diff options
| author | Alexandra Ellwood <lxs@mit.edu> | 2007-01-18 23:24:13 +0000 |
|---|---|---|
| committer | Alexandra Ellwood <lxs@mit.edu> | 2007-01-18 23:24:13 +0000 |
| commit | 635cbee21b123f08d56ad654ec61a2bccee73c24 (patch) | |
| tree | 378b621a5ebe3346e100419deff9c6a9edf6f12f /src/lib/krb5/ccache/ccapi | |
| parent | 6152fdfde148b3df254b92df2754853907b29965 (diff) | |
| download | krb5-635cbee21b123f08d56ad654ec61a2bccee73c24.tar.gz krb5-635cbee21b123f08d56ad654ec61a2bccee73c24.tar.xz krb5-635cbee21b123f08d56ad654ec61a2bccee73c24.zip | |
Added KDC timesyncing support to the CCAPI ccache backend for CCAPI v5 and
later. v5 is the first version of the CCAPI to support the kdc timesyncing
API.
ticket: 5403
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19071 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/krb5/ccache/ccapi')
| -rw-r--r-- | src/lib/krb5/ccache/ccapi/stdcc.c | 82 |
1 files changed, 72 insertions, 10 deletions
diff --git a/src/lib/krb5/ccache/ccapi/stdcc.c b/src/lib/krb5/ccache/ccapi/stdcc.c index edbec11f2..36bc780e2 100644 --- a/src/lib/krb5/ccache/ccapi/stdcc.c +++ b/src/lib/krb5/ccache/ccapi/stdcc.c @@ -56,6 +56,7 @@ #ifdef USE_CCAPI_V3 cc_context_t gCntrlBlock = NULL; +cc_int32 gCCVersion = 0; #else apiCB *gCntrlBlock = NULL; #endif @@ -222,13 +223,59 @@ static krb5_error_code cc_err_xlate(int err) #ifdef USE_CCAPI_V3 + +static krb5_error_code stdccv3_get_timeoffset (krb5_context in_context, + cc_ccache_t in_ccache) +{ + krb5_error_code err = 0; + + if (gCCVersion >= ccapi_version_5) { + krb5_os_context os_ctx = (krb5_os_context) in_context->os_context; + cc_time_t time_offset = 0; + + err = cc_ccache_get_kdc_time_offset (in_ccache, cc_credentials_v5, + &time_offset); + + if (!err) { + os_ctx->time_offset = time_offset; + os_ctx->usec_offset = 0; + os_ctx->os_flags = ((os_ctx->os_flags & ~KRB5_OS_TOFFSET_TIME) | + KRB5_OS_TOFFSET_VALID); + } + + if (err == ccErrTimeOffsetNotSet) { + err = 0; /* okay if there is no time offset */ + } + } + + return err; /* Don't translate. Callers will translate for us */ +} + +static krb5_error_code stdccv3_set_timeoffset (krb5_context in_context, + cc_ccache_t in_ccache) +{ + krb5_error_code err = 0; + + if (gCCVersion >= ccapi_version_5) { + krb5_os_context os_ctx = (krb5_os_context) in_context->os_context; + + if (!err && os_ctx->os_flags & KRB5_OS_TOFFSET_VALID) { + err = cc_ccache_set_kdc_time_offset (in_ccache, + cc_credentials_v5, + os_ctx->time_offset); + } + } + + return err; /* Don't translate. Callers will translate for us */ +} + static krb5_error_code stdccv3_setup (krb5_context context, stdccCacheDataPtr ccapi_data) { krb5_error_code err = 0; if (!err && !gCntrlBlock) { - err = cc_initialize (&gCntrlBlock, ccapi_version_max, NULL, NULL); + err = cc_initialize (&gCntrlBlock, ccapi_version_max, &gCCVersion, NULL); } if (!err && ccapi_data && !ccapi_data->NamedCache) { @@ -237,6 +284,10 @@ static krb5_error_code stdccv3_setup (krb5_context context, &ccapi_data->NamedCache); } + if (!err && ccapi_data && ccapi_data->NamedCache) { + err = stdccv3_get_timeoffset (context, ccapi_data->NamedCache); + } + return err; /* Don't translate. Callers will translate for us */ } @@ -245,6 +296,7 @@ void krb5_stdcc_shutdown() { if (gCntrlBlock) { cc_context_release(gCntrlBlock); } gCntrlBlock = NULL; + gCCVersion = 0; } /* @@ -278,11 +330,15 @@ krb5_stdccv3_generate_new (krb5_context context, krb5_ccache *id ) } if (!err) { - err = cc_context_create_new_ccache (gCntrlBlock, cc_credentials_v5, 0L, + err = cc_context_create_new_ccache (gCntrlBlock, cc_credentials_v5, "", &ccache); } if (!err) { + err = stdccv3_set_timeoffset (context, ccache); + } + + if (!err) { err = cc_ccache_get_name (ccache, &ccstring); } @@ -395,6 +451,7 @@ krb5_stdccv3_initialize (krb5_context context, krb5_error_code err = 0; stdccCacheDataPtr ccapi_data = id->data; char *name = NULL; + cc_ccache_t ccache = NULL; if (id == NULL) { err = KRB5_CC_NOMEM; } @@ -406,22 +463,27 @@ krb5_stdccv3_initialize (krb5_context context, err = krb5_unparse_name(context, princ, &name); } - if (!err && ccapi_data->NamedCache) { - err = cc_ccache_release(ccapi_data->NamedCache); - ccapi_data->NamedCache = NULL; - } - if (!err) { err = cc_context_create_ccache (gCntrlBlock, ccapi_data->cache_name, cc_credentials_v5, name, - &ccapi_data->NamedCache); + &ccache); } if (!err) { - cache_changed(); + err = stdccv3_set_timeoffset (context, ccache); + } + + if (!err) { + if (ccapi_data->NamedCache) { + err = cc_ccache_release (ccapi_data->NamedCache); + } + ccapi_data->NamedCache = ccache; + ccache = NULL; /* take ownership */ + cache_changed (); } - if (name) { krb5_free_unparsed_name(context, name); } + if (ccache) { cc_ccache_release (ccache); } + if (name ) { krb5_free_unparsed_name(context, name); } return cc_err_xlate(err); } |