summaryrefslogtreecommitdiffstats
path: root/src/kim/lib
diff options
context:
space:
mode:
authorAlexandra Ellwood <lxs@mit.edu>2008-10-09 02:35:38 +0000
committerAlexandra Ellwood <lxs@mit.edu>2008-10-09 02:35:38 +0000
commitfece1c9a779cc96dece0c92e7447b4503f23473d (patch)
tree22a2d71e5a7fd7198902068476720576d8426bbc /src/kim/lib
parent318f8606d16fb2a904d279b89164ff58a1423dba (diff)
downloadkrb5-fece1c9a779cc96dece0c92e7447b4503f23473d.tar.gz
krb5-fece1c9a779cc96dece0c92e7447b4503f23473d.tar.xz
krb5-fece1c9a779cc96dece0c92e7447b4503f23473d.zip
KL APIs which take a NULL principal return klParameterErr
Fixed by making kim_ccache_create_from_client_identity take KIM_IDENTITY_ANY (at which point it returns the system default ccache). ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20850 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kim/lib')
-rw-r--r--src/kim/lib/kim_ccache.c99
-rw-r--r--src/kim/lib/kim_ccache_private.h5
-rw-r--r--src/kim/lib/mac/KerberosLogin.c41
3 files changed, 81 insertions, 64 deletions
diff --git a/src/kim/lib/kim_ccache.c b/src/kim/lib/kim_ccache.c
index 43da3f29b5..26e926d3b7 100644
--- a/src/kim/lib/kim_ccache.c
+++ b/src/kim/lib/kim_ccache.c
@@ -254,6 +254,19 @@ kim_error kim_ccache_create_new_if_needed (kim_ccache *out_ccache,
kim_identity in_client_identity,
kim_options in_options)
{
+ return check_error (kim_ccache_create_new_if_needed_with_password (out_ccache,
+ in_client_identity,
+ in_options,
+ NULL));
+}
+
+/* ------------------------------------------------------------------------ */
+
+kim_error kim_ccache_create_new_if_needed_with_password (kim_ccache *out_ccache,
+ kim_identity in_client_identity,
+ kim_options in_options,
+ kim_string in_password)
+{
kim_error err = KIM_NO_ERROR;
kim_ccache ccache = NULL;
@@ -263,7 +276,8 @@ kim_error kim_ccache_create_new_if_needed (kim_ccache *out_ccache,
if (!err) {
kim_credential_state state;
- err = kim_ccache_create_from_client_identity (&ccache, in_client_identity);
+ err = kim_ccache_create_from_client_identity (&ccache,
+ in_client_identity);
if (!err) {
err = kim_ccache_get_state (ccache, &state);
@@ -280,7 +294,10 @@ kim_error kim_ccache_create_new_if_needed (kim_ccache *out_ccache,
if (!ccache) {
/* ccache does not already exist, create a new one */
- err = kim_ccache_create_new (&ccache, in_client_identity, in_options);
+ err = kim_ccache_create_new_with_password (&ccache,
+ in_client_identity,
+ in_options,
+ in_password);
}
}
@@ -300,56 +317,62 @@ kim_error kim_ccache_create_from_client_identity (kim_ccache *out_ccache,
kim_identity in_client_identity)
{
kim_error err = KIM_NO_ERROR;
- kim_ccache_iterator iterator = NULL;
- kim_boolean found = FALSE;
- if (!err && !out_ccache ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
- if (!err && !in_client_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); }
+ if (!err && !out_ccache) { err = check_error (KIM_NULL_PARAMETER_ERR); }
- if (!err) {
+ if (!err && in_client_identity) {
+ kim_ccache_iterator iterator = NULL;
+ kim_boolean found = FALSE;
+
err = kim_ccache_iterator_create (&iterator);
- }
-
- while (!err && !found) {
- kim_ccache ccache = NULL;
- kim_identity identity = NULL;
- kim_comparison comparison;
- err = kim_ccache_iterator_next (iterator, &ccache);
-
- if (!err && !ccache) {
- kim_string string = NULL;
+ while (!err && !found) {
+ kim_ccache ccache = NULL;
+ kim_identity identity = NULL;
+ kim_comparison comparison;
+
+ err = kim_ccache_iterator_next (iterator, &ccache);
+
+ if (!err && !ccache) {
+ kim_string string = NULL;
+
+ err = kim_identity_get_display_string (in_client_identity,
+ &string);
+
+ if (!err) {
+ err = kim_error_set_message_for_code (KIM_NO_SUCH_PRINCIPAL_ERR,
+ string);
+ }
+
+ kim_string_free (&string);
+ }
- err = kim_identity_get_display_string (in_client_identity, &string);
+ if (!err) {
+ err = kim_ccache_get_client_identity (ccache, &identity);
+ }
if (!err) {
- err = kim_error_set_message_for_code (KIM_NO_SUCH_PRINCIPAL_ERR,
- string);
+ err = kim_identity_compare (in_client_identity, identity,
+ &comparison);
}
- kim_string_free (&string);
- }
-
- if (!err) {
- err = kim_ccache_get_client_identity (ccache, &identity);
- }
-
- if (!err) {
- err = kim_identity_compare (in_client_identity, identity, &comparison);
+ if (!err && kim_comparison_is_equal_to (comparison)) {
+ found = 1;
+ *out_ccache = ccache;
+ ccache = NULL;
+ }
+
+ kim_identity_free (&identity);
+ kim_ccache_free (&ccache);
}
- if (!err && kim_comparison_is_equal_to (comparison)) {
- found = 1;
- *out_ccache = ccache;
- ccache = NULL;
- }
+ kim_ccache_iterator_free (&iterator);
- kim_identity_free (&identity);
- kim_ccache_free (&ccache);
+ } else if (!err) {
+ /* in_client_identity is NULL, get default ccache */
+ err = kim_ccache_create_from_default (out_ccache);
}
- kim_ccache_iterator_free (&iterator);
-
return check_error (err);
}
diff --git a/src/kim/lib/kim_ccache_private.h b/src/kim/lib/kim_ccache_private.h
index 42f048455b..6e1d7a12e3 100644
--- a/src/kim/lib/kim_ccache_private.h
+++ b/src/kim/lib/kim_ccache_private.h
@@ -29,6 +29,11 @@
#include <kim/kim.h>
+kim_error kim_ccache_create_new_if_needed_with_password (kim_ccache *out_ccache,
+ kim_identity in_client_identity,
+ kim_options in_options,
+ kim_string in_password);
+
kim_error kim_ccache_create_new_with_password (kim_ccache *out_ccache,
kim_identity in_client_identity,
kim_options in_options,
diff --git a/src/kim/lib/mac/KerberosLogin.c b/src/kim/lib/mac/KerberosLogin.c
index e8d7b577e4..47bb142534 100644
--- a/src/kim/lib/mac/KerberosLogin.c
+++ b/src/kim/lib/mac/KerberosLogin.c
@@ -203,13 +203,9 @@ KLStatus KLAcquireInitialTickets (KLPrincipal inPrincipal,
kim_identity identity = NULL;
if (!err) {
- err = kim_ccache_create_from_client_identity (&ccache,
- inPrincipal);
-
- if (err) {
- /* ccache does not already exist, create a new one */
- err = kim_ccache_create_new (&ccache, inPrincipal, inLoginOptions);
- }
+ err = kim_ccache_create_new_if_needed (&ccache,
+ inPrincipal,
+ inLoginOptions);
}
if (!err && outPrincipal) {
@@ -285,7 +281,9 @@ KLStatus KLDestroyTickets (KLPrincipal inPrincipal)
kim_error err = KIM_NO_ERROR;
kim_ccache ccache = NULL;
- err = kim_ccache_create_from_client_identity (&ccache, inPrincipal);
+ if (!err) {
+ err = kim_ccache_create_from_client_identity (&ccache, inPrincipal);
+ }
if (!err) {
err = kim_ccache_destroy (&ccache);
@@ -303,9 +301,6 @@ KLStatus KLChangePassword (KLPrincipal inPrincipal)
/* ------------------------------------------------------------------------ */
-
-/* Kerberos Login dialog low level functions */
-
KLStatus KLAcquireInitialTicketsWithPassword (KLPrincipal inPrincipal,
KLLoginOptions inLoginOptions,
const char *inPassword,
@@ -315,16 +310,10 @@ KLStatus KLAcquireInitialTicketsWithPassword (KLPrincipal inPrincipal,
kim_ccache ccache = NULL;
if (!err) {
- err = kim_ccache_create_from_client_identity (&ccache,
- inPrincipal);
-
- if (err) {
- /* ccache does not already exist, create a new one */
- err = kim_ccache_create_new_with_password (&ccache,
- inPrincipal,
- inLoginOptions,
- inPassword);
- }
+ err = kim_ccache_create_new_if_needed_with_password (&ccache,
+ inPrincipal,
+ inLoginOptions,
+ inPassword);
}
if (!err && outCredCacheName) {
@@ -676,11 +665,7 @@ KLStatus KLCacheHasValidTickets (KLPrincipal inPrincipal,
if (!outFoundValidTickets) { err = kl_check_error (klParameterErr); }
if (!err) {
- if (inPrincipal) {
- err = kim_ccache_create_from_client_identity (&ccache, inPrincipal);
- } else {
- err = kim_ccache_create_from_default (&ccache);
- }
+ err = kim_ccache_create_from_client_identity (&ccache, inPrincipal);
}
if (!err) {
@@ -689,6 +674,10 @@ KLStatus KLCacheHasValidTickets (KLPrincipal inPrincipal,
if (!err && outPrincipal) {
err = kim_ccache_get_client_identity (ccache, &identity);
+ if (err) {
+ err = KIM_NO_ERROR;
+ identity = NULL;
+ }
}
if (!err && outCredCacheName) {
generated by cgit (git 2.34.1) at 2024-09-19 07:55:33 +0000