New provider: RealmD

1 files changed, 627 insertions, 0 deletions

diff --git a/src/realmd/LMI_RealmdKerberosRealmProvider.c b/src/realmd/LMI_RealmdKerberosRealmProvider.c
new file mode 100644
index 0000000..5dc90d2
--- /dev/null
+++ b/src/realmd/LMI_RealmdKerberosRealmProvider.c
@@ -0,0 +1,627 @@
+#include <konkret/konkret.h>
+#include "LMI_RealmdKerberosRealm.h"
+#include "globals.h"
+#include "rdcp_error.h"
+#include "rdcp_dbus.h"
+#include "rdcp_util.h"
+#include "rdcp_realmdrealm.h"
+
+static const CMPIBroker* _cb = NULL;
+
+CMPIStatus LMI_RealmdKerberosRealmRef_InitFromDBusPath(
+    LMI_RealmdKerberosRealmRef* self,
+    const CMPIBroker* cb,
+    const char* ns,
+    const char* dbus_path)
+{
+    CMPIStatus status;
+
+    CMSetStatus(&status, CMPI_RC_OK);
+
+    LMI_RealmdRealmInitKeys(LMI_RealmdKerberosRealmRef, self, dbus_path);
+
+    return status;
+}
+
+CMPIStatus LMI_RealmdKerberosRealm_InitFromDBusPath(
+    LMI_RealmdKerberosRealm* self,
+    const CMPIBroker* cb,
+    const char* ns,
+    const char* dbus_path)
+{
+    CMPIStatus status;
+    GError *g_error = NULL;
+    GVariant *realm_props = NULL;
+    GVariant *kerberos_props = NULL;
+    GVariant *kerberos_membership_props = NULL;
+
+    CMSetStatus(&status, CMPI_RC_OK);
+
+    if (!rdcp_dbus_initialize(&g_error)) {
+        return handle_g_error(&g_error, _cb, &status, CMPI_RC_ERR_FAILED, "rdcp_dbus_initialize failed");
+    }
+
+    GET_DBUS_PROPERIES_OR_EXIT(realm_props, dbus_path,
+                               REALM_DBUS_REALM_INTERFACE, &status);
+    GET_DBUS_PROPERIES_OR_EXIT(kerberos_props, dbus_path,
+                               REALM_DBUS_KERBEROS_INTERFACE, &status);
+
+    LMI_RealmdRealmInitKeys(LMI_RealmdKerberosRealm, self, dbus_path);
+    LMI_InitFromDBusRealmProps(LMI_RealmdKerberosRealm, self, realm_props);
+    LMI_InitFromDBusKerberosRealmProps(LMI_RealmdKerberosRealm, self, kerberos_props);
+
+    if (SupportsDBusInterface(realm_props, REALM_DBUS_KERBEROS_MEMBERSHIP_INTERFACE)) {
+        GET_DBUS_PROPERIES_OR_EXIT(kerberos_membership_props, dbus_path,
+                                   REALM_DBUS_KERBEROS_MEMBERSHIP_INTERFACE, &status);
+
+        LMI_InitFromDBusKerberosMembershipProps(LMI_RealmdKerberosRealm, self,
+                                                kerberos_membership_props);
+    }
+
+ exit:
+    G_VARIANT_FREE(realm_props);
+    G_VARIANT_FREE(kerberos_props);
+    G_VARIANT_FREE(kerberos_membership_props);
+
+    return status;
+}
+
+
+static void LMI_RealmdKerberosRealmInitialize()
+{
+}
+
+static CMPIStatus LMI_RealmdKerberosRealmCleanup(
+    CMPIInstanceMI* mi,
+    const CMPIContext* cc,
+    CMPIBoolean term)
+{
+    CMReturn(CMPI_RC_OK);
+}
+
+static CMPIStatus LMI_RealmdKerberosRealmEnumInstanceNames(
+    CMPIInstanceMI* mi,
+    const CMPIContext* cc,
+    const CMPIResult* cr,
+    const CMPIObjectPath* cop)
+{
+    return KDefaultEnumerateInstanceNames(
+        _cb, mi, cc, cr, cop);
+}
+
+static CMPIStatus LMI_RealmdKerberosRealmEnumInstances(
+    CMPIInstanceMI* mi,
+    const CMPIContext* cc,
+    const CMPIResult* cr,
+    const CMPIObjectPath* cop,
+    const char** properties)
+{
+    CMPIStatus status;
+    GError *g_error = NULL;
+    GVariant *provider_props = NULL;
+    GVariant *realm_props = NULL;
+    GVariantIter *iter = NULL;
+    gchar *realm_obj_path;
+    const char *name_space = KNameSpace(cop);
+
+    CMSetStatus(&status, CMPI_RC_OK);
+
+    if (!rdcp_dbus_initialize(&g_error)) {
+        return handle_g_error(&g_error, _cb, &status, CMPI_RC_ERR_FAILED,
+                              "rdcp_dbus_initialize failed");
+    }
+
+    GET_DBUS_PROPERIES_OR_EXIT(provider_props, REALM_DBUS_SERVICE_PATH,
+                               REALM_DBUS_PROVIDER_INTERFACE, &status);
+
+    g_variant_lookup(provider_props, "Realms", "ao", &iter);
+    while (g_variant_iter_next(iter, "&o", &realm_obj_path)) {
+        LMI_RealmdKerberosRealm realmd_realm;
+
+        GET_DBUS_PROPERIES_OR_EXIT(realm_props, realm_obj_path,
+                                   REALM_DBUS_REALM_INTERFACE, &status);
+        if (!SupportsDBusInterface(realm_props, REALM_DBUS_KERBEROS_INTERFACE)) {
+            G_VARIANT_FREE(realm_props);
+            continue;
+        }
+        G_VARIANT_FREE(realm_props);
+
+        status = LMI_RealmdKerberosRealm_InitFromDBusPath(&realmd_realm, _cb,
+                                                          name_space, realm_obj_path);
+        if (status.rc != CMPI_RC_OK) {
+            goto exit;
+        }
+
+        KReturnInstance(cr, realmd_realm);
+    }
+
+ exit:
+    G_VARIANT_ITER_FREE(iter);
+    G_VARIANT_FREE(provider_props);
+    G_VARIANT_FREE(realm_props);
+
+    return status;
+}
+
+static CMPIStatus LMI_RealmdKerberosRealmGetInstance(
+    CMPIInstanceMI* mi,
+    const CMPIContext* cc,
+    const CMPIResult* cr,
+    const CMPIObjectPath* cop,
+    const char** properties)
+{
+    return KDefaultGetInstance(
+        _cb, mi, cc, cr, cop, properties);
+}
+
+static CMPIStatus LMI_RealmdKerberosRealmCreateInstance(
+    CMPIInstanceMI* mi,
+    const CMPIContext* cc,
+    const CMPIResult* cr,
+    const CMPIObjectPath* cop,
+    const CMPIInstance* ci)
+{
+    CMReturn(CMPI_RC_ERR_NOT_SUPPORTED);
+}
+
+static CMPIStatus LMI_RealmdKerberosRealmModifyInstance(
+    CMPIInstanceMI* mi,
+    const CMPIContext* cc,
+    const CMPIResult* cr,
+    const CMPIObjectPath* cop,
+    const CMPIInstance* ci,
+    const char** properties)
+{
+    CMReturn(CMPI_RC_ERR_NOT_SUPPORTED);
+}
+
+static CMPIStatus LMI_RealmdKerberosRealmDeleteInstance(
+    CMPIInstanceMI* mi,
+    const CMPIContext* cc,
+    const CMPIResult* cr,
+    const CMPIObjectPath* cop)
+{
+    CMReturn(CMPI_RC_ERR_NOT_SUPPORTED);
+}
+
+static CMPIStatus LMI_RealmdKerberosRealmExecQuery(
+    CMPIInstanceMI* mi,
+    const CMPIContext* cc,
+    const CMPIResult* cr,
+    const CMPIObjectPath* cop,
+    const char* lang,
+    const char* query)
+{
+    CMReturn(CMPI_RC_ERR_NOT_SUPPORTED);
+}
+
+CMInstanceMIStub(
+    LMI_RealmdKerberosRealm,
+    LMI_RealmdKerberosRealm,
+    _cb,
+    LMI_RealmdKerberosRealmInitialize())
+
+static CMPIStatus LMI_RealmdKerberosRealmMethodCleanup(
+    CMPIMethodMI* mi,
+    const CMPIContext* cc,
+    CMPIBoolean term)
+{
+    CMReturn(CMPI_RC_OK);
+}
+
+static CMPIStatus LMI_RealmdKerberosRealmInvokeMethod(
+    CMPIMethodMI* mi,
+    const CMPIContext* cc,
+    const CMPIResult* cr,
+    const CMPIObjectPath* cop,
+    const char* meth,
+    const CMPIArgs* in,
+    CMPIArgs* out)
+{
+    return LMI_RealmdKerberosRealm_DispatchMethod(
+        _cb, mi, cc, cr, cop, meth, in, out);
+}
+
+CMMethodMIStub(
+    LMI_RealmdKerberosRealm,
+    LMI_RealmdKerberosRealm,
+    _cb,
+    LMI_RealmdKerberosRealmInitialize())
+
+KUint32 LMI_RealmdKerberosRealm_ChangeLoginPolicy(
+    const CMPIBroker* cb,
+    CMPIMethodMI* mi,
+    const CMPIContext* context,
+    const LMI_RealmdKerberosRealmRef* self,
+    const KString* LoginPolicy,
+    const KStringA* PermittedAdd,
+    const KStringA* PermittedRemove,
+    CMPIStatus* status)
+{
+    KUint32 result = KUINT32_INIT;
+
+    KSetStatus(status, ERR_NOT_SUPPORTED);
+    return result;
+}
+
+KUint32 LMI_RealmdKerberosRealm_Deconfigure(
+    const CMPIBroker* cb,
+    CMPIMethodMI* mi,
+    const CMPIContext* context,
+    const LMI_RealmdKerberosRealmRef* self,
+    CMPIStatus* status)
+{
+    KUint32 result = KUINT32_INIT;
+
+    KSetStatus(status, ERR_NOT_SUPPORTED);
+    return result;
+}
+
+KEXTERN KUint32 LMI_RealmdKerberosRealm_Join(
+    const CMPIBroker* cb,
+    CMPIMethodMI* mi,
+    const CMPIContext* context,
+    const LMI_RealmdKerberosRealmRef* self,
+    const KUint32* Type,
+    const KUint32* Owner,
+    const KString* Name,
+    const KString* Password,
+    const KUint8A* Data,
+    const KStringA* OptionNames,
+    const KStringA* OptionValues,
+    CMPIStatus* status)
+{
+    GError *g_error = NULL;
+    KUint32 result = KUINT32_INIT;
+    const char *cred_type = NULL;
+    const char *cred_owner = NULL;
+    gchar *data = NULL;
+    gsize data_len;
+    gchar *dbus_path = NULL;
+    GVariant *credentials = NULL;
+    GVariant *data_variant = NULL;
+    GVariant *options = NULL;
+
+    KUint32_Set(&result, LMI_REALMD_RESULT_SUCCESS);
+    CMSetStatus(status, CMPI_RC_OK);
+
+    if (!rdcp_dbus_initialize(&g_error)) {
+        handle_g_error(&g_error, _cb, status, CMPI_RC_ERR_FAILED, "rdcp_dbus_initialize failed");
+        KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+        goto exit;
+    }
+
+    if (!Type->exists || Type->null) {
+        CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER, "Type parameter absent");
+        KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+        goto exit;
+    }
+
+    if (!Owner->exists || Owner->null) {
+        CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER, "Owner parameter absent");
+        KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+        goto exit;
+    }
+
+    if (!dbus_path_from_instance_id(self->InstanceID.chars, &dbus_path, &g_error)) {
+        handle_g_error(&g_error, cb, status, CMPI_RC_ERR_FAILED,
+                       "dbus_path_from_instance_id() failed");
+        KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+        goto exit;
+    }
+
+    switch(Owner->value) {
+    case LMI_RealmdKerberosRealm_SupportedJoinCredentialOwners_administrator:
+    case LMI_RealmdKerberosRealm_SupportedJoinCredentialOwners_user:
+    case LMI_RealmdKerberosRealm_SupportedJoinCredentialOwners_computer:
+    case LMI_RealmdKerberosRealm_SupportedJoinCredentialOwners_none:
+        break;
+    default:
+        CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER, "Invalid Owner parameter");
+        KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+        goto exit;
+    }
+
+    cred_type = SupportedJoinCredentialTypes_enum_to_name(Type->value);
+    cred_owner = SupportedJoinCredentialOwners_enum_to_name(Owner->value);
+
+    switch(Type->value) {
+    case LMI_RealmdKerberosRealm_SupportedJoinCredentialTypes_ccache:
+        if ((Name->exists && !Name->null) || (Password->exists && !Password->null)) {
+            CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER,
+                                 "Name & Password parameters must be NULL when Type is ccache");
+            KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+            goto exit;
+        }
+        if (!Data->exists || Data->null) {
+            CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER,
+                                 "Data parameter must be provided when Type is ccache");
+            KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+            goto exit;
+        }
+
+        if ((data = get_data_from_KUint8A(Data, &data_len)) == NULL) {
+            CMSetStatusWithChars(cb, status, CMPI_RC_ERR_FAILED,
+                                 "unabled to allocate memory");
+            KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+            goto exit;
+        }
+	data_variant = g_variant_new_from_data(G_VARIANT_TYPE ("ay"),
+                                               data, data_len,
+                                               TRUE, g_free, (gpointer) data);
+
+        credentials = g_variant_new("(ssv)", cred_type, cred_owner, data_variant);
+        break;
+    case LMI_RealmdKerberosRealm_SupportedJoinCredentialTypes_password:
+        if (!Name->exists || Name->null || !Password->exists || Password->null) {
+            CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER,
+                                 "Name & Password parameters must be provided when Type is password");
+            KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+            goto exit;
+        }
+        if (Data->exists && !Data->null) {
+            CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER,
+                                 "Data parameter must be NULL when Type is password");
+            KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+            goto exit;
+        }
+
+        credentials = g_variant_new("(ssv)", cred_type, cred_owner,
+                                    g_variant_new("(ss)", Name->chars, Password->chars));
+
+        break;
+    case LMI_RealmdKerberosRealm_SupportedJoinCredentialTypes_secrect:
+        if ((Name->exists && !Name->null) || (Password->exists && !Password->null)) {
+            CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER,
+                                 "Name & Password parameters must be NULL when Type is secret");
+            KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+            goto exit;
+        }
+        if (!Data->exists || Data->null) {
+            CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER,
+                                 "Data parameter must be provided when Type is secret");
+            KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+            goto exit;
+        }
+
+        if ((data = get_data_from_KUint8A(Data, &data_len)) == NULL) {
+            CMSetStatusWithChars(cb, status, CMPI_RC_ERR_FAILED,
+                                 "unabled to allocate memory");
+            KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+            goto exit;
+        }
+	credentials = g_variant_new("(ssv)", cred_type, cred_owner,
+                                    g_variant_new_fixed_array(G_VARIANT_TYPE_BYTE,
+                                                              data, data_len, 1));
+        break;
+    case LMI_RealmdKerberosRealm_SupportedJoinCredentialTypes_automatic:
+        if ((Name->exists && !Name->null) || (Password->exists && !Password->null) ||
+            (Data->exists && !Data->null)) {
+            CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER,
+                                 "Name, Password & Data parameters must be NULL when Type is secret");
+            KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+            goto exit;
+        }
+
+	credentials = g_variant_new ("(ssv)", cred_type, cred_owner,
+                                     g_variant_new_string (""));
+
+        break;
+    default:
+        CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER, "Invalid Type parameter");
+        KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+        goto exit;
+    }
+
+
+    if (!build_g_variant_options_from_KStringA(OptionNames, OptionValues, &options, &g_error)) {
+        handle_g_error(&g_error, cb, status, CMPI_RC_ERR_FAILED,
+                       "failed to convert options to gvariant");
+        KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+        goto exit;
+    }
+
+    if (!dbus_join_call(system_bus, dbus_path, credentials, options, &g_error)) {
+        handle_g_error(&g_error, cb, status, CMPI_RC_ERR_FAILED, "dbus_join_call() failed");
+        KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+        goto exit;
+    }
+
+
+ exit:
+
+    g_free(data);
+    G_VARIANT_FREE(credentials);
+    G_VARIANT_FREE(data_variant);
+    G_VARIANT_FREE(options);
+
+    return result;
+}
+
+KEXTERN KUint32 LMI_RealmdKerberosRealm_Leave(
+    const CMPIBroker* cb,
+    CMPIMethodMI* mi,
+    const CMPIContext* context,
+    const LMI_RealmdKerberosRealmRef* self,
+    const KUint32* Type,
+    const KUint32* Owner,
+    const KString* Name,
+    const KString* Password,
+    const KUint8A* Data,
+    const KStringA* OptionNames,
+    const KStringA* OptionValues,
+    CMPIStatus* status)
+{
+    GError *g_error = NULL;
+    KUint32 result = KUINT32_INIT;
+    const char *cred_type = NULL;
+    const char *cred_owner = NULL;
+    gchar *data = NULL;
+    gsize data_len;
+    gchar *dbus_path = NULL;
+    GVariant *credentials = NULL;
+    GVariant *data_variant = NULL;
+    GVariant *options = NULL;
+
+    KUint32_Set(&result, LMI_REALMD_RESULT_SUCCESS);
+    CMSetStatus(status, CMPI_RC_OK);
+
+    if (!rdcp_dbus_initialize(&g_error)) {
+        handle_g_error(&g_error, _cb, status, CMPI_RC_ERR_FAILED, "rdcp_dbus_initialize failed");
+        KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+        goto exit;
+    }
+
+    if (!Type->exists || Type->null) {
+        CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER, "Type parameter absent");
+        KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+        goto exit;
+    }
+
+    if (!Owner->exists || Owner->null) {
+        CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER, "Owner parameter absent");
+        KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+        goto exit;
+    }
+
+    if (!dbus_path_from_instance_id(self->InstanceID.chars, &dbus_path, &g_error)) {
+        handle_g_error(&g_error, cb, status, CMPI_RC_ERR_FAILED,
+                       "dbus_path_from_instance_id() failed");
+        KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+        goto exit;
+    }
+
+    switch(Owner->value) {
+    case LMI_RealmdKerberosRealm_SupportedLeaveCredentialOwners_administrator:
+    case LMI_RealmdKerberosRealm_SupportedLeaveCredentialOwners_user:
+    case LMI_RealmdKerberosRealm_SupportedLeaveCredentialOwners_computer:
+    case LMI_RealmdKerberosRealm_SupportedLeaveCredentialOwners_none:
+        break;
+    default:
+        CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER, "Invalid Owner parameter");
+        KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+        goto exit;
+    }
+
+    cred_type = SupportedLeaveCredentialTypes_enum_to_name(Type->value);
+    cred_owner = SupportedLeaveCredentialOwners_enum_to_name(Owner->value);
+
+    switch(Type->value) {
+    case LMI_RealmdKerberosRealm_SupportedLeaveCredentialTypes_ccache:
+        if ((Name->exists && !Name->null) || (Password->exists && !Password->null)) {
+            CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER,
+                                 "Name & Password parameters must be NULL when Type is ccache");
+            KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+            goto exit;
+        }
+        if (!Data->exists || Data->null) {
+            CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER,
+                                 "Data parameter must be provided when Type is ccache");
+            KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+            goto exit;
+        }
+
+        if ((data = get_data_from_KUint8A(Data, &data_len)) == NULL) {
+            CMSetStatusWithChars(cb, status, CMPI_RC_ERR_FAILED,
+                                 "unabled to allocate memory");
+            KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+            goto exit;
+        }
+	data_variant = g_variant_new_from_data(G_VARIANT_TYPE ("ay"),
+                                               data, data_len,
+                                               TRUE, g_free, (gpointer) data);
+
+        credentials = g_variant_new("(ssv)", cred_type, cred_owner, data_variant);
+        break;
+    case LMI_RealmdKerberosRealm_SupportedLeaveCredentialTypes_password:
+        if (!Name->exists || Name->null || !Password->exists || Password->null) {
+            CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER,
+                                 "Name & Password parameters must be provided when Type is password");
+            KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+            goto exit;
+        }
+        if (Data->exists && !Data->null) {
+            CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER,
+                                 "Data parameter must be NULL when Type is password");
+            KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+            goto exit;
+        }
+
+        credentials = g_variant_new("(ssv)", cred_type, cred_owner,
+                                    g_variant_new("(ss)", Name->chars, Password->chars));
+
+        break;
+    case LMI_RealmdKerberosRealm_SupportedLeaveCredentialTypes_secrect:
+        if ((Name->exists && !Name->null) || (Password->exists && !Password->null)) {
+            CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER,
+                                 "Name & Password parameters must be NULL when Type is secret");
+            KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+            goto exit;
+        }
+        if (!Data->exists || Data->null) {
+            CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER,
+                                 "Data parameter must be provided when Type is secret");
+            KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+            goto exit;
+        }
+
+        if ((data = get_data_from_KUint8A(Data, &data_len)) == NULL) {
+            CMSetStatusWithChars(cb, status, CMPI_RC_ERR_FAILED,
+                                 "unabled to allocate memory");
+            KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+            goto exit;
+        }
+	credentials = g_variant_new("(ssv)", cred_type, cred_owner,
+                                    g_variant_new_fixed_array(G_VARIANT_TYPE_BYTE,
+                                                              data, data_len, 1));
+        break;
+    case LMI_RealmdKerberosRealm_SupportedLeaveCredentialTypes_automatic:
+        if ((Name->exists && !Name->null) || (Password->exists && !Password->null) ||
+            (Data->exists && !Data->null)) {
+            CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER,
+                                 "Name, Password & Data parameters must be NULL when Type is secret");
+            KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+            goto exit;
+        }
+
+	credentials = g_variant_new ("(ssv)", cred_type, cred_owner,
+                                     g_variant_new_string (""));
+
+        break;
+    default:
+        CMSetStatusWithChars(cb, status, CMPI_RC_ERR_INVALID_PARAMETER, "Invalid Type parameter");
+        KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+        goto exit;
+    }
+
+
+    if (!build_g_variant_options_from_KStringA(OptionNames, OptionValues, &options, &g_error)) {
+        handle_g_error(&g_error, cb, status, CMPI_RC_ERR_FAILED,
+                       "failed to convert options to gvariant");
+        KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+        goto exit;
+    }
+
+    if (!dbus_leave_call(system_bus, dbus_path, credentials, options, &g_error)) {
+        handle_g_error(&g_error, cb, status, CMPI_RC_ERR_FAILED, "dbus_leave_call() failed");
+        KUint32_Set(&result, LMI_REALMD_RESULT_FAILED);
+        goto exit;
+    }
+
+
+ exit:
+
+    g_free(data);
+    G_VARIANT_FREE(credentials);
+    G_VARIANT_FREE(data_variant);
+    G_VARIANT_FREE(options);
+
+    return result;
+}
+
+
+KONKRET_REGISTRATION(
+    "root/cimv2",
+    "LMI_RealmdKerberosRealm",
+    "LMI_RealmdKerberosRealm",
+    "instance method");