ebfedea0SLionel Sambuc cc_credentials_iterator_t iter;
809ebfedea0SLionel Sambuc krb5_acc *a = ACACHE(id);
810ebfedea0SLionel Sambuc cc_credentials_t ccred;
811ebfedea0SLionel Sambuc krb5_error_code ret;
812ebfedea0SLionel Sambuc cc_int32 error;
813ebfedea0SLionel Sambuc char *client, *server;
814ebfedea0SLionel Sambuc
815ebfedea0SLionel Sambuc if (a->ccache == NULL) {
816ebfedea0SLionel Sambuc krb5_set_error_message(context, KRB5_CC_NOTFOUND,
817ebfedea0SLionel Sambuc N_("No API credential found", ""));
818ebfedea0SLionel Sambuc return KRB5_CC_NOTFOUND;
819ebfedea0SLionel Sambuc }
820ebfedea0SLionel Sambuc
821ebfedea0SLionel Sambuc if (cred->client) {
822ebfedea0SLionel Sambuc ret = krb5_unparse_name(context, cred->client, &client);
823ebfedea0SLionel Sambuc if (ret)
824ebfedea0SLionel Sambuc return ret;
825ebfedea0SLionel Sambuc } else
826ebfedea0SLionel Sambuc client = NULL;
827ebfedea0SLionel Sambuc
828ebfedea0SLionel Sambuc ret = krb5_unparse_name(context, cred->server, &server);
829ebfedea0SLionel Sambuc if (ret) {
830ebfedea0SLionel Sambuc free(client);
831ebfedea0SLionel Sambuc return ret;
832ebfedea0SLionel Sambuc }
833ebfedea0SLionel Sambuc
834ebfedea0SLionel Sambuc error = (*a->ccache->func->new_credentials_iterator)(a->ccache, &iter);
835ebfedea0SLionel Sambuc if (error) {
836ebfedea0SLionel Sambuc free(server);
837ebfedea0SLionel Sambuc free(client);
838ebfedea0SLionel Sambuc return translate_cc_error(context, error);
839ebfedea0SLionel Sambuc }
840ebfedea0SLionel Sambuc
841ebfedea0SLionel Sambuc ret = KRB5_CC_NOTFOUND;
842ebfedea0SLionel Sambuc while (1) {
843ebfedea0SLionel Sambuc cc_credentials_v5_t *v5cred;
844ebfedea0SLionel Sambuc
845ebfedea0SLionel Sambuc error = (*iter->func->next)(iter, &ccred);
846ebfedea0SLionel Sambuc if (error)
847ebfedea0SLionel Sambuc break;
848ebfedea0SLionel Sambuc
849ebfedea0SLionel Sambuc if (ccred->data->version != cc_credentials_v5)
850ebfedea0SLionel Sambuc goto next;
851ebfedea0SLionel Sambuc
852ebfedea0SLionel Sambuc v5cred = ccred->data->credentials.credentials_v5;
853ebfedea0SLionel Sambuc
854ebfedea0SLionel Sambuc if (client && strcmp(v5cred->client, client) != 0)
855ebfedea0SLionel Sambuc goto next;
856ebfedea0SLionel Sambuc
857ebfedea0SLionel Sambuc if (strcmp(v5cred->server, server) != 0)
858ebfedea0SLionel Sambuc goto next;
859ebfedea0SLionel Sambuc
860ebfedea0SLionel Sambuc (*a->ccache->func->remove_credentials)(a->ccache, ccred);
861ebfedea0SLionel Sambuc ret = 0;
862ebfedea0SLionel Sambuc next:
863ebfedea0SLionel Sambuc (*ccred->func->release)(ccred);
864ebfedea0SLionel Sambuc }
865ebfedea0SLionel Sambuc
866ebfedea0SLionel Sambuc (*iter->func->release)(iter);
867ebfedea0SLionel Sambuc
868ebfedea0SLionel Sambuc if (ret)
869ebfedea0SLionel Sambuc krb5_set_error_message(context, ret,
870ebfedea0SLionel Sambuc N_("Can't find credential %s in cache",
871ebfedea0SLionel Sambuc "principal"), server);
872ebfedea0SLionel Sambuc free(server);
873ebfedea0SLionel Sambuc free(client);
874ebfedea0SLionel Sambuc
875ebfedea0SLionel Sambuc return ret;
876ebfedea0SLionel Sambuc }
877ebfedea0SLionel Sambuc
878ebfedea0SLionel Sambuc static krb5_error_code KRB5_CALLCONV
acc_set_flags(krb5_context context,krb5_ccache id,krb5_flags flags)879ebfedea0SLionel Sambuc acc_set_flags(krb5_context context,
880ebfedea0SLionel Sambuc krb5_ccache id,
881ebfedea0SLionel Sambuc krb5_flags flags)
882ebfedea0SLionel Sambuc {
883ebfedea0SLionel Sambuc return 0;
884ebfedea0SLionel Sambuc }
885ebfedea0SLionel Sambuc
886ebfedea0SLionel Sambuc static int KRB5_CALLCONV
acc_get_version(krb5_context context,krb5_ccache id)887ebfedea0SLionel Sambuc acc_get_version(krb5_context context,
888ebfedea0SLionel Sambuc krb5_ccache id)
889ebfedea0SLionel Sambuc {
890ebfedea0SLionel Sambuc return 0;
891ebfedea0SLionel Sambuc }
892ebfedea0SLionel Sambuc
893ebfedea0SLionel Sambuc struct cache_iter {
894ebfedea0SLionel Sambuc cc_context_t context;
895ebfedea0SLionel Sambuc cc_ccache_iterator_t iter;
896ebfedea0SLionel Sambuc };
897ebfedea0SLionel Sambuc
898ebfedea0SLionel Sambuc static krb5_error_code KRB5_CALLCONV
acc_get_cache_first(krb5_context context,krb5_cc_cursor * cursor)899ebfedea0SLionel Sambuc acc_get_cache_first(krb5_context context, krb5_cc_cursor *cursor)
900ebfedea0SLionel Sambuc {
901ebfedea0SLionel Sambuc struct cache_iter *iter;
902ebfedea0SLionel Sambuc krb5_error_code ret;
903ebfedea0SLionel Sambuc cc_int32 error;
904ebfedea0SLionel Sambuc
905ebfedea0SLionel Sambuc ret = init_ccapi(context);
906ebfedea0SLionel Sambuc if (ret)
907ebfedea0SLionel Sambuc return ret;
908ebfedea0SLionel Sambuc
909ebfedea0SLionel Sambuc iter = calloc(1, sizeof(*iter));
910ebfedea0SLionel Sambuc if (iter == NULL) {
911ebfedea0SLionel Sambuc krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
912ebfedea0SLionel Sambuc return ENOMEM;
913ebfedea0SLionel Sambuc }
914ebfedea0SLionel Sambuc
915ebfedea0SLionel Sambuc error = (*init_func)(&iter->context, ccapi_version_3, NULL, NULL);
916ebfedea0SLionel Sambuc if (error) {
917ebfedea0SLionel Sambuc free(iter);
918ebfedea0SLionel Sambuc return translate_cc_error(context, error);
919ebfedea0SLionel Sambuc }
920ebfedea0SLionel Sambuc
921ebfedea0SLionel Sambuc error = (*iter->context->func->new_ccache_iterator)(iter->context,
922ebfedea0SLionel Sambuc &iter->iter);
923ebfedea0SLionel Sambuc if (error) {
924ebfedea0SLionel Sambuc free(iter);
925ebfedea0SLionel Sambuc krb5_clear_error_message(context);
926ebfedea0SLionel Sambuc return ENOENT;
927ebfedea0SLionel Sambuc }
928ebfedea0SLionel Sambuc *cursor = iter;
929ebfedea0SLionel Sambuc return 0;
930ebfedea0SLionel Sambuc }
931ebfedea0SLionel Sambuc
932ebfedea0SLionel Sambuc static krb5_error_code KRB5_CALLCONV
acc_get_cache_next(krb5_context context,krb5_cc_cursor cursor,krb5_ccache * id)933ebfedea0SLionel Sambuc acc_get_cache_next(krb5_context context, krb5_cc_cursor cursor, krb5_ccache *id)
934ebfedea0SLionel Sambuc {
935ebfedea0SLionel Sambuc struct cache_iter *iter = cursor;
936ebfedea0SLionel Sambuc cc_ccache_t cache;
937ebfedea0SLionel Sambuc krb5_acc *a;
938ebfedea0SLionel Sambuc krb5_error_code ret;
939ebfedea0SLionel Sambuc int32_t error;
940ebfedea0SLionel Sambuc
941ebfedea0SLionel Sambuc error = (*iter->iter->func->next)(iter->iter, &cache);
942ebfedea0SLionel Sambuc if (error)
943ebfedea0SLionel Sambuc return translate_cc_error(context, error);
944ebfedea0SLionel Sambuc
945ebfedea0SLionel Sambuc ret = _krb5_cc_allocate(context, &krb5_acc_ops, id);
946ebfedea0SLionel Sambuc if (ret) {
947ebfedea0SLionel Sambuc (*cache->func->release)(cache);
948ebfedea0SLionel Sambuc return ret;
949ebfedea0SLionel Sambuc }
950ebfedea0SLionel Sambuc
951ebfedea0SLionel Sambuc ret = acc_alloc(context, id);
952ebfedea0SLionel Sambuc if (ret) {
953ebfedea0SLionel Sambuc (*cache->func->release)(cache);
954ebfedea0SLionel Sambuc free(*id);
955ebfedea0SLionel Sambuc return ret;
956ebfedea0SLionel Sambuc }
957ebfedea0SLionel Sambuc
958ebfedea0SLionel Sambuc a = ACACHE(*id);
959ebfedea0SLionel Sambuc a->ccache = cache;
960ebfedea0SLionel Sambuc
961ebfedea0SLionel Sambuc error = get_cc_name(a);
962ebfedea0SLionel Sambuc if (error) {
963ebfedea0SLionel Sambuc acc_close(context, *id);
964ebfedea0SLionel Sambuc *id = NULL;
965ebfedea0SLionel Sambuc return translate_cc_error(context, error);
966ebfedea0SLionel Sambuc }
967ebfedea0SLionel Sambuc return 0;
968ebfedea0SLionel Sambuc }
969ebfedea0SLionel Sambuc
970ebfedea0SLionel Sambuc static krb5_error_code KRB5_CALLCONV
acc_end_cache_get(krb5_context context,krb5_cc_cursor cursor)971ebfedea0SLionel Sambuc acc_end_cache_get(krb5_context context, krb5_cc_cursor cursor)
972ebfedea0SLionel Sambuc {
973ebfedea0SLionel Sambuc struct cache_iter *iter = cursor;
974ebfedea0SLionel Sambuc
975ebfedea0SLionel Sambuc (*iter->iter->func->release)(iter->iter);
976ebfedea0SLionel Sambuc iter->iter = NULL;
977ebfedea0SLionel Sambuc (*iter->context->func->release)(iter->context);
978ebfedea0SLionel Sambuc iter->context = NULL;
979ebfedea0SLionel Sambuc free(iter);
980ebfedea0SLionel Sambuc return 0;
981ebfedea0SLionel Sambuc }
982ebfedea0SLionel Sambuc
983ebfedea0SLionel Sambuc static krb5_error_code KRB5_CALLCONV
acc_move(krb5_context context,krb5_ccache from,krb5_ccache to)984ebfedea0SLionel Sambuc acc_move(krb5_context context, krb5_ccache from, krb5_ccache to)
985ebfedea0SLionel Sambuc {
986ebfedea0SLionel Sambuc krb5_acc *afrom = ACACHE(from);
987ebfedea0SLionel Sambuc krb5_acc *ato = ACACHE(to);
988ebfedea0SLionel Sambuc int32_t error;
989ebfedea0SLionel Sambuc
990ebfedea0SLionel Sambuc if (ato->ccache == NULL) {
991ebfedea0SLionel Sambuc cc_string_t name;
992ebfedea0SLionel Sambuc
993ebfedea0SLionel Sambuc error = (*afrom->ccache->func->get_principal)(afrom->ccache,
994ebfedea0SLionel Sambuc cc_credentials_v5,
995ebfedea0SLionel Sambuc &name);
996ebfedea0SLionel Sambuc if (error)
997ebfedea0SLionel Sambuc return translate_cc_error(context, error);
998ebfedea0SLionel Sambuc
999ebfedea0SLionel Sambuc error = (*ato->context->func->create_new_ccache)(ato->context,
1000ebfedea0SLionel Sambuc cc_credentials_v5,
1001ebfedea0SLionel Sambuc name->data,
1002ebfedea0SLionel Sambuc &ato->ccache);
1003ebfedea0SLionel Sambuc (*name->func->release)(name);
1004ebfedea0SLionel Sambuc if (error)
1005ebfedea0SLionel Sambuc return translate_cc_error(context, error);
1006ebfedea0SLionel Sambuc }
1007ebfedea0SLionel Sambuc
1008ebfedea0SLionel Sambuc error = (*ato->ccache->func->move)(afrom->ccache, ato->ccache);
1009ebfedea0SLionel Sambuc
1010ebfedea0SLionel Sambuc acc_destroy(context, from);
1011ebfedea0SLionel Sambuc
1012ebfedea0SLionel Sambuc return translate_cc_error(context, error);
1013ebfedea0SLionel Sambuc }
1014ebfedea0SLionel Sambuc
1015ebfedea0SLionel Sambuc static krb5_error_code KRB5_CALLCONV
acc_get_default_name(krb5_context context,char ** str)1016ebfedea0SLionel Sambuc acc_get_default_name(krb5_context context, char **str)
1017ebfedea0SLionel Sambuc {
1018ebfedea0SLionel Sambuc krb5_error_code ret;
1019ebfedea0SLionel Sambuc cc_context_t cc;
1020ebfedea0SLionel Sambuc cc_string_t name;
1021ebfedea0SLionel Sambuc int32_t error;
1022ebfedea0SLionel Sambuc
1023ebfedea0SLionel Sambuc ret = init_ccapi(context);
1024ebfedea0SLionel Sambuc if (ret)
1025ebfedea0SLionel Sambuc return ret;
1026ebfedea0SLionel Sambuc
1027ebfedea0SLionel Sambuc error = (*init_func)(&cc, ccapi_version_3, NULL, NULL);
1028ebfedea0SLionel Sambuc if (error)
1029ebfedea0SLionel Sambuc return translate_cc_error(context, error);
1030ebfedea0SLionel Sambuc
1031ebfedea0SLionel Sambuc error = (*cc->func->get_default_ccache_name)(cc, &name);
1032ebfedea0SLionel Sambuc if (error) {
1033ebfedea0SLionel Sambuc (*cc->func->release)(cc);
1034ebfedea0SLionel Sambuc return translate_cc_error(context, error);
1035ebfedea0SLionel Sambuc }
1036ebfedea0SLionel Sambuc
1037ebfedea0SLionel Sambuc error = asprintf(str, "API:%s", name->data);
1038ebfedea0SLionel Sambuc (*name->func->release)(name);
1039ebfedea0SLionel Sambuc (*cc->func->release)(cc);
1040ebfedea0SLionel Sambuc
1041ebfedea0SLionel Sambuc if (error < 0 || *str == NULL) {
1042ebfedea0SLionel Sambuc krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
1043ebfedea0SLionel Sambuc return ENOMEM;
1044ebfedea0SLionel Sambuc }
1045ebfedea0SLionel Sambuc return 0;
1046ebfedea0SLionel Sambuc }
1047ebfedea0SLionel Sambuc
1048ebfedea0SLionel Sambuc static krb5_error_code KRB5_CALLCONV
acc_set_default(krb5_context context,krb5_ccache id)1049ebfedea0SLionel Sambuc acc_set_default(krb5_context context, krb5_ccache id)
1050ebfedea0SLionel Sambuc {
1051ebfedea0SLionel Sambuc krb5_acc *a = ACACHE(id);
1052ebfedea0SLionel Sambuc cc_int32 error;
1053ebfedea0SLionel Sambuc
1054ebfedea0SLionel Sambuc if (a->ccache == NULL) {
1055ebfedea0SLionel Sambuc krb5_set_error_message(context, KRB5_CC_NOTFOUND,
1056ebfedea0SLionel Sambuc N_("No API credential found", ""));
1057ebfedea0SLionel Sambuc return KRB5_CC_NOTFOUND;
1058ebfedea0SLionel Sambuc }
1059ebfedea0SLionel Sambuc
1060ebfedea0SLionel Sambuc error = (*a->ccache->func->set_default)(a->ccache);
1061ebfedea0SLionel Sambuc if (error)
1062ebfedea0SLionel Sambuc return translate_cc_error(context, error);
1063ebfedea0SLionel Sambuc
1064ebfedea0SLionel Sambuc return 0;
1065ebfedea0SLionel Sambuc }
1066ebfedea0SLionel Sambuc
1067ebfedea0SLionel Sambuc static krb5_error_code KRB5_CALLCONV
acc_lastchange(krb5_context context,krb5_ccache id,krb5_timestamp * mtime)1068ebfedea0SLionel Sambuc acc_lastchange(krb5_context context, krb5_ccache id, krb5_timestamp *mtime)
1069ebfedea0SLionel Sambuc {
1070ebfedea0SLionel Sambuc krb5_acc *a = ACACHE(id);
1071ebfedea0SLionel Sambuc cc_int32 error;
1072ebfedea0SLionel Sambuc cc_time_t t;
1073ebfedea0SLionel Sambuc
1074ebfedea0SLionel Sambuc if (a->ccache == NULL) {
1075ebfedea0SLionel Sambuc krb5_set_error_message(context, KRB5_CC_NOTFOUND,
1076ebfedea0SLionel Sambuc N_("No API credential found", ""));
1077ebfedea0SLionel Sambuc return KRB5_CC_NOTFOUND;
1078ebfedea0SLionel Sambuc }
1079ebfedea0SLionel Sambuc
1080ebfedea0SLionel Sambuc error = (*a->ccache->func->get_change_time)(a->ccache, &t);
1081ebfedea0SLionel Sambuc if (error)
1082ebfedea0SLionel Sambuc return translate_cc_error(context, error);
1083ebfedea0SLionel Sambuc
1084ebfedea0SLionel Sambuc *mtime = t;
1085ebfedea0SLionel Sambuc
1086ebfedea0SLionel Sambuc return 0;
1087ebfedea0SLionel Sambuc }
1088ebfedea0SLionel Sambuc
1089ebfedea0SLionel Sambuc /**
1090ebfedea0SLionel Sambuc * Variable containing the API based credential cache implemention.
1091ebfedea0SLionel Sambuc *
1092ebfedea0SLionel Sambuc * @ingroup krb5_ccache
1093ebfedea0SLionel Sambuc */
1094ebfedea0SLionel Sambuc
1095ebfedea0SLionel Sambuc KRB5_LIB_VARIABLE const krb5_cc_ops krb5_acc_ops = {
1096ebfedea0SLionel Sambuc KRB5_CC_OPS_VERSION,
1097ebfedea0SLionel Sambuc "API",
1098ebfedea0SLionel Sambuc acc_get_name,
1099ebfedea0SLionel Sambuc acc_resolve,
1100ebfedea0SLionel Sambuc acc_gen_new,
1101ebfedea0SLionel Sambuc acc_initialize,
1102ebfedea0SLionel Sambuc acc_destroy,
1103ebfedea0SLionel Sambuc acc_close,
1104ebfedea0SLionel Sambuc acc_store_cred,
1105ebfedea0SLionel Sambuc NULL, /* acc_retrieve */
1106ebfedea0SLionel Sambuc acc_get_principal,
1107ebfedea0SLionel Sambuc acc_get_first,
1108ebfedea0SLionel Sambuc acc_get_next,
1109ebfedea0SLionel Sambuc acc_end_get,
1110ebfedea0SLionel Sambuc acc_remove_cred,
1111ebfedea0SLionel Sambuc acc_set_flags,
1112ebfedea0SLionel Sambuc acc_get_version,
1113ebfedea0SLionel Sambuc acc_get_cache_first,
1114ebfedea0SLionel Sambuc acc_get_cache_next,
1115ebfedea0SLionel Sambuc acc_end_cache_get,
1116ebfedea0SLionel Sambuc acc_move,
1117ebfedea0SLionel Sambuc acc_get_default_name,
1118ebfedea0SLionel Sambuc acc_set_default,
1119*0a6a1f1dSLionel Sambuc acc_lastchange,
1120*0a6a1f1dSLionel Sambuc NULL,
1121*0a6a1f1dSLionel Sambuc NULL,
1122ebfedea0SLionel Sambuc };
1123ebfedea0SLionel Sambuc
1124ebfedea0SLionel Sambuc #endif
1125