diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2012-05-17 13:49:30 +0200 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2012-06-14 15:52:29 -0400 |
| commit | f674270b1068e4ad51c80dcd528ae996a4fe99ef (patch) | |
| tree | 09eb3ec1800de9016e72aaee786af173047f7173 /src/util | |
| parent | f232789430a080384188d5da89b19d874cf17513 (diff) | |
| download | sssd-f674270b1068e4ad51c80dcd528ae996a4fe99ef.tar.gz sssd-f674270b1068e4ad51c80dcd528ae996a4fe99ef.tar.xz sssd-f674270b1068e4ad51c80dcd528ae996a4fe99ef.zip | |
Residual util functions
Kerberos credential caches can be specified by TYPE:RESIDUAL. This patch
adds a couple of utilities to support parsing if ccache locations,
checking types etc.
Diffstat (limited to 'src/util')
| -rw-r--r-- | src/util/sss_krb5.c | 86 | ||||
| -rw-r--r-- | src/util/sss_krb5.h | 16 |
2 files changed, 102 insertions, 0 deletions
diff --git a/src/util/sss_krb5.c b/src/util/sss_krb5.c index 81a1623ef..5bc1140d0 100644 --- a/src/util/sss_krb5.c +++ b/src/util/sss_krb5.c @@ -1124,3 +1124,89 @@ sss_krb5_read_etypes_for_keytab(TALLOC_CTX *mem_ctx, talloc_free(tmp_ctx); return ret; } + +#define SSS_KRB5_FILE "FILE:" +#define SSS_KRB5_DIR "DIR:" + +enum sss_krb5_cc_type +sss_krb5_get_type(const char *full_location) +{ + if (!full_location) { + return SSS_KRB5_TYPE_UNKNOWN; + } + + if (strncmp(full_location, SSS_KRB5_FILE, + sizeof(SSS_KRB5_FILE)-1) == 0) { + return SSS_KRB5_TYPE_FILE; + } else if (strncmp(full_location, SSS_KRB5_DIR, + sizeof(SSS_KRB5_DIR)-1) == 0) { + return SSS_KRB5_TYPE_DIR; + } else if (full_location[0] == '/') { + return SSS_KRB5_TYPE_FILE; + } + + return SSS_KRB5_TYPE_UNKNOWN; +} + +const char * +sss_krb5_residual_by_type(const char *full_location, + enum sss_krb5_cc_type type) +{ + size_t offset; + + if (full_location == NULL) return NULL; + + switch (type) { + case SSS_KRB5_TYPE_FILE: + if (full_location[0] == '/') { + offset = 0; + } else { + offset = sizeof(SSS_KRB5_FILE)-1; + } + break; + case SSS_KRB5_TYPE_DIR: + offset = sizeof(SSS_KRB5_DIR)-1; + break; + default: + return NULL; + } + + return full_location + offset; +} + +const char * +sss_krb5_cc_file_path(const char *full_location) +{ + enum sss_krb5_cc_type cc_type; + const char *residual; + + cc_type = sss_krb5_get_type(full_location); + residual = sss_krb5_residual_by_type(full_location, cc_type); + + switch(cc_type) { + case SSS_KRB5_TYPE_FILE: + return residual; + case SSS_KRB5_TYPE_DIR: + /* DIR::/run/user/tkt_foo */ + if (residual[0] == ':') return residual+1; + case SSS_KRB5_TYPE_UNKNOWN: + break; + } + + return NULL; +} + +const char * +sss_krb5_residual_check_type(const char *full_location, + enum sss_krb5_cc_type expected_type) +{ + enum sss_krb5_cc_type type; + + type = sss_krb5_get_type(full_location); + if (type != expected_type) { + DEBUG(SSSDBG_OP_FAILURE, ("Unexpected ccache type\n")); + return NULL; + } + + return sss_krb5_residual_by_type(full_location, type); +} diff --git a/src/util/sss_krb5.h b/src/util/sss_krb5.h index 12412585f..bba2a7eda 100644 --- a/src/util/sss_krb5.h +++ b/src/util/sss_krb5.h @@ -122,6 +122,22 @@ sss_krb5_unparse_name_flags(krb5_context context, krb5_const_principal principal void sss_krb5_get_init_creds_opt_set_canonicalize(krb5_get_init_creds_opt *opts, int canonicalize); +enum sss_krb5_cc_type { + SSS_KRB5_TYPE_FILE, + SSS_KRB5_TYPE_DIR, + SSS_KRB5_TYPE_UNKNOWN +}; + +enum sss_krb5_cc_type +sss_krb5_get_type(const char *full_location); +const char * +sss_krb5_residual_by_type(const char *full_location, enum sss_krb5_cc_type type); +const char * +sss_krb5_cc_file_path(const char *full_location); +const char * +sss_krb5_residual_check_type(const char *full_location, + enum sss_krb5_cc_type expected_type); + /* === Compatibility routines for the Heimdal Kerberos implementation === */ void sss_krb5_princ_realm(krb5_context context, krb5_const_principal princ, |