diff options
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/kadm5/unit-test/setkey-test.c | 22 | ||||
| -rw-r--r-- | src/lib/krb5/krb/in_tkt_sky.c | 36 |
2 files changed, 33 insertions, 25 deletions
diff --git a/src/lib/kadm5/unit-test/setkey-test.c b/src/lib/kadm5/unit-test/setkey-test.c index c1b9c5d1fb..4da236e093 100644 --- a/src/lib/kadm5/unit-test/setkey-test.c +++ b/src/lib/kadm5/unit-test/setkey-test.c @@ -63,6 +63,7 @@ main(int argc, char **argv) krb5_keytab_entry ktent; krb5_encrypt_block eblock; krb5_creds my_creds; + krb5_get_init_creds_opt *opt; kadm5_principal_ent_rec princ_ent; krb5_principal princ, server; char pw[16]; @@ -138,8 +139,8 @@ main(int argc, char **argv) * For each enctype in the test, construct a random password/key. * Assign all keys to principal with kadm5_setkey_principal. Add * each key to the keytab, and acquire an initial ticket with the - * keytab (XXX can I specify the enctype & kvno explicitly?). If - * krb5_get_in_tkt_with_keytab succeeds, then the keys were set + * keytab (XXX can I specify the kvno explicitly?). If + * krb5_get_init_creds_keytab succeeds, then the keys were set * successfully. */ for (test = 0; tests[test] != NULL; test++) { @@ -191,13 +192,16 @@ main(int argc, char **argv) my_creds.server = server; ktypes[0] = testp[encnum].enctype; - ret = krb5_get_in_tkt_with_keytab(context, - 0 /* options */, - NULL /* addrs */, - ktypes, - NULL /* preauth */, - kt, 0, - &my_creds, 0); + ret = krb5_get_init_creds_opt_allocate(context, &opt); + if (ret) { + com_err(whoami, ret, "while allocating gic opts"); + exit(1); + } + krb5_get_init_creds_opt_set_etype_list(opt, ktypes, 1); + ret = krb5_get_init_creds_keytab(context, &my_creds, princ, + kt, 0, NULL /* in_tkt_service */, + opt); + krb5_get_init_creds_opt_free(context, opt); if (ret) { com_err(whoami, ret, "while acquiring initial ticket"); exit(1); diff --git a/src/lib/krb5/krb/in_tkt_sky.c b/src/lib/krb5/krb/in_tkt_sky.c index b11e694ddd..7a8922623c 100644 --- a/src/lib/krb5/krb/in_tkt_sky.c +++ b/src/lib/krb5/krb/in_tkt_sky.c @@ -78,23 +78,29 @@ krb5_get_in_tkt_with_skey(krb5_context context, krb5_flags options, int use_master = 0; krb5_get_init_creds_opt *opts = NULL; + retval = k5_populate_gic_opt(context, &opts, options, addrs, ktypes, + pre_auth_types, creds); + if (retval) + return retval; + + retval = krb5_get_init_creds_opt_set_out_ccache(context, opts, ccache); + if (retval) + goto cleanup; + #ifndef LEAN_CLIENT if (key == NULL) { - return krb5_get_in_tkt_with_keytab(context, options, addrs, ktypes, - pre_auth_types, NULL, ccache, - creds, ret_as_reply); + retval = krb5_get_init_creds_keytab(context, creds, creds->client, + NULL /* keytab */, + creds->times.starttime, + NULL /* in_tkt_service */, + opts); + goto cleanup; } #endif /* LEAN_CLIENT */ - retval = k5_populate_gic_opt(context, &opts, options, addrs, ktypes, - pre_auth_types, creds); - if (retval) - return retval; retval = krb5_unparse_name(context, creds->server, &server); - if (retval) { - krb5_get_init_creds_opt_free(context, opts); - return retval; - } + if (retval) + goto cleanup; server_princ = creds->server; client_princ = creds->client; retval = k5_get_init_creds(context, creds, creds->client, @@ -102,15 +108,13 @@ krb5_get_in_tkt_with_skey(krb5_context context, krb5_flags options, get_as_key_skey, (void *)key, &use_master, ret_as_reply); krb5_free_unparsed_name(context, server); - krb5_get_init_creds_opt_free(context, opts); if (retval) - return retval; + goto cleanup; krb5_free_principal( context, creds->server); krb5_free_principal( context, creds->client); creds->client = client_princ; creds->server = server_princ; - /* store it in the ccache! */ - if (ccache) - retval = krb5_cc_store_cred(context, ccache, creds); +cleanup: + krb5_get_init_creds_opt_free(context, opts); return retval; } |