diff options
| author | Greg Hudson <ghudson@mit.edu> | 2012-06-21 16:53:43 -0400 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2012-06-21 16:53:43 -0400 |
| commit | f22b98916070be6b3778888df1e65ced07c47131 (patch) | |
| tree | 71a0b0c23a64ea50e0011538c813ef57c2b788ab /src | |
| parent | 37b09d45192bd9d958d047dbb829d10f892b1fda (diff) | |
| download | krb5-f22b98916070be6b3778888df1e65ced07c47131.tar.gz krb5-f22b98916070be6b3778888df1e65ced07c47131.tar.xz krb5-f22b98916070be6b3778888df1e65ced07c47131.zip | |
Remove orphaned KfM code
Diffstat (limited to 'src')
111 files changed, 3 insertions, 34850 deletions
diff --git a/src/include/k5-thread.h b/src/include/k5-thread.h index 0c90b55e9..17ef69ee7 100644 --- a/src/include/k5-thread.h +++ b/src/include/k5-thread.h @@ -406,10 +406,8 @@ typedef enum { K5_KEY_GSS_KRB5_SET_CCACHE_OLD_NAME, K5_KEY_GSS_KRB5_CCACHE_NAME, K5_KEY_GSS_KRB5_ERROR_MESSAGE, - K5_KEY_KIM_ERROR_MESSAGE, #if defined(__MACH__) && defined(__APPLE__) K5_KEY_IPC_CONNECTION_INFO, - K5_KEY_COM_ERR_REENTER, #endif K5_KEY_MAX } k5_key_t; diff --git a/src/include/kim/kim.h b/src/include/kim/kim.h deleted file mode 100644 index 7edb2a206..000000000 --- a/src/include/kim/kim.h +++ /dev/null @@ -1,170 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright 2005-2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_H -#define KIM_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include <kim/kim_types.h> -#include <kim/kim_errors.h> -#include <kim/kim_string.h> -#include <kim/kim_identity.h> -#include <kim/kim_options.h> -#include <kim/kim_selection_hints.h> -#include <kim/kim_preferences.h> -#include <kim/kim_credential.h> -#include <kim/kim_ccache.h> - -/*! - * \mainpage Kerberos Identity Management (KIM) API Documentation - * - * \section introduction Introduction - * - * The Kerberos Identity Management API is a high level API for managing the selection - * and management of Kerberos credentials. It is intended for use by applications, - * credential management applications (eg: kinit, kpasswd, etc) and internally by the - * Kerberos libraries. Under some circumstances client applications may also benefit - * from the Kerberos Identity Management API. - * - * - * \section conventions API Conventions - * - * Although KIM currently only provides a C API, it attempts to make that API as - * object-oriented as possible. KIM functions are grouped by object and all of the - * object types are opaque, including errors. The reason for this is two-fold. First, - * the KIM API is rather large. Grouping functions by object allows the API to be - * broken up into smaller, more manageable chunks. Second, providing an object-like C - * API will make it easier to port to object oriented languages. - * - * Because C lacks classes and other object oriented syntax, KIM functions adhere to - * the following naming conventions to make functions easier to identify: - * - * \li Functions beginning with \b kim_object_create are constructors for an object of - * type kim_object. On success these functions return a newly allocated object which - * must later be freed by the caller. - * - * \li Functions of the form \b kim_object_copy are copy constructors. They instantiate - * a new object of kim_object from an object of the same type. - * - * \li Functions of the form \b kim_object_free are destructors for objects of type - * kim_object. - * - * \li Functions beginning with \b kim_object_get and \b kim_object_set - * examine and modify properties of objects of type kim_object. - * - * \li All KIM APIs except destructors and error management APIs return a - * KIM Error object (kim_error_t). - * - * - * \section terminology Terminology - * - * Kerberos organizes its authentication tokens by client identity (the name of the user) - * and service identity (the name of a service). The following terms are used throughout - * this documentation: - * - * \li <b>credential</b> - A token which authenticates a client identity to a - * service identity. - * - * \li <b>ccache</b> - Short for "credentials cache". A set of credentials for a single - * client identity. - * - * \li <b>cache collection</b> - The set of all credential caches. - * - * \li <b>default ccache</b> - A credentials cache that the Kerberos libraries will use - * if no ccache is specified by the caller. Use of the default - * ccache is now discouraged. Instead applications should use - * selection hints to choose an appropriate client identity. - * - * \section selection_api Client Identity Selection APIs - * - * KIM provides high level APIs for applications to select which client identity to - * use. Use of these APIs is intended to replace the traditional "default ccache" - * mechanism previously used by Kerberos. - * - * <B>KIM Selection Hints (kim_selection_hints_t)</B> controls options for selecting - * a client identity: - * - \subpage kim_selection_hints_overview - * - \subpage kim_selection_hints_reference - * - * <B>KIM Identity (kim_identity_t)</B> provides an immutable Kerberos identity object - * - \subpage kim_identity_overview - * - \subpage kim_identity_reference - * - * - * \section management_api Credential Management APIs - * - * KIM also provides APIs for acquiring new credentials over the network - * by contacting a KDC and for viewing and modifying the existing credentials - * in the cache collection - * - * Whether or not you use the credential or ccache APIs depends on - * whether you want KIM to store any newly acquired credentials in the - * cache collection. KIM ccache APIs always create a ccache in the cache - * collection containing newly acquired credentials whereas the KIM - * credential APIs just return a credential object. In general most - * callers want to store newly acquired credentials and should use the - * KIM ccache APIs when acquiring credentials. - * - * <B>KIM CCache (kim_ccache_t)</B> manipulates credential caches in the cache collection: - * - \subpage kim_ccache_overview - * - \subpage kim_ccache_reference - * - * <B>KIM Credential (kim_credential_t)</B> manipulates credentials: - * - \subpage kim_credential_overview - * - \subpage kim_credential_reference - * - * <B>KIM Options (kim_options_t)</B> control options for credential acquisition: - * - \subpage kim_options_overview - * - \subpage kim_options_reference - * - * <B>KIM Preferences (kim_preferences_t)</B> views and edits the current user's preferences: - * - \subpage kim_preferences_overview - * - \subpage kim_preferences_reference - * - * - * \section utility_apis Miscellaneous APIs - * - * The high and low level APIs depend on the following basic utility classes - * to manage generic types. - * - * <B>KIM String (kim_string_t)</B> provides memory management for an immutable string: - * - \subpage kim_string_overview - * - \subpage kim_string_reference - * - * - * - * \section types Types and Constants - * - * \li \subpage kim_types_reference - */ - -#ifdef __cplusplus -} -#endif - -#endif /* KIM_H */ diff --git a/src/include/kim/kim_ccache.h b/src/include/kim/kim_ccache.h deleted file mode 100644 index d2d0d1de0..000000000 --- a/src/include/kim/kim_ccache.h +++ /dev/null @@ -1,660 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright 2005-2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_CCACHE_H -#define KIM_CCACHE_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include <kim/kim_types.h> - -/*! - * \page kim_ccache_overview KIM CCache Overview - * - * \section kim_ccache_introduction Introduction - * - * Kerberos credentials are stored in "ccaches" (short for "credentials caches"). - * The set of all ccaches which the KIM can use is called the "cache collection". - * Each ccache has a name and type which uniquely identify it in the cache - * collection and a client identity. The ccache's client identity is the - * identity whose credentials are stored in the ccache. This allows for easy - * lookup of all the credentials for a given identity. - * - * KIM attempts to preserve a one-to-one relationship between client identities - * and ccaches. If the KIM is used to manipulate the cache collection, there - * will be one ccache per identity. However, because low-level APIs allow callers - * to create multiple ccaches for the same client identity or a single ccache - * containing credentials for different client identities, KIM handles those - * situations. In general when searching KIM will find the first ccache matching - * the requested client identity. It will not find credentials for the requested - * client identity if they are in a ccache with a different client identity. - * - * The kim_ccache_t object is a reference to a ccache in the cache collection. - * If other applications make changes to the the ccache pointed to by a KIM ccache - * object, the object will immediately show those changes. KIM performs locking - * on the cache collection to prevent deadlocks and maintain a consistent behavior - * when multiple applications attempt to modify the cache collection. - * - * \note KIM ccache APIs are intended for applications and system - * tools which manage credentials for the user. They are not a substitute for - * krb5 and GSSAPI functions which obtain service credentials for the purpose - * of authenticating a client to an application server. - * - * \section kim_credential_cache_collection Acquiring a CCache from the Cache Collection - * - * KIM provides a simple iterator API for iterating over the ccaches - * in the cache collection. First, call #kim_ccache_iterator_create() to obtain - * an iterator for the cache collection. Then loop calling - * #kim_ccache_iterator_next() until either you find the ccache you are looking - * for or the API returns a NULL ccache, indicating that there are no more - * ccaches in the cache collection. When you are done with the iterator, call - * #kim_ccache_iterator_free(). - * - * \note #kim_ccache_iterator_next() returns ccache objects which - * must be freed with #kim_ccache_free() to avoid leaking memory. - * - * KIM also provides a convenient API #kim_ccache_create_from_client_identity() - * which returns the ccache for a specific client identity, if any exists. - * Typically callers of this API obtain the client identity using - * #kim_selection_hints_get_identity(). - * - * - * \section kim_ccache_acquire_default Acquiring Credentials from the Default CCache - * - * #kim_ccache_create_from_default() returns the default ccache. - * The default ccache is a legacy concept which was replaced by selection - * hints. Prior to the existence of selection hints, applications always - * looked at the default ccache for credentials. By setting the system default - * ccache, users could manually control which credentials each application used. - * As the number of ccaches and applications has grown, this mechanism has become - * unusable. You should avoid using this API whenever possible. - * - * - * \section kim_ccache_acquire_new Acquiring New Credentials in a CCache - * - * KIM provides the #kim_ccache_create_new() API for acquiring new - * credentials and storing them in a ccache. Credentials can either be - * obtained for a specific client identity or by specifying - * #KIM_IDENTITY_ANY to allow the user to choose. Typically - * callers of this API obtain the client identity using - * #kim_selection_hints_get_identity(). Depending on the kim_options - * specified, #kim_ccache_create_new() may present a GUI or command line - * prompt to obtain information from the user. - * - * #kim_ccache_create_new_if_needed() - * searches the cache collection for a ccache for the client identity - * and if no appropriate ccache is available, attempts to acquire - * new credentials and store them in a new ccache. Depending on the - * kim_options specified, #kim_ccache_create_new_if_needed() may - * present a GUI or command line prompt to obtain information from the - * user. This function exists for convenience and to avoid code duplication. - * It can be trivially implemented using - * #kim_ccache_create_from_client_identity() and #kim_ccache_create_new(). - * - * For legacy password-based Kerberos environments KIM also provides - * #kim_ccache_create_new_with_password() and - * #kim_ccache_create_new_if_needed_with_password(). You should not use these - * functions unless you know that they will only be used in environments using - * passwords. Otherwise users without passwords may be prompted for them. - * - * KIM provides the #kim_ccache_create_from_keytab() to create credentials - * using a keytab and store them in the cache collection. A keytab is an - * on-disk copy of a client identity's secret key. Typically sites use - * keytabs for client identities that identify a machine or service and - * protect the keytab with disk permissions. Because a keytab is - * sufficient to obtain credentials, keytabs will normally only be readable - * by root, Administrator or some other privileged account. - * Typically applications use credentials obtained from keytabs to obtain - * credentials for batch processes. These keytabs and credentials are usually - * for a special identity used for the batch process rather than a user - * identity. - * - * - * \section kim_ccache_validate Validating Credentials in a CCache - * - * A credential with a start time in the future (ie: after the issue date) - * is called a post-dated credential. Because the KDC administrator may - * wish to disable a identity, once the start time is reached, all post-dated - * credentials must be validated before they can be used. Otherwise an - * attacker using a compromised account could acquire lots of post-dated - * credentials to circumvent the acccount being disabled. - * - * KIM provides the #kim_ccache_validate() API to validate the TGT - * credential in a ccache. Note that this API replaces any existing - * credentials with the validated credential. - * - * - * \section kim_ccache_renew Renewing Credentials in a CCache - * - * A renewable credential can be used to obtain a new identical credential - * without resending secret information (such as a password) to the KDC. - * A credential may only be renewed during its renewal lifetime and while - * valid. - * - * KIM provides the #kim_ccache_renew() API to renew the TGT credential - * in a ccache. Note that this API replaces any existing credentials with the - * renewed credential. - * - * - * \section kim_ccache_verify Verifying Credentials in a CCache - * - * When a program acquires TGT credentials for the purpose of authenticating - * itself to the machine it is running on, it is insufficient for the machine - * to assume that the caller is authorized just because it got credentials. - * Instead, the credentials must be verified using a key the local machine. - * The reason this is necessary is because an attacker can trick the - * machine into obtaining credentials from any KDC, including malicious ones - * with the same realm name as the local machine's realm. This exploit is - * called the Zanarotti attack. - * - * In order to avoid the Zanarotti attack, the local machine must authenticate - * the process in the same way an application server would authenticate a client. - * Like an application server, the local machine must have its own identity in - * its realm and a keytab for that identity on its local disk. However, - * rather than forcing system daemons to use the network-oriented calls in the - * krb5 and GSS APIs, KIM provides the #kim_ccache_verify() API to - * verify credentials directly. - * - * The most common reason for using #kim_ccache_verify() is user login. - * If the local machine wants to use Kerberos to verify the username and password - * provided by the user, it must call #kim_ccache_verify() on the credentials - * it obtains to make sure they are really from a KDC it trusts. Another common - * case is a server which is only using Kerberos internally. For example an - * LDAP or web server might use a username and password obtained over the network - * to get Kerberos credentials. In order to make sure they aren't being tricked - * into talking to the wrong KDC, these servers must also call - * #kim_ccache_verify(). - * - * The Zanarotti attack is only a concern if the act of accessing the machine - * gives the process special access. Thus a managed cluster machine with - * Kerberos-authenticated networked home directories does not need to call - * #kim_ccache_verify(). Even though an attacker can log in as any user on - * the cluster machine, the attacker can't actually access any of the user's data - * or use any of their privileges because those are all authenticated via - * Kerberized application servers (and thus require actually having credentials - * for the real local realm). - * - * #kim_ccache_verify() provides an option to - * return success even if the machine's host key is not present. This option - * exists for sites which have a mix of different machines, some of which are - * vulnerable to the Zanarotti attack and some are not. If this option is used, - * it is the responsiblity of the machine's maintainer to obtain a keytab - * for their machine if it needs one. - * - * - * \section kim_ccache_properties Examining CCache Properties - * - * \li #kim_ccache_get_type() returns the type of the ccache. Types include - * "API" for CCAPI ccaches, "FILE" for file-based ccaches and "MEMORY" for - * single-process in-memory ccaches. - * - * \li #kim_ccache_get_name() returns the name of the ccache. A ccache's name - * identifies the ccache uniquely among ccaches of the same type. Note that - * two ccaches with different types may have the same name. - * - * \li #kim_ccache_get_display_name() returns a display string which uniquely - * identifies a ccache. A ccache display name is of the form "<type>:<name>" - * and can be displayed to the user or used as an argument to certain krb5 - * APIs, such as krb5_cc_resolve(). - * - * \li #kim_ccache_get_client_identity() - * returns the ccache's client identity. - * - * \li #kim_ccache_get_valid_credential() - * returns the first valid TGT in the ccache for its client identity. - * If there are no TGTs in the ccache, it returns the first - * valid non-TGT credential for the ccache's client identity. - * TGT credentials (ie: "ticket-granting tickets") are credentials for - * the krbtgt service: a service identity of the form "krbtgt/<REALM>@<REALM>". - * These credentials allow the entity named by the client identity to obtain - * additional credentials without resending shared secrets (such as a password) - * to the KDC. Kerberos uses TGTs to provide single sign-on authentication. - * - * \li #kim_ccache_get_start_time() - * returns when the credential's in a ccache will become valid. - * Credentials may be "post-dated" which means that their lifetime starts sometime - * in the future. Note that when a post-dated credential's start time is reached, - * the credential must be validated. See \ref kim_credential_validate for more information. - * - * \li #kim_ccache_get_expiration_time() - * returns when the credential's in a ccache will expire. - * Credentials are time limited by the lifetime of the credential. While you can - * request a credential of any lifetime, the KDC limits the credential lifetime - * to a administrator-defined maximum. Typically credential lifetime range from 10 - * to 21 hours. - * - * \li #kim_ccache_get_renewal_expiration_time() - * returns when the credential's in a ccache will no longer be renewable. - * Valid credentials may be renewed up until their renewal expiration time. - * Renewing credentials acquires a fresh set of credentials with a full lifetime - * without resending secrets to the KDC (such as a password). If credentials are - * not renewable, this function will return an error. - * - * \li #kim_ccache_get_options() - * returns a kim_options object with the credential options of the credentials - * in the ccache. This function is intended to be used when adding - * an identity with existing credentials to the favorite identities list. - * By passing in the options returned by this call, future requests for the - * favorite identity will use the same credential options. - * - * See \ref kim_ccache_reference and \ref kim_ccache_iterator_reference for - * information on specific APIs. - */ - - -/*! - * \defgroup kim_ccache_iterator_reference KIM CCache Iterator Reference Documentation - * @{ - */ - -/*! - * \param out_ccache_iterator on exit, a ccache iterator object for the cache collection. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get a ccache iterator to enumerate ccaches in the cache collection. - */ -kim_error kim_ccache_iterator_create (kim_ccache_iterator *out_ccache_iterator); - -/*! - * \param in_ccache_iterator a ccache iterator object. - * \param out_ccache on exit, the next ccache in the cache collection. If there are - * no more ccaches in the cache collection this argument will be - * set to NULL. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the next ccache in the cache collection. - */ -kim_error kim_ccache_iterator_next (kim_ccache_iterator in_ccache_iterator, - kim_ccache *out_ccache); - -/*! - * \param io_ccache_iterator a ccache iterator object to be freed. Set to NULL on exit. - * \brief Free memory associated with a ccache iterator. - */ -void kim_ccache_iterator_free (kim_ccache_iterator *io_ccache_iterator); - -/*!@}*/ - -/*! - * \defgroup kim_ccache_reference KIM CCache Reference Documentation - * @{ - */ - -/*! - * \param out_ccache on exit, a new cache object for a ccache containing a newly acquired - * initial credential. Must be freed with kim_ccache_free(). - * \param in_client_identity a client identity to obtain a credential for. Specify KIM_IDENTITY_ANY to - * allow the user to choose. - * \param in_options options to control credential acquisition. - * \note #kim_ccache_create_new() may - * present a GUI or command line prompt to obtain information from the user. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Acquire a new initial credential and store it in a ccache. - */ -kim_error kim_ccache_create_new (kim_ccache *out_ccache, - kim_identity in_client_identity, - kim_options in_options); - -/*! - * \param out_ccache on exit, a new cache object for a ccache containing a newly acquired - * initial credential. Must be freed with kim_ccache_free(). - * \param in_client_identity a client identity to obtain a credential for. Specify KIM_IDENTITY_ANY to - * allow the user to choose. - * \param in_options options to control credential acquisition. - * \param in_password a password to be used while obtaining credentials. - * \note #kim_ccache_create_new_with_password() exists to support - * legacy password-based Kerberos environments. You should not use this - * function unless you know that it will only be used in environments using passwords. - * This function may also present a GUI or command line prompt to obtain - * additional information needed to obtain credentials (eg: SecurID pin). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Acquire a new initial credential and store it in a ccache - * using the provided password.. - */ -kim_error kim_ccache_create_new_with_password (kim_ccache *out_ccache, - kim_identity in_client_identity, - kim_options in_options, - kim_string in_password); - -/*! - * \param out_ccache on exit, a ccache object for a ccache containing a newly acquired - * initial credential. Must be freed with kim_ccache_free(). - * \param in_client_identity a client identity to obtain a credential for. - * \param in_options options to control credential acquisition (if a credential is acquired). - * \note #kim_ccache_create_new_if_needed() may - * present a GUI or command line prompt to obtain information from the user. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Find a ccache containing a valid initial credential in the cache collection, or if - * unavailable, acquire and store a new initial credential. - */ -kim_error kim_ccache_create_new_if_needed (kim_ccache *out_ccache, - kim_identity in_client_identity, - kim_options in_options); - -/*! - * \param out_ccache on exit, a ccache object for a ccache containing a newly acquired - * initial credential. Must be freed with kim_ccache_free(). - * \param in_client_identity a client identity to obtain a credential for. - * \param in_options options to control credential acquisition (if a credential is acquired). - * \param in_password a password to be used while obtaining credentials. - * \note #kim_ccache_create_new_if_needed_with_password() exists to support - * legacy password-based Kerberos environments. You should not use this - * function unless you know that it will only be used in environments using passwords. - * This function may also present a GUI or command line prompt to obtain - * additional information needed to obtain credentials (eg: SecurID pin). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Find a ccache containing a valid initial credential in the cache collection, or if - * unavailable, acquire and store a new initial credential using the provided password. - */ -kim_error kim_ccache_create_new_if_needed_with_password (kim_ccache *out_ccache, - kim_identity in_client_identity, - kim_options in_options, - kim_string in_password); - -/*! - * \param out_ccache on exit, a ccache object for a ccache containing a TGT - * credential. Must be freed with kim_ccache_free(). - * \param in_client_identity a client identity to find a ccache for. If - * \a in_client_identity is #KIM_IDENTITY_ANY, this - * function returns the default ccache - * (ie: is equivalent to #kim_ccache_create_from_default()). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Find a ccache for a client identity in the cache collection. - */ -kim_error kim_ccache_create_from_client_identity (kim_ccache *out_ccache, - kim_identity in_client_identity); - -/*! - * \param out_ccache on exit, a new ccache object containing an initial credential - * for the client identity \a in_identity obtained using in_keytab. - * Must be freed with kim_ccache_free(). - * \param in_identity a client identity to obtain a credential for. Specify NULL for - * the first client identity in the keytab. - * \param in_options options to control credential acquisition. - * \param in_keytab a path to a keytab. Specify NULL for the default keytab location. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Acquire a new initial credential from a keytab and store it in a ccache. - */ -kim_error kim_ccache_create_from_keytab (kim_ccache *out_ccache, - kim_identity in_identity, - kim_options in_options, - kim_string in_keytab); - -/*! - * \param out_ccache on exit, a ccache object for the default ccache. - * Must be freed with kim_ccache_free(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the default ccache. - */ -kim_error kim_ccache_create_from_default (kim_ccache *out_ccache); - -/*! - * \param out_ccache on exit, a ccache object for the ccache identified by - * \a in_display_name. Must be freed with kim_ccache_free(). - * \param in_display_name a ccache display name string (ie: "TYPE:NAME"). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \note This API is used to obtain a kim_ccache for a ccache name entered by the user. - * \brief Get a ccache for a ccache display name. - */ -kim_error kim_ccache_create_from_display_name (kim_ccache *out_ccache, - kim_string in_display_name); - -/*! - * \param out_ccache on exit, a ccache object for the ccache identified by - * \a in_type and \a in_name. Must be freed with kim_ccache_free(). - * \param in_type a ccache type string. - * \param in_name a ccache name string. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \note This API is provided for backwards compatibilty with applications which are not - * KIM-aware and should be avoided whenever possible. - * \brief Get a ccache for a ccache type and name. - */ -kim_error kim_ccache_create_from_type_and_name (kim_ccache *out_ccache, - kim_string in_type, - kim_string in_name); - -/*! - * \param out_ccache on exit, a new ccache object which is a copy of in_krb5_ccache. - * Must be freed with kim_ccache_free(). - * \param in_krb5_context the krb5 context used to create \a in_krb5_ccache. - * \param in_krb5_ccache a krb5 ccache object. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get a ccache for a krb5 ccache. - */ -kim_error kim_ccache_create_from_krb5_ccache (kim_ccache *out_ccache, - krb5_context in_krb5_context, - krb5_ccache in_krb5_ccache); - -/*! - * \param out_ccache on exit, the new ccache object which is a copy of in_ccache. - * Must be freed with kim_ccache_free(). - * \param in_ccache a ccache object. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Copy a ccache. - */ -kim_error kim_ccache_copy (kim_ccache *out_ccache, - kim_ccache in_ccache); - -/*! - * \param in_ccache a ccache object. - * \param in_compare_to_ccache a ccache object. - * \param out_comparison on exit, a comparison of \a in_ccache and - * \a in_compare_to_ccache which determines whether - * or not the two ccache objects refer to the same ccache. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Compare ccache objects. - */ -kim_error kim_ccache_compare (kim_ccache in_ccache, - kim_ccache in_compare_to_ccache, - kim_comparison *out_comparison); - -/*! - * \param in_ccache a ccache object. - * \param in_krb5_context a krb5 context which will be used to create out_krb5_ccache. - * \param out_krb5_ccache on exit, a new krb5 ccache object which is a copy of in_ccache. - * Must be freed with krb5_cc_close() or krb5_cc_destroy(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get a krb5 ccache for a ccache. - */ -kim_error kim_ccache_get_krb5_ccache (kim_ccache in_ccache, - krb5_context in_krb5_context, - krb5_ccache *out_krb5_ccache); - -/*! - * \param in_ccache a ccache object. - * \param out_name on exit, the name string of \a in_ccache. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the name of a ccache. - */ -kim_error kim_ccache_get_name (kim_ccache in_ccache, - kim_string *out_name); - -/*! - * \param in_ccache a ccache object. - * \param out_type on exit, the type string of \a in_ccache. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the type of a ccache. - */ -kim_error kim_ccache_get_type (kim_ccache in_ccache, - kim_string *out_type); - -/*! - * \param in_ccache a ccache object. - * \param out_display_name on exit, the type and name of \a in_ccache in a format appropriate for - * display to the user in command line programs. (ie: "<type>:<name>") - * Must be freed with kim_string_free(). - * Note: this string can also be passed to krb5_cc_resolve(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the type and name for a ccache in display format. - */ -kim_error kim_ccache_get_display_name (kim_ccache in_ccache, - kim_string *out_display_name); - -/*! - * \param in_ccache a ccache object. - * \param out_client_identity on exit, an identity object containing the client identity of - * \a in_ccache. Must be freed with kim_identity_free(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the client identity for a ccache. - */ -kim_error kim_ccache_get_client_identity (kim_ccache in_ccache, - kim_identity *out_client_identity); - -/*! - * \param in_ccache a ccache object. - * \param out_credential on exit, the first valid credential in \a in_ccache. - * Must be freed with kim_credential_free(). Set to NULL - * if you only want return value, not the actual credential. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the first valid credential in a ccache. - * \note This function prefers valid TGT credentials. If there are only non-valid TGTs - * in the ccache, it will always return an error. However, if there are no - * TGTs at all, it will return the first valid non-TGT credential. If you only want - * TGTs, use kim_credential_is_tgt() to verify that \a out_credential is a tgt. - */ -kim_error kim_ccache_get_valid_credential (kim_ccache in_ccache, - kim_credential *out_credential); - -/*! - * \param in_ccache a ccache object. - * \param out_state on exit, the state of the credentials in \a in_ccache. - * See #kim_credential_state_enum for the possible values - * of \a out_state. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Check the state of the credentials in a ccache (valid, expired, postdated, etc). - * \note This function prefers TGT credentials. If there are any TGTs in the - * ccache, it will always return their state. However, if there are no - * TGTs at all, it will return the state of the first non-TGT credential. - */ -kim_error kim_ccache_get_state (kim_ccache in_ccache, - kim_credential_state *out_state); - -/*! - * \param in_ccache a ccache object. - * \param out_start_time on exit, the time when the credentials in \a in_ccache - * become valid. May be in the past or future. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the time when the credentials in the ccache become valid. - */ -kim_error kim_ccache_get_start_time (kim_ccache in_ccache, - kim_time *out_start_time); - -/*! - * \param in_ccache a ccache object. - * \param out_expiration_time on exit, the time when the credentials in - * \a in_ccache will expire. May be in the past or future. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the time when the credentials in the ccache will expire. - */ -kim_error kim_ccache_get_expiration_time (kim_ccache in_ccache, - kim_time *out_expiration_time); - -/*! - * \param in_ccache a ccache object. - * \param out_renewal_expiration_time on exit, the time when the credentials in \a in_ccache - * will no longer be renewable. May be in the past or future. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the time when the credentials in the ccache will no longer be renewable. - */ -kim_error kim_ccache_get_renewal_expiration_time (kim_ccache in_ccache, - kim_time *out_renewal_expiration_time); - -/*! - * \param in_ccache a ccache object. - * \param out_options on exit, an options object reflecting the ticket - * options of the credentials in \a in_ccache. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get a kim_options object based on a ccache's credential attributes. - */ -kim_error kim_ccache_get_options (kim_ccache in_ccache, - kim_options *out_options); - -/*! - * \param io_ccache a ccache object which will be set to the default ccache. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \note This API is provided for backwards compatibilty with applications which are not - * KIM-aware and should be avoided whenever possible. - * \brief Set a ccache to the default ccache. - */ -kim_error kim_ccache_set_default (kim_ccache io_ccache); - -/*! - * \param in_ccache a ccache object containing the TGT credential to be verified. - * \param in_service_identity a service identity to look for in the keytab. Specify - * KIM_IDENTITY_ANY to use the default service identity - * (usually host/<host's FQDN>@<host's local realm>). - * \param in_keytab a path to a keytab. Specify NULL for the default keytab location. - * \param in_fail_if_no_service_key whether or not the absence of a key for \a in_service_identity - * in the host's keytab will cause a failure. - * \note specifying FALSE for \a in_fail_if_no_service_key may expose the calling program to - * the Zanarotti attack if the host has no keytab installed. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Verify the TGT in a ccache. - */ -kim_error kim_ccache_verify (kim_ccache in_ccache, - kim_identity in_service_identity, - kim_string in_keytab, - kim_boolean in_fail_if_no_service_key); - -/*! - * \param in_ccache a ccache object containing a TGT to be renewed. - * \param in_options initial credential options to be used if a new credential is obtained. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Renew the TGT in a ccache. - */ -kim_error kim_ccache_renew (kim_ccache in_ccache, - kim_options in_options); - -/*! - * \param in_ccache a ccache object containing a TGT to be validated. - * \param in_options initial credential options. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Validate the TGT in a ccache. - */ -kim_error kim_ccache_validate (kim_ccache in_ccache, - kim_options in_options); - -/*! - * \param io_ccache a ccache object to be destroyed. Set to NULL on exit. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Remove a ccache from the cache collection. - * \note Frees memory associated with the ccache. Do not call kim_ccache_free() - * after calling this function. - */ -kim_error kim_ccache_destroy (kim_ccache *io_ccache); - -/*! - * \param io_ccache a ccache object to be freed. Set to NULL on exit. - * \brief Free memory associated with a ccache. - */ -void kim_ccache_free (kim_ccache *io_ccache); - -/*!@}*/ - -#ifdef __cplusplus -} -#endif - -#endif /* KIM_CCACHE_H */ diff --git a/src/include/kim/kim_credential.h b/src/include/kim/kim_credential.h deleted file mode 100644 index bf065a8d2..000000000 --- a/src/include/kim/kim_credential.h +++ /dev/null @@ -1,569 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright 2005-2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_CREDENTIAL_H -#define KIM_CREDENTIAL_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include <kim/kim_types.h> -#include <krb5.h> - -/*! - * \addtogroup kim_types_reference - * @{ - */ - -/*! - * Possible credential states. Credentials may be: - * \li valid - The credential can be used. - * \li expired - The credential's lifetime has been exceeded. - * \li not_yet_valid - The credential is post dated and the time when - * it becomes valid has not yet been reached. - * \li needs_validation - The credential is post-dated and although - * the time when it becomes valid has been reached - * it has not yet been validated. - * \li address_mismatch - The credential contains IP address(es) which do - * not match the host's local address(es). - */ -enum kim_credential_state_enum { - kim_credentials_state_valid = 0, - kim_credentials_state_expired = 1, - kim_credentials_state_not_yet_valid = 2, - kim_credentials_state_needs_validation = 3, - kim_credentials_state_address_mismatch = 4 -}; - -/*! - * The state of a credential. See #kim_credential_state_enum for - * possible values. - */ -typedef int kim_credential_state; - -/*! @} */ - -/*! - * \page kim_credential_overview KIM Credential Overview - * - * \section kim_credential_introduction Introduction - * - * A Kerberos credential (also called a "Kerberos ticket") is a time-limited - * token issued by a KDC which authenticates the entity named by the credential's - * client identity to the service named by the credential's service identity. - * - * The kim_credential object contains a single Kerberos credential. KIM credentials - * objects are always copies of credentials, not references to credentials - * stored in the cache collection. Modifying credential objects in the ccache - * collection will not change any existing KIM credential objects. - * - * KIM credential APIs are intended for applications and system - * tools which manage credentials for the user. They are not a substitute for - * krb5 and GSSAPI functions which obtain service credentials for the purpose - * of authenticating a client to an application server. - * - * \note Many of the APIs listed below have equivalent functions which - * operate on ccaches. In most cases applications will want to use the - * ccache versions of these APIs since they automatically store any - * newly created credentials. See \ref kim_ccache_overview for more - * information. - * - * - * \section kim_credential_acquire_new Acquiring New Credentials - * - * KIM provides the #kim_credential_create_new() API for acquiring new - * credentials. Credentials can either be obtained for a specific - * client identity or by specifying #KIM_IDENTITY_ANY to allow - * the user to choose. Typically callers of this API obtain the client - * identity using #kim_selection_hints_get_identity(). Depending on the - * kim_options specified, #kim_credential_create_new() may present a - * GUI or command line prompt to obtain information from the user. - * - * For legacy password-based Kerberos environments KIM also provides - * #kim_credential_create_new_with_password(). You should not use this - * function unless you know that it will only be used in environments using - * passwords. Otherwise users without passwords may be prompted for them. - * - * KIM provides the #kim_credential_create_from_keytab() to create credentials - * using a keytab. A keytab is an on-disk copy of a client identity's secret - * key. Typically sites use keytabs for client identities that identify a - * machine or service and protect the keytab with disk permissions. Because - * a keytab is sufficient to obtain credentials, keytabs will normally only - * be readable by root, Administrator or some other privileged account. - * Typically applications use credentials obtained from keytabs to obtain - * credentials for batch processes. These keytabs and credentials are usually - * for a special identity used for the batch process rather than a user - * identity. - * - * - * \section kim_credential_validate Validating Credentials - * - * A credential with a start time in the future (ie: after the issue date) - * is called a post-dated credential. Because the KDC administrator may - * wish to disable a identity, once the start time is reached, all post-dated - * credentials must be validated before they can be used. Otherwise an - * attacker using a compromised account could acquire lots of post-dated - * credentials to circumvent the acccount being disabled. - * - * KIM provides the #kim_credential_validate() API to validate a credential. - * Note that this API replaces the credential object with a new validated - * credential object. If you wish to store the new credential in the - * ccache collection you must either call #kim_credential_store() on the - * validated credential or use #kim_ccache_validate() instead. - * - * - * \section kim_credential_renew Renewing Credentials - * - * A renewable credential can be used to obtain a new identical credential - * without resending secret information (such as a password) to the KDC. - * A credential may only be renewed during its renewal lifetime and while - * valid. - * - * KIM provides the #kim_credential_renew() API to renew a credential. - * Note that this API replaces the credential object with a new renewed - * credential object. If you wish to store the new credential in the - * ccache collection you must either call #kim_credential_store() on the - * renewed credential or use #kim_ccache_renew() instead. - * - * - * \section kim_credential_storing Storing Credentials in the Cache Collection - * - * KIM credential objects may be stored in the ccache collection using - * #kim_credential_store(). This function runs any KIM authentication - * plugins on the credential and if the plugins return successfully, creates a - * new ccache for the credential's client identity in the cache collection - * and stores the credential in that ccache. Any existing ccaches and credentials - * for that client identity will be overwritten. #kim_credential_store() may - * optionally return a kim_ccache object for the new ccache if you need to perform - * further operations on the new ccache. - * - * Most of the time if you plan to store the credentials you are manipulating, you - * should use one of KIM ccache APIs. These functions perform the same operations - * except that they also call #kim_credential_store() any time the credential object - * changes. See \ref kim_ccache_overview for more information. - * - * - * \section kim_credential_iterator Iterating over the Credentials in a CCache - * - * KIM provides a simple iterator API for iterating over the credentials - * in a ccache. First, call #kim_credential_iterator_create() to obtain - * an iterator for a ccache. Then loop calling #kim_credential_iterator_next() - * until either you find the credential you are looking for or the API - * returns a NULL credential, indicating that there are no more - * credentials in the ccache. When you are done with the iterator, call - * #kim_credential_iterator_free(). - * - * \note #kim_credential_iterator_next() returns credential objects which - * must be freed with #kim_credential_free() to avoid leaking memory. - * - * - * \section kim_credential_verify Verifying Credentials - * - * When a program acquires TGT credentials for the purpose of authenticating - * itself to the machine it is running on, it is insufficient for the machine - * to assume that the caller is authorized just because it got credentials. - * Instead, the credentials must be verified using a key the local machine. - * The reason this is necessary is because an attacker can trick the - * machine into obtaining credentials from any KDC, including malicious ones - * with the same realm name as the local machine's realm. This exploit is - * called the Zanarotti attack. - * - * In order to avoid the Zanarotti attack, the local machine must authenticate - * the process in the same way an application server would authenticate a client. - * Like an application server, the local machine must have its own identity in - * its realm and a keytab for that identity on its local disk. However, - * rather than forcing system daemons to use the network-oriented calls in the - * krb5 and GSS APIs, KIM provides the #kim_credential_verify() API to - * verify credentials directly. - * - * The most common reason for using #kim_credential_verify() is user login. - * If the local machine wants to use Kerberos to verify the username and password - * provided by the user, it must call #kim_credential_verify() on the credentials - * it obtains to make sure they are really from a KDC it trusts. Another common - * case is a server which is only using Kerberos internally. For example an - * LDAP or web server might use a username and password obtained over the network - * to get Kerberos credentials. In order to make sure they aren't being tricked - * into talking to the wrong KDC, these servers must also call - * #kim_credential_verify(). - * - * The Zanarotti attack is only a concern if the act of accessing the machine - * gives the process special access. Thus a managed cluster machine with - * Kerberos-authenticated networked home directories does not need to call - * #kim_credential_verify(). Even though an attacker can log in as any user on - * the cluster machine, the attacker can't actually access any of the user's data - * or use any of their privileges because those are all authenticated via - * Kerberized application servers (and thus require actually having credentials - * for the real local realm). - * - * #kim_credential_verify() provides an option to - * return success even if the machine's host key is not present. This option - * exists for sites which have a mix of different machines, some of which are - * vulnerable to the Zanarotti attack and some are not. If this option is used, - * it is the responsiblity of the machine's maintainer to obtain a keytab - * for their machine if it needs one. - * - * - * \section kim_credential_properties Examining Credential Properties - * - * \li #kim_credential_get_client_identity() - * returns the credential's client identity. - * - * \li #kim_credential_get_service_identity() - * returns the credential's service identity. - * - * \li #kim_credential_is_tgt() - * returns whether the credential is a TGT (ie: "ticket-granting ticket"). TGTs are - * credentials for the krbtgt service: a service identity of the form "krbtgt/<REALM>@<REALM>". - * These credentials allow the entity named by the client identity to obtain - * additional service credentials without resending shared secrets (such as a password) - * to the KDC. Kerberos uses TGTs to provide single sign-on authentication. - * - * \li #kim_credential_get_state() - * returns a #kim_credential_state containing the state of the credential. - * Possible values are: - * * kim_credentials_state_valid - * * kim_credentials_state_expired - * * kim_credentials_state_not_yet_valid - * * kim_credentials_state_needs_validation - * * kim_credentials_state_address_mismatch - * - * \li #kim_credential_get_start_time() - * returns when the credential will become valid. - * Credentials may be "post-dated" which means that their lifetime starts sometime - * in the future. Note that when a post-dated credential's start time is reached, - * the credential must be validated. See \ref kim_credential_validate for more information. - * - * \li #kim_credential_get_expiration_time() - * returns when the credential will expire. - * Credentials are time limited by the lifetime of the credential. While you can - * request a credential of any lifetime, the KDC limits the credential lifetime - * to a administrator-defined maximum. Typically credential lifetime range from 10 - * to 21 hours. - * - * \li #kim_credential_get_renewal_expiration_time() - * returns when the credential will no longer be renewable. - * Valid credentials may be renewed up until their renewal expiration time. - * Renewing credentials acquires a fresh set of credentials with a full lifetime - * without resending secrets to the KDC (such as a password). If credentials are - * not renewable, this function will return a renewal expiration time of 0. - * - * \li #kim_credential_get_options() - * returns a kim_options object with the credential options of the - * credential. This function is intended to be used when adding - * an identity with existing credentials to the favorite identities list. - * By passing in the options returned by this call, future requests for the - * favorite identity will use the same credential options. - * - * - * See \ref kim_credential_reference and \ref kim_credential_iterator_reference for - * information on specific APIs. - */ - -/*! - * \defgroup kim_credential_iterator_reference KIM Credential Iterator Reference Documentation - * @{ - */ - -/*! - * \param out_credential_iterator on exit, a credential iterator object for \a in_ccache. - * Must be freed with kim_credential_iterator_free(). - * \param in_ccache a ccache object. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get a credential iterator to enumerate credentials in a ccache. - */ - -kim_error kim_credential_iterator_create (kim_credential_iterator *out_credential_iterator, - kim_ccache in_ccache); - -/*! - * \param in_credential_iterator a credential iterator object. - * \param out_credential on exit, the next credential in the ccache iterated by - * \a in_credential_iterator. Must be freed with - * kim_credential_free(). If there are no more credentials - * this argument will be set to NULL. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the next credential in a ccache. - */ - -kim_error kim_credential_iterator_next (kim_credential_iterator in_credential_iterator, - kim_credential *out_credential); - -/*! - * \param io_credential_iterator a credential iterator object to be freed. Set to NULL on exit. - * \brief Free memory associated with a credential iterator. - */ -void kim_credential_iterator_free (kim_credential_iterator *io_credential_iterator); - -/*!@}*/ - -/*! - * \defgroup kim_credential_reference KIM Credential Reference Documentation - * @{ - */ - -/*! - * \param out_credential on exit, a new credential object containing a newly acquired - * initial credential. Must be freed with kim_credential_free(). - * \param in_client_identity a client identity to obtain a credential for. Specify NULL to - * allow the user to choose the identity - * \param in_options options to control credential acquisition. - * \note #kim_credential_create_new() may - * present a GUI or command line prompt to obtain information from the user. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Acquire a new initial credential. - * \sa kim_ccache_create_new - */ -kim_error kim_credential_create_new (kim_credential *out_credential, - kim_identity in_client_identity, - kim_options in_options); - -/*! - * \param out_credential on exit, a new credential object containing a newly acquired - * initial credential. Must be freed with kim_credential_free(). - * \param in_client_identity a client identity to obtain a credential for. Specify NULL to - * allow the user to choose the identity - * \param in_options options to control credential acquisition. - * \param in_password a password to be used while obtaining the credential. - * \note #kim_credential_create_new_with_password() exists to support - * legacy password-based Kerberos environments. You should not use this - * function unless you know that it will only be used in environments using passwords. - * This function may also present a GUI or command line prompt to obtain - * additional information needed to obtain credentials (eg: SecurID pin). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Acquire a new initial credential using the provided password. - * \sa kim_ccache_create_new - */ -kim_error kim_credential_create_new_with_password (kim_credential *out_credential, - kim_identity in_client_identity, - kim_options in_options, - kim_string in_password); - -/*! - * \param out_credential on exit, a new credential object containing an initial credential - * for \a in_identity obtained using \a in_keytab. - * Must be freed with kim_credential_free(). - * \param in_identity a client identity to obtain a credential for. Specify NULL for - * the first identity in the keytab. - * \param in_options options to control credential acquisition. - * \param in_keytab a path to a keytab. Specify NULL for the default keytab location. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Acquire a new initial credential from a keytab. - * \sa kim_ccache_create_from_keytab - */ -kim_error kim_credential_create_from_keytab (kim_credential *out_credential, - kim_identity in_identity, - kim_options in_options, - kim_string in_keytab); - -/*! - * \param out_credential on exit, a new credential object which is a copy of \a in_krb5_creds. - * Must be freed with kim_credential_free(). - * \param in_krb5_context the krb5 context used to create \a in_krb5_creds. - * \param in_krb5_creds a krb5 credential object. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Copy a credential from a krb5 credential object. - */ -kim_error kim_credential_create_from_krb5_creds (kim_credential *out_credential, - krb5_context in_krb5_context, - krb5_creds *in_krb5_creds); - -/*! - * \param out_credential on exit, a new credential object which is a copy of \a in_credential. - * Must be freed with kim_credential_free(). - * \param in_credential a credential object. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Copy a credential object. - */ -kim_error kim_credential_copy (kim_credential *out_credential, - kim_credential in_credential); - -/*! - * \param in_credential a credential object. - * \param in_krb5_context a krb5 context which will be used to create \a out_krb5_creds. - * \param out_krb5_creds on exit, a new krb5 creds object which is a copy of \a in_credential. - * Must be freed with krb5_free_creds(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get a krb5 credentials object for a credential object. - */ -kim_error kim_credential_get_krb5_creds (kim_credential in_credential, - krb5_context in_krb5_context, - krb5_creds **out_krb5_creds); - -/*! - * \param in_credential a credential object. - * \param out_client_identity on exit, an identity object containing the client identity of - * \a in_credential. Must be freed with kim_identity_free(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the client identity of a credential object. - */ -kim_error kim_credential_get_client_identity (kim_credential in_credential, - kim_identity *out_client_identity); - -/*! - * \param in_credential a credential object. - * \param out_service_identity on exit, an identity object containing the service identity of - * \a in_credential. Must be freed with kim_identity_free(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the service identity of a credential object. - */ -kim_error kim_credential_get_service_identity (kim_credential in_credential, - kim_identity *out_service_identity); - -/*! - * \param in_credential a credential object. - * \param out_is_tgt on exit, whether or not the credential is a TGT. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Check if a credential is a ticket granting ticket. - */ -kim_error kim_credential_is_tgt (kim_credential in_credential, - kim_boolean *out_is_tgt); - -/*! - * \param in_credential a credential object. - * \param out_state on exit, the state of the credential. See #kim_credential_state_enum - * for the possible values of \a out_state. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Check the state of a credential (valid, expired, postdated, etc). - */ -kim_error kim_credential_get_state (kim_credential in_credential, - kim_credential_state *out_state); - -/*! - * \param in_credential a credential object. - * \param out_start_time on exit, the time when \a in_credential becomes valid. - * May be in the past or future. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the time when the credentials become valid. - * \sa kim_ccache_get_start_time - */ -kim_error kim_credential_get_start_time (kim_credential in_credential, - kim_time *out_start_time); - -/*! - * \param in_credential a credential object. - * \param out_expiration_time on exit, the time when \a in_credential will expire. - * May be in the past or future. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the time when the credentials will expire. - * \sa kim_ccache_get_expiration_time - */ -kim_error kim_credential_get_expiration_time (kim_credential in_credential, - kim_time *out_expiration_time); - -/*! - * \param in_credential a credential object. - * \param out_renewal_expiration_time on exit, the time when \a in_credential will no longer - * be renewable. May be in the past or future. If - * credentials are not renewable at all, returns 0. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the time when the credentials will no longer be renewable. - * \sa kim_ccache_get_renewal_expiration_time - */ -kim_error kim_credential_get_renewal_expiration_time (kim_credential in_credential, - kim_time *out_renewal_expiration_time); - -/*! - * \param in_credential a credential object. - * \param out_options on exit, an options object reflecting the ticket - * options of \a in_credential. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get a kim_options object based on a credential's attributes. - */ -kim_error kim_credential_get_options (kim_credential in_credential, - kim_options *out_options); - -/*! - * \param in_credential a credential object. - * \param in_client_identity a client identity. - * \param out_ccache on exit, a ccache object containing \a in_credential with the client - * identity \a in_client_identity. Must be freed with kim_ccache_free(). - * Specify NULL if you don't want this return value. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Store a credential in a ccache in the cache collection. - */ -kim_error kim_credential_store (kim_credential in_credential, - kim_identity in_client_identity, - kim_ccache *out_ccache); - -/*! - * \param in_credential a TGT credential to be verified. - * \param in_service_identity a service identity to look for in the keytab. Specify - * KIM_IDENTITY_ANY to use the default service identity - * (usually host/<host's FQDN>@<host's local realm>). - * \param in_keytab a path to a keytab. Specify NULL for the default keytab location. - * \param in_fail_if_no_service_key whether or not the absence of a key for \a in_service_identity - * in the host's keytab will cause a failure. - * \note specifying FALSE for \a in_fail_if_no_service_key may expose the calling program to - * the Zanarotti attack if the host has no keytab installed. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Verify a TGT credential. - * \sa kim_ccache_verify - */ -kim_error kim_credential_verify (kim_credential in_credential, - kim_identity in_service_identity, - kim_string in_keytab, - kim_boolean in_fail_if_no_service_key); - -/*! - * \param io_credential a TGT credential to be renewed. On exit, the old credential - * object will be freed and \a io_credential will be replaced - * with a new renewed credential. The new credential must be freed - * with kim_credential_free(). - * \param in_options initial credential options. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Renew a TGT credential. - * \sa kim_ccache_renew - */ -kim_error kim_credential_renew (kim_credential *io_credential, - kim_options in_options); - -/*! - * \param io_credential a credential object to be validated. On exit, the old credential - * object will be freed and \a io_credential will be replaced - * with a new validated credential. The new credential must be freed - * with kim_credential_free(). - * \param in_options initial credential options. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Validate a TGT credential. - * \sa kim_ccache_validate - */ -kim_error kim_credential_validate (kim_credential *io_credential, - kim_options in_options); - -/*! - * \param io_credential the credential object to be freed. Set to NULL on exit. - * \brief Free memory associated with a credential object. - */ -void kim_credential_free (kim_credential *io_credential); - -/*!@}*/ - - -#ifdef __cplusplus -} -#endif - -#endif /* KIM_CREDENTIAL_H */ diff --git a/src/include/kim/kim_identity.h b/src/include/kim/kim_identity.h deleted file mode 100644 index caed0524a..000000000 --- a/src/include/kim/kim_identity.h +++ /dev/null @@ -1,287 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright 2005-2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_IDENTITY_H -#define KIM_IDENTITY_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include <kim/kim_types.h> -#include <krb5.h> -#include <gssapi/gssapi.h> - -/*! - * \ingroup kim_types_reference - * Constant to specify any Kerberos identity is acceptable. - */ -#define KIM_IDENTITY_ANY ((kim_identity) NULL) - -/*! - * \page kim_identity_overview KIM Identity Overview - * - * \section kim_identity_introduction Introduction - * - * Identities in Kerberos are named by "principals". These identies may be people (users) - * or services (a server running on a host). When Kerberos issues credentials which - * authenticate one identity to another, the identity being authenticated is called - * the "client identity" and the identity being authenticated to is called the - * "service identity". - * - * Kerberos identities are made up of one or more components, as well as the Kerberos realm - * the entity belongs to. For client identities the first component is usually the client - * username (eg: "jdoe"). For service identities the first component is the name of the - * service (eg: "imap"). - * - * Kerberos identities have both a binary (opaque) representation and also a string - * representation. The string representation consists of the components separated by '/' - * followed by an '@' and then the realm. For example, the identity "jdoe/admin@EXAMPLE.COM" - * represents John Doe's administrator identity at the realm EXAMPLE.COM. Note that - * identity components may contain both '/' and '@' characters. When building a - * identity from its string representation these syntactic characters must be escaped - * with '\'. - * - * - * \section kim_identity_create_display Creating and Displaying Identities - * - * KIM Identities can be generated from components, their escaped string representation - * or from a krb5_principal. Once you have a KIM identity object, you can also get - * the component, string or krb5_principal representations back out: - * - * \li #kim_identity_create_from_components() creates an identity object from a list of components. - * \li #kim_identity_get_number_of_components() returns the number of components in an identity object. - * \li #kim_identity_get_component_at_index() return a component of an identity object. - * \li #kim_identity_get_realm() returns the identity's realm. - * - * \li #kim_identity_create_from_string() generates an identity object from an escaped string representation. - * \li #kim_identity_get_string() returns the identity's escaped string representation. - * \li #kim_identity_get_display_string() returns a non-escaped string for display to the user. - * This string cannot be passed into #kim_identity_create_from_string(). - * - * \li #kim_identity_create_from_krb5_principal() generates an identity object from a krb5_principal object. - * \li #kim_identity_get_krb5_principal() returns a krb5_principal object for an identity object. - * - * \note If you need to know if two identity objects refer to the same entity, use #kim_identity_compare(). - * - * - * \section kim_identity_selection Choosing a Client Identity - * - * Unfortunately most of the time applications don't know what client identity to use. - * Users may have identities for multiple Kerberos realms, as well as multiple identities - * in a single realm (such as a user and administrator identity). - * - * To solve this problem, #kim_selection_hints_get_identity() takes information - * from the application in the form of a selection hints object and returns the best - * matching client identity, if one is available. See \ref kim_selection_hints_overview - * for more information. - * - * - * \section kim_identity_password Changing a Identity's Password - * - * Many Kerberos sites use passwords for user accounts. Because passwords may be - * stolen or compromised, they must be frequently changed. KIM provides APIs to - * change the identity's password directly, and also handles changing the identity's - * password when it has expired. - * - * #kim_identity_change_password() presents a user interface to obtain the old and - * new passwords from the user. - * - * \note Not all identities have a password. Some sites use certificates (pkinit) - * and in the future there may be other authentication mechanisms (eg: smart cards). - * - * See \ref kim_identity_reference for information on specific APIs. - */ - -/*! - * \defgroup kim_identity_reference KIM Identity Reference Documentation - * @{ - */ - -/*! - * \param out_identity on exit, a new identity object. Must be freed with kim_identity_free(). - * \param in_string a string representation of a Kerberos identity. - * Special characters such as '/' and '@' must be escaped with '\'. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Create a identity from a string. - */ -kim_error kim_identity_create_from_string (kim_identity *out_identity, - kim_string in_string); - -/*! - * \param out_identity on exit, a new identity object. Must be freed with kim_identity_free(). - * \param in_realm a string representation of a Kerberos realm. - * \param in_1st_component a string representing the first component of the identity. - * \param ... zero or more strings of type kim_string_t representing additional components - * of the identity followed by a terminating NULL. Components will be assembled in - * order (ie: the 4th argument to kim_identity_create_from_components() will be - * the 2nd component of the identity). - * \note The last argument must be a NULL or kim_identity_create_from_components() may crash. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Create a identity from a realm and component strings. - */ -kim_error kim_identity_create_from_components (kim_identity *out_identity, - kim_string in_realm, - kim_string in_1st_component, - ...); - -/*! - * \param out_identity on exit, a new identity object which is a copy of \a in_krb5_principal. - * Must be freed with kim_identity_free(). - * \param in_krb5_context the krb5 context used to create \a in_krb5_principal. - * \param in_krb5_principal a krb5 principal object. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Create an identity object from a krb5_principal. - */ -kim_error kim_identity_create_from_krb5_principal (kim_identity *out_identity, - krb5_context in_krb5_context, - krb5_principal in_krb5_principal); - -/*! - * \param out_identity on exit, a new identity object which is a copy of \a in_identity. - * Must be freed with kim_identity_free(). - * \param in_identity an identity object. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Copy an identity object. - */ -kim_error kim_identity_copy (kim_identity *out_identity, - kim_identity in_identity); - - -/*! - * \param in_identity an identity object. - * \param in_compare_to_identity an identity object. - * \param out_comparison on exit, a comparison of \a in_identity and - * \a in_compare_to_identity which determines whether - * or not the two identities are equivalent and their - * sort order (for display to the user) if they are not. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Compare identity objects for equivalency. - */ -kim_error kim_identity_compare (kim_identity in_identity, - kim_identity in_compare_to_identity, - kim_comparison *out_comparison); -/*! - * \param in_identity an identity object. - * \param out_string on exit, a string representation of \a in_identity. - * Must be freed with kim_string_free(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the string representation of a identity. - * \note Special characters such as '@' and '/' will be escaped with '\'. - */ -kim_error kim_identity_get_string (kim_identity in_identity, - kim_string *out_string); - - -/*! - * \param in_identity an identity object. - * \param out_display_string on exit, a string representation of \a in_identity appropriate for - * display to the user. Must be freed with kim_string_free(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get a human-readable string representation of an identity. - * \note Special characters such as '/' and '@' are \em not escaped with '\'. As a result the - * string returned from this function cannot be used with kim_identity_create_from_string() - * because it does not uniquely specify a principal. - * The result of this function should \em only be used to display to the user. - */ -kim_error kim_identity_get_display_string (kim_identity in_identity, - kim_string *out_display_string); - -/*! - * \param in_identity an identity object. - * \param out_realm_string on exit, a string representation of \a in_identity's realm. - * Must be freed with kim_string_free(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the realm string of an identity. - */ -kim_error kim_identity_get_realm (kim_identity in_identity, - kim_string *out_realm_string); - -/*! - * \param in_identity an identity object. - * \param out_number_of_components on exit the number of components in \a in_identity. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the number of components of an identity. - */ -kim_error kim_identity_get_number_of_components (kim_identity in_identity, - kim_count *out_number_of_components); - -/*! - * \param in_identity an identity object. - * \param in_index the index of the desired component. Component indexes start at 0. - * \param out_component_string on exit, a string representation of the component in \a in_identity - * specified by \a in_index. Must be freed with kim_string_free(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the Nth component of an identity. - */ -kim_error kim_identity_get_component_at_index (kim_identity in_identity, - kim_count in_index, - kim_string *out_component_string); - -/*! - * \param in_identity an identity object. - * \param out_components on exit, a string of the non-realm components of \a in_identity - * separated by '/' characters. Must be freed with kim_string_free(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get a display string of the non-realm components of an identity. - */ -kim_error kim_identity_get_components_string (kim_identity in_identity, - kim_string *out_components); - -/*! - * \param in_identity an identity object. - * \param in_krb5_context a krb5 context object. - * \param out_krb5_principal on exit, a krb5_principal representation of \a in_identity - * allocated with \a in_krb5_context. Must be freed with - * krb5_free_principal() using \a in_krb5_context. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the krb5_principal representation of an identity. - */ -kim_error kim_identity_get_krb5_principal (kim_identity in_identity, - krb5_context in_krb5_context, - krb5_principal *out_krb5_principal); - -/*! - * \param in_identity an identity object whose password will be changed. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Change the password for an identity. - * \note kim_identity_change_password() will acquire a temporary credential to change - * the password. - */ -kim_error kim_identity_change_password (kim_identity in_identity); - -/*! - * \param io_identity the identity object to be freed. Set to NULL on exit. - * \brief Free memory associated with an identity. - */ -void kim_identity_free (kim_identity *io_identity); - -/*!@}*/ - -#ifdef __cplusplus -} -#endif - -#endif /* KIM_IDENTITY_H */ diff --git a/src/include/kim/kim_library.h b/src/include/kim/kim_library.h deleted file mode 100644 index c84063733..000000000 --- a/src/include/kim/kim_library.h +++ /dev/null @@ -1,84 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright 2005-2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - - -#ifndef KIM_LIBRARY_H -#define KIM_LIBRARY_H - -#include <kim/kim.h> - -/*! - * \defgroup kim_library_reference KIM Library Documentation - * @{ - */ - -/*! Do not present user interface */ -#define KIM_UI_ENVIRONMENT_NONE 0 -/*! Automatically determine what user interface is appropriate (default). */ -#define KIM_UI_ENVIRONMENT_AUTO 1 -/*! Present a graphical user interface */ -#define KIM_UI_ENVIRONMENT_GUI 2 -/*! Present a command line user interface */ -#define KIM_UI_ENVIRONMENT_CLI 3 - -/*! An integer describing the type of user interface to use. */ -typedef int kim_ui_environment; - -/*! - * \param in_ui_environment an integer value describing the type of user interface to use. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \note Set to KIM_UI_ENVIRONMENT_AUTO by default. - * \brief Tell KIM how to present UI from your application. - */ -kim_error kim_library_set_ui_environment (kim_ui_environment in_ui_environment); - -/*! - * \param in_allow_access a boolean containing whether or not to touch the user's home directory. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \note This API is usually used for Kerberos authenticated home directories to prevent a deadlock. - * \brief Tells KIM whether or not it is allowed to touch the user's home directory. - */ -kim_error kim_library_set_allow_home_directory_access (kim_boolean in_allow_access); - -/*! - * \param in_allow_automatic_prompting a boolean containing whether or not to prompt automatically. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Tells KIM whether or not it is allowed to automatically present user interface. - */ -kim_error kim_library_set_allow_automatic_prompting (kim_boolean in_allow_automatic_prompting); - -/*! - * \param in_application_name a string containing the localized name of your application. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \note On many operating systems KIM can determine the caller's application - * name automatically. This call exists for applications to use when those - * mechanisms fail or do not exist. - * \brief Set the name of your application for KIM to use for user interface. - */ -kim_error kim_library_set_application_name (kim_string in_application_name); - -/*!@}*/ - -#endif /* KIM_LIBRARY_H */ diff --git a/src/include/kim/kim_options.h b/src/include/kim/kim_options.h deleted file mode 100644 index 2b1343197..000000000 --- a/src/include/kim/kim_options.h +++ /dev/null @@ -1,432 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright 2005-2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_OPTIONS_H -#define KIM_OPTIONS_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include <kim/kim_types.h> - -/*! - * \addtogroup kim_types_reference - * @{ - */ - -/*! - * Specifies the user's default options. - */ -#define KIM_OPTIONS_DEFAULT ((kim_options) NULL) - -/*! - * Specifies that credentials should be valid immediately. - */ -#define KIM_OPTIONS_START_IMMEDIATELY ((kim_time_t) 0) - -/*! @} */ - -/*! - * \page kim_options_overview KIM Options Overview - * - * \section kim_options_introduction Introduction - * - * Kerberos Identity Management Options (kim_options_t) allows you to control how - * the Kerberos library obtains credentials. When the options structure is initialized with - * #kim_options_create(), each option is filled in with a default value which can then be modified - * with the kim_options_set_*() APIs. If you only want to use the default values, you may pass - * #KIM_OPTIONS_DEFAULT into any KIM function that takes a kim_options_t. - * - * KIM options fall into two major categories: options for controlling how credentials are - * acquired and options for controlling what properties the newly acquired credentials will have: - * - * \section kim_options_credential_properties Options for Controlling Credential Properties - * - * Kerberos credentials have a number of different properties which can be requested - * when credentials are acquired. These properties control when and for how long the - * credentials are valid and what you can do with them. - - * Note that setting these properties in the KIM options only changes what the Kerberos - * libraries \em request from the KDC. The KDC itself may choose not to honor your - * requested properties if they violate the site security policy. For example, most sites - * place an upper bound on how long credentials may be valid. If you request a credential - * lifetime longer than this upper bound, the KDC may return credentials with a shorter - * lifetime than you requested. - * - * \subsection kim_options_lifetimes Credential Lifetime - * - * Kerberos credentials have start time and a lifetime during which they are valid. - * Once the lifetime has passed, credentials "expire" and can no longer be used. - * - * The requested credential start time can be set with #kim_options_set_start_time() - * and examined with #kim_options_get_start_time(). The requested credential - * lifetime can be set with #kim_options_set_lifetime() and examined with - * #kim_options_get_lifetime(). - * - * \subsection kim_options_renewable Renewable Credentials - * - * Credentials with very long lifetimes are more convenient since the user does not - * have authenticate as often. Unfortunately they are also a higher security - * risk: if credentials are stolen they can be used until they expire. - * Credential renewal exists to compromise between these two conflicting goals. - * - * Renewable credentials are TGT credentials which can be used to obtain new - * TGT credentials without reauthenticating. By regularly renewing credentials - * the KDC has an opportunity to check to see if the client's credentials have been - * reported stolen and refuse to renew them. Renewable credentials have a "renewal - * lifetime" during which credentials can be renewed. This lifetime is relative - * to the original credential start time. If credentials are renewed shortly before - * the end of the renewal lifetime, their lifetime will be capped to the end of the - * renewal lifetime. - * - * Note that credentials must be valid to be renewed and therefore may not be - * an appropriate solution for all use cases. Sites which use renewable - * credentials often create helper processes running as the user which will - * automatically renew the user's credentials when they get close to expiration. - * - * Use #kim_options_set_renewable() to change whether or not the Kerberos libraries - * request renewable credentials and #kim_options_get_renewable() to find out the - * current setting. Use #kim_options_set_renewal_lifetime() to change the requested - * renewal lifetime and #kim_options_get_renewal_lifetime() to find out the current - * value. - * - * \subsection kim_options_addressless Addressless Credentials - * - * Traditionally Kerberos used the host's IP address as a mechanism to restrict - * the user's credentials to a specific host, thus making it harder to use stolen - * credentials. When authenticating to a remote service with credentials containing - * addresses, the remote service verifies that the client's IP address is one of the - * addresses listed in the credential. Unfortunately, modern network technologies - * such as NAT rewrite the IP address in transit, making it difficult to use - * credentials with addresses in them. As a result, most Kerberos sites now obtain - * addressless credentials. - * - * Use #kim_options_set_addressless() to change whether or not the Kerberos libraries - * request addressless credentials. Use #kim_options_get_addressless() to find out the - * current setting. - * - * \subsection kim_options_forwardable Forwardable Credentials - * - * Forwardable credentials are TGT credentials which can be forwarded to a service - * you have authenticated to. If the credentials contain IP addresses, the addresses - * are changed to reflect the service's IP address. Credential forwarding is most - * commonly used for Kerberos-authenticated remote login services. By forwarding - * TGT credentials through the remote login service, the user's credentials will - * appear on the remote host when the user logs in. - * - * The forwardable flag only applies to TGT credentials. - * - * Use #kim_options_set_forwardable() to change whether or not the Kerberos libraries - * request forwardable credentials. Use #kim_options_get_forwardable() to find out the - * current setting. - * - * \subsection kim_options_proxiable Proxiable Credentials - * - * Proxiable credentials are similar to forwardable credentials except that instead of - * forwarding the a TGT credential itself, a service credential is forwarded - * instead. Using proxiable credentials, a user can permit a service to perform - * a specific task as the user using one of the user's service credentials. - * - * Like forwardability, the proxiable flag only applies to TGT credentials. Unlike - * forwarded credentials, the IP address of proxiable credentials are not modified for - * the service when being proxied. This can be solved by also requesting addressless - * credentials. - * - * Use #kim_options_set_proxiable() to change whether or not the Kerberos libraries - * request proxiable credentials. Use #kim_options_get_proxiable() to find out the - * current setting. - * - * \subsection kim_options_service_name Service Name - * - * Normally users acquire TGT credentials (ie "ticket granting tickets") and then - * use those credentials to acquire service credentials. This allows Kerberos to - * provide single sign-on while still providing mutual authentication to services. - * However, sometimes you just want an initial credential for a service. KIM - * options allows you to set the service name with - * #kim_options_set_service_name() and query it with - * #kim_options_get_service_name(). - * - * See \ref kim_options_reference for information on specific APIs. - */ - -/*! - * \defgroup kim_options_reference KIM Options Reference Documentation - * @{ - */ - -/*! - * \param out_options on exit, a new options object. Must be freed with kim_options_free(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Create new options with default values. - */ -kim_error kim_options_create (kim_options *out_options); - -/*! - * \param out_options on exit, a new options object which is a copy of \a in_options. - * Must be freed with kim_options_free(). If passed KIM_OPTIONS_DEFAULT - * will set \a out_options to KIM_OPTIONS_DEFAULT. - * \param in_options a options object. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Copy options. - */ -kim_error kim_options_copy (kim_options *out_options, - kim_options in_options); - -/*! - * \param io_options an options object to modify. - * \param in_start_time a start date (in seconds since January 1, 1970). Set to - * #KIM_OPTIONS_START_IMMEDIATELY for the acquired credential to be valid - * immediately. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Set the date when a credential should become valid. - * \note When using a start time in the future, once the start time has been reached the credential - * must be validated before it can be used. - * \par Default value - * 0, indicating "now". The credential will be valid immediately. - * \sa kim_options_get_start_time(), kim_credential_validate(), kim_ccache_validate(), kim_identity_validate() - */ -kim_error kim_options_set_start_time (kim_options io_options, - kim_time in_start_time); - -/*! - * \param in_options an options object. - * \param out_start_time on exit, the start date (in seconds since January 1, 1970) specified by - * \a in_options. #KIM_OPTIONS_START_IMMEDIATELY indicates the credential - * will be valid immediately. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the date when a credential should become valid. - * \note When using a start time in the future, once the start time has been reached the credential - * must be validated before it can be used. - * \par Default value - * 0, indicating "now". The credential will be valid immediately. - * \sa kim_options_set_start_time(), kim_credential_validate(), kim_ccache_validate(), kim_identity_validate() - */ -kim_error kim_options_get_start_time (kim_options in_options, - kim_time *out_start_time); - -/*! - * \param io_options an options object to modify. - * \param in_lifetime a lifetime duration (in seconds). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Set the duration during which a credential should be valid. - * \note KDCs have a maximum allowed lifetime per identity (usually 10 to 21 hours). - * As a result the credential will actually have a lifetime which is the minimum of - * \a in_lifetime and the KDC's maximum allowed lifetime. - * \sa kim_options_get_lifetime() - * \par Default value - * Read from the user's preferences and the Kerberos configuration. 10 hours if unspecified. - */ -kim_error kim_options_set_lifetime (kim_options io_options, - kim_lifetime in_lifetime); - -/*! - * \param in_options an options object. - * \param out_lifetime on exit, the lifetime duration (in seconds) specified in \a in_options. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the duration during which an acquired credential should be valid. - * \note KDCs have a maximum allowed lifetime per identity (usually 10 to 21 hours). - * As a result the credential will actually have a lifetime which is the minimum of - * \a in_lifetime and the KDC's maximum allowed lifetime. - * \par Default value - * Read from the user's preferences and the Kerberos configuration. 10 hours if unspecified. - * \sa kim_options_set_lifetime() - */ -kim_error kim_options_get_lifetime (kim_options in_options, - kim_lifetime *out_lifetime); - -/*! - * \param io_options an options object to modify. - * \param in_renewable a boolean value indicating whether or not to request a renewable - * credential. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Set whether or not to request a renewable credential. - * \par Default value - * Read from the user's preferences and the Kerberos configuration. TRUE if unspecified. - * \sa kim_options_get_renewable() - */ -kim_error kim_options_set_renewable (kim_options io_options, - kim_boolean in_renewable); - -/*! - * \param in_options an options object. - * \param out_renewable on exit, a boolean value indicating whether or \a in_options will - * request a renewable credential. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get whether or not to request a renewable credential. - * \par Default value - * Read from the user's preferences and the Kerberos configuration. TRUE if unspecified. - * \sa kim_options_set_renewable() - */ -kim_error kim_options_get_renewable (kim_options in_options, - kim_boolean *out_renewable); - -/*! - * \param io_options an options object to modify. - * \param in_renewal_lifetime a renewal lifetime duration (in seconds). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Set the duration during which a valid credential should be renewable. - * \note KDCs have a maximum allowed renewal lifetime per identity (usually 10 to 21 hours). - * As a result the credential will actually have a lifetime which is the minimum of - * \a in_lifetime and the KDC's maximum allowed lifetime. - * \par Default value - * Read from the user's preferences and the Kerberos configuration. 7 days if unspecified. - * \sa kim_options_get_renewal_lifetime(), kim_identity_renew(), kim_credential_renew(), kim_ccache_renew() - */ -kim_error kim_options_set_renewal_lifetime (kim_options io_options, - kim_lifetime in_renewal_lifetime); - -/*! - * \param in_options an options object. - * \param out_renewal_lifetime on exit, the renewal lifetime duration (in seconds) specified - * in \a in_options. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the duration during which a valid credential should be renewable. - * \note KDCs have a maximum allowed lifetime per identity (usually 10 to 21 hours). - * As a result the credential will actually have a lifetime which is the minimum of - * \a in_lifetime and the KDC's maximum allowed lifetime. - * \par Default value - * Read from the user's preferences and the Kerberos configuration. 7 days if unspecified. - * \sa kim_options_set_renewal_lifetime(), kim_identity_renew(), kim_credential_renew(), kim_ccache_renew() - */ -kim_error kim_options_get_renewal_lifetime (kim_options in_options, - kim_lifetime *out_renewal_lifetime); - -/*! - * \param io_options an options object to modify. - * \param in_forwardable a boolean value indicating whether or not to request a forwardable - * credential. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Set whether or not to request a forwardable credential. - * \par Default value - * Read from the user's preferences and the Kerberos configuration. TRUE if unspecified. - * \sa kim_options_get_forwardable() - */ -kim_error kim_options_set_forwardable (kim_options io_options, - kim_boolean in_forwardable); - -/*! - * \param in_options an options object. - * \param out_forwardable on exit, a boolean value indicating whether or \a in_options will - * request a forwardable credential. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get whether or not to request a forwardable credential. - * \par Default value - * Read from the user's preferences and the Kerberos configuration. TRUE if unspecified. - * \sa kim_options_set_forwardable() - */ -kim_error kim_options_get_forwardable (kim_options in_options, - kim_boolean *out_forwardable); - -/*! - * \param io_options an options object to modify. - * \param in_proxiable a boolean value indicating whether or not to request a proxiable - * credential. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Set whether or not to request a proxiable credential. - * \par Default value - * Read from the user's preferences and the Kerberos configuration. TRUE if unspecified. - * \sa kim_options_get_proxiable() - */ -kim_error kim_options_set_proxiable (kim_options io_options, - kim_boolean in_proxiable); - -/*! - * \param in_options an options object. - * \param out_proxiable on exit, a boolean value indicating whether or \a in_options will - * request a proxiable credential. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get whether or not to request a proxiable credential. - * \par Default value - * Read from the user's preferences and the Kerberos configuration. TRUE if unspecified. - * \sa kim_options_set_proxiable() - */ -kim_error kim_options_get_proxiable (kim_options in_options, - kim_boolean *out_proxiable); - -/*! - * \param io_options an options object to modify. - * \param in_addressless a boolean value indicating whether or not to request an addressless - * credential. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Set whether or not to request an addressless credential. - * \par Default value - * Read from the user's preferences and the Kerberos configuration. TRUE if unspecified. - * \sa kim_options_get_addressless() - */ -kim_error kim_options_set_addressless (kim_options io_options, - kim_boolean in_addressless); - -/*! - * \param in_options an options object. - * \param out_addressless on exit, a boolean value indicating whether or \a in_options will - * request an addressless credential. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get whether or not to request an addressless credential. - * \par Default value - * Read from the user's preferences and the Kerberos configuration. TRUE if unspecified. - * \sa kim_options_set_addressless() - */ -kim_error kim_options_get_addressless (kim_options in_options, - kim_boolean *out_addressless); - -/*! - * \param io_options an options object to modify. - * \param in_service_name a service name. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Set the service name to request a credential for. - * \par Default value - * NULL, indicating "krbtgt@<REALM>", the ticket granting ticket (TGT) service. - * \sa kim_options_get_service_name() - */ -kim_error kim_options_set_service_name (kim_options io_options, - kim_string in_service_name); - -/*! - * \param in_options an options object. - * \param out_service_name on exit, the service name specified in \a in_options. - * Must be freed with kim_string_free(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the service name to request a credential for. - * \par Default value - * NULL, indicating "krbtgt@<REALM>", the ticket granting ticket (TGT) service. - * \sa kim_options_set_service_name() - */ -kim_error kim_options_get_service_name (kim_options in_options, - kim_string *out_service_name); - -/*! - * \param io_options the options object to be freed. Set to NULL on exit. - * \brief Free memory associated with an options object. - */ -void kim_options_free (kim_options *io_options); - -/*!@}*/ - -#ifdef __cplusplus -} -#endif - -#endif /* KIM_OPTIONS_H */ diff --git a/src/include/kim/kim_preferences.h b/src/include/kim/kim_preferences.h deleted file mode 100644 index fd3293319..000000000 --- a/src/include/kim/kim_preferences.h +++ /dev/null @@ -1,420 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright 2005-2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_PREFERENCES_H -#define KIM_PREFERENCES_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include <kim/kim_types.h> - -/*! - * \page kim_preferences_overview KIM Preferences Overview - * - * \section kim_preferences_introduction Introduction - * - * In addition to the site preferences stored in the Kerberos configuration, users may also - * want to have their own personal preferences for controlling credential acquisition. - * As a result, KIM provides user preferences for initial credential options and - * user interface behavior such as the default client identity and the favorite identities list. - * - * \section kim_preferences_edit Viewing and Editing the Preferences - * - * In order to view and edit the user's preferences, call #kim_preferences_create() to acquire a - * preferences object containing the user's preferences. You can examine preferences - * with the functions starting with "kim_preferences_get_" and change preferences with - * the functions starting with "kim_preferences_set_". Once you are done making changes, - * you can write changes back out to the user's preferences with #kim_preferences_synchronize(). - * - * \note The location of user preferences and the semantics of - * preference synchronization is platform-specific. Where possible KIM will use - * platform-specific preference mechanisms. - * - * \section kim_preferences_options Initial Credential Options Preferences - * - * KIM provides user preferences for initial credential options. These - * are the options #kim_options_create() will use when creating a new KIM - * options object. They are also the options specified by KIM_OPTIONS_DEFAULT. - * You can view and edit the initial credential options using - * #kim_preferences_get_options() and #kim_preferences_set_options(). - * - * \note Not all credential options in the kim_options_t object have corresponding - * user preferences. For example, the prompt callback function is not stored - * in the user preferences since it has no meaning outside of the current - * application. Some options which are not currently stored in the - * preferences may be stored there in the future. - * - * If you are implementing a user interface for credentials acquisition, - * you should be aware that KIM has a user preference to manage the initial - * credential options preferences. If the user successfully acquires credentials - * with non-default options and #kim_preferences_get_remember_options() is set - * to TRUE, you should store the options used to get credentials with - * #kim_preferences_set_options(). - * - * \section kim_preferences_client_identity Client Identity Preferences - * - * KIM also provides user preferences for the default client identity. - * This identity is used whenever KIM needs to display a graphical dialog for - * credential acquisition but does not know what client identity to use. - * You can view and edit the default client identity using - * #kim_preferences_get_client_identity() and - * #kim_preferences_set_client_identity(). - * - * If you are implementing a user interface for credentials acquisition, - * you should be aware that KIM has a user preference to manage - * the client identity preferences. If the user successfully acquires credentials - * with non-default options and #kim_preferences_get_remember_client_identity() is - * set to TRUE, you should store the client identity for which credentials were - * acquired using #kim_preferences_set_client_identity(). - * - * \section kim_preferences_favorite_identities Favorite Identities Preferences - * - * As Kerberos becomes more widespread, the number of possible Kerberos - * identities and realms a user might want to use will become very large. - * Sites may list hundreds of realms in their Kerberos configuration files. - * In addition, sites may wish to use DNS SRV records to avoid having to list - * all the realms they use in their Kerberos configuration. As a result, the - * list of realms in the Kerberos configuration may be exceedingly large and/or - * incomplete. Users may also use multiple identities from the same realm. - * - * On platforms which use a GUI to acquire credentials, the KIM would like - * to to display a list of identities for the user to select from. Depending on - * what is appropriate for the platform, identities may be displayed in a popup - * menu or other list. - * - * To solve this problem, the KIM maintains a list of favorite identities - * specifically for identity selection. This list is a set of unique identities - * in alphabetical order (as appropriate for the user's language localization). - * - * Each identity may optionally have its own options for ticket acquisition. - * This allows KIM UIs to remember what ticket options worked for a specific - * identity. For example if the user normally wants renewable tickets but - * they have one identity at a KDC which rejects requests for renewable tickets, - * the "not renewable" option can be associated with that identity without - * changing the user's default preference to get renewable tickets. If an - * identity should use the default options, just pass KIM_OPTIONS_DEFAULT. - * - * Most callers will not need to use the favorite identities APIs. However if you - * are implementing your own graphical prompt callback or a credential management - * application, you may to view and/or edit the user's favorite identities. - * - * \section kim_favorite_identities_edit Viewing and Editing the Favorite Identities - * - * First, you need to acquire the Favorite Identities stored in the user's - * preferences using #kim_preferences_create(). - * - * Then use #kim_preferences_get_number_of_favorite_identities() and - * #kim_preferences_get_favorite_identity_at_index() to display the identities list. - * Use #kim_preferences_add_favorite_identity() and #kim_preferences_remove_favorite_identity() - * to change which identities are in the identities list. Identities are always stored in - * alphabetical order and duplicate identities are not permitted, so when you add or remove a - * identity you should redisplay the entire list. If you wish to replace the - * identities list entirely, use #kim_preferences_remove_all_favorite_identities() - * to clear the list before adding your identities. - * - * Once you are done editing the favorite identities list, store changes in the - * user's preference file using #kim_preferences_synchronize(). - * - * See \ref kim_preferences_reference for information on specific APIs. - */ - -/*! - * \defgroup kim_preferences_reference KIM Preferences Documentation - * @{ - */ - -/*! - * \param out_preferences on exit, a new preferences object. - * Must be freed with kim_preferences_free(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Create a new preferences object from the current user's preferences. - */ -kim_error kim_preferences_create (kim_preferences *out_preferences); - -/*! - * \param out_preferences on exit, a new preferences object which is a copy of in_preferences. - * Must be freed with kim_preferences_free(). - * \param in_preferences a preferences object. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Copy a preferences object. - */ -kim_error kim_preferences_copy (kim_preferences *out_preferences, - kim_preferences in_preferences); - -/*! - * \param io_preferences a preferences object to modify. - * \param in_options an options object. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Set the user's preferred options. - * \sa kim_preferences_get_options() - */ -kim_error kim_preferences_set_options (kim_preferences io_preferences, - kim_options in_options); - -/*! - * \param in_preferences a preferences object. - * \param out_options on exit, the options specified in \a in_preferences. - * May be KIM_OPTIONS_DEFAULT. - * If not, must be freed with kim_options_free(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the user's preferred options. - * \sa kim_preferences_set_options() - */ -kim_error kim_preferences_get_options (kim_preferences in_preferences, - kim_options *out_options); - -/*! - * \param io_preferences a preferences object to modify. - * \param in_remember_options a boolean value indicating whether or not to remember the last - * options used to acquire a credential. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Set whether or not to remember the last options the user used to acquire a credential. - * \sa kim_preferences_get_remember_options() - */ -kim_error kim_preferences_set_remember_options (kim_preferences io_preferences, - kim_boolean in_remember_options); - -/*! - * \param in_preferences a preferences object. - * \param out_remember_options on exit, a boolean value indicating whether or \a in_preferences will - * remember the last options used to acquire a credential. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get whether or not to remember the last options the user used to acquire a credential. - * \sa kim_preferences_set_remember_options() - */ -kim_error kim_preferences_get_remember_options (kim_preferences in_preferences, - kim_boolean *out_remember_options); - -/*! - * \param io_preferences a preferences object to modify. - * \param in_client_identity a client identity object. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Set the user's preferred client identity. - * \sa kim_preferences_get_client_identity() - */ -kim_error kim_preferences_set_client_identity (kim_preferences io_preferences, - kim_identity in_client_identity); - -/*! - * \param in_preferences a preferences object. - * \param out_client_identity on exit, the client identity specified in \a in_preferences. - * Must be freed with kim_identity_free(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the user's preferred client identity. - * \sa kim_preferences_set_client_identity() - */ -kim_error kim_preferences_get_client_identity (kim_preferences in_preferences, - kim_identity *out_client_identity); - -/*! - * \param io_preferences a preferences object to modify. - * \param in_remember_client_identity a boolean value indicating whether or not to remember the last - * client identity for which a credential was acquired. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Set whether or not to remember the last client identity the user acquired a credential for. - * \sa kim_preferences_get_remember_client_identity() - */ -kim_error kim_preferences_set_remember_client_identity (kim_preferences io_preferences, - kim_boolean in_remember_client_identity); - -/*! - * \param in_preferences a preferences object. - * \param out_remember_client_identity on exit, a boolean value indicating whether or \a in_preferences will - * remember the last client identity for which a credential was acquired. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get whether or not to remember the last client identity the user acquired a credential for. - * \sa kim_preferences_set_remember_client_identity() - */ -kim_error kim_preferences_get_remember_client_identity (kim_preferences in_preferences, - kim_boolean *out_remember_client_identity); - -/*! - * \param io_preferences a preferences object to modify. - * \param in_minimum_lifetime a minimum lifetime indicating how small a lifetime the - * GUI tools should allow the user to specify for credentials. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Set the minimum credential lifetime for GUI credential lifetime controls. - * \sa kim_preferences_get_minimum_lifetime() - */ -kim_error kim_preferences_set_minimum_lifetime (kim_preferences io_preferences, - kim_lifetime in_minimum_lifetime); - -/*! - * \param in_preferences a preferences object. - * \param out_minimum_lifetime on exit, the minimum lifetime that GUI tools will - * allow the user to specify for credentials. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the minimum credential lifetime for GUI credential lifetime controls. - * \sa kim_preferences_set_minimum_lifetime() - */ -kim_error kim_preferences_get_minimum_lifetime (kim_preferences in_preferences, - kim_lifetime *out_minimum_lifetime); - -/*! - * \param io_preferences a preferences object to modify. - * \param in_maximum_lifetime a maximum lifetime indicating how large a lifetime the - * GUI tools should allow the user to specify for credentials. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Set the maximum credential lifetime for GUI credential lifetime controls. - * \sa kim_preferences_get_maximum_lifetime() - */ -kim_error kim_preferences_set_maximum_lifetime (kim_preferences io_preferences, - kim_lifetime in_maximum_lifetime); - -/*! - * \param in_preferences a preferences object. - * \param out_maximum_lifetime on exit, the maximum lifetime that GUI tools will - * allow the user to specify for credentials. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the maximum credential lifetime for GUI credential lifetime controls. - * \sa kim_preferences_set_maximum_lifetime() - */ -kim_error kim_preferences_get_maximum_lifetime (kim_preferences in_preferences, - kim_lifetime *out_maximum_lifetime); - -/*! - * \param io_preferences a preferences object to modify. - * \param in_minimum_renewal_lifetime a minimum lifetime indicating how small a lifetime the - * GUI tools should allow the user to specify for - * credential renewal. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Set the minimum credential renewal lifetime for GUI credential lifetime controls. - * \sa kim_preferences_get_minimum_renewal_lifetime() - */ -kim_error kim_preferences_set_minimum_renewal_lifetime (kim_preferences io_preferences, - kim_lifetime in_minimum_renewal_lifetime); - -/*! - * \param in_preferences a preferences object. - * \param out_minimum_renewal_lifetime on exit, the minimum lifetime that GUI tools will - * allow the user to specify for credential renewal. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the minimum credential renewal lifetime for GUI credential lifetime controls. - * \sa kim_preferences_set_minimum_renewal_lifetime() - */ -kim_error kim_preferences_get_minimum_renewal_lifetime (kim_preferences in_preferences, - kim_lifetime *out_minimum_renewal_lifetime); - -/*! - * \param io_preferences a preferences object to modify. - * \param in_maximum_renewal_lifetime a maximum lifetime indicating how large a lifetime the - * GUI tools should allow the user to specify for - * credential renewal. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Set the maximum credential renewal lifetime for GUI credential lifetime controls. - * \sa kim_preferences_get_minimum_renewal_lifetime() - */ -kim_error kim_preferences_set_maximum_renewal_lifetime (kim_preferences io_preferences, - kim_lifetime in_maximum_renewal_lifetime); - -/*! - * \param in_preferences a preferences object. - * \param out_maximum_renewal_lifetime on exit, the maximum lifetime that GUI tools will - * allow the user to specify for credential renewal. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the maximum credential renewal lifetime for GUI credential lifetime controls. - * \sa kim_preferences_set_minimum_renewal_lifetime() - */ -kim_error kim_preferences_get_maximum_renewal_lifetime (kim_preferences in_preferences, - kim_lifetime *out_maximum_renewal_lifetime); - -/*! - * \param in_preferences a preferences object. - * \param out_number_of_identities on exit, the number of identities in \a in_preferences. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the number of favorite identities in a preferences object. - */ -kim_error kim_preferences_get_number_of_favorite_identities (kim_preferences in_preferences, - kim_count *out_number_of_identities); - -/*! - * \param in_preferences a preferences object. - * \param in_index a index into the identities list (starting at 0). - * \param out_identity on exit, the identity at \a in_index in \a in_preferences. - * Must be freed with kim_string_free(). - * \param out_options on exit, the options associated with identity at \a in_index - * in \a in_favorite_identities. May be KIM_OPTIONS_DEFAULT. - * Pass NULL if you do not want the options associated with the identity. - * Must be freed with kim_options_free(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the Nth favorite identity in a preferences object. - */ -kim_error kim_preferences_get_favorite_identity_at_index (kim_preferences in_preferences, - kim_count in_index, - kim_identity *out_identity, - kim_options *out_options); - -/*! - * \param io_preferences a preferences object. - * \param in_identity an identity to add to \a io_preferences. - * \param in_options options which will be associated with that identity. - * Use KIM_OPTIONS_DEFAULT if the identity should use - * the user's default options. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Add a favorite identity to a preferences object. - */ -kim_error kim_preferences_add_favorite_identity (kim_preferences io_preferences, - kim_identity in_identity, - kim_options in_options); - -/*! - * \param io_preferences a preferences object. - * \param in_identity an identity to remove from \a io_preferences. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Remove a favorite identity from a preferences object. - */ -kim_error kim_preferences_remove_favorite_identity (kim_preferences io_preferences, - kim_identity in_identity); - -/*! - * \param io_preferences a preferences object. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Remove all favorite identities in a preferences object. - */ -kim_error kim_preferences_remove_all_favorite_identities (kim_preferences io_preferences); - -/*! - * \param in_preferences a preferences object. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Synchronize a preferences object with the user's preferences, writing pending changes - * and reading any changes applied by other processes. - */ -kim_error kim_preferences_synchronize (kim_preferences in_preferences); - -/*! - * \param io_preferences the preferences object to be freed. Set to NULL on exit. - * \brief Free memory associated with a preferences object. - */ -void kim_preferences_free (kim_preferences *io_preferences); - -/*!@}*/ - -#ifdef __cplusplus -} -#endif - -#endif /* KIM_PREFERENCES_H */ diff --git a/src/include/kim/kim_selection_hints.h b/src/include/kim/kim_selection_hints.h deleted file mode 100644 index 76cd41fc7..000000000 --- a/src/include/kim/kim_selection_hints.h +++ /dev/null @@ -1,439 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright 2005-2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_SELECTION_HINTS_H -#define KIM_SELECTION_HINTS_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include <kim/kim_types.h> - -/*! - * \page kim_selection_hints_overview KIM Selection Hints Overview - * - * \section kim_selection_hints_introduction Introduction - * - * Most users belong to multiple organizations and thus need - * to authenticate to multiple Kerberos realms. Traditionally Kerberos sites - * solved this problem by setting up a cross-realm relationship, which allowed - * the user to use TGT credentials for their client identity in one realm - * to obtain credentials in another realm via cross-realm authentication. As a - * result users could acquire credentials for a single client identity and use - * them everywhere. - * - * Setting up cross-realm requires that realms share a secret, so sites must - * coordinate with one another to set up a cross-realm relationship. In - * addition, sites must set up authorization policies for users from other - * realms. As Kerberos becomes increasingly wide-spread, many realms will - * not have cross-realm relationships, and users will need to - * manually obtain credentials for their client identity at each realm - * (eg: "user@BANK.COM", "user@UNIVERSITY.EDU", etc). As a result, users - * will often have multiple credentials caches, one for each client identity. - * - * Unfortunately this presents a problem for applications which need to obtain - * service credentials. Which client identity should they use? - * Rather than having each application to manually search the cache collection, - * KIM provides a selection hints API for choosing the best client identity. - * This API is intended to simplify the process of choosing credentials - * and provide consistent behavior across all applications. - * - * Searching the cache collection for credentials may be expensive if there - * are a large number of caches. If credentials for the client identity - * are expired or not present, KIM may also wish to prompt the user for - * new credentials for the appropriate client identity. As a result, - * applications might want to remember which client identity worked in - * the past and always request credentials using that identity. - * - * - * \section kim_selection_hints_creating Creating KIM Selection Hints - * - * A KIM selection hints object consists of an application identifier and one or - * more pieces of information about the service the client application will be - * contacting. The application identifier is used by user preferences - * to control how applications share cache entries. It is important to be - * consistent about what application identifier you provide. Java-style - * identifiers are recommended to avoid collisions. - * - * \section kim_selection_hints_searching Selection Hint Search Behavior - * - * When using selection hints to search for an appropriate client identity, - * KIM uses a consistent hint search order. This allows applications to specify - * potentially contradictory information without preventing KIM from locating a - * single ccache. In addition the selection hint search order may change, - * especially if more hints are added. - * - * As a result, callers are encouraged to provide all relevant search hints, - * even if only a subset of those search hints are necessary to get reasonable - * behavior in the current implementation. Doing so will provide the most - * user-friendly selection experience. - * - * Currently the search order looks like this: - * - * \li <B>Service Identity</B> The client identity which has obtained a service credential for this service identity. - * \li <B>Server</B> A client identity which has obtained a service credential for this server. - * \li <B>Service Realm</B> A client identity which has obtained a service credential for this realm. - * \li <B>Service</B> A client identity which has obtained a service credential for this service. - * \li <B>Client Realm</B> A client identity in this realm. - * \li <B>User</B> A client identity whose first component is this user string. - * - * For example, if you specify a service identity and a credential for - * that identity already exists in the ccache collection, KIM may use that - * ccache, even if your user and client realm entries in the selection hints would - * lead it to choose a different ccache. If no credentials for the service identity - * exist then KIM will fall back on the user and realm hints. - * - * \note Due to performance and information exposure concerns, currently all - * searching is done by examining the cache collection. In the future the KIM - * may also make network requests as part of its search algorithm. For example - * it might check to see if the TGT credentials in each ccache can obtain - * credentials for the service identity specified by the selection hints. - * - * \section kim_selection_hints_selecting Selecting an Identity Using Selection Hints - * - * Once you have provided search criteria for selecting an identity, use - * #kim_selection_hints_get_identity() to obtain an identity object. - * You can then use #kim_identity_get_string() to obtain a krb5 principal - * string for use with gss_import_name() and gss_acquire_cred(). Alternatively, - * you can use #kim_ccache_create_from_client_identity() to obtain a ccache - * containing credentials for the identity. - * - * \note #kim_selection_hints_get_identity() obtains an identity based on - * the current state of the selection hints object. If you change the - * selection hints object you must call #kim_selection_hints_get_identity() - * again. - * - * \section kim_selection_hints_caching Selection Hint Caching Behavior - * - * In addition to using selection hints to search for an appropriate client - * identity, KIM can also use them to remember which client identity worked. - * KIM maintains a per-user cache mapping selection hints to identities so - * that applications do not have to maintain their own caches or present - * user interface for selecting which cache to use. - * - * When #kim_selection_hints_get_identity() is called KIM looks up in the - * cache and returns the identity which the selection hints map to. If - * there is not a preexisting cache entry for the selection hints then - * #kim_selection_hints_get_identity() will search for an identity and - * prompt the user if it cannot find an appropriate one. - * - * If the client identity returned by KIM authenticates and passes - * authorization checks, you should tell KIM to cache the identity by calling - * #kim_selection_hints_remember_identity(). This will create a cache entry - * for the mapping between your selection hints and the identity so that - * subsequent calls to #kim_selection_hints_get_identity() do not need to - * prompt the user. - * - * If the client identity returned by KIM fails to authenticate or fails - * authorization checks, you must call #kim_selection_hints_forget_identity() - * to remove any mapping that already exists. After this function is called, - * future calls to #kim_selection_hints_get_identity() will search for an - * identity again. You may also wish to call this function if the user - * changes your application preferences such that the identity might be - * invalidated. - * - * \note It is very important that you call #kim_selection_hints_forget_identity() - * if your application fails to successfully establish a connection with the - * server. Otherwise the user can get "stuck" using the same non-working - * identity if they chose the wrong one accidentally or if their identity - * information changes. Because only your application understands the - * authorization checksof the protocol it uses, KIM cannot tell whether or not - * the identity worked. - * - * If you wish to search and prompt for an identity without using - * the cached mappings, you can turn off the cached mapping lookups using - * #kim_selection_hints_set_remember_identity(). This is not recommended - * for most applications since it will result in a lot of unnecessary - * searching and prompting for identities. - * - * \note Because cache entries key off of selection hints, it is important - * to always specify the same hints when contacting a particular - * service. Otherwise KIM will not always find the cache entries. - * - * \section kim_selection_hints_prompt Selection Hint Prompting Behavior - * - * If valid credentials for identity in the selection hints cache are - * unavailable or if no identity could be found using searching or caching - * when #kim_selection_hints_get_identity() is called, KIM may present a - * GUI to ask the user to select an identity or acquire credentials for - * an identity. - * - * \note Because of the caching behavior described above the user will - * only be prompted to choose an identity when setting up the application - * or when their identity stops working. - * - * In order to let the user know why Kerberos needs their assistance, KIM - * displays the name of the application which requested the identity - * selection. Unfortunately, some platforms do not provide a runtime - * mechanism for determining the name of the calling process. If your - * application runs on one of these platforms (or is cross-platform) - * you should provide a localized version of its name with - * the private function #kim_library_set_application_name(). - * - * In many cases a single application may select different identities for - * different purposes. For example an email application might use different - * identities to check mail for different accounts. If your application - * has this property you may need to provide the user with a localized - * string describing how the identity will be used. You can specify - * this string with #kim_selection_hints_get_explanation(). You can find - * out what string will be used with kim_selection_hints_set_explanation(). - * - * Since the user may choose to acquire credentials when selection an - * identity, KIM also provides #kim_selection_hints_set_options() to - * set what credential acquisition options are used. - * #kim_selection_hints_get_options() returns the options which will be used. - * - * If you need to disable user interaction, use - * #kim_selection_hints_set_allow_user_interaction(). Use - * #kim_selection_hints_get_allow_user_interaction() to find out whether or - * not user interaction is enabled. User interaction is enabled by default. - * - * See \ref kim_selection_hints_reference for information on specific APIs. - */ - -/*! - * \defgroup kim_selection_hints_reference KIM Selection Hints Reference Documentation - * @{ - */ - -/*! A client identity in this realm. - * See \ref kim_selection_hints_overview for more information */ -#define kim_hint_key_client_realm "kim_hint_key_client_realm" - -/*! A client identity whose first component is this user string. - * See \ref kim_selection_hints_overview for more information */ -#define kim_hint_key_user "kim_hint_key_user" - -/*! A client identity which has obtained a service credential for this realm. - * See \ref kim_selection_hints_overview for more information */ -#define kim_hint_key_service_realm "kim_hint_key_service_realm" - -/*! A client identity which has obtained a service credential for this service. - * See \ref kim_selection_hints_overview for more information */ -#define kim_hint_key_service "kim_hint_key_service" - -/*! A client identity which has obtained a service credential for this server. - * See \ref kim_selection_hints_overview for more information */ -#define kim_hint_key_server "kim_hint_key_server" - -/*! The client identity which has obtained a service credential for this service identity. - * See \ref kim_selection_hints_overview for more information */ -#define kim_hint_key_service_identity "kim_hint_key_service_identity" - -/*! - * \param out_selection_hints on exit, a new selection hints object. - * Must be freed with kim_selection_hints_free(). - * \param in_application_identifier an application identifier string. Java-style identifiers are recommended - * to avoid cache entry collisions (eg: "com.example.MyApplication") - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Create a new selection hints object. - */ -kim_error kim_selection_hints_create (kim_selection_hints *out_selection_hints, - kim_string in_application_identifier); - -/*! - * \param out_selection_hints on exit, a new selection hints object which is a copy of in_selection_hints. - * Must be freed with kim_selection_hints_free(). - * \param in_selection_hints a selection hints object. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Copy a selection hints object. - */ -kim_error kim_selection_hints_copy (kim_selection_hints *out_selection_hints, - kim_selection_hints in_selection_hints); - -/*! - * \param io_selection_hints a selection hints object to modify. - * \param in_hint_key A string representing the type of hint to set. - * \param in_hint_string A string representation of a hint for - * \a in_hint_key to set in \a in_selection_hints. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Set the string value of a hint used for identity selection. - * \sa kim_selection_hints_get_hint() - */ -kim_error kim_selection_hints_set_hint (kim_selection_hints io_selection_hints, - kim_string in_hint_key, - kim_string in_hint_string); - -/*! - * \param in_selection_hints a selection hints object. - * \param in_hint_key A string representing the type of hint to - * obtain. - * \param out_hint_string On exit, a string representation of the hint - * \a in_hint_key in \a in_selection_hints. - * If the hint is not set, sets the value pointed - * to by \a out_hint_string to NULL; - * Must be freed with kim_string_free(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the string value of a hint used for identity selection. - * \sa kim_selection_hints_set_hint() - */ -kim_error kim_selection_hints_get_hint (kim_selection_hints in_selection_hints, - kim_string in_hint_key, - kim_string *out_hint_string); - -/*! - * \param io_selection_hints a selection hints object to modify. - * \param in_explanation a localized string describing why the caller needs the identity. - * \note If the application only does one thing (the reason it needs an identity is obvious) - * then you may not need to call this function. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Set the strings used to prompt the user to select the identity. - * \sa kim_selection_hints_get_explanation() - */ -kim_error kim_selection_hints_set_explanation (kim_selection_hints io_selection_hints, - kim_string in_explanation); - -/*! - * \param in_selection_hints a selection hints object. - * \param out_explanation on exit, the localized string specified in \a in_selection_hints - * which describes why the caller needs the identity. May be NULL. - * If non-NULL, must be freed with kim_string_free(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the strings used to prompt the user to select the identity. - * \sa kim_selection_hints_set_explanation() - */ -kim_error kim_selection_hints_get_explanation (kim_selection_hints in_selection_hints, - kim_string *out_explanation); - - -/*! - * \param io_selection_hints a selection hints object to modify. - * \param in_options options to control credential acquisition. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Set the options which will be used if credentials need to be acquired. - * \sa kim_selection_hints_get_options() - */ -kim_error kim_selection_hints_set_options (kim_selection_hints io_selection_hints, - kim_options in_options); - -/*! - * \param in_selection_hints a selection hints object. - * \param out_options on exit, the options to control credential acquisition - * specified in \a in_selection_hints. May be KIM_OPTIONS_DEFAULT. - * If not, must be freed with kim_options_free(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Get the options which will be used if credentials need to be acquired. - * \sa kim_selection_hints_set_options() - */ -kim_error kim_selection_hints_get_options (kim_selection_hints in_selection_hints, - kim_options *out_options); - -/*! - * \param in_selection_hints a selection hints object to modify - * \param in_allow_user_interaction a boolean value specifying whether or not KIM should ask - * the user to select an identity for \a in_selection_hints. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \note This setting defaults to TRUE. - * \brief Set whether or not KIM may interact with the user to select an identity. - * \sa kim_selection_hints_get_allow_user_interaction - */ -kim_error kim_selection_hints_set_allow_user_interaction (kim_selection_hints in_selection_hints, - kim_boolean in_allow_user_interaction); - -/*! - * \param in_selection_hints a selection hints object to modify - * \param out_allow_user_interaction on exit, a boolean value specifying whether or not KIM - * should ask the user to select an identity for - * \a in_selection_hints. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \note This setting defaults to TRUE. - * \brief Get whether or not KIM may interact with the user to select an identity. - * \sa kim_selection_hints_set_allow_user_interaction - */ -kim_error kim_selection_hints_get_allow_user_interaction (kim_selection_hints in_selection_hints, - kim_boolean *out_allow_user_interaction); - -/*! - * \param in_selection_hints a selection hints object to modify - * \param in_remember_identity a boolean value specifying whether or not KIM should use a cached - * mapping between \a in_selection_hints and a Kerberos identity. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \note This setting defaults to TRUE. - * \brief Set whether or not KIM will use cached mappings for this selection hints object. - * \sa kim_selection_hints_get_remember_identity - */ -kim_error kim_selection_hints_set_remember_identity (kim_selection_hints in_selection_hints, - kim_boolean in_remember_identity); - -/*! - * \param in_selection_hints a selection hints object to modify - * \param out_remember_identity on exit, a boolean value specifying whether or not KIM will use a - * cached mapping between \a in_selection_hints and a Kerberos identity. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \note This setting defaults to TRUE. - * \brief Get whether or not KIM will use cache mappings for this selection hints object. - * \sa kim_selection_hints_set_remember_identity - */ -kim_error kim_selection_hints_get_remember_identity (kim_selection_hints in_selection_hints, - kim_boolean *out_remember_identity); - -/*! - * \param in_selection_hints the selection hints to add to the cache. - * \param out_identity the Kerberos identity \a in_selection_hints maps to. - * Must be freed with kim_identity_free(). - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \note \a out_identity is the identity mapped to by the current state of \a in_selection_hints. - * This function may prompt the user via a GUI to choose that identity. - * Subsequent modifications to \a in_selection_hints will not change \a out_identity. - * \brief Choose a client identity based on selection hints. - */ - -kim_error kim_selection_hints_get_identity (kim_selection_hints in_selection_hints, - kim_identity *out_identity); - -/*! - * \param in_selection_hints the selection hints to add to the cache. - * \param in_identity the Kerberos identity \a in_selection_hints maps to. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Add an entry for the selection hints to the selection hints cache, - * replacing any existing entry. - */ - -kim_error kim_selection_hints_remember_identity (kim_selection_hints in_selection_hints, - kim_identity in_identity); - -/*! - * \param in_selection_hints the selection hints to remove from the cache. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Remove an entry for the selection hints from the selection hints cache. - */ - -kim_error kim_selection_hints_forget_identity (kim_selection_hints in_selection_hints); - -/*! - * \param io_selection_hints the selection hints object to be freed. Set to NULL on exit. - * \brief Free memory associated with a selection hints object. - */ - -void kim_selection_hints_free (kim_selection_hints *io_selection_hints); - -/*!@}*/ - -#ifdef __cplusplus -} -#endif - -#endif /* KIM_SELECTION_HINTS_H */ diff --git a/src/include/kim/kim_string.h b/src/include/kim/kim_string.h deleted file mode 100644 index aaf1975a9..000000000 --- a/src/include/kim/kim_string.h +++ /dev/null @@ -1,123 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright 2005-2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_STRING_H -#define KIM_STRING_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include <kim/kim_types.h> - -/*! - * \page kim_string_overview KIM String Overview - * - * A UTF8 string. - * - * Memory management routines are provided for runtime consistency on - * operating systems with shared libraries and multiple runtimes. - * - * \section kim_string_error_messages KIM Error Messages - * - * Like most C APIs, the KIM API returns numeric error codes. These error - * codes may come from KIM, krb5 or GSS APIs. In most cases the caller will - * want to handle these error programmatically. However, in some circumstances - * the caller may wish to print an error string to the user. - * - * One problem with just printing the error code to the user is that frequently - * the context behind the error has been lost. For example if KIM is trying to - * obtain credentials via referrals, it may fail partway through the process. - * In this case the error code will be KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN, which - * maps to "Client not found in Kerberos database". Unfortunately this error - * isn't terribly helpful because it doesn't tell the user whether they typoed - * their principal name or if referrals failed. - * - * To avoid this problem, KIM maintains an explanatory string for the last - * error seen in each thread calling into KIM. If a caller wishes to display - * an error to the user, immediately after getting the error the caller should - * call #kim_string_create_for_last_error() to obtain a copy of the - * descriptive error message. - * - * See \ref kim_string_reference for information on specific APIs. - */ - -/*! - * \defgroup kim_string_reference KIM String Reference Documentation - * @{ - */ - -/*! - * \param out_string On success, a human-readable UTF-8 string describing the - * error representedby \a in_error. Must be freed with - * kim_string_free(). - * \param in_error an error code. Used to verify that the correct error - * string will be returned (see note below). - * \return On success, KIM_NO_ERROR. - * \note This API is implemented using thread local storage. It should be - * called immediately after a KIM API returns an error code so that the correct - * string is returned. The returned copy may then be held by the caller until - * needed. If \a in_error does not match the last saved error KIM may return - * a less descriptive string. - * \brief Get a text description of an error suitable for display to the user. - */ -kim_error kim_string_create_for_last_error (kim_string *out_string, - kim_error in_error); - -/*! - * \param out_string on exit, a new string object which is a copy of \a in_string. - Must be freed with kim_string_free(). - * \param in_string the string to copy. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Copy a string. - */ -kim_error kim_string_copy (kim_string *out_string, - const kim_string in_string); - -/*! - * \param in_string a string. - * \param in_compare_to_string a string to be compared to \a in_string. - * \param out_comparison on exit, a comparison result indicating whether \a in_string - * is greater than, less than or equal to \a in_compare_to_string. - * \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure. - * \brief Compare two strings. - */ -kim_error kim_string_compare (kim_string in_string, - kim_string in_compare_to_string, - kim_comparison *out_comparison); - -/*! - * \param io_string a string to be freed. Set to NULL on exit. - * \brief Free memory associated with a string. - */ -void kim_string_free (kim_string *io_string); - -/*!@}*/ - -#ifdef __cplusplus -} -#endif - -#endif /* KIM_STRING_H */ diff --git a/src/include/kim/kim_types.h b/src/include/kim/kim_types.h deleted file mode 100644 index 4778ba527..000000000 --- a/src/include/kim/kim_types.h +++ /dev/null @@ -1,156 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright 2005-2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_TYPES_H -#define KIM_TYPES_H - -#include <stdint.h> - -#ifdef __cplusplus -extern "C" { -#endif - -/*! - * \defgroup kim_types_reference KIM Types and Constants - * @{ - */ - -/*! - * The KIM Error type. - */ -typedef int32_t kim_error; - -/*! - * No error value for the kim_error type. - */ -#define KIM_NO_ERROR ((kim_error) 0) - -/*! - * A time value represented in seconds since January 1, 1970. - */ -typedef int64_t kim_time; - -/*! - * A duration represented in seconds. - */ -typedef int64_t kim_lifetime; - -/*! - * An quantity, usually used to return the number of elements in an array. - */ -typedef uint64_t kim_count; - -/*! - * A boolean value. 0 means false, all other values mean true. - */ -typedef int kim_boolean; - -/*! - * A comparison between two sortable objects. - * \li Less than 0 means the first object is less than the second. - * \li 0 means the two objects are identical. - * \li Greater than 0 means the first object is greater than the second. - * \note Convenience macros are provided for interpreting #kim_comparison - * values to improve code readability. - * See #kim_comparison_is_less_than(), #kim_comparison_is_equal_to() and - * #kim_comparison_is_greater_than() - */ -typedef int kim_comparison; - -/*! - * Convenience macro for interpreting #kim_comparison. - */ -#define kim_comparison_is_less_than(c) (c < 0) - -/*! - * Convenience macro for interpreting #kim_comparison. - */ -#define kim_comparison_is_equal_to(c) (c == 0) - -/*! - * Convenience macro for interpreting #kim_comparison. - */ -#define kim_comparison_is_greater_than(c) (c > 0) - -/*! - * The KIM String type. See \ref kim_string_overview for more information. - */ -typedef const char *kim_string; - -struct kim_identity_opaque; -/*! - * A KIM Principal object. See \ref kim_identity_overview for more information. - */ -typedef struct kim_identity_opaque *kim_identity; - -struct kim_options_opaque; -/*! - * A KIM Options object. See \ref kim_options_overview for more information. - */ -typedef struct kim_options_opaque *kim_options; - -struct kim_selection_hints_opaque; -/*! - * A KIM Selection Hints object. See \ref kim_selection_hints_overview for more information. - */ -typedef struct kim_selection_hints_opaque *kim_selection_hints; - -struct kim_preferences_opaque; -/*! - * A KIM Preferences object. See \ref kim_preferences_overview for more information. - */ -typedef struct kim_preferences_opaque *kim_preferences; - -struct kim_ccache_iterator_opaque; -/*! - * A KIM CCache Iterator object. See \ref kim_credential_cache_collection for more information. - */ -typedef struct kim_ccache_iterator_opaque *kim_ccache_iterator; - -struct kim_ccache_opaque; -/*! - * A KIM CCache object. See \ref kim_ccache_overview for more information. - */ -typedef struct kim_ccache_opaque *kim_ccache; - -struct kim_credential_iterator_opaque; -/*! - * A KIM Credential Iterator object. See \ref kim_credential_iterator for more information. - */ -typedef struct kim_credential_iterator_opaque *kim_credential_iterator; - -struct kim_credential_opaque; -/*! - * A KIM Credential object. See \ref kim_credential_overview for more information. - */ -typedef struct kim_credential_opaque *kim_credential; - -/*!@}*/ - -#ifdef __cplusplus -} -#endif - -#endif /* KIM_TYPES_H */ diff --git a/src/include/kim/kim_ui_plugin.h b/src/include/kim/kim_ui_plugin.h deleted file mode 100644 index 579be7359..000000000 --- a/src/include/kim/kim_ui_plugin.h +++ /dev/null @@ -1,153 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_UI_PLUGIN_H -#define KIM_UI_PLUGIN_H - -#ifdef __cplusplus -extern "C" { -#endif - -/*! - * The type of prompt which needs to be displayed. - * This value determines what type of user interface is displayed. - * See \ref kim_options_custom_prompt_callback for more information. - */ -typedef uint32_t kim_prompt_type; - -enum kim_prompt_type_enum { - kim_prompt_type_password = 0, - kim_prompt_type_preauth = 1 -}; - -/* - * Plugins for Controlling Identity Selection and Credential Acquisition - * - * In order to acquire credentials, Kerberos needs to obtain one or more secrets from the user. - * These secrets may be a certificate, password, SecurID pin, or information from a smart card. - * If obtaining the secret requires interaction with the user, the Kerberos libraries call a - * "prompter callback" to display a dialog or command line prompt to request information from - * the user. If you want to provide your own custom dialogs or command line prompts, - * the KIM APIs provide a plugin mechanism for replacing the default prompt ui with your own. - * - * The function table / structure which a KIM ui plugin module must export - * as "kim_ui_0". If the interfaces work correctly, future versions of the - * table will add either more callbacks or more arguments to callbacks, and - * in both cases we'll be able to wrap the v0 functions. - */ -/* extern kim_ui_plugin_ftable_v0 kim_ui_0; */ - - -typedef struct kim_ui_plugin_ftable_v0 { - int minor_version; /* currently 0 */ - - /* Called before other calls to allow the UI to initialize. - * Return an error if you can't display your UI in this environment. - * To allow your plugin to be called from multiple threads, pass back - * state associated with this instance of your UI in out_context. - * The same context pointer will be provided to all plugin calls for - * this ui. */ - kim_error (*init) (void **out_context); - - /* Present UI which allows the user to enter a new identity. - * This is typically called when the user selects a "new tickets" - * control or menu item from a ticket management utility. - * If this UI calls into KIM to get new credentials it may - * call auth_prompt below. - * If out_change_password is set to TRUE, KIM will call change_password - * on the identity and then call enter_identity again, allowing you - * to have a change password option on your UI. */ - kim_error (*enter_identity) (void *in_context, - kim_options io_options, - kim_identity *out_identity, - kim_boolean *out_change_password); - - /* Present UI to select which identity to use. - * This is typically called the first time an application tries to use - * Kerberos and is used to establish a hints preference for the application. - * If this UI calls into KIM to get new credentials it may - * call auth_prompt below. - * If out_change_password is set to TRUE, KIM will call change_password - * on the identity and then call select_identity again, allowing you - * to have a change password option on your UI. */ - kim_error (*select_identity) (void *in_context, - kim_selection_hints io_hints, - kim_identity *out_identity, - kim_boolean *out_change_password); - - /* Present UI to display authentication to the user */ - /* If in_allow_save_reply is FALSE do not display UI to allow the user - * to save their password. In this case the value of out_save_reply will - * be ignored. */ - kim_error (*auth_prompt) (void *in_context, - kim_identity in_identity, - kim_prompt_type in_type, - kim_boolean in_allow_save_reply, - kim_boolean in_hide_reply, - kim_string in_title, - kim_string in_message, - kim_string in_description, - char **out_reply, - kim_boolean *out_save_reply); - - /* Prompt to change the identity's password. - * May be combined with an auth_prompt if additional auth is required, - * eg: SecurID pin. - * If in_old_password_expired is true, this callback is in response - * to an expired password error. If this is the case the same context - * which generated the error will be used for this callback. */ - kim_error (*change_password) (void *in_context, - kim_identity in_identity, - kim_boolean in_old_password_expired, - char **out_old_password, - char **out_new_password, - char **out_verify_password); - - /* Display an error to the user; may be called after any of the prompts */ - kim_error (*handle_error) (void *in_context, - kim_identity in_identity, - kim_error in_error, - kim_string in_error_message, - kim_string in_error_description); - - /* Free strings returned by the UI. Will be called once for each string - * returned from a plugin callback. If you have returned a string twice - * just make sure your free function checks for NULL and sets the pointer - * to NULL when done freeing memory. */ - void (*free_string) (void *in_context, - char **io_string); - - /* Called after the last prompt (even on error) to allow the UI to - * free allocated resources associated with its context. */ - kim_error (*fini) (void *io_context); - -} kim_ui_plugin_ftable_v0; - - -#ifdef __cplusplus -} -#endif - -#endif /* KIM_UI_PLUGIN_H */ diff --git a/src/kadmin/cli/kadmin.c b/src/kadmin/cli/kadmin.c index 55befefd1..a6a767db7 100644 --- a/src/kadmin/cli/kadmin.c +++ b/src/kadmin/cli/kadmin.c @@ -47,10 +47,6 @@ #include <time.h> #include "kadmin.h" -#if defined(USE_KIM) -#include <kim/kim.h> -#endif - /* special struct to convert flag names for principals to actual krb5_flags for a principal */ struct pflag { @@ -256,16 +252,6 @@ kadmin_startup(int argc, char *argv[]) memset(¶ms, 0, sizeof(params)); -#if defined(USE_KIM) - /* Turn off all password prompting from the KLL */ - retval = kim_library_set_allow_automatic_prompting(0); - if (retval) { - com_err(whoami, retval, - "while calling kim_library_set_allow_automatic_prompting()"); - exit(1); - } -#endif - if (strcmp(whoami, "kadmin.local") == 0) set_com_err_hook(extended_com_err_fn); diff --git a/src/kim/agent/mac/AuthenticationController.h b/src/kim/agent/mac/AuthenticationController.h deleted file mode 100644 index 03b76ce53..000000000 --- a/src/kim/agent/mac/AuthenticationController.h +++ /dev/null @@ -1,120 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#import <Cocoa/Cocoa.h> - -@class IPCClient; -@class KerberosTimeFormatter; -@class BadgedImageView; - -@interface AuthenticationController : NSWindowController { - IPCClient *associatedClient; - - IBOutlet KerberosTimeFormatter *lifetimeFormatter; - - IBOutlet NSView *containerView; - IBOutlet NSView *identityView; - IBOutlet NSView *passwordView; - IBOutlet NSView *samView; - IBOutlet NSView *changePasswordView; - IBOutlet NSView *expiredPasswordView; - IBOutlet NSView *errorView; - - IBOutlet BadgedImageView *enterBadge; - IBOutlet BadgedImageView *passwordBadge; - IBOutlet BadgedImageView *samBadge; - IBOutlet BadgedImageView *changePasswordBadge; - IBOutlet BadgedImageView *errorBadge; - - IBOutlet NSProgressIndicator *enterSpinny; - IBOutlet NSProgressIndicator *passwordSpinny; - IBOutlet NSProgressIndicator *samSpinny; - IBOutlet NSProgressIndicator *changePasswordSpinny; - - // Controls that need to be made key - IBOutlet NSTextField *identityField; - IBOutlet NSTextField *passwordField; - IBOutlet NSTextField *samPromptField; - IBOutlet NSTextField *oldPasswordField; - - // Other controls of interest - IBOutlet NSButton *rememberPasswordInKeychainCheckBox; - - IBOutlet NSObjectController *glueController; - - IBOutlet NSWindow *ticketOptionsSheet; - IBOutlet NSObjectController *ticketOptionsController; - BOOL visibleAsSheet; - - IBOutlet NSSlider *validLifetimeSlider; - IBOutlet NSSlider *renewableLifetimeSlider; - - NSMutableArray *favoriteIdentities; - NSMutableDictionary *favoriteOptions; -} - -@property (readwrite, retain) IPCClient *associatedClient; -@property (readwrite, retain) NSMutableArray *favoriteIdentities; -@property (readwrite, retain) NSMutableDictionary *favoriteOptions; - -- (void) setContent: (NSMutableDictionary *) newContent; - -- (void) showEnterIdentity: (NSWindow *) parentWindow; -- (void) showAuthPrompt: (NSWindow *) parentWindow; -- (void) showEnterPassword: (NSWindow *) parentWindow; -- (void) showSAM: (NSWindow *) parentWindow; -- (void) showChangePassword: (NSWindow *) parentWindow; -- (void) showError: (NSWindow *) parentWindow; - -- (IBAction) cancel: (id) sender; -- (IBAction) enterIdentity: (id) sender; -- (IBAction) answerAuthPrompt: (id) sender; -- (IBAction) changePassword: (id) sender; -- (IBAction) showedError: (id) sender; - -- (IBAction) checkboxDidChange: (id) sender; -- (IBAction) sliderDidChange: (id) sender; - -- (IBAction) showTicketOptions: (id) sender; -- (IBAction) cancelTicketOptions: (id) sender; -- (IBAction) saveTicketOptions: (id) sender; - -- (IBAction) cancelAuthSheet: (id) sender; - -- (void) authSheetDidEnd: (NSWindow *) sheet - returnCode: (int) returnCode - contextInfo: (void *) contextInfo; -- (void) ticketOptionsSheetDidEnd: (NSWindow *) sheet - returnCode: (int) returnCode - contextInfo: (void *) contextInfo; - -- (IBAction) changePasswordGearAction: (id) sender; - -- (void) swapView: (NSView *) aView; -- (void) showSpinny; -- (void) hideSpinny; -- (void) clearSensitiveInputs; -- (void) clearAllInputs; - -@end diff --git a/src/kim/agent/mac/AuthenticationController.m b/src/kim/agent/mac/AuthenticationController.m deleted file mode 100644 index 5a9c8b6f1..000000000 --- a/src/kim/agent/mac/AuthenticationController.m +++ /dev/null @@ -1,678 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#import "AuthenticationController.h" -#import "IPCClient.h" -#import "KerberosFormatters.h" -#import "BadgedImageView.h" - -// to get kim_prompt_type enum -#import <Kerberos/kim_ui_plugin.h> - -/* - * glueController KVC mapping is as follows: - * name = client app name - * path = client app bundle path - * title = suggested label for prompt field - * message = desired large text message - * description = longer, detailed, small text message - * username = 'user' part of 'user@REALM.ORG' - * realm = 'REALM.ORG' part of 'user@REALM.ORG' - * realm_history = past realms the user has entered - * prompt_response = auth prompt response - * allow_save_password = whether or not to show the 'save password in keychain' checkbox - * should_save_password = whether or not to save the password in the keychain - * old_password = for change password dialog - * new_password = " - * verify_password = " - */ - -// localization keys and tables - -#define ACLocalizationTable @"AuthenticationController" - -#define ACAppPrincReqKey @"AuthControllerApplicationPrincipalRequest" -#define ACPrincReqKey @"AuthControllerPrincipalRequest" -#define ACAppPasswordReqKey @"AuthControllerApplicationPasswordRequest" -#define ACPasswordReqKey @"AuthControllerPasswordRequest" -#define ACPasswordChangeExpired @"ChangePasswordPasswordExpired" -#define ACPasswordChangeApp @"ChangePasswordApplicationRequest" -#define ACPasswordChangePrinc @"ChangePasswordPrincipalRequest" - -@implementation AuthenticationController - -@synthesize associatedClient; -@synthesize favoriteIdentities; -@synthesize favoriteOptions; - -- (id) init -{ - return [self initWithWindowNibName: @"Authentication"]; -} - -- (void) awakeFromNib -{ - [[self window] center]; - // We need to float over the loginwindow and SecurityAgent so use its hardcoded level. - [[self window] setLevel:NSModalPanelWindowLevel]; - - visibleAsSheet = NO; - - lifetimeFormatter.displaySeconds = NO; - lifetimeFormatter.displayShortFormat = NO; - - [glueController addObserver:self - forKeyPath:identity_string_keypath - options:NSKeyValueObservingOptionNew - context:ACKVOContext]; - [glueController addObserver:self - forKeyPath:prompt_response_keypath - options:NSKeyValueObservingOptionNew - context:ACKVOContext]; - [glueController addObserver:self - forKeyPath:old_password_keypath - options:NSKeyValueObservingOptionNew - context:ACKVOContext]; - [glueController addObserver:self - forKeyPath:new_password_keypath - options:NSKeyValueObservingOptionNew - context:ACKVOContext]; - [glueController addObserver:self - forKeyPath:verify_password_keypath - options:NSKeyValueObservingOptionNew - context:ACKVOContext]; - -} - -- (void) dealloc -{ - [glueController removeObserver:self forKeyPath:identity_string_keypath]; - [glueController removeObserver:self forKeyPath:prompt_response_keypath]; - [super dealloc]; -} - -- (void) observeValueForKeyPath:(NSString *)keyPath ofObject:(id)object change:(NSDictionary *)change context:(void *)context -{ - BOOL valid = NO; - - if ([(NSString *) context isEqualToString:ACKVOContext]) { - if ([keyPath isEqualToString:identity_string_keypath]) { - valid = [KIMUtilities validateIdentity:[glueController valueForKeyPath:identity_string_keypath]]; - [glueController setValue:[NSNumber numberWithBool:valid] - forKeyPath:enable_identity_ok_keypath]; - } - else if ([keyPath isEqualToString:prompt_response_keypath]) { - valid = ([[glueController valueForKeyPath:prompt_response_keypath] length] > 0); - [glueController setValue:[NSNumber numberWithBool:valid] - forKeyPath:enable_prompt_ok_keypath]; - } - else if ([keyPath isEqualToString:old_password_keypath] || - [keyPath isEqualToString:new_password_keypath] || - [keyPath isEqualToString:verify_password_keypath]) { - NSString *oldString = [glueController valueForKeyPath:old_password_keypath]; - NSString *newString = [glueController valueForKeyPath:new_password_keypath]; - NSString *verifyString = [glueController valueForKeyPath:verify_password_keypath]; - valid = ([oldString length] > 0 && [newString length] > 0 && - [verifyString length] > 0 && [newString isEqualToString:verifyString]); - [glueController setValue:[NSNumber numberWithBool:valid] - forKeyPath:change_password_ok_keypath]; - } - else { - [super observeValueForKeyPath:keyPath ofObject:object change:change context:context]; - } - } - else { - [super observeValueForKeyPath:keyPath ofObject:object change:change context:context]; - } -} - -- (IBAction) showWindow: (id) sender -{ - - [super showWindow:sender]; -} - -- (void) showWithParent: (NSWindow *) parentWindow -{ - // attach as sheet if given a parentWindow - if (parentWindow && !visibleAsSheet) { - [NSApp beginSheet:[self window] - modalForWindow:parentWindow - modalDelegate:self - didEndSelector:@selector(authSheetDidEnd:returnCode:contextInfo:) - contextInfo:NULL]; - } - // else, display as normal - else { - [self showWindow:nil]; - } -} - -- (void) windowWillBeginSheet: (NSNotification *) notification -{ - visibleAsSheet = YES; -} - -- (void) windowDidEndSheet: (NSNotification *) notification -{ - visibleAsSheet = NO; -} - -- (void) setContent: (NSMutableDictionary *) newContent -{ - [self window]; // wake up the nib connections - [glueController setContent:newContent]; -} - -- (void) swapView: (NSView *) aView -{ - NSWindow *theWindow = [self window]; - NSRect windowFrame; - NSRect viewFrame; - - [[containerView subviews] makeObjectsPerformSelector:@selector(removeFromSuperview)]; - - windowFrame = [theWindow frame]; - viewFrame = [theWindow frameRectForContentRect:[aView frame]]; - windowFrame.origin.y -= viewFrame.size.height - windowFrame.size.height; - - windowFrame.size.width = viewFrame.size.width; - windowFrame.size.height = viewFrame.size.height; - - [theWindow setFrame:windowFrame display:YES animate:YES]; - - [containerView addSubview:aView]; - -} - -- (void) showSpinny -{ - [enterSpinny startAnimation: nil]; - [passwordSpinny startAnimation: nil]; - [samSpinny startAnimation: nil]; - [changePasswordSpinny startAnimation: nil]; - [glueController setValue:[NSNumber numberWithBool:NO] - forKeyPath:accepting_input_keypath]; -} - -- (void) hideSpinny -{ - [enterSpinny stopAnimation: nil]; - [passwordSpinny stopAnimation: nil]; - [samSpinny stopAnimation: nil]; - [changePasswordSpinny stopAnimation: nil]; - [glueController setValue:[NSNumber numberWithBool:YES] - forKeyPath:accepting_input_keypath]; -} - -- (void) clearSensitiveInputs -{ - [glueController setValue:@"" - forKeyPath:prompt_response_keypath]; -} - -- (void) clearAllInputs -{ - [glueController setValue:@"" - forKeyPath:old_password_keypath]; - [glueController setValue:@"" - forKeyPath:new_password_keypath]; - [glueController setValue:@"" - forKeyPath:verify_password_keypath]; - [self clearSensitiveInputs]; -} - -- (void) showEnterIdentity: (NSWindow *) parentWindow -{ - kim_error err = KIM_NO_ERROR; - NSWindow *theWindow = [self window]; - NSString *key = (associatedClient.name) ? ACAppPrincReqKey : ACPrincReqKey; - NSString *message = [NSString stringWithFormat: - NSLocalizedStringFromTable(key, ACLocalizationTable, NULL), - associatedClient.name]; - - self.favoriteIdentities = [NSMutableArray array]; - self.favoriteOptions = [NSMutableDictionary dictionary]; - // get array of favorite identity strings and associated options - - if (!err) { - kim_preferences preferences = NULL; - kim_options kimOptions = NULL; - kim_count i; - kim_count count = 0; - - err = kim_preferences_create(&preferences); - - if (!err) { - err = kim_preferences_get_number_of_favorite_identities(preferences, - &count); - } - - for (i = 0; !err && i < count; i++) { - kim_identity kimIdentity = NULL; - kim_string display_string = NULL; - NSString *identityString = nil; - - err = kim_preferences_get_favorite_identity_at_index(preferences, - i, - &kimIdentity, - &kimOptions); - if (!err) { - err = kim_identity_get_display_string(kimIdentity, &display_string); - } - if (!err && display_string) { - identityString = [NSString stringWithUTF8String:display_string]; - [favoriteIdentities addObject:identityString]; - } - if (!err) { - [favoriteOptions setObject:[KIMUtilities dictionaryForKimOptions:kimOptions] - forKey:identityString]; - } - - kim_options_free(&kimOptions); - kim_string_free (&display_string); - kim_identity_free (&kimIdentity); - } - - kim_preferences_free(&preferences); - } - - [glueController setValue:favoriteIdentities forKeyPath:favorite_strings_keypath]; - - // wake up the nib connections and adjust window size - [self window]; - // set up controls with info from associatedClient - [enterBadge setBadgePath:associatedClient.path]; - [glueController setValue:message - forKeyPath:message_keypath]; - - [self hideSpinny]; - [self clearAllInputs]; - - [self swapView:identityView]; - - [theWindow makeFirstResponder:identityField]; - - [self showWithParent: parentWindow]; -} - -- (void) showAuthPrompt: (NSWindow *) parentWindow -{ - uint32_t type = [[glueController valueForKeyPath:@"content.prompt_type"] unsignedIntegerValue]; - - [self hideSpinny]; - - [self clearSensitiveInputs]; - - switch (type) { - case kim_prompt_type_password : - [self showEnterPassword: parentWindow]; break; - case kim_prompt_type_preauth : - default : - [self showSAM: parentWindow]; break; - } -} - -- (void) showEnterPassword: (NSWindow *) parentWindow -{ - CGFloat shrinkBy; - NSRect frame; - NSString *key = nil; - NSString *message = nil; - NSWindow *theWindow = [self window]; - - if ([associatedClient.name isEqualToString:[[NSBundle mainBundle] bundlePath]]) { - key = ACPasswordReqKey; - message = [NSString stringWithFormat: - NSLocalizedStringFromTable(key, ACLocalizationTable, NULL), - [glueController valueForKeyPath:identity_string_keypath]]; - } else { - key = ACAppPasswordReqKey; - message = [NSString stringWithFormat: - NSLocalizedStringFromTable(key, ACLocalizationTable, NULL), - associatedClient.name, - [glueController valueForKeyPath:identity_string_keypath]]; - } - [glueController setValue:message - forKeyPath:message_keypath]; - - // set badge - [passwordBadge setBadgePath:associatedClient.path]; - - // adjust for checkbox visibility - if (![[glueController valueForKeyPath:allow_save_password_keypath] boolValue] && - ![rememberPasswordInKeychainCheckBox isHidden]) { - [rememberPasswordInKeychainCheckBox setHidden:YES]; - frame = [passwordView frame]; - shrinkBy = ([passwordField frame].origin.y - - [rememberPasswordInKeychainCheckBox frame].origin.y); - frame.size.height -= shrinkBy; - [passwordView setFrame:frame]; - } - - [self swapView:passwordView]; - - [theWindow makeFirstResponder:passwordField]; - [self showWithParent:parentWindow]; -} - -- (void) showSAM: (NSWindow *) parentWindow -{ - // set badge - [samBadge setBadgePath:associatedClient.path]; - - [glueController setValue:[NSNumber numberWithBool:NO] - forKeyPath:allow_save_password_keypath]; - - [self swapView:samView]; - - [[self window] makeFirstResponder:samPromptField]; - [self showWithParent:parentWindow]; -} - -- (void) showChangePassword: (NSWindow *) parentWindow -{ - NSString *key = ([glueController valueForKeyPath:password_expired_keypath]) ? ACAppPrincReqKey : ACPrincReqKey; - NSString *message = [NSString stringWithFormat: - NSLocalizedStringFromTable(key, ACLocalizationTable, NULL), - associatedClient.name]; - NSWindow *theWindow = [self window]; - - - BOOL expired = [[glueController valueForKeyPath:password_expired_keypath] boolValue]; - BOOL calledBySelf = [associatedClient.path isEqualToString:[[NSBundle mainBundle] bundlePath]]; - - if (calledBySelf) { - key = ACPasswordChangePrinc; - message = [NSString stringWithFormat: - NSLocalizedStringFromTable(key, ACLocalizationTable, NULL), - [glueController valueForKeyPath:identity_string_keypath]]; - // Please change the Kerberos password for \"%@\" - } else if (!expired) { - key = ACPasswordChangeApp; - message = [NSString stringWithFormat: - NSLocalizedStringFromTable(key, ACLocalizationTable, NULL), - associatedClient.name, - [glueController valueForKeyPath:identity_string_keypath]]; - // %@ requires that you change the Kerberos password for \"%@\" - } else { - key = ACPasswordChangeExpired; - message = [NSString stringWithFormat: - NSLocalizedStringFromTable(key, ACLocalizationTable, NULL), - [glueController valueForKeyPath:identity_string_keypath]]; - // Your password has expired, would you like to change it? - } - [glueController setValue:message forKeyPath:message_keypath]; - - // set badge - [changePasswordBadge setBadgePath:associatedClient.path]; - - [self hideSpinny]; - - if (![[self window] isVisible]) { - [self clearAllInputs]; - } - - [self swapView:changePasswordView]; - - [self showWithParent:parentWindow]; - - [theWindow makeFirstResponder:oldPasswordField]; -} - -- (void) showError: (NSWindow *) parentWindow -{ - // wake up the nib connections and adjust window size - [self window]; - // set badge - [errorBadge setBadgePath:associatedClient.path]; - - [self hideSpinny]; - [self swapView:errorView]; - - [self showWithParent:parentWindow]; -} - -- (IBAction) checkboxDidChange: (id) sender -{ - if ([[ticketOptionsController valueForKeyPath:uses_default_options_keypath] boolValue]) { - // merge defaults onto current options - NSMutableDictionary *currentOptions = [ticketOptionsController content]; - NSDictionary *defaultOptions = [KIMUtilities dictionaryForKimOptions:NULL]; - [currentOptions addEntriesFromDictionary:defaultOptions]; - // update the sliders, since their values aren't bound - [validLifetimeSlider setDoubleValue:[[ticketOptionsController valueForKeyPath:valid_lifetime_keypath] doubleValue]]; - [renewableLifetimeSlider setDoubleValue:[[ticketOptionsController valueForKeyPath:renewal_lifetime_keypath] doubleValue]]; - } -} - -- (IBAction) sliderDidChange: (id) sender -{ - NSInteger increment = 0; - NSInteger newValue = 0; - NSString *keyPath = nil; - if ([sender isEqual:validLifetimeSlider]) { - increment = VALID_LIFETIME_INCREMENT; - keyPath = valid_lifetime_keypath; - } - else if ([sender isEqual:renewableLifetimeSlider]) { - increment = RENEWABLE_LIFETIME_INCREMENT; - keyPath = renewal_lifetime_keypath; - } - if (increment > 0) { - newValue = ([sender integerValue] / increment) * increment; - [ticketOptionsController setValue:[NSNumber numberWithInteger:newValue] - forKeyPath:keyPath]; - } -} - -- (IBAction) showTicketOptions: (id) sender -{ - NSDictionary *options = nil; - NSString *expandedString = nil; - // if this is a favorite, try to load its default options - [identityField validateEditing]; - - expandedString = [KIMUtilities expandedIdentity:[identityField stringValue]]; - - // edit the favorite options for this favorite identity - if (expandedString) { - options = [favoriteOptions objectForKey:expandedString]; - } - - // else, it's not a favorite identity. use default options - if (!options) { - options = [KIMUtilities dictionaryForKimOptions:KIM_OPTIONS_DEFAULT]; - } - - [ticketOptionsController setContent:[[options mutableCopy] autorelease]]; - - [ticketOptionsController setValue:[NSNumber numberWithInteger:[KIMUtilities minValidLifetime]] - forKeyPath:min_valid_keypath]; - [ticketOptionsController setValue:[NSNumber numberWithInteger:[KIMUtilities maxValidLifetime]] - forKeyPath:max_valid_keypath]; - [ticketOptionsController setValue:[NSNumber numberWithInteger:[KIMUtilities minRenewableLifetime]] - forKeyPath:min_renewable_keypath]; - [ticketOptionsController setValue:[NSNumber numberWithInteger:[KIMUtilities maxRenewableLifetime]] - forKeyPath:max_renewable_keypath]; - - [validLifetimeSlider setIntegerValue: - [[ticketOptionsController valueForKeyPath:valid_lifetime_keypath] integerValue]]; - [renewableLifetimeSlider setIntegerValue: - [[ticketOptionsController valueForKeyPath:renewal_lifetime_keypath] integerValue]]; - [self sliderDidChange:validLifetimeSlider]; - [self sliderDidChange:renewableLifetimeSlider]; - - [NSApp beginSheet:ticketOptionsSheet - modalForWindow:[self window] - modalDelegate:self - didEndSelector:@selector(ticketOptionsSheetDidEnd:returnCode:contextInfo:) - contextInfo:NULL]; -} - -- (IBAction) cancelTicketOptions: (id) sender -{ - [NSApp endSheet:ticketOptionsSheet returnCode:NSUserCancelledError]; -} - -- (IBAction) saveTicketOptions: (id) sender -{ - [NSApp endSheet:ticketOptionsSheet]; -} - -- (IBAction) cancelAuthSheet: (id) sender -{ - [NSApp endSheet:[self window]]; -} - -- (void) authSheetDidEnd: (NSWindow *) sheet - returnCode: (int) returnCode - contextInfo: (void *) contextInfo -{ - [sheet orderOut:nil]; -} - - -- (void) ticketOptionsSheetDidEnd: (NSWindow *) sheet - returnCode: (int) returnCode - contextInfo: (void *) contextInfo -{ - if (returnCode == NSUserCancelledError) { - // discard new options - [ticketOptionsController setContent:nil]; - } else { - kim_error err = KIM_NO_ERROR; - kim_preferences prefs = NULL; - kim_identity identity = NULL; - kim_options options = NULL; - NSString *expandedString = [KIMUtilities expandedIdentity:[identityField stringValue]];; - - // replace options if favorite exists - // add to favorites if not already in list - if (!expandedString) { - err = KIM_BAD_PRINCIPAL_STRING_ERR; - } - if (!err) { - [favoriteOptions setObject:[ticketOptionsController content] - forKey:expandedString]; - } - if (!err) { - err = kim_preferences_create(&prefs); - } - if (!err) { - err = kim_identity_create_from_string(&identity, [[identityField stringValue] UTF8String]); - } - if (!err) { - options = [KIMUtilities kimOptionsForDictionary:[ticketOptionsController content]]; - } - - if (!identity) { err = KIM_BAD_PRINCIPAL_STRING_ERR; } - - if (!err) { - err = kim_preferences_remove_favorite_identity(prefs, identity); - } - if (!err) { - err = kim_preferences_add_favorite_identity(prefs, identity, options); - } - if (!err) { - err = kim_preferences_synchronize(prefs); - } - - kim_preferences_free(&prefs); - kim_options_free(&options); - kim_identity_free(&identity); - } - [ticketOptionsSheet orderOut:nil]; -} - -- (IBAction) changePasswordGearAction: (id) sender -{ - NSString *expandedString = [KIMUtilities expandedIdentity:[identityField stringValue]]; - NSDictionary *options = [favoriteOptions objectForKey:expandedString]; - - if (!options) { - options = [glueController valueForKeyPath:options_keypath]; - } - - [self showSpinny]; - - // the principal must already be valid to get this far - [associatedClient didEnterIdentity:expandedString options:options wantsChangePassword:YES]; -} - -- (IBAction) cancel: (id) sender -{ - [NSApp endSheet:[self window]]; - [associatedClient didCancel]; -} - -- (IBAction) enterIdentity: (id) sender -{ - NSString *expandedString = [KIMUtilities expandedIdentity:[identityField stringValue]]; - NSDictionary *options = [favoriteOptions objectForKey:expandedString]; - - if (!options) { - options = [glueController valueForKeyPath:options_keypath]; - } - - [self showSpinny]; - - // the principal must already be valid to get this far - [associatedClient didEnterIdentity:expandedString options:options wantsChangePassword:NO]; -} - -- (IBAction) answerAuthPrompt: (id) sender -{ - NSString *responseString = [glueController valueForKeyPath:prompt_response_keypath]; - NSNumber *saveResponse = [glueController valueForKeyPath:should_save_password_keypath]; - - if (!saveResponse) { - saveResponse = [NSNumber numberWithBool:NO]; - } - - [self showSpinny]; - [associatedClient didPromptForAuth:responseString - saveResponse:saveResponse]; -} - -- (IBAction) changePassword: (id) sender -{ - NSString *oldString = [glueController valueForKeyPath:old_password_keypath]; - NSString *newString = [glueController valueForKeyPath:new_password_keypath]; - NSString *verifyString = [glueController valueForKeyPath:verify_password_keypath]; - - [self showSpinny]; - - [associatedClient didChangePassword:oldString - newPassword:newString - verifyPassword:verifyString]; - [NSApp endSheet:[self window]]; -} - -- (IBAction) showedError: (id) sender -{ - [associatedClient didHandleError]; -} - -@end diff --git a/src/kim/agent/mac/BadgedImageView.h b/src/kim/agent/mac/BadgedImageView.h deleted file mode 100644 index 489a90954..000000000 --- a/src/kim/agent/mac/BadgedImageView.h +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#import <Cocoa/Cocoa.h> - - -@interface BadgedImageView : NSView { - NSImage *iconImage; - NSImage *badgeImage; -} - -- (id) initWithFrame: (NSRect) frameRect; -- (void) dealloc; -- (void) setBadgeImage: (NSImage *) image; -- (void) setBadgePath: (NSString *) path; -- (void) drawRect: (NSRect) rect; - -@end diff --git a/src/kim/agent/mac/BadgedImageView.m b/src/kim/agent/mac/BadgedImageView.m deleted file mode 100644 index 167130aca..000000000 --- a/src/kim/agent/mac/BadgedImageView.m +++ /dev/null @@ -1,104 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#import "BadgedImageView.h" - - -@implementation BadgedImageView - -// --------------------------------------------------------------------------- - -- (id) initWithFrame: (NSRect) frameRect -{ - if ((self = [super initWithFrame: frameRect])) { - iconImage = NULL; - badgeImage = NULL; - } - return self; -} - -// --------------------------------------------------------------------------- - -- (void) dealloc -{ - if (iconImage ) { [iconImage release]; } - if (badgeImage) { [badgeImage release]; } - - [super dealloc]; -} - -// --------------------------------------------------------------------------- - -- (void) setBadgeImage: (NSImage *) image -{ - if (badgeImage) { [badgeImage release]; } - - badgeImage = [image retain]; - [self setNeedsDisplay: YES]; -} - -// --------------------------------------------------------------------------- - -- (void) setBadgePath: (NSString *) path -{ - NSImage *newImage = [[NSWorkspace sharedWorkspace] iconForFile: path]; - [self setBadgeImage: newImage]; -} - -// --------------------------------------------------------------------------- - -- (void) drawRect: (NSRect) rect -{ - float frameSize = [self frame].size.width; - float iconSize = 64.0; - float badgeSize = 32.0; - - if (!iconImage) { - iconImage = [[NSImage imageNamed: @"NSApplicationIcon"] retain]; - } - - if (iconImage) { - [self lockFocus]; - - // Clear an old badged icon - [[NSColor windowBackgroundColor] set]; - NSRectFill ([self frame]); - - [iconImage setScalesWhenResized: YES]; - [iconImage setSize: NSMakeSize (iconSize, iconSize)]; - [iconImage compositeToPoint: NSMakePoint (0.0, frameSize - iconSize) - operation: NSCompositeSourceOver]; - - if (badgeImage) { - // draw badge - [badgeImage setScalesWhenResized: YES]; - [badgeImage setSize: NSMakeSize (badgeSize, badgeSize)]; - [badgeImage compositeToPoint: NSMakePoint (frameSize - badgeSize, 0.0) - operation: NSCompositeSourceOver]; - } - [self unlockFocus]; - } -} - -@end diff --git a/src/kim/agent/mac/IPCClient.h b/src/kim/agent/mac/IPCClient.h deleted file mode 100644 index a700a6a53..000000000 --- a/src/kim/agent/mac/IPCClient.h +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - - -#import <Cocoa/Cocoa.h> -#import "KIMUtilities.h" - -@class SelectIdentityController; -@class AuthenticationController; -@class Identities; - -@interface IPCClient : NSObject { - mach_port_t port; - NSString *name; - NSString *path; - NSInteger state; - NSMutableDictionary *currentInfo; - - SelectIdentityController *selectController; - AuthenticationController *authController; -} - -@property (assign) mach_port_t port; -@property (readwrite, retain) NSString *name; -@property (readwrite, retain) NSString *path; -@property (assign) NSInteger state; -@property (readwrite, retain) NSMutableDictionary *currentInfo; -@property (readonly, retain) SelectIdentityController *selectController; -@property (readonly, retain) AuthenticationController *authController; - -- (void) cleanup; -- (void) saveIdentityToFavoritesIfSuccessful; - -- (kim_error) selectIdentity: (NSDictionary *) info; -- (kim_error) enterIdentity: (NSDictionary *) info; -- (kim_error) promptForAuth: (NSDictionary *) info; -- (kim_error) changePassword: (NSDictionary *) info; -- (kim_error) handleError: (NSDictionary *) info; - -- (void) didCancel; -- (void) didSelectIdentity: (NSString *) identityString - options: (NSDictionary *) options - wantsChangePassword: (BOOL) wantsChangePassword; -- (void) didEnterIdentity: (NSString *) identityString - options: (NSDictionary *) options - wantsChangePassword: (BOOL) wantsChangePassword; -- (void) didPromptForAuth: (NSString *) responseString saveResponse: (NSNumber *) saveResponse; -- (void) didChangePassword: (NSString *) oldPassword - newPassword: (NSString *) newPassword - verifyPassword: (NSString *) verifyPassword; -- (void) didHandleError; - -@end diff --git a/src/kim/agent/mac/IPCClient.m b/src/kim/agent/mac/IPCClient.m deleted file mode 100644 index d4ac8a699..000000000 --- a/src/kim/agent/mac/IPCClient.m +++ /dev/null @@ -1,338 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - - -#import "IPCClient.h" -#import "SelectIdentityController.h" -#import "AuthenticationController.h" -#import "KerberosAgentListener.h" -#import "Identities.h" - -enum krb_agent_client_state { - ipc_client_state_idle, - ipc_client_state_init, - ipc_client_state_enter, - ipc_client_state_select, - ipc_client_state_auth_prompt, - ipc_client_state_change_password, - ipc_client_state_handle_error, - ipc_client_state_fini, -}; - -@interface IPCClient () - -@property (readwrite, retain) SelectIdentityController *selectController; -@property (readwrite, retain) AuthenticationController *authController; - -@end - - -@implementation IPCClient - -@synthesize port; -@synthesize name; -@synthesize path; -@synthesize state; -@synthesize currentInfo; -@synthesize selectController; -@synthesize authController; - -- (BOOL) isEqual: (IPCClient *) otherClient -{ - return (self.port == otherClient.port); -} - -- (NSUInteger) hash -{ - return self.port; -} - -- (id) init -{ - self = [super init]; - if (self != nil) { - kim_error err = KIM_NO_ERROR; - kim_preferences prefs = NULL; - kim_identity identity = NULL; - kim_string identity_string = NULL; - - self.state = ipc_client_state_init; - self.selectController = [[[SelectIdentityController alloc] init] autorelease]; - self.authController = [[[AuthenticationController alloc] init] autorelease]; - self.selectController.associatedClient = self; - self.authController.associatedClient = self; - self.currentInfo = [NSMutableDictionary dictionary]; - - // pre-populate the identity_string if there's a default identity - err = kim_preferences_create(&prefs); - if (!err && prefs) { - err = kim_preferences_get_client_identity(prefs, &identity); - } - if (!err && identity) { - err = kim_identity_get_display_string(identity, &identity_string); - } - if (!err && identity_string) { - [self.currentInfo setObject:[NSString stringWithUTF8String:identity_string] - forKey:@"identity_string"]; - } - - kim_string_free(&identity_string); - kim_identity_free(&identity); - kim_preferences_free(&prefs); - } - return self; -} - -- (void) cleanup -{ - if (![[self.selectController window] isVisible]) { - [self saveIdentityToFavoritesIfSuccessful]; - } - [self.selectController close]; - [self.authController close]; - self.selectController = nil; - self.authController = nil; - self.currentInfo = nil; -} - -- (void) saveIdentityToFavoritesIfSuccessful -{ - NSString *identityString = [self.currentInfo valueForKeyPath:@"identity_string"]; - NSDictionary *options = [self.currentInfo valueForKeyPath:@"options"]; - - Identities *identities = [[Identities alloc] init]; - Identity *theIdentity = [[Identity alloc] initWithIdentity:identityString - options:options]; - for (Identity *anIdentity in [identities identities]) { - if ([anIdentity isEqual:theIdentity]) { - if (!anIdentity.favorite) { - anIdentity.favorite = YES; - [identities synchronizePreferences]; - } - break; - } - } -} - -- (void) didCancel -{ - kim_error err = KIM_USER_CANCELED_ERR; - if (self.state == ipc_client_state_select) { - [KerberosAgentListener didSelectIdentity:self.currentInfo error:err]; - } - else if (self.state == ipc_client_state_enter) { - [KerberosAgentListener didEnterIdentity:self.currentInfo error:err]; - } - else if (self.state == ipc_client_state_select) { - [KerberosAgentListener didSelectIdentity:self.currentInfo error:err]; - } - else if (self.state == ipc_client_state_auth_prompt) { - [KerberosAgentListener didPromptForAuth:self.currentInfo error:err]; - } - else if (self.state == ipc_client_state_change_password) { - [KerberosAgentListener didChangePassword:self.currentInfo error:err]; - } - - if ([[self.selectController window] isVisible]) { - self.state = ipc_client_state_select; - } - else { - self.state = ipc_client_state_idle; - } -} - -- (kim_error) selectIdentity: (NSDictionary *) info -{ - [self.currentInfo addEntriesFromDictionary:info]; - self.state = ipc_client_state_select; - - if ([[self.authController window] isVisible]) { - [self.authController cancelAuthSheet:nil]; - } - - [self.selectController setContent:self.currentInfo]; - [self.selectController showWindow:nil]; - - return 0; -} - -- (void) didSelectIdentity: (NSString *) identityString - options: (NSDictionary *) options - wantsChangePassword: (BOOL) wantsChangePassword -{ - [self.currentInfo setObject:identityString forKey:@"identity_string"]; - // if the user set custom options, use those - if (options) { - [self.currentInfo setObject:options forKey:@"options"]; - } - // else use the options in the hints - else { - [self.currentInfo setObject:[self.currentInfo valueForKeyPath:@"hints.options"] - forKey:@"options"]; - } - [self.currentInfo setObject:[NSNumber numberWithBool:wantsChangePassword] forKey:@"wants_change_password"]; - - [KerberosAgentListener didSelectIdentity:self.currentInfo error:0]; - - // clean up state - if (!wantsChangePassword) { - self.state = ipc_client_state_idle; - } -} - -- (kim_error) enterIdentity: (NSDictionary *) info -{ - NSWindow *parentWindow = nil; - - [self.currentInfo addEntriesFromDictionary:info]; - - if ([[self.selectController window] isVisible]) { - parentWindow = [selectController window]; - } - - self.state = ipc_client_state_enter; - - [self.authController setContent:self.currentInfo]; - [self.authController showEnterIdentity:parentWindow]; - - return 0; -} - -- (void) didEnterIdentity: (NSString *) identityString - options: (NSDictionary *) options - wantsChangePassword: (BOOL) wantsChangePassword -{ - [self.currentInfo setObject:identityString forKey:@"identity_string"]; - [self.currentInfo setObject:options forKey:@"options"]; - [self.currentInfo setObject:[NSNumber numberWithBool:wantsChangePassword] forKey:@"wants_change_password"]; - [KerberosAgentListener didEnterIdentity:self.currentInfo error:0]; - - if ([[self.selectController window] isVisible]) { - self.state = ipc_client_state_select; - } - else { - self.state = ipc_client_state_idle; - } -} - -- (kim_error) promptForAuth: (NSDictionary *) info -{ - NSWindow *parentWindow = nil; - - [self.currentInfo addEntriesFromDictionary:info]; - - if ([[self.selectController window] isVisible]) { - parentWindow = [selectController window]; - } - - self.state = ipc_client_state_auth_prompt; - - [self.authController setContent:self.currentInfo]; - [self.authController showAuthPrompt:parentWindow]; - - return 0; -} - -- (void) didPromptForAuth: (NSString *) responseString saveResponse: (NSNumber *) saveResponse -{ - [self.currentInfo setObject:responseString forKey:@"prompt_response"]; - [self.currentInfo setObject:saveResponse forKey:@"save_response"]; - [KerberosAgentListener didPromptForAuth:self.currentInfo error:0]; - - if ([[self.selectController window] isVisible]) { - self.state = ipc_client_state_select; - } - else { - self.state = ipc_client_state_idle; - } -} - -- (kim_error) changePassword: (NSDictionary *) info -{ - NSWindow *parentWindow = nil; - - [self.currentInfo addEntriesFromDictionary:info]; - - if ([[self.selectController window] isVisible]) { - parentWindow = [selectController window]; - } - - self.state = ipc_client_state_change_password; - - [self.authController setContent:self.currentInfo]; - [self.authController showChangePassword:parentWindow]; - - return 0; -} - -- (void) didChangePassword: (NSString *) oldPassword - newPassword: (NSString *) newPassword - verifyPassword: (NSString *) verifyPassword -{ - [self.currentInfo setObject:oldPassword forKey:@"old_password"]; - [self.currentInfo setObject:newPassword forKey:@"new_password"]; - [self.currentInfo setObject:verifyPassword forKey:@"verify_password"]; - - if ([[self.selectController window] isVisible]) { - self.state = ipc_client_state_select; - } - else { - self.state = ipc_client_state_idle; - } - - [KerberosAgentListener didChangePassword:self.currentInfo error:0]; -} - - -- (kim_error) handleError: (NSDictionary *) info -{ - NSWindow *parentWindow = nil; - - [self.currentInfo addEntriesFromDictionary:info]; - - if ([[self.selectController window] isVisible]) { - parentWindow = [selectController window]; - } - - self.state = ipc_client_state_handle_error; - - [self.authController setContent:self.currentInfo]; - [self.authController showError:parentWindow]; - - return 0; -} - -- (void) didHandleError -{ - if ([[self.selectController window] isVisible]) { - self.state = ipc_client_state_select; - } - else { - self.state = ipc_client_state_idle; - } - - [KerberosAgentListener didHandleError:self.currentInfo error:0]; -} - -@end diff --git a/src/kim/agent/mac/Identities.h b/src/kim/agent/mac/Identities.h deleted file mode 100644 index 72f735522..000000000 --- a/src/kim/agent/mac/Identities.h +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#import <Cocoa/Cocoa.h> -#import <Kerberos/kim.h> -#import "KIMUtilities.h" - -@interface Identity : NSObject { - NSString *identity; - NSDictionary *options; - kim_credential_state state; - NSDate *expirationDate; - BOOL favorite; -} - -@property (readwrite, retain) NSString *identity; -@property (readwrite, retain) NSDictionary *options; -@property (assign) kim_credential_state state; -@property (assign) BOOL favorite; -@property (readwrite, retain) NSDate *expirationDate; - -// derived properties -@property (readonly) kim_identity kimIdentity; -@property (readonly) kim_options kimOptions; -@property (readonly) NSString *expirationString; -@property (readonly) NSString *validLifetimeString; -@property (readonly) NSString *renewableLifetimeString; -@property (readonly) BOOL hasCCache; -@property (readwrite) BOOL isRenewable; -@property (readwrite) BOOL isForwardable; -@property (readwrite) BOOL isAddressless; -@property (readwrite) BOOL isProxiable; -@property (readwrite) NSUInteger validLifetime; -@property (readwrite) NSUInteger renewableLifetime; - -- (id) initWithKimIdentity: (kim_identity) an_identity kimOptions: (kim_options) some_options; -- (id) initWithFavoriteIdentity: (kim_identity) an_identity options: (kim_options) some_options; -- (id) initWithIdentity: (NSString *) anIdentity options: (NSDictionary *) someOptions; - -- (BOOL) isEqualToKIMIdentity: (kim_identity) identity; -- (BOOL) isEqual: (Identity *)otherIdentity; - -- (void) resetOptions; -- (void) toggleFavorite; -- (BOOL) addToFavorites; -- (BOOL) removeFromFavorites; - -@end - - -@interface Identities : NSObject { - NSMutableArray *favoriteIdentities; - NSMutableArray *identities; - NSConnection *threadConnection; -} - -@property(readonly, retain) NSMutableArray *identities; -@property(readonly) NSUInteger minimumValidLifetime; -@property(readonly) NSUInteger maximumValidLifetime; -@property(readonly) NSUInteger minimumRenewableLifetime; -@property(readonly) NSUInteger maximumRenewableLifetime; - -- (void) reload; -- (int) update; -- (kim_error) addIdentity: (Identity *) anIdentity; -- (void) synchronizePreferences; - -@end diff --git a/src/kim/agent/mac/Identities.m b/src/kim/agent/mac/Identities.m deleted file mode 100644 index 1fa7e6ef4..000000000 --- a/src/kim/agent/mac/Identities.m +++ /dev/null @@ -1,849 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#import "Identities.h" -#import <Kerberos/Kerberos.h> - -@interface Identity () - -- (NSString *)stringForLifetime:(NSUInteger)lifetime; - -@end - - -@implementation Identity - -@synthesize identity; -@synthesize options; -@synthesize expirationDate; -@synthesize state; -@synthesize favorite; - -#pragma mark Initialization & Comparison - -// --------------------------------------------------------------------------- - -+ (NSSet *)keyPathsForValuesAffectingValueForKey:(NSString *)key -{ - NSMutableSet *result = [[super keyPathsForValuesAffectingValueForKey:key] mutableCopy]; - NSSet *otherKeys = nil; - - [result unionSet:otherKeys]; - - return [result autorelease]; -} - -// --------------------------------------------------------------------------- - -- (id) init -{ - return [self initWithIdentity: @"" options: [NSDictionary dictionary]]; -} - -// --------------------------------------------------------------------------- - -- (id) initWithKimIdentity: (kim_identity) an_identity kimOptions: (kim_options) some_options -{ - kim_error err = KIM_NO_ERROR; - kim_string identity_string = NULL; - - if (!err) { - err = kim_identity_get_display_string(an_identity, &identity_string); - } - return [self initWithIdentity:[NSString stringWithUTF8String:identity_string] - options:[KIMUtilities dictionaryForKimOptions:some_options]]; -} - -// --------------------------------------------------------------------------- - -- (id) initWithFavoriteIdentity: (kim_identity) an_identity options: (kim_options) some_options -{ - if ((self = [self initWithKimIdentity: an_identity kimOptions: some_options])) { - self.favorite = TRUE; - } - - return self; -} - -// --------------------------------------------------------------------------- - -- (id) initWithIdentity: (NSString *) anIdentity options: (NSDictionary *) someOptions -{ - self = [super init]; - if (self != nil) { - self.identity = anIdentity; - self.options = someOptions; - self.state = kim_credentials_state_not_yet_valid; - self.expirationDate = [NSDate dateWithTimeIntervalSince1970:0]; - self.favorite = NO; - } - return self; -} - -// --------------------------------------------------------------------------- - -- (BOOL) isEqualToKIMIdentity: (kim_identity) comparison_identity -{ - kim_error err = KIM_NO_ERROR; - kim_comparison comparison; - kim_identity an_identity = self.kimIdentity; - - err = kim_identity_compare (an_identity, comparison_identity, &comparison); - - kim_identity_free(&an_identity); - - return (!err && kim_comparison_is_equal_to (comparison)); -} - -// --------------------------------------------------------------------------- - -- (BOOL) isEqual: (Identity *)otherIdentity -{ - return ([self isEqualToKIMIdentity:otherIdentity.kimIdentity]); -} - -// --------------------------------------------------------------------------- - -- (NSUInteger)hash -{ - return [self.identity hash]; -} - -// --------------------------------------------------------------------------- - -- (NSComparisonResult) compare: (Identity *)otherIdentity -{ - return ([self.identity compare:otherIdentity.identity]); -} - -#pragma mark Actions - -// --------------------------------------------------------------------------- - -- (void) resetOptions -{ - // property setter converts NULL into actual kim_options with default settings - kim_error err = KIM_NO_ERROR; - kim_options some_options = NULL; - - err = kim_options_create(&some_options); - - if (!err) { - self.options = [KIMUtilities dictionaryForKimOptions:some_options]; - } - - log_kim_error_to_console(err); - - kim_options_free(&some_options); -} - -// --------------------------------------------------------------------------- - -- (void) toggleFavorite -{ - if (self.favorite) { - [self removeFromFavorites]; - } else { - [self addToFavorites]; - } -} - -// --------------------------------------------------------------------------- - -- (BOOL) addToFavorites -{ - kim_error err = KIM_NO_ERROR; - kim_preferences preferences = NULL; - kim_identity an_identity = self.kimIdentity; - kim_options some_options = self.kimOptions; - - err = kim_preferences_create(&preferences); - - if (!err) { - err = kim_preferences_add_favorite_identity(preferences, an_identity, some_options); - } - if (!err) { - err = kim_preferences_synchronize(preferences); - } - - if (!err) { - self.favorite = true; - } else { - log_kim_error_to_console(err); - } - - kim_preferences_free(&preferences); - kim_identity_free(&an_identity); - kim_options_free(&some_options); - - return (err != KIM_NO_ERROR); -} - -// --------------------------------------------------------------------------- - -- (BOOL) removeFromFavorites -{ - kim_error err = KIM_NO_ERROR; - kim_preferences preferences = NULL; - kim_identity an_identity = self.kimIdentity; - - err = kim_preferences_create(&preferences); - - if (!err) { - err = kim_preferences_remove_favorite_identity(preferences, an_identity); - } - if (!err) { - err = kim_preferences_synchronize(preferences); - } - if (!err) { - self.favorite = false; - } else { - log_kim_error_to_console(err); - } - - kim_preferences_free(&preferences); - kim_identity_free(&an_identity); - - return (err != KIM_NO_ERROR); -} - -#pragma mark Accessors - -// --------------------------------------------------------------------------- - -- (BOOL) hasCCache -{ - kim_error err = KIM_NO_ERROR; - kim_ccache ccache = NULL; - - err = kim_ccache_create_from_client_identity(&ccache, self.kimIdentity); - - if (!err && ccache) { - return TRUE; - } - - return FALSE; -} - - -// --------------------------------------------------------------------------- - -- (kim_identity) kimIdentity -{ - kim_error err = KIM_NO_ERROR; - kim_identity an_identity = NULL; - err = kim_identity_create_from_string(&an_identity, [self.identity UTF8String]); - return an_identity; -} - -// --------------------------------------------------------------------------- - -- (kim_options) kimOptions -{ - return [KIMUtilities kimOptionsForDictionary:self.options]; -} - -// --------------------------------------------------------------------------- - -- (BOOL) isRenewable -{ - return [[self.options valueForKey:@"renewable"] boolValue]; -} - -// --------------------------------------------------------------------------- - -- (void) setIsRenewable: (BOOL) value -{ - [self.options setValue:[NSNumber numberWithBool:value] - forKey:@"renewable"]; -} - -// --------------------------------------------------------------------------- - -- (BOOL) isForwardable -{ - return [[self.options valueForKey:@"forwardable"] boolValue]; -} - -// --------------------------------------------------------------------------- - -- (void) setIsForwardable: (BOOL) value -{ - [self.options setValue:[NSNumber numberWithBool:value] - forKey:@"forwardable"]; -} - -// --------------------------------------------------------------------------- - -- (BOOL) isAddressless -{ - return [[self.options valueForKey:@"addressless"] boolValue]; -} - -// --------------------------------------------------------------------------- - -- (void) setIsAddressless: (BOOL) value -{ - [self.options setValue:[NSNumber numberWithBool:value] - forKey:@"addressless"]; -} - -// --------------------------------------------------------------------------- - -- (BOOL) isProxiable -{ - return [[self.options valueForKey:@"proxiable"] boolValue]; -} - -// --------------------------------------------------------------------------- - -- (void) setIsProxiable: (BOOL) value -{ - [self.options setValue:[NSNumber numberWithBool:value] - forKey:@"proxiable"]; -} - -// --------------------------------------------------------------------------- - -- (NSUInteger) validLifetime -{ - return [[self.options valueForKey:@"valid_lifetime"] unsignedIntegerValue]; -} - -// --------------------------------------------------------------------------- - -- (void) setValidLifetime: (NSUInteger) newLifetime -{ - [self.options setValue:[NSNumber numberWithUnsignedInteger:newLifetime] - forKey:@"valid_lifetime"]; -} - -// --------------------------------------------------------------------------- - -- (NSUInteger) renewableLifetime -{ - return [[self.options valueForKey:@"renewable_lifetime"] unsignedIntegerValue]; -} - -// --------------------------------------------------------------------------- - -- (void) setRenewableLifetime: (NSUInteger) newLifetime -{ - [self.options setValue:[NSNumber numberWithUnsignedInteger:newLifetime] - forKey:@"renewable_lifetime"]; -} - -#pragma mark String representations - -// --------------------------------------------------------------------------- - -- (NSString *) expirationString -{ - NSString *result = nil; - NSTimeInterval lifetime = [self.expirationDate timeIntervalSinceNow]; - if (lifetime > 0) { - NSTimeInterval seconds = fmod(lifetime, 60); - NSTimeInterval minutes = fmod(lifetime, 60 % 60); - NSTimeInterval hours = fmod(lifetime, 3600 % 24); - NSTimeInterval days = fmod(lifetime, 86400); - - if (seconds > 0) { seconds = 0; minutes++; } - if (minutes > 59) { minutes = 0; hours++; } - if (hours > 23) { hours = 0; days++; } - - result = [NSString stringWithFormat:@"%02ld:%02ld", hours, minutes]; - } else { - result = @"--:--"; - } - - return result; -} - -// --------------------------------------------------------------------------- - -- (NSString *) validLifetimeString -{ - return [self stringForLifetime:self.validLifetime]; -} - -// --------------------------------------------------------------------------- - -- (NSString *) renewableLifetimeString -{ - return [self stringForLifetime:self.renewableLifetime]; -} - -// --------------------------------------------------------------------------- - -- (NSString *)stringForLifetime:(NSUInteger)lifetime -{ - NSMutableArray *parts = nil; - NSUInteger days, hours, minutes, seconds; - - days = (lifetime / 86400); - hours = (lifetime / (60 * 60) % 24); - minutes = (lifetime / 60 % 60); - seconds = (lifetime % 60); - - if (seconds > 0) { seconds = 0; minutes++; } - if (minutes > 59) { minutes = 0; hours++; } - if (hours > 23) { hours = 0; days++; } - - parts = [NSMutableArray arrayWithCapacity:3]; - if (days > 0) { - [parts addObject:[NSString stringWithFormat:@"%d days", days]]; - } - if (hours > 0) { - [parts addObject:[NSString stringWithFormat:@"%d hours", hours]]; - } - if (minutes > 0) { - [parts addObject:[NSString stringWithFormat:@"%d minutes", minutes]]; - } - if ([parts count] == 0) { - [parts addObject:@"0"]; - } - return [parts componentsJoinedByString:@", "]; -} - -// --------------------------------------------------------------------------- - -- (NSString *) description -{ - return [NSString stringWithFormat:@"%@ (%@) %@", self.identity, self.expirationString, [super description]]; -} - -@end - -@interface Identities () - -@property(readwrite, retain) NSMutableArray *favoriteIdentities; -@property(readwrite, retain) NSMutableArray *identities; - -@end - -@implementation Identities - -@synthesize favoriteIdentities; -@synthesize identities; - -// --------------------------------------------------------------------------- - -+ (void) waitForChange: (NSArray *) portArray -{ - NSAutoreleasePool *pool; - NSConnection *connection; - - pool = [[NSAutoreleasePool alloc] init]; - - connection = [NSConnection connectionWithReceivePort: [portArray objectAtIndex: 0] - sendPort: [portArray objectAtIndex: 1]]; - - { - cc_int32 err = ccNoError; - cc_context_t context = NULL; - - err = cc_initialize (&context, ccapi_version_max, NULL, NULL); - - while (!err) { - // This call puts the thread to sleep - err = cc_context_wait_for_change (context); - - if (!err) { - // NSLog (@"%s thread noticed update", __FUNCTION__); - } else { - // NSLog (@"%s thread got error %d (%s)", __FUNCTION__, err, [KIMUtilities stringForLastKIMError:err]); - err = 0; /* The server quit unexpectedly -- just try again */ - } - - //NSLog(@"waited %@", [[NSThread currentThread] description]); - [(Identities *) [connection rootProxy] reload]; - sleep (1); - } - - if (context) { cc_context_release (context); } - } - -// NSLog (@"%s thread exiting", __FUNCTION__); - [pool release]; -} - -// --------------------------------------------------------------------------- - -- (id) init -{ - if ((self = [super init])) { - int err = 0; - - threadConnection = NULL; - - [self reload]; - - if (!err) { - NSPort *port1 = [NSPort port]; - NSPort *port2 = [NSPort port]; - if (!port1 || !port2) { err = ENOMEM; } - - if (!err) { - threadConnection = [[NSConnection alloc] initWithReceivePort: port1 - sendPort: port2]; - if (!threadConnection) { err = ENOMEM; } - } - - if (!err) { - [threadConnection setRootObject: self]; - - [NSThread detachNewThreadSelector: @selector(waitForChange:) - toTarget: [self class] - withObject: [NSArray arrayWithObjects: port2, port1, NULL]]; - } - } - - if (err) { - [self release]; - return NULL; - } - } - - return self; -} - -// --------------------------------------------------------------------------- - -- (void) dealloc -{ - if (identities ) { [identities release]; } - if (favoriteIdentities) { [favoriteIdentities release]; } - if (threadConnection ) { [threadConnection release]; } - - [super dealloc]; -} - -// --------------------------------------------------------------------------- - -- (void) reload -{ - kim_error err = KIM_NO_ERROR; - - NSMutableArray *newFavoriteIdentities = NULL; - - favoriteIdentities = NULL; - - if (!err) { - newFavoriteIdentities = [[NSMutableArray alloc] init]; - if (!newFavoriteIdentities) { err = ENOMEM; } - } - - if (!err) { - kim_preferences preferences = NULL; - kim_options kimOptions = NULL; - kim_count i; - kim_count count = 0; - - err = kim_preferences_create(&preferences); - - if (!err) { - err = kim_preferences_get_number_of_favorite_identities(preferences, - &count); - } - - for (i = 0; !err && i < count; i++) { - kim_identity kimIdentity = NULL; - Identity *identity = NULL; - - err = kim_preferences_get_favorite_identity_at_index(preferences, - i, - &kimIdentity, - &kimOptions); - - if (!err) { - identity = [[Identity alloc] initWithFavoriteIdentity: kimIdentity options: kimOptions]; - if (!identity) { err = ENOMEM; } - } - - if (!err) { - [newFavoriteIdentities addObject: identity]; - } - - if (identity) { - [identity release]; - identity = nil; - } - - kim_options_free(&kimOptions); - kim_identity_free (&kimIdentity); - } - - kim_preferences_free(&preferences); - } - - - if (!err) { - self.favoriteIdentities = newFavoriteIdentities; - if (!favoriteIdentities) { err = ENOMEM; } - } - - - if (newFavoriteIdentities) { - [newFavoriteIdentities release]; - newFavoriteIdentities = nil; - } - - if (!err) { - [identities release]; - identities = nil; - err = [self update]; - } -} - -// --------------------------------------------------------------------------- - -- (int) update -{ - kim_error err = KIM_NO_ERROR; - NSMutableSet *newIdentities = NULL; - kim_ccache_iterator iterator = NULL; - - if (!err) { - newIdentities = [NSMutableSet set]; - if (!newIdentities) { err = ENOMEM; } - } - - if (!err) { - err = kim_ccache_iterator_create (&iterator); - } - - // Build list of identities with existing ccaches - //NSLog(@"updating %@", [[NSThread currentThread] description]); - while (!err) { - kim_ccache ccache = NULL; - kim_identity an_identity = NULL; - kim_options some_options = NULL; - kim_credential_state state = kim_credentials_state_valid; - kim_time expiration_time = 0; - - err = kim_ccache_iterator_next (iterator, &ccache); - if (!err && !ccache) { break; } - - if (!err) { - err = kim_ccache_get_client_identity (ccache, &an_identity); - } - - if (!err) { - err = kim_ccache_get_state (ccache, &state); - } - - if (!err && state == kim_credentials_state_valid) { - err = kim_ccache_get_expiration_time (ccache, &expiration_time); - } - - if (!err) { - err = kim_ccache_get_options(ccache, &some_options); - } - - if (!err) { - Identity *identity = [[Identity alloc] initWithKimIdentity:an_identity kimOptions:some_options]; - if (!identity) { err = ENOMEM; } - - if (!err) { - identity.state = state; - identity.expirationDate = [NSDate dateWithTimeIntervalSince1970:expiration_time]; - [newIdentities addObject: identity]; - } - - [identity release]; - identity = nil; - } - - if (err == KIM_NO_CREDENTIALS_ERR) { - /* ccache is empty, just ignore it */ - err = KIM_NO_ERROR; - } - - if (err) { - log_kim_error_to_console(err); - } - - kim_options_free (&some_options); - kim_identity_free (&an_identity); - kim_ccache_free (&ccache); - } - - kim_ccache_iterator_free (&iterator); - - - // Copy ccache state to favorites - for (Identity *identity in self.favoriteIdentities) { - Identity *matchingIdentity = [newIdentities member:identity]; - if (matchingIdentity) { - identity.state = matchingIdentity.state; - identity.expirationDate = matchingIdentity.expirationDate; - [newIdentities removeObject:matchingIdentity]; - } else { - identity.state = kim_credentials_state_expired; - identity.expirationDate = [NSDate distantPast]; - } - } - - - // Add unused favorites - [newIdentities unionSet:[NSSet setWithArray:self.favoriteIdentities]]; - - if (!err) { -// [self.identities removeAllObjects]; -// [self.identities addObjectsFromArray:[newIdentities allObjects]]; -// [self.identities sortUsingSelector:@selector(compare:)]; - - self.identities = [[[[newIdentities allObjects] sortedArrayUsingSelector:@selector(compare:)] mutableCopy] autorelease]; - - - if (!identities) { err = ENOMEM; } - } else { - log_kim_error_to_console(err); - } - - return err; -} - -// --------------------------------------------------------------------------- - -- (kim_error) addIdentity: (Identity *) anIdentity -{ - kim_error err = KIM_NO_ERROR; - - if (![self.identities containsObject:anIdentity]) { - NSMutableArray *newArray = [[self.identities mutableCopy] autorelease]; - [newArray addObject:anIdentity]; - self.identities = newArray; - } else { - err = KIM_IDENTITY_ALREADY_IN_LIST_ERR; - } - - return err; -} - -// --------------------------------------------------------------------------- - -- (void) synchronizePreferences -{ - // Saves the kim_options for all identities in the list to disk, then rebuilds the Identities array from scratch - - kim_error err = KIM_NO_ERROR; - kim_preferences prefs = NULL; - - err = kim_preferences_create(&prefs); - - if (!err) { - err = kim_preferences_remove_all_favorite_identities(prefs); - } - - for (Identity *identity in self.identities) { - if (!err && identity.favorite == TRUE) { - err = kim_preferences_add_favorite_identity(prefs, identity.kimIdentity, identity.kimOptions); - } - } - - if (!err) { - err = kim_preferences_synchronize(prefs); - } - - kim_preferences_free(&prefs); - - if (err) { - log_kim_error_to_console(err); - } - - if (!err) { - [self reload]; - } -} - -// --------------------------------------------------------------------------- - -- (NSUInteger)minimumValidLifetime -{ - kim_error err = KIM_NO_ERROR; - kim_preferences prefs = NULL; - kim_lifetime value = 0; - - err = kim_preferences_create(&prefs); - - if (!err) { - kim_preferences_get_minimum_lifetime(prefs, &value); - } - - return (NSUInteger) value; -} - -// --------------------------------------------------------------------------- - -- (NSUInteger)maximumValidLifetime -{ - kim_error err = KIM_NO_ERROR; - kim_preferences prefs = NULL; - kim_lifetime value = 0; - - err = kim_preferences_create(&prefs); - - if (!err) { - kim_preferences_get_maximum_lifetime(prefs, &value); - } - - return (NSUInteger) value; -} - -// --------------------------------------------------------------------------- - -- (NSUInteger)minimumRenewableLifetime -{ - kim_error err = KIM_NO_ERROR; - kim_preferences prefs = NULL; - kim_lifetime value = 0; - - err = kim_preferences_create(&prefs); - - if (!err) { - kim_preferences_get_minimum_renewal_lifetime(prefs, &value); - } - - return (NSUInteger) value; -} - -// --------------------------------------------------------------------------- - -- (NSUInteger)maximumRenewableLifetime -{ - kim_error err = KIM_NO_ERROR; - kim_preferences prefs = NULL; - kim_lifetime value = 0; - - err = kim_preferences_create(&prefs); - - if (!err) { - kim_preferences_get_maximum_renewal_lifetime(prefs, &value); - } - - return (NSUInteger) value; -} - -@end diff --git a/src/kim/agent/mac/KIMUtilities.h b/src/kim/agent/mac/KIMUtilities.h deleted file mode 100644 index adbc15914..000000000 --- a/src/kim/agent/mac/KIMUtilities.h +++ /dev/null @@ -1,101 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - - -#import <Cocoa/Cocoa.h> -#import <Kerberos/kim.h> - -#define VALID_LIFETIME_INCREMENT (5 * 60) -#define RENEWABLE_LIFETIME_INCREMENT (15 * 60) - -#define client_name_keypath @"content.name" -#define client_path_keypath @"content.path" - -#define identity_string_keypath @"content.identity_string" -#define favorite_strings_keypath @"content.favorite_identity_strings" -#define title_keypath @"content.title" -#define message_keypath @"content.message" -#define description_keypath @"content.description" - -#define prompt_response_keypath @"content.prompt_response" -#define allow_save_password_keypath @"content.allow_save" -#define should_save_password_keypath @"content.save_response" - -#define password_expired_keypath @"content.expired" -#define old_password_keypath @"content.old_password" -#define new_password_keypath @"content.new_password" -#define verify_password_keypath @"content.verify_password" - -#define enable_identity_ok_keypath @"content.isPrincipalValid" -#define enable_prompt_ok_keypath @"content.isPromptValid" -#define change_password_ok_keypath @"content.isChangePasswordValid" - -#define options_keypath @"content.options" - -#define uses_default_options_keypath @"content.usesDefaultTicketOptions" -#define valid_lifetime_keypath @"content.valid_lifetime" -#define renewal_lifetime_keypath @"content.renewal_lifetime" -#define renewable_keypath @"content.renewable" -#define addressless_keypath @"content.addressless" -#define forwardable_keypath @"content.forwardable" - -#define min_valid_keypath @"content.minValidLifetime" -#define max_valid_keypath @"content.maxValidLifetime" -#define min_renewable_keypath @"content.minRenewableLifetime" -#define max_renewable_keypath @"content.maxRenewableLifetime" - -#define wants_change_password_keypath @"content.wants_change_password" -#define accepting_input_keypath @"content.acceptingInput" - -#define ACKVOContext @"authenticationController" - - - -#define log_kim_error_to_console(err)\ -{\ -NSLog(@"%s got error %@", __FUNCTION__, [KIMUtilities stringForLastKIMError:err]);\ -} while (0); - -@interface KIMUtilities : NSObject - -+ (NSString *) stringForLastKIMError: (kim_error) in_err; - -+ (BOOL) validatePrincipalWithName: (NSString *) name - realm: (NSString *) realm; - -+ (BOOL) validateIdentity: (NSString *) identityString; - -+ (NSString *) expandedIdentity: (NSString *) identityString; - -+ (NSDictionary *) dictionaryForKimOptions: (kim_options) options; -+ (kim_options) kimOptionsForDictionary: (NSDictionary *) aDict; - -+ (NSDictionary *) dictionaryForKimSelectionHints: (kim_selection_hints) hints; - -+ (NSUInteger)minValidLifetime; -+ (NSUInteger)maxValidLifetime; -+ (NSUInteger)minRenewableLifetime; -+ (NSUInteger)maxRenewableLifetime; - -@end diff --git a/src/kim/agent/mac/KIMUtilities.m b/src/kim/agent/mac/KIMUtilities.m deleted file mode 100644 index 320ccdd8e..000000000 --- a/src/kim/agent/mac/KIMUtilities.m +++ /dev/null @@ -1,376 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#import "KIMUtilities.h" - -@implementation KIMUtilities - -+ (NSString *) stringForLastKIMError: (kim_error) in_err -{ - kim_error err = KIM_NO_ERROR; - kim_string string = NULL; - NSString *result = nil; - - err = kim_string_create_for_last_error(&string, in_err); - if (!err) { - result = [NSString stringWithUTF8String:string]; - } - kim_string_free(&string); - - return result; -} - -+ (BOOL) validatePrincipalWithName: (NSString *) name - realm: (NSString *) realm -{ - kim_error err = KIM_NO_ERROR; - NSString *identityString = nil; - - if (!name || !realm || [name length] == 0) { - err = KIM_BAD_PRINCIPAL_STRING_ERR; - } - if (!err) { - identityString = [[NSString alloc] initWithFormat:@"%@@%@", name, realm]; - err = [KIMUtilities validateIdentity:identityString]; - [identityString release]; - } - - return (err == KIM_NO_ERROR); -} - -+ (BOOL) validateIdentity: (NSString *) identityString -{ - kim_error err = KIM_NO_ERROR; - kim_identity identity = NULL; - - if (!identityString || [identityString length] <= 1) { - err = KIM_BAD_PRINCIPAL_STRING_ERR; - } - if (!err) { - err = kim_identity_create_from_string(&identity, [identityString UTF8String]); - } - if (!identity) { - err = KIM_BAD_PRINCIPAL_STRING_ERR; - } - kim_identity_free(&identity); - - return (err == KIM_NO_ERROR); -} - -+ (NSString *) expandedIdentity: (NSString *) identityString -{ - NSString *result = nil; - kim_error err = KIM_NO_ERROR; - kim_identity identity = NULL; - kim_string validated_string = NULL; - - // convert to how it will actually be - // e.g. foo becomes foo@ATHENA.MIT.EDU - // for the purpose of matching to a favorite - if (!identityString) { - err = KIM_BAD_PRINCIPAL_STRING_ERR; - } - if (!err) { - err = kim_identity_create_from_string(&identity, [identityString UTF8String]); - } - if (!err && identity) { - err = kim_identity_get_display_string(identity, &validated_string); - } - if (!err && validated_string) { - result = [NSString stringWithUTF8String:validated_string]; - } - kim_identity_free(&identity); - kim_string_free(&validated_string); - - return result; -} - -+ (NSDictionary *) dictionaryForKimOptions: (kim_options) options -{ - kim_error err = KIM_NO_ERROR; - kim_preferences prefs = NULL; - NSMutableDictionary *newDict = [NSMutableDictionary dictionaryWithCapacity:8]; - kim_boolean addressless = FALSE; - kim_boolean forwardable = FALSE; - kim_boolean proxiable = FALSE; - kim_boolean renewable = FALSE; - kim_lifetime valid_lifetime = 0; - kim_lifetime renewal_lifetime = 0; - kim_string service_name = NULL; - kim_time start_time = 0; - - if (options == KIM_OPTIONS_DEFAULT) { - [newDict setObject:[NSNumber numberWithBool:YES] - forKey:@"usesDefaultTicketOptions"]; - err = kim_preferences_create(&prefs); - if (!err) { - err = kim_preferences_get_options(prefs, &options); - } - } - - if (!err) { - err = kim_options_get_addressless(options, &addressless); - } - if (!err) { - [newDict setValue:[NSNumber numberWithBool:addressless] - forKey:@"addressless"]; - } - if (!err) { - err = kim_options_get_forwardable(options, &forwardable); - } - if (!err) { - [newDict setValue:[NSNumber numberWithBool:forwardable] - forKey:@"forwardable"]; - } - if (!err) { - err = kim_options_get_proxiable(options, &proxiable); - } - if (!err) { - [newDict setValue:[NSNumber numberWithBool:proxiable] - forKey:@"proxiable"]; - } - if (!err) { - err = kim_options_get_renewable(options, &renewable); - } - if (!err) { - [newDict setValue:[NSNumber numberWithBool:renewable] - forKey:@"renewable"]; - } - if (!err) { - err = kim_options_get_lifetime(options, &valid_lifetime); - } - if (!err) { - [newDict setValue:[NSNumber numberWithInteger:valid_lifetime] - forKey:@"valid_lifetime"]; - } - if (!err) { - err = kim_options_get_renewal_lifetime(options, &renewal_lifetime); - } - if (!err) { - [newDict setValue:[NSNumber numberWithInteger:renewal_lifetime] - forKey:@"renewal_lifetime"]; - } - if (!err) { - err = kim_options_get_service_name(options, &service_name); - } - if (!err) { - [newDict setValue:(service_name) ? - [NSString stringWithUTF8String:service_name] : @"" - forKey:@"service_name"]; - } - if (!err) { - err = kim_options_get_start_time(options, &start_time); - } - if (!err) { - [newDict setValue:[NSNumber numberWithInteger:start_time] - forKey:@"start_time"]; - } - - // only free options if it was allocated by this method - if (prefs) { - kim_options_free(&options); - kim_preferences_free(&prefs); - } - - return newDict; -} - -+ (kim_options) kimOptionsForDictionary: (NSDictionary *) aDict -{ - kim_error err = KIM_NO_ERROR; - kim_options options = NULL; - kim_boolean addressless; - kim_boolean forwardable; - kim_boolean proxiable; - kim_boolean renewable; - kim_lifetime valid_lifetime; - kim_lifetime renewal_lifetime; - kim_string service_name; - kim_time start_time; - - if (!aDict || [[aDict objectForKey:@"usesDefaultTicketOptions"] boolValue]) { - return KIM_OPTIONS_DEFAULT; - } - - addressless = [[aDict valueForKey:@"addressless"] boolValue]; - forwardable = [[aDict valueForKey:@"forwardable"] boolValue]; - proxiable = [[aDict valueForKey:@"proxiable"] boolValue]; - renewable = [[aDict valueForKey:@"renewable"] boolValue]; - valid_lifetime = [[aDict valueForKey:@"valid_lifetime"] integerValue]; - renewal_lifetime = [[aDict valueForKey:@"renewal_lifetime"] integerValue]; - service_name = ([[aDict valueForKey:@"service_name"] length] > 0) ? - [[aDict valueForKey:@"service_name"] UTF8String] : NULL; - start_time = [[aDict valueForKey:@"start_time"] integerValue]; - - if (!err) { - err = kim_options_create (&options); - } - if (!err) { - err = kim_options_set_addressless(options, addressless); - } - if (!err) { - err = kim_options_set_forwardable(options, forwardable); - } - if (!err) { - err = kim_options_set_proxiable(options, proxiable); - } - if (!err) { - err = kim_options_set_renewable(options, renewable); - } - if (!err) { - err = kim_options_set_lifetime(options, valid_lifetime); - } - if (!err) { - err = kim_options_set_renewal_lifetime(options, renewal_lifetime); - } - if (!err) { - err = kim_options_set_service_name(options, service_name); - } - if (!err) { - err = kim_options_set_start_time(options, start_time); - } - - return options; -} - -+ (NSDictionary *) dictionaryForKimSelectionHints: (kim_selection_hints) hints -{ - kim_error err = KIM_NO_ERROR; - - NSMutableDictionary *newDict = [NSMutableDictionary dictionaryWithCapacity:20]; - - kim_string explanation = NULL; - kim_options options = NULL; - kim_string service_identity = NULL; - kim_string client_realm = NULL; - kim_string user = NULL; - kim_string service_realm = NULL; - kim_string service = NULL; - kim_string server = NULL; - - if (!err) { - err = kim_selection_hints_get_explanation(hints, &explanation); - [newDict setValue:(explanation) ? [NSString stringWithUTF8String:explanation] : @"" - forKey:@"explanation"]; - } - if (!err) { - err = kim_selection_hints_get_options(hints, &options); - [newDict setValue:[KIMUtilities dictionaryForKimOptions:options] - forKey:@"options"]; - } - if (!err) { - err = kim_selection_hints_get_hint(hints, kim_hint_key_client_realm, &client_realm); - [newDict setValue:(client_realm) ? [NSString stringWithUTF8String:client_realm] : @"" - forKey:@"client_realm"]; - } - if (!err) { - err = kim_selection_hints_get_hint(hints, kim_hint_key_user, &user); - [newDict setValue:(user) ? [NSString stringWithUTF8String:user] : @"" - forKey:@"user"]; - } - if (!err) { - err = kim_selection_hints_get_hint(hints, kim_hint_key_service_realm, &service_realm); - [newDict setValue:(service_realm) ? [NSString stringWithUTF8String:service_realm] : @"" - forKey:@"service_realm"]; - } - if (!err) { - err = kim_selection_hints_get_hint(hints, kim_hint_key_service, &service); - [newDict setValue:(service) ? [NSString stringWithUTF8String:service] : @"" - forKey:@"service"]; - } - if (!err) { - err = kim_selection_hints_get_hint(hints, kim_hint_key_server, &server); - [newDict setValue:(server) ? [NSString stringWithUTF8String:server] : @"" - forKey:@"server"]; - } - if (!err) { - err = kim_selection_hints_get_hint(hints, kim_hint_key_service_identity, &service_identity); - [newDict setValue:(service_identity) ? [NSString stringWithUTF8String:service_identity] : @"" - forKey:@"service_identity"]; - } - - return newDict; -} - -+ (NSUInteger)minValidLifetime -{ - kim_error err = KIM_NO_ERROR; - kim_preferences prefs = NULL; - kim_lifetime value = 0; - - err = kim_preferences_create(&prefs); - - if (!err) { - kim_preferences_get_minimum_lifetime(prefs, &value); - } - - return (NSUInteger) value; -} - -+ (NSUInteger)maxValidLifetime -{ - kim_error err = KIM_NO_ERROR; - kim_preferences prefs = NULL; - kim_lifetime value = 0; - - err = kim_preferences_create(&prefs); - - if (!err) { - kim_preferences_get_maximum_lifetime(prefs, &value); - } - - return (NSUInteger) value; -} - -+ (NSUInteger)minRenewableLifetime -{ - kim_error err = KIM_NO_ERROR; - kim_preferences prefs = NULL; - kim_lifetime value = 0; - - err = kim_preferences_create(&prefs); - - if (!err) { - kim_preferences_get_minimum_renewal_lifetime(prefs, &value); - } - - return (NSUInteger) value; -} - -+ (NSUInteger)maxRenewableLifetime -{ - kim_error err = KIM_NO_ERROR; - kim_preferences prefs = NULL; - kim_lifetime value = 0; - - err = kim_preferences_create(&prefs); - - if (!err) { - kim_preferences_get_maximum_renewal_lifetime(prefs, &value); - } - - return (NSUInteger) value; -} - -@end diff --git a/src/kim/agent/mac/KerberosAgent-Info.plist b/src/kim/agent/mac/KerberosAgent-Info.plist deleted file mode 100644 index ee304e6d5..000000000 --- a/src/kim/agent/mac/KerberosAgent-Info.plist +++ /dev/null @@ -1,32 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> -<plist version="1.0"> -<dict> - <key>CFBundleDevelopmentRegion</key> - <string>English</string> - <key>CFBundleExecutable</key> - <string>${EXECUTABLE_NAME}</string> - <key>CFBundleIconFile</key> - <string>KerberosAgent</string> - <key>CFBundleIdentifier</key> - <string>edu.mit.Kerberos.KerberosAgent</string> - <key>CFBundleInfoDictionaryVersion</key> - <string>6.0</string> - <key>CFBundleName</key> - <string>KerberosAgent</string> - <key>CFBundlePackageType</key> - <string>APPL</string> - <key>CFBundleSignature</key> - <string>KrbA</string> - <key>CFBundleShortVersionString</key> - <string>1.0</string> - <key>CFBundleVersion</key> - <string>1.0</string> - <key>NSMainNibFile</key> - <string>MainMenu</string> - <key>NSPrincipalClass</key> - <string>NSApplication</string> - <key>LSUIElement</key> - <true/> -</dict> -</plist> diff --git a/src/kim/agent/mac/KerberosAgentController.h b/src/kim/agent/mac/KerberosAgentController.h deleted file mode 100644 index c6fae8670..000000000 --- a/src/kim/agent/mac/KerberosAgentController.h +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#import <Cocoa/Cocoa.h> - -@class IPCClient; -@class AuthenticationController; - -@interface KerberosAgentController : NSObject { - NSMutableArray *clients; - NSTimer *autoQuitTimer; -} - -@property (readwrite, retain) NSMutableArray *clients; - -- (void) quitIfIdle: (NSTimer *) timer; - -- (IPCClient *)clientForPort:(mach_port_t)client_port; -- (IPCClient *)clientForInfo:(NSDictionary *)info; - -- (IBAction) fakeANewClient: (id) sender; - -- (void) addClient: (NSDictionary *) info; -- (void) enterIdentity: (NSDictionary *) info; -- (void) selectIdentity: (NSDictionary *) info; -- (void) promptForAuth: (NSDictionary *) info; -- (void) changePassword: (NSDictionary *) info; -- (void) handleError: (NSDictionary *) info; -- (void) removeClient: (NSDictionary *) info; - -@end diff --git a/src/kim/agent/mac/KerberosAgentController.m b/src/kim/agent/mac/KerberosAgentController.m deleted file mode 100644 index e2314fcd6..000000000 --- a/src/kim/agent/mac/KerberosAgentController.m +++ /dev/null @@ -1,230 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#import "KerberosAgentController.h" -#import "SelectIdentityController.h" -#import "AuthenticationController.h" -#import "KerberosAgentListener.h" -#import "IPCClient.h" -#import "ServerDemux.h" - -#define SECONDS_BEFORE_AUTO_QUIT_ON_START 600 -#define SECONDS_BEFORE_AUTO_QUIT_ON_NO_CLIENTS 1 - -@implementation KerberosAgentController - -@synthesize clients; - -// --------------------------------------------------------------------------- - -- (void) applicationDidFinishLaunching: (NSNotification *) notification -{ - self.clients = [NSMutableArray array]; - [KerberosAgentListener startListening]; - - [NSApp activateIgnoringOtherApps:YES]; - - autoQuitTimer = [NSTimer scheduledTimerWithTimeInterval:SECONDS_BEFORE_AUTO_QUIT_ON_START - target:self - selector:@selector(quitIfIdle:) - userInfo:nil - repeats:NO]; -} - -- (void) dealloc -{ - self.clients = nil; - [autoQuitTimer invalidate]; - [autoQuitTimer release]; - - [super dealloc]; -} - -- (void) quitIfIdle: (NSTimer *) timer -{ - if ([self.clients count] == 0) { - [NSApp terminate:nil]; - } - autoQuitTimer = nil; -} - -- (IPCClient *)clientForPort:(mach_port_t)client_port -{ - IPCClient *aClient = nil; - - for (aClient in self.clients) { - if (aClient.port == client_port) { - break; - } - } - - return aClient; -} - -- (IPCClient *)clientForInfo:(NSDictionary *)info -{ - mach_port_t client_port = [[info objectForKey:@"client_port"] integerValue]; - return [self clientForPort:client_port]; -} - -- (IBAction) fakeANewClient: (id) sender -{ - IPCClient *aClient = [[IPCClient alloc] init]; - aClient.port = 1; - aClient.name = @"Barry"; - aClient.path = [[NSBundle mainBundle] bundlePath]; - [self.clients addObject:aClient]; - [aClient release]; -} - -#pragma mark Client actions - -// init -- (void) addClient: (NSDictionary *) info -{ - int32_t err = 0; - IPCClient *aClient = [self clientForInfo:info]; - - if (aClient) { - // already registered - err = KIM_IDENTITY_ALREADY_IN_LIST_ERR; - } else { - aClient = [[IPCClient alloc] init]; - aClient.port = [[info objectForKey:@"client_port"] integerValue]; - aClient.name = [info objectForKey:@"name"]; - aClient.path = [info objectForKey:@"path"]; - [self.clients addObject:aClient]; - [aClient release]; - } - - [autoQuitTimer invalidate]; - autoQuitTimer = nil; - - [KerberosAgentListener didAddClient:info error:err]; - [info release]; -} - -// enter -- (void) enterIdentity: (NSDictionary *) info -{ - kim_error err = KIM_NO_ERROR; - IPCClient *aClient = nil; - - // get client object for matching info, creating if it doesn't exist - aClient = [self clientForInfo:info]; - if (!aClient) { err = KIM_IDENTITY_NOT_IN_LIST_ERR; } - else { - err = [aClient enterIdentity:info]; - } - if (err) { - [KerberosAgentListener didEnterIdentity:info error:err]; - } -} - -// select -- (void) selectIdentity: (NSDictionary *) info -{ - kim_error err = KIM_NO_ERROR; - IPCClient *aClient = nil; - - // get client object for matching info, creating if it doesn't exist - aClient = [self clientForInfo:info]; - if (!aClient) { err = KIM_IDENTITY_NOT_IN_LIST_ERR; } - else { - err = [aClient selectIdentity:info]; - } - if (err) { - [KerberosAgentListener didSelectIdentity:info error:err]; - } -} - -// auth -- (void) promptForAuth: (NSDictionary *) info -{ - kim_error err = KIM_NO_ERROR; - IPCClient *aClient = nil; - - aClient = [self clientForInfo:info]; - if (!aClient) { err = KIM_IDENTITY_NOT_IN_LIST_ERR; } - else { - err = [aClient promptForAuth:info]; - } -} - -// change password -- (void) changePassword: (NSDictionary *) info -{ - kim_error err = KIM_NO_ERROR; - IPCClient *aClient = nil; - - aClient = [self clientForInfo:info]; - if (!aClient) { err = KIM_IDENTITY_NOT_IN_LIST_ERR; } - else { - err = [aClient changePassword:info]; - } -} - -// error -- (void) handleError: (NSDictionary *) info -{ - kim_error err = KIM_NO_ERROR; - IPCClient *aClient = nil; - - aClient = [self clientForInfo:info]; - if (!aClient) { err = KIM_IDENTITY_NOT_IN_LIST_ERR; } - else { - err = [aClient handleError:info]; - } -} - -// fini -- (void) removeClient: (NSDictionary *) info -{ - kim_error err = KIM_NO_ERROR; - IPCClient *aClient = [self clientForInfo:info]; - - if (!aClient) { - err = KIM_IDENTITY_NOT_IN_LIST_ERR; - } else { - // close all windows associated with it - [aClient cleanup]; - [self.clients removeObject:aClient]; - if ([self.clients count] == 0) { - // the client removes itself after select identity, - // but might come back shortly afterward in need of an auth prompt - [autoQuitTimer invalidate]; - autoQuitTimer = [NSTimer scheduledTimerWithTimeInterval:SECONDS_BEFORE_AUTO_QUIT_ON_NO_CLIENTS - target:self - selector:@selector(quitIfIdle:) - userInfo:nil - repeats:NO]; - } - } - - // called after user finishes prompt - [KerberosAgentListener didRemoveClient:info error:err]; - [info release]; -} - -@end diff --git a/src/kim/agent/mac/KerberosAgentListener.h b/src/kim/agent/mac/KerberosAgentListener.h deleted file mode 100644 index 4e0dc3dbb..000000000 --- a/src/kim/agent/mac/KerberosAgentListener.h +++ /dev/null @@ -1,109 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - - -#import <Cocoa/Cocoa.h> -#import <Kerberos/kim.h> - -#define kCheckinMessage 100 - -@interface KerberosAgentListener : NSObject { - NSThread *thread; -} - -@property (readwrite, retain) NSThread *thread; - -+ (KerberosAgentListener *) sharedListener; - -+ (void) startListening; - -- (void) threadMain; - -+ (void) addClientWithPort: (mach_port_t) client_port - replyPort: (mach_port_t) reply_port - name: (kim_string) name - path: (kim_string) path; - -// contains reply_port -+ (void) didAddClient: (NSDictionary *) info - error: (int32_t) error; - -+ (void) enterIdentityWithClientPort: (mach_port_t) client_port - replyPort: (mach_port_t) reply_port - options: (kim_options) options; - -// contains reply_port, kim_identity -+ (void) didEnterIdentity: (NSDictionary *) info - error: (int32_t) error; - -+ (void) selectIdentityWithClientPort: (mach_port_t) client_port - replyPort: (mach_port_t) reply_port - hints: (kim_selection_hints) hints; - -// contains reply_port, kim_identity -+ (void) didSelectIdentity: (NSDictionary *) info - error: (int32_t) error; - -+ (void) promptForAuthWithClientPort: (mach_port_t) client_port - replyPort: (mach_port_t) reply_port - identity: (kim_string) identity_string - promptType: (uint32_t) prompt_type - allowSave: (kim_boolean) allow_save - hideReply: (kim_boolean) hide_reply - title: (kim_string) title - message: (kim_string) message - description: (kim_string) description; - -// contains reply_port, (string) prompt_response -+ (void) didPromptForAuth: (NSDictionary *) info - error: (int32_t) error; - -+ (void) changePasswordWithClientPort: (mach_port_t) client_port - replyPort: (mach_port_t) reply_port - identity: (kim_string) identity_string - expired: (kim_boolean) expired; - -// contains reply_port, old password, new password, verify password -+ (void) didChangePassword: (NSDictionary *) info - error: (int32_t) error; - -+ (void) handleErrorWithClientPort: (mach_port_t) client_port - replyPort: (mach_port_t) reply_port - identity: (kim_string) identity_string - error: (kim_error) error - message: (kim_string) message - description: (kim_string) description; - -// contains reply_port -+ (void) didHandleError: (NSDictionary *) info - error: (int32_t) error; - - -+ (void) removeClientMatchingPort: (mach_port_t) client_port - replyPort: (mach_port_t) reply_port; - -+ (void) didRemoveClient: (NSDictionary *)info - error: (int32_t) error; - -@end diff --git a/src/kim/agent/mac/KerberosAgentListener.m b/src/kim/agent/mac/KerberosAgentListener.m deleted file mode 100644 index 6c4c8d7c8..000000000 --- a/src/kim/agent/mac/KerberosAgentListener.m +++ /dev/null @@ -1,355 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - - -#import "KerberosAgentListener.h" -#import "KIMUtilities.h" -#import "ServerDemux.h" -#import "IPCClient.h" - -@implementation KerberosAgentListener - -@synthesize thread; - -- (id) init -{ - self = [super init]; - if (self != nil) { - self.thread = [[NSThread alloc] initWithTarget:self selector:@selector(threadMain) object:nil]; - } - return self; -} - -static KerberosAgentListener *sharedListener = nil; - -+ (KerberosAgentListener *) sharedListener -{ - @synchronized(self) { - if (sharedListener == nil) { - [[self alloc] init]; // assignment not done here - } - } - return sharedListener; -} - -+ (id)allocWithZone:(NSZone *)zone -{ - @synchronized(self) { - if (sharedListener == nil) { - sharedListener = [super allocWithZone:zone]; - return sharedListener; // assignment and return on first allocation - } - } - return nil; //on subsequent allocation attempts return nil -} - -- (id)copyWithZone:(NSZone *)zone -{ - return self; -} - -- (id)retain -{ - return self; -} - -- (unsigned)retainCount -{ - return UINT_MAX; //denotes an object that cannot be released -} - -- (void)release -{ - //do nothing -} - -- (id)autorelease -{ - return self; -} - -#pragma mark Thread management - -// called from main thread to start listen thread -+ (void) startListening -{ -// NSLog(@"%s %@ thread", __FUNCTION__, ([NSThread isMainThread]) ? @"main" : @"not main"); - - [[KerberosAgentListener sharedListener].thread start]; -} - -- (void) threadMain -{ - NSAutoreleasePool *pool = [[NSAutoreleasePool alloc] init]; - int32_t err = 0; - -// NSLog(@"%s starting up", __FUNCTION__); - - while (!err && ![self.thread isCancelled]) { - err = kim_agent_listen_loop(); - if (!err) { -// NSLog (@"%s loop resetting %@", __FUNCTION__, [[NSThread currentThread] description]); - } else { - NSLog (@"%s got error %d (%@) %@", __FUNCTION__, err, [KIMUtilities stringForLastKIMError:err], [[NSThread currentThread] description]); - err = 0; /* The server quit unexpectedly -- just try again */ - } - sleep(10); - } - - [pool release]; -} - -#pragma mark IPC handlers - -+ (void) addClientWithPort: (mach_port_t) client_port - replyPort: (mach_port_t) reply_port - name: (kim_string) name - path: (kim_string) path -{ - NSDictionary *info = [[NSDictionary alloc] initWithObjectsAndKeys: - [NSNumber numberWithInteger:client_port], @"client_port", - [NSNumber numberWithInteger:reply_port], @"reply_port", - [NSString stringWithUTF8String:name], @"name", - [NSString stringWithUTF8String:path], @"path", - nil]; - [[NSApp delegate] performSelectorOnMainThread:@selector(addClient:) - withObject:info - waitUntilDone:NO]; -} - -+ (void) didAddClient: (NSDictionary *) info - error: (kim_error) error -{ - kim_error err = KIM_NO_ERROR; - mach_port_t reply_port = [[info objectForKey:@"reply_port"] integerValue]; - err = kim_handle_reply_init(reply_port, error); -} - -+ (void) enterIdentityWithClientPort: (mach_port_t) client_port - replyPort: (mach_port_t) reply_port - options: (kim_options) options -{ - NSDictionary *info = [[NSDictionary alloc] initWithObjectsAndKeys: - [NSNumber numberWithInteger:client_port], @"client_port", - [NSNumber numberWithInteger:reply_port], @"reply_port", - [KIMUtilities dictionaryForKimOptions:options], @"options", - nil]; - [[NSApp delegate] performSelectorOnMainThread:@selector(enterIdentity:) - withObject:info - waitUntilDone:NO]; -} - -// contains reply_port, identity_string -+ (void) didEnterIdentity: (NSDictionary *) info - error: (kim_error) error -{ - kim_error err = KIM_NO_ERROR; - mach_port_t reply_port = [[info objectForKey:@"reply_port"] integerValue]; - NSString *identityString = [info objectForKey:@"identity_string"]; - kim_identity identity = NULL; - kim_options options = NULL; - BOOL wants_change_password = [[info objectForKey:@"wants_change_password"] boolValue]; - - if (identityString) { - err = kim_identity_create_from_string (&identity, [identityString UTF8String]); - } - - if (!err) { - options = [KIMUtilities kimOptionsForDictionary:[info objectForKey:@"options"]]; - - } - - if (!err) { - err = kim_handle_reply_enter_identity(reply_port, identity, options, wants_change_password, error); - } - - kim_options_free (&options); -} - -+ (void) selectIdentityWithClientPort: (mach_port_t) client_port - replyPort: (mach_port_t) reply_port - hints: (kim_selection_hints) hints -{ - NSDictionary *info = nil; - - info = [[NSDictionary alloc] initWithObjectsAndKeys: - [NSNumber numberWithInteger:client_port], @"client_port", - [NSNumber numberWithInteger:reply_port], @"reply_port", - [KIMUtilities dictionaryForKimSelectionHints:hints], @"hints", - nil]; - - [[NSApp delegate] performSelectorOnMainThread:@selector(selectIdentity:) - withObject:info - waitUntilDone:NO]; -} - -// contains reply_port, identity_string -+ (void) didSelectIdentity: (NSDictionary *) info - error: (int32_t) error -{ - kim_error err = KIM_NO_ERROR; - NSNumber *portNumber = [info objectForKey:@"reply_port"]; - NSString *identityString = [info objectForKey:@"identity_string"]; - mach_port_t reply_port = [portNumber integerValue]; - kim_identity identity = NULL; - kim_options options = NULL; - BOOL wants_change_password = [[info objectForKey:@"wants_change_password"] boolValue]; - - if (identityString) { - err = kim_identity_create_from_string(&identity, [identityString UTF8String]); - } - - if (!err) { - options = [KIMUtilities kimOptionsForDictionary:[info objectForKey:@"options"]]; - } - - if (!err) { - err = kim_handle_reply_select_identity(reply_port, identity, options, wants_change_password, error); - } - - kim_options_free (&options); -} - -+ (void) promptForAuthWithClientPort: (mach_port_t) client_port - replyPort: (mach_port_t) reply_port - identity: (kim_string) identity_string - promptType: (uint32_t) prompt_type - allowSave: (kim_boolean) allow_save - hideReply: (kim_boolean) hide_reply - title: (kim_string) title - message: (kim_string) message - description: (kim_string) description -{ - NSDictionary *info = [[NSDictionary alloc] initWithObjectsAndKeys: - [NSNumber numberWithInteger:client_port], @"client_port", - [NSNumber numberWithInteger:reply_port], @"reply_port", - [NSString stringWithUTF8String:identity_string], @"identity_string", - [NSNumber numberWithUnsignedInt:prompt_type], @"prompt_type", - [NSNumber numberWithBool:allow_save], @"allow_save", - [NSNumber numberWithBool:hide_reply], @"hide_reply", - [NSString stringWithUTF8String:title], @"title", - [NSString stringWithUTF8String:message], @"message", - [NSString stringWithUTF8String:description], @"description", - nil]; - [[NSApp delegate] performSelectorOnMainThread:@selector(promptForAuth:) - withObject:info - waitUntilDone:NO]; -} - -// contains reply_port, (string) prompt_response -+ (void) didPromptForAuth: (NSDictionary *) info - error: (int32_t) error -{ - kim_error err = KIM_NO_ERROR; - mach_port_t reply_port = [[info objectForKey:@"reply_port"] integerValue]; - kim_string prompt_response = [[info objectForKey:@"prompt_response"] UTF8String]; - kim_boolean save_response = [[info objectForKey:@"save_response"] boolValue]; - - err = kim_handle_reply_auth_prompt(reply_port, prompt_response, save_response, error); -} - -+ (void) changePasswordWithClientPort: (mach_port_t) client_port - replyPort: (mach_port_t) reply_port - identity: (kim_string) identity_string - expired: (kim_boolean) expired -{ - NSDictionary *info = [[NSDictionary alloc] initWithObjectsAndKeys: - [NSNumber numberWithInteger:client_port], @"client_port", - [NSNumber numberWithInteger:reply_port], @"reply_port", - [NSString stringWithUTF8String:identity_string], @"identity_string", - [NSNumber numberWithBool:expired], @"expired", - nil]; - [[NSApp delegate] performSelectorOnMainThread:@selector(changePassword:) - withObject:info - waitUntilDone:NO]; -} - -// contains reply_port, old password, new password, verify password -+ (void) didChangePassword: (NSDictionary *) info - error: (int32_t) error -{ - kim_error err = KIM_NO_ERROR; - mach_port_t reply_port = [[info objectForKey:@"reply_port"] integerValue]; - kim_string old_pw = [[info objectForKey:@"old_password"] UTF8String]; - kim_string new_pw = [[info objectForKey:@"new_password"] UTF8String]; - kim_string verify_pw = [[info objectForKey:@"verify_password"] UTF8String]; - - err = kim_handle_reply_change_password(reply_port, old_pw, new_pw, verify_pw, error); -} - -+ (void) handleErrorWithClientPort: (mach_port_t) client_port - replyPort: (mach_port_t) reply_port - identity: (kim_string) identity_string - error: (kim_error) error - message: (kim_string) message - description: (kim_string) description -{ - NSDictionary *info = [[NSDictionary alloc] initWithObjectsAndKeys: - [NSNumber numberWithInteger:client_port], @"client_port", - [NSNumber numberWithInteger:reply_port], @"reply_port", - [NSString stringWithUTF8String:identity_string], @"identity_string", - [NSNumber numberWithUnsignedInt:error], @"error", - [NSString stringWithUTF8String:message], @"message", - [NSString stringWithUTF8String:description], @"description", - nil]; - [[NSApp delegate] performSelectorOnMainThread:@selector(handleError:) - withObject:info - waitUntilDone:NO]; - -} - -// contains reply_port -+ (void) didHandleError: (NSDictionary *) info - error: (int32_t) error -{ - kim_error err = KIM_NO_ERROR; - mach_port_t reply_port = [[info objectForKey:@"reply_port"] integerValue]; - - err = kim_handle_reply_handle_error(reply_port, error); -} - -+ (void) removeClientMatchingPort: (mach_port_t) client_port - replyPort: (mach_port_t) reply_port -{ - NSDictionary *info = [[NSDictionary alloc] initWithObjectsAndKeys: - [NSNumber numberWithInteger:client_port], @"client_port", - [NSNumber numberWithInteger:reply_port], @"reply_port", - nil]; - [[NSApp delegate] performSelectorOnMainThread:@selector(removeClient:) - withObject:info - waitUntilDone:NO]; -} - -// contains reply_port -+ (void) didRemoveClient: (NSDictionary *)info - error: (int32_t) error -{ - kim_error err = KIM_NO_ERROR; - mach_port_t reply_port = [[info objectForKey:@"reply_port"] integerValue]; - if (reply_port) { - err = kim_handle_reply_fini(reply_port, error); - } -} - -@end diff --git a/src/kim/agent/mac/KerberosAgentPrefix.pch b/src/kim/agent/mac/KerberosAgentPrefix.pch deleted file mode 100644 index d919a4f0b..000000000 --- a/src/kim/agent/mac/KerberosAgentPrefix.pch +++ /dev/null @@ -1,19 +0,0 @@ -#ifdef __OBJC__ -#import <Cocoa/Cocoa.h> - -#define CacheCollectionDidChangeNotification @"CacheCollectionDidChange" -#endif - -#include <Kerberos/Kerberos.h> -#include <Kerberos/KerberosLoginPrivate.h> -#include <Kerberos/kim.h> -#include <Kerberos/KerberosDebug.h> -#include <nameser.h> -#include <netinet/in.h> -#include <sys/socket.h> -#include <sys/types.h> -#include <sys/wait.h> -#include <arpa/inet.h> -#include <stdio.h> -#include <stdlib.h> -#include <unistd.h> diff --git a/src/kim/agent/mac/KerberosFormatters.h b/src/kim/agent/mac/KerberosFormatters.h deleted file mode 100644 index 7dd28b7ab..000000000 --- a/src/kim/agent/mac/KerberosFormatters.h +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#import <Cocoa/Cocoa.h> - - -@interface KerberosTimeFormatter : NSFormatter { - BOOL displaySeconds; - BOOL displayShortFormat; -} - -@property BOOL displaySeconds; -@property BOOL displayShortFormat; - -- (NSString *)stringForObjectValue:(id)anObject; - -- (NSAttributedString *)attributedStringForObjectValue:(id)anObject - withDefaultAttributes:(NSDictionary *)attributes; - -- (NSString *) stringForLifetime: (time_t) lifetime; - -@end - -@interface KerberosFavoriteFormatter : NSFormatter { - -} - -- (NSString *)stringForObjectValue:(id)anObject; - -- (NSAttributedString *)attributedStringForObjectValue:(id)anObject - withDefaultAttributes:(NSDictionary *)attributes; -@end diff --git a/src/kim/agent/mac/KerberosFormatters.m b/src/kim/agent/mac/KerberosFormatters.m deleted file mode 100644 index dc4092140..000000000 --- a/src/kim/agent/mac/KerberosFormatters.m +++ /dev/null @@ -1,174 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#import "KerberosFormatters.h" - -@implementation KerberosTimeFormatter - -@synthesize displaySeconds; -@synthesize displayShortFormat; - -- (id) init -{ - self = [super init]; - if (self != nil) { - // default to --:-- style - self.displaySeconds = NO; - self.displayShortFormat = YES; - } - return self; -} - -/* - * For display of Kerberos expiration times. - * Converts an NSDate into an NSString like "09:53" for 9 hours and 53 minutes - * in the future. Returns @"Expired" if expiration date is before now. - */ -- (NSString *)stringForObjectValue:(id)anObject -{ - NSString *result = nil; - - if (anObject) { - if ([anObject respondsToSelector:@selector(timeIntervalSinceNow)]) { - result = [self stringForLifetime:(time_t)[(NSDate *)anObject timeIntervalSinceNow]]; - } - else if ([anObject respondsToSelector:@selector(unsignedIntegerValue)]) { - result = [self stringForLifetime:(time_t)[(NSNumber *)anObject unsignedIntegerValue]]; - } - } - - return result; -} - -- (NSAttributedString *)attributedStringForObjectValue:(id)anObject - withDefaultAttributes:(NSDictionary *)attributes -{ - return [[[NSAttributedString alloc] initWithString:[self stringForObjectValue:anObject] - attributes:attributes] autorelease]; -} - -- (NSString *) stringForLifetime: (time_t) lifetime -{ - NSMutableString *string = [NSMutableString string]; - NSString *separatorKey = (self.displayShortFormat) ? @"LifetimeStringSeparatorShortFormat" : - @"LifetimeStringSeparatorLongFormat"; - NSString *separator = NSLocalizedStringFromTable (separatorKey, @"KerberosFormatters", NULL); - NSString *key = NULL; - - // Break the lifetime up into time units - time_t days = (lifetime / 86400); - time_t hours = (lifetime / 3600 % 24); - time_t minutes = (lifetime / 60 % 60); - time_t seconds = (lifetime % 60); - - if (lifetime > 0) { - // If we aren't going to display seconds, round up - if (!self.displaySeconds) { - if (seconds > 0) { seconds = 0; minutes++; } - if (minutes > 59) { minutes = 0; hours++; } - if (hours > 23) { hours = 0; days++; } - } - - if (days > 0 && !self.displayShortFormat) { - if (self.displayShortFormat) { - key = (days > 1) ? @"LifetimeStringDaysShortFormat" : @"LifetimeStringDayShortFormat"; - } else { - key = (days > 1) ? @"LifetimeStringDaysLongFormat" : @"LifetimeStringDayLongFormat"; - } - [string appendFormat: NSLocalizedStringFromTable (key, @"KerberosFormatters", NULL), days]; - } - - if ((hours > 0) || self.displayShortFormat) { - if (self.displayShortFormat) { - key = (hours > 1) ? @"LifetimeStringHoursShortFormat" : @"LifetimeStringHourShortFormat"; - hours += days * 24; - days = 0; - } else { - key = (hours > 1) ? @"LifetimeStringHoursLongFormat" : @"LifetimeStringHourLongFormat"; - } - if ([string length] > 0) { [string appendString: separator]; } - [string appendFormat: NSLocalizedStringFromTable (key, @"KerberosFormatters", NULL), hours]; - } - - if ((minutes > 0) || self.displayShortFormat) { - if (self.displayShortFormat) { - key = (minutes > 1) ? @"LifetimeStringMinutesShortFormat" : @"LifetimeStringMinuteShortFormat"; - } else { - key = (minutes > 1) ? @"LifetimeStringMinutesLongFormat" : @"LifetimeStringMinuteLongFormat"; - } - if ([string length] > 0) { [string appendString: separator]; } - [string appendFormat: NSLocalizedStringFromTable (key, @"KerberosFormatters", NULL), minutes]; - } - - if (self.displaySeconds && ((seconds > 0) || self.displayShortFormat)) { - if (self.displayShortFormat) { - key = (seconds > 1) ? @"LifetimeStringSecondsShortFormat" : @"LifetimeStringSecondShortFormat"; - } else { - key = (seconds > 1) ? @"LifetimeStringSecondsLongFormat" : @"LifetimeStringSecondLongFormat"; - } - if ([string length] > 0) { [string appendString: separator]; } - [string appendFormat: NSLocalizedStringFromTable (key, @"KerberosFormatters", NULL), seconds]; - } - } else { - key = @"LifetimeStringExpired"; - [string appendString: NSLocalizedStringFromTable (key, @"KerberosFormatters", NULL)]; - } - - // Return an NSString (non-mutable) from our mutable temporary - return [NSString stringWithString: string]; -} - -@end - -@implementation KerberosFavoriteFormatter - -/* - * For displaying favorite status of KIM identities. - * Converts an NSNumber containing a boolean value into an NSString. - * If true, returns a heart character, /u2665. - * If false, returns empty string @"". - */ -- (NSString *)stringForObjectValue:(id)anObject -{ - NSString *key = nil; - if (anObject == nil || - ![anObject respondsToSelector:@selector(boolValue)] || - ([(NSNumber *)anObject boolValue] == FALSE)) { - key = @"FavoriteStringNotFavorite"; - } - else { - key = @"FavoriteStringIsFavorite"; - } - - return NSLocalizedStringFromTable (key, @"KerberosFormatters", NULL); -} - -- (NSAttributedString *)attributedStringForObjectValue:(id)anObject - withDefaultAttributes:(NSDictionary *)attributes -{ - return [[[NSAttributedString alloc] initWithString:[self stringForObjectValue:anObject] - attributes:attributes] autorelease]; -} - -@end diff --git a/src/kim/agent/mac/PopupButton.h b/src/kim/agent/mac/PopupButton.h deleted file mode 100644 index 823ecb26e..000000000 --- a/src/kim/agent/mac/PopupButton.h +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#import <Cocoa/Cocoa.h> - - -@interface PopupButton : NSButton { - -} - -- (void) mouseDown: (NSEvent *) event; - -@end diff --git a/src/kim/agent/mac/PopupButton.m b/src/kim/agent/mac/PopupButton.m deleted file mode 100644 index d264c041b..000000000 --- a/src/kim/agent/mac/PopupButton.m +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#import "PopupButton.h" - - -@implementation PopupButton - -// --------------------------------------------------------------------------- - -- (void) mouseDown: (NSEvent *) event -{ - if([self isEnabled] && ([self menu] != NULL)) { - NSEvent *menuEvent = NULL; - NSPoint menuPoint = { 3, [self frame].size.height + 1 }; - - [self highlight: YES]; - - menuEvent = [NSEvent mouseEventWithType: [event type] - location: [self convertPoint: menuPoint toView: NULL] - modifierFlags: [event modifierFlags] - timestamp: [event timestamp] - windowNumber: [[event window] windowNumber] - context: [event context] - eventNumber: [event eventNumber] - clickCount: [event clickCount] - pressure: [event pressure]]; - - [NSMenu popUpContextMenu: [self menu] withEvent: menuEvent forView: self]; - - [self highlight: NO]; - } else { - [super mouseDown: event]; - } -} - -@end diff --git a/src/kim/agent/mac/SelectIdentityController.h b/src/kim/agent/mac/SelectIdentityController.h deleted file mode 100644 index b5f0bceb2..000000000 --- a/src/kim/agent/mac/SelectIdentityController.h +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#import <Cocoa/Cocoa.h> -#import "BadgedImageView.h" -#import "Identities.h" - -@class IPCClient; -@class KerberosTimeFormatter; - -@interface SelectIdentityController : NSWindowController { - IPCClient *associatedClient; - - IBOutlet KerberosTimeFormatter *shortTimeFormatter; - IBOutlet KerberosTimeFormatter *longTimeFormatter; - - IBOutlet NSObjectController *identitiesController; - IBOutlet NSArrayController *identityArrayController; - - IBOutlet BadgedImageView *kerberosIconImageView; - IBOutlet NSTextField *headerTextField; - IBOutlet NSTextField *explanationTextField; - - IBOutlet NSScrollView *identityTableScrollView; - IBOutlet NSTableView *identityTableView; - IBOutlet NSButton *addIdentityButton; - IBOutlet NSPopUpButton *actionPopupButton; - IBOutlet NSButton *selectIdentityButton; - IBOutlet NSButton *cancelButton; - - Identities *identities; - NSTimer *refreshTimer; - - IBOutlet NSObjectController *glueController; - - IBOutlet NSWindow *ticketOptionsWindow; - IBOutlet NSObjectController *identityOptionsController; - IBOutlet NSTextField *identityField; - IBOutlet NSTextField *staticIdentityField; - - IBOutlet NSSlider *validLifetimeSlider; - IBOutlet NSSlider *renewableLifetimeSlider; - - IBOutlet NSBox *ticketOptionsBox; - IBOutlet NSButton *ticketOptionsOkButton; - IBOutlet NSButton *ticketOptionsToggleButton; - CGFloat optionsBoxHeight; -} - -@property (readwrite, retain) IPCClient *associatedClient; - -- (void) setContent: (NSMutableDictionary *) newContent; - -- (IBAction) newIdentity: (id) sender; -- (IBAction) addToFavorites: (id) sender; -- (IBAction) removeFromFavorites: (id) sender; - -- (IBAction) editOptions: (id) sender; -- (IBAction) cancelOptions: (id) sender; -- (IBAction) doneOptions: (id) sender; - -- (IBAction) changePassword: (id) sender; - -- (IBAction) select: (id) sender; -- (IBAction) cancel: (id) sender; - -- (IBAction) checkboxDidChange: (id) sender; -- (IBAction) sliderDidChange: (id) sender; - -- (void) showOptions: (NSString *) contextInfo; -- (void) didEndSheet: (NSWindow *) sheet returnCode: (int) returnCode contextInfo: (void *) contextInfo; -- (void) saveOptions; -- (IBAction) toggleOptionsVisibility: (id) sender; - -- (void) timedRefresh:(NSTimer *)timer; - -@end diff --git a/src/kim/agent/mac/SelectIdentityController.m b/src/kim/agent/mac/SelectIdentityController.m deleted file mode 100644 index 757848ab1..000000000 --- a/src/kim/agent/mac/SelectIdentityController.m +++ /dev/null @@ -1,410 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#import "SelectIdentityController.h" -#import "IPCClient.h" -#import "KerberosFormatters.h" - -@implementation SelectIdentityController - -@synthesize associatedClient; - -// --------------------------------------------------------------------------- - -- (id) init -{ - return [self initWithWindowNibName: @"SelectIdentity"]; -} - -// --------------------------------------------------------------------------- - -- (void) dealloc -{ - [identityOptionsController removeObserver:self forKeyPath:identity_string_keypath]; - [refreshTimer release]; - [identities release]; - [super dealloc]; -} - -// --------------------------------------------------------------------------- - -- (void) awakeFromNib -{ - NSString *key = nil; - NSString *message = nil; - - [[self window] center]; - [[self window] setLevel:NSModalPanelWindowLevel]; - - longTimeFormatter.displaySeconds = NO; - longTimeFormatter.displayShortFormat = NO; - - [identityTableView setDoubleAction:@selector(select:)]; - identities = [[Identities alloc] init]; - [identitiesController setContent:identities]; - refreshTimer = [NSTimer scheduledTimerWithTimeInterval:60.0 target:self selector:@selector(timedRefresh:) userInfo:nil repeats:true]; - - [kerberosIconImageView setBadgePath:associatedClient.path]; - - if ([associatedClient.name isEqualToString:[[NSBundle mainBundle] bundlePath]]) { - key = @"SelectIdentityRequest"; - message = NSLocalizedStringFromTable(key, @"SelectIdentity", NULL); - } - else { - key = @"SelectIdentityApplicationRequest"; - message = [NSString stringWithFormat: - NSLocalizedStringFromTable(key, @"SelectIdentity", NULL), - associatedClient.name]; - } - [headerTextField setStringValue:message]; - - optionsBoxHeight = [ticketOptionsBox frame].size.height + [ticketOptionsBox frame].origin.y - [ticketOptionsToggleButton frame].origin.y - [ticketOptionsToggleButton frame].size.height; - [self toggleOptionsVisibility:nil]; - - [identityOptionsController addObserver:self - forKeyPath:identity_string_keypath - options:NSKeyValueObservingOptionNew - context:NULL]; -} - -- (void) observeValueForKeyPath:(NSString *) keyPath ofObject: (id) object change: (NSDictionary *) change context:(void *) context -{ - if (object == identityOptionsController && [keyPath isEqualToString:identity_string_keypath]) { - BOOL enabled = [KIMUtilities validateIdentity:[identityOptionsController valueForKeyPath:identity_string_keypath]]; - [identityOptionsController setValue:[NSNumber numberWithBool:enabled] - forKeyPath:@"content.canClickOK"]; - } - else { - [super observeValueForKeyPath:keyPath ofObject:object change:change context:context]; - } -} - -// --------------------------------------------------------------------------- - -- (NSRect) windowWillUseStandardFrame: (NSWindow *) window defaultFrame: (NSRect) defaultFrame -{ - NSRect newFrame = [window frame]; - CGFloat oldHeight = [[identityTableScrollView contentView] frame].size.height; - CGFloat newHeight = [identityTableView numberOfRows] * - ([identityTableView rowHeight] + [identityTableView intercellSpacing].height); - CGFloat yDelta = newHeight - oldHeight; - - newFrame.origin.y -= yDelta; - newFrame.size.height += yDelta; - - return newFrame; -} - -// --------------------------------------------------------------------------- - -- (void) setContent: (NSMutableDictionary *) newContent -{ - [self window]; // wake up the nib connections - [glueController setContent:newContent]; -} - -// --------------------------------------------------------------------------- - -- (IBAction) newIdentity: (id) sender -{ - identityOptionsController.content = [[[glueController valueForKeyPath:@"content.hints.options"] - mutableCopy] autorelease]; - - [self showOptions:@"new"]; -} - -// --------------------------------------------------------------------------- - -- (IBAction) addToFavorites: (id) sender -{ - Identity *anIdentity = [identityArrayController.selectedObjects lastObject]; - identityOptionsController.content = nil; - - anIdentity.favorite = TRUE; - - [self saveOptions]; -} - -// --------------------------------------------------------------------------- - -- (IBAction) removeFromFavorites: (id) sender -{ - Identity *anIdentity = [identityArrayController.selectedObjects lastObject]; - identityOptionsController.content = nil; - - anIdentity.favorite = FALSE; - - [self saveOptions]; -} - -// --------------------------------------------------------------------------- - -- (IBAction) changePassword: (id) sender -{ - Identity *selectedIdentity = nil; - - // ignore double-click on header - if ([sender respondsToSelector:@selector(clickedRow)] && [sender clickedRow] < 0) { - return; - } - selectedIdentity = [[identityArrayController selectedObjects] lastObject]; - - [associatedClient didSelectIdentity: selectedIdentity.identity - options: [identityOptionsController valueForKeyPath:@"content.options"] - wantsChangePassword: YES]; -} - -// --------------------------------------------------------------------------- - -- (IBAction) select: (id) sender -{ - Identity *selectedIdentity = nil; - - // ignore double-click on header - if ([sender respondsToSelector:@selector(clickedRow)] && [sender clickedRow] < 0) { - return; - } - selectedIdentity = [[identityArrayController selectedObjects] lastObject]; - - [associatedClient didSelectIdentity: selectedIdentity.identity - options: [identityOptionsController content] - wantsChangePassword: NO]; -} - -// --------------------------------------------------------------------------- - -- (IBAction) cancel: (id) sender -{ - [associatedClient didCancel]; -} - -// --------------------------------------------------------------------------- - -- (IBAction) editOptions: (id) sender -{ - Identity *anIdentity = [identityArrayController.selectedObjects lastObject]; - anIdentity.favorite = TRUE; - - [identityOptionsController setContent:anIdentity.options]; - - [self showOptions:@"edit"]; -} - -// --------------------------------------------------------------------------- - -- (IBAction) cancelOptions: (id) sender -{ - identityOptionsController.content = nil; - [NSApp endSheet:ticketOptionsWindow returnCode:NSUserCancelledError]; - - // dump changed settings - [identities reload]; -} - -// --------------------------------------------------------------------------- - -- (IBAction) doneOptions: (id) sender -{ -// Identity *anIdentity = identityOptionsController.content; - - - [NSApp endSheet: ticketOptionsWindow]; -} - -// --------------------------------------------------------------------------- - -- (IBAction) checkboxDidChange: (id) sender -{ - if ([[identityOptionsController valueForKeyPath:uses_default_options_keypath] boolValue]) { - // merge defaults onto current options - NSMutableDictionary *currentOptions = [identityOptionsController content]; - NSDictionary *defaultOptions = [KIMUtilities dictionaryForKimOptions:NULL]; - NSLog(@"using default ticket options"); - [currentOptions addEntriesFromDictionary:defaultOptions]; - // update the sliders, since their values aren't bound - [validLifetimeSlider setDoubleValue:[[identityOptionsController valueForKeyPath:valid_lifetime_keypath] doubleValue]]; - [renewableLifetimeSlider setDoubleValue:[[identityOptionsController valueForKeyPath:renewal_lifetime_keypath] doubleValue]]; - } -} - -// --------------------------------------------------------------------------- - -- (IBAction) sliderDidChange: (id) sender -{ - NSInteger increment = 0; - NSInteger newValue = 0; - NSString *keyPath = nil; - if ([sender isEqual:validLifetimeSlider]) { - increment = VALID_LIFETIME_INCREMENT; - keyPath = valid_lifetime_keypath; - } - else if ([sender isEqual:renewableLifetimeSlider]) { - increment = RENEWABLE_LIFETIME_INCREMENT; - keyPath = renewal_lifetime_keypath; - } - if (increment > 0) { - newValue = ([sender integerValue] / increment) * increment; - [identityOptionsController setValue:[NSNumber numberWithInteger: - (newValue < increment) ? increment : newValue] - forKeyPath:keyPath]; - } -} - -// --------------------------------------------------------------------------- - -- (void) showOptions: (NSString *) contextInfo -{ - Identity *anIdentity = [[identityArrayController selectedObjects] lastObject]; - BOOL isIdentityNameNotEditable = (!anIdentity.hasCCache || [contextInfo isEqualToString:@"new"]); - NSString *identityString = ([contextInfo isEqualToString:@"new"]) ? @"" : anIdentity.identity; - - [identityOptionsController setValue:identityString - forKeyPath:identity_string_keypath]; - [identityOptionsController setValue:[NSNumber numberWithInteger:[KIMUtilities minValidLifetime]] - forKeyPath:min_valid_keypath]; - [identityOptionsController setValue:[NSNumber numberWithInteger:[KIMUtilities maxValidLifetime]] - forKeyPath:max_valid_keypath]; - [identityOptionsController setValue:[NSNumber numberWithInteger:[KIMUtilities minRenewableLifetime]] - forKeyPath:min_renewable_keypath]; - [identityOptionsController setValue:[NSNumber numberWithInteger:[KIMUtilities maxRenewableLifetime]] - forKeyPath:max_renewable_keypath]; - [identityOptionsController setValue:[NSNumber numberWithBool:!isIdentityNameNotEditable] - forKeyPath:@"content.hasCCache"]; - - [validLifetimeSlider setIntegerValue: - [[identityOptionsController valueForKeyPath:valid_lifetime_keypath] integerValue]]; - [renewableLifetimeSlider setIntegerValue: - [[identityOptionsController valueForKeyPath:renewal_lifetime_keypath] integerValue]]; - [self sliderDidChange:validLifetimeSlider]; - [self sliderDidChange:renewableLifetimeSlider]; - - [NSApp beginSheet: ticketOptionsWindow - modalForWindow: [self window] - modalDelegate: self - didEndSelector: @selector(didEndSheet:returnCode:contextInfo:) - contextInfo: contextInfo]; -} - -// --------------------------------------------------------------------------- - -- (void) didEndSheet: (NSWindow *) sheet returnCode: (int) returnCode contextInfo: (void *) contextInfo -{ - kim_error err = KIM_NO_ERROR; - if (returnCode != NSUserCancelledError) { - if ([(NSString *)contextInfo isEqualToString:@"new"]) { - Identity *newIdentity = [[Identity alloc] - initWithIdentity:[identityOptionsController valueForKeyPath:identity_string_keypath] - options:identityOptionsController.content]; - newIdentity.favorite = YES; - - err = [identities addIdentity:newIdentity]; - - if (err) { - NSLog(@"%s received error %@ trying to add identity %@", _cmd, [KIMUtilities stringForLastKIMError:err], [newIdentity description]); - } - [newIdentity release]; - [self saveOptions]; - - } - else if ([(NSString *)contextInfo isEqualToString:@"edit"]) { - Identity *editedIdentity = [[identityArrayController selectedObjects] lastObject]; - editedIdentity.favorite = YES; - editedIdentity.identity = [identityOptionsController valueForKeyPath:identity_string_keypath]; - editedIdentity.options = identityOptionsController.content; - - [self saveOptions]; - - } - } else { - [identityOptionsController setContent:nil]; - } - [sheet orderOut:self]; - -} - -// --------------------------------------------------------------------------- - -- (void) saveOptions -{ - // attempt to preserve the selection - Identity *anIdentity = [[identityArrayController selectedObjects] lastObject]; - NSUInteger a, b, c; - - a = [identityArrayController.content indexOfObject: anIdentity]; - b = NSNotFound; - - [identities synchronizePreferences]; - - /* - * select same object as before if it's still in the array - * if not, select same index as before or end of array, whichever is less - */ - - b = [identityArrayController.content indexOfObject:anIdentity]; - c = [identityArrayController.content count] - 1; - - - [identityArrayController setSelectionIndex: (b == NSNotFound) ? (a > c) ? c : a : b]; -} - -// --------------------------------------------------------------------------- - -- (IBAction) toggleOptionsVisibility: (id) sender -{ - NSRect newFrame = [NSWindow contentRectForFrameRect:[ticketOptionsWindow frame] styleMask:[ticketOptionsWindow styleMask]]; - CGFloat newHeight; - - if ([ticketOptionsBox isHidden]) { - newHeight = newFrame.size.height + optionsBoxHeight; - newFrame.origin.y += newFrame.size.height; - newFrame.origin.y -= newHeight; - newFrame.size.height = newHeight; - newFrame = [NSWindow frameRectForContentRect:newFrame styleMask:[ticketOptionsWindow styleMask]]; - - [ticketOptionsWindow setFrame:newFrame display:YES animate:YES]; - [ticketOptionsBox setHidden:NO]; - [sender setTitle:NSLocalizedStringFromTable(@"SelectIdentityHideOptions", @"SelectIdentity", NULL)]; - } - else { - newHeight = newFrame.size.height - optionsBoxHeight; - newFrame.origin.y += newFrame.size.height; - newFrame.origin.y -= newHeight; - newFrame.size.height = newHeight; - newFrame = [NSWindow frameRectForContentRect:newFrame styleMask:[ticketOptionsWindow styleMask]]; - - [ticketOptionsBox setHidden:YES]; - [ticketOptionsWindow setFrame:newFrame display:YES animate:YES]; - [sender setTitle:NSLocalizedStringFromTable(@"SelectIdentityShowOptions", @"SelectIdentity", NULL)]; - } -} - -// --------------------------------------------------------------------------- - -- (void) timedRefresh:(NSTimer *)timer -{ - // refetch data to update expiration times - [identityArrayController rearrangeObjects]; -} - -@end diff --git a/src/kim/agent/mac/ServerDemux.h b/src/kim/agent/mac/ServerDemux.h deleted file mode 100644 index b454376ca..000000000 --- a/src/kim/agent/mac/ServerDemux.h +++ /dev/null @@ -1,63 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#import "k5_mig_requestServer.h" -#import "k5_mig_reply.h" -#import "k5-ipc_stream.h" -#import "k5_mig_server.h" - - -int32_t kim_agent_listen_loop (void); - -int32_t kim_handle_reply_init (mach_port_t in_reply_port, - int32_t in_error); - -int32_t kim_handle_reply_enter_identity (mach_port_t in_reply_port, - kim_identity in_identity, - kim_options in_options, - kim_boolean in_change_password, - int32_t in_error); - -int32_t kim_handle_reply_select_identity (mach_port_t in_reply_port, - kim_identity in_identity, - kim_options in_options, - kim_boolean in_change_password, - int32_t in_error); - -int32_t kim_handle_reply_auth_prompt (mach_port_t in_reply_port, - kim_string in_prompt_response, - kim_boolean in_allow_save_response, - int32_t in_error); - -int32_t kim_handle_reply_change_password (mach_port_t in_reply_port, - kim_string in_old_password, - kim_string in_new_password, - kim_string in_vfy_password, - int32_t in_error); - -int32_t kim_handle_reply_handle_error (mach_port_t in_reply_port, - int32_t in_error); - -int32_t kim_handle_reply_fini (mach_port_t in_reply_port, - int32_t in_error); diff --git a/src/kim/agent/mac/ServerDemux.m b/src/kim/agent/mac/ServerDemux.m deleted file mode 100644 index 25e321d1b..000000000 --- a/src/kim/agent/mac/ServerDemux.m +++ /dev/null @@ -1,668 +0,0 @@ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#import "ServerDemux.h" -#import "kim_selection_hints_private.h" -#import "kim_options_private.h" -#import "KerberosAgentListener.h" -#import "KIMUtilities.h" - -// --------------------------------------------------------------------------- - -static kim_boolean caller_is_front_process (pid_t in_pid, - NSString *in_path) -{ - kim_error err = KIM_NO_ERROR; - kim_boolean is_front_process = FALSE; - NSNumber *active_pid = NULL; - - NSBundle *bundle = [NSBundle bundleWithPath: in_path]; - if (bundle) { - NSString *identifier = [bundle bundleIdentifier]; - if (identifier && - ([identifier compare: @"edu.mit.Kerberos.KerberosMenu"] == NSOrderedSame || - [identifier compare: @"com.apple.systemuiserver"] == NSOrderedSame)) { - return TRUE; - } - } - - if (!err) { - NSDictionary *activeApplication = [[NSWorkspace sharedWorkspace] activeApplication]; - if (activeApplication) { - active_pid = [activeApplication objectForKey: @"NSApplicationProcessIdentifier"]; - } - } - - if (!err && active_pid) { - is_front_process = ([active_pid intValue] == in_pid); - } - - return is_front_process; -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -static int32_t kim_handle_request_init (mach_port_t in_client_port, - mach_port_t in_reply_port, - k5_ipc_stream in_request_stream) -{ - int32_t err = 0; - int32_t pid = 0; - char *name = NULL; - char *path = NULL; - bool isFrontProcess = 0; - - if (!err) { - err = krb5int_ipc_stream_read_int32 (in_request_stream, &pid); - } - - if (!err) { - err = krb5int_ipc_stream_read_string (in_request_stream, &name); - } - - if (!err) { - err = krb5int_ipc_stream_read_string (in_request_stream, &path); - } - - - if (!err) { - isFrontProcess = caller_is_front_process (pid, - [NSString stringWithUTF8String: path]); - } - - if (!err) { - // performs selector on main thread - [KerberosAgentListener addClientWithPort:in_client_port - replyPort:in_reply_port - name:name - path:path]; - } - - krb5int_ipc_stream_free_string (name); - krb5int_ipc_stream_free_string (path); - - return err; -} - -/* ------------------------------------------------------------------------ */ - -int32_t kim_handle_reply_init (mach_port_t in_reply_port, - int32_t in_error) -{ - int32_t err = 0; - k5_ipc_stream reply = NULL; - - if (!err) { - err = krb5int_ipc_stream_new (&reply); - } - - if (!err) { - err = krb5int_ipc_stream_write_int32 (reply, in_error); - } - - if (!err) { - err = k5_ipc_server_send_reply (in_reply_port, reply); - } - - krb5int_ipc_stream_release (reply); - - return err; -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -static int32_t kim_handle_request_enter_identity (mach_port_t in_client_port, - mach_port_t in_reply_port, - k5_ipc_stream in_request_stream) -{ - int32_t err = 0; - kim_options options = NULL; - - if (!err) { - err = kim_options_create_from_stream (&options, in_request_stream); - } - - if (!err) { - // performs selector on main thread - [KerberosAgentListener enterIdentityWithClientPort:in_client_port - replyPort:in_reply_port - options:options]; - } - - return err; -} - -/* ------------------------------------------------------------------------ */ - -int32_t kim_handle_reply_enter_identity (mach_port_t in_reply_port, - kim_identity in_identity, - kim_options in_options, - kim_boolean in_change_password, - int32_t in_error) -{ - int32_t err = 0; - k5_ipc_stream reply = NULL; - kim_string identity_string = NULL; - - if (!err && !in_error) { - err = kim_identity_get_string (in_identity, &identity_string); - } - - if (!err) { - err = krb5int_ipc_stream_new (&reply); - } - - if (!err) { - err = krb5int_ipc_stream_write_int32 (reply, in_error); - } - - if (!err && !in_error) { - err = krb5int_ipc_stream_write_string (reply, identity_string); - } - - if (!err && !in_error) { - err = krb5int_ipc_stream_write_uint32 (reply, in_change_password); - } - - if (!err && !in_error) { - err = kim_options_write_to_stream (in_options, reply); - } - - if (!err) { - err = k5_ipc_server_send_reply (in_reply_port, reply); - } - - kim_string_free (&identity_string); - krb5int_ipc_stream_release (reply); - - return err; -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -static int32_t kim_handle_request_select_identity (mach_port_t in_client_port, - mach_port_t in_reply_port, - k5_ipc_stream in_request_stream) -{ - int32_t err = 0; - kim_selection_hints hints = NULL; - - if (!err) { - err = kim_selection_hints_create_from_stream (&hints, - in_request_stream); - } - - if (!err) { - // performs selector on main thread - [KerberosAgentListener selectIdentityWithClientPort:in_client_port - replyPort:in_reply_port - hints:hints]; - } - - kim_selection_hints_free (&hints); - - return err; -} - -/* ------------------------------------------------------------------------ */ - -int32_t kim_handle_reply_select_identity (mach_port_t in_reply_port, - kim_identity in_identity, - kim_options in_options, - kim_boolean in_change_password, - int32_t in_error) -{ - int32_t err = 0; - k5_ipc_stream reply = NULL; - kim_string identity_string = NULL; - - if (!err && !in_error) { - err = kim_identity_get_string (in_identity, &identity_string); - } - - if (!err) { - err = krb5int_ipc_stream_new (&reply); - } - - if (!err) { - err = krb5int_ipc_stream_write_int32 (reply, in_error); - } - - if (!err && !in_error) { - err = krb5int_ipc_stream_write_string (reply, identity_string); - } - - if (!err && !in_error) { - err = krb5int_ipc_stream_write_uint32 (reply, in_change_password); - } - - if (!err && !in_error) { - err = kim_options_write_to_stream (in_options, reply); - } - - if (!err) { - err = k5_ipc_server_send_reply (in_reply_port, reply); - } - - kim_string_free (&identity_string); - krb5int_ipc_stream_release (reply); - - return err; -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -static int32_t kim_handle_request_auth_prompt (mach_port_t in_client_port, - mach_port_t in_reply_port, - k5_ipc_stream in_request_stream) -{ - int32_t err = 0; - char *identity_string = NULL; - int32_t type = 0; - int32_t allow_save_reply = 0; - int32_t hide_reply = 0; - char *title = NULL; - char *message = NULL; - char *description = NULL; - - if (!err) { - err = krb5int_ipc_stream_read_string (in_request_stream, &identity_string); - } - - if (!err) { - err = krb5int_ipc_stream_read_int32 (in_request_stream, &type); - } - - if (!err) { - err = krb5int_ipc_stream_read_int32 (in_request_stream, &allow_save_reply); - } - - if (!err) { - err = krb5int_ipc_stream_read_int32 (in_request_stream, &hide_reply); - } - - if (!err) { - err = krb5int_ipc_stream_read_string (in_request_stream, &title); - } - - if (!err) { - err = krb5int_ipc_stream_read_string (in_request_stream, &message); - } - - if (!err) { - err = krb5int_ipc_stream_read_string (in_request_stream, &description); - } - - if (!err) { - // performs selector on main thread - [KerberosAgentListener promptForAuthWithClientPort:in_client_port - replyPort:in_reply_port - identity:identity_string - promptType:type - allowSave:allow_save_reply - hideReply:hide_reply - title:title - message:message - description:description]; - } - - krb5int_ipc_stream_free_string (identity_string); - krb5int_ipc_stream_free_string (title); - krb5int_ipc_stream_free_string (message); - krb5int_ipc_stream_free_string (description); - - return err; -} - -/* ------------------------------------------------------------------------ */ - -int32_t kim_handle_reply_auth_prompt (mach_port_t in_reply_port, - kim_string in_prompt_response, - kim_boolean in_allow_save_response, - int32_t in_error) -{ - int32_t err = 0; - k5_ipc_stream reply = NULL; - - if (!err) { - err = krb5int_ipc_stream_new (&reply); - } - - if (!err) { - err = krb5int_ipc_stream_write_int32 (reply, in_error); - } - - if (!err && !in_error) { - err = krb5int_ipc_stream_write_string (reply, in_prompt_response); - } - - if (!err && !in_error) { - err = krb5int_ipc_stream_write_int32 (reply, in_allow_save_response); - } - - if (!err) { - err = k5_ipc_server_send_reply (in_reply_port, reply); - } - - krb5int_ipc_stream_release (reply); - - return err; -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -static int32_t kim_handle_request_change_password (mach_port_t in_client_port, - mach_port_t in_reply_port, - k5_ipc_stream in_request_stream) -{ - int32_t err = 0; - char *identity_string = NULL; - int32_t old_password_expired = 0; - - if (!err) { - err = krb5int_ipc_stream_read_string (in_request_stream, &identity_string); - } - - if (!err) { - err = krb5int_ipc_stream_read_int32 (in_request_stream, - &old_password_expired); - } - - if (!err) { - // performs selector on main thread - [KerberosAgentListener changePasswordWithClientPort:in_client_port - replyPort:in_reply_port - identity:identity_string - expired:old_password_expired]; - } - - krb5int_ipc_stream_free_string (identity_string); - - return err; -} - -/* ------------------------------------------------------------------------ */ - -int32_t kim_handle_reply_change_password (mach_port_t in_reply_port, - kim_string in_old_password, - kim_string in_new_password, - kim_string in_vfy_password, - int32_t in_error) -{ - int32_t err = 0; - k5_ipc_stream reply = NULL; - - if (!err) { - err = krb5int_ipc_stream_new (&reply); - } - - if (!err) { - err = krb5int_ipc_stream_write_int32 (reply, in_error); - } - - if (!err && !in_error) { - err = krb5int_ipc_stream_write_string (reply, in_old_password); - } - - if (!err && !in_error) { - err = krb5int_ipc_stream_write_string (reply, in_new_password); - } - - if (!err && !in_error) { - err = krb5int_ipc_stream_write_string (reply, in_vfy_password); - } - - if (!err) { - err = k5_ipc_server_send_reply (in_reply_port, reply); - } - - krb5int_ipc_stream_release (reply); - - return err; -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -static int32_t kim_handle_request_handle_error (mach_port_t in_client_port, - mach_port_t in_reply_port, - k5_ipc_stream in_request_stream) -{ - int32_t err = 0; - char *identity_string = NULL; - int32_t error = 0; - char *message = NULL; - char *description = NULL; - - if (!err) { - err = krb5int_ipc_stream_read_string (in_request_stream, &identity_string); - /* Can be empty string "" if there is no identity */ - if (!err && !identity_string[0]) { - krb5int_ipc_stream_free_string (identity_string); - identity_string = NULL; - } - } - - if (!err) { - err = krb5int_ipc_stream_read_int32 (in_request_stream, &error); - } - - if (!err) { - err = krb5int_ipc_stream_read_string (in_request_stream, &message); - } - - if (!err) { - err = krb5int_ipc_stream_read_string (in_request_stream, &description); - } - - if (!err) { - // performs selector on main thread - [KerberosAgentListener handleErrorWithClientPort:in_client_port - replyPort:in_reply_port - identity:identity_string - error:error - message:message - description:description]; - } - - krb5int_ipc_stream_free_string (identity_string); - krb5int_ipc_stream_free_string (message); - krb5int_ipc_stream_free_string (description); - - return err; -} - -/* ------------------------------------------------------------------------ */ - -int32_t kim_handle_reply_handle_error (mach_port_t in_reply_port, - int32_t in_error) -{ - int32_t err = 0; - k5_ipc_stream reply = NULL; - - if (!err) { - err = krb5int_ipc_stream_new (&reply); - } - - if (!err) { - err = krb5int_ipc_stream_write_int32 (reply, in_error); - } - - if (!err) { - err = k5_ipc_server_send_reply (in_reply_port, reply); - } - - krb5int_ipc_stream_release (reply); - - return err; -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -static int32_t kim_handle_request_fini (mach_port_t in_client_port, - mach_port_t in_reply_port, - k5_ipc_stream in_request_stream) -{ - int32_t err = 0; - - [KerberosAgentListener removeClientMatchingPort:in_client_port replyPort:in_reply_port]; - - return err; -} - -/* ------------------------------------------------------------------------ */ - -int32_t kim_handle_reply_fini (mach_port_t in_reply_port, - int32_t in_error) -{ - int32_t err = 0; - k5_ipc_stream reply = NULL; - - if (!err) { - err = krb5int_ipc_stream_new (&reply); - } - - if (!err) { - err = krb5int_ipc_stream_write_int32 (reply, in_error); - } - - if (!err) { - err = k5_ipc_server_send_reply (in_reply_port, reply); - } - - krb5int_ipc_stream_release (reply); - - return err; -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -int32_t k5_ipc_server_add_client (mach_port_t in_client_port) -{ - int32_t err = 0; - - if (!err) { - /* Don't need to do anything here since we have an init message */ - } - - return err; -} - -/* ------------------------------------------------------------------------ */ - -int32_t k5_ipc_server_remove_client (mach_port_t in_client_port) -{ - int32_t err = 0; - - if (!err) { - /* Client exited. Main thread should check for windows belonging to - * in_client_port and close any it finds. */ - [KerberosAgentListener removeClientMatchingPort:in_client_port replyPort:0]; - } - - return err; -} - -/* ------------------------------------------------------------------------ */ - -int32_t k5_ipc_server_handle_request (mach_port_t in_client_port, - mach_port_t in_reply_port, - k5_ipc_stream in_request_stream) -{ - int32_t err = 0; - char *message_type = NULL; - - if (!err) { - err = krb5int_ipc_stream_read_string (in_request_stream, &message_type); - } - - if (!err) { - if (!strcmp (message_type, "init")) { - err = kim_handle_request_init (in_client_port, - in_reply_port, - in_request_stream); - - } else if (!strcmp (message_type, "enter_identity")) { - err = kim_handle_request_enter_identity (in_client_port, - in_reply_port, - in_request_stream); - - } else if (!strcmp (message_type, "select_identity")) { - err = kim_handle_request_select_identity (in_client_port, - in_reply_port, - in_request_stream); - - } else if (!strcmp (message_type, "auth_prompt")) { - err = kim_handle_request_auth_prompt (in_client_port, - in_reply_port, - in_request_stream); - - } else if (!strcmp (message_type, "change_password")) { - err = kim_handle_request_change_password (in_client_port, - in_reply_port, - in_request_stream); - - } else if (!strcmp (message_type, "handle_error")) { - err = kim_handle_request_handle_error (in_client_port, - in_reply_port, - in_request_stream); - - } else if (!strcmp (message_type, "fini")) { - err = kim_handle_request_fini (in_client_port, - in_reply_port, - in_request_stream); - - } else { - err = EINVAL; - } - } - - krb5int_ipc_stream_free_string (message_type); - - return err; -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -int32_t kim_agent_listen_loop (void) -{ - return k5_ipc_server_listen_loop (); -} diff --git a/src/kim/agent/mac/edu.mit.Kerberos.KerberosAgent.plist b/src/kim/agent/mac/edu.mit.Kerberos.KerberosAgent.plist deleted file mode 100644 index 5f030ca4c..000000000 --- a/src/kim/agent/mac/edu.mit.Kerberos.KerberosAgent.plist +++ /dev/null @@ -1,28 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> -<plist version="1.0"> -<dict> - <key>Label</key> - <string>edu.mit.Kerberos.KerberosAgent</string> - <key>Program</key> - <string>/System/Library/CoreServices/KerberosAgent.app/Contents/MacOS/KerberosAgent</string> - <key>MachServices</key> - <dict> - <key>edu.mit.Kerberos.KerberosAgent.ipcLookup</key> - <dict> - <key>HideUntilCheckIn</key> - <true/> - <key>ResetAtClose</key> - <true/> - </dict> - <key>edu.mit.Kerberos.KerberosAgent.ipcService</key> - <true/> - </dict> - <key>EnableTransactions</key> - <true/> - <key>ThrottleInterval</key> - <integer>1</integer> - <key>OnDemand</key> - <true/> -</dict> -</plist> diff --git a/src/kim/agent/mac/main.m b/src/kim/agent/mac/main.m deleted file mode 100644 index 1e887a003..000000000 --- a/src/kim/agent/mac/main.m +++ /dev/null @@ -1,6 +0,0 @@ -#import <Cocoa/Cocoa.h> - -int main(int argc, char *argv[]) -{ - return NSApplicationMain(argc, (const char **) argv); -} diff --git a/src/kim/agent/mac/resources/Add.tiff b/src/kim/agent/mac/resources/Add.tiff Binary files differdeleted file mode 100644 index b78b0c2a6..000000000 --- a/src/kim/agent/mac/resources/Add.tiff +++ /dev/null diff --git a/src/kim/agent/mac/resources/Add_Pressed.tiff b/src/kim/agent/mac/resources/Add_Pressed.tiff Binary files differdeleted file mode 100644 index b842e20ca..000000000 --- a/src/kim/agent/mac/resources/Add_Pressed.tiff +++ /dev/null diff --git a/src/kim/agent/mac/resources/English.lproj/Authentication.xib b/src/kim/agent/mac/resources/English.lproj/Authentication.xib deleted file mode 100644 index a58f67049..000000000 --- a/src/kim/agent/mac/resources/English.lproj/Authentication.xib +++ /dev/null @@ -1,3866 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<archive type="com.apple.InterfaceBuilder3.Cocoa.XIB" version="7.02"> - <data> - <int key="IBDocument.SystemTarget">1050</int> - <string key="IBDocument.SystemVersion">9F33</string> - <string key="IBDocument.InterfaceBuilderVersion">672</string> - <string key="IBDocument.AppKitVersion">949.34</string> - <string key="IBDocument.HIToolboxVersion">352.00</string> - <object class="NSMutableArray" key="IBDocument.EditedObjectIDs"> - <bool key="EncodedWithXMLCoder">YES</bool> - <integer value="19"/> - </object> - <object class="NSArray" key="IBDocument.PluginDependencies"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - </object> - <object class="NSMutableArray" key="IBDocument.RootObjects" id="1000842439"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSCustomObject" id="262677138"> - <string key="NSClassName">AuthenticationController</string> - </object> - <object class="NSCustomObject" id="553445653"> - <string key="NSClassName">FirstResponder</string> - </object> - <object class="NSCustomObject" id="714830734"> - <string key="NSClassName">NSApplication</string> - </object> - <object class="NSObjectController" id="57033499"> - <object class="NSMutableArray" key="NSDeclaredKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>username</string> - <string>realm</string> - <string>old_password</string> - <string>new_password</string> - <string>verify_password</string> - <string>title</string> - <string>message</string> - <string>description</string> - <string>allow_save_password</string> - <string>realm_history</string> - <string>should_save_password</string> - <string>isPrincipalValid</string> - <string>prompt_response</string> - <string>isPromptValid</string> - <string>isChangePasswordValid</string> - <string>save_response</string> - <string>allow_save</string> - <string>forwardable</string> - <string>addressless</string> - <string>renewable</string> - <string>valid_lifetime</string> - <string>renewal_lifetime</string> - <string>min_renewal_lifetime</string> - <string>max_renewal_lifetime</string> - <string>max_valid_lifetime</string> - <string>min_valid_lifetime</string> - <string>identity_string</string> - <string>favorite_identity_strings</string> - <string>isBusy</string> - <string>acceptingInput</string> - </object> - <bool key="NSEditable">YES</bool> - <object class="_NSManagedProxy" key="_NSManagedProxy"/> - </object> - <object class="NSObjectController" id="633725892"> - <object class="NSMutableArray" key="NSDeclaredKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>maxValidLifetime</string> - <string>minValidLifetime</string> - <string>validLifetime</string> - <string>valid_lifetime</string> - <string>minRenewableLifetime</string> - <string>maxRenewableLifetime</string> - <string>renewa</string> - <string>renewal_lifetime</string> - <string>usesDefaultTicketOptions</string> - </object> - <bool key="NSEditable">YES</bool> - <object class="_NSManagedProxy" key="_NSManagedProxy"/> - </object> - <object class="NSCustomView" id="92892041"> - <nil key="NSNextResponder"/> - <int key="NSvFlags">274</int> - <object class="NSMutableArray" key="NSSubviews"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSTextField" id="498665267"> - <reference key="NSNextResponder" ref="92892041"/> - <int key="NSvFlags">266</int> - <string key="NSFrame">{{101, 103}, {382, 54}}</string> - <reference key="NSSuperview" ref="92892041"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="645367368"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">272629760</int> - <string key="NSContents">Please enter your Kerberos identity</string> - <object class="NSFont" key="NSSupport" id="604532625"> - <string key="NSName">LucidaGrande</string> - <double key="NSSize">1.300000e+01</double> - <int key="NSfFlags">1044</int> - </object> - <reference key="NSControlView" ref="498665267"/> - <object class="NSColor" key="NSBackgroundColor" id="876444531"> - <int key="NSColorSpace">6</int> - <string key="NSCatalogName">System</string> - <string key="NSColorName">controlColor</string> - <object class="NSColor" key="NSColor" id="31892828"> - <int key="NSColorSpace">3</int> - <bytes key="NSWhite">MC42NjY2NjY2OQA</bytes> - </object> - </object> - <object class="NSColor" key="NSTextColor" id="883746258"> - <int key="NSColorSpace">6</int> - <string key="NSCatalogName">System</string> - <string key="NSColorName">controlTextColor</string> - <object class="NSColor" key="NSColor" id="18538584"> - <int key="NSColorSpace">3</int> - <bytes key="NSWhite">MAA</bytes> - </object> - </object> - </object> - </object> - <object class="NSComboBox" id="529434335"> - <reference key="NSNextResponder" ref="92892041"/> - <int key="NSvFlags">290</int> - <string key="NSFrame">{{104, 59}, {379, 26}}</string> - <reference key="NSSuperview" ref="92892041"/> - <bool key="NSEnabled">YES</bool> - <object class="NSComboBoxCell" key="NSCell" id="100557652"> - <int key="NSCellFlags">343014976</int> - <int key="NSCellFlags2">272630784</int> - <object class="NSMutableString" key="NSContents" id="645290524"> - <characters key="NS.bytes"/> - </object> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="529434335"/> - <bool key="NSDrawsBackground">YES</bool> - <object class="NSColor" key="NSBackgroundColor" id="490771653"> - <int key="NSColorSpace">6</int> - <string key="NSCatalogName">System</string> - <string key="NSColorName">textBackgroundColor</string> - <object class="NSColor" key="NSColor" id="591379363"> - <int key="NSColorSpace">3</int> - <bytes key="NSWhite">MQA</bytes> - </object> - </object> - <reference key="NSTextColor" ref="883746258"/> - <int key="NSVisibleItemCount">5</int> - <bool key="NSHasVerticalScroller">YES</bool> - <bool key="NSCompletes">YES</bool> - <reference key="NSDelegate" ref="529434335"/> - <object class="NSComboTableView" key="NSTableView" id="474321365"> - <reference key="NSNextResponder"/> - <int key="NSvFlags">274</int> - <string key="NSFrameSize">{15, 0}</string> - <reference key="NSSuperview"/> - <reference key="NSWindow"/> - <bool key="NSEnabled">YES</bool> - <object class="NSMutableArray" key="NSTableColumns"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSTableColumn"> - <integer value="0" key="NSIdentifier" id="8"/> - <double key="NSWidth">1.200000e+01</double> - <double key="NSMinWidth">1.000000e+01</double> - <double key="NSMaxWidth">1.000000e+03</double> - <object class="NSTableHeaderCell" key="NSHeaderCell"> - <int key="NSCellFlags">75628032</int> - <int key="NSCellFlags2">0</int> - <reference key="NSContents" ref="645290524"/> - <object class="NSFont" key="NSSupport"> - <string key="NSName">LucidaGrande</string> - <double key="NSSize">1.200000e+01</double> - <int key="NSfFlags">16</int> - </object> - <object class="NSColor" key="NSBackgroundColor"> - <int key="NSColorSpace">3</int> - <bytes key="NSWhite">MC4zMzMzMzI5OQA</bytes> - </object> - <reference key="NSTextColor" ref="591379363"/> - </object> - <object class="NSTextFieldCell" key="NSDataCell"> - <int key="NSCellFlags">338820672</int> - <int key="NSCellFlags2">1024</int> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="474321365"/> - <bool key="NSDrawsBackground">YES</bool> - <object class="NSColor" key="NSBackgroundColor" id="1015612366"> - <int key="NSColorSpace">6</int> - <string key="NSCatalogName">System</string> - <string key="NSColorName">controlBackgroundColor</string> - <reference key="NSColor" ref="31892828"/> - </object> - <reference key="NSTextColor" ref="883746258"/> - </object> - <int key="NSResizingMask">3</int> - <bool key="NSIsResizeable">YES</bool> - <reference key="NSTableView" ref="474321365"/> - </object> - </object> - <double key="NSIntercellSpacingWidth">3.000000e+00</double> - <double key="NSIntercellSpacingHeight">2.000000e+00</double> - <reference key="NSBackgroundColor" ref="1015612366"/> - <object class="NSColor" key="NSGridColor"> - <int key="NSColorSpace">6</int> - <string key="NSCatalogName">System</string> - <string key="NSColorName">gridColor</string> - <object class="NSColor" key="NSColor"> - <int key="NSColorSpace">3</int> - <bytes key="NSWhite">MC41AA</bytes> - </object> - </object> - <double key="NSRowHeight">1.900000e+01</double> - <string key="NSAction">tableViewAction:</string> - <int key="NSTvFlags">-767524864</int> - <reference key="NSDelegate" ref="100557652"/> - <reference key="NSDataSource" ref="100557652"/> - <reference key="NSTarget" ref="100557652"/> - <int key="NSColumnAutoresizingStyle">1</int> - <int key="NSDraggingSourceMaskForLocal">15</int> - <int key="NSDraggingSourceMaskForNonLocal">0</int> - <bool key="NSAllowsTypeSelect">YES</bool> - </object> - </object> - </object> - <object class="NSTextField" id="238778309"> - <reference key="NSNextResponder" ref="92892041"/> - <int key="NSvFlags">292</int> - <string key="NSFrame">{{17, 64}, {82, 17}}</string> - <reference key="NSSuperview" ref="92892041"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="1073582594"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">71303168</int> - <string key="NSContents">Identity:</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="238778309"/> - <reference key="NSBackgroundColor" ref="876444531"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - <object class="NSButton" id="207178735"> - <reference key="NSNextResponder" ref="92892041"/> - <int key="NSvFlags">289</int> - <string key="NSFrame">{{388, 15}, {98, 32}}</string> - <reference key="NSSuperview" ref="92892041"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="563505192"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">134217728</int> - <string key="NSContents">Continue</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="207178735"/> - <int key="NSButtonFlags">-2038284033</int> - <int key="NSButtonFlags2">1</int> - <reference key="NSAlternateImage" ref="604532625"/> - <string key="NSAlternateContents"/> - <string type="base64-UTF8" key="NSKeyEquivalent">DQ</string> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSButton" id="523041784"> - <reference key="NSNextResponder" ref="92892041"/> - <int key="NSvFlags">289</int> - <string key="NSFrame">{{295, 15}, {93, 32}}</string> - <reference key="NSSuperview" ref="92892041"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="927675304"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">134217728</int> - <string key="NSContents">Cancel</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="523041784"/> - <int key="NSButtonFlags">-2038284033</int> - <int key="NSButtonFlags2">1</int> - <reference key="NSAlternateImage" ref="604532625"/> - <string key="NSAlternateContents"/> - <string type="base64-UTF8" key="NSKeyEquivalent">Gw</string> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSCustomView" id="1001544034"> - <reference key="NSNextResponder" ref="92892041"/> - <int key="NSvFlags">268</int> - <string key="NSFrame">{{20, 103}, {64, 64}}</string> - <reference key="NSSuperview" ref="92892041"/> - <string key="NSClassName">BadgedImageView</string> - </object> - <object class="NSPopUpButton" id="1016187493"> - <reference key="NSNextResponder" ref="92892041"/> - <int key="NSvFlags">292</int> - <string key="NSFrame">{{20, 20}, {38, 26}}</string> - <reference key="NSSuperview" ref="92892041"/> - <bool key="NSEnabled">YES</bool> - <object class="NSPopUpButtonCell" key="NSCell" id="690863814"> - <int key="NSCellFlags">-2076049856</int> - <int key="NSCellFlags2">134219776</int> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="1016187493"/> - <int key="NSButtonFlags">-2030944001</int> - <int key="NSButtonFlags2">34</int> - <string key="NSAlternateContents"/> - <string key="NSKeyEquivalent"/> - <int key="NSPeriodicDelay">400</int> - <int key="NSPeriodicInterval">75</int> - <object class="NSMenuItem" key="NSMenuItem" id="1020091532"> - <reference key="NSMenu" ref="594991555"/> - <bool key="NSIsHidden">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <int key="NSState">1</int> - <object class="NSCustomResource" key="NSImage"> - <string key="NSClassName">NSImage</string> - <string key="NSResourceName">NSActionTemplate</string> - </object> - <object class="NSCustomResource" key="NSOnImage" id="530784694"> - <string key="NSClassName">NSImage</string> - <string key="NSResourceName">NSMenuCheckmark</string> - </object> - <object class="NSCustomResource" key="NSMixedImage" id="790891323"> - <string key="NSClassName">NSImage</string> - <string key="NSResourceName">NSMenuMixedState</string> - </object> - <string key="NSAction">_popUpItemAction:</string> - <reference key="NSTarget" ref="690863814"/> - </object> - <bool key="NSMenuItemRespectAlignment">YES</bool> - <object class="NSMenu" key="NSMenu" id="594991555"> - <string key="NSTitle">OtherViews</string> - <object class="NSMutableArray" key="NSMenuItems"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="1020091532"/> - <object class="NSMenuItem" id="452996455"> - <reference key="NSMenu" ref="594991555"/> - <string type="base64-UTF8" key="NSTitle">VGlja2V0IE9wdGlvbnPigKY</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="530784694"/> - <reference key="NSMixedImage" ref="790891323"/> - <string key="NSAction">_popUpItemAction:</string> - <reference key="NSTarget" ref="690863814"/> - </object> - <object class="NSMenuItem" id="744766544"> - <reference key="NSMenu" ref="594991555"/> - <string type="base64-UTF8" key="NSTitle">Q2hhbmdlIFBhc3N3b3Jk4oCmA</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="530784694"/> - <reference key="NSMixedImage" ref="790891323"/> - <string key="NSAction">_popUpItemAction:</string> - <reference key="NSTarget" ref="690863814"/> - </object> - </object> - </object> - <bool key="NSPullDown">YES</bool> - <int key="NSPreferredEdge">1</int> - <bool key="NSUsesItemFromMenu">YES</bool> - <bool key="NSAltersState">YES</bool> - <int key="NSArrowPosition">2</int> - </object> - </object> - <object class="NSProgressIndicator" id="186678160"> - <reference key="NSNextResponder" ref="92892041"/> - <int key="NSvFlags">1292</int> - <object class="NSPSMatrix" key="NSDrawMatrix"/> - <string key="NSFrame">{{66, 25}, {16, 16}}</string> - <reference key="NSSuperview" ref="92892041"/> - <int key="NSpiFlags">28938</int> - <double key="NSMinValue">1.600000e+01</double> - <double key="NSMaxValue">1.000000e+02</double> - </object> - </object> - <string key="NSFrameSize">{500, 187}</string> - <string key="NSClassName">NSView</string> - </object> - <object class="NSCustomView" id="866582848"> - <nil key="NSNextResponder"/> - <int key="NSvFlags">274</int> - <object class="NSMutableArray" key="NSSubviews"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSTextField" id="225475172"> - <reference key="NSNextResponder" ref="866582848"/> - <int key="NSvFlags">266</int> - <string key="NSFrame">{{104, 82}, {376, 22}}</string> - <reference key="NSSuperview" ref="866582848"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="508869457"> - <int key="NSCellFlags">-1804468671</int> - <int key="NSCellFlags2">272630784</int> - <string key="NSContents"/> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="225475172"/> - <bool key="NSDrawsBackground">YES</bool> - <reference key="NSBackgroundColor" ref="490771653"/> - <object class="NSColor" key="NSTextColor" id="955928389"> - <int key="NSColorSpace">6</int> - <string key="NSCatalogName">System</string> - <string key="NSColorName">textColor</string> - <reference key="NSColor" ref="18538584"/> - </object> - </object> - </object> - <object class="NSButton" id="133507311"> - <reference key="NSNextResponder" ref="866582848"/> - <int key="NSvFlags">289</int> - <string key="NSFrame">{{388, 12}, {98, 32}}</string> - <reference key="NSSuperview" ref="866582848"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="200893597"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">134217728</int> - <string key="NSContents">Continue</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="133507311"/> - <int key="NSButtonFlags">-2038284033</int> - <int key="NSButtonFlags2">1</int> - <reference key="NSAlternateImage" ref="604532625"/> - <string key="NSAlternateContents"/> - <string type="base64-UTF8" key="NSKeyEquivalent">DQ</string> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSButton" id="494687042"> - <reference key="NSNextResponder" ref="866582848"/> - <int key="NSvFlags">289</int> - <string key="NSFrame">{{295, 12}, {93, 32}}</string> - <reference key="NSSuperview" ref="866582848"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="935364959"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">134217728</int> - <string key="NSContents">Cancel</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="494687042"/> - <int key="NSButtonFlags">-2038284033</int> - <int key="NSButtonFlags2">1</int> - <reference key="NSAlternateImage" ref="604532625"/> - <string key="NSAlternateContents"/> - <string type="base64-UTF8" key="NSKeyEquivalent">Gw</string> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSTextField" id="464070473"> - <reference key="NSNextResponder" ref="866582848"/> - <int key="NSvFlags">266</int> - <string key="NSFrame">{{101, 124}, {382, 54}}</string> - <reference key="NSSuperview" ref="866582848"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="999660494"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">272629760</int> - <string key="NSContents">Please enter the Kerberos password for %@</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="464070473"/> - <reference key="NSBackgroundColor" ref="876444531"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - <object class="NSTextField" id="427167925"> - <reference key="NSNextResponder" ref="866582848"/> - <int key="NSvFlags">268</int> - <string key="NSFrame">{{17, 84}, {80, 17}}</string> - <reference key="NSSuperview" ref="866582848"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="916263740"> - <int key="NSCellFlags">68288064</int> - <int key="NSCellFlags2">71304192</int> - <string key="NSContents">Password:</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="427167925"/> - <reference key="NSBackgroundColor" ref="876444531"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - <object class="NSButton" id="645528597"> - <reference key="NSNextResponder" ref="866582848"/> - <int key="NSvFlags">290</int> - <string key="NSFrame">{{102, 58}, {380, 18}}</string> - <reference key="NSSuperview" ref="866582848"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="883697888"> - <int key="NSCellFlags">-2080244224</int> - <int key="NSCellFlags2">0</int> - <string key="NSContents">Remember this password in my keychain</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="645528597"/> - <int key="NSButtonFlags">1211912703</int> - <int key="NSButtonFlags2">130</int> - <object class="NSCustomResource" key="NSNormalImage" id="375544883"> - <string key="NSClassName">NSImage</string> - <string key="NSResourceName">NSSwitch</string> - </object> - <object class="NSButtonImageSource" key="NSAlternateImage" id="875913500"> - <string key="NSImageName">NSSwitch</string> - </object> - <string key="NSAlternateContents"/> - <string key="NSKeyEquivalent"/> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSCustomView" id="775546934"> - <reference key="NSNextResponder" ref="866582848"/> - <int key="NSvFlags">268</int> - <string key="NSFrame">{{20, 124}, {64, 64}}</string> - <reference key="NSSuperview" ref="866582848"/> - <string key="NSClassName">BadgedImageView</string> - </object> - <object class="NSProgressIndicator" id="524728083"> - <reference key="NSNextResponder" ref="866582848"/> - <int key="NSvFlags">1292</int> - <object class="NSPSMatrix" key="NSDrawMatrix"/> - <string key="NSFrame">{{19, 22}, {16, 16}}</string> - <reference key="NSSuperview" ref="866582848"/> - <int key="NSpiFlags">28938</int> - <double key="NSMinValue">1.600000e+01</double> - <double key="NSMaxValue">1.000000e+02</double> - </object> - </object> - <string key="NSFrameSize">{500, 208}</string> - <string key="NSClassName">NSView</string> - </object> - <object class="NSCustomView" id="898191415"> - <nil key="NSNextResponder"/> - <int key="NSvFlags">274</int> - <object class="NSMutableArray" key="NSSubviews"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSTextField" id="1018438662"> - <reference key="NSNextResponder" ref="898191415"/> - <int key="NSvFlags">266</int> - <string key="NSFrame">{{101, 140}, {382, 17}}</string> - <reference key="NSSuperview" ref="898191415"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="169380754"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">272629760</int> - <string key="NSContents">%@</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="1018438662"/> - <reference key="NSBackgroundColor" ref="876444531"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - <object class="NSTextField" id="270897371"> - <reference key="NSNextResponder" ref="898191415"/> - <int key="NSvFlags">290</int> - <string key="NSFrame">{{202, 62}, {278, 22}}</string> - <reference key="NSSuperview" ref="898191415"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="572127639"> - <int key="NSCellFlags">-1804468671</int> - <int key="NSCellFlags2">272630784</int> - <string key="NSContents"/> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="270897371"/> - <bool key="NSDrawsBackground">YES</bool> - <reference key="NSBackgroundColor" ref="490771653"/> - <reference key="NSTextColor" ref="955928389"/> - </object> - </object> - <object class="NSButton" id="499090485"> - <reference key="NSNextResponder" ref="898191415"/> - <int key="NSvFlags">289</int> - <string key="NSFrame">{{388, 12}, {98, 32}}</string> - <reference key="NSSuperview" ref="898191415"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="359264782"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">134217728</int> - <string key="NSContents">Continue</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="499090485"/> - <int key="NSButtonFlags">-2038284033</int> - <int key="NSButtonFlags2">1</int> - <reference key="NSAlternateImage" ref="604532625"/> - <string key="NSAlternateContents"/> - <string type="base64-UTF8" key="NSKeyEquivalent">DQ</string> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSTextField" id="798767897"> - <reference key="NSNextResponder" ref="898191415"/> - <int key="NSvFlags">274</int> - <string key="NSFrame">{{101, 104}, {382, 28}}</string> - <reference key="NSSuperview" ref="898191415"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="840858923"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">272629760</int> - <string type="base64-UTF8" key="NSContents">b25lIGxpbmUKdHdvIGxpbmVzA</string> - <object class="NSFont" key="NSSupport" id="26"> - <string key="NSName">LucidaGrande</string> - <double key="NSSize">1.100000e+01</double> - <int key="NSfFlags">3100</int> - </object> - <reference key="NSControlView" ref="798767897"/> - <reference key="NSBackgroundColor" ref="876444531"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - <object class="NSCustomView" id="944021079"> - <reference key="NSNextResponder" ref="898191415"/> - <int key="NSvFlags">268</int> - <string key="NSFrame">{{20, 103}, {64, 64}}</string> - <reference key="NSSuperview" ref="898191415"/> - <string key="NSClassName">BadgedImageView</string> - </object> - <object class="NSButton" id="907069022"> - <reference key="NSNextResponder" ref="898191415"/> - <int key="NSvFlags">289</int> - <string key="NSFrame">{{295, 12}, {93, 32}}</string> - <reference key="NSSuperview" ref="898191415"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="119720976"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">134217728</int> - <string key="NSContents">Cancel</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="907069022"/> - <int key="NSButtonFlags">-2038284033</int> - <int key="NSButtonFlags2">1</int> - <reference key="NSAlternateImage" ref="604532625"/> - <string key="NSAlternateContents"/> - <string type="base64-UTF8" key="NSKeyEquivalent">Gw</string> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSTextField" id="1022812428"> - <reference key="NSNextResponder" ref="898191415"/> - <int key="NSvFlags">292</int> - <string key="NSFrame">{{17, 20}, {180, 61}}</string> - <reference key="NSSuperview" ref="898191415"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="370337827"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">71303168</int> - <string key="NSContents">I am a really big prompt label:</string> - <object class="NSFont" key="NSSupport"> - <string key="NSName">LucidaGrande</string> - <double key="NSSize">1.300000e+01</double> - <int key="NSfFlags">16</int> - </object> - <reference key="NSControlView" ref="1022812428"/> - <reference key="NSBackgroundColor" ref="876444531"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - <object class="NSProgressIndicator" id="188143209"> - <reference key="NSNextResponder" ref="898191415"/> - <int key="NSvFlags">1292</int> - <object class="NSPSMatrix" key="NSDrawMatrix"/> - <string key="NSFrame">{{20, 22}, {16, 16}}</string> - <reference key="NSSuperview" ref="898191415"/> - <int key="NSpiFlags">28938</int> - <double key="NSMinValue">1.600000e+01</double> - <double key="NSMaxValue">1.000000e+02</double> - </object> - </object> - <string key="NSFrameSize">{500, 187}</string> - <string key="NSClassName">NSView</string> - </object> - <object class="NSCustomView" id="60326189"> - <nil key="NSNextResponder"/> - <int key="NSvFlags">286</int> - <object class="NSMutableArray" key="NSSubviews"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSCustomView" id="1061510403"> - <reference key="NSNextResponder" ref="60326189"/> - <int key="NSvFlags">268</int> - <string key="NSFrame">{{20, 146}, {64, 64}}</string> - <reference key="NSSuperview" ref="60326189"/> - <string key="NSClassName">BadgedImageView</string> - </object> - <object class="NSTextField" id="1064523274"> - <reference key="NSNextResponder" ref="60326189"/> - <int key="NSvFlags">266</int> - <string key="NSFrame">{{101, 146}, {382, 54}}</string> - <reference key="NSSuperview" ref="60326189"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="246958577"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">272629760</int> - <string key="NSContents">Kerberos Authentication Failed.</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="1064523274"/> - <reference key="NSBackgroundColor" ref="876444531"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - <object class="NSTextField" id="441176528"> - <reference key="NSNextResponder" ref="60326189"/> - <int key="NSvFlags">290</int> - <string key="NSFrame">{{161, 116}, {319, 22}}</string> - <reference key="NSSuperview" ref="60326189"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="453153516"> - <int key="NSCellFlags">-1804468671</int> - <int key="NSCellFlags2">272630784</int> - <string key="NSContents"/> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="441176528"/> - <bool key="NSDrawsBackground">YES</bool> - <reference key="NSBackgroundColor" ref="490771653"/> - <reference key="NSTextColor" ref="955928389"/> - </object> - </object> - <object class="NSTextField" id="962648515"> - <reference key="NSNextResponder" ref="60326189"/> - <int key="NSvFlags">292</int> - <string key="NSFrame">{{62, 118}, {94, 17}}</string> - <reference key="NSSuperview" ref="60326189"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="678162638"> - <int key="NSCellFlags">68288064</int> - <int key="NSCellFlags2">71304192</int> - <string key="NSContents">Old Password:</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="962648515"/> - <reference key="NSBackgroundColor" ref="876444531"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - <object class="NSTextField" id="29184344"> - <reference key="NSNextResponder" ref="60326189"/> - <int key="NSvFlags">292</int> - <string key="NSFrame">{{57, 90}, {99, 17}}</string> - <reference key="NSSuperview" ref="60326189"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="698626122"> - <int key="NSCellFlags">68288064</int> - <int key="NSCellFlags2">71304192</int> - <string key="NSContents">New Password:</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="29184344"/> - <reference key="NSBackgroundColor" ref="876444531"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - <object class="NSTextField" id="255611063"> - <reference key="NSNextResponder" ref="60326189"/> - <int key="NSvFlags">292</int> - <string key="NSFrame">{{17, 62}, {139, 17}}</string> - <reference key="NSSuperview" ref="60326189"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="742145870"> - <int key="NSCellFlags">68288064</int> - <int key="NSCellFlags2">71304192</int> - <string key="NSContents">Verify New Password:</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="255611063"/> - <reference key="NSBackgroundColor" ref="876444531"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - <object class="NSTextField" id="158061"> - <reference key="NSNextResponder" ref="60326189"/> - <int key="NSvFlags">290</int> - <string key="NSFrame">{{161, 88}, {319, 22}}</string> - <reference key="NSSuperview" ref="60326189"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="899060580"> - <int key="NSCellFlags">-1804468671</int> - <int key="NSCellFlags2">272630784</int> - <string key="NSContents"/> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="158061"/> - <bool key="NSDrawsBackground">YES</bool> - <reference key="NSBackgroundColor" ref="490771653"/> - <reference key="NSTextColor" ref="955928389"/> - </object> - </object> - <object class="NSTextField" id="576133689"> - <reference key="NSNextResponder" ref="60326189"/> - <int key="NSvFlags">290</int> - <string key="NSFrame">{{161, 60}, {319, 22}}</string> - <reference key="NSSuperview" ref="60326189"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="696656312"> - <int key="NSCellFlags">-1804468671</int> - <int key="NSCellFlags2">272630784</int> - <string key="NSContents"/> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="576133689"/> - <bool key="NSDrawsBackground">YES</bool> - <reference key="NSBackgroundColor" ref="490771653"/> - <reference key="NSTextColor" ref="955928389"/> - </object> - </object> - <object class="NSButton" id="105446308"> - <reference key="NSNextResponder" ref="60326189"/> - <int key="NSvFlags">289</int> - <string key="NSFrame">{{388, 12}, {98, 32}}</string> - <reference key="NSSuperview" ref="60326189"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="676106072"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">134217728</int> - <string key="NSContents">Continue</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="105446308"/> - <int key="NSButtonFlags">-2038284033</int> - <int key="NSButtonFlags2">1</int> - <reference key="NSAlternateImage" ref="604532625"/> - <string key="NSAlternateContents"/> - <string type="base64-UTF8" key="NSKeyEquivalent">DQ</string> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSButton" id="288995352"> - <reference key="NSNextResponder" ref="60326189"/> - <int key="NSvFlags">289</int> - <string key="NSFrame">{{295, 12}, {93, 32}}</string> - <reference key="NSSuperview" ref="60326189"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="613041994"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">134217728</int> - <string key="NSContents">Cancel</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="288995352"/> - <int key="NSButtonFlags">-2038284033</int> - <int key="NSButtonFlags2">1</int> - <reference key="NSAlternateImage" ref="604532625"/> - <string key="NSAlternateContents"/> - <string type="base64-UTF8" key="NSKeyEquivalent">Gw</string> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSProgressIndicator" id="314932147"> - <reference key="NSNextResponder" ref="60326189"/> - <int key="NSvFlags">1292</int> - <object class="NSPSMatrix" key="NSDrawMatrix"/> - <string key="NSFrame">{{20, 22}, {16, 16}}</string> - <reference key="NSSuperview" ref="60326189"/> - <int key="NSpiFlags">28938</int> - <double key="NSMinValue">1.600000e+01</double> - <double key="NSMaxValue">1.000000e+02</double> - </object> - </object> - <string key="NSFrameSize">{500, 230}</string> - <string key="NSClassName">NSView</string> - </object> - <object class="NSCustomView" id="861423802"> - <nil key="NSNextResponder"/> - <int key="NSvFlags">274</int> - <object class="NSMutableArray" key="NSSubviews"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSCustomView" id="41252477"> - <reference key="NSNextResponder" ref="861423802"/> - <int key="NSvFlags">268</int> - <string key="NSFrame">{{20, 126}, {64, 64}}</string> - <reference key="NSSuperview" ref="861423802"/> - <string key="NSClassName">BadgedImageView</string> - </object> - <object class="NSTextField" id="1024084044"> - <reference key="NSNextResponder" ref="861423802"/> - <int key="NSvFlags">266</int> - <string key="NSFrame">{{101, 149}, {382, 17}}</string> - <reference key="NSSuperview" ref="861423802"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="914836560"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">272629760</int> - <string key="NSContents">Kerberos Authentication Failed.</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="1024084044"/> - <reference key="NSBackgroundColor" ref="876444531"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - <object class="NSTextField" id="860880966"> - <reference key="NSNextResponder" ref="861423802"/> - <int key="NSvFlags">274</int> - <string key="NSFrame">{{101, 65}, {382, 76}}</string> - <reference key="NSSuperview" ref="861423802"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="1060905079"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">272760832</int> - <string key="NSContents">Password incorrect</string> - <reference key="NSSupport" ref="26"/> - <reference key="NSControlView" ref="860880966"/> - <object class="NSColor" key="NSBackgroundColor"> - <int key="NSColorSpace">3</int> - <bytes key="NSWhite">MSAwLjk3MDAwMDAzAA</bytes> - </object> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - <object class="NSButton" id="432972501"> - <reference key="NSNextResponder" ref="861423802"/> - <int key="NSvFlags">289</int> - <string key="NSFrame">{{404, 12}, {82, 32}}</string> - <reference key="NSSuperview" ref="861423802"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="1042795512"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">134217728</int> - <string key="NSContents">OK</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="432972501"/> - <int key="NSButtonFlags">-2038284033</int> - <int key="NSButtonFlags2">1</int> - <reference key="NSAlternateImage" ref="604532625"/> - <string key="NSAlternateContents"/> - <string type="base64-UTF8" key="NSKeyEquivalent">DQ</string> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - </object> - <string key="NSFrameSize">{500, 210}</string> - <string key="NSClassName">NSView</string> - </object> - <object class="NSWindowTemplate" id="236877202"> - <int key="NSWindowStyleMask">5</int> - <int key="NSWindowBacking">2</int> - <string key="NSWindowRect">{{378, 236}, {500, 210}}</string> - <int key="NSWTFlags">1886912512</int> - <string key="NSWindowTitle">Authenticate to Kerberos</string> - <object class="NSMutableString" key="NSWindowClass"> - <characters key="NS.bytes">NSWindow</characters> - </object> - <object class="NSMutableString" key="NSViewClass"> - <characters key="NS.bytes">View</characters> - </object> - <string key="NSWindowContentMaxSize">{600, 400}</string> - <string key="NSWindowContentMinSize">{484, 199}</string> - <object class="NSView" key="NSWindowView" id="632526042"> - <reference key="NSNextResponder"/> - <int key="NSvFlags">256</int> - <string key="NSFrameSize">{500, 210}</string> - <reference key="NSSuperview"/> - </object> - <string key="NSScreenRect">{{0, 0}, {1920, 1178}}</string> - <string key="NSMinSize">{484, 221}</string> - <string key="NSMaxSize">{600, 422}</string> - <string key="NSFrameAutosaveName"/> - </object> - <object class="NSWindowTemplate" id="102029948"> - <int key="NSWindowStyleMask">1</int> - <int key="NSWindowBacking">2</int> - <string key="NSWindowRect">{{21, 28}, {430, 305}}</string> - <int key="NSWTFlags">1886912512</int> - <string key="NSWindowTitle">Kerberos Ticket Options</string> - <string key="NSWindowClass">NSWindow</string> - <object class="NSMutableString" key="NSViewClass"> - <characters key="NS.bytes">View</characters> - </object> - <string key="NSWindowContentMaxSize">{3.40282e+38, 3.40282e+38}</string> - <string key="NSWindowContentMinSize">{430, 283}</string> - <object class="NSView" key="NSWindowView" id="389112266"> - <nil key="NSNextResponder"/> - <int key="NSvFlags">256</int> - <object class="NSMutableArray" key="NSSubviews"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSSlider" id="486016405"> - <reference key="NSNextResponder" ref="389112266"/> - <int key="NSvFlags">266</int> - <string key="NSFrame">{{38, 214}, {374, 25}}</string> - <reference key="NSSuperview" ref="389112266"/> - <bool key="NSEnabled">YES</bool> - <object class="NSSliderCell" key="NSCell" id="624979516"> - <int key="NSCellFlags">67501824</int> - <int key="NSCellFlags2">0</int> - <object class="NSMutableString" key="NSContents"> - <characters key="NS.bytes"/> - </object> - <object class="NSFont" key="NSSupport" id="784855171"> - <string key="NSName">Helvetica</string> - <double key="NSSize">1.200000e+01</double> - <int key="NSfFlags">16</int> - </object> - <reference key="NSControlView" ref="486016405"/> - <double key="NSMaxValue">1.000000e+02</double> - <double key="NSMinValue">0.000000e+00</double> - <double key="NSValue">0.000000e+00</double> - <double key="NSAltIncValue">0.000000e+00</double> - <int key="NSNumberOfTickMarks">11</int> - <int key="NSTickMarkPosition">0</int> - <bool key="NSAllowsTickMarkValuesOnly">NO</bool> - <bool key="NSVertical">NO</bool> - </object> - </object> - <object class="NSTextField" id="318596865"> - <reference key="NSNextResponder" ref="389112266"/> - <int key="NSvFlags">268</int> - <string key="NSFrame">{{17, 246}, {396, 17}}</string> - <reference key="NSSuperview" ref="389112266"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="254246330"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">4194304</int> - <string key="NSContents">Get tickets that are valid for:</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="318596865"/> - <reference key="NSBackgroundColor" ref="876444531"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - <object class="NSTextField" id="523287828"> - <reference key="NSNextResponder" ref="389112266"/> - <int key="NSvFlags">266</int> - <string key="NSFrame">{{37, 192}, {376, 14}}</string> - <reference key="NSSuperview" ref="389112266"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="175033886"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">4325376</int> - <string key="NSContents">10 hours</string> - <reference key="NSSupport" ref="26"/> - <reference key="NSControlView" ref="523287828"/> - <reference key="NSBackgroundColor" ref="876444531"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - <object class="NSSlider" id="594182616"> - <reference key="NSNextResponder" ref="389112266"/> - <int key="NSvFlags">266</int> - <string key="NSFrame">{{37, 82}, {375, 25}}</string> - <reference key="NSSuperview" ref="389112266"/> - <bool key="NSEnabled">YES</bool> - <object class="NSSliderCell" key="NSCell" id="734223932"> - <int key="NSCellFlags">67501824</int> - <int key="NSCellFlags2">0</int> - <object class="NSMutableString" key="NSContents"> - <characters key="NS.bytes"/> - </object> - <reference key="NSSupport" ref="784855171"/> - <reference key="NSControlView" ref="594182616"/> - <double key="NSMaxValue">1.000000e+05</double> - <double key="NSMinValue">0.000000e+00</double> - <double key="NSValue">0.000000e+00</double> - <double key="NSAltIncValue">0.000000e+00</double> - <int key="NSNumberOfTickMarks">11</int> - <int key="NSTickMarkPosition">0</int> - <bool key="NSAllowsTickMarkValuesOnly">NO</bool> - <bool key="NSVertical">NO</bool> - </object> - </object> - <object class="NSButton" id="198913348"> - <reference key="NSNextResponder" ref="389112266"/> - <int key="NSvFlags">268</int> - <string key="NSFrame">{{18, 134}, {394, 18}}</string> - <reference key="NSSuperview" ref="389112266"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="452074655"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">0</int> - <string key="NSContents">Get tickets without IP addresses (NAT mode)</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="198913348"/> - <int key="NSButtonFlags">1211912703</int> - <int key="NSButtonFlags2">2</int> - <reference key="NSNormalImage" ref="375544883"/> - <reference key="NSAlternateImage" ref="875913500"/> - <string key="NSAlternateContents"/> - <string key="NSKeyEquivalent"/> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSButton" id="964499406"> - <reference key="NSNextResponder" ref="389112266"/> - <int key="NSvFlags">268</int> - <string key="NSFrame">{{18, 156}, {394, 18}}</string> - <reference key="NSSuperview" ref="389112266"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="873232825"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">0</int> - <string key="NSContents">Get tickets that can be forwarded to other computers</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="964499406"/> - <int key="NSButtonFlags">1211912703</int> - <int key="NSButtonFlags2">2</int> - <reference key="NSNormalImage" ref="375544883"/> - <reference key="NSAlternateImage" ref="875913500"/> - <string key="NSAlternateContents"/> - <string key="NSKeyEquivalent"/> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSButton" id="368169141"> - <reference key="NSNextResponder" ref="389112266"/> - <int key="NSvFlags">268</int> - <string key="NSFrame">{{18, 112}, {394, 18}}</string> - <reference key="NSSuperview" ref="389112266"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="535311584"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">0</int> - <string key="NSContents">Get tickets that can be renewed for:</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="368169141"/> - <int key="NSButtonFlags">1211912703</int> - <int key="NSButtonFlags2">2</int> - <reference key="NSNormalImage" ref="375544883"/> - <reference key="NSAlternateImage" ref="875913500"/> - <string key="NSAlternateContents"/> - <string key="NSKeyEquivalent"/> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSTextField" id="332956369"> - <reference key="NSNextResponder" ref="389112266"/> - <int key="NSvFlags">266</int> - <string key="NSFrame">{{36, 60}, {377, 14}}</string> - <reference key="NSSuperview" ref="389112266"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="931635862"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">4325376</int> - <string key="NSContents">7 days</string> - <reference key="NSSupport" ref="26"/> - <reference key="NSControlView" ref="332956369"/> - <reference key="NSBackgroundColor" ref="876444531"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - <object class="NSButton" id="681646907"> - <reference key="NSNextResponder" ref="389112266"/> - <int key="NSvFlags">256</int> - <string key="NSFrame">{{334, 12}, {82, 32}}</string> - <reference key="NSSuperview" ref="389112266"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="88378654"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">134217728</int> - <string key="NSContents">OK</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="681646907"/> - <int key="NSButtonFlags">-2038284033</int> - <int key="NSButtonFlags2">1</int> - <reference key="NSAlternateImage" ref="604532625"/> - <string key="NSAlternateContents"/> - <string type="base64-UTF8" key="NSKeyEquivalent">DQ</string> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSButton" id="284195308"> - <reference key="NSNextResponder" ref="389112266"/> - <int key="NSvFlags">256</int> - <string key="NSFrame">{{252, 12}, {82, 32}}</string> - <reference key="NSSuperview" ref="389112266"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="12024755"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">134217728</int> - <string key="NSContents">Cancel</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="284195308"/> - <int key="NSButtonFlags">-2038284033</int> - <int key="NSButtonFlags2">1</int> - <reference key="NSAlternateImage" ref="604532625"/> - <string key="NSAlternateContents"/> - <string type="base64-UTF8" key="NSKeyEquivalent">Gw</string> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSButton" id="453888690"> - <reference key="NSNextResponder" ref="389112266"/> - <int key="NSvFlags">268</int> - <string key="NSFrame">{{18, 269}, {184, 18}}</string> - <reference key="NSSuperview" ref="389112266"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="505343782"> - <int key="NSCellFlags">-2080244224</int> - <int key="NSCellFlags2">0</int> - <string key="NSContents">Use default ticket options</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="453888690"/> - <int key="NSButtonFlags">1211912703</int> - <int key="NSButtonFlags2">130</int> - <reference key="NSNormalImage" ref="375544883"/> - <reference key="NSAlternateImage" ref="875913500"/> - <string key="NSAlternateContents"/> - <string key="NSKeyEquivalent"/> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - </object> - <string key="NSFrameSize">{430, 305}</string> - </object> - <string key="NSScreenRect">{{0, 0}, {1440, 878}}</string> - <string key="NSMinSize">{430, 305}</string> - <string key="NSMaxSize">{3.40282e+38, 3.40282e+38}</string> - </object> - <object class="NSCustomObject" id="752049494"> - <string key="NSClassName">KerberosTimeFormatter</string> - </object> - </object> - <object class="IBObjectContainer" key="IBDocument.Objects"> - <object class="NSMutableArray" key="connectionRecords"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">identityView</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="92892041"/> - </object> - <int key="connectionID">300295</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">passwordView</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="866582848"/> - </object> - <int key="connectionID">300296</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">samView</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="898191415"/> - </object> - <int key="connectionID">300297</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">expiredPasswordView</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="60326189"/> - </object> - <int key="connectionID">300298</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.message</string> - <reference key="source" ref="464070473"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="464070473"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">value: selection.message</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.message</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300301</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.message</string> - <reference key="source" ref="1024084044"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="1024084044"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">value: selection.message</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.message</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300303</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.description</string> - <reference key="source" ref="860880966"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="860880966"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">value: selection.description</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.description</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300304</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">glueController</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="57033499"/> - </object> - <int key="connectionID">300326</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">window</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="236877202"/> - </object> - <int key="connectionID">300339</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.message</string> - <reference key="source" ref="498665267"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="498665267"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">value: selection.message</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.message</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300344</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">enterIdentity:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="207178735"/> - </object> - <int key="connectionID">300347</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">cancel:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="523041784"/> - </object> - <int key="connectionID">300348</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.isPrincipalValid</string> - <reference key="source" ref="207178735"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector" id="243297891"> - <reference key="NSSource" ref="207178735"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">enabled: selection.isPrincipalValid</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.isPrincipalValid</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300351</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">enterBadge</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="1001544034"/> - </object> - <int key="connectionID">300353</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">passwordField</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="225475172"/> - </object> - <int key="connectionID">300354</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">cancel:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="494687042"/> - </object> - <int key="connectionID">300359</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">passwordBadge</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="775546934"/> - </object> - <int key="connectionID">300360</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">answerAuthPrompt:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="133507311"/> - </object> - <int key="connectionID">300361</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">rememberPasswordInKeychainCheckBox</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="645528597"/> - </object> - <int key="connectionID">300364</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.isPromptValid</string> - <reference key="source" ref="133507311"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector" id="6001298"> - <reference key="NSSource" ref="133507311"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">enabled: selection.isPromptValid</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.isPromptValid</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300365</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.prompt_response</string> - <reference key="source" ref="225475172"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="225475172"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">value: selection.prompt_response</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.prompt_response</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSContinuouslyUpdatesValue</string> - <integer value="1" key="NS.object.0" id="9"/> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300368</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">samBadge</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="944021079"/> - </object> - <int key="connectionID">300369</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">samPromptField</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="270897371"/> - </object> - <int key="connectionID">300370</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">answerAuthPrompt:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="499090485"/> - </object> - <int key="connectionID">300371</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">cancel:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="907069022"/> - </object> - <int key="connectionID">300372</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.prompt_response</string> - <reference key="source" ref="270897371"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="270897371"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">value: selection.prompt_response</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.prompt_response</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSContinuouslyUpdatesValue</string> - <reference key="NS.object.0" ref="9"/> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300377</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.isPromptValid</string> - <reference key="source" ref="499090485"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector" id="723183973"> - <reference key="NSSource" ref="499090485"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">enabled: selection.isPromptValid</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.isPromptValid</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300378</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">errorView</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="861423802"/> - </object> - <int key="connectionID">300379</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">errorBadge</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="41252477"/> - </object> - <int key="connectionID">300380</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">showedError:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="432972501"/> - </object> - <int key="connectionID">300381</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">changePasswordView</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="60326189"/> - </object> - <int key="connectionID">300382</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">changePasswordBadge</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="1061510403"/> - </object> - <int key="connectionID">300383</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">changePassword:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="105446308"/> - </object> - <int key="connectionID">300403</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">cancel:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="288995352"/> - </object> - <int key="connectionID">300404</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.message</string> - <reference key="source" ref="1064523274"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="1064523274"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">value: selection.message</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.message</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300405</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">oldPasswordField</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="441176528"/> - </object> - <int key="connectionID">300407</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">nextKeyView</string> - <reference key="source" ref="441176528"/> - <reference key="destination" ref="158061"/> - </object> - <int key="connectionID">300408</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">nextKeyView</string> - <reference key="source" ref="158061"/> - <reference key="destination" ref="576133689"/> - </object> - <int key="connectionID">300409</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">nextKeyView</string> - <reference key="source" ref="576133689"/> - <reference key="destination" ref="441176528"/> - </object> - <int key="connectionID">300410</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.isChangePasswordValid</string> - <reference key="source" ref="105446308"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector" id="145342680"> - <reference key="NSSource" ref="105446308"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">enabled: selection.isChangePasswordValid</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.isChangePasswordValid</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300411</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.old_password</string> - <reference key="source" ref="441176528"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="441176528"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">value: selection.old_password</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.old_password</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSContinuouslyUpdatesValue</string> - <reference key="NS.object.0" ref="9"/> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300412</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.new_password</string> - <reference key="source" ref="158061"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="158061"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">value: selection.new_password</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.new_password</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSContinuouslyUpdatesValue</string> - <reference key="NS.object.0" ref="9"/> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300413</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.verify_password</string> - <reference key="source" ref="576133689"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="576133689"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">value: selection.verify_password</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.verify_password</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSContinuouslyUpdatesValue</string> - <reference key="NS.object.0" ref="9"/> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300414</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">containerView</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="632526042"/> - </object> - <int key="connectionID">300415</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.save_response</string> - <reference key="source" ref="645528597"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="645528597"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">value: selection.save_response</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.save_response</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300416</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">ticketOptionsSheet</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="102029948"/> - </object> - <int key="connectionID">300468</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">ticketOptionsController</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="633725892"/> - </object> - <int key="connectionID">300470</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">maxValue: selection.maxValidLifetime</string> - <reference key="source" ref="486016405"/> - <reference key="destination" ref="633725892"/> - <object class="NSNibBindingConnector" key="connector" id="132072575"> - <reference key="NSSource" ref="486016405"/> - <reference key="NSDestination" ref="633725892"/> - <string key="NSLabel">maxValue: selection.maxValidLifetime</string> - <string key="NSBinding">maxValue</string> - <string key="NSKeyPath">selection.maxValidLifetime</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300472</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">minValue: selection.minValidLifetime</string> - <reference key="source" ref="486016405"/> - <reference key="destination" ref="633725892"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="486016405"/> - <reference key="NSDestination" ref="633725892"/> - <string key="NSLabel">minValue: selection.minValidLifetime</string> - <string key="NSBinding">minValue</string> - <string key="NSKeyPath">selection.minValidLifetime</string> - <reference key="NSPreviousConnector" ref="132072575"/> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300478</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.forwardable</string> - <reference key="source" ref="964499406"/> - <reference key="destination" ref="633725892"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="964499406"/> - <reference key="NSDestination" ref="633725892"/> - <string key="NSLabel">value: selection.forwardable</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.forwardable</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300481</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.addressless</string> - <reference key="source" ref="198913348"/> - <reference key="destination" ref="633725892"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="198913348"/> - <reference key="NSDestination" ref="633725892"/> - <string key="NSLabel">value: selection.addressless</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.addressless</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300482</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.renewable</string> - <reference key="source" ref="368169141"/> - <reference key="destination" ref="633725892"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="368169141"/> - <reference key="NSDestination" ref="633725892"/> - <string key="NSLabel">value: selection.renewable</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.renewable</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300483</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">maxValue: selection.maxRenewableLifetime</string> - <reference key="source" ref="594182616"/> - <reference key="destination" ref="633725892"/> - <object class="NSNibBindingConnector" key="connector" id="728670834"> - <reference key="NSSource" ref="594182616"/> - <reference key="NSDestination" ref="633725892"/> - <string key="NSLabel">maxValue: selection.maxRenewableLifetime</string> - <string key="NSBinding">maxValue</string> - <string key="NSKeyPath">selection.maxRenewableLifetime</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300494</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">minValue: selection.minRenewableLifetime</string> - <reference key="source" ref="594182616"/> - <reference key="destination" ref="633725892"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="594182616"/> - <reference key="NSDestination" ref="633725892"/> - <string key="NSLabel">minValue: selection.minRenewableLifetime</string> - <string key="NSBinding">minValue</string> - <string key="NSKeyPath">selection.minRenewableLifetime</string> - <reference key="NSPreviousConnector" ref="728670834"/> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300495</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.renewable</string> - <reference key="source" ref="594182616"/> - <reference key="destination" ref="633725892"/> - <object class="NSNibBindingConnector" key="connector" id="252907861"> - <reference key="NSSource" ref="594182616"/> - <reference key="NSDestination" ref="633725892"/> - <string key="NSLabel">enabled: selection.renewable</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.renewable</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300497</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">showTicketOptions:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="452996455"/> - </object> - <int key="connectionID">300503</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">saveTicketOptions:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="681646907"/> - </object> - <int key="connectionID">300504</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">cancelTicketOptions:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="284195308"/> - </object> - <int key="connectionID">300505</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">validLifetimeSlider</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="486016405"/> - </object> - <int key="connectionID">300506</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">renewableLifetimeSlider</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="594182616"/> - </object> - <int key="connectionID">300507</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">sliderDidChange:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="594182616"/> - </object> - <int key="connectionID">300508</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">sliderDidChange:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="486016405"/> - </object> - <int key="connectionID">300509</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">formatter</string> - <reference key="source" ref="332956369"/> - <reference key="destination" ref="752049494"/> - </object> - <int key="connectionID">300511</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">identityField</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="529434335"/> - </object> - <int key="connectionID">300513</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">contentValues: selection.favorite_identity_strings</string> - <reference key="source" ref="529434335"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector" id="407856422"> - <reference key="NSSource" ref="529434335"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">contentValues: selection.favorite_identity_strings</string> - <string key="NSBinding">contentValues</string> - <string key="NSKeyPath">selection.favorite_identity_strings</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300515</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.identity_string</string> - <reference key="source" ref="529434335"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="529434335"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">value: selection.identity_string</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.identity_string</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSContinuouslyUpdatesValue</string> - <reference key="NS.object.0" ref="9"/> - </object> - <reference key="NSPreviousConnector" ref="407856422"/> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300516</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.valid_lifetime</string> - <reference key="source" ref="523287828"/> - <reference key="destination" ref="633725892"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="523287828"/> - <reference key="NSDestination" ref="633725892"/> - <string key="NSLabel">value: selection.valid_lifetime</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.valid_lifetime</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSContinuouslyUpdatesValue</string> - <reference key="NS.object.0" ref="9"/> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300517</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.renewal_lifetime</string> - <reference key="source" ref="332956369"/> - <reference key="destination" ref="633725892"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="332956369"/> - <reference key="NSDestination" ref="633725892"/> - <string key="NSLabel">value: selection.renewal_lifetime</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.renewal_lifetime</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSContinuouslyUpdatesValue</string> - <reference key="NS.object.0" ref="9"/> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300518</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">lifetimeFormatter</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="752049494"/> - </object> - <int key="connectionID">300519</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">formatter</string> - <reference key="source" ref="523287828"/> - <reference key="destination" ref="752049494"/> - </object> - <int key="connectionID">300520</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">changePasswordGearAction:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="744766544"/> - </object> - <int key="connectionID">300522</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.message</string> - <reference key="source" ref="798767897"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="798767897"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">value: selection.message</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.message</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300524</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.title</string> - <reference key="source" ref="1018438662"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="1018438662"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">value: selection.title</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.title</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300525</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">displayPatternValue1: selection.description</string> - <reference key="source" ref="1022812428"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="1022812428"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">displayPatternValue1: selection.description</string> - <string key="NSBinding">displayPatternValue1</string> - <string key="NSKeyPath">selection.description</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSDisplayPattern</string> - <string key="NS.object.0">%{value1}@:</string> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300529</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">samSpinny</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="188143209"/> - </object> - <int key="connectionID">300532</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">changePasswordSpinny</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="314932147"/> - </object> - <int key="connectionID">300537</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">enterSpinny</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="186678160"/> - </object> - <int key="connectionID">300538</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">passwordSpinny</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="524728083"/> - </object> - <int key="connectionID">300539</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.isPrincipalValid</string> - <reference key="source" ref="744766544"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="744766544"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">enabled: selection.isPrincipalValid</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.isPrincipalValid</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300540</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.usesDefaultTicketOptions</string> - <reference key="source" ref="453888690"/> - <reference key="destination" ref="633725892"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="453888690"/> - <reference key="NSDestination" ref="633725892"/> - <string key="NSLabel">value: selection.usesDefaultTicketOptions</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.usesDefaultTicketOptions</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300545</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.usesDefaultTicketOptions</string> - <reference key="source" ref="486016405"/> - <reference key="destination" ref="633725892"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="486016405"/> - <reference key="NSDestination" ref="633725892"/> - <string key="NSLabel">enabled: selection.usesDefaultTicketOptions</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.usesDefaultTicketOptions</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSValueTransformerName</string> - <string key="NS.object.0">NSNegateBoolean</string> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300547</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.usesDefaultTicketOptions</string> - <reference key="source" ref="964499406"/> - <reference key="destination" ref="633725892"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="964499406"/> - <reference key="NSDestination" ref="633725892"/> - <string key="NSLabel">enabled: selection.usesDefaultTicketOptions</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.usesDefaultTicketOptions</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSValueTransformerName</string> - <string key="NS.object.0">NSNegateBoolean</string> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300549</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.usesDefaultTicketOptions</string> - <reference key="source" ref="198913348"/> - <reference key="destination" ref="633725892"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="198913348"/> - <reference key="NSDestination" ref="633725892"/> - <string key="NSLabel">enabled: selection.usesDefaultTicketOptions</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.usesDefaultTicketOptions</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSValueTransformerName</string> - <string key="NS.object.0">NSNegateBoolean</string> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300551</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.usesDefaultTicketOptions</string> - <reference key="source" ref="368169141"/> - <reference key="destination" ref="633725892"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="368169141"/> - <reference key="NSDestination" ref="633725892"/> - <string key="NSLabel">enabled: selection.usesDefaultTicketOptions</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.usesDefaultTicketOptions</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSValueTransformerName</string> - <string key="NS.object.0">NSNegateBoolean</string> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300553</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled2: selection.usesDefaultTicketOptions</string> - <reference key="source" ref="594182616"/> - <reference key="destination" ref="633725892"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="594182616"/> - <reference key="NSDestination" ref="633725892"/> - <string key="NSLabel">enabled2: selection.usesDefaultTicketOptions</string> - <string key="NSBinding">enabled2</string> - <string key="NSKeyPath">selection.usesDefaultTicketOptions</string> - <object class="NSDictionary" key="NSOptions"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSMutableArray" key="dict.sortedKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>NSMultipleValuesPlaceholder</string> - <string>NSNoSelectionPlaceholder</string> - <string>NSNotApplicablePlaceholder</string> - <string>NSNullPlaceholder</string> - <string>NSValueTransformerName</string> - </object> - <object class="NSMutableArray" key="dict.values"> - <bool key="EncodedWithXMLCoder">YES</bool> - <integer value="-1" id="7"/> - <reference ref="7"/> - <reference ref="7"/> - <reference ref="7"/> - <string>NSNegateBoolean</string> - </object> - </object> - <reference key="NSPreviousConnector" ref="252907861"/> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300555</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">checkboxDidChange:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="453888690"/> - </object> - <int key="connectionID">300556</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.acceptingInput</string> - <reference key="source" ref="441176528"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="441176528"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">enabled: selection.acceptingInput</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.acceptingInput</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300560</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.acceptingInput</string> - <reference key="source" ref="158061"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="158061"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">enabled: selection.acceptingInput</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.acceptingInput</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300561</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.acceptingInput</string> - <reference key="source" ref="576133689"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="576133689"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">enabled: selection.acceptingInput</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.acceptingInput</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300562</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled2: selection.acceptingInput</string> - <reference key="source" ref="105446308"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="105446308"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">enabled2: selection.acceptingInput</string> - <string key="NSBinding">enabled2</string> - <string key="NSKeyPath">selection.acceptingInput</string> - <object class="NSDictionary" key="NSOptions"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSMutableArray" key="dict.sortedKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>NSMultipleValuesPlaceholder</string> - <string>NSNoSelectionPlaceholder</string> - <string>NSNotApplicablePlaceholder</string> - <string>NSNullPlaceholder</string> - </object> - <object class="NSMutableArray" key="dict.values"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="7"/> - <reference ref="7"/> - <reference ref="7"/> - <reference ref="7"/> - </object> - </object> - <reference key="NSPreviousConnector" ref="145342680"/> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300563</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.acceptingInput</string> - <reference key="source" ref="288995352"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="288995352"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">enabled: selection.acceptingInput</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.acceptingInput</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300564</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.acceptingInput</string> - <reference key="source" ref="225475172"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="225475172"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">enabled: selection.acceptingInput</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.acceptingInput</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300565</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.acceptingInput</string> - <reference key="source" ref="645528597"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="645528597"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">enabled: selection.acceptingInput</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.acceptingInput</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300566</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.acceptingInput</string> - <reference key="source" ref="494687042"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="494687042"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">enabled: selection.acceptingInput</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.acceptingInput</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300567</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled2: selection.acceptingInput</string> - <reference key="source" ref="133507311"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="133507311"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">enabled2: selection.acceptingInput</string> - <string key="NSBinding">enabled2</string> - <string key="NSKeyPath">selection.acceptingInput</string> - <object class="NSDictionary" key="NSOptions"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSMutableArray" key="dict.sortedKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>NSMultipleValuesPlaceholder</string> - <string>NSNoSelectionPlaceholder</string> - <string>NSNotApplicablePlaceholder</string> - <string>NSNullPlaceholder</string> - </object> - <object class="NSMutableArray" key="dict.values"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="7"/> - <reference ref="7"/> - <reference ref="7"/> - <reference ref="7"/> - </object> - </object> - <reference key="NSPreviousConnector" ref="6001298"/> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300568</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.acceptingInput</string> - <reference key="source" ref="529434335"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="529434335"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">enabled: selection.acceptingInput</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.acceptingInput</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300569</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.acceptingInput</string> - <reference key="source" ref="523041784"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="523041784"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">enabled: selection.acceptingInput</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.acceptingInput</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300570</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled2: selection.acceptingInput</string> - <reference key="source" ref="207178735"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="207178735"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">enabled2: selection.acceptingInput</string> - <string key="NSBinding">enabled2</string> - <string key="NSKeyPath">selection.acceptingInput</string> - <object class="NSDictionary" key="NSOptions"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSMutableArray" key="dict.sortedKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>NSMultipleValuesPlaceholder</string> - <string>NSNoSelectionPlaceholder</string> - <string>NSNotApplicablePlaceholder</string> - <string>NSNullPlaceholder</string> - </object> - <object class="NSMutableArray" key="dict.values"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="7"/> - <reference ref="7"/> - <reference ref="7"/> - <reference ref="7"/> - </object> - </object> - <reference key="NSPreviousConnector" ref="243297891"/> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300571</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.acceptingInput</string> - <reference key="source" ref="1016187493"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="1016187493"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">enabled: selection.acceptingInput</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.acceptingInput</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300572</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.acceptingInput</string> - <reference key="source" ref="270897371"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="270897371"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">enabled: selection.acceptingInput</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.acceptingInput</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300573</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.acceptingInput</string> - <reference key="source" ref="907069022"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="907069022"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">enabled: selection.acceptingInput</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.acceptingInput</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300574</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled2: selection.acceptingInput</string> - <reference key="source" ref="499090485"/> - <reference key="destination" ref="57033499"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="499090485"/> - <reference key="NSDestination" ref="57033499"/> - <string key="NSLabel">enabled2: selection.acceptingInput</string> - <string key="NSBinding">enabled2</string> - <string key="NSKeyPath">selection.acceptingInput</string> - <object class="NSDictionary" key="NSOptions"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSMutableArray" key="dict.sortedKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>NSMultipleValuesPlaceholder</string> - <string>NSNoSelectionPlaceholder</string> - <string>NSNotApplicablePlaceholder</string> - <string>NSNullPlaceholder</string> - </object> - <object class="NSMutableArray" key="dict.values"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="7"/> - <reference ref="7"/> - <reference ref="7"/> - <reference ref="7"/> - </object> - </object> - <reference key="NSPreviousConnector" ref="723183973"/> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300575</int> - </object> - </object> - <object class="IBMutableOrderedSet" key="objectRecords"> - <object class="NSArray" key="orderedObjects"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="IBObjectRecord"> - <int key="objectID">0</int> - <object class="NSArray" key="object" id="0"> - <bool key="EncodedWithXMLCoder">YES</bool> - </object> - <reference key="children" ref="1000842439"/> - <nil key="parent"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">-2</int> - <reference key="object" ref="262677138"/> - <reference key="parent" ref="0"/> - <string type="base64-UTF8" key="objectName">RmlsZSdzIE93bmVyA</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">-1</int> - <reference key="object" ref="553445653"/> - <reference key="parent" ref="0"/> - <string key="objectName">First Responder</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">19</int> - <reference key="object" ref="236877202"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="632526042"/> - </object> - <reference key="parent" ref="0"/> - <string key="objectName">Authenticate to Kerberos</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">20</int> - <reference key="object" ref="632526042"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - </object> - <reference key="parent" ref="236877202"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">-3</int> - <reference key="object" ref="714830734"/> - <reference key="parent" ref="0"/> - <string key="objectName">Application</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300157</int> - <reference key="object" ref="92892041"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="523041784"/> - <reference ref="207178735"/> - <reference ref="238778309"/> - <reference ref="1001544034"/> - <reference ref="529434335"/> - <reference ref="498665267"/> - <reference ref="1016187493"/> - <reference ref="186678160"/> - </object> - <reference key="parent" ref="0"/> - <string key="objectName">Enter Identity</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300221</int> - <reference key="object" ref="523041784"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="927675304"/> - </object> - <reference key="parent" ref="92892041"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300163</int> - <reference key="object" ref="207178735"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="563505192"/> - </object> - <reference key="parent" ref="92892041"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300162</int> - <reference key="object" ref="238778309"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="1073582594"/> - </object> - <reference key="parent" ref="92892041"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300165</int> - <reference key="object" ref="1001544034"/> - <reference key="parent" ref="92892041"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300161</int> - <reference key="object" ref="529434335"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="100557652"/> - </object> - <reference key="parent" ref="92892041"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300158</int> - <reference key="object" ref="498665267"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="645367368"/> - </object> - <reference key="parent" ref="92892041"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300172</int> - <reference key="object" ref="645367368"/> - <reference key="parent" ref="498665267"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300169</int> - <reference key="object" ref="100557652"/> - <reference key="parent" ref="529434335"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300168</int> - <reference key="object" ref="1073582594"/> - <reference key="parent" ref="238778309"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300167</int> - <reference key="object" ref="563505192"/> - <reference key="parent" ref="207178735"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300222</int> - <reference key="object" ref="927675304"/> - <reference key="parent" ref="523041784"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300175</int> - <reference key="object" ref="866582848"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="494687042"/> - <reference ref="775546934"/> - <reference ref="427167925"/> - <reference ref="133507311"/> - <reference ref="645528597"/> - <reference ref="464070473"/> - <reference ref="225475172"/> - <reference ref="524728083"/> - </object> - <reference key="parent" ref="0"/> - <string key="objectName">Enter Password</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300179</int> - <reference key="object" ref="494687042"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="935364959"/> - </object> - <reference key="parent" ref="866582848"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300192</int> - <reference key="object" ref="775546934"/> - <reference key="parent" ref="866582848"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300182</int> - <reference key="object" ref="427167925"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="916263740"/> - </object> - <reference key="parent" ref="866582848"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300178</int> - <reference key="object" ref="133507311"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="200893597"/> - </object> - <reference key="parent" ref="866582848"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300183</int> - <reference key="object" ref="645528597"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="883697888"/> - </object> - <reference key="parent" ref="866582848"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300180</int> - <reference key="object" ref="464070473"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="999660494"/> - </object> - <reference key="parent" ref="866582848"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300177</int> - <reference key="object" ref="225475172"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="508869457"/> - </object> - <reference key="parent" ref="866582848"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300190</int> - <reference key="object" ref="508869457"/> - <reference key="parent" ref="225475172"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300187</int> - <reference key="object" ref="999660494"/> - <reference key="parent" ref="464070473"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300184</int> - <reference key="object" ref="883697888"/> - <reference key="parent" ref="645528597"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300189</int> - <reference key="object" ref="200893597"/> - <reference key="parent" ref="133507311"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300185</int> - <reference key="object" ref="916263740"/> - <reference key="parent" ref="427167925"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300188</int> - <reference key="object" ref="935364959"/> - <reference key="parent" ref="494687042"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300193</int> - <reference key="object" ref="898191415"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="944021079"/> - <reference ref="798767897"/> - <reference ref="270897371"/> - <reference ref="907069022"/> - <reference ref="499090485"/> - <reference ref="1018438662"/> - <reference ref="1022812428"/> - <reference ref="188143209"/> - </object> - <reference key="parent" ref="0"/> - <string key="objectName">SAM Authentication</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300210</int> - <reference key="object" ref="944021079"/> - <reference key="parent" ref="898191415"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300201</int> - <reference key="object" ref="798767897"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="840858923"/> - </object> - <reference key="parent" ref="898191415"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300195</int> - <reference key="object" ref="1018438662"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="169380754"/> - </object> - <reference key="parent" ref="898191415"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300196</int> - <reference key="object" ref="270897371"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="572127639"/> - </object> - <reference key="parent" ref="898191415"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300223</int> - <reference key="object" ref="907069022"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="119720976"/> - </object> - <reference key="parent" ref="898191415"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300197</int> - <reference key="object" ref="499090485"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="359264782"/> - </object> - <reference key="parent" ref="898191415"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300206</int> - <reference key="object" ref="359264782"/> - <reference key="parent" ref="499090485"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300224</int> - <reference key="object" ref="119720976"/> - <reference key="parent" ref="907069022"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300207</int> - <reference key="object" ref="572127639"/> - <reference key="parent" ref="270897371"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300208</int> - <reference key="object" ref="169380754"/> - <reference key="parent" ref="1018438662"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300202</int> - <reference key="object" ref="840858923"/> - <reference key="parent" ref="798767897"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300274</int> - <reference key="object" ref="60326189"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="1061510403"/> - <reference ref="1064523274"/> - <reference ref="255611063"/> - <reference ref="962648515"/> - <reference ref="29184344"/> - <reference ref="441176528"/> - <reference ref="158061"/> - <reference ref="576133689"/> - <reference ref="105446308"/> - <reference ref="288995352"/> - <reference ref="314932147"/> - </object> - <reference key="parent" ref="0"/> - <string key="objectName">Change Password</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300275</int> - <reference key="object" ref="1061510403"/> - <reference key="parent" ref="60326189"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300288</int> - <reference key="object" ref="1064523274"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="246958577"/> - </object> - <reference key="parent" ref="60326189"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300289</int> - <reference key="object" ref="246958577"/> - <reference key="parent" ref="1064523274"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300211</int> - <reference key="object" ref="861423802"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="860880966"/> - <reference ref="41252477"/> - <reference ref="432972501"/> - <reference ref="1024084044"/> - </object> - <reference key="parent" ref="0"/> - <string key="objectName">Result</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300215</int> - <reference key="object" ref="860880966"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="1060905079"/> - </object> - <reference key="parent" ref="861423802"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300212</int> - <reference key="object" ref="41252477"/> - <reference key="parent" ref="861423802"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300217</int> - <reference key="object" ref="432972501"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="1042795512"/> - </object> - <reference key="parent" ref="861423802"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300213</int> - <reference key="object" ref="1024084044"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="914836560"/> - </object> - <reference key="parent" ref="861423802"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300214</int> - <reference key="object" ref="914836560"/> - <reference key="parent" ref="1024084044"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300218</int> - <reference key="object" ref="1042795512"/> - <reference key="parent" ref="432972501"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300216</int> - <reference key="object" ref="1060905079"/> - <reference key="parent" ref="860880966"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300300</int> - <reference key="object" ref="57033499"/> - <reference key="parent" ref="0"/> - <string key="objectName">Glue Controller</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300312</int> - <reference key="object" ref="1016187493"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="690863814"/> - </object> - <reference key="parent" ref="92892041"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300313</int> - <reference key="object" ref="690863814"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="594991555"/> - </object> - <reference key="parent" ref="1016187493"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300314</int> - <reference key="object" ref="594991555"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="1020091532"/> - <reference ref="452996455"/> - <reference ref="744766544"/> - </object> - <reference key="parent" ref="690863814"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300316</int> - <reference key="object" ref="1020091532"/> - <reference key="parent" ref="594991555"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300384</int> - <reference key="object" ref="441176528"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="453153516"/> - </object> - <reference key="parent" ref="60326189"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300385</int> - <reference key="object" ref="962648515"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="678162638"/> - </object> - <reference key="parent" ref="60326189"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300386</int> - <reference key="object" ref="678162638"/> - <reference key="parent" ref="962648515"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300387</int> - <reference key="object" ref="453153516"/> - <reference key="parent" ref="441176528"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300388</int> - <reference key="object" ref="29184344"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="698626122"/> - </object> - <reference key="parent" ref="60326189"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300389</int> - <reference key="object" ref="698626122"/> - <reference key="parent" ref="29184344"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300390</int> - <reference key="object" ref="255611063"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="742145870"/> - </object> - <reference key="parent" ref="60326189"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300391</int> - <reference key="object" ref="742145870"/> - <reference key="parent" ref="255611063"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300392</int> - <reference key="object" ref="158061"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="899060580"/> - </object> - <reference key="parent" ref="60326189"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300393</int> - <reference key="object" ref="899060580"/> - <reference key="parent" ref="158061"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300394</int> - <reference key="object" ref="576133689"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="696656312"/> - </object> - <reference key="parent" ref="60326189"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300395</int> - <reference key="object" ref="696656312"/> - <reference key="parent" ref="576133689"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300396</int> - <reference key="object" ref="105446308"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="676106072"/> - </object> - <reference key="parent" ref="60326189"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300397</int> - <reference key="object" ref="288995352"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="613041994"/> - </object> - <reference key="parent" ref="60326189"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300398</int> - <reference key="object" ref="613041994"/> - <reference key="parent" ref="288995352"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300399</int> - <reference key="object" ref="676106072"/> - <reference key="parent" ref="105446308"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300419</int> - <reference key="object" ref="102029948"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="389112266"/> - </object> - <reference key="parent" ref="0"/> - <string key="objectName">Options</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300420</int> - <reference key="object" ref="389112266"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="486016405"/> - <reference ref="318596865"/> - <reference ref="523287828"/> - <reference ref="594182616"/> - <reference ref="198913348"/> - <reference ref="964499406"/> - <reference ref="368169141"/> - <reference ref="332956369"/> - <reference ref="681646907"/> - <reference ref="284195308"/> - <reference ref="453888690"/> - </object> - <reference key="parent" ref="102029948"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300421</int> - <reference key="object" ref="284195308"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="12024755"/> - </object> - <reference key="parent" ref="389112266"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300422</int> - <reference key="object" ref="681646907"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="88378654"/> - </object> - <reference key="parent" ref="389112266"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300423</int> - <reference key="object" ref="332956369"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="931635862"/> - </object> - <reference key="parent" ref="389112266"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300424</int> - <reference key="object" ref="368169141"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="535311584"/> - </object> - <reference key="parent" ref="389112266"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300425</int> - <reference key="object" ref="964499406"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="873232825"/> - </object> - <reference key="parent" ref="389112266"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300426</int> - <reference key="object" ref="198913348"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="452074655"/> - </object> - <reference key="parent" ref="389112266"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300427</int> - <reference key="object" ref="594182616"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="734223932"/> - </object> - <reference key="parent" ref="389112266"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300428</int> - <reference key="object" ref="523287828"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="175033886"/> - </object> - <reference key="parent" ref="389112266"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300429</int> - <reference key="object" ref="318596865"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="254246330"/> - </object> - <reference key="parent" ref="389112266"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300430</int> - <reference key="object" ref="486016405"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="624979516"/> - </object> - <reference key="parent" ref="389112266"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300431</int> - <reference key="object" ref="624979516"/> - <reference key="parent" ref="486016405"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300432</int> - <reference key="object" ref="254246330"/> - <reference key="parent" ref="318596865"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300433</int> - <reference key="object" ref="175033886"/> - <reference key="parent" ref="523287828"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300434</int> - <reference key="object" ref="734223932"/> - <reference key="parent" ref="594182616"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300435</int> - <reference key="object" ref="452074655"/> - <reference key="parent" ref="198913348"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300436</int> - <reference key="object" ref="873232825"/> - <reference key="parent" ref="964499406"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300437</int> - <reference key="object" ref="535311584"/> - <reference key="parent" ref="368169141"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300438</int> - <reference key="object" ref="931635862"/> - <reference key="parent" ref="332956369"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300439</int> - <reference key="object" ref="88378654"/> - <reference key="parent" ref="681646907"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300440</int> - <reference key="object" ref="12024755"/> - <reference key="parent" ref="284195308"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300464</int> - <reference key="object" ref="452996455"/> - <reference key="parent" ref="594991555"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300469</int> - <reference key="object" ref="633725892"/> - <reference key="parent" ref="0"/> - <string key="objectName">Ticket Options Controller</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300502</int> - <reference key="object" ref="744766544"/> - <reference key="parent" ref="594991555"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300510</int> - <reference key="object" ref="752049494"/> - <reference key="parent" ref="0"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300526</int> - <reference key="object" ref="1022812428"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="370337827"/> - </object> - <reference key="parent" ref="898191415"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300527</int> - <reference key="object" ref="370337827"/> - <reference key="parent" ref="1022812428"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300530</int> - <reference key="object" ref="188143209"/> - <reference key="parent" ref="898191415"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300533</int> - <reference key="object" ref="186678160"/> - <reference key="parent" ref="92892041"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300534</int> - <reference key="object" ref="524728083"/> - <reference key="parent" ref="866582848"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300536</int> - <reference key="object" ref="314932147"/> - <reference key="parent" ref="60326189"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300543</int> - <reference key="object" ref="453888690"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="505343782"/> - </object> - <reference key="parent" ref="389112266"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300544</int> - <reference key="object" ref="505343782"/> - <reference key="parent" ref="453888690"/> - </object> - </object> - </object> - <object class="NSMutableDictionary" key="flattenedProperties"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSMutableArray" key="dict.sortedKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>-1.IBPluginDependency</string> - <string>-2.IBPluginDependency</string> - <string>19.IBEditorWindowLastContentRect</string> - <string>19.IBPluginDependency</string> - <string>19.IBWindowTemplateEditedContentRect</string> - <string>19.ImportedFromIB2</string> - <string>19.NSWindowTemplate.visibleAtLaunch</string> - <string>19.editorWindowContentRectSynchronizationRect</string> - <string>19.windowTemplate.hasMaxSize</string> - <string>19.windowTemplate.hasMinSize</string> - <string>19.windowTemplate.maxSize</string> - <string>19.windowTemplate.minSize</string> - <string>20.IBPluginDependency</string> - <string>20.ImportedFromIB2</string> - <string>300157.IBEditorWindowLastContentRect</string> - <string>300157.IBPluginDependency</string> - <string>300158.IBPluginDependency</string> - <string>300158.ImportedFromIB2</string> - <string>300161.IBPluginDependency</string> - <string>300161.ImportedFromIB2</string> - <string>300162.IBPluginDependency</string> - <string>300162.ImportedFromIB2</string> - <string>300163.IBPluginDependency</string> - <string>300163.ImportedFromIB2</string> - <string>300165.IBPluginDependency</string> - <string>300175.IBEditorWindowLastContentRect</string> - <string>300175.IBPluginDependency</string> - <string>300177.CustomClassName</string> - <string>300177.IBPluginDependency</string> - <string>300177.ImportedFromIB2</string> - <string>300178.IBPluginDependency</string> - <string>300178.ImportedFromIB2</string> - <string>300179.IBPluginDependency</string> - <string>300179.ImportedFromIB2</string> - <string>300180.IBPluginDependency</string> - <string>300180.ImportedFromIB2</string> - <string>300182.IBPluginDependency</string> - <string>300183.IBPluginDependency</string> - <string>300184.IBPluginDependency</string> - <string>300185.IBPluginDependency</string> - <string>300192.IBPluginDependency</string> - <string>300193.IBEditorWindowLastContentRect</string> - <string>300193.IBPluginDependency</string> - <string>300195.IBPluginDependency</string> - <string>300195.ImportedFromIB2</string> - <string>300196.CustomClassName</string> - <string>300196.IBPluginDependency</string> - <string>300196.ImportedFromIB2</string> - <string>300197.IBPluginDependency</string> - <string>300197.ImportedFromIB2</string> - <string>300201.IBPluginDependency</string> - <string>300201.ImportedFromIB2</string> - <string>300210.IBPluginDependency</string> - <string>300211.IBEditorWindowLastContentRect</string> - <string>300211.IBPluginDependency</string> - <string>300212.IBPluginDependency</string> - <string>300213.IBPluginDependency</string> - <string>300213.ImportedFromIB2</string> - <string>300215.IBPluginDependency</string> - <string>300215.ImportedFromIB2</string> - <string>300217.IBPluginDependency</string> - <string>300217.ImportedFromIB2</string> - <string>300221.IBPluginDependency</string> - <string>300221.ImportedFromIB2</string> - <string>300223.IBPluginDependency</string> - <string>300223.ImportedFromIB2</string> - <string>300274.IBEditorWindowLastContentRect</string> - <string>300274.IBPluginDependency</string> - <string>300275.IBPluginDependency</string> - <string>300288.IBPluginDependency</string> - <string>300288.ImportedFromIB2</string> - <string>300300.IBPluginDependency</string> - <string>300312.IBPluginDependency</string> - <string>300313.IBPluginDependency</string> - <string>300314.IBEditorWindowLastContentRect</string> - <string>300314.IBPluginDependency</string> - <string>300316.IBPluginDependency</string> - <string>300384.CustomClassName</string> - <string>300384.IBPluginDependency</string> - <string>300384.ImportedFromIB2</string> - <string>300385.IBPluginDependency</string> - <string>300386.IBPluginDependency</string> - <string>300388.IBPluginDependency</string> - <string>300389.IBPluginDependency</string> - <string>300390.IBPluginDependency</string> - <string>300391.IBPluginDependency</string> - <string>300392.CustomClassName</string> - <string>300392.IBPluginDependency</string> - <string>300392.ImportedFromIB2</string> - <string>300394.CustomClassName</string> - <string>300394.IBPluginDependency</string> - <string>300394.ImportedFromIB2</string> - <string>300396.IBPluginDependency</string> - <string>300396.ImportedFromIB2</string> - <string>300397.IBPluginDependency</string> - <string>300397.ImportedFromIB2</string> - <string>300419.IBEditorWindowLastContentRect</string> - <string>300419.IBPluginDependency</string> - <string>300419.IBWindowTemplateEditedContentRect</string> - <string>300419.ImportedFromIB2</string> - <string>300419.windowTemplate.hasMaxSize</string> - <string>300419.windowTemplate.hasMinSize</string> - <string>300419.windowTemplate.maxSize</string> - <string>300419.windowTemplate.minSize</string> - <string>300420.IBPluginDependency</string> - <string>300420.ImportedFromIB2</string> - <string>300421.IBPluginDependency</string> - <string>300421.ImportedFromIB2</string> - <string>300422.IBPluginDependency</string> - <string>300422.ImportedFromIB2</string> - <string>300423.IBPluginDependency</string> - <string>300423.ImportedFromIB2</string> - <string>300424.IBPluginDependency</string> - <string>300424.ImportedFromIB2</string> - <string>300425.IBPluginDependency</string> - <string>300425.ImportedFromIB2</string> - <string>300426.IBPluginDependency</string> - <string>300426.ImportedFromIB2</string> - <string>300427.IBPluginDependency</string> - <string>300427.ImportedFromIB2</string> - <string>300428.IBPluginDependency</string> - <string>300428.ImportedFromIB2</string> - <string>300429.IBPluginDependency</string> - <string>300429.ImportedFromIB2</string> - <string>300430.IBPluginDependency</string> - <string>300430.ImportedFromIB2</string> - <string>300464.IBPluginDependency</string> - <string>300469.IBPluginDependency</string> - <string>300502.IBPluginDependency</string> - <string>300510.IBPluginDependency</string> - <string>300526.IBPluginDependency</string> - <string>300527.IBPluginDependency</string> - <string>300530.IBPluginDependency</string> - <string>300533.IBPluginDependency</string> - <string>300534.IBPluginDependency</string> - <string>300536.IBPluginDependency</string> - <string>300543.IBPluginDependency</string> - <string>300544.IBPluginDependency</string> - </object> - <object class="NSMutableArray" key="dict.values"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>{{628, 646}, {500, 210}}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>{{628, 646}, {500, 210}}</string> - <reference ref="9"/> - <reference ref="8"/> - <string>{{932, 664}, {484, 199}}</string> - <reference ref="9"/> - <reference ref="9"/> - <string>{600, 400}</string> - <string>{484, 199}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>{{338, 521}, {500, 187}}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>{{628, 239}, {500, 208}}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>NSSecureTextField</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>{{597, 343}, {500, 187}}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>NSSecureTextField</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>{{553, 638}, {500, 210}}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>{{427, 495}, {500, 230}}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>{{347, 504}, {189, 63}}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>NSSecureTextField</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>NSSecureTextField</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>NSSecureTextField</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>{{647, 390}, {430, 305}}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>{{647, 390}, {430, 305}}</string> - <reference ref="9"/> - <reference ref="8"/> - <reference ref="9"/> - <string>{3.40282e+38, 3.40282e+38}</string> - <string>{430, 283}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - </object> - </object> - <object class="NSMutableDictionary" key="unlocalizedProperties"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSArray" key="dict.sortedKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - </object> - <object class="NSMutableArray" key="dict.values"> - <bool key="EncodedWithXMLCoder">YES</bool> - </object> - </object> - <nil key="activeLocalization"/> - <object class="NSMutableDictionary" key="localizations"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSArray" key="dict.sortedKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - </object> - <object class="NSMutableArray" key="dict.values"> - <bool key="EncodedWithXMLCoder">YES</bool> - </object> - </object> - <nil key="sourceID"/> - <int key="maxID">300575</int> - </object> - <object class="IBClassDescriber" key="IBDocument.Classes"> - <object class="NSMutableArray" key="referencedPartialClassDescriptions"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="IBPartialClassDescription"> - <string key="className">AuthenticationController</string> - <string key="superclassName">NSWindowController</string> - <object class="NSMutableDictionary" key="actions"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSMutableArray" key="dict.sortedKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>answerAuthPrompt:</string> - <string>cancel:</string> - <string>cancelTicketOptions:</string> - <string>changePassword:</string> - <string>changePasswordGearAction:</string> - <string>checkboxDidChange:</string> - <string>enterIdentity:</string> - <string>saveTicketOptions:</string> - <string>showTicketOptions:</string> - <string>showedError:</string> - <string>sliderDidChange:</string> - </object> - <object class="NSMutableArray" key="dict.values"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>id</string> - <string>id</string> - <string>id</string> - <string>id</string> - <string>id</string> - <string>id</string> - <string>id</string> - <string>id</string> - <string>id</string> - <string>id</string> - <string>id</string> - </object> - </object> - <object class="NSMutableDictionary" key="outlets"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSMutableArray" key="dict.sortedKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>changePasswordBadge</string> - <string>changePasswordSpinny</string> - <string>changePasswordView</string> - <string>containerView</string> - <string>enterBadge</string> - <string>enterSpinny</string> - <string>errorBadge</string> - <string>errorView</string> - <string>expiredPasswordView</string> - <string>glueController</string> - <string>identityField</string> - <string>identityView</string> - <string>lifetimeFormatter</string> - <string>oldPasswordField</string> - <string>passwordBadge</string> - <string>passwordField</string> - <string>passwordSpinny</string> - <string>passwordView</string> - <string>rememberPasswordInKeychainCheckBox</string> - <string>renewableLifetimeSlider</string> - <string>samBadge</string> - <string>samPromptField</string> - <string>samSpinny</string> - <string>samView</string> - <string>ticketOptionsController</string> - <string>ticketOptionsSheet</string> - <string>validLifetimeSlider</string> - </object> - <object class="NSMutableArray" key="dict.values"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>BadgedImageView</string> - <string>NSProgressIndicator</string> - <string>NSView</string> - <string>NSView</string> - <string>BadgedImageView</string> - <string>NSProgressIndicator</string> - <string>BadgedImageView</string> - <string>NSView</string> - <string>NSView</string> - <string>NSObjectController</string> - <string>NSTextField</string> - <string>NSView</string> - <string>KerberosTimeFormatter</string> - <string>NSTextField</string> - <string>BadgedImageView</string> - <string>NSTextField</string> - <string>NSProgressIndicator</string> - <string>NSView</string> - <string>NSButton</string> - <string>NSSlider</string> - <string>BadgedImageView</string> - <string>NSTextField</string> - <string>NSProgressIndicator</string> - <string>NSView</string> - <string>NSObjectController</string> - <string>NSWindow</string> - <string>NSSlider</string> - </object> - </object> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBProjectSource</string> - <string key="minorKey">../Sources/kim/agent/mac/AuthenticationController.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">BadgedImageView</string> - <string key="superclassName">NSView</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBProjectSource</string> - <string key="minorKey">../Sources/kim/agent/mac/BadgedImageView.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">FirstResponder</string> - <string key="superclassName">NSObject</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBUserSource</string> - <string key="minorKey"/> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">KerberosTimeFormatter</string> - <string key="superclassName">NSFormatter</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBProjectSource</string> - <string key="minorKey">../Sources/kim/agent/mac/KerberosFormatters.h</string> - </object> - </object> - </object> - </object> - <int key="IBDocument.localizationMode">0</int> - <string key="IBDocument.LastKnownRelativeProjectPath">../../../../../../Projects/Kerberos5.xcodeproj</string> - <int key="IBDocument.defaultPropertyAccessControl">3</int> - </data> -</archive> diff --git a/src/kim/agent/mac/resources/English.lproj/AuthenticationController.strings b/src/kim/agent/mac/resources/English.lproj/AuthenticationController.strings Binary files differdeleted file mode 100644 index bcc575632..000000000 --- a/src/kim/agent/mac/resources/English.lproj/AuthenticationController.strings +++ /dev/null diff --git a/src/kim/agent/mac/resources/English.lproj/MainMenu.xib b/src/kim/agent/mac/resources/English.lproj/MainMenu.xib deleted file mode 100644 index f56ab6337..000000000 --- a/src/kim/agent/mac/resources/English.lproj/MainMenu.xib +++ /dev/null @@ -1,791 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<archive type="com.apple.InterfaceBuilder3.Cocoa.XIB" version="7.02"> - <data> - <int key="IBDocument.SystemTarget">1050</int> - <string key="IBDocument.SystemVersion">9F33</string> - <string key="IBDocument.InterfaceBuilderVersion">672</string> - <string key="IBDocument.AppKitVersion">949.34</string> - <string key="IBDocument.HIToolboxVersion">352.00</string> - <object class="NSMutableArray" key="IBDocument.EditedObjectIDs"> - <bool key="EncodedWithXMLCoder">YES</bool> - <integer value="57"/> - </object> - <object class="NSArray" key="IBDocument.PluginDependencies"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - </object> - <object class="NSMutableArray" key="IBDocument.RootObjects" id="949938097"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSCustomObject" id="58791012"> - <object class="NSMutableString" key="NSClassName"> - <characters key="NS.bytes">NSApplication</characters> - </object> - </object> - <object class="NSCustomObject" id="506161835"> - <string key="NSClassName">FirstResponder</string> - </object> - <object class="NSCustomObject" id="364998124"> - <string key="NSClassName">NSApplication</string> - </object> - <object class="NSMenu" id="576137369"> - <string key="NSTitle">MainMenu</string> - <object class="NSMutableArray" key="NSMenuItems"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSMenuItem" id="946093663"> - <reference key="NSMenu" ref="576137369"/> - <string key="NSTitle">KerberosAgent</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <object class="NSCustomResource" key="NSOnImage" id="42192827"> - <string key="NSClassName">NSImage</string> - <string key="NSResourceName">NSMenuCheckmark</string> - </object> - <object class="NSCustomResource" key="NSMixedImage" id="708750045"> - <string key="NSClassName">NSImage</string> - <string key="NSResourceName">NSMenuMixedState</string> - </object> - <string key="NSAction">submenuAction:</string> - <object class="NSMenu" key="NSSubmenu" id="980333367"> - <string key="NSTitle">KerberosAgent</string> - <object class="NSMutableArray" key="NSMenuItems"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSMenuItem" id="104201360"> - <reference key="NSMenu" ref="980333367"/> - <string key="NSTitle">About KerberosAgent</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="42192827"/> - <reference key="NSMixedImage" ref="708750045"/> - </object> - </object> - <string key="NSName">_NSAppleMenu</string> - </object> - </object> - <object class="NSMenuItem" id="1071484604"> - <reference key="NSMenu" ref="576137369"/> - <string key="NSTitle">Edit</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="42192827"/> - <reference key="NSMixedImage" ref="708750045"/> - <string key="NSAction">submenuAction:</string> - <object class="NSMenu" key="NSSubmenu" id="694937866"> - <string key="NSTitle">Edit</string> - <object class="NSMutableArray" key="NSMenuItems"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSMenuItem" id="9292975"> - <reference key="NSMenu" ref="694937866"/> - <string key="NSTitle">Undo</string> - <string key="NSKeyEquiv">z</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="42192827"/> - <reference key="NSMixedImage" ref="708750045"/> - </object> - <object class="NSMenuItem" id="970758993"> - <reference key="NSMenu" ref="694937866"/> - <string key="NSTitle">Redo</string> - <string key="NSKeyEquiv">Z</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="42192827"/> - <reference key="NSMixedImage" ref="708750045"/> - </object> - <object class="NSMenuItem" id="851800591"> - <reference key="NSMenu" ref="694937866"/> - <bool key="NSIsDisabled">YES</bool> - <bool key="NSIsSeparator">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="42192827"/> - <reference key="NSMixedImage" ref="708750045"/> - </object> - <object class="NSMenuItem" id="644214546"> - <reference key="NSMenu" ref="694937866"/> - <string key="NSTitle">Cut</string> - <string key="NSKeyEquiv">x</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="42192827"/> - <reference key="NSMixedImage" ref="708750045"/> - </object> - <object class="NSMenuItem" id="157511090"> - <reference key="NSMenu" ref="694937866"/> - <string key="NSTitle">Copy</string> - <string key="NSKeyEquiv">c</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="42192827"/> - <reference key="NSMixedImage" ref="708750045"/> - </object> - <object class="NSMenuItem" id="76167146"> - <reference key="NSMenu" ref="694937866"/> - <string key="NSTitle">Paste</string> - <string key="NSKeyEquiv">v</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="42192827"/> - <reference key="NSMixedImage" ref="708750045"/> - </object> - <object class="NSMenuItem" id="872606351"> - <reference key="NSMenu" ref="694937866"/> - <string key="NSTitle">Paste and Match Style</string> - <string key="NSKeyEquiv">V</string> - <int key="NSKeyEquivModMask">1572864</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="42192827"/> - <reference key="NSMixedImage" ref="708750045"/> - </object> - <object class="NSMenuItem" id="693913733"> - <reference key="NSMenu" ref="694937866"/> - <string key="NSTitle">Delete</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="42192827"/> - <reference key="NSMixedImage" ref="708750045"/> - </object> - <object class="NSMenuItem" id="491366892"> - <reference key="NSMenu" ref="694937866"/> - <string key="NSTitle">Select All</string> - <string key="NSKeyEquiv">a</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="42192827"/> - <reference key="NSMixedImage" ref="708750045"/> - </object> - </object> - </object> - </object> - <object class="NSMenuItem" id="132646693"> - <reference key="NSMenu" ref="576137369"/> - <string key="NSTitle">Window</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="42192827"/> - <reference key="NSMixedImage" ref="708750045"/> - <string key="NSAction">submenuAction:</string> - <object class="NSMenu" key="NSSubmenu" id="307678365"> - <object class="NSMutableString" key="NSTitle"> - <characters key="NS.bytes">Window</characters> - </object> - <object class="NSMutableArray" key="NSMenuItems"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSMenuItem" id="499080229"> - <reference key="NSMenu" ref="307678365"/> - <string key="NSTitle">Close</string> - <string key="NSKeyEquiv">w</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="42192827"/> - <reference key="NSMixedImage" ref="708750045"/> - </object> - <object class="NSMenuItem" id="308116730"> - <reference key="NSMenu" ref="307678365"/> - <string key="NSTitle">Minimize</string> - <string key="NSKeyEquiv">m</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="42192827"/> - <reference key="NSMixedImage" ref="708750045"/> - </object> - <object class="NSMenuItem" id="695757627"> - <reference key="NSMenu" ref="307678365"/> - <string key="NSTitle">Zoom</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="42192827"/> - <reference key="NSMixedImage" ref="708750045"/> - </object> - <object class="NSMenuItem" id="615570499"> - <reference key="NSMenu" ref="307678365"/> - <bool key="NSIsDisabled">YES</bool> - <bool key="NSIsSeparator">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="42192827"/> - <reference key="NSMixedImage" ref="708750045"/> - </object> - <object class="NSMenuItem" id="150140133"> - <reference key="NSMenu" ref="307678365"/> - <string key="NSTitle">Bring All to Front</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="42192827"/> - <reference key="NSMixedImage" ref="708750045"/> - </object> - </object> - <string key="NSName">_NSWindowsMenu</string> - </object> - </object> - <object class="NSMenuItem" id="608222506"> - <reference key="NSMenu" ref="576137369"/> - <string key="NSTitle">Help</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="42192827"/> - <reference key="NSMixedImage" ref="708750045"/> - <string key="NSAction">submenuAction:</string> - <object class="NSMenu" key="NSSubmenu" id="566679562"> - <object class="NSMutableString" key="NSTitle"> - <characters key="NS.bytes">Help</characters> - </object> - <object class="NSMutableArray" key="NSMenuItems"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSMenuItem" id="376978259"> - <reference key="NSMenu" ref="566679562"/> - <string key="NSTitle">KerberosAgent Help</string> - <string key="NSKeyEquiv">?</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="42192827"/> - <reference key="NSMixedImage" ref="708750045"/> - </object> - </object> - </object> - </object> - </object> - <string key="NSName">_NSMainMenu</string> - </object> - <object class="NSCustomObject" id="620802461"> - <string key="NSClassName">KerberosAgentController</string> - </object> - </object> - <object class="IBObjectContainer" key="IBDocument.Objects"> - <object class="NSMutableArray" key="connectionRecords"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">arrangeInFront:</string> - <reference key="source" ref="506161835"/> - <reference key="destination" ref="150140133"/> - </object> - <int key="connectionID">39</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">showHelp:</string> - <reference key="source" ref="506161835"/> - <reference key="destination" ref="376978259"/> - </object> - <int key="connectionID">122</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">orderFrontStandardAboutPanel:</string> - <reference key="source" ref="58791012"/> - <reference key="destination" ref="104201360"/> - </object> - <int key="connectionID">142</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">cut:</string> - <reference key="source" ref="506161835"/> - <reference key="destination" ref="644214546"/> - </object> - <int key="connectionID">175</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">paste:</string> - <reference key="source" ref="506161835"/> - <reference key="destination" ref="76167146"/> - </object> - <int key="connectionID">176</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">redo:</string> - <reference key="source" ref="506161835"/> - <reference key="destination" ref="970758993"/> - </object> - <int key="connectionID">178</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">selectAll:</string> - <reference key="source" ref="506161835"/> - <reference key="destination" ref="491366892"/> - </object> - <int key="connectionID">179</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">undo:</string> - <reference key="source" ref="506161835"/> - <reference key="destination" ref="9292975"/> - </object> - <int key="connectionID">180</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">copy:</string> - <reference key="source" ref="506161835"/> - <reference key="destination" ref="157511090"/> - </object> - <int key="connectionID">181</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">delete:</string> - <reference key="source" ref="506161835"/> - <reference key="destination" ref="693913733"/> - </object> - <int key="connectionID">201</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">performZoom:</string> - <reference key="source" ref="506161835"/> - <reference key="destination" ref="695757627"/> - </object> - <int key="connectionID">204</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">pasteAsPlainText:</string> - <reference key="source" ref="506161835"/> - <reference key="destination" ref="872606351"/> - </object> - <int key="connectionID">211</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">performMiniaturize:</string> - <reference key="source" ref="506161835"/> - <reference key="destination" ref="308116730"/> - </object> - <int key="connectionID">235</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">performClose:</string> - <reference key="source" ref="506161835"/> - <reference key="destination" ref="499080229"/> - </object> - <int key="connectionID">246</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">delegate</string> - <reference key="source" ref="58791012"/> - <reference key="destination" ref="620802461"/> - </object> - <int key="connectionID">300448</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">delegate</string> - <reference key="source" ref="364998124"/> - <reference key="destination" ref="620802461"/> - </object> - <int key="connectionID">300468</int> - </object> - </object> - <object class="IBMutableOrderedSet" key="objectRecords"> - <object class="NSArray" key="orderedObjects"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="IBObjectRecord"> - <int key="objectID">0</int> - <object class="NSArray" key="object" id="0"> - <bool key="EncodedWithXMLCoder">YES</bool> - </object> - <reference key="children" ref="949938097"/> - <nil key="parent"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">-2</int> - <reference key="object" ref="58791012"/> - <reference key="parent" ref="0"/> - <string type="base64-UTF8" key="objectName">RmlsZSdzIE93bmVyA</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">-1</int> - <reference key="object" ref="506161835"/> - <reference key="parent" ref="0"/> - <string key="objectName">First Responder</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">29</int> - <reference key="object" ref="576137369"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="132646693"/> - <reference ref="946093663"/> - <reference ref="608222506"/> - <reference ref="1071484604"/> - </object> - <reference key="parent" ref="0"/> - <string key="objectName">MainMenu</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">19</int> - <reference key="object" ref="132646693"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="307678365"/> - </object> - <reference key="parent" ref="576137369"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">24</int> - <reference key="object" ref="307678365"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="150140133"/> - <reference ref="499080229"/> - <reference ref="695757627"/> - <reference ref="615570499"/> - <reference ref="308116730"/> - </object> - <reference key="parent" ref="132646693"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">5</int> - <reference key="object" ref="150140133"/> - <reference key="parent" ref="307678365"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">23</int> - <reference key="object" ref="499080229"/> - <reference key="parent" ref="307678365"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">203</int> - <reference key="object" ref="695757627"/> - <reference key="parent" ref="307678365"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">233</int> - <reference key="object" ref="615570499"/> - <reference key="parent" ref="307678365"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">234</int> - <reference key="object" ref="308116730"/> - <reference key="parent" ref="307678365"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">56</int> - <reference key="object" ref="946093663"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="980333367"/> - </object> - <reference key="parent" ref="576137369"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">57</int> - <reference key="object" ref="980333367"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="104201360"/> - </object> - <reference key="parent" ref="946093663"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">58</int> - <reference key="object" ref="104201360"/> - <reference key="parent" ref="980333367"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">103</int> - <reference key="object" ref="608222506"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="566679562"/> - </object> - <reference key="parent" ref="576137369"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">106</int> - <reference key="object" ref="566679562"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="376978259"/> - </object> - <reference key="parent" ref="608222506"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">111</int> - <reference key="object" ref="376978259"/> - <reference key="parent" ref="566679562"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">163</int> - <reference key="object" ref="1071484604"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="694937866"/> - </object> - <reference key="parent" ref="576137369"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">169</int> - <reference key="object" ref="694937866"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="851800591"/> - <reference ref="157511090"/> - <reference ref="9292975"/> - <reference ref="644214546"/> - <reference ref="693913733"/> - <reference ref="76167146"/> - <reference ref="491366892"/> - <reference ref="970758993"/> - <reference ref="872606351"/> - </object> - <reference key="parent" ref="1071484604"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">156</int> - <reference key="object" ref="851800591"/> - <reference key="parent" ref="694937866"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">157</int> - <reference key="object" ref="157511090"/> - <reference key="parent" ref="694937866"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">158</int> - <reference key="object" ref="9292975"/> - <reference key="parent" ref="694937866"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">160</int> - <reference key="object" ref="644214546"/> - <reference key="parent" ref="694937866"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">164</int> - <reference key="object" ref="693913733"/> - <reference key="parent" ref="694937866"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">171</int> - <reference key="object" ref="76167146"/> - <reference key="parent" ref="694937866"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">172</int> - <reference key="object" ref="491366892"/> - <reference key="parent" ref="694937866"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">173</int> - <reference key="object" ref="970758993"/> - <reference key="parent" ref="694937866"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">210</int> - <reference key="object" ref="872606351"/> - <reference key="parent" ref="694937866"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">-3</int> - <reference key="object" ref="364998124"/> - <reference key="parent" ref="0"/> - <string key="objectName">Application</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300447</int> - <reference key="object" ref="620802461"/> - <reference key="parent" ref="0"/> - </object> - </object> - </object> - <object class="NSMutableDictionary" key="flattenedProperties"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSMutableArray" key="dict.sortedKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>-1.IBPluginDependency</string> - <string>-2.IBPluginDependency</string> - <string>103.IBPluginDependency</string> - <string>103.ImportedFromIB2</string> - <string>106.IBPluginDependency</string> - <string>106.ImportedFromIB2</string> - <string>106.editorWindowContentRectSynchronizationRect</string> - <string>111.IBPluginDependency</string> - <string>111.ImportedFromIB2</string> - <string>156.IBPluginDependency</string> - <string>156.ImportedFromIB2</string> - <string>157.IBPluginDependency</string> - <string>157.ImportedFromIB2</string> - <string>158.IBPluginDependency</string> - <string>158.ImportedFromIB2</string> - <string>160.IBPluginDependency</string> - <string>160.ImportedFromIB2</string> - <string>163.IBPluginDependency</string> - <string>163.ImportedFromIB2</string> - <string>164.IBPluginDependency</string> - <string>164.ImportedFromIB2</string> - <string>169.IBEditorWindowLastContentRect</string> - <string>169.IBPluginDependency</string> - <string>169.ImportedFromIB2</string> - <string>169.editorWindowContentRectSynchronizationRect</string> - <string>171.IBPluginDependency</string> - <string>171.ImportedFromIB2</string> - <string>172.IBPluginDependency</string> - <string>172.ImportedFromIB2</string> - <string>173.IBPluginDependency</string> - <string>173.ImportedFromIB2</string> - <string>19.IBPluginDependency</string> - <string>19.ImportedFromIB2</string> - <string>203.IBPluginDependency</string> - <string>203.ImportedFromIB2</string> - <string>210.IBPluginDependency</string> - <string>210.ImportedFromIB2</string> - <string>23.IBPluginDependency</string> - <string>23.ImportedFromIB2</string> - <string>233.IBPluginDependency</string> - <string>233.ImportedFromIB2</string> - <string>234.IBPluginDependency</string> - <string>234.ImportedFromIB2</string> - <string>24.IBPluginDependency</string> - <string>24.ImportedFromIB2</string> - <string>24.editorWindowContentRectSynchronizationRect</string> - <string>29.IBEditorWindowLastContentRect</string> - <string>29.IBPluginDependency</string> - <string>29.ImportedFromIB2</string> - <string>29.editorWindowContentRectSynchronizationRect</string> - <string>300447.IBPluginDependency</string> - <string>5.IBPluginDependency</string> - <string>5.ImportedFromIB2</string> - <string>56.IBPluginDependency</string> - <string>56.ImportedFromIB2</string> - <string>57.IBEditorWindowLastContentRect</string> - <string>57.IBPluginDependency</string> - <string>57.ImportedFromIB2</string> - <string>57.editorWindowContentRectSynchronizationRect</string> - <string>58.IBPluginDependency</string> - <string>58.ImportedFromIB2</string> - </object> - <object class="NSMutableArray" key="dict.values"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <integer value="1" id="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>{{1137, 580}, {211, 23}}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>{{630, 563}, {253, 173}}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>{{1022, 430}, {253, 173}}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>{{1066, 510}, {197, 93}}</string> - <string>{{492, 736}, {314, 20}}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>{{884, 603}, {314, 20}}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>{{504, 713}, {202, 23}}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>{{896, 420}, {240, 183}}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - </object> - </object> - <object class="NSMutableDictionary" key="unlocalizedProperties"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSArray" key="dict.sortedKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - </object> - <object class="NSMutableArray" key="dict.values"> - <bool key="EncodedWithXMLCoder">YES</bool> - </object> - </object> - <nil key="activeLocalization"/> - <object class="NSMutableDictionary" key="localizations"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSArray" key="dict.sortedKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - </object> - <object class="NSMutableArray" key="dict.values"> - <bool key="EncodedWithXMLCoder">YES</bool> - </object> - </object> - <nil key="sourceID"/> - <int key="maxID">300484</int> - </object> - <object class="IBClassDescriber" key="IBDocument.Classes"> - <object class="NSMutableArray" key="referencedPartialClassDescriptions"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="IBPartialClassDescription"> - <string key="className">FirstResponder</string> - <string key="superclassName">NSObject</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBUserSource</string> - <string key="minorKey"/> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">KerberosAgentController</string> - <string key="superclassName">NSObject</string> - <object class="NSMutableDictionary" key="actions"> - <string key="NS.key.0">fakeANewClient:</string> - <string key="NS.object.0">id</string> - </object> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBProjectSource</string> - <string key="minorKey">../Sources/kim/agent/mac/KerberosAgentController.h</string> - </object> - </object> - </object> - </object> - <int key="IBDocument.localizationMode">0</int> - <string key="IBDocument.LastKnownRelativeProjectPath">../../../../../../Projects/Kerberos5.xcodeproj</string> - <int key="IBDocument.defaultPropertyAccessControl">3</int> - </data> -</archive> diff --git a/src/kim/agent/mac/resources/English.lproj/SelectIdentity.strings b/src/kim/agent/mac/resources/English.lproj/SelectIdentity.strings Binary files differdeleted file mode 100644 index db20365e9..000000000 --- a/src/kim/agent/mac/resources/English.lproj/SelectIdentity.strings +++ /dev/null diff --git a/src/kim/agent/mac/resources/English.lproj/SelectIdentity.xib b/src/kim/agent/mac/resources/English.lproj/SelectIdentity.xib deleted file mode 100644 index 8be14fb6c..000000000 --- a/src/kim/agent/mac/resources/English.lproj/SelectIdentity.xib +++ /dev/null @@ -1,2865 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<archive type="com.apple.InterfaceBuilder3.Cocoa.XIB" version="7.02"> - <data> - <int key="IBDocument.SystemTarget">1050</int> - <string key="IBDocument.SystemVersion">9F33</string> - <string key="IBDocument.InterfaceBuilderVersion">672</string> - <string key="IBDocument.AppKitVersion">949.34</string> - <string key="IBDocument.HIToolboxVersion">352.00</string> - <object class="NSMutableArray" key="IBDocument.EditedObjectIDs"> - <bool key="EncodedWithXMLCoder">YES</bool> - <integer value="300295"/> - </object> - <object class="NSArray" key="IBDocument.PluginDependencies"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - </object> - <object class="NSMutableArray" key="IBDocument.RootObjects" id="1000842439"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSCustomObject" id="262677138"> - <string key="NSClassName">SelectIdentityController</string> - </object> - <object class="NSCustomObject" id="553445653"> - <string key="NSClassName">FirstResponder</string> - </object> - <object class="NSCustomObject" id="714830734"> - <string key="NSClassName">NSApplication</string> - </object> - <object class="NSWindowTemplate" id="224590347"> - <int key="NSWindowStyleMask">13</int> - <int key="NSWindowBacking">2</int> - <string key="NSWindowRect">{{516, 414}, {500, 273}}</string> - <int key="NSWTFlags">1886913536</int> - <string key="NSWindowTitle">Select a Kerberos Identity</string> - <object class="NSMutableString" key="NSWindowClass"> - <characters key="NS.bytes">NSWindow</characters> - </object> - <object class="NSMutableString" key="NSViewClass"> - <characters key="NS.bytes">View</characters> - </object> - <string key="NSWindowContentMaxSize">{800, 800}</string> - <string key="NSWindowContentMinSize">{400, 273}</string> - <object class="NSView" key="NSWindowView" id="928852707"> - <nil key="NSNextResponder"/> - <int key="NSvFlags">256</int> - <object class="NSMutableArray" key="NSSubviews"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSTextField" id="499468804"> - <reference key="NSNextResponder" ref="928852707"/> - <int key="NSvFlags">266</int> - <string key="NSFrame">{{101, 226}, {382, 17}}</string> - <reference key="NSSuperview" ref="928852707"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="82820472"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">272629760</int> - <string key="NSContents">%@ requires you select a Kerberos identity</string> - <object class="NSFont" key="NSSupport" id="604532625"> - <string key="NSName">LucidaGrande</string> - <double key="NSSize">1.300000e+01</double> - <int key="NSfFlags">1044</int> - </object> - <reference key="NSControlView" ref="499468804"/> - <object class="NSColor" key="NSBackgroundColor" id="876444531"> - <int key="NSColorSpace">6</int> - <string key="NSCatalogName">System</string> - <string key="NSColorName">controlColor</string> - <object class="NSColor" key="NSColor" id="31892828"> - <int key="NSColorSpace">3</int> - <bytes key="NSWhite">MC42NjY2NjY2OQA</bytes> - </object> - </object> - <object class="NSColor" key="NSTextColor" id="883746258"> - <int key="NSColorSpace">6</int> - <string key="NSCatalogName">System</string> - <string key="NSColorName">controlTextColor</string> - <object class="NSColor" key="NSColor" id="18538584"> - <int key="NSColorSpace">3</int> - <bytes key="NSWhite">MAA</bytes> - </object> - </object> - </object> - </object> - <object class="NSTextField" id="675887072"> - <reference key="NSNextResponder" ref="928852707"/> - <int key="NSvFlags">266</int> - <string key="NSFrame">{{101, 181}, {382, 37}}</string> - <reference key="NSSuperview" ref="928852707"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="542766611"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">272629760</int> - <string key="NSContents">%@</string> - <object class="NSFont" key="NSSupport" id="26"> - <string key="NSName">LucidaGrande</string> - <double key="NSSize">1.100000e+01</double> - <int key="NSfFlags">3100</int> - </object> - <reference key="NSControlView" ref="675887072"/> - <reference key="NSBackgroundColor" ref="876444531"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - <object class="NSButton" id="426244837"> - <reference key="NSNextResponder" ref="928852707"/> - <int key="NSvFlags">289</int> - <string key="NSFrame">{{399, 13}, {87, 32}}</string> - <reference key="NSSuperview" ref="928852707"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="686991406"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">134217728</int> - <string key="NSContents">Select</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="426244837"/> - <int key="NSButtonFlags">-2038284033</int> - <int key="NSButtonFlags2">1</int> - <reference key="NSAlternateImage" ref="604532625"/> - <string key="NSAlternateContents"/> - <string type="base64-UTF8" key="NSKeyEquivalent">DQ</string> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSButton" id="505388869"> - <reference key="NSNextResponder" ref="928852707"/> - <int key="NSvFlags">289</int> - <string key="NSFrame">{{317, 13}, {82, 32}}</string> - <reference key="NSSuperview" ref="928852707"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="720384657"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">134217728</int> - <string key="NSContents">Cancel</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="505388869"/> - <int key="NSButtonFlags">-2038284033</int> - <int key="NSButtonFlags2">1</int> - <reference key="NSAlternateImage" ref="604532625"/> - <string key="NSAlternateContents"/> - <string type="base64-UTF8" key="NSKeyEquivalent">Gw</string> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSCustomView" id="700535463"> - <reference key="NSNextResponder" ref="928852707"/> - <int key="NSvFlags">268</int> - <string key="NSFrame">{{20, 189}, {64, 64}}</string> - <reference key="NSSuperview" ref="928852707"/> - <string key="NSClassName">BadgedImageView</string> - </object> - <object class="NSButton" id="949861041"> - <reference key="NSNextResponder" ref="928852707"/> - <int key="NSvFlags">292</int> - <string key="NSFrame">{{20, 19}, {28, 24}}</string> - <reference key="NSSuperview" ref="928852707"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="871232847"> - <int key="NSCellFlags">-2080244224</int> - <int key="NSCellFlags2">134217728</int> - <string key="NSContents"/> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="949861041"/> - <int key="NSButtonFlags">-2030812929</int> - <int key="NSButtonFlags2">162</int> - <object class="NSCustomResource" key="NSNormalImage"> - <string key="NSClassName">NSImage</string> - <string key="NSResourceName">NSAddTemplate</string> - </object> - <string key="NSAlternateContents"/> - <string key="NSKeyEquivalent"/> - <int key="NSPeriodicDelay">400</int> - <int key="NSPeriodicInterval">75</int> - </object> - </object> - <object class="NSScrollView" id="616284695"> - <reference key="NSNextResponder" ref="928852707"/> - <int key="NSvFlags">274</int> - <object class="NSMutableArray" key="NSSubviews"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSClipView" id="568659409"> - <reference key="NSNextResponder" ref="616284695"/> - <int key="NSvFlags">2304</int> - <object class="NSMutableArray" key="NSSubviews"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSTableView" id="631507655"> - <reference key="NSNextResponder" ref="568659409"/> - <int key="NSvFlags">256</int> - <string key="NSFrameSize">{458, 95}</string> - <reference key="NSSuperview" ref="568659409"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTableHeaderView" key="NSHeaderView" id="282626403"> - <reference key="NSNextResponder" ref="71614719"/> - <int key="NSvFlags">256</int> - <string key="NSFrameSize">{458, 17}</string> - <reference key="NSSuperview" ref="71614719"/> - <reference key="NSTableView" ref="631507655"/> - </object> - <object class="_NSCornerView" key="NSCornerView" id="865861000"> - <reference key="NSNextResponder" ref="616284695"/> - <int key="NSvFlags">-2147483392</int> - <string key="NSFrame">{{-26, 0}, {16, 17}}</string> - <reference key="NSSuperview" ref="616284695"/> - </object> - <object class="NSMutableArray" key="NSTableColumns"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSTableColumn" id="1025403577"> - <string key="NSIdentifier">identityColumn</string> - <double key="NSWidth">3.260000e+02</double> - <double key="NSMinWidth">4.000000e+01</double> - <double key="NSMaxWidth">1.000000e+03</double> - <object class="NSTableHeaderCell" key="NSHeaderCell"> - <int key="NSCellFlags">75628032</int> - <int key="NSCellFlags2">0</int> - <string key="NSContents">Identity</string> - <reference key="NSSupport" ref="26"/> - <object class="NSColor" key="NSBackgroundColor" id="975820753"> - <int key="NSColorSpace">3</int> - <bytes key="NSWhite">MC4zMzMzMzI5OQA</bytes> - </object> - <object class="NSColor" key="NSTextColor" id="223105710"> - <int key="NSColorSpace">6</int> - <string key="NSCatalogName">System</string> - <string key="NSColorName">headerTextColor</string> - <reference key="NSColor" ref="18538584"/> - </object> - </object> - <object class="NSTextFieldCell" key="NSDataCell" id="475156882"> - <int key="NSCellFlags">337772096</int> - <int key="NSCellFlags2">2048</int> - <string key="NSContents">Text Cell</string> - <object class="NSFont" key="NSSupport" id="445233186"> - <string key="NSName">LucidaGrande</string> - <double key="NSSize">1.100000e+01</double> - <int key="NSfFlags">16</int> - </object> - <reference key="NSControlView" ref="631507655"/> - <object class="NSColor" key="NSBackgroundColor" id="1015612366"> - <int key="NSColorSpace">6</int> - <string key="NSCatalogName">System</string> - <string key="NSColorName">controlBackgroundColor</string> - <reference key="NSColor" ref="31892828"/> - </object> - <reference key="NSTextColor" ref="883746258"/> - </object> - <int key="NSResizingMask">3</int> - <bool key="NSIsResizeable">YES</bool> - <reference key="NSTableView" ref="631507655"/> - </object> - <object class="NSTableColumn" id="917941739"> - <string key="NSIdentifier">timeRemainingColumn</string> - <double key="NSWidth">1.000000e+02</double> - <double key="NSMinWidth">1.000000e+02</double> - <double key="NSMaxWidth">2.000000e+02</double> - <object class="NSTableHeaderCell" key="NSHeaderCell"> - <int key="NSCellFlags">75628032</int> - <int key="NSCellFlags2">67108864</int> - <string key="NSContents">Time Remaining</string> - <reference key="NSSupport" ref="26"/> - <reference key="NSBackgroundColor" ref="975820753"/> - <reference key="NSTextColor" ref="223105710"/> - </object> - <object class="NSTextFieldCell" key="NSDataCell" id="519561276"> - <int key="NSCellFlags">67239488</int> - <int key="NSCellFlags2">67110912</int> - <string key="NSContents">Text Cell</string> - <reference key="NSSupport" ref="445233186"/> - <reference key="NSControlView" ref="631507655"/> - <reference key="NSBackgroundColor" ref="1015612366"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - <int key="NSResizingMask">2</int> - <bool key="NSIsResizeable">YES</bool> - <reference key="NSTableView" ref="631507655"/> - </object> - <object class="NSTableColumn" id="850969979"> - <string key="NSIdentifier">favoriteColumn</string> - <double key="NSWidth">2.300000e+01</double> - <double key="NSMinWidth">1.000000e+01</double> - <double key="NSMaxWidth">2.800000e+01</double> - <object class="NSTableHeaderCell" key="NSHeaderCell"> - <int key="NSCellFlags">75628032</int> - <int key="NSCellFlags2">134217728</int> - <string type="base64-UTF8" key="NSContents">4pmlA</string> - <reference key="NSSupport" ref="26"/> - <object class="NSColor" key="NSBackgroundColor"> - <int key="NSColorSpace">6</int> - <string key="NSCatalogName">System</string> - <string key="NSColorName">headerColor</string> - <object class="NSColor" key="NSColor" id="591379363"> - <int key="NSColorSpace">3</int> - <bytes key="NSWhite">MQA</bytes> - </object> - </object> - <reference key="NSTextColor" ref="223105710"/> - </object> - <object class="NSTextFieldCell" key="NSDataCell" id="968276158"> - <int key="NSCellFlags">67239488</int> - <int key="NSCellFlags2">134219776</int> - <string key="NSContents">Text Cell</string> - <reference key="NSSupport" ref="445233186"/> - <reference key="NSControlView" ref="631507655"/> - <reference key="NSBackgroundColor" ref="1015612366"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - <reference key="NSTableView" ref="631507655"/> - </object> - </object> - <double key="NSIntercellSpacingWidth">3.000000e+00</double> - <double key="NSIntercellSpacingHeight">2.000000e+00</double> - <reference key="NSBackgroundColor" ref="591379363"/> - <object class="NSColor" key="NSGridColor"> - <int key="NSColorSpace">6</int> - <string key="NSCatalogName">System</string> - <string key="NSColorName">gridColor</string> - <object class="NSColor" key="NSColor"> - <int key="NSColorSpace">3</int> - <bytes key="NSWhite">MC41AA</bytes> - </object> - </object> - <double key="NSRowHeight">1.700000e+01</double> - <int key="NSTvFlags">-1010827264</int> - <int key="NSColumnAutoresizingStyle">2</int> - <int key="NSDraggingSourceMaskForLocal">15</int> - <int key="NSDraggingSourceMaskForNonLocal">0</int> - <bool key="NSAllowsTypeSelect">YES</bool> - </object> - </object> - <string key="NSFrame">{{1, 17}, {458, 95}}</string> - <reference key="NSSuperview" ref="616284695"/> - <reference key="NSNextKeyView" ref="631507655"/> - <reference key="NSDocView" ref="631507655"/> - <reference key="NSBGColor" ref="1015612366"/> - <int key="NScvFlags">4</int> - </object> - <object class="NSScroller" id="810829004"> - <reference key="NSNextResponder" ref="616284695"/> - <int key="NSvFlags">-2147483392</int> - <string key="NSFrame">{{224, 17}, {15, 117}}</string> - <reference key="NSSuperview" ref="616284695"/> - <reference key="NSTarget" ref="616284695"/> - <string key="NSAction">_doScroller:</string> - <double key="NSCurValue">3.700000e+01</double> - <double key="NSPercent">1.947368e-01</double> - </object> - <object class="NSScroller" id="836592269"> - <reference key="NSNextResponder" ref="616284695"/> - <int key="NSvFlags">256</int> - <string key="NSFrame">{{-100, -100}, {223, 15}}</string> - <reference key="NSSuperview" ref="616284695"/> - <int key="NSsFlags">1</int> - <reference key="NSTarget" ref="616284695"/> - <string key="NSAction">_doScroller:</string> - <double key="NSPercent">7.689655e-01</double> - </object> - <object class="NSClipView" id="71614719"> - <reference key="NSNextResponder" ref="616284695"/> - <int key="NSvFlags">2304</int> - <object class="NSMutableArray" key="NSSubviews"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="282626403"/> - </object> - <string key="NSFrame">{{1, 0}, {458, 17}}</string> - <reference key="NSSuperview" ref="616284695"/> - <reference key="NSNextKeyView" ref="282626403"/> - <reference key="NSDocView" ref="282626403"/> - <reference key="NSBGColor" ref="1015612366"/> - <int key="NScvFlags">4</int> - </object> - <reference ref="865861000"/> - </object> - <string key="NSFrame">{{20, 60}, {460, 113}}</string> - <reference key="NSSuperview" ref="928852707"/> - <reference key="NSNextKeyView" ref="568659409"/> - <int key="NSsFlags">530</int> - <reference key="NSVScroller" ref="810829004"/> - <reference key="NSHScroller" ref="836592269"/> - <reference key="NSContentView" ref="568659409"/> - <reference key="NSHeaderClipView" ref="71614719"/> - <reference key="NSCornerView" ref="865861000"/> - <bytes key="NSScrollAmts">QSAAAEEgAABBmAAAQZgAAA</bytes> - </object> - <object class="NSPopUpButton" id="263312988"> - <reference key="NSNextResponder" ref="928852707"/> - <int key="NSvFlags">292</int> - <string key="NSFrame">{{47, 19}, {54, 24}}</string> - <reference key="NSSuperview" ref="928852707"/> - <bool key="NSEnabled">YES</bool> - <object class="NSPopUpButtonCell" key="NSCell" id="659813048"> - <int key="NSCellFlags">-2076049856</int> - <int key="NSCellFlags2">134219776</int> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="263312988"/> - <int key="NSButtonFlags">-2034220801</int> - <int key="NSButtonFlags2">162</int> - <string key="NSAlternateContents"/> - <string key="NSKeyEquivalent"/> - <int key="NSPeriodicDelay">400</int> - <int key="NSPeriodicInterval">75</int> - <object class="NSMenuItem" key="NSMenuItem" id="354283131"> - <reference key="NSMenu" ref="600123164"/> - <bool key="NSIsHidden">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <int key="NSState">1</int> - <object class="NSCustomResource" key="NSImage"> - <string key="NSClassName">NSImage</string> - <string key="NSResourceName">NSActionTemplate</string> - </object> - <object class="NSCustomResource" key="NSOnImage" id="514331248"> - <string key="NSClassName">NSImage</string> - <string key="NSResourceName">NSMenuCheckmark</string> - </object> - <object class="NSCustomResource" key="NSMixedImage" id="572887887"> - <string key="NSClassName">NSImage</string> - <string key="NSResourceName">NSMenuMixedState</string> - </object> - <string key="NSAction">_popUpItemAction:</string> - <reference key="NSTarget" ref="659813048"/> - </object> - <bool key="NSMenuItemRespectAlignment">YES</bool> - <object class="NSMenu" key="NSMenu" id="600123164"> - <string key="NSTitle">OtherViews</string> - <object class="NSMutableArray" key="NSMenuItems"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="354283131"/> - <object class="NSMenuItem" id="136217401"> - <reference key="NSMenu" ref="600123164"/> - <string key="NSTitle">Remember Identity</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="514331248"/> - <reference key="NSMixedImage" ref="572887887"/> - <string key="NSAction">_popUpItemAction:</string> - <reference key="NSTarget" ref="659813048"/> - </object> - <object class="NSMenuItem" id="778570067"> - <reference key="NSMenu" ref="600123164"/> - <string key="NSTitle">Forget Identity</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="514331248"/> - <reference key="NSMixedImage" ref="572887887"/> - <string key="NSAction">_popUpItemAction:</string> - <reference key="NSTarget" ref="659813048"/> - </object> - <object class="NSMenuItem" id="553755370"> - <reference key="NSMenu" ref="600123164"/> - <string type="base64-UTF8" key="NSTitle">VGlja2V0IE9wdGlvbnPigKY</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="514331248"/> - <reference key="NSMixedImage" ref="572887887"/> - <string key="NSAction">_popUpItemAction:</string> - <reference key="NSTarget" ref="659813048"/> - </object> - <object class="NSMenuItem" id="963135554"> - <reference key="NSMenu" ref="600123164"/> - <string type="base64-UTF8" key="NSTitle">Q2hhbmdlIFBhc3N3b3Jk4oCmA</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="514331248"/> - <reference key="NSMixedImage" ref="572887887"/> - <string key="NSAction">_popUpItemAction:</string> - <reference key="NSTarget" ref="659813048"/> - </object> - </object> - </object> - <bool key="NSPullDown">YES</bool> - <int key="NSPreferredEdge">2</int> - <bool key="NSUsesItemFromMenu">YES</bool> - <bool key="NSAltersState">YES</bool> - <int key="NSArrowPosition">2</int> - </object> - </object> - </object> - <string key="NSFrameSize">{500, 273}</string> - </object> - <string key="NSScreenRect">{{0, 0}, {1440, 878}}</string> - <string key="NSMinSize">{400, 295}</string> - <string key="NSMaxSize">{800, 822}</string> - <string key="NSFrameAutosaveName">SelectIdentityFrame</string> - </object> - <object class="NSArrayController" id="333357907"> - <object class="NSMutableArray" key="NSDeclaredKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>timeRemaining</string> - <string>isFavorite</string> - <string>principalString</string> - <string>favorite</string> - <string>identity</string> - </object> - <string key="NSObjectClassName">Identity</string> - <bool key="NSEditable">YES</bool> - <object class="_NSManagedProxy" key="_NSManagedProxy"/> - <bool key="NSAvoidsEmptySelection">YES</bool> - <bool key="NSPreservesSelection">YES</bool> - <bool key="NSFilterRestrictsInsertion">YES</bool> - <bool key="NSClearsFilterPredicateOnInsertion">YES</bool> - </object> - <object class="NSCustomObject" id="307777557"> - <string key="NSClassName">KerberosTimeFormatter</string> - </object> - <object class="NSCustomObject" id="355705187"> - <string key="NSClassName">KerberosFavoriteFormatter</string> - </object> - <object class="NSWindowTemplate" id="370461416"> - <int key="NSWindowStyleMask">7</int> - <int key="NSWindowBacking">2</int> - <string key="NSWindowRect">{{196, 142}, {427, 368}}</string> - <int key="NSWTFlags">603979776</int> - <string key="NSWindowTitle">Window</string> - <string key="NSWindowClass">NSWindow</string> - <nil key="NSViewClass"/> - <string key="NSWindowContentMaxSize">{3.40282e+38, 3.40282e+38}</string> - <object class="NSView" key="NSWindowView" id="1019868804"> - <reference key="NSNextResponder"/> - <int key="NSvFlags">258</int> - <object class="NSMutableArray" key="NSSubviews"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSTextField" id="485004197"> - <reference key="NSNextResponder" ref="1019868804"/> - <int key="NSvFlags">266</int> - <string key="NSFrame">{{78, 326}, {329, 22}}</string> - <reference key="NSSuperview" ref="1019868804"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="1047482753"> - <int key="NSCellFlags">-1804468671</int> - <int key="NSCellFlags2">272630784</int> - <string key="NSContents"/> - <reference key="NSSupport" ref="604532625"/> - <string key="NSPlaceholderString">user</string> - <reference key="NSControlView" ref="485004197"/> - <bool key="NSDrawsBackground">YES</bool> - <object class="NSColor" key="NSBackgroundColor" id="830301085"> - <int key="NSColorSpace">6</int> - <string key="NSCatalogName">System</string> - <string key="NSColorName">textBackgroundColor</string> - <reference key="NSColor" ref="591379363"/> - </object> - <object class="NSColor" key="NSTextColor"> - <int key="NSColorSpace">6</int> - <string key="NSCatalogName">System</string> - <string key="NSColorName">textColor</string> - <reference key="NSColor" ref="18538584"/> - </object> - </object> - </object> - <object class="NSTextField" id="404880622"> - <reference key="NSNextResponder" ref="1019868804"/> - <int key="NSvFlags">268</int> - <string key="NSFrame">{{17, 328}, {56, 17}}</string> - <reference key="NSSuperview" ref="1019868804"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="775341038"> - <int key="NSCellFlags">68288064</int> - <int key="NSCellFlags2">4195328</int> - <string key="NSContents">Identity:</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="404880622"/> - <reference key="NSBackgroundColor" ref="876444531"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - <object class="NSBox" id="282101470"> - <reference key="NSNextResponder" ref="1019868804"/> - <int key="NSvFlags">266</int> - <object class="NSMutableArray" key="NSSubviews"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSView" id="929379"> - <reference key="NSNextResponder" ref="282101470"/> - <int key="NSvFlags">256</int> - <object class="NSMutableArray" key="NSSubviews"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSSlider" id="552234083"> - <reference key="NSNextResponder" ref="929379"/> - <int key="NSvFlags">266</int> - <string key="NSFrame">{{22, 181}, {347, 25}}</string> - <reference key="NSSuperview" ref="929379"/> - <bool key="NSEnabled">YES</bool> - <object class="NSSliderCell" key="NSCell" id="629844970"> - <int key="NSCellFlags">67501824</int> - <int key="NSCellFlags2">0</int> - <object class="NSMutableString" key="NSContents"> - <characters key="NS.bytes"/> - </object> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="552234083"/> - <double key="NSMaxValue">1.000000e+02</double> - <double key="NSMinValue">0.000000e+00</double> - <double key="NSValue">0.000000e+00</double> - <double key="NSAltIncValue">0.000000e+00</double> - <int key="NSNumberOfTickMarks">11</int> - <int key="NSTickMarkPosition">0</int> - <bool key="NSAllowsTickMarkValuesOnly">NO</bool> - <bool key="NSVertical">NO</bool> - </object> - </object> - <object class="NSTextField" id="576071402"> - <reference key="NSNextResponder" ref="929379"/> - <int key="NSvFlags">268</int> - <string key="NSFrame">{{11, 213}, {185, 17}}</string> - <reference key="NSSuperview" ref="929379"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="380679549"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">4194304</int> - <string key="NSContents">Get tickets that are valid for:</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="576071402"/> - <reference key="NSBackgroundColor" ref="876444531"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - <object class="NSTextField" id="54325332"> - <reference key="NSNextResponder" ref="929379"/> - <int key="NSvFlags">266</int> - <string key="NSFrame">{{21, 159}, {349, 14}}</string> - <reference key="NSSuperview" ref="929379"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="584202005"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">4325376</int> - <string key="NSContents">10 hours</string> - <reference key="NSSupport" ref="26"/> - <reference key="NSControlView" ref="54325332"/> - <reference key="NSBackgroundColor" ref="876444531"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - <object class="NSTextField" id="240805237"> - <reference key="NSNextResponder" ref="929379"/> - <int key="NSvFlags">268</int> - <string key="NSFrame">{{11, 134}, {133, 17}}</string> - <reference key="NSSuperview" ref="929379"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="638526338"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">71303168</int> - <string key="NSContents">Kerberos 5 Options:</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="240805237"/> - <reference key="NSBackgroundColor" ref="876444531"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - <object class="NSSlider" id="373804676"> - <reference key="NSNextResponder" ref="929379"/> - <int key="NSvFlags">266</int> - <string key="NSFrame">{{40, 36}, {311, 25}}</string> - <reference key="NSSuperview" ref="929379"/> - <bool key="NSEnabled">YES</bool> - <object class="NSSliderCell" key="NSCell" id="84127609"> - <int key="NSCellFlags">67501824</int> - <int key="NSCellFlags2">0</int> - <object class="NSMutableString" key="NSContents"> - <characters key="NS.bytes"/> - </object> - <object class="NSFont" key="NSSupport"> - <string key="NSName">Helvetica</string> - <double key="NSSize">1.200000e+01</double> - <int key="NSfFlags">16</int> - </object> - <reference key="NSControlView" ref="373804676"/> - <double key="NSMaxValue">1.000000e+05</double> - <double key="NSMinValue">0.000000e+00</double> - <double key="NSValue">2.484663e+04</double> - <double key="NSAltIncValue">0.000000e+00</double> - <int key="NSNumberOfTickMarks">8</int> - <int key="NSTickMarkPosition">0</int> - <bool key="NSAllowsTickMarkValuesOnly">NO</bool> - <bool key="NSVertical">NO</bool> - </object> - </object> - <object class="NSButton" id="910622795"> - <reference key="NSNextResponder" ref="929379"/> - <int key="NSvFlags">268</int> - <string key="NSFrame">{{22, 88}, {303, 18}}</string> - <reference key="NSSuperview" ref="929379"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="878349972"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">0</int> - <string key="NSContents">Get tickets without IP addresses (NAT mode)</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="910622795"/> - <int key="NSButtonFlags">1211912703</int> - <int key="NSButtonFlags2">2</int> - <object class="NSButtonImageSource" key="NSAlternateImage" id="565361234"> - <string key="NSImageName">NSSwitch</string> - </object> - <string key="NSAlternateContents"/> - <string key="NSKeyEquivalent"/> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSButton" id="415869872"> - <reference key="NSNextResponder" ref="929379"/> - <int key="NSvFlags">268</int> - <string key="NSFrame">{{22, 110}, {351, 18}}</string> - <reference key="NSSuperview" ref="929379"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="77611886"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">0</int> - <string key="NSContents">Get tickets that can be forwarded to other machines</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="415869872"/> - <int key="NSButtonFlags">1211912703</int> - <int key="NSButtonFlags2">2</int> - <reference key="NSAlternateImage" ref="565361234"/> - <string key="NSAlternateContents"/> - <string key="NSKeyEquivalent"/> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSButton" id="606962746"> - <reference key="NSNextResponder" ref="929379"/> - <int key="NSvFlags">268</int> - <string key="NSFrame">{{22, 66}, {248, 18}}</string> - <reference key="NSSuperview" ref="929379"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="583273626"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">0</int> - <string key="NSContents">Get tickets that can be renewed for:</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="606962746"/> - <int key="NSButtonFlags">1211912703</int> - <int key="NSButtonFlags2">2</int> - <reference key="NSAlternateImage" ref="565361234"/> - <string key="NSAlternateContents"/> - <string key="NSKeyEquivalent"/> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSTextField" id="956800130"> - <reference key="NSNextResponder" ref="929379"/> - <int key="NSvFlags">266</int> - <string key="NSFrame">{{39, 14}, {313, 14}}</string> - <reference key="NSSuperview" ref="929379"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="596249502"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">4325376</int> - <string key="NSContents">6 days, 17 hours, 45 minutes</string> - <reference key="NSSupport" ref="26"/> - <reference key="NSControlView" ref="956800130"/> - <reference key="NSBackgroundColor" ref="876444531"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - </object> - <string key="NSFrame">{{1, 1}, {391, 242}}</string> - <reference key="NSSuperview" ref="282101470"/> - </object> - </object> - <string key="NSFrame">{{17, 48}, {393, 244}}</string> - <reference key="NSSuperview" ref="1019868804"/> - <string key="NSOffsets">{0, 0}</string> - <object class="NSTextFieldCell" key="NSTitleCell"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">0</int> - <string key="NSContents">Ticket Options</string> - <reference key="NSSupport" ref="445233186"/> - <reference key="NSBackgroundColor" ref="830301085"/> - <object class="NSColor" key="NSTextColor"> - <int key="NSColorSpace">3</int> - <bytes key="NSWhite">MCAwLjgwMDAwMDAxAA</bytes> - </object> - </object> - <reference key="NSContentView" ref="929379"/> - <int key="NSBorderType">1</int> - <int key="NSBoxType">1</int> - <int key="NSTitlePosition">0</int> - <bool key="NSTransparent">NO</bool> - </object> - <object class="NSButton" id="932240937"> - <reference key="NSNextResponder" ref="1019868804"/> - <int key="NSvFlags">289</int> - <string key="NSFrame">{{331, 12}, {82, 32}}</string> - <reference key="NSSuperview" ref="1019868804"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="870649207"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">134217728</int> - <string key="NSContents">OK</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="932240937"/> - <int key="NSButtonFlags">-2038284033</int> - <int key="NSButtonFlags2">129</int> - <string key="NSAlternateContents"/> - <string type="base64-UTF8" key="NSKeyEquivalent">DQ</string> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSButton" id="871834199"> - <reference key="NSNextResponder" ref="1019868804"/> - <int key="NSvFlags">289</int> - <string key="NSFrame">{{249, 12}, {82, 32}}</string> - <reference key="NSSuperview" ref="1019868804"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="754483226"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">134217728</int> - <string key="NSContents">Cancel</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="871834199"/> - <int key="NSButtonFlags">-2038284033</int> - <int key="NSButtonFlags2">129</int> - <string key="NSAlternateContents"/> - <string type="base64-UTF8" key="NSKeyEquivalent">Gw</string> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSTextField" id="958176038"> - <reference key="NSNextResponder" ref="1019868804"/> - <int key="NSvFlags">-2147483382</int> - <string key="NSFrame">{{73, 328}, {337, 17}}</string> - <reference key="NSSuperview" ref="1019868804"/> - <bool key="NSEnabled">YES</bool> - <object class="NSTextFieldCell" key="NSCell" id="196100637"> - <int key="NSCellFlags">68288064</int> - <int key="NSCellFlags2">272630784</int> - <string key="NSContents">Label</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="958176038"/> - <reference key="NSBackgroundColor" ref="876444531"/> - <reference key="NSTextColor" ref="883746258"/> - </object> - </object> - <object class="NSButton" id="46228658"> - <reference key="NSNextResponder" ref="1019868804"/> - <int key="NSvFlags">268</int> - <string key="NSFrame">{{18, 300}, {184, 18}}</string> - <reference key="NSSuperview" ref="1019868804"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="830149940"> - <int key="NSCellFlags">-2080244224</int> - <int key="NSCellFlags2">0</int> - <string key="NSContents">Use default ticket options</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="46228658"/> - <int key="NSButtonFlags">1211912703</int> - <int key="NSButtonFlags2">130</int> - <object class="NSCustomResource" key="NSNormalImage"> - <string key="NSClassName">NSImage</string> - <string key="NSResourceName">NSSwitch</string> - </object> - <reference key="NSAlternateImage" ref="565361234"/> - <string key="NSAlternateContents"/> - <string key="NSKeyEquivalent"/> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - <object class="NSButton" id="58047674"> - <reference key="NSNextResponder" ref="1019868804"/> - <int key="NSvFlags">292</int> - <string key="NSFrame">{{14, 12}, {127, 32}}</string> - <reference key="NSSuperview" ref="1019868804"/> - <bool key="NSEnabled">YES</bool> - <object class="NSButtonCell" key="NSCell" id="167351998"> - <int key="NSCellFlags">67239424</int> - <int key="NSCellFlags2">134217728</int> - <string key="NSContents">Show Options</string> - <reference key="NSSupport" ref="604532625"/> - <reference key="NSControlView" ref="58047674"/> - <int key="NSButtonFlags">-2038284033</int> - <int key="NSButtonFlags2">129</int> - <string key="NSAlternateContents"/> - <string type="base64-UTF8" key="NSKeyEquivalent">Gw</string> - <int key="NSPeriodicDelay">200</int> - <int key="NSPeriodicInterval">25</int> - </object> - </object> - </object> - <string key="NSFrameSize">{427, 368}</string> - <reference key="NSSuperview"/> - </object> - <string key="NSScreenRect">{{0, 0}, {1280, 778}}</string> - <string key="NSMaxSize">{3.40282e+38, 3.40282e+38}</string> - </object> - <object class="NSObjectController" id="196152721"> - <object class="NSMutableArray" key="NSDeclaredKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>forwardable</string> - <string>renewable</string> - <string>renewableLifetime</string> - <string>identityString</string> - <string>favorite</string> - <string>addressless</string> - <string>validLifetime</string> - <string>renewableLifetimeString</string> - <string>validLifetimeString</string> - <string>hasCCache</string> - <string>minValidLifetime</string> - <string>maxValidLifetime</string> - <string>maxRenewableLifetime</string> - <string>identity</string> - <string>renewable_lifetime</string> - <string>valid_lifetime</string> - <string>renewal_lifetime</string> - <string>identity_string</string> - <string>canClickOK</string> - <string>usesDefaultTicketOptions</string> - </object> - <bool key="NSEditable">YES</bool> - <bool key="NSAutomaticallyPreparesContent">YES</bool> - <object class="_NSManagedProxy" key="_NSManagedProxy"/> - </object> - <object class="NSObjectController" id="252123121"> - <object class="NSMutableArray" key="NSDeclaredKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>hints.explanation</string> - </object> - <bool key="NSEditable">YES</bool> - <object class="_NSManagedProxy" key="_NSManagedProxy"/> - </object> - <object class="NSObjectController" id="1031761104"> - <object class="NSMutableArray" key="NSDeclaredKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>minimumValidLifetime</string> - <string>maximumValidLifetime</string> - <string>minimumRenewableLifetime</string> - <string>maximumRenewableLifetime</string> - <string>favorite</string> - <string>identities</string> - <string>minRenewableLifetime</string> - <string>content.identities</string> - </object> - <string key="NSObjectClassName">Identities</string> - <object class="_NSManagedProxy" key="_NSManagedProxy"/> - </object> - <object class="NSCustomObject" id="974495087"> - <string key="NSClassName">KerberosTimeFormatter</string> - </object> - </object> - <object class="IBObjectContainer" key="IBDocument.Objects"> - <object class="NSMutableArray" key="connectionRecords"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">kerberosIconImageView</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="700535463"/> - </object> - <int key="connectionID">300158</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">headerTextField</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="499468804"/> - </object> - <int key="connectionID">300163</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">explanationTextField</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="675887072"/> - </object> - <int key="connectionID">300164</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">cancelButton</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="505388869"/> - </object> - <int key="connectionID">300165</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">selectIdentityButton</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="426244837"/> - </object> - <int key="connectionID">300167</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">cancel:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="505388869"/> - </object> - <int key="connectionID">300169</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">window</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="224590347"/> - </object> - <int key="connectionID">300181</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">identityArrayController</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="333357907"/> - </object> - <int key="connectionID">300184</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: canAdd</string> - <reference key="source" ref="949861041"/> - <reference key="destination" ref="333357907"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="949861041"/> - <reference key="NSDestination" ref="333357907"/> - <string key="NSLabel">enabled: canAdd</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">canAdd</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300210</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">addIdentityButton</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="949861041"/> - </object> - <int key="connectionID">300214</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">content: arrangedObjects</string> - <reference key="source" ref="631507655"/> - <reference key="destination" ref="333357907"/> - <object class="NSNibBindingConnector" key="connector" id="355877009"> - <reference key="NSSource" ref="631507655"/> - <reference key="NSDestination" ref="333357907"/> - <string key="NSLabel">content: arrangedObjects</string> - <string key="NSBinding">content</string> - <string key="NSKeyPath">arrangedObjects</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300229</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">selectionIndexes: selectionIndexes</string> - <reference key="source" ref="631507655"/> - <reference key="destination" ref="333357907"/> - <object class="NSNibBindingConnector" key="connector" id="824847554"> - <reference key="NSSource" ref="631507655"/> - <reference key="NSDestination" ref="333357907"/> - <string key="NSLabel">selectionIndexes: selectionIndexes</string> - <string key="NSBinding">selectionIndexes</string> - <string key="NSKeyPath">selectionIndexes</string> - <reference key="NSPreviousConnector" ref="355877009"/> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300230</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">formatter</string> - <reference key="source" ref="519561276"/> - <reference key="destination" ref="307777557"/> - </object> - <int key="connectionID">300242</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">formatter</string> - <reference key="source" ref="968276158"/> - <reference key="destination" ref="355705187"/> - </object> - <int key="connectionID">300245</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">delegate</string> - <reference key="source" ref="224590347"/> - <reference key="destination" ref="262677138"/> - </object> - <int key="connectionID">300251</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">identityTableView</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="631507655"/> - </object> - <int key="connectionID">300252</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">cancel:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="968276158"/> - </object> - <int key="connectionID">300253</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: arrangedObjects.expirationDate</string> - <reference key="source" ref="917941739"/> - <reference key="destination" ref="333357907"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="917941739"/> - <reference key="NSDestination" ref="333357907"/> - <string key="NSLabel">value: arrangedObjects.expirationDate</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">arrangedObjects.expirationDate</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSConditionallySetsEditable</string> - <integer value="1" key="NS.object.0" id="9"/> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300255</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">sortDescriptors: sortDescriptors</string> - <reference key="source" ref="631507655"/> - <reference key="destination" ref="333357907"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="631507655"/> - <reference key="NSDestination" ref="333357907"/> - <string key="NSLabel">sortDescriptors: sortDescriptors</string> - <string key="NSBinding">sortDescriptors</string> - <string key="NSKeyPath">sortDescriptors</string> - <reference key="NSPreviousConnector" ref="824847554"/> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300259</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">select:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="426244837"/> - </object> - <int key="connectionID">300293</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">delegate</string> - <reference key="source" ref="54325332"/> - <reference key="destination" ref="552234083"/> - </object> - <int key="connectionID">300325</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">delegate</string> - <reference key="source" ref="956800130"/> - <reference key="destination" ref="373804676"/> - </object> - <int key="connectionID">300328</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">identityOptionsController</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="196152721"/> - </object> - <int key="connectionID">300357</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: arrangedObjects.favorite</string> - <reference key="source" ref="850969979"/> - <reference key="destination" ref="333357907"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="850969979"/> - <reference key="NSDestination" ref="333357907"/> - <string key="NSLabel">value: arrangedObjects.favorite</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">arrangedObjects.favorite</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300367</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">identitiesController</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="1031761104"/> - </object> - <int key="connectionID">300380</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">hidden: selection.hasCCache</string> - <reference key="source" ref="958176038"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="958176038"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">hidden: selection.hasCCache</string> - <string key="NSBinding">hidden</string> - <string key="NSKeyPath">selection.hasCCache</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSValueTransformerName</string> - <string key="NS.object.0">NSNegateBoolean</string> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300421</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">hidden: selection.hasCCache</string> - <reference key="source" ref="485004197"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="485004197"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">hidden: selection.hasCCache</string> - <string key="NSBinding">hidden</string> - <string key="NSKeyPath">selection.hasCCache</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300422</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">hidden: selection.favorite</string> - <reference key="source" ref="136217401"/> - <reference key="destination" ref="333357907"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="136217401"/> - <reference key="NSDestination" ref="333357907"/> - <string key="NSLabel">hidden: selection.favorite</string> - <string key="NSBinding">hidden</string> - <string key="NSKeyPath">selection.favorite</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300438</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">hidden: selection.favorite</string> - <reference key="source" ref="778570067"/> - <reference key="destination" ref="333357907"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="778570067"/> - <reference key="NSDestination" ref="333357907"/> - <string key="NSLabel">hidden: selection.favorite</string> - <string key="NSBinding">hidden</string> - <string key="NSKeyPath">selection.favorite</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSValueTransformerName</string> - <string key="NS.object.0">NSNegateBoolean</string> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300440</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">addToFavorites:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="136217401"/> - </object> - <int key="connectionID">300441</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">removeFromFavorites:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="778570067"/> - </object> - <int key="connectionID">300442</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">newIdentity:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="949861041"/> - </object> - <int key="connectionID">300450</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">editOptions:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="553755370"/> - </object> - <int key="connectionID">300452</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">cancelOptions:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="871834199"/> - </object> - <int key="connectionID">300453</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">doneOptions:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="932240937"/> - </object> - <int key="connectionID">300455</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">ticketOptionsOkButton</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="932240937"/> - </object> - <int key="connectionID">300459</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">delegate</string> - <reference key="source" ref="485004197"/> - <reference key="destination" ref="262677138"/> - </object> - <int key="connectionID">300461</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">maxValue: selection.maxValidLifetime</string> - <reference key="source" ref="552234083"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector" id="1045274898"> - <reference key="NSSource" ref="552234083"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">maxValue: selection.maxValidLifetime</string> - <string key="NSBinding">maxValue</string> - <string key="NSKeyPath">selection.maxValidLifetime</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300470</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">minValue: selection.minValidLifetime</string> - <reference key="source" ref="552234083"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="552234083"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">minValue: selection.minValidLifetime</string> - <string key="NSBinding">minValue</string> - <string key="NSKeyPath">selection.minValidLifetime</string> - <reference key="NSPreviousConnector" ref="1045274898"/> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300471</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">validLifetimeSlider</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="552234083"/> - </object> - <int key="connectionID">300473</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">renewableLifetimeSlider</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="373804676"/> - </object> - <int key="connectionID">300474</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">sliderDidChange:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="552234083"/> - </object> - <int key="connectionID">300475</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">sliderDidChange:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="373804676"/> - </object> - <int key="connectionID">300476</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">maxValue: selection.maxRenewableLifetime</string> - <reference key="source" ref="373804676"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector" id="992990082"> - <reference key="NSSource" ref="373804676"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">maxValue: selection.maxRenewableLifetime</string> - <string key="NSBinding">maxValue</string> - <string key="NSKeyPath">selection.maxRenewableLifetime</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300481</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">minValue: selection.minRenewableLifetime</string> - <reference key="source" ref="373804676"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="373804676"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">minValue: selection.minRenewableLifetime</string> - <string key="NSBinding">minValue</string> - <string key="NSKeyPath">selection.minRenewableLifetime</string> - <reference key="NSPreviousConnector" ref="992990082"/> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300482</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">staticIdentityField</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="958176038"/> - </object> - <int key="connectionID">300483</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">identityField</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="485004197"/> - </object> - <int key="connectionID">300484</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">changePassword:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="963135554"/> - </object> - <int key="connectionID">300486</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.identity</string> - <reference key="source" ref="1047482753"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="1047482753"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">value: selection.identity</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.identity</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSContinuouslyUpdatesValue</string> - <reference key="NS.object.0" ref="9"/> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300489</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.forwardable</string> - <reference key="source" ref="415869872"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="415869872"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">value: selection.forwardable</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.forwardable</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300490</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.addressless</string> - <reference key="source" ref="910622795"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="910622795"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">value: selection.addressless</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.addressless</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300491</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.renewable</string> - <reference key="source" ref="606962746"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="606962746"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">value: selection.renewable</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.renewable</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300492</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.valid_lifetime</string> - <reference key="source" ref="54325332"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="54325332"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">value: selection.valid_lifetime</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.valid_lifetime</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300494</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.hints.explanation</string> - <reference key="source" ref="675887072"/> - <reference key="destination" ref="252123121"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="675887072"/> - <reference key="NSDestination" ref="252123121"/> - <string key="NSLabel">value: selection.hints.explanation</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.hints.explanation</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300495</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">glueController</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="252123121"/> - </object> - <int key="connectionID">300496</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.renewable</string> - <reference key="source" ref="373804676"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector" id="331780751"> - <reference key="NSSource" ref="373804676"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">enabled: selection.renewable</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.renewable</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300497</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">formatter</string> - <reference key="source" ref="54325332"/> - <reference key="destination" ref="974495087"/> - </object> - <int key="connectionID">300499</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">formatter</string> - <reference key="source" ref="956800130"/> - <reference key="destination" ref="974495087"/> - </object> - <int key="connectionID">300500</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.renewal_lifetime</string> - <reference key="source" ref="956800130"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="956800130"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">value: selection.renewal_lifetime</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.renewal_lifetime</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300501</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">longTimeFormatter</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="974495087"/> - </object> - <int key="connectionID">300502</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">shortTimeFormatter</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="307777557"/> - </object> - <int key="connectionID">300503</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: arrangedObjects.identity</string> - <reference key="source" ref="1025403577"/> - <reference key="destination" ref="333357907"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="1025403577"/> - <reference key="NSDestination" ref="333357907"/> - <string key="NSLabel">value: arrangedObjects.identity</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">arrangedObjects.identity</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSConditionallySetsEditable</string> - <reference key="NS.object.0" ref="9"/> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300504</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.identity_string</string> - <reference key="source" ref="958176038"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="958176038"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">value: selection.identity_string</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.identity_string</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300506</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.identity_string</string> - <reference key="source" ref="485004197"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="485004197"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">value: selection.identity_string</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.identity_string</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSContinuouslyUpdatesValue</string> - <reference key="NS.object.0" ref="9"/> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300509</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">identityTableScrollView</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="616284695"/> - </object> - <int key="connectionID">300511</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">ticketOptionsBox</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="282101470"/> - </object> - <int key="connectionID">300520</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">toggleOptionsVisibility:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="58047674"/> - </object> - <int key="connectionID">300521</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">ticketOptionsWindow</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="370461416"/> - </object> - <int key="connectionID">300522</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">ticketOptionsToggleButton</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="58047674"/> - </object> - <int key="connectionID">300523</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">value: selection.usesDefaultTicketOptions</string> - <reference key="source" ref="46228658"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="46228658"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">value: selection.usesDefaultTicketOptions</string> - <string key="NSBinding">value</string> - <string key="NSKeyPath">selection.usesDefaultTicketOptions</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300525</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.usesDefaultTicketOptions</string> - <reference key="source" ref="552234083"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="552234083"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">enabled: selection.usesDefaultTicketOptions</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.usesDefaultTicketOptions</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSValueTransformerName</string> - <string key="NS.object.0">NSNegateBoolean</string> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300527</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.usesDefaultTicketOptions</string> - <reference key="source" ref="415869872"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="415869872"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">enabled: selection.usesDefaultTicketOptions</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.usesDefaultTicketOptions</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSValueTransformerName</string> - <string key="NS.object.0">NSNegateBoolean</string> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300529</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.usesDefaultTicketOptions</string> - <reference key="source" ref="910622795"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="910622795"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">enabled: selection.usesDefaultTicketOptions</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.usesDefaultTicketOptions</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSValueTransformerName</string> - <string key="NS.object.0">NSNegateBoolean</string> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300531</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.usesDefaultTicketOptions</string> - <reference key="source" ref="606962746"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="606962746"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">enabled: selection.usesDefaultTicketOptions</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.usesDefaultTicketOptions</string> - <object class="NSDictionary" key="NSOptions"> - <string key="NS.key.0">NSValueTransformerName</string> - <string key="NS.object.0">NSNegateBoolean</string> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300533</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled2: selection.usesDefaultTicketOptions</string> - <reference key="source" ref="373804676"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="373804676"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">enabled2: selection.usesDefaultTicketOptions</string> - <string key="NSBinding">enabled2</string> - <string key="NSKeyPath">selection.usesDefaultTicketOptions</string> - <object class="NSDictionary" key="NSOptions"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSMutableArray" key="dict.sortedKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>NSMultipleValuesPlaceholder</string> - <string>NSNoSelectionPlaceholder</string> - <string>NSNotApplicablePlaceholder</string> - <string>NSNullPlaceholder</string> - <string>NSValueTransformerName</string> - </object> - <object class="NSMutableArray" key="dict.values"> - <bool key="EncodedWithXMLCoder">YES</bool> - <integer value="-1" id="7"/> - <reference ref="7"/> - <reference ref="7"/> - <reference ref="7"/> - <string>NSNegateBoolean</string> - </object> - </object> - <reference key="NSPreviousConnector" ref="331780751"/> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300535</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">checkboxDidChange:</string> - <reference key="source" ref="262677138"/> - <reference key="destination" ref="46228658"/> - </object> - <int key="connectionID">300536</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">contentArray: content.identities</string> - <reference key="source" ref="333357907"/> - <reference key="destination" ref="1031761104"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="333357907"/> - <reference key="NSDestination" ref="1031761104"/> - <string key="NSLabel">contentArray: content.identities</string> - <string key="NSBinding">contentArray</string> - <string key="NSKeyPath">content.identities</string> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300539</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBBindingConnection" key="connection"> - <string key="label">enabled: selection.canClickOK</string> - <reference key="source" ref="932240937"/> - <reference key="destination" ref="196152721"/> - <object class="NSNibBindingConnector" key="connector"> - <reference key="NSSource" ref="932240937"/> - <reference key="NSDestination" ref="196152721"/> - <string key="NSLabel">enabled: selection.canClickOK</string> - <string key="NSBinding">enabled</string> - <string key="NSKeyPath">selection.canClickOK</string> - <object class="NSDictionary" key="NSOptions"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSMutableArray" key="dict.sortedKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>NSMultipleValuesPlaceholder</string> - <string>NSNoSelectionPlaceholder</string> - <string>NSNotApplicablePlaceholder</string> - <string>NSNullPlaceholder</string> - <string>NSRaisesForNotApplicableKeys</string> - </object> - <object class="NSMutableArray" key="dict.values"> - <bool key="EncodedWithXMLCoder">YES</bool> - <integer value="0" id="8"/> - <reference ref="8"/> - <reference ref="8"/> - <reference ref="8"/> - <integer value="0"/> - </object> - </object> - <int key="NSNibBindingConnectorVersion">2</int> - </object> - </object> - <int key="connectionID">300546</int> - </object> - </object> - <object class="IBMutableOrderedSet" key="objectRecords"> - <object class="NSArray" key="orderedObjects"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="IBObjectRecord"> - <int key="objectID">0</int> - <object class="NSArray" key="object" id="0"> - <bool key="EncodedWithXMLCoder">YES</bool> - </object> - <reference key="children" ref="1000842439"/> - <nil key="parent"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">-2</int> - <reference key="object" ref="262677138"/> - <reference key="parent" ref="0"/> - <string type="base64-UTF8" key="objectName">RmlsZSdzIE93bmVyA</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">-1</int> - <reference key="object" ref="553445653"/> - <reference key="parent" ref="0"/> - <string key="objectName">First Responder</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">5</int> - <reference key="object" ref="224590347"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="928852707"/> - </object> - <reference key="parent" ref="0"/> - <string key="objectName">Select a Kerberos Identity</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">6</int> - <reference key="object" ref="928852707"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="499468804"/> - <reference ref="675887072"/> - <reference ref="505388869"/> - <reference ref="700535463"/> - <reference ref="426244837"/> - <reference ref="263312988"/> - <reference ref="949861041"/> - <reference ref="616284695"/> - </object> - <reference key="parent" ref="224590347"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">8</int> - <reference key="object" ref="499468804"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="82820472"/> - </object> - <reference key="parent" ref="928852707"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">15</int> - <reference key="object" ref="426244837"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="686991406"/> - </object> - <reference key="parent" ref="928852707"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">16</int> - <reference key="object" ref="505388869"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="720384657"/> - </object> - <reference key="parent" ref="928852707"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">100008</int> - <reference key="object" ref="82820472"/> - <reference key="parent" ref="499468804"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">100015</int> - <reference key="object" ref="686991406"/> - <reference key="parent" ref="426244837"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">100016</int> - <reference key="object" ref="720384657"/> - <reference key="parent" ref="505388869"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">-3</int> - <reference key="object" ref="714830734"/> - <reference key="parent" ref="0"/> - <string key="objectName">Application</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300118</int> - <reference key="object" ref="675887072"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="542766611"/> - </object> - <reference key="parent" ref="928852707"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300119</int> - <reference key="object" ref="542766611"/> - <reference key="parent" ref="675887072"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300156</int> - <reference key="object" ref="700535463"/> - <reference key="parent" ref="928852707"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300183</int> - <reference key="object" ref="333357907"/> - <reference key="parent" ref="0"/> - <string key="objectName">Identities Array Controller</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300196</int> - <reference key="object" ref="307777557"/> - <reference key="parent" ref="0"/> - <string key="objectName">Short Time Formatter</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300206</int> - <reference key="object" ref="949861041"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="871232847"/> - </object> - <reference key="parent" ref="928852707"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300207</int> - <reference key="object" ref="871232847"/> - <reference key="parent" ref="949861041"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300216</int> - <reference key="object" ref="616284695"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="810829004"/> - <reference ref="836592269"/> - <reference ref="631507655"/> - <reference ref="282626403"/> - </object> - <reference key="parent" ref="928852707"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300217</int> - <reference key="object" ref="810829004"/> - <reference key="parent" ref="616284695"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300218</int> - <reference key="object" ref="836592269"/> - <reference key="parent" ref="616284695"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300219</int> - <reference key="object" ref="631507655"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="1025403577"/> - <reference ref="917941739"/> - <reference ref="850969979"/> - </object> - <reference key="parent" ref="616284695"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300220</int> - <reference key="object" ref="282626403"/> - <reference key="parent" ref="616284695"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300221</int> - <reference key="object" ref="1025403577"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="475156882"/> - </object> - <reference key="parent" ref="631507655"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300222</int> - <reference key="object" ref="917941739"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="519561276"/> - </object> - <reference key="parent" ref="631507655"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300223</int> - <reference key="object" ref="519561276"/> - <reference key="parent" ref="917941739"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300224</int> - <reference key="object" ref="475156882"/> - <reference key="parent" ref="1025403577"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300225</int> - <reference key="object" ref="850969979"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="968276158"/> - </object> - <reference key="parent" ref="631507655"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300226</int> - <reference key="object" ref="968276158"/> - <reference key="parent" ref="850969979"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300244</int> - <reference key="object" ref="355705187"/> - <reference key="parent" ref="0"/> - <string key="objectName">Favorite Formatter</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300294</int> - <reference key="object" ref="370461416"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="1019868804"/> - </object> - <reference key="parent" ref="0"/> - <string key="objectName">Ticket Options Sheet</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300295</int> - <reference key="object" ref="1019868804"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="932240937"/> - <reference ref="871834199"/> - <reference ref="958176038"/> - <reference ref="485004197"/> - <reference ref="404880622"/> - <reference ref="46228658"/> - <reference ref="282101470"/> - <reference ref="58047674"/> - </object> - <reference key="parent" ref="370461416"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300296</int> - <reference key="object" ref="282101470"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="956800130"/> - <reference ref="606962746"/> - <reference ref="415869872"/> - <reference ref="910622795"/> - <reference ref="373804676"/> - <reference ref="240805237"/> - <reference ref="54325332"/> - <reference ref="576071402"/> - <reference ref="552234083"/> - </object> - <reference key="parent" ref="1019868804"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300300</int> - <reference key="object" ref="404880622"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="775341038"/> - </object> - <reference key="parent" ref="1019868804"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300301</int> - <reference key="object" ref="485004197"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="1047482753"/> - </object> - <reference key="parent" ref="1019868804"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300302</int> - <reference key="object" ref="1047482753"/> - <reference key="parent" ref="485004197"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300303</int> - <reference key="object" ref="775341038"/> - <reference key="parent" ref="404880622"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300329</int> - <reference key="object" ref="932240937"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="870649207"/> - </object> - <reference key="parent" ref="1019868804"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300330</int> - <reference key="object" ref="870649207"/> - <reference key="parent" ref="932240937"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300331</int> - <reference key="object" ref="196152721"/> - <reference key="parent" ref="0"/> - <string key="objectName">Identity Options Controller</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300334</int> - <reference key="object" ref="871834199"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="754483226"/> - </object> - <reference key="parent" ref="1019868804"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300335</int> - <reference key="object" ref="754483226"/> - <reference key="parent" ref="871834199"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300370</int> - <reference key="object" ref="1031761104"/> - <reference key="parent" ref="0"/> - <string key="objectName">Identities Controller</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300426</int> - <reference key="object" ref="263312988"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="659813048"/> - </object> - <reference key="parent" ref="928852707"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300427</int> - <reference key="object" ref="659813048"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="600123164"/> - </object> - <reference key="parent" ref="263312988"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300428</int> - <reference key="object" ref="600123164"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="354283131"/> - <reference ref="136217401"/> - <reference ref="553755370"/> - <reference ref="778570067"/> - <reference ref="963135554"/> - </object> - <reference key="parent" ref="659813048"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300429</int> - <reference key="object" ref="354283131"/> - <reference key="parent" ref="600123164"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300430</int> - <reference key="object" ref="136217401"/> - <reference key="parent" ref="600123164"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300431</int> - <reference key="object" ref="553755370"/> - <reference key="parent" ref="600123164"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300432</int> - <reference key="object" ref="778570067"/> - <reference key="parent" ref="600123164"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300402</int> - <reference key="object" ref="958176038"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="196100637"/> - </object> - <reference key="parent" ref="1019868804"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300403</int> - <reference key="object" ref="196100637"/> - <reference key="parent" ref="958176038"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300462</int> - <reference key="object" ref="252123121"/> - <reference key="parent" ref="0"/> - <string key="objectName">Glue Controller</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300485</int> - <reference key="object" ref="963135554"/> - <reference key="parent" ref="600123164"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300498</int> - <reference key="object" ref="974495087"/> - <reference key="parent" ref="0"/> - <string key="objectName">Long Time Formatter</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300308</int> - <reference key="object" ref="956800130"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="596249502"/> - </object> - <reference key="parent" ref="282101470"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300323</int> - <reference key="object" ref="596249502"/> - <reference key="parent" ref="956800130"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300309</int> - <reference key="object" ref="606962746"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="583273626"/> - </object> - <reference key="parent" ref="282101470"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300322</int> - <reference key="object" ref="583273626"/> - <reference key="parent" ref="606962746"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300310</int> - <reference key="object" ref="415869872"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="77611886"/> - </object> - <reference key="parent" ref="282101470"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300321</int> - <reference key="object" ref="77611886"/> - <reference key="parent" ref="415869872"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300311</int> - <reference key="object" ref="910622795"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="878349972"/> - </object> - <reference key="parent" ref="282101470"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300320</int> - <reference key="object" ref="878349972"/> - <reference key="parent" ref="910622795"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300307</int> - <reference key="object" ref="373804676"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="84127609"/> - </object> - <reference key="parent" ref="282101470"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300324</int> - <reference key="object" ref="84127609"/> - <reference key="parent" ref="373804676"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300315</int> - <reference key="object" ref="240805237"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="638526338"/> - </object> - <reference key="parent" ref="282101470"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300316</int> - <reference key="object" ref="638526338"/> - <reference key="parent" ref="240805237"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300312</int> - <reference key="object" ref="54325332"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="584202005"/> - </object> - <reference key="parent" ref="282101470"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300319</int> - <reference key="object" ref="584202005"/> - <reference key="parent" ref="54325332"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300314</int> - <reference key="object" ref="576071402"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="380679549"/> - </object> - <reference key="parent" ref="282101470"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300317</int> - <reference key="object" ref="380679549"/> - <reference key="parent" ref="576071402"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300313</int> - <reference key="object" ref="552234083"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="629844970"/> - </object> - <reference key="parent" ref="282101470"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300318</int> - <reference key="object" ref="629844970"/> - <reference key="parent" ref="552234083"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300514</int> - <reference key="object" ref="46228658"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="830149940"/> - </object> - <reference key="parent" ref="1019868804"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300515</int> - <reference key="object" ref="830149940"/> - <reference key="parent" ref="46228658"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300518</int> - <reference key="object" ref="58047674"/> - <object class="NSMutableArray" key="children"> - <bool key="EncodedWithXMLCoder">YES</bool> - <reference ref="167351998"/> - </object> - <reference key="parent" ref="1019868804"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">300519</int> - <reference key="object" ref="167351998"/> - <reference key="parent" ref="58047674"/> - </object> - </object> - </object> - <object class="NSMutableDictionary" key="flattenedProperties"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSMutableArray" key="dict.sortedKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>-1.IBPluginDependency</string> - <string>-2.IBPluginDependency</string> - <string>15.IBPluginDependency</string> - <string>15.ImportedFromIB2</string> - <string>16.IBPluginDependency</string> - <string>16.ImportedFromIB2</string> - <string>300118.IBPluginDependency</string> - <string>300118.ImportedFromIB2</string> - <string>300156.IBPluginDependency</string> - <string>300183.IBPluginDependency</string> - <string>300196.IBPluginDependency</string> - <string>300206.IBPluginDependency</string> - <string>300207.IBPluginDependency</string> - <string>300216.IBPluginDependency</string> - <string>300217.IBPluginDependency</string> - <string>300218.IBPluginDependency</string> - <string>300219.IBPluginDependency</string> - <string>300220.IBPluginDependency</string> - <string>300220.IBViewIntegration.shadowBlurRadius</string> - <string>300220.IBViewIntegration.shadowColor</string> - <string>300220.IBViewIntegration.shadowOffsetHeight</string> - <string>300220.IBViewIntegration.shadowOffsetWidth</string> - <string>300221.IBPluginDependency</string> - <string>300222.IBPluginDependency</string> - <string>300223.IBPluginDependency</string> - <string>300224.IBPluginDependency</string> - <string>300244.IBPluginDependency</string> - <string>300294.IBEditorWindowLastContentRect</string> - <string>300294.IBPluginDependency</string> - <string>300294.IBWindowTemplateEditedContentRect</string> - <string>300294.NSWindowTemplate.visibleAtLaunch</string> - <string>300294.windowTemplate.hasMaxSize</string> - <string>300294.windowTemplate.maxSize</string> - <string>300295.IBPluginDependency</string> - <string>300296.IBPluginDependency</string> - <string>300296.ImportedFromIB2</string> - <string>300300.IBPluginDependency</string> - <string>300301.IBPluginDependency</string> - <string>300302.IBPluginDependency</string> - <string>300303.IBPluginDependency</string> - <string>300307.IBPluginDependency</string> - <string>300307.ImportedFromIB2</string> - <string>300308.IBPluginDependency</string> - <string>300308.ImportedFromIB2</string> - <string>300309.IBPluginDependency</string> - <string>300309.ImportedFromIB2</string> - <string>300310.IBPluginDependency</string> - <string>300310.ImportedFromIB2</string> - <string>300311.IBPluginDependency</string> - <string>300311.ImportedFromIB2</string> - <string>300312.IBPluginDependency</string> - <string>300312.ImportedFromIB2</string> - <string>300313.IBPluginDependency</string> - <string>300313.ImportedFromIB2</string> - <string>300314.IBPluginDependency</string> - <string>300314.ImportedFromIB2</string> - <string>300315.IBPluginDependency</string> - <string>300315.ImportedFromIB2</string> - <string>300329.IBPluginDependency</string> - <string>300330.IBPluginDependency</string> - <string>300331.IBPluginDependency</string> - <string>300334.IBPluginDependency</string> - <string>300335.IBPluginDependency</string> - <string>300370.IBPluginDependency</string> - <string>300402.IBPluginDependency</string> - <string>300403.IBPluginDependency</string> - <string>300426.IBPluginDependency</string> - <string>300427.IBPluginDependency</string> - <string>300428.IBEditorWindowLastContentRect</string> - <string>300428.IBPluginDependency</string> - <string>300429.IBPluginDependency</string> - <string>300430.IBPluginDependency</string> - <string>300431.IBPluginDependency</string> - <string>300432.IBPluginDependency</string> - <string>300462.IBPluginDependency</string> - <string>300485.IBPluginDependency</string> - <string>300498.IBPluginDependency</string> - <string>300514.IBPluginDependency</string> - <string>300515.IBPluginDependency</string> - <string>300518.IBPluginDependency</string> - <string>300519.IBPluginDependency</string> - <string>5.IBEditorWindowLastContentRect</string> - <string>5.IBPluginDependency</string> - <string>5.IBWindowTemplateEditedContentRect</string> - <string>5.ImportedFromIB2</string> - <string>5.NSWindowTemplate.visibleAtLaunch</string> - <string>5.editorWindowContentRectSynchronizationRect</string> - <string>5.windowTemplate.hasMaxSize</string> - <string>5.windowTemplate.hasMinSize</string> - <string>5.windowTemplate.maxSize</string> - <string>5.windowTemplate.minSize</string> - <string>6.IBPluginDependency</string> - <string>6.ImportedFromIB2</string> - <string>8.IBPluginDependency</string> - <string>8.ImportedFromIB2</string> - </object> - <object class="NSMutableArray" key="dict.values"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <real value="0.000000e+00" id="75542549"/> - <reference ref="18538584"/> - <reference ref="75542549"/> - <reference ref="75542549"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>{{704, 346}, {427, 368}}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>{{704, 346}, {427, 368}}</string> - <reference ref="75542549"/> - <reference ref="75542549"/> - <string>{10000, 354}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>{{610, 271}, {203, 103}}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>{{495, 457}, {500, 273}}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <string>{{495, 457}, {500, 273}}</string> - <reference ref="9"/> - <reference ref="75542549"/> - <string>{{503, 256}, {419, 465}}</string> - <reference ref="9"/> - <reference ref="9"/> - <string>{800, 800}</string> - <string>{400, 273}</string> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - <reference ref="9"/> - </object> - </object> - <object class="NSMutableDictionary" key="unlocalizedProperties"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSArray" key="dict.sortedKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - </object> - <object class="NSMutableArray" key="dict.values"> - <bool key="EncodedWithXMLCoder">YES</bool> - </object> - </object> - <nil key="activeLocalization"/> - <object class="NSMutableDictionary" key="localizations"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSArray" key="dict.sortedKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - </object> - <object class="NSMutableArray" key="dict.values"> - <bool key="EncodedWithXMLCoder">YES</bool> - </object> - </object> - <nil key="sourceID"/> - <int key="maxID">300546</int> - </object> - <object class="IBClassDescriber" key="IBDocument.Classes"> - <object class="NSMutableArray" key="referencedPartialClassDescriptions"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="IBPartialClassDescription"> - <string key="className">BadgedImageView</string> - <string key="superclassName">NSView</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBProjectSource</string> - <string key="minorKey">../Sources/kim/agent/mac/BadgedImageView.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">FirstResponder</string> - <string key="superclassName">NSObject</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBUserSource</string> - <string key="minorKey"/> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">KerberosFavoriteFormatter</string> - <string key="superclassName">NSFormatter</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier" id="136421570"> - <string key="majorKey">IBProjectSource</string> - <string key="minorKey">../Sources/kim/agent/mac/KerberosFormatters.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">KerberosTimeFormatter</string> - <string key="superclassName">NSFormatter</string> - <reference key="sourceIdentifier" ref="136421570"/> - </object> - <object class="IBPartialClassDescription"> - <string key="className">SelectIdentityController</string> - <string key="superclassName">NSWindowController</string> - <object class="NSMutableDictionary" key="actions"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSMutableArray" key="dict.sortedKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>addToFavorites:</string> - <string>cancel:</string> - <string>cancelOptions:</string> - <string>changePassword:</string> - <string>checkboxDidChange:</string> - <string>doneOptions:</string> - <string>editOptions:</string> - <string>newIdentity:</string> - <string>removeFromFavorites:</string> - <string>select:</string> - <string>sliderDidChange:</string> - <string>toggleOptionsVisibility:</string> - </object> - <object class="NSMutableArray" key="dict.values"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>id</string> - <string>id</string> - <string>id</string> - <string>id</string> - <string>id</string> - <string>id</string> - <string>id</string> - <string>id</string> - <string>id</string> - <string>id</string> - <string>id</string> - <string>id</string> - </object> - </object> - <object class="NSMutableDictionary" key="outlets"> - <bool key="EncodedWithXMLCoder">YES</bool> - <object class="NSMutableArray" key="dict.sortedKeys"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>actionPopupButton</string> - <string>addIdentityButton</string> - <string>cancelButton</string> - <string>explanationTextField</string> - <string>glueController</string> - <string>headerTextField</string> - <string>identitiesController</string> - <string>identityArrayController</string> - <string>identityField</string> - <string>identityOptionsController</string> - <string>identityTableScrollView</string> - <string>identityTableView</string> - <string>kerberosIconImageView</string> - <string>longTimeFormatter</string> - <string>renewableLifetimeSlider</string> - <string>selectIdentityButton</string> - <string>shortTimeFormatter</string> - <string>staticIdentityField</string> - <string>ticketOptionsBox</string> - <string>ticketOptionsOkButton</string> - <string>ticketOptionsToggleButton</string> - <string>ticketOptionsWindow</string> - <string>validLifetimeSlider</string> - </object> - <object class="NSMutableArray" key="dict.values"> - <bool key="EncodedWithXMLCoder">YES</bool> - <string>NSPopUpButton</string> - <string>NSButton</string> - <string>NSButton</string> - <string>NSTextField</string> - <string>NSObjectController</string> - <string>NSTextField</string> - <string>NSObjectController</string> - <string>NSArrayController</string> - <string>NSTextField</string> - <string>NSObjectController</string> - <string>NSScrollView</string> - <string>NSTableView</string> - <string>BadgedImageView</string> - <string>KerberosTimeFormatter</string> - <string>NSSlider</string> - <string>NSButton</string> - <string>KerberosTimeFormatter</string> - <string>NSTextField</string> - <string>NSBox</string> - <string>NSButton</string> - <string>NSButton</string> - <string>NSWindow</string> - <string>NSSlider</string> - </object> - </object> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBProjectSource</string> - <string key="minorKey">../Sources/kim/agent/mac/SelectIdentityController.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">SelectIdentityController</string> - <string key="superclassName">NSWindowController</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBUserSource</string> - <string key="minorKey"/> - </object> - </object> - </object> - </object> - <int key="IBDocument.localizationMode">0</int> - <string key="IBDocument.LastKnownRelativeProjectPath">../../../../../../Projects/Kerberos5.xcodeproj</string> - <int key="IBDocument.defaultPropertyAccessControl">3</int> - </data> -</archive> diff --git a/src/kim/agent/mac/resources/Gear.tiff b/src/kim/agent/mac/resources/Gear.tiff Binary files differdeleted file mode 100644 index c1382588f..000000000 --- a/src/kim/agent/mac/resources/Gear.tiff +++ /dev/null diff --git a/src/kim/agent/mac/resources/KerberosAgent.icns b/src/kim/agent/mac/resources/KerberosAgent.icns Binary files differdeleted file mode 100644 index c6a725213..000000000 --- a/src/kim/agent/mac/resources/KerberosAgent.icns +++ /dev/null diff --git a/src/kim/agent/mac/resources/KerberosFormatters.strings b/src/kim/agent/mac/resources/KerberosFormatters.strings Binary files differdeleted file mode 100644 index 707ba5340..000000000 --- a/src/kim/agent/mac/resources/KerberosFormatters.strings +++ /dev/null diff --git a/src/kim/agent/mac/resources/Remove.tiff b/src/kim/agent/mac/resources/Remove.tiff Binary files differdeleted file mode 100644 index dacc97c3e..000000000 --- a/src/kim/agent/mac/resources/Remove.tiff +++ /dev/null diff --git a/src/kim/agent/mac/resources/Remove_Pressed.tiff b/src/kim/agent/mac/resources/Remove_Pressed.tiff Binary files differdeleted file mode 100644 index de3f87791..000000000 --- a/src/kim/agent/mac/resources/Remove_Pressed.tiff +++ /dev/null diff --git a/src/kim/lib/kim-lite.exports b/src/kim/lib/kim-lite.exports deleted file mode 100644 index 816b8bb56..000000000 --- a/src/kim/lib/kim-lite.exports +++ /dev/null @@ -1,133 +0,0 @@ -kim_string_create_for_last_error -kim_string_copy -kim_string_compare -kim_string_free - -kim_identity_create_from_string -kim_identity_create_from_components -kim_identity_create_from_krb5_principal -kim_identity_copy -kim_identity_compare -kim_identity_get_string -kim_identity_get_display_string -kim_identity_get_realm -kim_identity_get_number_of_components -kim_identity_get_components_string -kim_identity_get_component_at_index -kim_identity_get_krb5_principal -kim_identity_change_password -kim_identity_free - -kim_options_create -kim_options_copy -kim_options_set_start_time -kim_options_get_start_time -kim_options_set_lifetime -kim_options_get_lifetime -kim_options_set_renewable -kim_options_get_renewable -kim_options_set_renewal_lifetime -kim_options_get_renewal_lifetime -kim_options_set_forwardable -kim_options_get_forwardable -kim_options_set_proxiable -kim_options_get_proxiable -kim_options_set_addressless -kim_options_get_addressless -kim_options_set_service_name -kim_options_get_service_name -kim_options_free - -kim_selection_hints_create -kim_selection_hints_copy -kim_selection_hints_set_hint -kim_selection_hints_get_hint -kim_selection_hints_set_explanation -kim_selection_hints_get_explanation -kim_selection_hints_set_options -kim_selection_hints_get_options -kim_selection_hints_set_allow_user_interaction -kim_selection_hints_get_allow_user_interaction -kim_selection_hints_set_remember_identity -kim_selection_hints_get_remember_identity -kim_selection_hints_get_identity -kim_selection_hints_remember_identity -kim_selection_hints_forget_identity -kim_selection_hints_free - -kim_preferences_create -kim_preferences_copy -kim_preferences_set_options -kim_preferences_get_options -kim_preferences_set_remember_options -kim_preferences_get_remember_options -kim_preferences_set_client_identity -kim_preferences_get_client_identity -kim_preferences_set_remember_client_identity -kim_preferences_get_remember_client_identity -kim_preferences_set_minimum_lifetime -kim_preferences_get_minimum_lifetime -kim_preferences_set_maximum_lifetime -kim_preferences_get_maximum_lifetime -kim_preferences_set_minimum_renewal_lifetime -kim_preferences_get_minimum_renewal_lifetime -kim_preferences_set_maximum_renewal_lifetime -kim_preferences_get_maximum_renewal_lifetime -kim_preferences_get_number_of_favorite_identities -kim_preferences_get_favorite_identity_at_index -kim_preferences_add_favorite_identity -kim_preferences_remove_favorite_identity -kim_preferences_remove_all_favorite_identities -kim_preferences_synchronize -kim_preferences_free - -kim_credential_iterator_create -kim_credential_iterator_next -kim_credential_iterator_free - -kim_credential_create_new -kim_credential_create_from_krb5_creds -kim_credential_copy -kim_credential_get_krb5_creds -kim_credential_get_client_identity -kim_credential_get_service_identity -kim_credential_is_tgt -kim_credential_get_state -kim_credential_get_start_time -kim_credential_get_expiration_time -kim_credential_get_renewal_expiration_time -kim_credential_get_options -kim_credential_store -kim_credential_renew -kim_credential_validate -kim_credential_free - -kim_ccache_iterator_create -kim_ccache_iterator_next -kim_ccache_iterator_free - -kim_ccache_create_new -kim_ccache_create_new_if_needed -kim_ccache_create_from_client_identity -kim_ccache_create_from_default -kim_ccache_create_from_type_and_name -kim_ccache_create_from_display_name -kim_ccache_create_from_krb5_ccache -kim_ccache_copy -kim_ccache_compare -kim_ccache_get_krb5_ccache -kim_ccache_get_name -kim_ccache_get_type -kim_ccache_get_display_name -kim_ccache_get_client_identity -kim_ccache_get_valid_credential -kim_ccache_get_state -kim_ccache_get_start_time -kim_ccache_get_expiration_time -kim_ccache_get_renewal_expiration_time -kim_ccache_get_options -kim_ccache_set_default -kim_ccache_renew -kim_ccache_validate -kim_ccache_destroy -kim_ccache_free diff --git a/src/kim/lib/kim.exports b/src/kim/lib/kim.exports deleted file mode 100644 index 0216e4be3..000000000 --- a/src/kim/lib/kim.exports +++ /dev/null @@ -1,152 +0,0 @@ -kim_string_create_for_last_error -kim_string_copy -kim_string_compare -kim_string_free - -kim_identity_create_from_string -kim_identity_create_from_components -kim_identity_create_from_krb5_principal -kim_identity_copy -kim_identity_compare -kim_identity_get_string -kim_identity_get_display_string -kim_identity_get_realm -kim_identity_get_number_of_components -kim_identity_get_component_at_index -kim_identity_get_components_string -kim_identity_get_krb5_principal -kim_identity_change_password -kim_identity_free - -kim_options_create -kim_options_copy -kim_options_set_start_time -kim_options_get_start_time -kim_options_set_lifetime -kim_options_get_lifetime -kim_options_set_renewable -kim_options_get_renewable -kim_options_set_renewal_lifetime -kim_options_get_renewal_lifetime -kim_options_set_forwardable -kim_options_get_forwardable -kim_options_set_proxiable -kim_options_get_proxiable -kim_options_set_addressless -kim_options_get_addressless -kim_options_set_service_name -kim_options_get_service_name -kim_options_free - -# Used by KerberosAgent -kim_options_create_from_stream -kim_options_write_to_stream - -kim_selection_hints_create -kim_selection_hints_copy -kim_selection_hints_set_hint -kim_selection_hints_get_hint -kim_selection_hints_set_explanation -kim_selection_hints_get_explanation -kim_selection_hints_set_options -kim_selection_hints_get_options -kim_selection_hints_set_allow_user_interaction -kim_selection_hints_get_allow_user_interaction -kim_selection_hints_set_remember_identity -kim_selection_hints_get_remember_identity -kim_selection_hints_get_identity -kim_selection_hints_remember_identity -kim_selection_hints_forget_identity -kim_selection_hints_free - -# Used by KerberosAgent -kim_selection_hints_create_from_stream - -kim_preferences_create -kim_preferences_copy -kim_preferences_set_options -kim_preferences_get_options -kim_preferences_set_remember_options -kim_preferences_get_remember_options -kim_preferences_set_client_identity -kim_preferences_get_client_identity -kim_preferences_set_remember_client_identity -kim_preferences_get_remember_client_identity -kim_preferences_set_minimum_lifetime -kim_preferences_get_minimum_lifetime -kim_preferences_set_maximum_lifetime -kim_preferences_get_maximum_lifetime -kim_preferences_set_minimum_renewal_lifetime -kim_preferences_get_minimum_renewal_lifetime -kim_preferences_set_maximum_renewal_lifetime -kim_preferences_get_maximum_renewal_lifetime -kim_preferences_get_number_of_favorite_identities -kim_preferences_get_favorite_identity_at_index -kim_preferences_add_favorite_identity -kim_preferences_remove_favorite_identity -kim_preferences_remove_all_favorite_identities -kim_preferences_synchronize -kim_preferences_free - -kim_credential_iterator_create -kim_credential_iterator_next -kim_credential_iterator_free - -kim_credential_create_new -kim_credential_create_new_with_password -kim_credential_create_from_keytab -kim_credential_create_from_krb5_creds -kim_credential_copy -kim_credential_get_krb5_creds -kim_credential_get_client_identity -kim_credential_get_service_identity -kim_credential_is_tgt -kim_credential_get_state -kim_credential_get_start_time -kim_credential_get_expiration_time -kim_credential_get_renewal_expiration_time -kim_credential_get_options -kim_credential_store -kim_credential_verify -kim_credential_renew -kim_credential_validate -kim_credential_free - -kim_ccache_iterator_create -kim_ccache_iterator_next -kim_ccache_iterator_free - -kim_ccache_create_new -kim_ccache_create_new_with_password -kim_ccache_create_new_if_needed -kim_ccache_create_new_if_needed_with_password -kim_ccache_create_from_client_identity -kim_ccache_create_from_keytab -kim_ccache_create_from_default -kim_ccache_create_from_type_and_name -kim_ccache_create_from_display_name -kim_ccache_create_from_krb5_ccache -kim_ccache_copy -kim_ccache_compare -kim_ccache_get_krb5_ccache -kim_ccache_get_name -kim_ccache_get_type -kim_ccache_get_display_name -kim_ccache_get_client_identity -kim_ccache_get_valid_credential -kim_ccache_get_state -kim_ccache_get_start_time -kim_ccache_get_expiration_time -kim_ccache_get_renewal_expiration_time -kim_ccache_get_options -kim_ccache_set_default -kim_ccache_verify -kim_ccache_renew -kim_ccache_validate -kim_ccache_destroy -kim_ccache_free - -kim_library_set_ui_environment -kim_library_set_allow_home_directory_access -kim_library_set_allow_automatic_prompting -kim_library_set_application_name diff --git a/src/kim/lib/kim_ccache.c b/src/kim/lib/kim_ccache.c deleted file mode 100644 index 6e48eda43..000000000 --- a/src/kim/lib/kim_ccache.c +++ /dev/null @@ -1,1264 +0,0 @@ -/* - * Copyright 2005-2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include <krb5.h> -#include <Kerberos/CredentialsCache.h> -#include "kim_private.h" - -struct kim_ccache_iterator_opaque { - krb5_context context; - krb5_cccol_cursor cursor; - kim_boolean first; -}; - -struct kim_ccache_iterator_opaque kim_ccache_iterator_initializer = { NULL, NULL, 1 }; - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_iterator_create (kim_ccache_iterator *out_ccache_iterator) -{ - kim_error err = kim_library_init (); - kim_ccache_iterator ccache_iterator = NULL; - - if (!err && !out_ccache_iterator) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - ccache_iterator = malloc (sizeof (*ccache_iterator)); - if (ccache_iterator) { - *ccache_iterator = kim_ccache_iterator_initializer; - } else { - err = KIM_OUT_OF_MEMORY_ERR; - } - } - - if (!err) { - err = krb5_error (NULL, krb5_init_context (&ccache_iterator->context)); - } - - if (!err) { - err = krb5_error (ccache_iterator->context, - krb5_cccol_cursor_new (ccache_iterator->context, - &ccache_iterator->cursor)); - } - - if (!err) { - *out_ccache_iterator = ccache_iterator; - ccache_iterator = NULL; - } - - kim_ccache_iterator_free (&ccache_iterator); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_iterator_next (kim_ccache_iterator in_ccache_iterator, - kim_ccache *out_ccache) -{ - kim_error err = KIM_NO_ERROR; - krb5_ccache ccache = NULL; - - if (!err && !in_ccache_iterator) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_ccache ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = krb5_cccol_cursor_next (in_ccache_iterator->context, - in_ccache_iterator->cursor, - &ccache); - if (err == KRB5_CC_END) { - ccache = NULL; /* out of ccaches */ - err = KIM_NO_ERROR; - } - } - - if (!err && ccache && in_ccache_iterator->first) { - krb5_principal principal = NULL; - - /* krb5 API is sneaky and returns a single empty ccache if the - * cache collection is empty. Check for it: */ - err = krb5_error (in_ccache_iterator->context, - krb5_cc_get_principal (in_ccache_iterator->context, - ccache, - &principal)); - - if (err) { - krb5_cc_close (in_ccache_iterator->context, ccache); - ccache = NULL; - err = KIM_NO_ERROR; - } - - if (principal) { krb5_free_principal (in_ccache_iterator->context, - principal); } - } - - if (!err) { - in_ccache_iterator->first = 0; - - if (ccache) { - err = kim_ccache_create_from_krb5_ccache (out_ccache, - in_ccache_iterator->context, - ccache); - } else { - *out_ccache = NULL; /* no more ccaches */ - } - } - - if (ccache) { krb5_cc_close (in_ccache_iterator->context, ccache); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -void kim_ccache_iterator_free (kim_ccache_iterator *io_ccache_iterator) -{ - if (io_ccache_iterator && *io_ccache_iterator) { - if ((*io_ccache_iterator)->context) { - if ((*io_ccache_iterator)->cursor) { - krb5_cccol_cursor_free ((*io_ccache_iterator)->context, - &(*io_ccache_iterator)->cursor); - } - krb5_free_context ((*io_ccache_iterator)->context); - } - free (*io_ccache_iterator); - *io_ccache_iterator = NULL; - } -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -struct kim_ccache_opaque { - krb5_context context; - krb5_ccache ccache; -}; - -struct kim_ccache_opaque kim_ccache_initializer = { NULL, NULL }; - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_ccache_create_resolve_name (kim_string *out_resolve_name, - kim_string in_name, - kim_string in_type) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !out_resolve_name) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_name ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_type ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_string_create_from_format (out_resolve_name, "%s:%s", - in_type, in_name); - } - - return check_error (err); -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -static inline kim_error kim_ccache_allocate (kim_ccache *out_ccache) -{ - kim_error err = kim_library_init (); - kim_ccache ccache = NULL; - - if (!err && !out_ccache) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - ccache = malloc (sizeof (*ccache)); - if (!ccache) { err = KIM_OUT_OF_MEMORY_ERR; } - } - - if (!err) { - *ccache = kim_ccache_initializer; - *out_ccache = ccache; - ccache = NULL; - } - - kim_ccache_free (&ccache); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_create_new (kim_ccache *out_ccache, - kim_identity in_client_identity, - kim_options in_options) -{ - return check_error (kim_ccache_create_new_with_password (out_ccache, - in_client_identity, - in_options, - NULL)); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_create_new_with_password (kim_ccache *out_ccache, - kim_identity in_client_identity, - kim_options in_options, - kim_string in_password) -{ - kim_error err = KIM_NO_ERROR; - kim_credential credential = NULL; - kim_identity client_identity = NULL; - - if (!err && !out_ccache) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_credential_create_new_with_password (&credential, - in_client_identity, - in_options, - in_password); - } - - if (!err) { - err = kim_credential_get_client_identity (credential, &client_identity); - } - - if (!err) { - err = kim_credential_store (credential, client_identity, out_ccache); - } - - kim_identity_free (&client_identity); - kim_credential_free (&credential); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_create_new_if_needed (kim_ccache *out_ccache, - kim_identity in_client_identity, - kim_options in_options) -{ - return check_error (kim_ccache_create_new_if_needed_with_password (out_ccache, - in_client_identity, - in_options, - NULL)); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_create_new_if_needed_with_password (kim_ccache *out_ccache, - kim_identity in_client_identity, - kim_options in_options, - kim_string in_password) -{ - kim_error err = KIM_NO_ERROR; - kim_ccache ccache = NULL; - - if (!err && !out_ccache ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_client_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - kim_credential_state state; - - err = kim_ccache_create_from_client_identity (&ccache, - in_client_identity); - - if (!err) { - err = kim_ccache_get_state (ccache, &state); - } - - if (!err && state != kim_credentials_state_valid) { - if (state == kim_credentials_state_needs_validation) { - err = kim_ccache_validate (ccache, in_options); - } else { - kim_ccache_free (&ccache); - ccache = NULL; - } - } - - if (!ccache) { - /* ccache does not already exist, create a new one */ - err = kim_ccache_create_new_with_password (&ccache, - in_client_identity, - in_options, - in_password); - } - } - - if (!err) { - *out_ccache = ccache; - ccache = NULL; - } - - kim_ccache_free (&ccache); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_create_from_client_identity (kim_ccache *out_ccache, - kim_identity in_client_identity) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !out_ccache) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err && in_client_identity) { - kim_ccache_iterator iterator = NULL; - kim_boolean found = FALSE; - - err = kim_ccache_iterator_create (&iterator); - - while (!err && !found) { - kim_ccache ccache = NULL; - kim_identity identity = NULL; - kim_comparison comparison; - - err = kim_ccache_iterator_next (iterator, &ccache); - - if (!err && !ccache) { - kim_string string = NULL; - - err = kim_identity_get_display_string (in_client_identity, - &string); - - if (!err) { - err = kim_error_set_message_for_code (KIM_NO_SUCH_PRINCIPAL_ERR, - string); - } - - kim_string_free (&string); - } - - if (!err) { - err = kim_ccache_get_client_identity (ccache, &identity); - } - - if (!err) { - err = kim_identity_compare (in_client_identity, identity, - &comparison); - } - - if (!err && kim_comparison_is_equal_to (comparison)) { - found = 1; - *out_ccache = ccache; - ccache = NULL; - } - - kim_identity_free (&identity); - kim_ccache_free (&ccache); - } - - kim_ccache_iterator_free (&iterator); - - } else if (!err) { - /* in_client_identity is NULL, get default ccache */ - err = kim_ccache_create_from_default (out_ccache); - } - - return check_error (err); -} - -#ifndef LEAN_CLIENT - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_create_from_keytab (kim_ccache *out_ccache, - kim_identity in_identity, - kim_options in_options, - kim_string in_keytab) -{ - kim_error err = KIM_NO_ERROR; - kim_credential credential = NULL; - kim_identity client_identity = NULL; - - if (!err && !out_ccache) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_credential_create_from_keytab (&credential, in_identity, - in_options, in_keytab); - } - - if (!err) { - err = kim_credential_get_client_identity (credential, &client_identity); - } - - if (!err) { - err = kim_credential_store (credential, client_identity, out_ccache); - } - - kim_identity_free (&client_identity); - kim_credential_free (&credential); - - return check_error (err); -} - -#endif /* LEAN_CLIENT */ - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_create_from_default (kim_ccache *out_ccache) -{ - kim_error err = KIM_NO_ERROR; - kim_ccache ccache = NULL; - - if (!err && !out_ccache) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_ccache_allocate (&ccache); - } - - if (!err) { - err = krb5_error (NULL, krb5_init_context (&ccache->context)); - } - - if (!err) { - err = krb5_error (ccache->context, - krb5_cc_default (ccache->context, &ccache->ccache)); - } - - if (!err) { - *out_ccache = ccache; - ccache = NULL; - } - - kim_ccache_free (&ccache); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_create_from_display_name (kim_ccache *out_ccache, - kim_string in_display_name) -{ - kim_error err = KIM_NO_ERROR; - kim_ccache ccache = NULL; - - if (!err && !out_ccache ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_display_name) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_ccache_allocate (&ccache); - } - - if (!err) { - err = krb5_error (NULL, krb5_init_context (&ccache->context)); - } - - if (!err) { - err = krb5_error (ccache->context, - krb5_cc_resolve (ccache->context, in_display_name, - &ccache->ccache)); - } - - if (!err) { - *out_ccache = ccache; - ccache = NULL; - } - - kim_ccache_free (&ccache); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_create_from_type_and_name (kim_ccache *out_ccache, - kim_string in_type, - kim_string in_name) -{ - kim_error err = KIM_NO_ERROR; - kim_string resolve_name = NULL; - - if (!err && !out_ccache) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_name ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_type ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_ccache_create_resolve_name (&resolve_name, in_name, in_type); - } - - if (!err) { - err = kim_ccache_create_from_display_name (out_ccache, resolve_name); - } - - kim_string_free (&resolve_name); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_create_from_krb5_ccache (kim_ccache *out_ccache, - krb5_context in_krb5_context, - krb5_ccache in_krb5_ccache) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !out_ccache ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_krb5_ccache ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_krb5_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - kim_string type = krb5_cc_get_type (in_krb5_context, in_krb5_ccache); - kim_string name = krb5_cc_get_name (in_krb5_context, in_krb5_ccache); - - err = kim_ccache_create_from_type_and_name (out_ccache, type, name); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_copy (kim_ccache *out_ccache, - kim_ccache in_ccache) -{ - kim_error err = KIM_NO_ERROR; - kim_string name = NULL; - kim_string type = NULL; - - if (!err && !out_ccache) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_ccache ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_ccache_get_name (in_ccache, &name); - } - - if (!err) { - err = kim_ccache_get_type (in_ccache, &type); - } - - if (!err) { - err = kim_ccache_create_from_type_and_name (out_ccache, type, name); - } - - kim_string_free (&name); - kim_string_free (&type); - - return check_error (err); -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_compare (kim_ccache in_ccache, - kim_ccache in_compare_to_ccache, - kim_comparison *out_comparison) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_ccache ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_compare_to_ccache) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_comparison ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - const char *type = krb5_cc_get_type (in_ccache->context, - in_ccache->ccache); - const char *compare_to_type = krb5_cc_get_type (in_compare_to_ccache->context, - in_compare_to_ccache->ccache); - const char *name = krb5_cc_get_name (in_ccache->context, - in_ccache->ccache); - const char *compare_to_name = krb5_cc_get_name (in_compare_to_ccache->context, - in_compare_to_ccache->ccache); - - *out_comparison = strcmp (type, compare_to_type); - - if (*out_comparison == 0) { - *out_comparison = strcmp (name, compare_to_name); - } - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_get_krb5_ccache (kim_ccache in_ccache, - krb5_context in_krb5_context, - krb5_ccache *out_krb5_ccache) -{ - kim_error err = KIM_NO_ERROR; - kim_string resolve_name = NULL; - - if (!err && !in_ccache ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_krb5_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_krb5_ccache) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_ccache_get_display_name (in_ccache, &resolve_name); - } - - if (!err) { - err = krb5_error (in_krb5_context, - krb5_cc_resolve (in_krb5_context, resolve_name, - out_krb5_ccache)); - } - - kim_string_free (&resolve_name); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_get_type (kim_ccache in_ccache, - kim_string *out_type) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_ccache) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_type ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_string_copy (out_type, krb5_cc_get_type (in_ccache->context, - in_ccache->ccache)); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_get_name (kim_ccache in_ccache, - kim_string *out_name) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_ccache) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_name ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_string_copy (out_name, krb5_cc_get_name (in_ccache->context, - in_ccache->ccache)); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_get_display_name (kim_ccache in_ccache, - kim_string *out_display_name) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_ccache ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_display_name) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - kim_string type = krb5_cc_get_type (in_ccache->context, - in_ccache->ccache); - kim_string name = krb5_cc_get_name (in_ccache->context, - in_ccache->ccache); - - err = kim_ccache_create_resolve_name (out_display_name, name, type); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_get_client_identity (kim_ccache in_ccache, - kim_identity *out_client_identity) -{ - kim_error err = KIM_NO_ERROR; - krb5_principal principal = NULL; - - if (!err && !in_ccache ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_client_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = krb5_error (in_ccache->context, - krb5_cc_get_principal (in_ccache->context, - in_ccache->ccache, - &principal)); - } - - if (!err) { - err = kim_identity_create_from_krb5_principal (out_client_identity, - in_ccache->context, - principal); - } - - if (principal) { krb5_free_principal (in_ccache->context, principal); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_ccache_get_dominant_credential (kim_ccache in_ccache, - kim_credential_state *out_state, - kim_boolean *out_is_tgt, - kim_credential *out_credential) -{ - kim_error err = KIM_NO_ERROR; - kim_credential_iterator iterator = NULL; - kim_boolean out_of_credentials = FALSE; - kim_boolean found_valid_tgt = FALSE; - kim_boolean dominant_is_tgt = FALSE; - kim_credential_state dominant_state = kim_credentials_state_valid; - kim_credential dominant_credential = NULL; - - if (!err && !in_ccache) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_credential_iterator_create (&iterator, in_ccache); - } - - while (!err && !out_of_credentials && !found_valid_tgt) { - kim_credential credential = NULL; - - err = kim_credential_iterator_next (iterator, &credential); - - if (!err && !credential) { - out_of_credentials = TRUE; - - } else if (!err) { - kim_credential_state state = kim_credentials_state_valid; - kim_boolean is_tgt = FALSE; - - err = kim_credential_get_state (credential, &state); - - if (!err) { - kim_identity service_identity = NULL; - - err = kim_credential_get_service_identity (credential, - &service_identity); - - if (!err) { - err = kim_identity_is_tgt_service (service_identity, &is_tgt); - } - - kim_identity_free (&service_identity); - } - - if (!err) { - /* There are three cases where we replace: - * 1) We don't have a dominant yet - * 2) This is a tgt and dominant isn't - * 3) Both are tgts but this is valid and dominant isn't */ - - if ((!dominant_credential) /* 1 */ || - (is_tgt && !dominant_is_tgt) /* 2 */ || - (is_tgt && dominant_is_tgt && /* 3 */ - state == kim_credentials_state_valid && - dominant_state != kim_credentials_state_valid)) { - /* replace */ - kim_credential_free (&dominant_credential); - - dominant_credential = credential; - credential = NULL; /* take ownership */ - - dominant_is_tgt = is_tgt; - dominant_state = state; - } - - if (dominant_is_tgt && - dominant_state == kim_credentials_state_valid) { - /* Since we will never replace a valid tgt, stop here */ - found_valid_tgt = TRUE; - } - } - } - - kim_credential_free (&credential); - } - - if (!err && !dominant_credential) { - kim_identity identity = NULL; - kim_string identity_string = NULL; - - err = kim_ccache_get_client_identity (in_ccache, &identity); - - if (!err) { - err = kim_identity_get_display_string (identity, - &identity_string); - } - - if (!err) { - err = kim_error_set_message_for_code (KIM_NO_CREDENTIALS_ERR, - identity_string); - } - - kim_string_free (&identity_string); - kim_identity_free (&identity); - } - - if (!err) { - if (out_is_tgt) { - *out_is_tgt = dominant_is_tgt; - } - - if (out_state) { - *out_state = dominant_state; - } - - if (out_credential) { - *out_credential = dominant_credential; - dominant_credential = NULL; /* take ownership */ - } - } - - kim_credential_free (&dominant_credential); - kim_credential_iterator_free (&iterator); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_get_valid_credential (kim_ccache in_ccache, - kim_credential *out_credential) -{ - kim_error err = KIM_NO_ERROR; - kim_boolean is_tgt = FALSE; - kim_credential_state state = kim_credentials_state_valid; - kim_credential credential = NULL; - - if (!err && !in_ccache ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_credential) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_ccache_get_dominant_credential (in_ccache, - &state, &is_tgt, &credential); - } - - if (!err && state != kim_credentials_state_valid) { - kim_identity identity = NULL; - kim_string identity_string = NULL; - - err = kim_ccache_get_client_identity (in_ccache, &identity); - - if (!err) { - err = kim_identity_get_display_string (identity, - &identity_string); - } - - if (!err) { - if (state == kim_credentials_state_expired) { - err = kim_error_set_message_for_code (KIM_CREDENTIALS_EXPIRED_ERR, - identity_string); - - } else if (state == kim_credentials_state_not_yet_valid || - state == kim_credentials_state_needs_validation) { - err = kim_error_set_message_for_code (KIM_NEEDS_VALIDATION_ERR, - identity_string); - - } else if (state == kim_credentials_state_address_mismatch) { - err = kim_error_set_message_for_code (KIM_BAD_IP_ADDRESS_ERR, - identity_string); - } else { - /* just default to this */ - err = kim_error_set_message_for_code (KIM_NEEDS_VALIDATION_ERR, - identity_string); - } - } - - kim_string_free (&identity_string); - kim_identity_free (&identity); - } - - if (!err) { - *out_credential = credential; - credential = NULL; /* take ownership */ - } - - kim_credential_free (&credential); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_get_state (kim_ccache in_ccache, - kim_credential_state *out_state) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_ccache) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_state) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_ccache_get_dominant_credential (in_ccache, - out_state, NULL, NULL); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_get_start_time (kim_ccache in_ccache, - kim_time *out_start_time) -{ - kim_error err = KIM_NO_ERROR; - kim_credential credential = NULL; - - if (!err && !in_ccache ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_start_time) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_ccache_get_dominant_credential (in_ccache, NULL, NULL, - &credential); - } - - if (!err) { - err = kim_credential_get_start_time (credential, out_start_time); - } - - kim_credential_free (&credential); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_get_expiration_time (kim_ccache in_ccache, - kim_time *out_expiration_time) -{ - kim_error err = KIM_NO_ERROR; - kim_credential credential = NULL; - - if (!err && !in_ccache ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_expiration_time) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_ccache_get_dominant_credential (in_ccache, NULL, NULL, - &credential); - } - - if (!err) { - err = kim_credential_get_expiration_time (credential, - out_expiration_time); - } - - kim_credential_free (&credential); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_get_renewal_expiration_time (kim_ccache in_ccache, - kim_time *out_renewal_expiration_time) -{ - kim_error err = KIM_NO_ERROR; - kim_credential credential = NULL; - - if (!err && !in_ccache ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_renewal_expiration_time) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_ccache_get_dominant_credential (in_ccache, NULL, NULL, - &credential); - } - - if (!err) { - err = kim_credential_get_renewal_expiration_time (credential, - out_renewal_expiration_time); - } - - kim_credential_free (&credential); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_get_options (kim_ccache in_ccache, - kim_options *out_options) -{ - kim_error err = KIM_NO_ERROR; - kim_credential credential = NULL; - - if (!err && !in_ccache ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_options) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_ccache_get_dominant_credential (in_ccache, NULL, NULL, - &credential); - } - - if (!err) { - err = kim_credential_get_options (credential, out_options); - } - - kim_credential_free (&credential); - - return check_error (err); -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_set_default (kim_ccache io_ccache) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_ccache) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - char *environment_ccache_name = getenv ("KRB5CCNAME"); - - if (environment_ccache_name) { - kim_ccache environment_ccache = NULL; - kim_comparison comparison; - - err = kim_ccache_create_from_display_name (&environment_ccache, - environment_ccache_name); - - if (!err) { - err = kim_ccache_compare (io_ccache, - environment_ccache, - &comparison); - } - - if (!err && !kim_comparison_is_equal_to (comparison)) { - krb5_principal client_principal = NULL; - - /* KRB5CCNAME is set and does not point to this ccache. - * Move the creds and make this kim_ccache_t object refer to that ccache. */ - - err = krb5_error (io_ccache->context, - krb5_cc_get_principal (io_ccache->context, - io_ccache->ccache, - &client_principal)); - - if (!err) { - err = krb5_error (io_ccache->context, - krb5_cc_initialize (environment_ccache->context, - environment_ccache->ccache, - client_principal)); - } - - if (!err) { - err = krb5_error (io_ccache->context, - krb5_cc_copy_creds (io_ccache->context, - io_ccache->ccache, - environment_ccache->ccache)); - } - - if (client_principal) { krb5_free_principal (io_ccache->context, - client_principal); } - - if (!err) { - kim_ccache_destroy (&io_ccache); - io_ccache = environment_ccache; - environment_ccache = NULL; /* take ownership */ - } - } - - kim_ccache_free (&environment_ccache); - - } else { -#ifdef USE_CCAPI - kim_string type = NULL; - kim_string name = NULL; - cc_context_t cc_context = NULL; - cc_ccache_t cc_ccache = NULL; - - err = kim_ccache_get_type (io_ccache, &type); - - if (!err && strcmp (type, "API")) { -#endif - kim_string display_name = NULL; - /* Not a CCAPI ccache; can't set to default */ - - err = kim_ccache_get_display_name (io_ccache, &display_name); - - if (!err) { - err = kim_error_set_message_for_code (KIM_CANT_BECOME_DEFAULT_ERR, - display_name); - } - - kim_string_free (&display_name); -#ifdef USE_CCAPI - } - - if (!err) { - err = kim_ccache_get_name (io_ccache, &name); - } - - /* get a CCAPI ccache for this cache */ - if (!err) { - err = cc_initialize (&cc_context, ccapi_version_4, NULL, NULL); - } - - if (!err) { - err = cc_context_open_ccache (cc_context, name, &cc_ccache); - } - - if (!err) { - err = cc_ccache_set_default (cc_ccache); - } - - if (cc_context) { cc_context_release (cc_context); } - if (cc_ccache ) { cc_ccache_release (cc_ccache); } - kim_string_free (&name); - kim_string_free (&type); -#endif - } - } - - return check_error (err); -} - -#ifndef LEAN_CLIENT - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_verify (kim_ccache in_ccache, - kim_identity in_service_identity, - kim_string in_keytab, - kim_boolean in_fail_if_no_service_key) -{ - kim_error err = KIM_NO_ERROR; - kim_credential credential = NULL; - - if (!err && !in_ccache) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_ccache_get_valid_credential (in_ccache, &credential); - } - - if (!err) { - err = kim_credential_verify (credential, in_service_identity, - in_keytab, in_fail_if_no_service_key); - } - - kim_credential_free (&credential); - - return check_error (err); -} - -#endif /* LEAN_CLIENT */ - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_renew (kim_ccache in_ccache, - kim_options in_options) -{ - kim_error err = KIM_NO_ERROR; - kim_credential credential = NULL; - kim_identity client_identity = NULL; - - if (!err && !in_ccache) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_ccache_get_valid_credential (in_ccache, &credential); - } - - if (!err) { - err = kim_credential_renew (&credential, in_options); - } - - if (!err) { - err = kim_ccache_get_client_identity (in_ccache, &client_identity); - } - - if (!err) { - err = kim_credential_store (credential, client_identity, NULL); - } - - kim_identity_free (&client_identity); - kim_credential_free (&credential); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_validate (kim_ccache in_ccache, - kim_options in_options) -{ - kim_error err = KIM_NO_ERROR; - kim_credential credential = NULL; - kim_identity client_identity = NULL; - - if (!err && !in_ccache) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_ccache_get_valid_credential (in_ccache, &credential); - } - - if (!err) { - err = kim_credential_validate (&credential, in_options); - } - - if (!err) { - err = kim_ccache_get_client_identity (in_ccache, &client_identity); - } - - if (!err) { - err = kim_credential_store (credential, client_identity, NULL); - } - - kim_identity_free (&client_identity); - kim_credential_free (&credential); - - return check_error (err); -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ccache_destroy (kim_ccache *io_ccache) -{ - kim_error err = KIM_NO_ERROR; - - if (io_ccache && *io_ccache) { - err = krb5_error ((*io_ccache)->context, - krb5_cc_destroy ((*io_ccache)->context, - (*io_ccache)->ccache)); - - if (!err) { - (*io_ccache)->ccache = NULL; - kim_ccache_free (io_ccache); - } - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -void kim_ccache_free (kim_ccache *io_ccache) -{ - if (io_ccache && *io_ccache) { - if ((*io_ccache)->context) { - if ((*io_ccache)->ccache) { - krb5_cc_close ((*io_ccache)->context, (*io_ccache)->ccache); - } - krb5_free_context ((*io_ccache)->context); - } - free (*io_ccache); - *io_ccache = NULL; - } -} diff --git a/src/kim/lib/kim_credential.c b/src/kim/lib/kim_credential.c deleted file mode 100644 index 0a9f473a3..000000000 --- a/src/kim/lib/kim_credential.c +++ /dev/null @@ -1,1415 +0,0 @@ -/* kim/lib/kim_credential.c */ -/* - * Copyright 2006-2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include <krb5.h> -#include "kim_private.h" - -struct kim_credential_iterator_opaque { - krb5_context context; - krb5_ccache ccache; - krb5_cc_cursor cursor; - krb5_flags old_flags; -}; - -struct kim_credential_iterator_opaque kim_credential_iterator_initializer = { NULL, NULL, NULL }; - -/* ------------------------------------------------------------------------ */ - -kim_error kim_credential_iterator_create (kim_credential_iterator *out_credential_iterator, - kim_ccache in_ccache) -{ - kim_error err = kim_library_init (); - kim_credential_iterator credential_iterator = NULL; - - if (!err && !out_credential_iterator) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_ccache ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - credential_iterator = malloc (sizeof (*credential_iterator)); - if (credential_iterator) { - *credential_iterator = kim_credential_iterator_initializer; - } else { - err = KIM_OUT_OF_MEMORY_ERR; - } - } - - if (!err) { - err = krb5_error (NULL, krb5_init_context (&credential_iterator->context)); - } - - if (!err) { - err = kim_ccache_get_krb5_ccache (in_ccache, - credential_iterator->context, - &credential_iterator->ccache); - } - - if (!err) { - /* Turn off OPENCLOSE mode */ - err = krb5_error (credential_iterator->context, - krb5_cc_get_flags (credential_iterator->context, - credential_iterator->ccache, - &credential_iterator->old_flags)); - - if (!err && credential_iterator->old_flags & KRB5_TC_OPENCLOSE) { - krb5_flags new_flags = credential_iterator->old_flags & ~KRB5_TC_OPENCLOSE; - - err = krb5_error (credential_iterator->context, - krb5_cc_set_flags (credential_iterator->context, - credential_iterator->ccache, - new_flags)); - if (err == KRB5_FCC_NOFILE) { err = KIM_NO_ERROR; } - } - } - - if (!err) { - err = krb5_error (credential_iterator->context, - krb5_cc_start_seq_get (credential_iterator->context, - credential_iterator->ccache, - &credential_iterator->cursor)); - } - - if (!err) { - *out_credential_iterator = credential_iterator; - credential_iterator = NULL; - } - - kim_credential_iterator_free (&credential_iterator); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_credential_iterator_next (kim_credential_iterator in_credential_iterator, - kim_credential *out_credential) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_credential_iterator) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_credential ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - krb5_creds creds; - - krb5_error_code terr = krb5_cc_next_cred (in_credential_iterator->context, - in_credential_iterator->ccache, - &in_credential_iterator->cursor, - &creds); - - if (!terr) { - err = kim_credential_create_from_krb5_creds (out_credential, - in_credential_iterator->context, - &creds); - - krb5_free_cred_contents (in_credential_iterator->context, &creds); - - } else if (terr == KRB5_CC_END) { - *out_credential = NULL; /* no more ccaches */ - - } else { - err = krb5_error (in_credential_iterator->context, terr); - } - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -void kim_credential_iterator_free (kim_credential_iterator *io_credential_iterator) -{ - if (io_credential_iterator && *io_credential_iterator) { - if ((*io_credential_iterator)->context) { - if ((*io_credential_iterator)->ccache) { - if ((*io_credential_iterator)->cursor) { - krb5_cc_end_seq_get ((*io_credential_iterator)->context, - (*io_credential_iterator)->ccache, - &(*io_credential_iterator)->cursor); - - krb5_cc_set_flags ((*io_credential_iterator)->context, - (*io_credential_iterator)->ccache, - (*io_credential_iterator)->old_flags); - } - krb5_cc_close ((*io_credential_iterator)->context, - (*io_credential_iterator)->ccache); - } - krb5_free_context ((*io_credential_iterator)->context); - } - free (*io_credential_iterator); - *io_credential_iterator = NULL; - } -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -struct kim_credential_opaque { - krb5_context context; - krb5_creds *creds; -}; - -struct kim_credential_opaque kim_credential_initializer = { NULL, NULL }; - -/* ------------------------------------------------------------------------ */ - -static inline kim_error kim_credential_allocate (kim_credential *out_credential) -{ - kim_error err = kim_library_init (); - kim_credential credential = NULL; - - if (!err && !out_credential) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - credential = malloc (sizeof (*credential)); - if (!credential) { err = KIM_OUT_OF_MEMORY_ERR; } - } - - if (!err) { - *credential = kim_credential_initializer; - *out_credential = credential; - credential = NULL; - } - - kim_credential_free (&credential); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_credential_create_new (kim_credential *out_credential, - kim_identity in_identity, - kim_options in_options) -{ - return check_error (kim_credential_create_new_with_password (out_credential, - in_identity, - in_options, - NULL)); -} - -/* ------------------------------------------------------------------------ */ - -static void kim_credential_remember_prefs (kim_identity in_identity, - kim_options in_options) -{ - kim_error err = KIM_NO_ERROR; - kim_preferences prefs = NULL; - kim_boolean remember_identity = 0; - kim_boolean remember_options = 0; - - err = kim_preferences_create (&prefs); - - if (!err && in_options) { - err = kim_preferences_get_remember_options (prefs, - &remember_options); - } - - if (!err && in_identity) { - err = kim_preferences_get_remember_client_identity (prefs, - &remember_identity); - } - - if (!err && remember_options) { - err = kim_preferences_set_options (prefs, in_options); - } - - if (!err && remember_identity) { - err = kim_preferences_set_client_identity (prefs, in_identity); - - } - - if (!err && (remember_options || remember_identity)) { - err = kim_preferences_synchronize (prefs); - } - - kim_preferences_free (&prefs); - - check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_credential_create_new_with_password (kim_credential *out_credential, - kim_identity in_identity, - kim_options in_options, - kim_string in_password) -{ - kim_error err = KIM_NO_ERROR; - kim_credential credential = NULL; - kim_options options = NULL; - kim_ui_context context; - kim_boolean ui_inited = 0; - kim_boolean done_with_identity = 0; - - if (!err && !out_credential) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_credential_allocate (&credential); - } - - if (!err) { - err = krb5_error (NULL, krb5_init_context (&credential->context)); - } - - if (!err) { - if (in_options) { - options = in_options; - } else { - err = kim_options_create (&options); - } - } - - if (!err) { - err = kim_ui_init (&context); - if (!err) { ui_inited = 1; } - } - - while (!err && !done_with_identity) { - kim_identity identity = in_identity; - kim_boolean done_with_credentials = 0; - - if (identity) { - done_with_identity = 1; - - } else while (!err && !identity) { - kim_boolean user_wants_change_password = 0; - - err = kim_ui_enter_identity (&context, options, - &identity, - &user_wants_change_password); - - if (!err && user_wants_change_password) { - err = kim_identity_change_password_common (identity, 0, - &context, - NULL); - - /* reenter enter_identity so just forget this identity - * even if we got an error */ - if (err == KIM_USER_CANCELED_ERR || - err == KIM_DUPLICATE_UI_REQUEST_ERR) { - err = KIM_NO_ERROR; - } - - kim_identity_free (&identity); - } - - } - - if (!err) { - context.identity = identity; /* used by kim_ui_prompter */ - } - - while (!err && !done_with_credentials) { - krb5_creds creds; - kim_boolean free_creds = 0; - kim_count prompt_count; - krb5_principal principal = kim_identity_krb5_principal (identity); - krb5_get_init_creds_opt *opts = kim_options_init_cred_options (options); - char *service = kim_options_service_name (options); - kim_time start_time = kim_options_start_time (options); - - /* set counter to zero so we can tell if we got prompted */ - context.prompt_count = 0; - context.password_to_save = NULL; - - err = krb5_error (credential->context, - krb5_get_init_creds_password (credential->context, - &creds, - principal, - (char *) in_password, - kim_ui_prompter, - &context, - start_time, - service, - opts)); - - prompt_count = context.prompt_count; /* remember if we got prompts */ - if (!err) { free_creds = 1; } - - if (!err) { - err = krb5_error (credential->context, - krb5_copy_creds (credential->context, - &creds, - &credential->creds)); - } - - if (!err && context.password_to_save) { - /* If we were successful, save any password we got */ - err = kim_os_identity_set_saved_password (identity, - context.password_to_save); - - - } - - if (err == KRB5KDC_ERR_KEY_EXP) { - kim_string new_password = NULL; - - err = kim_identity_change_password_common (identity, 1, - &context, - &new_password); - - if (!err) { - /* set counter to zero so we can tell if we got prompted */ - context.prompt_count = 0; - - err = krb5_error (credential->context, - krb5_get_init_creds_password (credential->context, - &creds, - principal, - (char *) new_password, - kim_ui_prompter, - &context, - start_time, - service, - opts)); - - prompt_count = context.prompt_count; /* remember if we got prompts */ - if (!err) { free_creds = 1; } - - if (!err) { - err = krb5_error (credential->context, - krb5_copy_creds (credential->context, - &creds, - &credential->creds)); - } - } - - kim_string_free (&new_password); - } - - if (!err || err == KIM_USER_CANCELED_ERR || - err == KIM_DUPLICATE_UI_REQUEST_ERR) { - /* new creds obtained or the user gave up */ - done_with_credentials = 1; - - if (!err) { - /* remember identity and options if the user wanted to */ - kim_credential_remember_prefs (identity, options); - } - - if (err == KIM_DUPLICATE_UI_REQUEST_ERR) { - kim_ccache ccache = NULL; - /* credential for this identity was obtained, but via a different - * dialog. Find it. */ - - err = kim_ccache_create_from_client_identity (&ccache, - identity); - - if (!err) { - err = kim_ccache_get_valid_credential (ccache, - &credential); - } - - kim_ccache_free (&ccache); - } - - } else if (prompt_count) { - /* User was prompted and might have entered bad info - * so report error and try again. */ - - err = kim_ui_handle_kim_error (&context, identity, - kim_ui_error_type_authentication, - err); - } - - if (err == KRB5KRB_AP_ERR_BAD_INTEGRITY || - err == KRB5KDC_ERR_PREAUTH_FAILED || - err == KIM_BAD_PASSWORD_ERR || err == KIM_PREAUTH_FAILED_ERR) { - /* if the password could have failed, remove any saved ones - * or the user will get stuck. */ - kim_os_identity_remove_saved_password (identity); - } - - if (free_creds) { krb5_free_cred_contents (credential->context, &creds); } - } - - if (!err || err == KIM_USER_CANCELED_ERR) { - /* identity obtained or the user gave up */ - done_with_identity = 1; - - } else if (!in_identity) { - /* User entered an identity so report error and try again */ - err = kim_ui_handle_kim_error (&context, identity, - kim_ui_error_type_authentication, - err); - } - - if (identity != in_identity) { kim_identity_free (&identity); } - } - - if (ui_inited) { - kim_error fini_err = kim_ui_fini (&context); - if (!err) { err = check_error (fini_err); } - } - - if (!err) { - *out_credential = credential; - credential = NULL; - } - - if (options != in_options) { kim_options_free (&options); } - kim_credential_free (&credential); - - return check_error (err); -} - -#ifndef LEAN_CLIENT - -/* ------------------------------------------------------------------------ */ - -kim_error kim_credential_create_from_keytab (kim_credential *out_credential, - kim_identity in_identity, - kim_options in_options, - kim_string in_keytab) -{ - kim_error err = KIM_NO_ERROR; - kim_credential credential = NULL; - krb5_keytab keytab = NULL; - krb5_creds creds; - kim_boolean free_creds = FALSE; - krb5_principal principal = NULL; - kim_options options = in_options; - - if (!err && !out_credential) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_credential_allocate (&credential); - } - - if (!err) { - err = krb5_error (NULL, krb5_init_context (&credential->context)); - } - - if (!err && !options) { - err = kim_options_create (&options); - } - - if (!err) { - if (in_keytab) { - err = krb5_error (credential->context, - krb5_kt_resolve (credential->context, - in_keytab, &keytab)); - } else { - err = krb5_error (credential->context, - krb5_kt_default (credential->context, &keytab)); - } - } - - if (!err) { - if (in_identity) { - err = kim_identity_get_krb5_principal (in_identity, - credential->context, - &principal); - } else { - krb5_kt_cursor cursor = NULL; - krb5_keytab_entry entry; - kim_boolean entry_allocated = FALSE; - - err = krb5_error (credential->context, - krb5_kt_start_seq_get (credential->context, - keytab, - &cursor)); - - if (!err) { - err = krb5_error (credential->context, - krb5_kt_next_entry (credential->context, - keytab, - &entry, - &cursor)); - entry_allocated = (err == KIM_NO_ERROR); /* remember to free later */ - } - - if (!err) { - err = krb5_error (credential->context, - krb5_copy_principal (credential->context, - entry.principal, - &principal)); - } - - if (entry_allocated) { krb5_free_keytab_entry_contents (credential->context, &entry); } - if (cursor ) { krb5_kt_end_seq_get (credential->context, keytab, &cursor); } - } - } - - if (!err) { - krb5_get_init_creds_opt *opts = kim_options_init_cred_options (options); - char *service = kim_options_service_name (options); - kim_time start_time = kim_options_start_time (options); - - err = krb5_error (credential->context, - krb5_get_init_creds_keytab (credential->context, - &creds, - principal, - keytab, - start_time, - service, - opts)); - if (!err) { free_creds = TRUE; } - } - - if (!err) { - err = krb5_error (credential->context, - krb5_copy_creds (credential->context, - &creds, - &credential->creds)); - } - - if (principal ) { krb5_free_principal (credential->context, principal); } - if (free_creds) { krb5_free_cred_contents (credential->context, &creds); } - - if (!err) { - *out_credential = credential; - credential = NULL; - } - - if (options != in_options) { kim_options_free (&options); } - kim_credential_free (&credential); - - return check_error (err); -} - -#endif /* LEAN_CLIENT */ - -/* ------------------------------------------------------------------------ */ - -kim_error kim_credential_create_from_krb5_creds (kim_credential *out_credential, - krb5_context in_krb5_context, - krb5_creds *in_krb5_creds) -{ - kim_error err = KIM_NO_ERROR; - kim_credential credential = NULL; - - if (!err && !out_credential ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_krb5_creds ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_krb5_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_credential_allocate (&credential); - } - - if (!err) { - err = krb5_error (in_krb5_context, - krb5_copy_context (in_krb5_context, - &credential->context)); - } - - if (!err) { - err = krb5_error (credential->context, - krb5_copy_creds (credential->context, - in_krb5_creds, - &credential->creds)); - } - - if (!err) { - *out_credential = credential; - credential = NULL; - } - - return check_error (err); -} -/* ------------------------------------------------------------------------ */ - -kim_error kim_credential_create_for_change_password (kim_credential *out_credential, - kim_identity in_identity, - kim_string in_old_password, - kim_ui_context *in_ui_context, - kim_boolean *out_user_was_prompted) -{ - kim_error err = KIM_NO_ERROR; - kim_credential credential = NULL; - kim_string realm = NULL; - kim_string service = NULL; - kim_string service_format = "kadmin/changepw@%s"; - - if (!err && !out_credential ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_old_password ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_user_was_prompted) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_credential_allocate (&credential); - } - - if (!err) { - err = krb5_error (NULL, krb5_init_context (&credential->context)); - } - - if (!err) { - err = kim_identity_get_realm (in_identity, &realm); - } - - if (!err) { - err = kim_string_create_from_format (&service, service_format, realm); - } - - if (!err) { - krb5_creds creds; - kim_boolean free_creds = 0; - krb5_principal principal = kim_identity_krb5_principal (in_identity); - krb5_get_init_creds_opt opts; - - krb5_get_init_creds_opt_init (&opts); - krb5_get_init_creds_opt_set_tkt_life (&opts, 5*60); - krb5_get_init_creds_opt_set_renew_life (&opts, 0); - krb5_get_init_creds_opt_set_forwardable (&opts, 0); - krb5_get_init_creds_opt_set_proxiable (&opts, 0); - - /* set counter to zero so we can tell if we got prompted */ - in_ui_context->prompt_count = 0; - in_ui_context->identity = in_identity; - - err = krb5_error (credential->context, - krb5_get_init_creds_password (credential->context, - &creds, - principal, - (char *) in_old_password, - kim_ui_prompter, - in_ui_context, 0, - (char *) service, - &opts)); - - if (!err) { free_creds = 1; } - - if (!err) { - err = krb5_error (credential->context, - krb5_copy_creds (credential->context, - &creds, - &credential->creds)); - } - - if (free_creds) { krb5_free_cred_contents (credential->context, &creds); } - } - - if (!err) { - *out_user_was_prompted = (in_ui_context->prompt_count > 0); - *out_credential = credential; - credential = NULL; - } - - kim_string_free (&realm); - kim_string_free (&service); - kim_credential_free (&credential); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_credential_copy (kim_credential *out_credential, - kim_credential in_credential) -{ - kim_error err = KIM_NO_ERROR; - kim_credential credential = NULL; - - if (!err && !out_credential) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_credential ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_credential_allocate (&credential); - } - - if (!err) { - err = krb5_error (in_credential->context, - krb5_copy_context (in_credential->context, - &credential->context)); - } - - if (!err) { - err = krb5_error (credential->context, - krb5_copy_creds (credential->context, - in_credential->creds, - &credential->creds)); - } - - if (!err) { - *out_credential = credential; - credential = NULL; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_credential_get_krb5_creds (kim_credential in_credential, - krb5_context in_krb5_context, - krb5_creds **out_krb5_creds) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_credential ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_krb5_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_krb5_creds ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = krb5_error (in_krb5_context, - krb5_copy_creds (in_krb5_context, - in_credential->creds, - out_krb5_creds)); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_credential_get_client_identity (kim_credential in_credential, - kim_identity *out_client_identity) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_credential ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_client_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_identity_create_from_krb5_principal (out_client_identity, - in_credential->context, - in_credential->creds->client); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_credential_get_service_identity (kim_credential in_credential, - kim_identity *out_service_identity) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_credential ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_service_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_identity_create_from_krb5_principal (out_service_identity, - in_credential->context, - in_credential->creds->server); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_credential_is_tgt (kim_credential in_credential, - kim_boolean *out_is_tgt) -{ - kim_error err = KIM_NO_ERROR; - kim_identity service = NULL; - - if (!err && !in_credential) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_is_tgt ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_credential_get_service_identity (in_credential, &service); - } - - if (!err) { - err = kim_identity_is_tgt_service (service, out_is_tgt); - } - - kim_identity_free (&service); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_credential_get_state (kim_credential in_credential, - kim_credential_state *out_state) -{ - kim_error err = KIM_NO_ERROR; - kim_time expiration_time = 0; - kim_time start_time = 0; - krb5_timestamp now = 0; - - if (!err && !in_credential) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_state ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_credential_get_expiration_time (in_credential, &expiration_time); - } - - if (!err) { - err = kim_credential_get_start_time (in_credential, &start_time); - } - - if (!err) { - krb5_int32 usec; - - err = krb5_error (in_credential->context, - krb5_us_timeofday (in_credential->context, - &now, &usec)); - } - - if (!err) { - *out_state = kim_credentials_state_valid; - - if (expiration_time <= now) { - *out_state = kim_credentials_state_expired; - - } else if ((in_credential->creds->ticket_flags & TKT_FLG_POSTDATED) && - (in_credential->creds->ticket_flags & TKT_FLG_INVALID)) { - if (start_time > now) { - *out_state = kim_credentials_state_not_yet_valid; - } else { - *out_state = kim_credentials_state_needs_validation; - } - - } else if (in_credential->creds->addresses) { /* ticket contains addresses */ - krb5_address **laddresses = NULL; - - krb5_error_code code = krb5_os_localaddr (in_credential->context, - &laddresses); - if (!code) { laddresses = NULL; } - - if (laddresses) { /* assume valid if the local host has no addresses */ - kim_boolean found_match = FALSE; - kim_count i = 0; - - for (i = 0; in_credential->creds->addresses[i]; i++) { - if (!krb5_address_search (in_credential->context, - in_credential->creds->addresses[i], - laddresses)) { - found_match = TRUE; - break; - } - } - - if (!found_match) { - *out_state = kim_credentials_state_address_mismatch; - } - } - - if (laddresses) { krb5_free_addresses (in_credential->context, - laddresses); } - } - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_credential_get_start_time (kim_credential in_credential, - kim_time *out_start_time) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_credential ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_start_time) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - *out_start_time = (in_credential->creds->times.starttime ? - in_credential->creds->times.starttime : - in_credential->creds->times.authtime); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_credential_get_expiration_time (kim_credential in_credential, - kim_time *out_expiration_time) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_credential) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - *out_expiration_time = in_credential->creds->times.endtime; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_credential_get_renewal_expiration_time (kim_credential in_credential, - kim_time *out_renewal_expiration_time) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_credential ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_renewal_expiration_time) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - if (in_credential->creds->ticket_flags & TKT_FLG_RENEWABLE) { - *out_renewal_expiration_time = in_credential->creds->times.renew_till; - } else { - *out_renewal_expiration_time = 0; - } - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_credential_get_options (kim_credential in_credential, - kim_options *out_options) -{ - kim_error err = KIM_NO_ERROR; - kim_options options = NULL; - krb5_creds *creds = NULL; - - if (!err && !in_credential) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_options ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - creds = in_credential->creds; - - err = kim_options_create (&options); - } - - if (!err) { - err = kim_options_set_start_time (options, creds->times.starttime); - } - - if (!err) { - kim_lifetime lifetime = (creds->times.endtime - - (creds->times.starttime ? - creds->times.starttime : - creds->times.authtime)); - - err = kim_options_set_lifetime (options, lifetime); - } - - if (!err) { - kim_boolean renewable = (creds->ticket_flags & TKT_FLG_RENEWABLE); - - err = kim_options_set_renewable (options, renewable); - } - - if (!err) { - kim_lifetime rlifetime = (creds->ticket_flags & TKT_FLG_RENEWABLE ? - creds->times.renew_till - - (creds->times.starttime ? - creds->times.starttime : - creds->times.authtime) : 0); - - err = kim_options_set_renewal_lifetime (options, rlifetime); - } - - if (!err) { - kim_boolean forwardable = (creds->ticket_flags & TKT_FLG_FORWARDABLE); - - err = kim_options_set_forwardable (options, forwardable); - } - - if (!err) { - kim_boolean proxiable = (creds->ticket_flags & TKT_FLG_PROXIABLE); - - err = kim_options_set_proxiable (options, proxiable); - } - - if (!err) { - kim_boolean addressless = (!creds->addresses || !creds->addresses[0]); - - err = kim_options_set_addressless (options, addressless); - } - - if (!err) { - kim_boolean is_tgt = 0; - kim_string service = NULL; /* tgt service */ - - err = kim_credential_is_tgt (in_credential, &is_tgt); - - if (!err && !is_tgt) { - kim_identity identity = NULL; - - err = kim_credential_get_service_identity (in_credential, &identity); - - if (!err) { - err = kim_identity_get_string (identity, &service); - } - - kim_identity_free (&identity); - } - - if (!err) { - err = kim_options_set_service_name (options, service); - } - - kim_string_free (&service); - } - - if (!err) { - *out_options = options; - options = NULL; - } - - kim_options_free (&options); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_credential_store (kim_credential in_credential, - kim_identity in_identity, - kim_ccache *out_ccache) -{ - kim_error err = KIM_NO_ERROR; - krb5_ccache k5ccache = NULL; - kim_boolean destroy_ccache_on_error = FALSE; - - if (!err && !in_credential) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - char *environment_ccache = getenv ("KRB5CCNAME"); - - if (environment_ccache) { - err = krb5_error (in_credential->context, - krb5_cc_resolve (in_credential->context, - environment_ccache, - &k5ccache)); - - } else { - kim_ccache ccache = NULL; - - err = kim_ccache_create_from_client_identity (&ccache, - in_identity); - - if (!err) { - err = kim_ccache_get_krb5_ccache (ccache, - in_credential->context, - &k5ccache); - - } else if (err == KIM_NO_SUCH_PRINCIPAL_ERR) { - /* Nothing to replace, create a new ccache */ - err = krb5_error (in_credential->context, - krb5_cc_new_unique (in_credential->context, - "API", NULL, &k5ccache)); - if (!err) { destroy_ccache_on_error = TRUE; } - } - - kim_ccache_free (&ccache); - } - } - - if (!err) { - krb5_principal principal = kim_identity_krb5_principal (in_identity); - - err = krb5_error (in_credential->context, - krb5_cc_initialize (in_credential->context, - k5ccache, principal)); - } - - if (!err) { - err = krb5_error (in_credential->context, - krb5_cc_store_cred (in_credential->context, - k5ccache, in_credential->creds)); - } - - if (!err && out_ccache) { - err = kim_ccache_create_from_krb5_ccache (out_ccache, - in_credential->context, - k5ccache); - } - - if (k5ccache) { - if (err && destroy_ccache_on_error) { - krb5_cc_destroy (in_credential->context, k5ccache); - } else { - krb5_cc_close (in_credential->context, k5ccache); - } - } - - return check_error (err); -} - -#ifndef LEAN_CLIENT - -/* ------------------------------------------------------------------------ */ - -kim_error kim_credential_verify (kim_credential in_credential, - kim_identity in_service_identity, - kim_string in_keytab, - kim_boolean in_fail_if_no_service_key) -{ - kim_error err = KIM_NO_ERROR; - krb5_context scontext = NULL; - krb5_keytab keytab = NULL; - - if (!err && !in_credential) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = krb5_error (NULL, krb5_init_secure_context (&scontext)); - } - - if (in_keytab) { - err = krb5_error (scontext, - krb5_kt_resolve (scontext, in_keytab, &keytab)); - } - - if (!err) { - krb5_principal sprincipal = NULL; - krb5_verify_init_creds_opt options; - - /* That's "no key == fail" not "no fail" >.< */ - krb5_verify_init_creds_opt_init (&options); - krb5_verify_init_creds_opt_set_ap_req_nofail (&options, in_fail_if_no_service_key); - - if (in_service_identity) { - sprincipal = kim_identity_krb5_principal (in_service_identity); - } - - err = krb5_error (scontext, - krb5_verify_init_creds (scontext, - in_credential->creds, - sprincipal, - keytab, - NULL /* don't store creds in ccache */, - &options)); - - if (err && !in_service_identity && in_fail_if_no_service_key) { - /* If the service principal wasn't specified but we are supposed to - * fail without a key we should walk the keytab trying to find one - * that succeeds. */ - krb5_error_code terr = 0; - kim_boolean verified = 0; - krb5_kt_cursor cursor = NULL; - krb5_keytab_entry entry; - - - if (!keytab) { - terr = krb5_kt_default (scontext, &keytab); - } - - if (!terr) { - terr = krb5_kt_start_seq_get (scontext, keytab, &cursor); - } - - while (!terr && !verified) { - kim_boolean free_entry = 0; - - terr = krb5_kt_next_entry (scontext, keytab, &entry, &cursor); - free_entry = !terr; /* remember to free */ - - if (!terr) { - terr = krb5_verify_init_creds (scontext, in_credential->creds, - entry.principal /* get principal for the 1st entry */, - keytab, - NULL /* don't store creds in ccache */, - &options); - } - - if (!terr) { - verified = 1; - } - - if (free_entry) { krb5_free_keytab_entry_contents (scontext, &entry); } - } - - if (!terr && verified) { - /* We found a key that verified! */ - err = KIM_NO_ERROR; - } - - if (cursor) { krb5_kt_end_seq_get (scontext, keytab, &cursor); } - } - } - - if (keytab ) { krb5_kt_close (scontext, keytab); } - if (scontext) { krb5_free_context (scontext); } - - return check_error (err); -} - -#endif /* LEAN_CLIENT */ - -/* ------------------------------------------------------------------------ */ - -kim_error kim_credential_renew (kim_credential *io_credential, - kim_options in_options) -{ - kim_error err = KIM_NO_ERROR; - kim_string service_name = NULL; - krb5_ccache ccache = NULL; - - if (!err && !io_credential) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - kim_options options = in_options; - - if (!options) { - err = kim_options_create (&options); - } - - if (!err) { - err = kim_options_get_service_name (options, &service_name); - } - - if (options != in_options) { kim_options_free (&options); } - } - - if (!err) { - err = krb5_error ((*io_credential)->context, - krb5_cc_new_unique ((*io_credential)->context, - "MEMORY", NULL, - &ccache)); - } - - if (!err) { - err = krb5_error ((*io_credential)->context, - krb5_cc_initialize ((*io_credential)->context, ccache, - (*io_credential)->creds->client)); - } - - if (!err) { - err = krb5_error ((*io_credential)->context, - krb5_cc_store_cred ((*io_credential)->context, ccache, - (*io_credential)->creds)); - } - - if (!err) { - krb5_creds creds; - krb5_creds *renewed_creds = NULL; - kim_boolean free_creds = 0; - - err = krb5_error ((*io_credential)->context, - krb5_get_renewed_creds ((*io_credential)->context, - &creds, (*io_credential)->creds->client, - ccache, (char *) service_name)); - if (!err) { free_creds = 1; } - - if (!err) { - err = krb5_error ((*io_credential)->context, - krb5_copy_creds ((*io_credential)->context, - &creds, &renewed_creds)); - } - - if (!err) { - /* replace the credentials */ - krb5_free_creds ((*io_credential)->context, (*io_credential)->creds); - (*io_credential)->creds = renewed_creds; - } - - if (free_creds) { krb5_free_cred_contents ((*io_credential)->context, &creds); } - } - - if (ccache) { krb5_cc_destroy ((*io_credential)->context, ccache); } - kim_string_free (&service_name); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_credential_validate (kim_credential *io_credential, - kim_options in_options) -{ - kim_error err = KIM_NO_ERROR; - kim_string service_name = NULL; - krb5_ccache ccache = NULL; - - if (!err && !io_credential) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - kim_options options = in_options; - - if (!options) { - err = kim_options_create (&options); - } - - if (!err) { - err = kim_options_get_service_name (options, &service_name); - } - - if (options != in_options) { kim_options_free (&options); } - } - - if (!err) { - err = krb5_error ((*io_credential)->context, - krb5_cc_new_unique ((*io_credential)->context, - "MEMORY", NULL, - &ccache)); - } - - if (!err) { - err = krb5_error ((*io_credential)->context, - krb5_cc_initialize ((*io_credential)->context, ccache, - (*io_credential)->creds->client)); - } - - if (!err) { - err = krb5_error ((*io_credential)->context, - krb5_cc_store_cred ((*io_credential)->context, ccache, - (*io_credential)->creds)); - } - - if (!err) { - krb5_creds creds; - krb5_creds *validated_creds = NULL; - kim_boolean free_creds = 0; - - err = krb5_error ((*io_credential)->context, - krb5_get_validated_creds ((*io_credential)->context, - &creds, - (*io_credential)->creds->client, - ccache, - (char *) service_name)); - if (!err) { free_creds = 1; } - - if (!err) { - err = krb5_error ((*io_credential)->context, - krb5_copy_creds ((*io_credential)->context, - &creds, &validated_creds)); - } - - if (!err) { - /* replace the credentials */ - krb5_free_creds ((*io_credential)->context, (*io_credential)->creds); - (*io_credential)->creds = validated_creds; - } - - if (free_creds) { krb5_free_cred_contents ((*io_credential)->context, &creds); } - } - - if (ccache) { krb5_cc_destroy ((*io_credential)->context, ccache); } - kim_string_free (&service_name); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -void kim_credential_free (kim_credential *io_credential) -{ - if (io_credential && *io_credential) { - if ((*io_credential)->context) { - if ((*io_credential)->creds) { - krb5_free_creds ((*io_credential)->context, (*io_credential)->creds); - } - krb5_free_context ((*io_credential)->context); - } - free (*io_credential); - *io_credential = NULL; - } -} diff --git a/src/kim/lib/kim_credential_private.h b/src/kim/lib/kim_credential_private.h deleted file mode 100644 index fb9bdbefa..000000000 --- a/src/kim/lib/kim_credential_private.h +++ /dev/null @@ -1,38 +0,0 @@ -/* kim/lib/kim_credential_private.h */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_CREDENTIAL_PRIVATE_H -#define KIM_CREDENTIAL_PRIVATE_H - -#include <kim/kim.h> -#include "kim_ui_private.h" - -kim_error kim_credential_create_for_change_password (kim_credential *out_credential, - kim_identity in_identity, - kim_string in_old_password, - kim_ui_context *in_ui_context, - kim_boolean *out_user_was_prompted); - -#endif /* KIM_CREDENTIAL_PRIVATE_H */ diff --git a/src/kim/lib/kim_debug.c b/src/kim/lib/kim_debug.c deleted file mode 100644 index 8a1ecdf20..000000000 --- a/src/kim/lib/kim_debug.c +++ /dev/null @@ -1,75 +0,0 @@ -/* kim/lib/kim_debug.c */ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "kim_private.h" - -/* ------------------------------------------------------------------------ */ - -kim_error _check_error (kim_error in_err, - kim_string in_function, - kim_string in_file, - int in_line) -{ - if (in_err) { - kim_debug_printf ("%s(): got %d ('%s') at %s: %d", - in_function, in_err, kim_error_message (in_err), - in_file, in_line); - } - - return in_err; -} - -/* ------------------------------------------------------------------------ */ - -void __kim_debug_printf (kim_string in_function, - kim_string in_format, - ...) -{ - kim_error err = KIM_NO_ERROR; - kim_string format = NULL; - kim_string string = NULL; - - if (!err && !in_function) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_format ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_string_create_from_format (&format, "%s(): %s", - in_function, in_format); - } - - if (!err) { - va_list args; - va_start (args, in_format); - err = kim_string_create_from_format_va (&string, format, args); - va_end (args); - } - - if (!err) { - kim_os_debug_print (string); - } - - kim_string_free (&format); - kim_string_free (&string); -} diff --git a/src/kim/lib/kim_debug_private.h b/src/kim/lib/kim_debug_private.h deleted file mode 100644 index f2aabbaf2..000000000 --- a/src/kim/lib/kim_debug_private.h +++ /dev/null @@ -1,37 +0,0 @@ -/* kim/lib/kim_debug_private.h */ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#define kim_debug_printf(format, ...) __kim_debug_printf(__FUNCTION__, format, ## __VA_ARGS__) -void __kim_debug_printf (kim_string in_function, - kim_string in_format, - ...); - -kim_error _check_error (kim_error in_err, - kim_string in_function, - kim_string in_file, - int in_line); -#define check_error(err) _check_error(err, __FUNCTION__, __FILE__, __LINE__) - -void kim_os_debug_print (kim_string in_string); diff --git a/src/kim/lib/kim_error_message.c b/src/kim/lib/kim_error_message.c deleted file mode 100644 index 39ee4c82e..000000000 --- a/src/kim/lib/kim_error_message.c +++ /dev/null @@ -1,243 +0,0 @@ -/* kim/lib/kim_error_message.c */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "k5-int.h" -#include "kim_private.h" -#include <com_err.h> -#include <CredentialsCache.h> - -static k5_mutex_t kim_error_lock = K5_MUTEX_PARTIAL_INITIALIZER; - -MAKE_INIT_FUNCTION(kim_error_initialize); -MAKE_FINI_FUNCTION(kim_error_terminate); - -/* ------------------------------------------------------------------------ */ - -typedef struct kim_last_error { - kim_error code; - char message[2048]; -} *kim_last_error; - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_error_set_message (kim_error in_error, - kim_string in_message) -{ - int lock_err = 0; - kim_error err = KIM_NO_ERROR; - kim_last_error last_error = NULL; - - err = lock_err = k5_mutex_lock (&kim_error_lock); - - if (!err) { - last_error = k5_getspecific (K5_KEY_KIM_ERROR_MESSAGE); - - if (!last_error) { - last_error = malloc (sizeof (*last_error)); - if (!last_error) { - err = KIM_OUT_OF_MEMORY_ERR; - } else { - last_error->code = KIM_NO_ERROR; - err = k5_setspecific (K5_KEY_KIM_ERROR_MESSAGE, last_error); - } - } - } - - if (!err) { - strncpy (last_error->message, in_message, sizeof (last_error->message)); - last_error->message[sizeof (last_error->message)-1] = '\0'; - last_error->code = in_error; - } - - if (!lock_err) { k5_mutex_unlock (&kim_error_lock); } - - return err; -} - -/* ------------------------------------------------------------------------ */ - -static void kim_error_free_message (void *io_error) -{ - kim_last_error error = io_error; - - if (error) { - if (error->message) { - free (error->message); - } - free (error); - } -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -static kim_boolean kim_error_is_builtin (kim_error in_error) -{ - return (in_error == KIM_NO_ERROR || - in_error == KIM_OUT_OF_MEMORY_ERR); -} - -/* ------------------------------------------------------------------------ */ -/* Warning: only remap to error strings with the same format! */ - -static kim_error kim_error_remap (kim_error in_error) -{ - /* some krb5 errors are confusing. remap to better ones */ - switch (in_error) { - case KRB5KRB_AP_ERR_BAD_INTEGRITY: - return KIM_BAD_PASSWORD_ERR; - - case KRB5KDC_ERR_PREAUTH_FAILED: - return KIM_PREAUTH_FAILED_ERR; - - case KRB5KRB_AP_ERR_SKEW: - return KIM_CLOCK_SKEW_ERR; - } - - return in_error; -} - -/* ------------------------------------------------------------------------ */ - -kim_string kim_error_message (kim_error in_error) -{ - int lock_err = 0; - kim_last_error last_error = NULL; - kim_string message = NULL; - - lock_err = k5_mutex_lock (&kim_error_lock); - - if (!lock_err) { - last_error = k5_getspecific (K5_KEY_KIM_ERROR_MESSAGE); - if (last_error && last_error->code == in_error) { - message = last_error->message; - } - } - - if (!lock_err) { k5_mutex_unlock (&kim_error_lock); } - - return message ? message : error_message (kim_error_remap (in_error)); -} - -#pragma mark -- Generic Functions -- - -/* ------------------------------------------------------------------------ */ - -kim_error kim_error_set_message_for_code (kim_error in_error, - ...) -{ - kim_error err = KIM_NO_ERROR; - va_list args; - - va_start (args, in_error); - err = kim_error_set_message_for_code_va (in_error, args); - va_end (args); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_error_set_message_for_code_va (kim_error in_code, - va_list in_args) -{ - kim_error err = KIM_NO_ERROR; - kim_error code = kim_error_remap (in_code); - - if (!kim_error_is_builtin (code)) { - kim_string message = NULL; - - err = kim_string_create_from_format_va_retcode (&message, - error_message (code), - in_args); - - if (!err) { - err = kim_error_set_message (code, message); - } - - kim_string_free (&message); - } - - return err ? err : code; -} - - -/* ------------------------------------------------------------------------ */ - -kim_error kim_error_set_message_for_krb5_error (krb5_context in_context, - krb5_error_code in_code) -{ - kim_error err = KIM_NO_ERROR; - krb5_error_code code = kim_error_remap (in_code); - - if (code != in_code) { - /* error was remapped to a KIM error */ - err = kim_error_set_message (code, error_message (code)); - - } else if (!kim_error_is_builtin (code)) { - const char *message = krb5_get_error_message (in_context, code); - - if (message) { - err = kim_error_set_message (code, message); - - krb5_free_error_message (in_context, message); - } - } - - return err ? err : code; -} - -#pragma mark -- Debugging Functions -- - -/* ------------------------------------------------------------------------ */ - -int kim_error_initialize (void) -{ - int err = 0; - - if (!err) { - err = k5_mutex_finish_init (&kim_error_lock); - } - - if (!err) { - err = k5_key_register (K5_KEY_KIM_ERROR_MESSAGE, - kim_error_free_message); - } - - return err; -} - -/* ------------------------------------------------------------------------ */ - -void kim_error_terminate (void) -{ - if (!INITIALIZER_RAN (kim_error_initialize) || PROGRAM_EXITING ()) { - return; - } - - k5_key_delete (K5_KEY_KIM_ERROR_MESSAGE); - k5_mutex_destroy (&kim_error_lock); -} diff --git a/src/kim/lib/kim_error_private.h b/src/kim/lib/kim_error_private.h deleted file mode 100644 index 56b41d48f..000000000 --- a/src/kim/lib/kim_error_private.h +++ /dev/null @@ -1,42 +0,0 @@ -/* kim/lib/kim_error_private.h */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_ERROR_PRIVATE_H -#define KIM_ERROR_PRIVATE_H - -#include <kim/kim.h> - -kim_error kim_error_set_message_for_code (kim_error in_code, - ...); -kim_error kim_error_set_message_for_code_va (kim_error in_code, - va_list in_args); -kim_error kim_error_set_message_for_krb5_error (krb5_context in_context, - krb5_error_code in_code); - -#define krb5_error(context,code) kim_error_set_message_for_krb5_error(context, code) - -kim_string kim_error_message (kim_error in_error); - -#endif /* KIM_ERROR_PRIVATE_H */ diff --git a/src/kim/lib/kim_errors.et b/src/kim/lib/kim_errors.et deleted file mode 100644 index 15f07be03..000000000 --- a/src/kim/lib/kim_errors.et +++ /dev/null @@ -1,76 +0,0 @@ -# Copyright 2005-2006 by the Massachusetts Institute of Technology. -# -# Export of this software from the United States of America may -# require a specific license from the United States Government. -# It is the responsibility of any person or organization contemplating -# export to obtain such a license before exporting. -# -# WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -# distribute this software and its documentation for any purpose and -# without fee is hereby granted, provided that the above copyright -# notice appear in all copies and that both that copyright notice and -# this permission notice appear in supporting documentation, and that -# the name of M.I.T. not be used in advertising or publicity pertaining -# to distribution of the software without specific, written prior -# permission. Furthermore if you modify this software you must label -# your software as modified software and not distribute it in such a -# fashion that it might be confused with the original M.I.T. software. -# M.I.T. makes no representations about the suitability of -# this software for any purpose. It is provided "as is" without express -# or implied warranty. - -error_table_manager "Kerberos Identity Management" -error_table KIM - -# Configuration and System Errors -error_code KIM_OUT_OF_MEMORY_ERR, "Out of memory" -error_code KIM_NULL_PARAMETER_ERR, "Parameter may not be NULL. Please consult the KIM API documentation" -error_code KIM_KRB5_INIT_FAILED_ERR, "Unable to initialize Kerberos v5" -error_code KIM_NO_REALMS_ERR, "There are no Kerberos realms configured" -error_code KIM_NO_SUCH_REALM_ERR, "The realm '%s' is not in your configuration file or does not exist" -error_code KIM_UNSUPPORTED_HINT_ERR, "The hint '%s' is not supported by this version of KIM" -error_code KIM_CLOCK_SKEW_ERR, "Clock skew too big: please check your time, time zone and daylight savings settings" - -index 25 -# Principal Errors -error_code KIM_BAD_PRINCIPAL_STRING_ERR, "'%s' is not a valid Kerberos principal" -error_code KIM_BAD_COMPONENT_INDEX_ERR, "Principal does not have a component at index %d" -error_code KIM_PASSWORD_MISMATCH_ERR, "New and verify passwords do not match" -error_code KIM_INSECURE_PASSWORD_ERR, "Your new password for '%s' is insecure; please pick another one" -error_code KIM_PASSWORD_CHANGE_FAILED_ERR, "Unable to change password for %s" -error_code KIM_BAD_PASSWORD_ERR, "Password incorrect" -error_code KIM_PREAUTH_FAILED_ERR, "Password incorrect or preauthentication failed" - -index 50 -# Options Errors -error_code KIM_BAD_OPTIONS_ERR, "Invalid options" -error_code KIM_BAD_OPTIONS_VALUE_ERR, "Invalid value for Kerberos default login option" - -index 75 -# User Interface Errors -error_code KIM_CAPS_LOCK_ERR, "Password Incorrect (check your Caps Lock)" -error_code KIM_USER_CANCELED_ERR, "The user cancelled the operation" -error_code KIM_NO_SERVER_ERR, "KerberosAgent is not responding" -error_code KIM_NO_UI_ERR, "Unable to display a user interface from this environment" -error_code KIM_DUPLICATE_UI_REQUEST_ERR, "UI just handled this request" - -index 100 -# Preferences Errors -error_code KIM_PREFERENCES_READ_ERR, "Unable to read user preferences. The file may be missing, inaccessible or corrupted" -error_code KIM_PREFERENCES_WRITE_ERR, "Unable to write user preferences. The file may be inaccessible" -error_code KIM_IDENTITY_NOT_IN_LIST_ERR, "Identity %s is not in the favorite identities list" -error_code KIM_IDENTITY_ALREADY_IN_LIST_ERR, "Identity %s is already in the favorite identities list" -error_code KIM_BAD_IDENTITY_INDEX_ERR, "No identity at index %d in the favorite identities list" - -index 125 -# Cache Collection Errors -error_code KIM_NO_SUCH_PRINCIPAL_ERR, "Principal '%s' does not exist in the cache collection" -error_code KIM_CANT_BECOME_DEFAULT_ERR, "The credentials cache '%s' cannot become the system default cache" -error_code KIM_CREDENTIALS_EXPIRED_ERR, "The Kerberos credentials for '%s' have expired" -error_code KIM_NO_CREDENTIALS_ERR, "No Kerberos credentials for '%s' available" -error_code KIM_BAD_IP_ADDRESS_ERR, "The IP addresses in the Kerberos credentials for '%s' do not match any of your computer's IP addresses" -error_code KIM_NO_SUCH_CCACHE_ERR, "The credentials cache '%s' does not exist" -error_code KIM_BAD_HOST_CONFIGURATION_ERR, "Unable to get local hostname or address information" -error_code KIM_NEEDS_VALIDATION_ERR, "The Kerberos credentials for '%s' need to be validated" - -end diff --git a/src/kim/lib/kim_identity.c b/src/kim/lib/kim_identity.c deleted file mode 100644 index 0bbc8c50d..000000000 --- a/src/kim/lib/kim_identity.c +++ /dev/null @@ -1,801 +0,0 @@ -/* kim/lib/kim_identity.c */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "k5-int.h" -#include <krb5.h> -#include "kim_private.h" - -/* ------------------------------------------------------------------------ */ - -struct kim_identity_opaque { - krb5_context context; - krb5_principal principal; -}; - -struct kim_identity_opaque kim_identity_initializer = { NULL, NULL }; - -/* ------------------------------------------------------------------------ */ - -static inline kim_error kim_identity_allocate (kim_identity *out_identity) -{ - kim_error err = kim_library_init (); - kim_identity identity = NULL; - - if (!err && !out_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - identity = malloc (sizeof (*identity)); - if (!identity) { err = KIM_OUT_OF_MEMORY_ERR; } - } - - if (!err) { - *identity = kim_identity_initializer; - *out_identity = identity; - identity = NULL; - } - - kim_identity_free (&identity); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_identity_create_from_string (kim_identity *out_identity, - kim_string in_string) -{ - kim_error err = KIM_NO_ERROR; - kim_identity identity = NULL; - - if (!err && !out_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_string ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_identity_allocate (&identity); - } - - if (!err) { - err = krb5_error (NULL, krb5_init_context (&identity->context)); - } - - if (!err) { - krb5_error_code code = krb5_parse_name (identity->context, in_string, &identity->principal); - if (code == KRB5_PARSE_MALFORMED) { - err = kim_error_set_message_for_code (KIM_BAD_PRINCIPAL_STRING_ERR, - in_string); - } else if (code) { - err = krb5_error (identity->context, code); - } - } - - if (!err) { - *out_identity = identity; - identity = NULL; - } - - if (identity) { kim_identity_free (&identity); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_identity_create_from_components (kim_identity *out_identity, - kim_string in_realm, - kim_string in_1st_component, - ...) -{ - kim_error err = KIM_NO_ERROR; - kim_identity identity = NULL; - - if (!err && !out_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_realm ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_1st_component) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_identity_allocate (&identity); - } - - if (!err) { - err = krb5_error (NULL, krb5_init_context (&identity->context)); - } - - if (!err) { - va_list args; - - va_start (args, in_1st_component); - err = krb5_error (identity->context, - krb5int_build_principal_alloc_va (identity->context, - &identity->principal, - strlen(in_realm), - in_realm, - in_1st_component, - args)); - va_end (args); - } - - if (!err) { - *out_identity = identity; - identity = NULL; - } - - kim_identity_free (&identity); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_identity_create_from_krb5_principal (kim_identity *out_identity, - krb5_context in_krb5_context, - krb5_principal in_krb5_principal) -{ - kim_error err = KIM_NO_ERROR; - kim_identity identity = NULL; - - if (!err && !out_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_krb5_principal) { err = check_error (KIM_NULL_PARAMETER_ERR); } - /* KLCreatePrincipalFromKerberos5Principal passes NULL in_krb5_context */ - - if (!err) { - err = kim_identity_allocate (&identity); - } - - if (!err) { - if (in_krb5_context) { - err = krb5_error (in_krb5_context, - krb5_copy_context (in_krb5_context, - &identity->context)); - } else { - err = krb5_error (NULL, - krb5_init_context (&identity->context)); - } - } - - if (!err) { - err = krb5_error (identity->context, - krb5_copy_principal (identity->context, - in_krb5_principal, - &identity->principal)); - } - - if (!err) { - *out_identity = identity; - identity = NULL; - } - - kim_identity_free (&identity); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_identity_copy (kim_identity *out_identity, - kim_identity in_identity) -{ - kim_error err = KIM_NO_ERROR; - kim_identity identity = KIM_IDENTITY_ANY; - - if (!err && !out_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err && in_identity != KIM_IDENTITY_ANY) { - err = kim_identity_allocate (&identity); - - if (!err) { - err = krb5_error (in_identity->context, - krb5_copy_context (in_identity->context, - &identity->context)); - } - - if (!err) { - err = krb5_error (identity->context, - krb5_copy_principal (identity->context, - in_identity->principal, - &identity->principal)); - } - } - - if (!err) { - *out_identity = identity; - identity = NULL; - } - - kim_identity_free (&identity); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_identity_compare (kim_identity in_identity, - kim_identity in_compare_to_identity, - kim_comparison *out_comparison) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_compare_to_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_comparison ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - if (krb5_principal_compare (in_identity->context, - in_identity->principal, - in_compare_to_identity->principal)) { - *out_comparison = 0; - } else { - kim_string string = NULL; - kim_string compare_to_string = NULL; - - err = kim_identity_get_string (in_identity, &string); - - if (!err) { - err = kim_identity_get_string (in_compare_to_identity, &compare_to_string); - } - - if (!err) { - err = kim_string_compare (string, compare_to_string, out_comparison); - } - - kim_string_free (&string); - kim_string_free (&compare_to_string); - } - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_identity_get_string (kim_identity in_identity, - kim_string *out_string) -{ - kim_error err = KIM_NO_ERROR; - char *unparsed_name = NULL; - - if (!err && !in_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_string ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = krb5_error (in_identity->context, - krb5_unparse_name (in_identity->context, - in_identity->principal, - &unparsed_name)); - } - - if (!err) { - err = kim_string_copy (out_string, unparsed_name); - } - - if (unparsed_name) { krb5_free_unparsed_name (in_identity->context, unparsed_name); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_identity_get_display_string (kim_identity in_identity, - kim_string *out_display_string) -{ - kim_error err = KIM_NO_ERROR; - kim_string string = NULL; - - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_display_string) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_identity_get_string (in_identity, &string); - } - - if (!err) { - kim_count i, j; - kim_count length = strlen (string) + 1; /* Copy the '\0' */ - char *display_string = (char *) string; /* so we can modify it */ - - /* In place copy, skipping escaped separators. - * Note that we do not want to remove other escaped characters - * (tab, break, newline, NULL) because they are less readable - * when unescaped (and NULL isn't a valid string character). */ - for (i = 0, j = 0; i < length; i++) { - if (string[i] == '\\') { - switch (string[i + 1]) { - case '/': /* component separator */ - case '@': /* realm separator */ - continue; /* skip the '\' */ - } - } - - display_string[j++] = string[i]; /* Copy this char */ - } - - *out_display_string = string; - string = NULL; - } - - if (string) { kim_string_free (&string); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_identity_get_realm (kim_identity in_identity, - kim_string *out_realm_string) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_realm_string) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - krb5_data *realm = krb5_princ_realm (in_identity->context, in_identity->principal); - - err = kim_string_create_from_buffer (out_realm_string, realm->data, realm->length); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_identity_get_number_of_components (kim_identity in_identity, - kim_count *out_number_of_components) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_number_of_components) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - *out_number_of_components = krb5_princ_size (in_identity->context, in_identity->principal); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_identity_get_component_at_index (kim_identity in_identity, - kim_count in_index, - kim_string *out_component_string) -{ - kim_error err = KIM_NO_ERROR; - krb5_data *component = NULL; - - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_component_string) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - krb5_int32 i = in_index; - component = krb5_princ_component (in_identity->context, in_identity->principal, i); - if (!component) { - err = kim_error_set_message_for_code (KIM_BAD_COMPONENT_INDEX_ERR, i); - } - } - - if (!err) { - err = kim_string_create_from_buffer (out_component_string, component->data, component->length); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_identity_get_components_string (kim_identity in_identity, - kim_string *out_components) -{ - kim_error err = KIM_NO_ERROR; - kim_string components = NULL; - kim_count count, i; - - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_components) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_identity_get_number_of_components (in_identity, &count); - } - - if (!err) { - err = kim_identity_get_component_at_index (in_identity, 0, &components); - } - - for (i = 1; !err && i < count; i++) { - kim_string new_components = NULL; - kim_string component = NULL; - - err = kim_identity_get_component_at_index (in_identity, i, &component); - - if (!err) { - err = kim_string_create_from_format (&new_components, "%s/%s", - components, component); - } - - if (!err) { - kim_string_free (&components); - components = new_components; - new_components = NULL; - } - - if (component ) { kim_string_free (&component); } - if (new_components) { kim_string_free (&new_components); } - } - - if (!err) { - *out_components = components; - components = NULL; - } - - if (components) { kim_string_free (&components); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_identity_get_krb5_principal (kim_identity in_identity, - krb5_context in_krb5_context, - krb5_principal *out_krb5_principal) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_krb5_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_krb5_principal) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = krb5_error (in_krb5_context, - krb5_copy_principal (in_krb5_context, - in_identity->principal, - out_krb5_principal)); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -krb5_principal kim_identity_krb5_principal (kim_identity in_identity) -{ - if (in_identity) { - return in_identity->principal; - } - check_error (KIM_NULL_PARAMETER_ERR); /* log error */ - return NULL; -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_identity_is_tgt_service (kim_identity in_identity, - kim_boolean *out_is_tgt_service) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_is_tgt_service) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - kim_count count = krb5_princ_size (in_identity->context, in_identity->principal); - krb5_data *name = krb5_princ_name (in_identity->context, in_identity->principal); - - /* krbtgt/<REALM1>@<REALM2> (usually REALM1 == REALM2, but not always) */ - *out_is_tgt_service = ((count == 2) && - (strlen (KRB5_TGS_NAME) == name->length) && - (strncmp (name->data, KRB5_TGS_NAME, name->length) == 0)); - } - - return check_error (err); -} - - -/* ------------------------------------------------------------------------ */ - -kim_error kim_identity_change_password_with_credential (kim_identity in_identity, - kim_credential in_credential, - kim_string in_new_password, - kim_ui_context *in_ui_context, - kim_error *out_rejected_err, - kim_string *out_rejected_message, - kim_string *out_rejected_description) -{ - kim_error err = KIM_NO_ERROR; - krb5_creds *creds = NULL; - int rejected_err = 0; - krb5_data message_data; - krb5_data description_data; - - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_credential ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_new_password ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_ui_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_rejected_err) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_credential_get_krb5_creds (in_credential, - in_identity->context, - &creds); - } - - if (!err) { - if (krb5_principal_compare (in_identity->context, - in_identity->principal, - creds->client)) { - /* Same principal, change the password normally */ - err = krb5_error (in_identity->context, - krb5_change_password (in_identity->context, - creds, - (char *) in_new_password, - &rejected_err, - &message_data, - &description_data)); - } else { - /* Different principal, use set change password protocol */ - err = krb5_error (in_identity->context, - krb5_set_password (in_identity->context, - creds, - (char *) in_new_password, - in_identity->principal, - &rejected_err, - &message_data, - &description_data)); - } - - } - - if (!err && rejected_err) { - kim_string rejected_message = NULL; - kim_string rejected_description = NULL; - - if (message_data.data && message_data.length > 0) { - err = kim_string_create_from_buffer (&rejected_message, - message_data.data, - message_data.length); - } else { - err = kim_os_string_create_localized (&rejected_message, - "Kerberos Change Password Failed:"); - } - - if (!err) { - if (description_data.data && description_data.length > 0) { - err = kim_string_create_from_buffer (&rejected_description, - description_data.data, - description_data.length); - } else { - err = kim_os_string_create_localized (&rejected_description, - "New password rejected."); - } - } - - if (!err && in_ui_context->type != kim_ui_type_cli) { - char *c; - - // replace all \n and \r characters with spaces - for (c = (char *) rejected_message; *c != '\0'; c++) { - if ((*c == '\n') || (*c == '\r')) { *c = ' '; } - } - - for (c = (char *) rejected_description; *c != '\0'; c++) { - if ((*c == '\n') || (*c == '\r')) { *c = ' '; } - } - } - - if (!err) { - if (out_rejected_message) { - *out_rejected_message = rejected_message; - rejected_message = NULL; - } - if (out_rejected_description) { - *out_rejected_description = rejected_description; - rejected_description = NULL; - } - } - - kim_string_free (&rejected_message); - kim_string_free (&rejected_description); - - krb5_free_data_contents (in_identity->context, &message_data); - krb5_free_data_contents (in_identity->context, &description_data); - } - - if (!err) { - /* do this after reporting errors so we don't double report rejection */ - *out_rejected_err = rejected_err; - } - - if (creds) { krb5_free_creds (in_identity->context, creds); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_identity_change_password_common (kim_identity in_identity, - kim_boolean in_old_password_expired, - kim_ui_context *in_ui_context, - kim_string *out_new_password) -{ - kim_error err = KIM_NO_ERROR; - kim_boolean done = 0; - - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_ui_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - while (!err && !done) { - char *old_password = NULL; - char *new_password = NULL; - char *verify_password = NULL; - kim_error rejected_err = KIM_NO_ERROR; - kim_string rejected_message = NULL; - kim_string rejected_description = NULL; - kim_boolean was_prompted = 0; /* ignore because we always prompt */ - - err = kim_ui_change_password (in_ui_context, - in_identity, - in_old_password_expired, - &old_password, - &new_password, - &verify_password); - - if (!err) { - kim_comparison comparison; - - err = kim_string_compare (new_password, - verify_password, - &comparison); - if (!err && !kim_comparison_is_equal_to (comparison)) { - err = check_error (KIM_PASSWORD_MISMATCH_ERR); - } - } - - if (!err) { - kim_credential credential = NULL; - - if (in_ui_context->type == kim_ui_type_cli && in_ui_context->tcontext) { - /* command line has already gotten the credentials for us */ - credential = (kim_credential) in_ui_context->tcontext; - } else { - err = kim_credential_create_for_change_password (&credential, - in_identity, - old_password, - in_ui_context, - &was_prompted); - } - - if (!err) { - err = kim_identity_change_password_with_credential (in_identity, - credential, - new_password, - in_ui_context, - &rejected_err, - &rejected_message, - &rejected_description); - } - - kim_credential_free (&credential); - if (in_ui_context->type == kim_ui_type_cli) { - in_ui_context->tcontext = NULL; /* just freed our creds */ - } - } - - if (!err && rejected_err) { - /* Password rejected, report it to the user */ - err = kim_ui_handle_error (in_ui_context, in_identity, - rejected_err, - rejected_message, - rejected_description); - - } else if (err && err != KIM_USER_CANCELED_ERR && - err != KIM_DUPLICATE_UI_REQUEST_ERR) { - /* New creds failed, report error to user. - * Overwrite error so we loop and let the user try again. - * The user always gets prompted so we always loop. */ - err = kim_ui_handle_kim_error (in_ui_context, in_identity, - kim_ui_error_type_change_password, - err); - - } else { - /* password change succeeded or the user gave up */ - done = 1; - - if (!err && out_new_password) { - err = kim_string_copy (out_new_password, new_password); - } - - if (!err) { - kim_error terr = KIM_NO_ERROR; - kim_string saved_password = NULL; - - terr = kim_os_identity_get_saved_password (in_identity, - &saved_password); - if (!terr) { - /* We changed the password and the user had their - * old password saved. Update it. */ - terr = kim_os_identity_set_saved_password (in_identity, - new_password); - } - - kim_string_free (&saved_password); - } - - if (err == KIM_DUPLICATE_UI_REQUEST_ERR) { err = KIM_NO_ERROR; } - } - - kim_string_free (&rejected_message); - kim_string_free (&rejected_description); - - kim_ui_free_string (in_ui_context, &old_password); - kim_ui_free_string (in_ui_context, &new_password); - kim_ui_free_string (in_ui_context, &verify_password); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_identity_change_password (kim_identity in_identity) -{ - kim_error err = KIM_NO_ERROR; - kim_ui_context context; - kim_boolean ui_inited = 0; - - if (!err && !in_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_ui_init (&context); - if (!err) { ui_inited = 1; } - } - - if (!err) { - err = kim_identity_change_password_common (in_identity, 0, - &context, NULL); - } - - if (ui_inited) { - kim_error fini_err = kim_ui_fini (&context); - if (!err) { err = check_error (fini_err); } - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -void kim_identity_free (kim_identity *io_identity) -{ - if (io_identity && *io_identity) { - kim_identity identity = *io_identity; - - if (identity->context) { - if (identity->principal) { - krb5_free_principal (identity->context, identity->principal); - } - krb5_free_context (identity->context); - } - - free (identity); - *io_identity = NULL; - } -} diff --git a/src/kim/lib/kim_identity_private.h b/src/kim/lib/kim_identity_private.h deleted file mode 100644 index dff8bbb5f..000000000 --- a/src/kim/lib/kim_identity_private.h +++ /dev/null @@ -1,65 +0,0 @@ -/* kim/lib/kim_identity_private.h */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_IDENTITY_PRIVATE_H -#define KIM_IDENTITY_PRIVATE_H - -#include <kim/kim.h> -#include "kim_library_private.h" -#include "kim_ui_private.h" - -krb5_principal kim_identity_krb5_principal (kim_identity in_identity); - -kim_error kim_identity_is_tgt_service (kim_identity in_identity, - kim_boolean *out_is_tgt_service); - - -kim_error kim_os_identity_create_for_username (kim_identity *out_identity); - - -kim_boolean kim_os_identity_allow_save_password (void); - -kim_error kim_os_identity_get_saved_password (kim_identity in_identity, - kim_string *out_password); - -kim_error kim_os_identity_set_saved_password (kim_identity in_identity, - kim_string in_password); - -kim_error kim_os_identity_remove_saved_password (kim_identity in_identity); - -kim_error kim_identity_change_password_with_credential (kim_identity in_identity, - kim_credential in_credential, - kim_string in_new_password, - kim_ui_context *in_ui_context, - kim_error *out_rejected_err, - kim_string *out_rejected_message, - kim_string *out_rejected_description); - -kim_error kim_identity_change_password_common (kim_identity in_identity, - kim_boolean in_old_password_expired, - kim_ui_context *in_ui_context, - kim_string *out_new_password); - -#endif /* KIM_IDENTITY_PRIVATE_H */ diff --git a/src/kim/lib/kim_library.c b/src/kim/lib/kim_library.c deleted file mode 100644 index f4b996c48..000000000 --- a/src/kim/lib/kim_library.c +++ /dev/null @@ -1,402 +0,0 @@ -/* kim/lib/kim_library.c */ -/* - * Copyright 2006-2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#define KRB5_PRIVATE 1 - -#include "k5-int.h" -#include "k5-thread.h" -#include <krb5/krb5.h> -#include <profile.h> - -#include "kim_private.h" -#include "kim_os_private.h" - -#if KIM_TO_KLL_SHIM -#include "KerberosLoginErrors.h" -#endif - -MAKE_INIT_FUNCTION(kim_error_init); -MAKE_FINI_FUNCTION(kim_error_fini); - -/* ------------------------------------------------------------------------ */ - -static int kim_error_init (void) -{ - add_error_table (&et_KIM_error_table); -#if KIM_TO_KLL_SHIM - add_error_table (&et_KLL_error_table); -#endif - return 0; -} - -/* ------------------------------------------------------------------------ */ - -static void kim_error_fini (void) -{ - if (!INITIALIZER_RAN (kim_error_init) || PROGRAM_EXITING ()) { - return; - } - - remove_error_table (&et_KIM_error_table); -#if KIM_TO_KLL_SHIM - remove_error_table (&et_KLL_error_table); -#endif -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_library_init (void) -{ - return CALL_INIT_FUNCTION (kim_error_init); -} - -#pragma mark - - -static k5_mutex_t g_allow_home_directory_access_mutex = K5_MUTEX_PARTIAL_INITIALIZER; -static k5_mutex_t g_allow_automatic_prompting_mutex = K5_MUTEX_PARTIAL_INITIALIZER; -static k5_mutex_t g_ui_environment_mutex = K5_MUTEX_PARTIAL_INITIALIZER; -static k5_mutex_t g_application_name_mutex = K5_MUTEX_PARTIAL_INITIALIZER; - -kim_boolean g_allow_home_directory_access = TRUE; -kim_boolean g_allow_automatic_prompting = TRUE; -kim_ui_environment g_ui_environment = KIM_UI_ENVIRONMENT_AUTO; -kim_string g_application_name = NULL; - -MAKE_INIT_FUNCTION(kim_thread_init); -MAKE_FINI_FUNCTION(kim_thread_fini); - -/* ------------------------------------------------------------------------ */ - -static int kim_thread_init (void) -{ - kim_error err = KIM_NO_ERROR; - - if (!err) { - err = k5_mutex_finish_init (&g_allow_home_directory_access_mutex); - } - - if (!err) { - err = k5_mutex_finish_init (&g_allow_automatic_prompting_mutex); - } - - if (!err) { - err = k5_mutex_finish_init (&g_ui_environment_mutex); - } - - if (!err) { - err = k5_mutex_finish_init (&g_application_name_mutex); - } - - return err; -} - -/* ------------------------------------------------------------------------ */ - -static void kim_thread_fini (void) -{ - if (!INITIALIZER_RAN (kim_thread_init) || PROGRAM_EXITING ()) { - return; - } - - k5_mutex_destroy (&g_allow_home_directory_access_mutex); - k5_mutex_destroy (&g_allow_automatic_prompting_mutex); - k5_mutex_destroy (&g_ui_environment_mutex); - k5_mutex_destroy (&g_application_name_mutex); -} - -#pragma mark -- Allow Home Directory Access -- - -/* ------------------------------------------------------------------------ */ - -kim_error kim_library_set_allow_home_directory_access (kim_boolean in_allow_access) -{ - kim_error err = CALL_INIT_FUNCTION (kim_thread_init); - kim_error mutex_err = KIM_NO_ERROR; - - if (!err) { - mutex_err = k5_mutex_lock (&g_allow_home_directory_access_mutex); - if (mutex_err) { err = mutex_err; } - } - - if (!err) { - g_allow_home_directory_access = in_allow_access; - } - - if (!mutex_err) { k5_mutex_unlock (&g_allow_home_directory_access_mutex); } - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_library_get_allow_home_directory_access (kim_boolean *out_allow_access) -{ - kim_error err = CALL_INIT_FUNCTION (kim_thread_init); - kim_error mutex_err = KIM_NO_ERROR; - - if (!err && !out_allow_access) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - mutex_err = k5_mutex_lock (&g_allow_home_directory_access_mutex);; - if (mutex_err) { err = mutex_err; } - } - - if (!err) { - *out_allow_access = g_allow_home_directory_access; - } - - if (!mutex_err) { k5_mutex_unlock (&g_allow_home_directory_access_mutex); } - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_boolean kim_library_allow_home_directory_access (void) -{ - kim_boolean allow_access = FALSE; - kim_error err = kim_library_get_allow_home_directory_access (&allow_access); - - return !err ? allow_access : FALSE; -} - - -#pragma mark -- Allow Automatic Prompting -- - - -/* ------------------------------------------------------------------------ */ - -kim_error kim_library_set_allow_automatic_prompting (kim_boolean in_allow_automatic_prompting) -{ - kim_error err = CALL_INIT_FUNCTION (kim_thread_init); - kim_error mutex_err = KIM_NO_ERROR; - - if (!err) { - mutex_err = k5_mutex_lock (&g_allow_automatic_prompting_mutex); - if (mutex_err) { err = mutex_err; } - } - - if (!err) { - g_allow_automatic_prompting = in_allow_automatic_prompting; - } - - if (!mutex_err) { k5_mutex_unlock (&g_allow_automatic_prompting_mutex); } - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_library_get_allow_automatic_prompting (kim_boolean *out_allow_automatic_prompting) -{ - kim_error err = CALL_INIT_FUNCTION (kim_thread_init); - kim_error mutex_err = KIM_NO_ERROR; - - if (!err && !out_allow_automatic_prompting) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - mutex_err = k5_mutex_lock (&g_allow_automatic_prompting_mutex);; - if (mutex_err) { err = mutex_err; } - } - - if (!err) { - *out_allow_automatic_prompting = g_allow_automatic_prompting; - } - - if (!mutex_err) { k5_mutex_unlock (&g_allow_automatic_prompting_mutex); } - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_boolean kim_library_allow_automatic_prompting (void) -{ - kim_boolean allow_automatic_prompting = TRUE; - kim_error err = kim_library_get_allow_automatic_prompting (&allow_automatic_prompting); - if (err) { allow_automatic_prompting = TRUE; } - - if (allow_automatic_prompting && getenv ("KERBEROSLOGIN_NEVER_PROMPT")) { - kim_debug_printf ("KERBEROSLOGIN_NEVER_PROMPT is set."); - allow_automatic_prompting = FALSE; - } - - if (allow_automatic_prompting && getenv ("KIM_NEVER_PROMPT")) { - kim_debug_printf ("KIM_NEVER_PROMPT is set."); - allow_automatic_prompting = FALSE; - } - - if (allow_automatic_prompting && !kim_os_library_caller_uses_gui ()) { - kim_debug_printf ("Caller is not using gui."); - allow_automatic_prompting = FALSE; - } - - if (allow_automatic_prompting) { - /* Make sure there is at least 1 config file. We don't support DNS - * domain-realm lookup, so if there is no config, Kerberos won't work. */ - - kim_boolean kerberos_config_exists = FALSE; - char **files = NULL; - profile_t profile = NULL; - - if (krb5_get_default_config_files (&files) == 0) { - if (profile_init ((const_profile_filespec_t *) files, &profile) == 0) { - kerberos_config_exists = TRUE; - } - } - - if (!kerberos_config_exists) { - kim_debug_printf ("No valid config file."); - allow_automatic_prompting = FALSE; - } - - if (profile) { profile_abandon (profile); } - if (files ) { krb5_free_config_files (files); } - } - - return allow_automatic_prompting; -} - -#pragma mark -- UI Environment -- - -/* ------------------------------------------------------------------------ */ - -kim_error kim_library_set_ui_environment (kim_ui_environment in_ui_environment) -{ - kim_error err = CALL_INIT_FUNCTION (kim_thread_init); - kim_error mutex_err = KIM_NO_ERROR; - - if (!err) { - mutex_err = k5_mutex_lock (&g_ui_environment_mutex); - if (mutex_err) { err = mutex_err; } - } - - if (!err) { - g_ui_environment = in_ui_environment; - } - - if (!mutex_err) { k5_mutex_unlock (&g_ui_environment_mutex); } - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_library_get_ui_environment (kim_ui_environment *out_ui_environment) -{ - kim_error err = CALL_INIT_FUNCTION (kim_thread_init); - kim_error mutex_err = KIM_NO_ERROR; - - if (!err && !out_ui_environment) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - mutex_err = k5_mutex_lock (&g_ui_environment_mutex);; - if (mutex_err) { err = mutex_err; } - } - - if (!err) { - *out_ui_environment = g_ui_environment; - } - - if (!mutex_err) { k5_mutex_unlock (&g_ui_environment_mutex); } - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_ui_environment kim_library_ui_environment (void) -{ - kim_error err = KIM_NO_ERROR; - kim_ui_environment ui_environment = KIM_UI_ENVIRONMENT_AUTO; - - err = kim_library_get_ui_environment (&ui_environment); - - if (!err && ui_environment == KIM_UI_ENVIRONMENT_AUTO) { - ui_environment = kim_os_library_get_ui_environment (); - } - - return !err ? ui_environment : KIM_UI_ENVIRONMENT_NONE; -} - -#pragma mark -- Application Name -- - -/* ------------------------------------------------------------------------ */ - -kim_error kim_library_set_application_name (kim_string in_application_name) -{ - kim_error err = CALL_INIT_FUNCTION (kim_thread_init); - kim_error mutex_err = KIM_NO_ERROR; - - if (!err) { - mutex_err = k5_mutex_lock (&g_application_name_mutex); - if (mutex_err) { err = mutex_err; } - } - - if (!err) { - kim_string old_application_name = g_application_name; - - if (in_application_name) { - err = kim_string_copy (&g_application_name, in_application_name); - } else { - g_application_name = NULL; - } - - if (!err) { kim_string_free (&old_application_name); } - } - - if (!mutex_err) { k5_mutex_unlock (&g_application_name_mutex); } - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_library_get_application_name (kim_string *out_application_name) -{ - kim_error err = CALL_INIT_FUNCTION (kim_thread_init); - kim_error mutex_err = KIM_NO_ERROR; - kim_string application_name = NULL; - - if (!err && !out_application_name) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - mutex_err = k5_mutex_lock (&g_application_name_mutex); - if (mutex_err) { err = mutex_err; } - } - - if (!err && g_application_name) { - err = kim_string_copy (&application_name, g_application_name); - } - - if (!mutex_err) { k5_mutex_unlock (&g_application_name_mutex); } - - if (!err && !application_name) { - err = kim_os_library_get_caller_name (&application_name); - } - - if (!err) { - *out_application_name = application_name; - application_name = NULL; - - } - - kim_string_free (&application_name); - - return check_error (err); -} diff --git a/src/kim/lib/kim_library_private.h b/src/kim/lib/kim_library_private.h deleted file mode 100644 index f72e64619..000000000 --- a/src/kim/lib/kim_library_private.h +++ /dev/null @@ -1,51 +0,0 @@ -/* kim/lib/kim_library_private.h */ -/* - * Copyright 2006-2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_LIBRARY_PRIVATE_H -#define KIM_LIBRARY_PRIVATE_H - -#include <kim/kim.h> -#include <kim/kim_library.h> - -kim_error kim_library_init (void); - -kim_boolean kim_os_library_caller_uses_gui (void); - -kim_ui_environment kim_os_library_get_ui_environment (void); - -kim_ui_environment kim_library_ui_environment (void); - -kim_boolean kim_library_allow_home_directory_access (void); - -kim_boolean kim_library_allow_automatic_prompting (void); - -kim_error kim_library_get_application_name (kim_string *out_application_name); - -/* OS-specific. Call kim_library_get_application_name */ -kim_error kim_os_library_get_caller_name (kim_string *out_application_name); - -kim_boolean kim_os_library_caller_is_server (void); - -#endif /* KIM_LIBRARY_PRIVATE_H */ diff --git a/src/kim/lib/kim_options.c b/src/kim/lib/kim_options.c deleted file mode 100644 index 06e8e513a..000000000 --- a/src/kim/lib/kim_options.c +++ /dev/null @@ -1,669 +0,0 @@ -/* kim/lib/kim_options.c */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "kim_private.h" - -/* ------------------------------------------------------------------------ */ - -struct kim_options_opaque { - kim_time start_time; - kim_lifetime lifetime; - kim_boolean renewable; - kim_lifetime renewal_lifetime; - kim_boolean forwardable; - kim_boolean proxiable; - kim_boolean addressless; - kim_string service_name; - krb5_context init_cred_context; - krb5_get_init_creds_opt *init_cred_options; -}; - -struct kim_options_opaque kim_options_initializer = { -0, -kim_default_lifetime, -kim_default_renewable, -kim_default_renewal_lifetime, -kim_default_forwardable, -kim_default_proxiable, -kim_default_addressless, -kim_empty_string, -NULL, -NULL }; - -/* ------------------------------------------------------------------------ */ - -static inline kim_error kim_options_allocate (kim_options *out_options) -{ - kim_error err = kim_library_init (); - kim_options options = NULL; - - if (!err && !out_options) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - options = malloc (sizeof (*options)); - if (!options) { err = KIM_OUT_OF_MEMORY_ERR; } - } - - if (!err) { - *options = kim_options_initializer; - *out_options = options; - options = NULL; - } - - kim_options_free (&options); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_create_empty (kim_options *out_options) -{ - return check_error (kim_options_allocate (out_options)); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_create (kim_options *out_options) -{ - kim_error err = KIM_NO_ERROR; - kim_preferences preferences = NULL; - kim_options options = KIM_OPTIONS_DEFAULT; - - if (!err && !out_options) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_preferences_create (&preferences); - } - - if (!err) { - err = kim_preferences_get_options (preferences, &options); - } - - if (!err && !options) { - err = kim_options_allocate (&options); - } - - if (!err) { - *out_options = options; - options = NULL; /* caller takes ownership */ - } - - kim_options_free (&options); - kim_preferences_free (&preferences); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_copy (kim_options *out_options, - kim_options in_options) -{ - kim_error err = KIM_NO_ERROR; - kim_options options = KIM_OPTIONS_DEFAULT; - - if (!err && !out_options) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err && in_options != KIM_OPTIONS_DEFAULT) { - err = kim_options_allocate (&options); - - if (!err) { - options->start_time = in_options->start_time; - options->lifetime = in_options->lifetime; - options->renewable = in_options->renewable; - options->renewal_lifetime = in_options->renewal_lifetime; - options->forwardable = in_options->forwardable; - options->proxiable = in_options->proxiable; - options->addressless = in_options->addressless; - - if (in_options->service_name) { - err = kim_string_copy (&options->service_name, - in_options->service_name); - } - } - } - - if (!err) { - *out_options = options; - options = NULL; - } - - kim_options_free (&options); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_set_start_time (kim_options io_options, - kim_time in_start_time) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_options) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - io_options->start_time = in_start_time; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_get_start_time (kim_options in_options, - kim_time *out_start_time) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_options ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_start_time) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - *out_start_time = in_options->start_time; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_set_lifetime (kim_options io_options, - kim_lifetime in_lifetime) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_options) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - io_options->lifetime = in_lifetime; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_get_lifetime (kim_options in_options, - kim_lifetime *out_lifetime) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_options ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_lifetime) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - *out_lifetime = in_options->lifetime; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_set_renewable (kim_options io_options, - kim_boolean in_renewable) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_options) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - io_options->renewable = in_renewable; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_get_renewable (kim_options in_options, - kim_boolean *out_renewable) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_options ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_renewable) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - *out_renewable = in_options->renewable; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_set_renewal_lifetime (kim_options io_options, - kim_lifetime in_renewal_lifetime) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_options) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - io_options->renewal_lifetime = in_renewal_lifetime; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_get_renewal_lifetime (kim_options in_options, - kim_lifetime *out_renewal_lifetime) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_options ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_renewal_lifetime) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - *out_renewal_lifetime = in_options->renewal_lifetime; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_set_forwardable (kim_options io_options, - kim_boolean in_forwardable) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_options) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - io_options->forwardable = in_forwardable; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_get_forwardable (kim_options in_options, - kim_boolean *out_forwardable) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_options ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_forwardable) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - *out_forwardable = in_options->forwardable; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_set_proxiable (kim_options io_options, - kim_boolean in_proxiable) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_options) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - io_options->proxiable = in_proxiable; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_get_proxiable (kim_options in_options, - kim_boolean *out_proxiable) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_options ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_proxiable) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - *out_proxiable = in_options->proxiable; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_set_addressless (kim_options io_options, - kim_boolean in_addressless) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_options) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - io_options->addressless = in_addressless; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_get_addressless (kim_options in_options, - kim_boolean *out_addressless) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_options ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_addressless) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - *out_addressless = in_options->addressless; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_set_service_name (kim_options io_options, - kim_string in_service_name) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_options) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - kim_string_free (&io_options->service_name); - if (in_service_name) { - err = kim_string_copy (&io_options->service_name, in_service_name); - } else { - io_options->service_name = kim_empty_string; - } - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_get_service_name (kim_options in_options, - kim_string *out_service_name) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_options ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_service_name) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - if (in_options->service_name && - in_options->service_name != kim_empty_string) { - err = kim_string_copy (out_service_name, in_options->service_name); - } else { - *out_service_name = NULL; - } - } - - return check_error (err); -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -char *kim_options_service_name (kim_options in_options) -{ - if (in_options) { - if (in_options->service_name == kim_empty_string) { - return NULL; - } else { - return (char *) in_options->service_name; - } - } - check_error (KIM_NULL_PARAMETER_ERR); /* log bad options input */ - return NULL; -} - -/* ------------------------------------------------------------------------ */ - -kim_time kim_options_start_time (kim_options in_options) -{ - if (in_options) { - return in_options->start_time; - } - check_error (KIM_NULL_PARAMETER_ERR); /* log bad options input */ - return 0; -} - -/* ------------------------------------------------------------------------ */ - -krb5_get_init_creds_opt *kim_options_init_cred_options (kim_options in_options) -{ - kim_error err = KIM_NO_ERROR; - krb5_address **addresses = NULL; - - if (!err && !in_options) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err && !in_options->init_cred_context) { - err = krb5_error (NULL, - krb5_init_context (&in_options->init_cred_context)); - } - - if (!err && !in_options->addressless) { - err = krb5_error (in_options->init_cred_context, - krb5_os_localaddr (in_options->init_cred_context, - &addresses)); - } - - if (!err && !in_options->init_cred_options) { - err = krb5_error (in_options->init_cred_context, - krb5_get_init_creds_opt_alloc (in_options->init_cred_context, - &in_options->init_cred_options)); - } - - if (!err) { - krb5_get_init_creds_opt_set_tkt_life (in_options->init_cred_options, - in_options->lifetime); - krb5_get_init_creds_opt_set_renew_life (in_options->init_cred_options, - in_options->renewable ? in_options->renewal_lifetime : 0); - krb5_get_init_creds_opt_set_forwardable (in_options->init_cred_options, - in_options->forwardable); - krb5_get_init_creds_opt_set_proxiable (in_options->init_cred_options, - in_options->proxiable); - krb5_get_init_creds_opt_set_address_list (in_options->init_cred_options, - addresses); - addresses = NULL; - } - - if (addresses) { krb5_free_addresses (in_options->init_cred_context, - addresses); } - - return !check_error (err) ? in_options->init_cred_options : NULL; -} - -/* ------------------------------------------------------------------------ */ - -void kim_options_free (kim_options *io_options) -{ - if (io_options && *io_options) { - kim_string_free (&(*io_options)->service_name); - if ((*io_options)->init_cred_context) { - if ((*io_options)->init_cred_options) { - if ((*io_options)->init_cred_options->address_list) { - krb5_free_addresses ((*io_options)->init_cred_context, - (*io_options)->init_cred_options->address_list); - } - krb5_get_init_creds_opt_free ((*io_options)->init_cred_context, - (*io_options)->init_cred_options); - } - krb5_free_context ((*io_options)->init_cred_context); - } - - free (*io_options); - *io_options = NULL; - } -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_write_to_stream (kim_options in_options, - k5_ipc_stream io_stream) -{ - kim_error err = KIM_NO_ERROR; - kim_options options = in_options; - - if (!err && !io_stream ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err && !in_options) { - err = kim_options_create (&options); - } - - if (!err) { - err = krb5int_ipc_stream_write_int64 (io_stream, options->start_time); - } - - if (!err) { - err = krb5int_ipc_stream_write_int64 (io_stream, options->lifetime); - } - - if (!err) { - err = krb5int_ipc_stream_write_int32 (io_stream, options->renewable); - } - - if (!err) { - err = krb5int_ipc_stream_write_int64 (io_stream, - options->renewal_lifetime); - } - - if (!err) { - err = krb5int_ipc_stream_write_int32 (io_stream, options->forwardable); - } - - if (!err) { - err = krb5int_ipc_stream_write_int32 (io_stream, options->proxiable); - } - - if (!err) { - err = krb5int_ipc_stream_write_int32 (io_stream, options->addressless); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (io_stream, options->service_name); - } - - if (options != in_options) { kim_options_free (&options); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_read_from_stream (kim_options io_options, - k5_ipc_stream io_stream) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_options) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !io_stream ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = krb5int_ipc_stream_read_int64 (io_stream, &io_options->start_time); - } - - if (!err) { - err = krb5int_ipc_stream_read_int64 (io_stream, &io_options->lifetime); - } - - if (!err) { - err = krb5int_ipc_stream_read_int32 (io_stream, &io_options->renewable); - } - - if (!err) { - err = krb5int_ipc_stream_read_int64 (io_stream, - &io_options->renewal_lifetime); - } - - if (!err) { - err = krb5int_ipc_stream_read_int32 (io_stream, &io_options->forwardable); - } - - if (!err) { - err = krb5int_ipc_stream_read_int32 (io_stream, &io_options->proxiable); - } - - if (!err) { - err = krb5int_ipc_stream_read_int32 (io_stream, &io_options->addressless); - } - - if (!err) { - char *service_name = NULL; - err = krb5int_ipc_stream_read_string (io_stream, &service_name); - - if (!err) { - kim_string_free (&io_options->service_name); - if (service_name[0]) { - err = kim_string_copy (&io_options->service_name, service_name); - } else { - io_options->service_name = kim_empty_string; - } - } - - krb5int_ipc_stream_free_string (service_name); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_options_create_from_stream (kim_options *out_options, - k5_ipc_stream io_stream) -{ - kim_error err = KIM_NO_ERROR; - kim_options options = NULL; - - if (!err && !out_options) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !io_stream ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_options_allocate (&options); - } - - if (!err) { - kim_options_read_from_stream (options, io_stream); - } - - if (!err) { - *out_options = options; - options = NULL; - } - - kim_options_free (&options); - - return check_error (err); -} diff --git a/src/kim/lib/kim_options_private.h b/src/kim/lib/kim_options_private.h deleted file mode 100644 index fc93c033e..000000000 --- a/src/kim/lib/kim_options_private.h +++ /dev/null @@ -1,50 +0,0 @@ -/* kim/lib/kim_options_private.h */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_OPTIONS_PRIVATE_H -#define KIM_OPTIONS_PRIVATE_H - -#include <kim/kim.h> -#include "k5-ipc_stream.h" - -kim_error kim_options_create_empty (kim_options *out_options); - -krb5_get_init_creds_opt *kim_options_init_cred_options (kim_options in_options); - -char *kim_options_service_name (kim_options in_options); - -kim_time kim_options_start_time (kim_options in_options); - - -kim_error kim_options_write_to_stream (kim_options in_options, - k5_ipc_stream io_stream); - -kim_error kim_options_read_from_stream (kim_options io_options, - k5_ipc_stream io_stream); - -kim_error kim_options_create_from_stream (kim_options *out_options, - k5_ipc_stream io_stream); - -#endif /* KIM_OPTIONS_PRIVATE_H */ diff --git a/src/kim/lib/kim_preferences.c b/src/kim/lib/kim_preferences.c deleted file mode 100644 index 55a41b71c..000000000 --- a/src/kim/lib/kim_preferences.c +++ /dev/null @@ -1,1086 +0,0 @@ -/* kim/lib/kim_preferences.c */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "kim_private.h" - -struct kim_favorites_opaque { - kim_count count; - kim_identity *identities; - kim_options *options; -}; - -struct kim_preferences_opaque { - kim_options options; - kim_boolean options_changed; - kim_boolean remember_options; - kim_boolean remember_options_changed; - kim_identity client_identity; - kim_boolean client_identity_changed; - kim_boolean remember_client_identity; - kim_boolean remember_client_identity_changed; - kim_lifetime minimum_lifetime; - kim_lifetime maximum_lifetime; - kim_boolean lifetime_range_changed; - kim_lifetime minimum_renewal_lifetime; - kim_lifetime maximum_renewal_lifetime; - kim_boolean renewal_lifetime_range_changed; - struct kim_favorites_opaque favorites; - kim_boolean favorites_changed; -}; - -const struct kim_favorites_opaque kim_default_favorites = { 0, NULL, NULL }; - -struct kim_preferences_opaque kim_preferences_initializer = { -KIM_OPTIONS_DEFAULT, -FALSE, -kim_default_remember_options, -FALSE, -kim_default_client_identity, -FALSE, -kim_default_remember_client_identity, -FALSE, -kim_default_minimum_lifetime, -kim_default_maximum_lifetime, -FALSE, -kim_default_minimum_renewal_lifetime, -kim_default_maximum_renewal_lifetime, -FALSE, -{ 0, NULL, NULL }, -FALSE -}; - - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_favorites_resize (kim_favorites io_favorites, - kim_count in_new_count) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_favorites) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err && io_favorites->count != in_new_count) { - kim_identity *identities = NULL; - kim_options *options = NULL; - - if (in_new_count == 0) { - if (io_favorites->identities) { - free (io_favorites->identities); - } - if (io_favorites->options) { - free (io_favorites->options); - } - } else { - if (!io_favorites->identities) { - identities = malloc (sizeof (*identities) * in_new_count); - } else { - identities = realloc (io_favorites->identities, - sizeof (*identities) * in_new_count); - } - if (!identities) { err = KIM_OUT_OF_MEMORY_ERR; } - - if (!err) { - if (!io_favorites->options) { - options = malloc (sizeof (*options) * in_new_count); - } else { - options = realloc (io_favorites->options, - sizeof (*options) * in_new_count); - } - if (!options) { err = KIM_OUT_OF_MEMORY_ERR; } - } - } - - if (!err) { - io_favorites->count = in_new_count; - io_favorites->identities = identities; - io_favorites->options = options; - identities = NULL; - options = NULL; - } - - if (identities) { free (identities); } - if (options ) { free (options); } - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_favorites_copy (kim_favorites in_favorites, - kim_favorites io_favorites) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_favorites) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !io_favorites) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_favorites_resize (io_favorites, in_favorites->count); - } - - if (!err) { - kim_count i; - - for (i = 0; !err && i < io_favorites->count; i++) { - err = kim_identity_copy (&io_favorites->identities[i], - in_favorites->identities[i]); - - if (!err) { - err = kim_options_copy (&io_favorites->options[i], - in_favorites->options[i]); - } - } - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_favorites_get_number_of_identities (kim_favorites in_favorites, - kim_count *out_number_of_identities) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_favorites ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_number_of_identities) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - *out_number_of_identities = in_favorites->count; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_favorites_get_identity_at_index (kim_favorites in_favorites, - kim_count in_index, - kim_identity *out_identity, - kim_options *out_options) -{ - kim_error err = KIM_NO_ERROR; - kim_identity identity = NULL; - kim_options options = KIM_OPTIONS_DEFAULT; - - if (!err && !in_favorites) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } - /* out_options may be NULL */ - - if (!err) { - if (in_index >= in_favorites->count) { - err = kim_error_set_message_for_code (KIM_BAD_IDENTITY_INDEX_ERR, - in_index); - } - } - - if (!err) { - err = kim_identity_copy (&identity, in_favorites->identities[in_index]); - } - - if (!err && in_favorites->options[in_index]) { - err = kim_options_copy (&options, in_favorites->options[in_index]); - } - - if (!err) { - *out_identity = identity; - identity = NULL; - - if (out_options) { - *out_options = options; - options = NULL; - } - } - - kim_identity_free (&identity); - kim_options_free (&options); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_favorites_add_identity (kim_favorites io_favorites, - kim_identity in_identity, - kim_options in_options) -{ - kim_error err = KIM_NO_ERROR; - kim_identity identity = NULL; - kim_options options = KIM_OPTIONS_DEFAULT; - kim_count insert_at = 0; - - if (!err && !io_favorites) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - /* in_options may be KIM_OPTIONS_DEFAULT (NULL) */ - - if (!err) { - err = kim_identity_copy (&identity, in_identity); - } - - if (!err) { - err = kim_options_copy (&options, in_options); - } - - if (!err) { - kim_count i; - - for (i = 0; !err && i < io_favorites->count; i++) { - kim_comparison comparison = 0; - - err = kim_identity_compare (io_favorites->identities[i], - in_identity, - &comparison); - - if (!err) { - if (kim_comparison_is_greater_than (comparison)) { - /* insert before the first entry that is greater than us */ - break; - - } else if (kim_comparison_is_equal_to (comparison)) { - /* already in list */ - kim_string display_string = NULL; - - err = kim_identity_get_display_string (in_identity, - &display_string); - - if (!err) { - err = kim_error_set_message_for_code (KIM_IDENTITY_ALREADY_IN_LIST_ERR, - display_string); - } - - kim_string_free (&display_string); - } - } - } - - insert_at = i; /* Remember where we are going to insert */ - } - - if (!err) { - err = kim_favorites_resize (io_favorites, - io_favorites->count + 1); - } - - if (!err) { - kim_count move_count = io_favorites->count - 1 - insert_at; - - memmove (&io_favorites->identities[insert_at + 1], - &io_favorites->identities[insert_at], - move_count * sizeof (*io_favorites->identities)); - io_favorites->identities[insert_at] = identity; - identity = NULL; - - memmove (&io_favorites->options[insert_at + 1], - &io_favorites->options[insert_at], - move_count * sizeof (*io_favorites->options)); - io_favorites->options[insert_at] = options; - options = NULL; - } - - kim_options_free (&options); - kim_identity_free (&identity); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_favorites_remove_identity (kim_favorites io_favorites, - kim_identity in_identity) -{ - kim_error err = KIM_NO_ERROR; - kim_boolean found = 0; - kim_count i; - - if (!err && !io_favorites) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - for (i = 0; !err && !found && i < io_favorites->count; i++) { - kim_identity identity = io_favorites->identities[i]; - kim_options options = io_favorites->options[i]; - kim_comparison comparison; - - err = kim_identity_compare (in_identity, identity, &comparison); - - if (!err && kim_comparison_is_equal_to (comparison)) { - kim_error terr = KIM_NO_ERROR; - kim_count new_count = io_favorites->count - 1; - - found = 1; - - memmove (&io_favorites->identities[i], - &io_favorites->identities[i + 1], - (new_count - i) * sizeof (*io_favorites->identities)); - - memmove (&io_favorites->options[i], - &io_favorites->options[i + 1], - (new_count - i) * sizeof (*io_favorites->options)); - - terr = kim_favorites_resize (io_favorites, new_count); - if (terr) { - kim_debug_printf ("failed to resize list to %d. Continuing.", new_count); - } - - kim_options_free (&options); - kim_identity_free (&identity); - } - } - } - - if (!err && !found) { - kim_string display_string = NULL; - - err = kim_identity_get_display_string (in_identity, &display_string); - - if (!err) { - err = kim_error_set_message_for_code (KIM_IDENTITY_NOT_IN_LIST_ERR, - display_string); - } - - kim_string_free (&display_string); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_favorites_remove_all_identities (kim_favorites io_favorites) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_favorites) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - kim_count i; - - for (i = 0; i < io_favorites->count; i++) { - kim_identity_free (&io_favorites->identities[i]); - kim_options_free (&io_favorites->options[i]); - } - free (io_favorites->identities); - free (io_favorites->options); - io_favorites->count = 0; - io_favorites->identities = NULL; - io_favorites->options = NULL; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -static void kim_favorites_free (kim_favorites io_favorites) -{ - kim_count i; - - for (i = 0; i < io_favorites->count; i++) { - kim_identity_free (&io_favorites->identities[i]); - kim_options_free (&io_favorites->options[i]); - } - free (io_favorites->identities); - free (io_favorites->options); -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_preferences_read (kim_preferences in_preferences) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_preferences) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - kim_options options = NULL; - - err = kim_os_preferences_get_options_for_key (kim_preference_key_options, - &options); - - if (!err) { - kim_options_free (&in_preferences->options); - in_preferences->options = options; - } - } - - if (!err) { - err = kim_os_preferences_get_boolean_for_key (kim_preference_key_remember_options, - kim_default_remember_options, - &in_preferences->remember_options); - } - - if (!err) { - kim_identity default_identity = kim_default_client_identity; - kim_identity identity = NULL; - - err = kim_os_identity_create_for_username (&default_identity); - - if (!err) { - err = kim_os_preferences_get_identity_for_key (kim_preference_key_client_identity, - default_identity, - &identity); - } - - if (!err) { - kim_identity_free (&in_preferences->client_identity); - in_preferences->client_identity = identity; - identity = NULL; - } - - kim_identity_free (&default_identity); - kim_identity_free (&identity); - } - - if (!err) { - err = kim_os_preferences_get_boolean_for_key (kim_preference_key_remember_client_identity, - kim_default_remember_client_identity, - &in_preferences->remember_client_identity); - } - - if (!err) { - struct kim_favorites_opaque favorites = kim_default_favorites; - - err = kim_os_preferences_get_favorites_for_key (kim_preference_key_favorites, - &favorites); - - if (!err) { - kim_favorites_remove_all_identities (&in_preferences->favorites); - in_preferences->favorites = favorites; - } - } - - if (!err) { - err = kim_os_preferences_get_lifetime_for_key (kim_preference_key_minimum_lifetime, - kim_default_minimum_lifetime, - &in_preferences->minimum_lifetime); - } - - if (!err) { - err = kim_os_preferences_get_lifetime_for_key (kim_preference_key_maximum_lifetime, - kim_default_maximum_lifetime, - &in_preferences->maximum_lifetime); - } - - if (!err) { - err = kim_os_preferences_get_lifetime_for_key (kim_preference_key_minimum_renewal_lifetime, - kim_default_minimum_renewal_lifetime, - &in_preferences->minimum_renewal_lifetime); - } - - if (!err) { - err = kim_os_preferences_get_lifetime_for_key (kim_preference_key_maximum_renewal_lifetime, - kim_default_maximum_renewal_lifetime, - &in_preferences->maximum_renewal_lifetime); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_preferences_write (kim_preferences in_preferences) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_preferences) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err && in_preferences->options_changed) { - err = kim_os_preferences_set_options_for_key (kim_preference_key_options, - in_preferences->options); - } - - if (!err && in_preferences->remember_options_changed) { - err = kim_os_preferences_set_boolean_for_key (kim_preference_key_remember_options, - in_preferences->remember_options); - } - - if (!err && in_preferences->client_identity_changed) { - kim_identity default_identity = kim_default_client_identity; - - err = kim_os_identity_create_for_username (&default_identity); - - if (!err) { - err = kim_os_preferences_set_identity_for_key (kim_preference_key_client_identity, - in_preferences->client_identity); - } - - kim_identity_free (&default_identity); - } - - if (!err && in_preferences->remember_client_identity_changed) { - err = kim_os_preferences_set_boolean_for_key (kim_preference_key_remember_client_identity, - in_preferences->remember_client_identity); - } - - if (!err && in_preferences->favorites_changed) { - err = kim_os_preferences_set_favorites_for_key (kim_preference_key_favorites, - &in_preferences->favorites); - } - - if (!err && in_preferences->lifetime_range_changed) { - err = kim_os_preferences_set_lifetime_for_key (kim_preference_key_minimum_lifetime, - in_preferences->minimum_lifetime); - if (!err) { - err = kim_os_preferences_set_lifetime_for_key (kim_preference_key_maximum_lifetime, - in_preferences->maximum_lifetime); - } - } - - if (!err && in_preferences->renewal_lifetime_range_changed) { - err = kim_os_preferences_set_lifetime_for_key (kim_preference_key_minimum_renewal_lifetime, - in_preferences->minimum_renewal_lifetime); - if (!err) { - err = kim_os_preferences_set_lifetime_for_key (kim_preference_key_maximum_renewal_lifetime, - in_preferences->maximum_renewal_lifetime); - } - } - - if (!err) { - in_preferences->options_changed = 0; - in_preferences->remember_options_changed = 0; - in_preferences->client_identity_changed = 0; - in_preferences->remember_client_identity_changed = 0; - in_preferences->lifetime_range_changed = 0; - in_preferences->renewal_lifetime_range_changed = 0; - in_preferences->favorites_changed = 0; - } - - return check_error (err); -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -static inline kim_error kim_preferences_allocate (kim_preferences *out_preferences) -{ - kim_error err = kim_library_init (); - kim_preferences preferences = NULL; - - if (!err && !out_preferences) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - preferences = malloc (sizeof (*preferences)); - if (!preferences) { err = KIM_OUT_OF_MEMORY_ERR; } - } - - if (!err) { - *preferences = kim_preferences_initializer; - *out_preferences = preferences; - preferences = NULL; - } - - kim_preferences_free (&preferences); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_create (kim_preferences *out_preferences) -{ - kim_error err = KIM_NO_ERROR; - kim_preferences preferences = NULL; - - if (!err && !out_preferences) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_preferences_allocate (&preferences); - } - - if (!err) { - err = kim_preferences_read (preferences); - } - - if (!err) { - *out_preferences = preferences; - preferences = NULL; - } - - kim_preferences_free (&preferences); - - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_copy (kim_preferences *out_preferences, - kim_preferences in_preferences) -{ - kim_error err = KIM_NO_ERROR; - kim_preferences preferences = NULL; - - if (!err && !out_preferences) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_preferences ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_preferences_allocate (&preferences); - } - - if (!err) { - preferences->remember_options = in_preferences->remember_options; - err = kim_options_copy (&preferences->options, in_preferences->options); - } - - if (!err) { - preferences->remember_client_identity = in_preferences->remember_client_identity; - err = kim_identity_copy (&preferences->client_identity, in_preferences->client_identity); - } - - if (!err) { - err = kim_favorites_copy (&preferences->favorites, - &in_preferences->favorites); - } - - if (!err) { - *out_preferences = preferences; - preferences = NULL; - } - - kim_preferences_free (&preferences); - - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_set_options (kim_preferences io_preferences, - kim_options in_options) -{ - kim_error err = KIM_NO_ERROR; - kim_options options = NULL; - - if (!err && !io_preferences) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_options ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_options_copy (&options, in_options); - } - - if (!err) { - kim_options_free (&io_preferences->options); - io_preferences->options = options; - io_preferences->options_changed = TRUE; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_get_options (kim_preferences in_preferences, - kim_options *out_options) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_preferences) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_options ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_options_copy (out_options, in_preferences->options); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_set_remember_options (kim_preferences io_preferences, - kim_boolean in_remember_options) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_preferences) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - io_preferences->remember_options = in_remember_options; - io_preferences->remember_options_changed = TRUE; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_get_remember_options (kim_preferences in_preferences, - kim_boolean *out_remember_options) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_preferences ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_remember_options) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - *out_remember_options = in_preferences->remember_options; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_set_client_identity (kim_preferences io_preferences, - kim_identity in_client_identity) -{ - kim_error err = KIM_NO_ERROR; - kim_identity identity = KIM_IDENTITY_ANY; - - if (!err && !io_preferences ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - /* in_client_identity may be KIM_IDENTITY_ANY */ - - if (!err && in_client_identity) { - err = kim_identity_copy (&identity, in_client_identity); - } - - if (!err) { - kim_identity_free (&io_preferences->client_identity); - io_preferences->client_identity = identity; - io_preferences->client_identity_changed = TRUE; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_get_client_identity (kim_preferences in_preferences, - kim_identity *out_client_identity) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_preferences ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_client_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_identity_copy (out_client_identity, in_preferences->client_identity); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_set_remember_client_identity (kim_preferences io_preferences, - kim_boolean in_remember_client_identity) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_preferences) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - io_preferences->remember_client_identity = in_remember_client_identity; - io_preferences->remember_client_identity_changed = TRUE; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_get_remember_client_identity (kim_preferences in_preferences, - kim_boolean *out_remember_client_identity) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_preferences ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_remember_client_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - *out_remember_client_identity = in_preferences->remember_client_identity; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_set_minimum_lifetime (kim_preferences io_preferences, - kim_lifetime in_minimum_lifetime) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_preferences) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - io_preferences->minimum_lifetime = in_minimum_lifetime; - io_preferences->lifetime_range_changed = TRUE; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_get_minimum_lifetime (kim_preferences in_preferences, - kim_lifetime *out_minimum_lifetime) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_preferences ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_minimum_lifetime) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - *out_minimum_lifetime = in_preferences->minimum_lifetime; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_set_maximum_lifetime (kim_preferences io_preferences, - kim_lifetime in_maximum_lifetime) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_preferences) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - io_preferences->maximum_lifetime = in_maximum_lifetime; - io_preferences->lifetime_range_changed = TRUE; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_get_maximum_lifetime (kim_preferences in_preferences, - kim_lifetime *out_maximum_lifetime) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_preferences ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_maximum_lifetime) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - *out_maximum_lifetime = in_preferences->maximum_lifetime; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_set_minimum_renewal_lifetime (kim_preferences io_preferences, - kim_lifetime in_minimum_renewal_lifetime) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_preferences) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - io_preferences->minimum_renewal_lifetime = in_minimum_renewal_lifetime; - io_preferences->renewal_lifetime_range_changed = TRUE; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_get_minimum_renewal_lifetime (kim_preferences in_preferences, - kim_lifetime *out_minimum_renewal_lifetime) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_preferences ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_minimum_renewal_lifetime) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - *out_minimum_renewal_lifetime = in_preferences->minimum_renewal_lifetime; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_set_maximum_renewal_lifetime (kim_preferences io_preferences, - kim_lifetime in_maximum_renewal_lifetime) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_preferences) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - io_preferences->maximum_renewal_lifetime = in_maximum_renewal_lifetime; - io_preferences->renewal_lifetime_range_changed = TRUE; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_get_maximum_renewal_lifetime (kim_preferences in_preferences, - kim_lifetime *out_maximum_renewal_lifetime) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_preferences ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_maximum_renewal_lifetime) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - *out_maximum_renewal_lifetime = in_preferences->maximum_renewal_lifetime; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_get_number_of_favorite_identities (kim_preferences in_preferences, - kim_count *out_number_of_identities) -{ - return check_error (kim_favorites_get_number_of_identities (&in_preferences->favorites, - out_number_of_identities)); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_get_favorite_identity_at_index (kim_preferences in_preferences, - kim_count in_index, - kim_identity *out_identity, - kim_options *out_options) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_preferences) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - /* out_options may be NULL */ - - if (!err) { - err = kim_favorites_get_identity_at_index (&in_preferences->favorites, - in_index, - out_identity, - out_options); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_add_favorite_identity (kim_preferences io_preferences, - kim_identity in_identity, - kim_options in_options) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_preferences) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - /* in_options may be KIM_OPTIONS_DEFAULT (NULL) */ - - if (!err) { - err = kim_favorites_add_identity (&io_preferences->favorites, - in_identity, in_options); - } - - if (!err) { - io_preferences->favorites_changed = 1; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_remove_favorite_identity (kim_preferences io_preferences, - kim_identity in_identity) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_preferences) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_favorites_remove_identity (&io_preferences->favorites, - in_identity); - } - - if (!err) { - io_preferences->favorites_changed = 1; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_remove_all_favorite_identities (kim_preferences io_preferences) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_preferences) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_favorites_remove_all_identities (&io_preferences->favorites); - } - - if (!err) { - io_preferences->favorites_changed = 1; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_preferences_synchronize (kim_preferences in_preferences) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_preferences) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_preferences_write (in_preferences); - } - - if (!err) { - err = kim_preferences_read (in_preferences); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -void kim_preferences_free (kim_preferences *io_preferences) -{ - if (io_preferences && *io_preferences) { - kim_options_free (&(*io_preferences)->options); - kim_identity_free (&(*io_preferences)->client_identity); - kim_favorites_free (&(*io_preferences)->favorites); - - free (*io_preferences); - *io_preferences = NULL; - } -} diff --git a/src/kim/lib/kim_preferences_private.h b/src/kim/lib/kim_preferences_private.h deleted file mode 100644 index 28577a63f..000000000 --- a/src/kim/lib/kim_preferences_private.h +++ /dev/null @@ -1,125 +0,0 @@ -/* kim/lib/kim_preferences_private.h */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_PREFERENCES_PRIVATE_H -#define KIM_PREFERENCES_PRIVATE_H - -#include <kim/kim.h> - -typedef struct kim_favorites_opaque *kim_favorites; - -typedef enum kim_preference_key_enum { - kim_preference_key_options, - kim_preference_key_lifetime, - kim_preference_key_renewable, - kim_preference_key_renewal_lifetime, - kim_preference_key_forwardable, - kim_preference_key_proxiable, - kim_preference_key_addressless, - kim_preference_key_remember_options, - kim_preference_key_client_identity, - kim_preference_key_remember_client_identity, - kim_preference_key_favorites, - kim_preference_key_minimum_lifetime, - kim_preference_key_maximum_lifetime, - kim_preference_key_minimum_renewal_lifetime, - kim_preference_key_maximum_renewal_lifetime -} kim_preference_key; - - -#define kim_default_lifetime 10*60*60 -#define kim_default_renewable TRUE -#define kim_default_renewal_lifetime 7*24*60*60 -#define kim_default_forwardable TRUE -#define kim_default_proxiable TRUE -#define kim_default_addressless TRUE -#define kim_default_remember_options TRUE -#define kim_default_client_identity KIM_IDENTITY_ANY -#define kim_default_remember_client_identity TRUE -#define kim_default_minimum_lifetime 10*60 -#define kim_default_maximum_lifetime 10*60*60 -#define kim_default_minimum_renewal_lifetime 10*60 -#define kim_default_maximum_renewal_lifetime 7*24*60*60 - -extern const struct kim_favorites_opaque kim_default_favorites; - - -/* Helper functions for use by kim_os_preferences_get_favorites_for_key - * and kim_os_preferences_set_favorites_for_key */ - -kim_error kim_favorites_get_number_of_identities (kim_favorites in_favorites, - kim_count *out_number_of_identities); - -kim_error kim_favorites_get_identity_at_index (kim_favorites in_favorites, - kim_count in_index, - kim_identity *out_identity, - kim_options *out_options); - -kim_error kim_favorites_add_identity (kim_favorites io_favorites, - kim_identity in_identity, - kim_options in_options); - -kim_error kim_favorites_remove_identity (kim_favorites io_favorites, - kim_identity in_identity); - -kim_error kim_favorites_remove_all_identities (kim_favorites io_favorites); - - -/* OS-specific functions to be implemented per-platform */ - -kim_error kim_os_preferences_get_options_for_key (kim_preference_key in_key, - kim_options *out_options); - -kim_error kim_os_preferences_set_options_for_key (kim_preference_key in_key, - kim_options in_options); - -kim_error kim_os_preferences_get_identity_for_key (kim_preference_key in_key, - kim_identity in_hardcoded_default, - kim_identity *out_identity); - -kim_error kim_os_preferences_set_identity_for_key (kim_preference_key in_key, - kim_identity in_identity); - -kim_error kim_os_preferences_get_favorites_for_key (kim_preference_key in_key, - kim_favorites io_favorites); - -kim_error kim_os_preferences_set_favorites_for_key (kim_preference_key in_key, - kim_favorites in_favorites); - -kim_error kim_os_preferences_get_lifetime_for_key (kim_preference_key in_key, - kim_lifetime in_hardcoded_default, - kim_lifetime *out_lifetime); - -kim_error kim_os_preferences_set_lifetime_for_key (kim_preference_key in_key, - kim_lifetime in_lifetime); - -kim_error kim_os_preferences_get_boolean_for_key (kim_preference_key in_key, - kim_boolean in_hardcoded_default, - kim_boolean *out_boolean); - -kim_error kim_os_preferences_set_boolean_for_key (kim_preference_key in_key, - kim_boolean in_boolean); - -#endif /* KIM_PREFERENCES_PRIVATE_H */ diff --git a/src/kim/lib/kim_private.h b/src/kim/lib/kim_private.h deleted file mode 100644 index 3cdb0378a..000000000 --- a/src/kim/lib/kim_private.h +++ /dev/null @@ -1,51 +0,0 @@ -/* kim/lib/kim_private.h */ -/* - * Copyright 2006-2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_PRIVATE_H -#define KIM_PRIVATE_H - -#include <stdio.h> -#include <string.h> -#include <errno.h> - -#include <kim/kim.h> -#include <kim/kim_library.h> -#include <kim/kim_ui_plugin.h> - -#include "kim_library_private.h" -#include "kim_debug_private.h" -#include "kim_error_private.h" -#include "kim_identity_private.h" -#include "kim_credential_private.h" -#include "kim_options_private.h" -#include "kim_preferences_private.h" -#include "kim_selection_hints_private.h" -#include "kim_string_private.h" -#include "kim_ui_private.h" -#include "kim_ui_gui_private.h" -#include "kim_ui_cli_private.h" -#include "kim_ui_plugin_private.h" - -#endif /* KIM_PRIVATE_H */ diff --git a/src/kim/lib/kim_selection_hints.c b/src/kim/lib/kim_selection_hints.c deleted file mode 100644 index 6aba4420d..000000000 --- a/src/kim/lib/kim_selection_hints.c +++ /dev/null @@ -1,786 +0,0 @@ -/* - * Copyright 2005-2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "kim_private.h" - -/* ------------------------------------------------------------------------ */ - -struct kim_selection_hints_opaque { - kim_string application_identifier; - kim_string explanation; - kim_options options; - kim_boolean allow_user_interaction; - kim_boolean use_cached_results; - kim_string service_identity; - kim_string client_realm; - kim_string user; - kim_string service_realm; - kim_string service; - kim_string server; -}; - -struct kim_selection_hints_opaque kim_selection_hints_initializer = { - NULL, - kim_empty_string, - KIM_OPTIONS_DEFAULT, - TRUE, - TRUE, - kim_empty_string, - kim_empty_string, - kim_empty_string, - kim_empty_string, - kim_empty_string, - kim_empty_string -}; - -/* ------------------------------------------------------------------------ */ - -static inline kim_error kim_selection_hints_allocate (kim_selection_hints *out_selection_hints) -{ - kim_error err = kim_library_init (); - kim_selection_hints selection_hints = NULL; - - if (!err && !out_selection_hints) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - selection_hints = malloc (sizeof (*selection_hints)); - if (!selection_hints) { err = KIM_OUT_OF_MEMORY_ERR; } - } - - if (!err) { - *selection_hints = kim_selection_hints_initializer; - *out_selection_hints = selection_hints; - selection_hints = NULL; - } - - kim_selection_hints_free (&selection_hints); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_selection_hints_create (kim_selection_hints *out_selection_hints, - kim_string in_application_identifier) -{ - kim_error err = KIM_NO_ERROR; - kim_selection_hints selection_hints = NULL; - - if (!err && !out_selection_hints ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_application_identifier) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_selection_hints_allocate (&selection_hints); - } - - if (!err) { - err = kim_string_copy (&selection_hints->application_identifier, - in_application_identifier); - } - - if (!err) { - *out_selection_hints = selection_hints; - selection_hints = NULL; - } - - kim_selection_hints_free (&selection_hints); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_selection_hints_copy (kim_selection_hints *out_selection_hints, - kim_selection_hints in_selection_hints) -{ - kim_error err = KIM_NO_ERROR; - kim_selection_hints selection_hints = NULL; - - if (!err && !out_selection_hints) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_selection_hints ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_selection_hints_allocate (&selection_hints); - } - - if (!err) { - err = kim_string_copy (&selection_hints->application_identifier, - in_selection_hints->application_identifier); - } - - if (!err && in_selection_hints->explanation) { - err = kim_string_copy (&selection_hints->explanation, - in_selection_hints->explanation); - } - - if (!err && in_selection_hints->options) { - err = kim_options_copy (&selection_hints->options, - in_selection_hints->options); - } - - if (!err && in_selection_hints->service_identity) { - err = kim_string_copy (&selection_hints->service_identity, - in_selection_hints->service_identity); - } - - if (!err && in_selection_hints->client_realm) { - err = kim_string_copy (&selection_hints->client_realm, - in_selection_hints->client_realm); - } - - if (!err && in_selection_hints->user) { - err = kim_string_copy (&selection_hints->user, - in_selection_hints->user); - } - - if (!err && in_selection_hints->service_realm) { - err = kim_string_copy (&selection_hints->service_realm, - in_selection_hints->service_realm); - } - - if (!err && in_selection_hints->service) { - err = kim_string_copy (&selection_hints->service, - in_selection_hints->service); - } - - if (!err && in_selection_hints->server) { - err = kim_string_copy (&selection_hints->server, - in_selection_hints->server); - } - - if (!err) { - selection_hints->allow_user_interaction = in_selection_hints->allow_user_interaction; - selection_hints->use_cached_results = in_selection_hints->use_cached_results; - - *out_selection_hints = selection_hints; - selection_hints = NULL; - } - - kim_selection_hints_free (&selection_hints); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_selection_hints_set_hint (kim_selection_hints io_selection_hints, - kim_string in_hint_key, - kim_string in_hint_string) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_selection_hints) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_hint_key ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_hint_string ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - if (!strcmp (in_hint_key, kim_hint_key_client_realm)) { - kim_string_free (&io_selection_hints->client_realm); - err = kim_string_copy (&io_selection_hints->client_realm, - in_hint_string); - - } else if (!strcmp (in_hint_key, kim_hint_key_user)) { - kim_string_free (&io_selection_hints->user); - err = kim_string_copy (&io_selection_hints->user, - in_hint_string); - - } else if (!strcmp (in_hint_key, kim_hint_key_service_realm)) { - kim_string_free (&io_selection_hints->service_realm); - err = kim_string_copy (&io_selection_hints->service_realm, - in_hint_string); - - } else if (!strcmp (in_hint_key, kim_hint_key_service)) { - kim_string_free (&io_selection_hints->service); - err = kim_string_copy (&io_selection_hints->service, - in_hint_string); - - } else if (!strcmp (in_hint_key, kim_hint_key_server)) { - kim_string_free (&io_selection_hints->server); - err = kim_string_copy (&io_selection_hints->server, - in_hint_string); - - } else if (!strcmp (in_hint_key, kim_hint_key_service_identity)) { - kim_string_free (&io_selection_hints->service_identity); - err = kim_string_copy (&io_selection_hints->service_identity, - in_hint_string); - - } else { - err = kim_error_set_message_for_code (KIM_UNSUPPORTED_HINT_ERR, - in_hint_key); - } - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_selection_hints_get_hint (kim_selection_hints in_selection_hints, - kim_string in_hint_key, - kim_string *out_hint_string) -{ - kim_error err = KIM_NO_ERROR; - kim_string hint = NULL; - - if (!err && !in_selection_hints) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_hint_key ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_hint_string ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - if (!strcmp (in_hint_key, kim_hint_key_client_realm)) { - hint = in_selection_hints->client_realm; - - } else if (!strcmp (in_hint_key, kim_hint_key_user)) { - hint = in_selection_hints->user; - - } else if (!strcmp (in_hint_key, kim_hint_key_service_realm)) { - hint = in_selection_hints->service_realm; - - } else if (!strcmp (in_hint_key, kim_hint_key_service)) { - hint = in_selection_hints->service; - - } else if (!strcmp (in_hint_key, kim_hint_key_server)) { - hint = in_selection_hints->server; - - } else if (!strcmp (in_hint_key, kim_hint_key_service_identity)) { - hint = in_selection_hints->service_identity; - - } else { - err = kim_error_set_message_for_code (KIM_UNSUPPORTED_HINT_ERR, - in_hint_key); - } - } - - if (!err) { - if (hint && hint != kim_empty_string) { - err = kim_string_copy (out_hint_string, hint); - } else { - *out_hint_string = NULL; - } - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_selection_hints_set_explanation (kim_selection_hints io_selection_hints, - kim_string in_explanation) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_selection_hints) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_explanation ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_string_copy (&io_selection_hints->explanation, in_explanation); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_selection_hints_get_explanation (kim_selection_hints in_selection_hints, - kim_string *out_explanation) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_selection_hints) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_explanation ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - if (in_selection_hints->explanation && - in_selection_hints->explanation != kim_empty_string) { - err = kim_string_copy (out_explanation, in_selection_hints->explanation); - } else { - *out_explanation = NULL; - } - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_selection_hints_get_application_id (kim_selection_hints in_selection_hints, - kim_string *out_application_id) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_selection_hints) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_application_id) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - if (in_selection_hints->application_identifier) { - err = kim_string_copy (out_application_id, - in_selection_hints->application_identifier); - } else { - *out_application_id = NULL; - } - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_selection_hints_set_options (kim_selection_hints io_selection_hints, - kim_options in_options) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_selection_hints) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_options ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_options_copy (&io_selection_hints->options, in_options); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_selection_hints_get_options (kim_selection_hints in_selection_hints, - kim_options *out_options) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_selection_hints) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_options ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_options_copy (out_options, in_selection_hints->options); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_selection_hints_set_allow_user_interaction (kim_selection_hints io_selection_hints, - kim_boolean in_allow_user_interaction) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_selection_hints ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - io_selection_hints->allow_user_interaction = in_allow_user_interaction; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_selection_hints_get_allow_user_interaction (kim_selection_hints in_selection_hints, - kim_boolean *out_allow_user_interaction) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_selection_hints ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_allow_user_interaction) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - *out_allow_user_interaction = in_selection_hints->allow_user_interaction; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_selection_hints_set_remember_identity (kim_selection_hints io_selection_hints, - kim_boolean in_use_cached_results) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_selection_hints ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - io_selection_hints->use_cached_results = in_use_cached_results; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_selection_hints_get_remember_identity (kim_selection_hints in_selection_hints, - kim_boolean *out_use_cached_results) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_selection_hints ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_use_cached_results) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - *out_use_cached_results = in_selection_hints->use_cached_results; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_selection_hints_get_identity (kim_selection_hints in_selection_hints, - kim_identity *out_identity) -{ - kim_error err = KIM_NO_ERROR; - kim_identity identity = NULL; - kim_ccache ccache = NULL; - - if (!err && !in_selection_hints) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err && in_selection_hints->use_cached_results) { - err = kim_os_selection_hints_lookup_identity (in_selection_hints, &identity); - } - - if (!err && !identity && in_selection_hints->allow_user_interaction) { - kim_ui_context context; - - err = kim_ui_init (&context); - - while (!err && !identity) { - kim_boolean user_wants_change_password = 0; - - err = kim_ui_select_identity (&context, - in_selection_hints, - &identity, - &user_wants_change_password); - - if (!err && user_wants_change_password) { - err = kim_identity_change_password_common (identity, 0, - &context, - NULL); - - /* reenter select_identity so just forget this identity - * even if we got an error */ - if (err == KIM_USER_CANCELED_ERR || - err == KIM_DUPLICATE_UI_REQUEST_ERR) { err = KIM_NO_ERROR; } - kim_identity_free (&identity); - } - - } - - if (context.initialized) { - kim_error terr = KIM_NO_ERROR; - terr = kim_ui_fini (&context); - err = (terr != KIM_NO_ERROR) ? terr : err; - } - } - - if (!err) { - *out_identity = identity; - identity = NULL; - } - - kim_identity_free (&identity); - kim_ccache_free (&ccache); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_selection_hints_remember_identity (kim_selection_hints in_selection_hints, - kim_identity in_identity) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_selection_hints) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_os_selection_hints_remember_identity (in_selection_hints, - in_identity); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_selection_hints_forget_identity (kim_selection_hints in_selection_hints) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_selection_hints) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_os_selection_hints_forget_identity (in_selection_hints); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_selection_hints_get_preference_strings (kim_selection_hints in_selection_hints, - kim_selection_hints_preference_strings *io_preference_strings) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_selection_hints ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !io_preference_strings) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - io_preference_strings->application_identifier = in_selection_hints->application_identifier; - io_preference_strings->service_identity = in_selection_hints->service_identity; - io_preference_strings->client_realm = in_selection_hints->client_realm; - io_preference_strings->user = in_selection_hints->user; - io_preference_strings->service_realm = in_selection_hints->service_realm; - io_preference_strings->service = in_selection_hints->service; - io_preference_strings->server = in_selection_hints->server; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -void kim_selection_hints_free (kim_selection_hints *io_selection_hints) -{ - if (io_selection_hints && *io_selection_hints) { - kim_string_free (&(*io_selection_hints)->application_identifier); - kim_string_free (&(*io_selection_hints)->explanation); - kim_options_free (&(*io_selection_hints)->options); - kim_string_free (&(*io_selection_hints)->service_identity); - kim_string_free (&(*io_selection_hints)->client_realm); - kim_string_free (&(*io_selection_hints)->user); - kim_string_free (&(*io_selection_hints)->service_realm); - kim_string_free (&(*io_selection_hints)->service); - kim_string_free (&(*io_selection_hints)->server); - free (*io_selection_hints); - *io_selection_hints = NULL; - } -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -kim_error kim_selection_hints_write_to_stream (kim_selection_hints in_selection_hints, - k5_ipc_stream io_stream) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_selection_hints) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !io_stream ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = krb5int_ipc_stream_write_string (io_stream, - in_selection_hints->application_identifier); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (io_stream, - in_selection_hints->explanation); - } - - if (!err) { - err = kim_options_write_to_stream (in_selection_hints->options, - io_stream); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (io_stream, - in_selection_hints->service_identity); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (io_stream, - in_selection_hints->client_realm); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (io_stream, - in_selection_hints->user); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (io_stream, - in_selection_hints->service_realm); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (io_stream, - in_selection_hints->service); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (io_stream, - in_selection_hints->server); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_selection_hints_read_from_stream (kim_selection_hints io_selection_hints, - k5_ipc_stream io_stream) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_selection_hints) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !io_stream ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - char *application_identifier = NULL; - err = krb5int_ipc_stream_read_string (io_stream, &application_identifier); - - if (!err) { - err = kim_string_copy (&io_selection_hints->application_identifier, - application_identifier); - } - - krb5int_ipc_stream_free_string (application_identifier); - } - - if (!err) { - char *explanation = NULL; - err = krb5int_ipc_stream_read_string (io_stream, &explanation); - - if (!err) { - err = kim_string_copy (&io_selection_hints->explanation, - explanation); - } - - krb5int_ipc_stream_free_string (explanation); - } - - if (!err) { - if (io_selection_hints->options) { - err = kim_options_read_from_stream (io_selection_hints->options, - io_stream); - } else { - err = kim_options_create_from_stream (&io_selection_hints->options, - io_stream); - } - } - - if (!err) { - char *service_identity = NULL; - err = krb5int_ipc_stream_read_string (io_stream, &service_identity); - - if (!err) { - err = kim_string_copy (&io_selection_hints->service_identity, - service_identity); - } - - krb5int_ipc_stream_free_string (service_identity); - } - - if (!err) { - char *client_realm = NULL; - err = krb5int_ipc_stream_read_string (io_stream, &client_realm); - - if (!err) { - err = kim_string_copy (&io_selection_hints->client_realm, - client_realm); - } - - krb5int_ipc_stream_free_string (client_realm); - } - - if (!err) { - char *user = NULL; - err = krb5int_ipc_stream_read_string (io_stream, &user); - - if (!err) { - err = kim_string_copy (&io_selection_hints->user, user); - } - - krb5int_ipc_stream_free_string (user); - } - - if (!err) { - char *service_realm = NULL; - err = krb5int_ipc_stream_read_string (io_stream, &service_realm); - - if (!err) { - err = kim_string_copy (&io_selection_hints->service_realm, - service_realm); - } - - krb5int_ipc_stream_free_string (service_realm); - } - - if (!err) { - char *service = NULL; - err = krb5int_ipc_stream_read_string (io_stream, &service); - - if (!err) { - err = kim_string_copy (&io_selection_hints->service, service); - } - - krb5int_ipc_stream_free_string (service); - } - - if (!err) { - char *server = NULL; - err = krb5int_ipc_stream_read_string (io_stream, &server); - - if (!err) { - err = kim_string_copy (&io_selection_hints->server, server); - } - - krb5int_ipc_stream_free_string (server); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_selection_hints_create_from_stream (kim_selection_hints *out_selection_hints, - k5_ipc_stream io_stream) -{ - kim_error err = KIM_NO_ERROR; - kim_selection_hints selection_hints = NULL; - - if (!err && !out_selection_hints) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !io_stream ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_selection_hints_allocate (&selection_hints); - } - - if (!err) { - err = kim_selection_hints_read_from_stream (selection_hints, io_stream); - } - - if (!err) { - *out_selection_hints = selection_hints; - selection_hints = NULL; - } - - kim_selection_hints_free (&selection_hints); - - return check_error (err); -} diff --git a/src/kim/lib/kim_selection_hints_private.h b/src/kim/lib/kim_selection_hints_private.h deleted file mode 100644 index 3d6c2522f..000000000 --- a/src/kim/lib/kim_selection_hints_private.h +++ /dev/null @@ -1,65 +0,0 @@ -/* kim/lib/kim_selection_hints_private.h */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_SELECTION_HINTS_PRIVATE_H -#define KIM_SELECTION_HINTS_PRIVATE_H - -#include <kim/kim.h> -#include "k5-ipc_stream.h" - -typedef struct kim_selection_hints_preference_strings { - kim_string application_identifier; - kim_string service_identity; - kim_string client_realm; - kim_string user; - kim_string service_realm; - kim_string service; - kim_string server; -} kim_selection_hints_preference_strings; - -kim_error kim_selection_hints_get_application_id (kim_selection_hints in_selection_hints, - kim_string *out_application_id); - -kim_error kim_selection_hints_get_preference_strings (kim_selection_hints in_selection_hints, - kim_selection_hints_preference_strings *io_preference_strings); - -kim_error kim_os_selection_hints_lookup_identity (kim_selection_hints in_selection_hints, - kim_identity *out_identity); - -kim_error kim_os_selection_hints_remember_identity (kim_selection_hints in_selection_hints, - kim_identity in_identity); - -kim_error kim_os_selection_hints_forget_identity (kim_selection_hints in_selection_hints); - -kim_error kim_selection_hints_write_to_stream (kim_selection_hints in_selection_hints, - k5_ipc_stream io_stream); - -kim_error kim_selection_hints_read_from_stream (kim_selection_hints io_selection_hints, - k5_ipc_stream io_stream); - -kim_error kim_selection_hints_create_from_stream (kim_selection_hints *out_selection_hints, - k5_ipc_stream in_stream); - -#endif /* KIM_SELECTION_HINTS_PRIVATE_H */ diff --git a/src/kim/lib/kim_string.c b/src/kim/lib/kim_string.c deleted file mode 100644 index 910489d47..000000000 --- a/src/kim/lib/kim_string.c +++ /dev/null @@ -1,182 +0,0 @@ -/* kim/lib/kim_string.c */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "kim_private.h" - -const char kim_empty_string[1] = ""; - -/* ------------------------------------------------------------------------ */ - -kim_error kim_string_create_from_format (kim_string *out_string, - kim_string in_format, - ...) -{ - kim_error err = kim_library_init (); - va_list args; - - va_start (args, in_format); - err = kim_string_create_from_format_va (out_string, in_format, args); - va_end (args); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_string_create_from_format_va_retcode (kim_string *out_string, - kim_string in_format, - va_list in_args) -{ - kim_error err = kim_library_init (); - - int count = vasprintf ((char **) out_string, in_format, in_args); - if (count < 0) { err = check_error (KIM_OUT_OF_MEMORY_ERR); } - - return err; -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_string_create_from_format_va (kim_string *out_string, - kim_string in_format, - va_list in_args) -{ - kim_error err = kim_library_init (); - kim_string string = NULL; - - if (!err && !out_string) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_format ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_string_create_from_format_va_retcode (&string, - in_format, - in_args); - } - - if (!err) { - *out_string = string; - string = NULL; - } - - if (string) { kim_string_free (&string); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_string_create_from_buffer (kim_string *out_string, - const char *in_buffer, - kim_count in_length) -{ - kim_error err = kim_library_init (); - kim_string string = NULL; - - if (!err && !out_string) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_buffer ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - string = calloc (in_length + 1, sizeof (char *)); - if (!string) { err = check_error (KIM_OUT_OF_MEMORY_ERR); } - } - - if (!err) { - memcpy ((char *) string, in_buffer, in_length * sizeof (char)); - *out_string = string; - string = NULL; - } - - kim_string_free (&string); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_string_create_for_last_error (kim_string *out_string, - kim_error in_error) -{ - kim_error err = kim_library_init (); - - err = kim_string_copy (out_string, kim_error_message (in_error)); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_string_copy (kim_string *out_string, - kim_string in_string) -{ - kim_error err = kim_library_init (); - kim_string string = NULL; - - if (!err && !out_string) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_string ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - if (in_string[0]) { - string = calloc (strlen (in_string) + 1, sizeof (char *)); - if (!string) { err = check_error (KIM_OUT_OF_MEMORY_ERR); } - - if (!err) { - strncpy ((char *) string, in_string, strlen (in_string) + 1); - } - } else { - string = kim_empty_string; - } - } - - if (!err) { - *out_string = string; - string = NULL; - } - - kim_string_free (&string); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_string_compare (kim_string in_string, - kim_string in_compare_to_string, - kim_comparison *out_comparison) -{ - return kim_os_string_compare (in_string, - in_compare_to_string, - 0, /* case sensitive */ - out_comparison); -} - -/* ------------------------------------------------------------------------ */ - -void kim_string_free (kim_string *io_string) -{ - if (io_string && *io_string && *io_string != kim_empty_string) { - free ((char *) *io_string); - *io_string = NULL; - } -} diff --git a/src/kim/lib/kim_string_private.h b/src/kim/lib/kim_string_private.h deleted file mode 100644 index b776e8a2f..000000000 --- a/src/kim/lib/kim_string_private.h +++ /dev/null @@ -1,67 +0,0 @@ -/* kim/lib/kim_string_private.h */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_STRING_PRIVATE_H -#define KIM_STRING_PRIVATE_H - -#include <kim/kim.h> - -extern const char kim_empty_string[1]; - -/* ------------------------------------------------------------------------ */ - -static inline kim_count kim_string_buflen (kim_string in_string) -{ - return in_string ? strlen (in_string) + 1 : 0; -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_string_create_from_format (kim_string *out_string, - kim_string in_format, - ...); - -kim_error kim_string_create_from_format_va_retcode (kim_string *out_string, - kim_string in_format, - va_list in_args); - -kim_error kim_string_create_from_format_va (kim_string *out_string, - kim_string in_format, - va_list in_args); - -kim_error kim_string_create_from_buffer (kim_string *out_string, - const char *in_buffer, - kim_count in_length); - -/* OS-specific because it should use UTF8-safe sorting where possible */ -kim_error kim_os_string_compare (kim_string in_string, - kim_string in_compare_to_string, - kim_boolean in_case_insensitive, - kim_comparison *out_comparison); - -kim_error kim_os_string_create_localized (kim_string *out_string, - kim_string in_string); - -#endif /* KIM_STRING_PRIVATE_H */ diff --git a/src/kim/lib/kim_ui.c b/src/kim/lib/kim_ui.c deleted file mode 100644 index ae75788e5..000000000 --- a/src/kim/lib/kim_ui.c +++ /dev/null @@ -1,549 +0,0 @@ -/* kim/lib/kim_ui.c */ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "kim_private.h" - - -/* ------------------------------------------------------------------------ */ - -static kim_prompt_type kim_ui_ptype2ktype (krb5_prompt_type type) -{ - if (type == KRB5_PROMPT_TYPE_PASSWORD) { - return kim_prompt_type_password; - - } else if (type == KRB5_PROMPT_TYPE_PREAUTH) { - return kim_prompt_type_preauth; - } - return kim_prompt_type_preauth; -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_ui_init_lazy (kim_ui_context *io_context) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err && !io_context->initialized) { -#ifdef KIM_BUILTIN_UI - kim_ui_environment environment = kim_library_ui_environment (); - - if (environment == KIM_UI_ENVIRONMENT_GUI) { -#endif /* KIM_BUILTIN_UI */ - io_context->type = kim_ui_type_gui_plugin; - - err = kim_ui_plugin_init (io_context); -#ifdef KIM_BUILTIN_UI - if (err) { - io_context->type = kim_ui_type_gui_builtin; - - err = kim_os_ui_gui_init (io_context); - } - - } else if (environment == KIM_UI_ENVIRONMENT_CLI) { - io_context->type = kim_ui_type_cli; - - err = kim_ui_cli_init (io_context); - - } else { - io_context->type = kim_ui_type_none; - - err = check_error (KIM_NO_UI_ERR); - } -#endif /* KIM_BUILTIN_UI */ - - if (!err) { - io_context->initialized = 1; - } - } - - return check_error (err); -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ui_init (kim_ui_context *io_context) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - /* Lazy initialization so we only actually initialize if a prompt - * gets called. This is important because krb5_get_init_creds_* - * can't tell us if a prompt is going to get called in advance */ - io_context->initialized = 0; - io_context->identity = NULL; - io_context->prompt_count = 0; - io_context->password_to_save = NULL; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ui_enter_identity (kim_ui_context *in_context, - kim_options io_options, - kim_identity *out_identity, - kim_boolean *out_change_password) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_change_password) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_ui_init_lazy (in_context); - } - - if (!err) { - if (in_context->type == kim_ui_type_gui_plugin) { - err = kim_ui_plugin_enter_identity (in_context, - io_options, - out_identity, - out_change_password); - -#ifdef KIM_BUILTIN_UI - } else if (in_context->type == kim_ui_type_gui_builtin) { - err = kim_os_ui_gui_enter_identity (in_context, - io_options, - out_identity, - out_change_password); - - } else if (in_context->type == kim_ui_type_cli) { - err = kim_ui_cli_enter_identity (in_context, - io_options, - out_identity, - out_change_password); - -#endif /* KIM_BUILTIN_UI */ - - } else { - err = check_error (KIM_NO_UI_ERR); - } - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ui_select_identity (kim_ui_context *in_context, - kim_selection_hints io_hints, - kim_identity *out_identity, - kim_boolean *out_change_password) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !io_hints ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_change_password) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_ui_init_lazy (in_context); - } - - if (!err) { - if (in_context->type == kim_ui_type_gui_plugin) { - err = kim_ui_plugin_select_identity (in_context, - io_hints, - out_identity, - out_change_password); - -#ifdef KIM_BUILTIN_UI - } else if (in_context->type == kim_ui_type_gui_builtin) { - err = kim_os_ui_gui_select_identity (in_context, - io_hints, - out_identity, - out_change_password); - - } else if (in_context->type == kim_ui_type_cli) { - err = kim_ui_cli_select_identity (in_context, - io_hints, - out_identity, - out_change_password); - -#endif /* KIM_BUILTIN_UI */ - - } else { - err = check_error (KIM_NO_UI_ERR); - } - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ -/* Set the identity field in your context and pass the context as the data */ - -krb5_error_code kim_ui_prompter (krb5_context in_krb5_context, - void *in_context, - const char *in_name, - const char *in_banner, - int in_num_prompts, - krb5_prompt in_prompts[]) -{ - kim_error err = KIM_NO_ERROR; - krb5_prompt_type *types = NULL; - kim_ui_context *context = (kim_ui_context *) in_context; - int i; - - if (!err && !in_krb5_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_prompts ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - types = krb5_get_prompt_types (in_krb5_context); - if (!types) { err = check_error (KIM_NULL_PARAMETER_ERR); } - } - - for (i = 0; !err && i < in_num_prompts; i++) { - char *reply = NULL; - kim_prompt_type type = kim_ui_ptype2ktype (types[i]); - kim_boolean got_saved_password = 0; - - if (type == kim_prompt_type_password) { - /* Check for saved password on OSes that support it */ - kim_error terr = KIM_NO_ERROR; - - terr = kim_os_identity_get_saved_password (context->identity, - (kim_string *) &reply); - if (!terr && reply) { got_saved_password = 1; } - } - - if (!got_saved_password) { - kim_boolean save_reply = FALSE; - kim_boolean allow_save_password = kim_os_identity_allow_save_password (); - - context->prompt_count++; - - err = kim_ui_init_lazy (in_context); - - if (!err) { - if (context->type == kim_ui_type_gui_plugin) { - err = kim_ui_plugin_auth_prompt (context, - context->identity, - type, - allow_save_password, - in_prompts[i].hidden, - in_name, - in_banner, - in_prompts[i].prompt, - &reply, - &save_reply); - -#ifdef KIM_BUILTIN_UI - } else if (context->type == kim_ui_type_gui_builtin) { - err = kim_os_ui_gui_auth_prompt (context, - context->identity, - type, - allow_save_password, - in_prompts[i].hidden, - in_name, - in_banner, - in_prompts[i].prompt, - &reply, - &save_reply); - - } else if (context->type == kim_ui_type_cli) { - err = kim_ui_cli_auth_prompt (context, - context->identity, - type, - allow_save_password, - in_prompts[i].hidden, - in_name, - in_banner, - in_prompts[i].prompt, - &reply, - &save_reply); -#endif /* KIM_BUILTIN_UI */ - - } else { - err = check_error (KIM_NO_UI_ERR); - } - } - - if (!err && type == kim_prompt_type_password) { - kim_string_free (&context->password_to_save); - - if (allow_save_password && save_reply) { - err = kim_string_copy (&context->password_to_save, reply); - } - } - } - - if (!err) { - uint32_t reply_len = strlen (reply); - - if ((reply_len + 1) > in_prompts[i].reply->length) { - kim_debug_printf ("%s(): reply %d is too long (is %d, should be %d)\n", - __FUNCTION__, i, - reply_len, in_prompts[i].reply->length); - reply_len = in_prompts[i].reply->length; - } - - memmove (in_prompts[i].reply->data, reply, reply_len + 1); - in_prompts[i].reply->length = reply_len; - } - - /* Clean up reply buffer. Saved passwords are allocated by KIM. */ - if (reply) { - if (got_saved_password) { - memset (reply, '\0', strlen (reply)); - kim_string_free ((kim_string *) &reply); - } else { - kim_ui_free_string (context, &reply); - } - } - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ui_change_password (kim_ui_context *in_context, - kim_identity in_identity, - kim_boolean in_old_password_expired, - char **out_old_password, - char **out_new_password, - char **out_verify_password) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_old_password ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_new_password ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_verify_password) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_ui_init_lazy (in_context); - } - - if (!err) { - if (in_context->type == kim_ui_type_gui_plugin) { - err = kim_ui_plugin_change_password (in_context, - in_identity, - in_old_password_expired, - out_old_password, - out_new_password, - out_verify_password); - -#ifdef KIM_BUILTIN_UI - } else if (in_context->type == kim_ui_type_gui_builtin) { - err = kim_os_ui_gui_change_password (in_context, - in_identity, - in_old_password_expired, - out_old_password, - out_new_password, - out_verify_password); - - } else if (in_context->type == kim_ui_type_cli) { - err = kim_ui_cli_change_password (in_context, - in_identity, - in_old_password_expired, - out_old_password, - out_new_password, - out_verify_password); -#endif /* KIM_BUILTIN_UI */ - - } else { - err = check_error (KIM_NO_UI_ERR); - } - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ui_handle_error (kim_ui_context *in_context, - kim_identity in_identity, - kim_error in_error, - kim_string in_error_message, - kim_string in_error_description) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_error_message ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_error_description) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_ui_init_lazy (in_context); - } - - if (!err) { - if (in_context->type == kim_ui_type_gui_plugin) { - err = kim_ui_plugin_handle_error (in_context, - in_identity, - in_error, - in_error_message, - in_error_description); - -#ifdef KIM_BUILTIN_UI - } else if (in_context->type == kim_ui_type_gui_builtin) { - err = kim_os_ui_gui_handle_error (in_context, - in_identity, - in_error, - in_error_message, - in_error_description); - - } else if (in_context->type == kim_ui_type_cli) { - err = kim_ui_cli_handle_error (in_context, - in_identity, - in_error, - in_error_message, - in_error_description); -#endif /* KIM_BUILTIN_UI */ - - } else { - err = check_error (KIM_NO_UI_ERR); - } - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -void kim_ui_free_string (kim_ui_context *in_context, - char **io_string) -{ - kim_error err = kim_ui_init_lazy (in_context); - - if (!err && in_context && io_string && *io_string) { - /* most ui strings are auth information so zero before freeing */ - memset (*io_string, '\0', strlen (*io_string)); - - if (in_context->type == kim_ui_type_gui_plugin) { - kim_ui_plugin_free_string (in_context, - io_string); - -#ifdef KIM_BUILTIN_UI - } else if (in_context->type == kim_ui_type_gui_builtin) { - kim_os_ui_gui_free_string (in_context, - io_string); - - } else if (in_context->type == kim_ui_type_cli) { - kim_ui_cli_free_string (in_context, - io_string); -#endif /* KIM_BUILTIN_UI */ - } - } -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ui_fini (kim_ui_context *io_context) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err && io_context->initialized) { - if (io_context->type == kim_ui_type_gui_plugin) { - err = kim_ui_plugin_fini (io_context); - -#ifdef KIM_BUILTIN_UI - } else if (io_context->type == kim_ui_type_gui_builtin) { - err = kim_os_ui_gui_fini (io_context); - - } else if (io_context->type == kim_ui_type_cli) { - err = kim_ui_cli_fini (io_context); -#endif /* KIM_BUILTIN_UI */ - - } else { - err = check_error (KIM_NO_UI_ERR); - } - - kim_string_free (&io_context->password_to_save); - } - - return check_error (err); -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ -/* Helper function */ - -kim_error kim_ui_handle_kim_error (kim_ui_context *in_context, - kim_identity in_identity, - enum kim_ui_error_type in_type, - kim_error in_error) -{ - kim_error err = KIM_NO_ERROR; - kim_string message = NULL; - kim_string description = NULL; - - if (!err) { - /* Do this first so last error doesn't get overwritten */ - err = kim_string_create_for_last_error (&description, in_error); - } - - if (!err && !in_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - kim_string key = NULL; - - switch (in_type) { - case kim_ui_error_type_authentication: - key = "Kerberos Login Failed:"; - break; - - case kim_ui_error_type_change_password: - key = "Kerberos Change Password Failed:"; - break; - - case kim_ui_error_type_selection: - case kim_ui_error_type_generic: - default: - key = "Kerberos Operation Failed:"; - break; - } - - err = kim_os_string_create_localized (&message, key); - } - - if (!err) { - err = kim_ui_handle_error (in_context, in_identity, - in_error, message, description); - } - - kim_string_free (&description); - kim_string_free (&message); - - return check_error (err); -} diff --git a/src/kim/lib/kim_ui_cli.c b/src/kim/lib/kim_ui_cli.c deleted file mode 100644 index 5de19e96d..000000000 --- a/src/kim/lib/kim_ui_cli.c +++ /dev/null @@ -1,477 +0,0 @@ -/* kim/lib/kim_ui_cli.c */ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifdef KIM_BUILTIN_UI - -#include "kim_private.h" - -// --------------------------------------------------------------------------- - -static kim_error kim_ui_cli_read_string (kim_string *out_string, - kim_boolean in_hide_reply, - const char *in_format, ...) -{ - kim_error err = KIM_NO_ERROR; - krb5_context k5context = NULL; - krb5_prompt prompts[1]; - char prompt_string [BUFSIZ]; - krb5_data reply_data; - char reply_string [BUFSIZ]; - - if (!err && !out_string) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_format ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = krb5_init_context (&k5context); - } - - if (!err) { - unsigned int count; - va_list args; - - va_start (args, in_format); - count = vsnprintf (prompt_string, sizeof (prompt_string), - in_format, args); - va_end (args); - - if (count > sizeof (prompt_string)) { - kim_debug_printf ("%s(): WARNING! Prompt should be %d characters\n", - __FUNCTION__, count); - prompt_string [sizeof (prompt_string) - 1] = '\0'; - } - } - - if (!err) { - /* Build the prompt structures */ - prompts[0].prompt = prompt_string; - prompts[0].hidden = in_hide_reply; - prompts[0].reply = &reply_data; - prompts[0].reply->data = reply_string; - prompts[0].reply->length = sizeof (reply_string); - - err = krb5_prompter_posix (k5context, NULL, NULL, NULL, 1, prompts); - if (err == KRB5_LIBOS_PWDINTR || err == KRB5_LIBOS_CANTREADPWD) { - err = check_error (KIM_USER_CANCELED_ERR); - } - } - - if (!err) { - err = kim_string_create_from_buffer (out_string, - prompts[0].reply->data, - prompts[0].reply->length); - } - - if (k5context) { krb5_free_context (k5context); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ui_cli_init (kim_ui_context *io_context) -{ - if (io_context) { - io_context->tcontext = NULL; - } - - return KIM_NO_ERROR; -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ui_cli_enter_identity (kim_ui_context *in_context, - kim_options io_options, - kim_identity *out_identity, - kim_boolean *out_change_password) -{ - kim_error err = KIM_NO_ERROR; - kim_string enter_identity_string = NULL; - kim_string identity_string = NULL; - - if (!err && !io_options ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_change_password) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_os_string_create_localized (&enter_identity_string, - "Please enter your Kerberos identity"); - } - - if (!err) { - err = kim_ui_cli_read_string (&identity_string, - 0, enter_identity_string); - } - - if (!err) { - err = kim_identity_create_from_string (out_identity, identity_string); - } - - if (!err) { - *out_change_password = 0; - } - - kim_string_free (&identity_string); - kim_string_free (&enter_identity_string); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ui_cli_select_identity (kim_ui_context *in_context, - kim_selection_hints io_hints, - kim_identity *out_identity, - kim_boolean *out_change_password) -{ - kim_error err = KIM_NO_ERROR; - kim_options options = NULL; - - if (!err && !io_hints ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_change_password) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_selection_hints_get_options (io_hints, &options); - } - - if (!err) { - err = kim_ui_cli_enter_identity (in_context, options, - out_identity, - out_change_password); - } - - if (!err) { - err = kim_selection_hints_set_options (io_hints, options); - } - - kim_options_free (&options); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ui_cli_auth_prompt (kim_ui_context *in_context, - kim_identity in_identity, - kim_prompt_type in_type, - kim_boolean in_allow_save_reply, - kim_boolean in_hide_reply, - kim_string in_title, - kim_string in_message, - kim_string in_description, - char **out_reply, - kim_boolean *out_save_reply) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_reply ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - /* in_title, in_message or in_description may be NULL */ - - if (!err) { - if (in_type == kim_prompt_type_password) { - kim_string enter_password_format = NULL; - kim_string identity_string = NULL; - - err = kim_os_string_create_localized (&enter_password_format, - "Please enter the password for %s"); - - if (!err) { - err = kim_identity_get_display_string (in_identity, - &identity_string); - } - - if (!err) { - err = kim_ui_cli_read_string ((kim_string *) out_reply, - 1, enter_password_format, - identity_string); - } - - kim_string_free (&identity_string); - kim_string_free (&enter_password_format); - - } else { - krb5_context k5context = NULL; - krb5_prompt prompts[1]; - krb5_data reply_data; - char reply_string [BUFSIZ]; - - prompts[0].prompt = (char *) in_description; - prompts[0].hidden = in_hide_reply; - prompts[0].reply = &reply_data; - prompts[0].reply->data = reply_string; - prompts[0].reply->length = sizeof (reply_string); - - err = krb5_init_context (&k5context); - - if (!err) { - err = krb5_prompter_posix (k5context, in_context, in_title, - in_message, 1, prompts); - if (err == KRB5_LIBOS_PWDINTR || err == KRB5_LIBOS_CANTREADPWD) { - err = check_error (KIM_USER_CANCELED_ERR); - } - } - - if (!err) { - err = kim_string_create_from_buffer ((kim_string *) out_reply, - prompts[0].reply->data, - prompts[0].reply->length); - if (!err) { - /* always allow password saving */ - *out_save_reply = (in_allow_save_reply && - in_type == kim_prompt_type_password); - } - } - - if (k5context) { krb5_free_context (k5context); } - } - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_ui_cli_ask_change_password (kim_string in_identity_string) -{ - kim_error err = KIM_NO_ERROR; - kim_string ask_change_password = NULL; - kim_string yes = NULL; - kim_string no = NULL; - kim_string unknown_response = NULL; - kim_boolean done = 0; - kim_comparison no_comparison, yes_comparison; - - if (!err) { - err = kim_os_string_create_localized (&ask_change_password, - "Your password has expired, would you like to change it? (yes/no)"); - } - - if (!err) { - err = kim_os_string_create_localized (&yes, "yes"); - } - - if (!err) { - err = kim_os_string_create_localized (&no, "no"); - } - - if (!err) { - err = kim_os_string_create_localized (&unknown_response, - "%s is not a response I understand. Please try again."); - } - - while (!err && !done) { - kim_string answer = NULL; - - err = kim_ui_cli_read_string (&answer, 0, ask_change_password); - - if (!err) { - err = kim_os_string_compare (answer, no, - 1 /* case insensitive */, - &no_comparison); - } - - if (!err && kim_comparison_is_equal_to (no_comparison)) { - err = check_error (KIM_USER_CANCELED_ERR); - } - - if (!err) { - err = kim_os_string_compare (answer, yes, - 1 /* case insensitive */, - &yes_comparison); - } - - if (!err) { - if (kim_comparison_is_equal_to (yes_comparison)) { - done = 1; - } else { - fprintf (stdout, unknown_response, answer); - fprintf (stdout, "\n"); - } - } - - kim_string_free (&answer); - } - - kim_string_free (&ask_change_password); - kim_string_free (&yes); - kim_string_free (&no); - kim_string_free (&unknown_response); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ui_cli_change_password (kim_ui_context *in_context, - kim_identity in_identity, - kim_boolean in_old_password_expired, - char **out_old_password, - char **out_new_password, - char **out_verify_password) -{ - kim_error err = KIM_NO_ERROR; - kim_string enter_old_password_format = NULL; - kim_string enter_new_password_format = NULL; - kim_string enter_verify_password_format = NULL; - kim_string identity_string = NULL; - kim_string old_password = NULL; - kim_string new_password = NULL; - kim_string verify_password = NULL; - kim_boolean done = 0; - - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_old_password ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_new_password ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_verify_password) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_identity_get_display_string (in_identity, &identity_string); - } - - if (!err && in_old_password_expired) { - err = kim_ui_cli_ask_change_password (identity_string); - } - - if (!err) { - err = kim_os_string_create_localized (&enter_old_password_format, - "Please enter the old password for %s"); - } - - if (!err) { - err = kim_os_string_create_localized (&enter_new_password_format, - "Please enter the new password for %s"); - } - - if (!err) { - err = kim_os_string_create_localized (&enter_verify_password_format, - "Verifying, please re-enter the new password for %s again"); - } - - while (!err && !done) { - kim_boolean was_prompted = 0; /* ignore because we always prompt */ - - kim_string_free (&old_password); - - err = kim_ui_cli_read_string (&old_password, - 1, enter_old_password_format, - identity_string); - - if (!err && strlen (old_password) < 1) { - /* Empty password: Synthesize bad password err */ - err = KRB5KRB_AP_ERR_BAD_INTEGRITY; - } - - if (!err) { - err = kim_credential_create_for_change_password ((kim_credential *) &in_context->tcontext, - in_identity, - old_password, - in_context, - &was_prompted); - } - - if (err && err != KIM_USER_CANCELED_ERR) { - /* new creds failed, report error to user */ - err = kim_ui_handle_kim_error (in_context, in_identity, - kim_ui_error_type_change_password, - err); - - } else { - done = 1; - } - } - - if (!err) { - err = kim_ui_cli_read_string (&new_password, - 1, enter_new_password_format, - identity_string); - } - - if (!err) { - err = kim_ui_cli_read_string (&verify_password, - 1, enter_verify_password_format, - identity_string); - } - - if (!err) { - *out_old_password = (char *) old_password; - old_password = NULL; - *out_new_password = (char *) new_password; - new_password = NULL; - *out_verify_password = (char *) verify_password; - verify_password = NULL; - } - - kim_string_free (&old_password); - kim_string_free (&new_password); - kim_string_free (&verify_password); - kim_string_free (&identity_string); - kim_string_free (&enter_old_password_format); - kim_string_free (&enter_new_password_format); - kim_string_free (&enter_verify_password_format); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ui_cli_handle_error (kim_ui_context *in_context, - kim_identity in_identity, - kim_error in_error, - kim_string in_error_message, - kim_string in_error_description) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_error_message ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_error_description) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - fprintf (stdout, "%s\n%s\n\n", in_error_message, in_error_description); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -void kim_ui_cli_free_string (kim_ui_context *in_context, - char **io_string) -{ - kim_string_free ((kim_string *) io_string); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ui_cli_fini (kim_ui_context *io_context) -{ - if (io_context) { - kim_credential_free ((kim_credential *) &io_context->tcontext); - } - - return KIM_NO_ERROR; -} - -#endif /* KIM_BUILTIN_UI */ diff --git a/src/kim/lib/kim_ui_cli_private.h b/src/kim/lib/kim_ui_cli_private.h deleted file mode 100644 index 9fb103408..000000000 --- a/src/kim/lib/kim_ui_cli_private.h +++ /dev/null @@ -1,79 +0,0 @@ -/* kim/lib/kim_ui_cli_private.h */ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_UI_CLI_PRIVATE_H -#define KIM_UI_CLI_PRIVATE_H - -#ifdef KIM_BUILTIN_UI - -#include <kim/kim.h> - -typedef kim_credential kim_ui_cli_context; - - -kim_error kim_ui_cli_init (kim_ui_context *io_context); - -kim_error kim_ui_cli_enter_identity (kim_ui_context *in_context, - kim_options io_options, - kim_identity *out_identity, - kim_boolean *out_change_password); - -kim_error kim_ui_cli_select_identity (kim_ui_context *in_context, - kim_selection_hints io_hints, - kim_identity *out_identity, - kim_boolean *out_change_password); - -kim_error kim_ui_cli_auth_prompt (kim_ui_context *in_context, - kim_identity in_identity, - kim_prompt_type in_type, - kim_boolean in_allow_save_reply, - kim_boolean in_hide_reply, - kim_string in_title, - kim_string in_message, - kim_string in_description, - char **out_reply, - kim_boolean *out_save_reply); - -kim_error kim_ui_cli_change_password (kim_ui_context *in_context, - kim_identity in_identity, - kim_boolean in_old_password_expired, - char **out_old_password, - char **out_new_password, - char **out_verify_password); - -kim_error kim_ui_cli_handle_error (kim_ui_context *in_context, - kim_identity in_identity, - kim_error in_error, - kim_string in_error_message, - kim_string in_error_description); - -void kim_ui_cli_free_string (kim_ui_context *in_context, - char **io_string); - -kim_error kim_ui_cli_fini (kim_ui_context *in_context); - -#endif /* KIM_BUILTIN_UI */ - -#endif /* KIM_UI_CLI_PRIVATE_H */ diff --git a/src/kim/lib/kim_ui_gui_private.h b/src/kim/lib/kim_ui_gui_private.h deleted file mode 100644 index 5ccd4b6ea..000000000 --- a/src/kim/lib/kim_ui_gui_private.h +++ /dev/null @@ -1,79 +0,0 @@ -/* kim/lib/kim_ui_gui_private.h */ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_UI_GUI_PRIVATE_H -#define KIM_UI_GUI_PRIVATE_H - -#ifdef KIM_BUILTIN_UI - -#include <kim/kim.h> - -struct kim_ui_gui_context; -typedef struct kim_ui_gui_context *kim_ui_gui_context; - -kim_error kim_os_ui_gui_init (kim_ui_context *io_context); - -kim_error kim_os_ui_gui_enter_identity (kim_ui_context *in_context, - kim_options io_options, - kim_identity *out_identity, - kim_boolean *out_change_password); - -kim_error kim_os_ui_gui_select_identity (kim_ui_context *in_context, - kim_selection_hints io_hints, - kim_identity *out_identity, - kim_boolean *out_change_password); - -kim_error kim_os_ui_gui_auth_prompt (kim_ui_context *in_context, - kim_identity in_identity, - kim_prompt_type in_type, - kim_boolean in_allow_save_reply, - kim_boolean in_hide_reply, - kim_string in_title, - kim_string in_message, - kim_string in_description, - char **out_reply, - kim_boolean *out_save_reply); - -kim_error kim_os_ui_gui_change_password (kim_ui_context *in_context, - kim_identity in_identity, - kim_boolean in_old_password_expired, - char **out_old_password, - char **out_new_password, - char **out_verify_password); - -kim_error kim_os_ui_gui_handle_error (kim_ui_context *in_context, - kim_identity in_identity, - kim_error in_error, - kim_string in_error_message, - kim_string in_error_description); - -void kim_os_ui_gui_free_string (kim_ui_context *in_context, - char **io_string); - -kim_error kim_os_ui_gui_fini (kim_ui_context *in_context); - -#endif /* KIM_BUILTIN_UI */ - -#endif /* KIM_UI_GUI_PRIVATE_H */ diff --git a/src/kim/lib/kim_ui_plugin.c b/src/kim/lib/kim_ui_plugin.c deleted file mode 100644 index dd69f007e..000000000 --- a/src/kim/lib/kim_ui_plugin.c +++ /dev/null @@ -1,353 +0,0 @@ -/* kim/lib/kim_ui_plugin.c */ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "k5-int.h" - -#include "kim_private.h" - - -const char * const *kim_ui_plugin_files = NULL; -#if TARGET_OS_MAC -static const char *kim_ui_plugin_dirs[] = { KRB5_KIM_UI_PLUGIN_BUNDLE_DIR, LIBDIR "/krb5/plugins/kimui", NULL }; -#else -static const char *kim_ui_plugin_dirs[] = { LIBDIR "/krb5/plugins/kimui", NULL }; -#endif - - -struct kim_ui_plugin_context { - krb5_context kcontext; - struct plugin_dir_handle plugins; - struct kim_ui_plugin_ftable_v0 *ftable; - void **ftables; - void *plugin_context; -}; - - -/* ------------------------------------------------------------------------ */ - -static void kim_ui_plugin_context_free (kim_ui_plugin_context *io_context) -{ - if (io_context && *io_context) { - if ((*io_context)->ftables) { - krb5int_free_plugin_dir_data ((*io_context)->ftables); - } - if (PLUGIN_DIR_OPEN (&(*io_context)->plugins)) { - krb5int_close_plugin_dirs (&(*io_context)->plugins); - } - if ((*io_context)->kcontext) { - krb5_free_context ((*io_context)->kcontext); - } - free (*io_context); - *io_context = NULL; - } -} - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_ui_plugin_context_allocate (kim_ui_plugin_context *out_context) -{ - kim_error err = KIM_NO_ERROR; - kim_ui_plugin_context context = NULL; - - if (!err && !out_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - context = malloc (sizeof (*context)); - if (!context) { err = KIM_OUT_OF_MEMORY_ERR; } - } - - if (!err) { - err = krb5_error (NULL, krb5_init_context (&context->kcontext)); - } - - if (!err) { - PLUGIN_DIR_INIT(&context->plugins); - context->ftable = NULL; - context->ftables = NULL; - context->plugin_context = NULL; - - *out_context = context; - context = NULL; - } - - kim_ui_plugin_context_free (&context); - - return check_error (err); -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ui_plugin_init (kim_ui_context *io_context) -{ - kim_error err = KIM_NO_ERROR; - kim_ui_plugin_context context = NULL; - - if (!err && !io_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_ui_plugin_context_allocate (&context); - } - - if (!err) { - PLUGIN_DIR_INIT(&context->plugins); - - err = krb5_error (context->kcontext, - krb5int_open_plugin_dirs (kim_ui_plugin_dirs, - kim_ui_plugin_files, - &context->plugins, - &context->kcontext->err)); - } - - if (!err) { - err = krb5_error (context->kcontext, - krb5int_get_plugin_dir_data (&context->plugins, - "kim_ui_0", - &context->ftables, - &context->kcontext->err)); - } - - if (!err && context->ftables) { - int i; - - for (i = 0; context->ftables[i]; i++) { - struct kim_ui_plugin_ftable_v0 *ftable = context->ftables[i]; - context->plugin_context = NULL; - - err = ftable->init (&context->plugin_context); - - if (!err) { - context->ftable = ftable; - break; /* use first plugin that initializes correctly */ - } - - err = KIM_NO_ERROR; /* ignore failed plugins */ - } - } - - if (!err && !context->ftable) { - err = check_error (KRB5_PLUGIN_NO_HANDLE); - } - - if (!err) { - io_context->tcontext = context; - context = NULL; - } - - kim_ui_plugin_context_free (&context); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ui_plugin_enter_identity (kim_ui_context *in_context, - kim_options io_options, - kim_identity *out_identity, - kim_boolean *out_change_password) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !io_options ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_change_password) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - kim_ui_plugin_context context = (kim_ui_plugin_context) in_context->tcontext; - - err = context->ftable->enter_identity (context->plugin_context, - io_options, - out_identity, - out_change_password); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ui_plugin_select_identity (kim_ui_context *in_context, - kim_selection_hints io_hints, - kim_identity *out_identity, - kim_boolean *out_change_password) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !io_hints ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_change_password) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - kim_ui_plugin_context context = (kim_ui_plugin_context) in_context->tcontext; - - err = context->ftable->select_identity (context->plugin_context, - io_hints, - out_identity, - out_change_password); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ui_plugin_auth_prompt (kim_ui_context *in_context, - kim_identity in_identity, - kim_prompt_type in_type, - kim_boolean in_allow_save_reply, - kim_boolean in_hide_reply, - kim_string in_title, - kim_string in_message, - kim_string in_description, - char **out_reply, - kim_boolean *out_save_reply) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_reply ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - /* in_title, in_message or in_description may be NULL */ - - if (!err) { - kim_ui_plugin_context context = (kim_ui_plugin_context) in_context->tcontext; - - err = context->ftable->auth_prompt (context->plugin_context, - in_identity, - in_type, - in_allow_save_reply, - in_hide_reply, - in_title, - in_message, - in_description, - out_reply, - out_save_reply); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ui_plugin_change_password (kim_ui_context *in_context, - kim_identity in_identity, - kim_boolean in_old_password_expired, - char **out_old_password, - char **out_new_password, - char **out_verify_password) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_old_password ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_new_password ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_verify_password) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - kim_ui_plugin_context context = (kim_ui_plugin_context) in_context->tcontext; - - err = context->ftable->change_password (context->plugin_context, - in_identity, - in_old_password_expired, - out_old_password, - out_new_password, - out_verify_password); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ui_plugin_handle_error (kim_ui_context *in_context, - kim_identity in_identity, - kim_error in_error, - kim_string in_error_message, - kim_string in_error_description) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_error_message ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_error_description) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - kim_ui_plugin_context context = (kim_ui_plugin_context) in_context->tcontext; - - err = context->ftable->handle_error (context->plugin_context, - in_identity, - in_error, - in_error_message, - in_error_description); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -void kim_ui_plugin_free_string (kim_ui_context *in_context, - char **io_string) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !io_string ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - kim_ui_plugin_context context = (kim_ui_plugin_context) in_context->tcontext; - - context->ftable->free_string (context->plugin_context, - io_string); - } - } - -/* ------------------------------------------------------------------------ */ - -kim_error kim_ui_plugin_fini (kim_ui_context *io_context) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !io_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - kim_ui_plugin_context context = (kim_ui_plugin_context) io_context->tcontext; - - if (context) { - err = context->ftable->fini (context->plugin_context); - } - - if (!err) { - kim_ui_plugin_context_free (&context); - io_context->tcontext = NULL; - } - } - - return check_error (err); -} diff --git a/src/kim/lib/kim_ui_plugin_private.h b/src/kim/lib/kim_ui_plugin_private.h deleted file mode 100644 index 715635b06..000000000 --- a/src/kim/lib/kim_ui_plugin_private.h +++ /dev/null @@ -1,76 +0,0 @@ -/* kim/lib/kim_ui_plugin_private.h */ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_UI_PLUGIN_PRIVATE_H -#define KIM_UI_PLUGIN_PRIVATE_H - -#include <kim/kim.h> - -struct kim_ui_plugin_context; -typedef struct kim_ui_plugin_context *kim_ui_plugin_context; - - -kim_error kim_ui_plugin_init (kim_ui_context *io_context); - -kim_error kim_ui_plugin_enter_identity (kim_ui_context *in_context, - kim_options io_options, - kim_identity *out_identity, - kim_boolean *out_change_password); - -kim_error kim_ui_plugin_select_identity (kim_ui_context *in_context, - kim_selection_hints io_hints, - kim_identity *out_identity, - kim_boolean *out_change_password); - -kim_error kim_ui_plugin_auth_prompt (kim_ui_context *in_context, - kim_identity in_identity, - kim_prompt_type in_type, - kim_boolean in_allow_save_reply, - kim_boolean in_hide_reply, - kim_string in_title, - kim_string in_message, - kim_string in_description, - char **out_reply, - kim_boolean *out_save_reply); - -kim_error kim_ui_plugin_change_password (kim_ui_context *in_context, - kim_identity in_identity, - kim_boolean in_old_password_expired, - char **out_old_password, - char **out_new_password, - char **out_verify_password); - -kim_error kim_ui_plugin_handle_error (kim_ui_context *in_context, - kim_identity in_identity, - kim_error in_error, - kim_string in_error_message, - kim_string in_error_description); - -void kim_ui_plugin_free_string (kim_ui_context *in_context, - char **io_string); - -kim_error kim_ui_plugin_fini (kim_ui_context *in_context); - -#endif /* KIM_UI_PLUGIN_PRIVATE_H */ diff --git a/src/kim/lib/kim_ui_private.h b/src/kim/lib/kim_ui_private.h deleted file mode 100644 index 92b1efc44..000000000 --- a/src/kim/lib/kim_ui_private.h +++ /dev/null @@ -1,100 +0,0 @@ -/* kim/lib/kim_ui_private.h */ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_UI_PRIVATE_H -#define KIM_UI_PRIVATE_H - -#include <kim/kim.h> - -enum kim_ui_type { - kim_ui_type_gui_plugin, - kim_ui_type_gui_builtin, - kim_ui_type_cli, - kim_ui_type_none -}; - -enum kim_ui_error_type { - kim_ui_error_type_authentication, - kim_ui_error_type_change_password, - kim_ui_error_type_selection, - kim_ui_error_type_generic -}; - -/* declare struct on stack. Deep contents will be freed by kim_ui_fini. */ -typedef struct kim_ui_context { - kim_boolean initialized; - enum kim_ui_type type; - void *tcontext; - kim_identity identity; - kim_count prompt_count; - kim_string password_to_save; -} kim_ui_context; - - - -kim_error kim_ui_init (kim_ui_context *io_context); - -kim_error kim_ui_enter_identity (kim_ui_context *in_context, - kim_options io_options, - kim_identity *out_identity, - kim_boolean *out_change_password); - -kim_error kim_ui_select_identity (kim_ui_context *in_context, - kim_selection_hints io_hints, - kim_identity *out_identity, - kim_boolean *out_change_password); - -krb5_error_code kim_ui_prompter (krb5_context in_krb5_context, - void *in_context, - const char *in_name, - const char *in_banner, - int in_num_prompts, - krb5_prompt in_prompts[]); - -kim_error kim_ui_change_password (kim_ui_context *in_context, - kim_identity in_identity, - kim_boolean in_old_password_expired, - char **out_old_password, - char **out_new_password, - char **out_verify_password); - -/* Helper function */ -kim_error kim_ui_handle_kim_error (kim_ui_context *in_context, - kim_identity in_identity, - enum kim_ui_error_type in_type, - kim_error in_error); - -kim_error kim_ui_handle_error (kim_ui_context *in_context, - kim_identity in_identity, - kim_error in_error, - kim_string in_error_message, - kim_string in_error_description); - -void kim_ui_free_string (kim_ui_context *in_context, - char **io_string); - -kim_error kim_ui_fini (kim_ui_context *io_context); - -#endif /* KIM_UI_PRIVATE_H */ diff --git a/src/kim/lib/mac/KerberosLogin.c b/src/kim/lib/mac/KerberosLogin.c deleted file mode 100644 index 78f0ddd85..000000000 --- a/src/kim/lib/mac/KerberosLogin.c +++ /dev/null @@ -1,1859 +0,0 @@ -/* kim/lib/mac/KerberosLogin.c */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifdef KIM_TO_KLL_SHIM - -#include "CredentialsCache.h" -#include "KerberosLogin.h" -#include "KerberosLoginPrivate.h" -#include <kim/kim.h> -#include "kim_private.h" -#include "k5-thread.h" -#include <time.h> - -/* - * Deprecated Error codes - */ -enum { - /* Carbon Dialog errors */ - klDialogDoesNotExistErr = 19676, - klDialogAlreadyExistsErr, - klNotInForegroundErr, - klNoAppearanceErr, - klFatalDialogErr, - klCarbonUnavailableErr -}; - -krb5_get_init_creds_opt *__KLLoginOptionsGetKerberos5Options (KLLoginOptions ioOptions); -KLTime __KLLoginOptionsGetStartTime (KLLoginOptions ioOptions); -char *__KLLoginOptionsGetServiceName (KLLoginOptions ioOptions); - - -/* ------------------------------------------------------------------------ */ - -static KLStatus kl_check_error_ (kim_error inError, const char *function, const char *file, int line) -{ - kim_error err = inError; - - switch (err) { - case ccNoError: - err = klNoErr; - break; - - case ccErrBadName: - err = klPrincipalDoesNotExistErr; - break; - - case ccErrCCacheNotFound: - err = klCacheDoesNotExistErr; - break; - - case ccErrCredentialsNotFound: - err = klNoCredentialsErr; - break; - - case KIM_OUT_OF_MEMORY_ERR: - case ccErrNoMem: - err = klMemFullErr; - break; - - case ccErrBadCredentialsVersion: - err = klInvalidVersionErr; - break; - - case KIM_NULL_PARAMETER_ERR: - case ccErrBadParam: - case ccIteratorEnd: - case ccErrInvalidContext: - case ccErrInvalidCCache: - case ccErrInvalidString: - case ccErrInvalidCredentials: - case ccErrInvalidCCacheIterator: - case ccErrInvalidCredentialsIterator: - case ccErrInvalidLock: - case ccErrBadAPIVersion: - case ccErrContextLocked: - case ccErrContextUnlocked: - case ccErrCCacheLocked: - case ccErrCCacheUnlocked: - case ccErrBadLockType: - case ccErrNeverDefault: - err = klParameterErr; - break; - - case KIM_USER_CANCELED_ERR: - case KRB5_LIBOS_PWDINTR: - err = klUserCanceledErr; - break; - } - - if (err) { - kim_debug_printf ("%s() remapped %d to %d ('%s') at %s: %d", - function, inError, err, kim_error_message (err), - file, line); - } - - return err; -} -#define kl_check_error(err) kl_check_error_(err, __FUNCTION__, __FILE__, __LINE__) - -/* ------------------------------------------------------------------------ */ - -KLStatus KLAcquireTickets (KLPrincipal inPrincipal, - KLPrincipal *outPrincipal, - char **outCredCacheName) -{ - return kl_check_error (KLAcquireInitialTickets (inPrincipal, - NULL, - outPrincipal, - outCredCacheName)); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLAcquireNewTickets (KLPrincipal inPrincipal, - KLPrincipal *outPrincipal, - char **outCredCacheName) -{ - return kl_check_error (KLAcquireNewInitialTickets (inPrincipal, - NULL, - outPrincipal, - outCredCacheName)); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLAcquireTicketsWithPassword (KLPrincipal inPrincipal, - KLLoginOptions inLoginOptions, - const char *inPassword, - char **outCredCacheName) -{ - return kl_check_error (KLAcquireInitialTicketsWithPassword (inPrincipal, - inLoginOptions, - inPassword, - outCredCacheName)); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLAcquireNewTicketsWithPassword (KLPrincipal inPrincipal, - KLLoginOptions inLoginOptions, - const char *inPassword, - char **outCredCacheName) -{ - return kl_check_error (KLAcquireNewInitialTicketsWithPassword (inPrincipal, - inLoginOptions, - inPassword, - outCredCacheName)); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLSetApplicationOptions (const void *inAppOptions) -{ - /* Deprecated */ - return kl_check_error (klNoErr); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLGetApplicationOptions (void *outAppOptions) -{ - /* Deprecated -- this function took a struct declared on the caller's - * stack. It used to fill in the struct with information about the - * Mac OS 9 dialog used for automatic prompting. Since there is no - * way for us provide valid values, just leave the struct untouched - * and return a reasonable error. */ - return kl_check_error (klDialogDoesNotExistErr); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLAcquireInitialTickets (KLPrincipal inPrincipal, - KLLoginOptions inLoginOptions, - KLPrincipal *outPrincipal, - char **outCredCacheName) -{ - kim_error err = KIM_NO_ERROR; - kim_ccache ccache = NULL; - kim_string name = NULL; - kim_identity identity = NULL; - - if (!err) { - err = kim_ccache_create_new_if_needed (&ccache, - inPrincipal, - inLoginOptions); - } - - if (!err && outPrincipal) { - err = kim_ccache_get_client_identity (ccache, &identity); - } - - if (!err && outCredCacheName) { - err = kim_ccache_get_display_name (ccache, &name); - } - - if (!err) { - if (outPrincipal) { - *outPrincipal = identity; - identity = NULL; - } - if (outCredCacheName) { - *outCredCacheName = (char *) name; - name = NULL; - } - } - - kim_string_free (&name); - kim_identity_free (&identity); - kim_ccache_free (&ccache); - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLAcquireNewInitialTickets (KLPrincipal inPrincipal, - KLLoginOptions inLoginOptions, - KLPrincipal *outPrincipal, - char **outCredCacheName) -{ - kim_error err = KIM_NO_ERROR; - kim_ccache ccache = NULL; - kim_string name = NULL; - kim_identity identity = NULL; - - err = kim_ccache_create_new (&ccache, inPrincipal, inLoginOptions); - - if (!err && outPrincipal) { - err = kim_ccache_get_client_identity (ccache, &identity); - } - - if (!err && outCredCacheName) { - err = kim_ccache_get_display_name (ccache, &name); - } - - if (!err) { - if (outPrincipal) { - *outPrincipal = identity; - identity = NULL; - } - if (outCredCacheName) { - *outCredCacheName = (char *) name; - name = NULL; - } - } - - kim_string_free (&name); - kim_identity_free (&identity); - kim_ccache_free (&ccache); - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLDestroyTickets (KLPrincipal inPrincipal) -{ - kim_error err = KIM_NO_ERROR; - kim_ccache ccache = NULL; - - if (!err) { - err = kim_ccache_create_from_client_identity (&ccache, inPrincipal); - } - - if (!err) { - err = kim_ccache_destroy (&ccache); - } - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLChangePassword (KLPrincipal inPrincipal) -{ - return kl_check_error (kim_identity_change_password (inPrincipal)); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLAcquireInitialTicketsWithPassword (KLPrincipal inPrincipal, - KLLoginOptions inLoginOptions, - const char *inPassword, - char **outCredCacheName) -{ - kim_error err = KIM_NO_ERROR; - kim_ccache ccache = NULL; - - if (!err) { - err = kim_ccache_create_new_if_needed_with_password (&ccache, - inPrincipal, - inLoginOptions, - inPassword); - } - - if (!err && outCredCacheName) { - err = kim_ccache_get_display_name (ccache, - (kim_string *) outCredCacheName); - } - - kim_ccache_free (&ccache); - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLAcquireNewInitialTicketsWithPassword (KLPrincipal inPrincipal, - KLLoginOptions inLoginOptions, - const char *inPassword, - char **outCredCacheName) -{ - kim_error err = KIM_NO_ERROR; - kim_ccache ccache = NULL; - - err = kim_ccache_create_new_with_password (&ccache, - inPrincipal, - inLoginOptions, - inPassword); - - if (!err && outCredCacheName) { - err = kim_ccache_get_display_name (ccache, - (kim_string *) outCredCacheName); - } - - kim_ccache_free (&ccache); - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLAcquireNewInitialTicketCredentialsWithPassword (KLPrincipal inPrincipal, - KLLoginOptions inLoginOptions, - const char *inPassword, - krb5_context inV5Context, - KLBoolean *outGotV4Credentials, - KLBoolean *outGotV5Credentials, - void *outV4Credentials, - krb5_creds *outV5Credentials) -{ - kim_error err = KIM_NO_ERROR; - kim_credential credential = NULL; - krb5_creds *creds = NULL; - - if (!err) { - err = kim_credential_create_new_with_password (&credential, - inPrincipal, - inLoginOptions, - inPassword); - } - - if (!err) { - err = kim_credential_get_krb5_creds (credential, - inV5Context, - &creds); - } - - if (!err) { - *outGotV5Credentials = 1; - *outGotV4Credentials = 0; - *outV5Credentials = *creds; - free (creds); /* eeeew */ - creds = NULL; - } - - kim_credential_free (&credential); - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLStoreNewInitialTicketCredentials (KLPrincipal inPrincipal, - krb5_context inV5Context, - void *inV4Credentials, - krb5_creds *inV5Credentials, - char **outCredCacheName) -{ - kim_error err = KIM_NO_ERROR; - kim_credential credential = NULL; - kim_ccache ccache = NULL; - - err = kim_credential_create_from_krb5_creds (&credential, - inV5Context, - inV5Credentials); - - if (!err) { - err = kim_credential_store (credential, inPrincipal, &ccache); - } - - if (!err && outCredCacheName) { - err = kim_ccache_get_display_name (ccache, - (kim_string *) outCredCacheName); - } - - kim_ccache_free (&ccache); - kim_credential_free (&credential); - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLVerifyInitialTickets (KLPrincipal inPrincipal, - KLBoolean inFailIfNoHostKey, - char **outCredCacheName) -{ - kim_error err = KIM_NO_ERROR; - kim_ccache ccache = NULL; - - err = kim_ccache_create_from_client_identity (&ccache, inPrincipal); - - if (!err) { - err = kim_ccache_verify (ccache, - KIM_IDENTITY_ANY, - NULL, - inFailIfNoHostKey); - } - - if (!err && outCredCacheName) { - err = kim_ccache_get_display_name (ccache, - (kim_string *) outCredCacheName); - } - - kim_ccache_free (&ccache); - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLVerifyInitialTicketCredentials (void *inV4Credentials, - krb5_creds *inV5Credentials, - KLBoolean inFailIfNoHostKey) -{ - kim_error err = KIM_NO_ERROR; - kim_credential credential = NULL; - krb5_context context = NULL; - - err = krb5_error (NULL, krb5_init_context (&context)); - - if (!err) { - err = kim_credential_create_from_krb5_creds (&credential, - context, - inV5Credentials); - } - - if (!err) { - err = kim_credential_verify (credential, KIM_IDENTITY_ANY, - NULL, inFailIfNoHostKey); - } - - if (context) { krb5_free_context (context); } - kim_credential_free (&credential); - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLAcquireNewInitialTicketsWithKeytab (KLPrincipal inPrincipal, - KLLoginOptions inLoginOptions, - const char *inKeytabName, - char **outCredCacheName) -{ - kim_error err = KIM_NO_ERROR; - kim_ccache ccache = NULL; - - err = kim_ccache_create_from_keytab (&ccache, - inPrincipal, - inLoginOptions, - inKeytabName); - - if (!err && outCredCacheName) { - err = kim_ccache_get_display_name (ccache, - (kim_string *) outCredCacheName); - } - - kim_ccache_free (&ccache); - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLRenewInitialTickets (KLPrincipal inPrincipal, - KLLoginOptions inLoginOptions, - KLPrincipal *outPrincipal, - char **outCredCacheName) -{ - kim_error err = KIM_NO_ERROR; - kim_ccache ccache = NULL; - kim_string name = NULL; - kim_identity identity = NULL; - - err = kim_ccache_create_from_client_identity (&ccache, inPrincipal); - - if (!err) { - err = kim_ccache_renew (ccache, inLoginOptions); - } - - if (!err && outPrincipal) { - err = kim_ccache_get_client_identity (ccache, &identity); - } - - if (!err && outCredCacheName) { - err = kim_ccache_get_display_name (ccache, &name); - } - - if (!err) { - if (outPrincipal) { - *outPrincipal = identity; - identity = NULL; - } - if (outCredCacheName) { - *outCredCacheName = (char *) name; - name = NULL; - } - } - - kim_string_free (&name); - kim_identity_free (&identity); - kim_ccache_free (&ccache); - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLValidateInitialTickets (KLPrincipal inPrincipal, - KLLoginOptions inLoginOptions, - char **outCredCacheName) -{ - kim_error err = KIM_NO_ERROR; - kim_ccache ccache = NULL; - - err = kim_ccache_create_from_client_identity (&ccache, inPrincipal); - - if (!err) { - err = kim_ccache_validate (ccache, inLoginOptions); - } - - if (!err && outCredCacheName) { - err = kim_ccache_get_display_name (ccache, - (kim_string *) outCredCacheName); - } - - kim_ccache_free (&ccache); - - return kl_check_error (err); -} - -static cc_time_t g_cc_change_time = 0; -static KLTime g_kl_change_time = 0; -static k5_mutex_t g_change_time_mutex = K5_MUTEX_PARTIAL_INITIALIZER; - -MAKE_INIT_FUNCTION(kim_change_time_init); -MAKE_FINI_FUNCTION(kim_change_time_fini); - -/* ------------------------------------------------------------------------ */ - -static int kim_change_time_init (void) -{ - g_kl_change_time = time (NULL); - - return k5_mutex_finish_init(&g_change_time_mutex); -} - -/* ------------------------------------------------------------------------ */ - -static void kim_change_time_fini (void) -{ - if (!INITIALIZER_RAN (kim_change_time_init) || PROGRAM_EXITING ()) { - return; - } - - k5_mutex_destroy(&g_change_time_mutex); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLLastChangedTime (KLTime *outLastChangedTime) -{ - KLStatus err = CALL_INIT_FUNCTION (kim_change_time_init); - kim_error mutex_err = KIM_NO_ERROR; - cc_context_t context = NULL; - cc_time_t ccChangeTime = 0; - - if (!err && !outLastChangedTime) { err = kl_check_error (klParameterErr); } - - if (!err) { - mutex_err = k5_mutex_lock (&g_change_time_mutex); - if (mutex_err) { err = mutex_err; } - } - - if (!err) { - err = cc_initialize (&context, ccapi_version_4, NULL, NULL); - } - - if (!err) { - err = cc_context_get_change_time (context, &ccChangeTime); - } - - if (!err) { - /* cc_context_get_change_time returns 0 if there are no tickets - * but KLLastChangedTime always returned the current time. So - * fake the current time if cc_context_get_change_time returns 0. */ - if (ccChangeTime > g_cc_change_time) { - /* changed, make sure g_kl_change_time increases in value */ - if (ccChangeTime > g_kl_change_time) { - g_kl_change_time = ccChangeTime; - } else { - g_kl_change_time++; /* we got ahead of the ccapi, just increment */ - } - g_cc_change_time = ccChangeTime; - } - - *outLastChangedTime = g_kl_change_time; - } - - if (context ) { cc_context_release (context); } - if (!mutex_err) { k5_mutex_unlock (&g_change_time_mutex); } - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLCacheHasValidTickets (KLPrincipal inPrincipal, - KLKerberosVersion inKerberosVersion, - KLBoolean *outFoundValidTickets, - KLPrincipal *outPrincipal, - char **outCredCacheName) -{ - kim_error err = KIM_NO_ERROR; - kim_ccache ccache = NULL; - kim_credential_state state = kim_credentials_state_valid; - kim_identity identity = NULL; - kim_string name = NULL; - - if (!outFoundValidTickets) { err = kl_check_error (klParameterErr); } - - if (!err) { - err = kim_ccache_create_from_client_identity (&ccache, inPrincipal); - } - - if (!err) { - err = kim_ccache_get_state (ccache, &state); - } - - if (!err && outPrincipal) { - err = kim_ccache_get_client_identity (ccache, &identity); - if (err) { - err = KIM_NO_ERROR; - identity = NULL; - } - } - - if (!err && outCredCacheName) { - err = kim_ccache_get_display_name (ccache, &name); - } - - if (!err) { - *outFoundValidTickets = (state == kim_credentials_state_valid); - if (outPrincipal) { - *outPrincipal = identity; - identity = NULL; - } - if (outCredCacheName) { - *outCredCacheName = (char *) name; - name = NULL; - } - } - - kim_string_free (&name); - kim_identity_free (&identity); - kim_ccache_free (&ccache); - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLTicketStartTime (KLPrincipal inPrincipal, - KLKerberosVersion inKerberosVersion, - KLTime *outStartTime) -{ - kim_error err = KIM_NO_ERROR; - kim_ccache ccache = NULL; - kim_time start_time = 0; - - if (!err) { - err = kim_ccache_create_from_client_identity (&ccache, inPrincipal); - } - - if (!err) { - err = kim_ccache_get_start_time (ccache, &start_time); - } - - if (!err) { - *outStartTime = start_time; - } - - kim_ccache_free (&ccache); - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLTicketExpirationTime (KLPrincipal inPrincipal, - KLKerberosVersion inKerberosVersion, - KLTime *outExpirationTime) -{ - kim_error err = KIM_NO_ERROR; - kim_ccache ccache = NULL; - kim_time expiration_time = 0; - - if (!err) { - err = kim_ccache_create_from_client_identity (&ccache, inPrincipal); - } - - if (!err) { - err = kim_ccache_get_expiration_time (ccache, &expiration_time); - } - - if (!err) { - *outExpirationTime = expiration_time; - } - - kim_ccache_free (&ccache); - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLSetSystemDefaultCache (KLPrincipal inPrincipal) -{ - kim_error err = KIM_NO_ERROR; - kim_ccache ccache = NULL; - - if (!err) { - err = kim_ccache_create_from_client_identity (&ccache, inPrincipal); - } - - if (!err) { - err = kim_ccache_set_default (ccache); - } - - kim_ccache_free (&ccache); - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLHandleError (KLStatus inError, - KLDialogIdentifier inDialogIdentifier, - KLBoolean inShowAlert) -{ - kim_error err = KIM_NO_ERROR; - kim_ui_context context; - kim_boolean ui_inited = 0; - - if (!err) { - err = kim_ui_init (&context); - if (!err) { ui_inited = 1; } - } - - if (!err) { - int type = kim_ui_error_type_generic; - - switch (inDialogIdentifier) { - case loginLibrary_LoginDialog: - type = kim_ui_error_type_authentication; - break; - case loginLibrary_ChangePasswordDialog: - type = kim_ui_error_type_change_password; - break; - default: - type = kim_ui_error_type_generic; - break; - } - - err = kim_ui_handle_kim_error (&context, - KIM_IDENTITY_ANY, type, inError); - } - - if (ui_inited) { - kim_error fini_err = kim_ui_fini (&context); - if (!err) { err = kl_check_error (fini_err); } - } - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLGetErrorString (KLStatus inError, - char **outErrorString) -{ - return kl_check_error (kim_string_create_for_last_error ((kim_string *) outErrorString, - inError)); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLCancelAllDialogs (void) -{ - return kl_check_error (klNoErr); -} - -/* ------------------------------------------------------------------------ */ - -/* Kerberos change password dialog low level functions */ - -KLStatus KLChangePasswordWithPasswords (KLPrincipal inPrincipal, - const char *inOldPassword, - const char *inNewPassword, - KLBoolean *outRejected, - char **outRejectionError, - char **outRejectionDescription) -{ - kim_error err = KIM_NO_ERROR; - kim_credential credential = NULL; - kim_ui_context context; - kim_boolean ui_inited = 0; - kim_error rejected_err = KIM_NO_ERROR; - kim_string rejected_message = NULL; - kim_string rejected_description = NULL; - - if (!inOldPassword) { err = kl_check_error (klParameterErr); } - if (!inNewPassword) { err = kl_check_error (klParameterErr); } - if (!outRejected ) { err = kl_check_error (klParameterErr); } - - if (!err) { - err = kim_ui_init (&context); - if (!err) { ui_inited = 1; } - } - - if (!err) { - kim_boolean was_prompted = 0; - - err = kim_credential_create_for_change_password (&credential, - inPrincipal, - inOldPassword, - &context, - &was_prompted); - } - - if (!err) { - err = kim_identity_change_password_with_credential (inPrincipal, - credential, - inNewPassword, - &context, - &rejected_err, - &rejected_message, - &rejected_description); - } - - if (!err) { - *outRejected = (rejected_err != 0); - if (rejected_err) { - if (outRejectionError) { - *outRejectionError = (char *) rejected_message; - rejected_message = NULL; - } - if (outRejectionDescription) { - *outRejectionDescription = (char *) rejected_description; - rejected_description = NULL; - } - } - } - - if (ui_inited) { - kim_error fini_err = kim_ui_fini (&context); - if (!err) { err = kl_check_error (fini_err); } - } - - kim_string_free (&rejected_message); - kim_string_free (&rejected_description); - kim_credential_free (&credential); - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -/* Application Configuration functions */ - -KLStatus KLSetIdleCallback (const KLIdleCallback inCallback, - const KLRefCon inRefCon) -{ - return kl_check_error (klNoErr); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLGetIdleCallback (KLIdleCallback* inCallback, - KLRefCon* inRefCon) -{ - return kl_check_error (klNoErr); -} - -/* ------------------------------------------------------------------------ */ - -/* Library configuration functions */ -/* Deprecated options which we now ignore */ -enum { - loginOption_ShowOptions = 'sopt', - loginOption_RememberShowOptions = 'ropt', - loginOption_LongTicketLifetimeDisplay = 'hms ', - loginOption_RememberPassword = 'pass' -}; - - -/* ------------------------------------------------------------------------ */ - -KLStatus KLGetDefaultLoginOption (const KLDefaultLoginOption inOption, - void *ioBuffer, - KLSize *ioBufferSize) -{ - KLStatus err = klNoErr; - kim_preferences prefs = NULL; - KLSize targetSize = 0; - KLBoolean returnSizeOnly = (ioBuffer == NULL); - - if (!ioBufferSize) { err = kl_check_error (klParameterErr); } - - if (!err) { - err = kim_preferences_create (&prefs); - } - - if (!err && inOption == loginOption_LoginName) { - kim_identity identity = NULL; - kim_string string = ""; - - err = kim_preferences_get_client_identity (prefs, &identity); - - if (!err && identity) { - err = kim_identity_get_components_string (identity, &string); - } - - if (!err) { - targetSize = strlen (string); - if (!returnSizeOnly) { - if (*ioBufferSize < targetSize) { - err = kl_check_error (klBufferTooSmallErr); - } else if (targetSize > 0) { - memmove (ioBuffer, string, targetSize); - } - } - } - - if (string && string[0]) { kim_string_free (&string); } - - } else if (!err && inOption == loginOption_LoginInstance) { - targetSize = 0; /* Deprecated */ - - } else if (!err && (inOption == loginOption_ShowOptions || - inOption == loginOption_RememberShowOptions || - inOption == loginOption_LongTicketLifetimeDisplay || - inOption == loginOption_RememberPrincipal || - inOption == loginOption_RememberExtras || - inOption == loginOption_RememberPassword)) { - targetSize = sizeof(KLBoolean); - - if (!returnSizeOnly) { - kim_boolean boolean = 0; - - if (inOption == loginOption_ShowOptions || - inOption == loginOption_RememberShowOptions || - inOption == loginOption_LongTicketLifetimeDisplay) { - boolean = 1; /* Deprecated */ - - } else if (inOption == loginOption_RememberPrincipal) { - err = kim_preferences_get_remember_client_identity (prefs, &boolean); - - } else if (inOption == loginOption_RememberExtras) { - err = kim_preferences_get_remember_options (prefs, &boolean); - - } else if (inOption == loginOption_RememberPassword) { - boolean = kim_os_identity_allow_save_password (); - } - - if (!err) { - if (*ioBufferSize < targetSize) { - err = kl_check_error (klBufferTooSmallErr); - } else { - *(KLBoolean *)ioBuffer = boolean; - } - } - } - - } else if (!err && (inOption == loginOption_MinimalTicketLifetime || - inOption == loginOption_MaximalTicketLifetime || - inOption == loginOption_MinimalRenewableLifetime || - inOption == loginOption_MaximalRenewableLifetime)) { - targetSize = sizeof(KLLifetime); - - if (!returnSizeOnly) { - kim_lifetime lifetime = 0; - - if (inOption == loginOption_MinimalTicketLifetime) { - err = kim_preferences_get_minimum_lifetime (prefs, &lifetime); - - } else if (inOption == loginOption_MaximalTicketLifetime) { - err = kim_preferences_get_maximum_lifetime (prefs, &lifetime); - - } else if (inOption == loginOption_MinimalRenewableLifetime) { - err = kim_preferences_get_minimum_renewal_lifetime (prefs, &lifetime); - - } else if (inOption == loginOption_MaximalRenewableLifetime) { - err = kim_preferences_get_maximum_renewal_lifetime (prefs, &lifetime); - } - - if (!err) { - if (*ioBufferSize < targetSize) { - err = kl_check_error (klBufferTooSmallErr); - } else { - *(KLLifetime *)ioBuffer = lifetime; - } - } - } - - } else if (!err && (inOption == loginOption_DefaultRenewableTicket || - inOption == loginOption_DefaultForwardableTicket || - inOption == loginOption_DefaultProxiableTicket || - inOption == loginOption_DefaultAddresslessTicket)) { - targetSize = sizeof(KLBoolean); - - if (!returnSizeOnly) { - kim_options options = NULL; - kim_boolean boolean = 0; - - err = kim_preferences_get_options (prefs, &options); - - if (!err && inOption == loginOption_DefaultRenewableTicket) { - err = kim_options_get_renewable (options, &boolean); - - } else if (!err && inOption == loginOption_DefaultForwardableTicket) { - err = kim_options_get_forwardable (options, &boolean); - - } else if (!err && inOption == loginOption_DefaultProxiableTicket) { - err = kim_options_get_proxiable (options, &boolean); - - } else if (!err && inOption == loginOption_DefaultAddresslessTicket) { - err = kim_options_get_addressless (options, &boolean); - } - - if (!err) { - if (*ioBufferSize < targetSize) { - err = kl_check_error (klBufferTooSmallErr); - } else { - *(KLBoolean *)ioBuffer = boolean; - } - } - - kim_options_free (&options); - } - - - } else if (!err && (inOption == loginOption_DefaultTicketLifetime || - inOption == loginOption_DefaultRenewableLifetime)) { - targetSize = sizeof(KLLifetime); - - if (!returnSizeOnly) { - kim_options options = NULL; - kim_lifetime lifetime = 0; - - err = kim_preferences_get_options (prefs, &options); - - if (!err && inOption == loginOption_DefaultTicketLifetime) { - err = kim_options_get_lifetime (options, &lifetime); - - } else if (!err && inOption == loginOption_DefaultRenewableLifetime) { - err = kim_options_get_renewal_lifetime (options, &lifetime); - } - - if (!err) { - if (*ioBufferSize < targetSize) { - err = kl_check_error (klBufferTooSmallErr); - } else { - *(KLLifetime *)ioBuffer = lifetime; - } - } - - kim_options_free (&options); - } - - } else { - err = kl_check_error (klInvalidOptionErr); - } - - if (!err) { - *ioBufferSize = targetSize; - } - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLSetDefaultLoginOption (const KLDefaultLoginOption inOption, - const void *inBuffer, - const KLSize inBufferSize) -{ - KLStatus err = klNoErr; - kim_preferences prefs = NULL; - - if (inBuffer == NULL) { err = kl_check_error (klParameterErr); } - if (inBufferSize < 0) { err = kl_check_error (klParameterErr); } - - if (!err) { - err = kim_preferences_create (&prefs); - } - - if (!err && inOption == loginOption_LoginName) { - kim_identity old_identity = NULL; - kim_identity new_identity = NULL; - kim_string new_identity_string = NULL; - kim_string realm = NULL; - kim_string components = NULL; - - err = kim_string_create_from_buffer (&components, inBuffer, inBufferSize); - - if (!err) { - err = kim_preferences_get_client_identity (prefs, &old_identity); - - if (!err && old_identity) { - err = kim_identity_get_realm (old_identity, &realm); - } - } - - if (!err && realm) { - err = kim_string_create_from_format (&new_identity_string, - "%s@%s", components, realm); - } - - if (!err) { - err = kim_identity_create_from_string (&new_identity, - (new_identity_string ? - new_identity_string : - components)); - } - - if (!err) { - err = kim_preferences_set_client_identity (prefs, new_identity); - } - - kim_string_free (&components); - kim_string_free (&realm); - kim_string_free (&new_identity_string); - kim_identity_free (&old_identity); - kim_identity_free (&new_identity); - - } else if (!err && inOption == loginOption_LoginInstance) { - /* Ignored */ - - } else if (!err && (inOption == loginOption_ShowOptions || - inOption == loginOption_RememberShowOptions || - inOption == loginOption_LongTicketLifetimeDisplay || - inOption == loginOption_RememberPrincipal || - inOption == loginOption_RememberExtras || - inOption == loginOption_RememberPassword)) { - if (inBufferSize > sizeof (KLBoolean)) { - err = kl_check_error (klBufferTooLargeErr); - } else if (inBufferSize < sizeof (KLBoolean)) { - err = kl_check_error (klBufferTooSmallErr); - } - - if (!err && inOption == loginOption_RememberPrincipal) { - err = kim_preferences_set_remember_client_identity (prefs, *(KLBoolean *)inBuffer); - - } else if (!err && inOption == loginOption_RememberExtras) { - err = kim_preferences_set_remember_options (prefs, *(KLBoolean *)inBuffer); - } - - } else if (!err && (inOption == loginOption_MinimalTicketLifetime || - inOption == loginOption_MaximalTicketLifetime || - inOption == loginOption_MinimalRenewableLifetime || - inOption == loginOption_MaximalRenewableLifetime)) { - if (inBufferSize > sizeof (KLLifetime)) { - err = kl_check_error (klBufferTooLargeErr); - } else if (inBufferSize < sizeof (KLLifetime)) { - err = kl_check_error (klBufferTooSmallErr); - } - - if (!err && inOption == loginOption_MinimalTicketLifetime) { - err = kim_preferences_set_minimum_lifetime (prefs, *(KLLifetime *)inBuffer); - - } else if (!err && inOption == loginOption_MaximalTicketLifetime) { - err = kim_preferences_set_maximum_lifetime (prefs, *(KLLifetime *)inBuffer); - - } else if (!err && inOption == loginOption_MinimalRenewableLifetime) { - err = kim_preferences_set_minimum_renewal_lifetime (prefs, *(KLLifetime *)inBuffer); - - } else if (!err && inOption == loginOption_MaximalRenewableLifetime) { - err = kim_preferences_set_maximum_renewal_lifetime (prefs, *(KLLifetime *)inBuffer); - } - - } else if (!err && (inOption == loginOption_DefaultRenewableTicket || - inOption == loginOption_DefaultForwardableTicket || - inOption == loginOption_DefaultProxiableTicket || - inOption == loginOption_DefaultAddresslessTicket)) { - kim_options options = NULL; - - if (inBufferSize > sizeof (KLBoolean)) { - err = kl_check_error (klBufferTooLargeErr); - } else if (inBufferSize < sizeof (KLBoolean)) { - err = kl_check_error (klBufferTooSmallErr); - } - - if (!err) { - err = kim_preferences_get_options (prefs, &options); - } - - if (!err && inOption == loginOption_DefaultRenewableTicket) { - err = kim_options_set_renewable (options, *(KLBoolean *)inBuffer); - - } else if (!err && inOption == loginOption_DefaultForwardableTicket) { - err = kim_options_set_forwardable (options, *(KLBoolean *)inBuffer); - - } else if (!err && inOption == loginOption_DefaultProxiableTicket) { - err = kim_options_set_proxiable (options, *(KLBoolean *)inBuffer); - - } else if (!err && inOption == loginOption_DefaultAddresslessTicket) { - err = kim_options_set_addressless (options, *(KLBoolean *)inBuffer); - } - - if (!err) { - err = kim_preferences_set_options (prefs, options); - } - - kim_options_free (&options); - - } else if (!err && (inOption == loginOption_DefaultTicketLifetime || - inOption == loginOption_DefaultRenewableLifetime)) { - kim_options options = NULL; - - if (inBufferSize > sizeof (KLLifetime)) { - err = kl_check_error (klBufferTooLargeErr); - } else if (inBufferSize < sizeof (KLLifetime)) { - err = kl_check_error (klBufferTooSmallErr); - } - - if (!err) { - err = kim_preferences_get_options (prefs, &options); - } - - if (!err && inOption == loginOption_DefaultTicketLifetime) { - err = kim_options_set_lifetime (options, *(KLLifetime *)inBuffer); - - } else if (!err && inOption == loginOption_DefaultRenewableLifetime) { - err = kim_options_set_renewal_lifetime (options, *(KLLifetime *)inBuffer); - } - - if (!err) { - err = kim_preferences_set_options (prefs, options); - } - - kim_options_free (&options); - - } else { - err = kl_check_error (klInvalidOptionErr); - } - - if (!err) { - err = kim_preferences_synchronize (prefs); - } - - kim_preferences_free (&prefs); - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -/* Realm configuration functions */ - -KLStatus KLFindKerberosRealmByName (const char *inRealmName, - KLIndex *outIndex) -{ - kim_error err = KIM_NO_ERROR; - char *realm = NULL; - - if (!err) { - err = KLGetKerberosDefaultRealmByName (&realm); - } - - if (!err) { - if (!strcmp (inRealmName, realm)) { - *outIndex = 0; - } else { - err = kl_check_error (klRealmDoesNotExistErr); - } - } - - kim_string_free ((kim_string *) &realm); - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLGetKerberosRealm (KLIndex inIndex, - char **outRealmName) -{ - kim_error err = KIM_NO_ERROR; - - if (!outRealmName) { err = kl_check_error (klParameterErr); } - if (!err && inIndex != 0) { err = kl_check_error (klRealmDoesNotExistErr); } - - if (!err) { - err = KLGetKerberosDefaultRealmByName (outRealmName); - } - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLSetKerberosRealm (KLIndex inIndex, - const char *inRealmName) -{ - return kl_check_error (klNoErr); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLRemoveKerberosRealm (KLIndex inIndex) -{ - return kl_check_error (klNoErr); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLInsertKerberosRealm (KLIndex inInsertBeforeIndex, - const char *inRealmName) -{ - return kl_check_error (klNoErr); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLRemoveAllKerberosRealms (void) -{ - return kl_check_error (klNoErr); -} - -/* ------------------------------------------------------------------------ */ - -KLSize KLCountKerberosRealms (void) -{ - return 1; -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLGetKerberosDefaultRealm(KLIndex *outIndex) -{ - kim_error err = KIM_NO_ERROR; - - if (!outIndex) { err = kl_check_error (klParameterErr); } - - if (!err) { - *outIndex = 0; - } - - return kl_check_error (klNoErr); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLGetKerberosDefaultRealmByName (char **outRealmName) -{ - kim_error err = KIM_NO_ERROR; - krb5_context context = NULL; - char *realm = NULL; - - if (!outRealmName) { err = kl_check_error (klParameterErr); } - - if (!err) { - err = krb5_init_context (&context); - } - - if (!err) { - err = krb5_get_default_realm(context, &realm); - } - - if (!err) { - err = kim_string_copy ((kim_string *) outRealmName, realm); - } - - if (realm ) { krb5_free_default_realm (context, realm); } - if (context) { krb5_free_context (context); } - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLSetKerberosDefaultRealm (KLIndex inIndex) -{ - return kl_check_error (klNoErr); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLSetKerberosDefaultRealmByName (const char *inRealm) -{ - return kl_check_error (klNoErr); -} - -/* ------------------------------------------------------------------------ */ - -/* KLPrincipal functions */ - -KLStatus KLCreatePrincipalFromTriplet (const char *inName, - const char *inInstance, - const char *inRealm, - KLPrincipal *outPrincipal) -{ - if (inInstance && strlen (inInstance) > 0) { - return kl_check_error (kim_identity_create_from_components (outPrincipal, - inRealm, - inName, - inInstance, - NULL)); - } else { - return kl_check_error (kim_identity_create_from_components (outPrincipal, - inRealm, - inName, - NULL)); - } -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLCreatePrincipalFromString (const char *inFullPrincipal, - KLKerberosVersion inKerberosVersion, - KLPrincipal *outPrincipal) -{ - return kl_check_error (kim_identity_create_from_string (outPrincipal, - inFullPrincipal)); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLCreatePrincipalFromKerberos5Principal (krb5_principal inKerberos5Principal, - KLPrincipal *outPrincipal) -{ - return kl_check_error (kim_identity_create_from_krb5_principal (outPrincipal, - NULL, /* context */ - inKerberos5Principal)); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLCreatePrincipalFromPrincipal (KLPrincipal inPrincipal, - KLPrincipal *outPrincipal) -{ - return kl_check_error (kim_identity_copy (outPrincipal, inPrincipal)); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLGetTripletFromPrincipal (KLPrincipal inPrincipal, - char **outName, - char **outInstance, - char **outRealm) -{ - KLStatus err = klNoErr; - kim_string name = NULL; - kim_string instance = NULL; - kim_string realm = NULL; - kim_count count = 0; - - if (!inPrincipal) { return kl_check_error (klBadPrincipalErr); } - if (!outName ) { return kl_check_error (klParameterErr); } - if (!outInstance) { return kl_check_error (klParameterErr); } - if (!outRealm ) { return kl_check_error (klParameterErr); } - - if (!err) { - err = kim_identity_get_number_of_components (inPrincipal, &count); - if (!err && count > 2) { err = kl_check_error (klBadPrincipalErr); } - } - - if (!err) { - err = kim_identity_get_realm (inPrincipal, &realm); - } - - if (!err) { - err = kim_identity_get_component_at_index (inPrincipal, 0, &name); - } - - if (!err && count > 1) { - err = kim_identity_get_component_at_index (inPrincipal, 1, &instance); - } - - if (!err) { - *outName = (char *) name; - name = NULL; - *outInstance = (char *) instance; - instance = NULL; - *outRealm = (char *) realm; - realm = NULL; - } - - kim_string_free (&name); - kim_string_free (&instance); - kim_string_free (&realm); - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLGetStringFromPrincipal (KLPrincipal inPrincipal, - KLKerberosVersion inKerberosVersion, - char **outFullPrincipal) -{ - return kl_check_error (kim_identity_get_string (inPrincipal, - (kim_string *) outFullPrincipal)); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLGetDisplayStringFromPrincipal (KLPrincipal inPrincipal, - KLKerberosVersion inKerberosVersion, - char **outFullPrincipal) -{ - return kl_check_error (kim_identity_get_display_string (inPrincipal, - (kim_string *) outFullPrincipal)); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLComparePrincipal (KLPrincipal inFirstPrincipal, - KLPrincipal inSecondPrincipal, - KLBoolean *outAreEquivalent) -{ - kim_error err = KIM_NO_ERROR; - kim_comparison comparison; - - err = kim_identity_compare (inFirstPrincipal, inSecondPrincipal, - &comparison); - - if (!err) { - *outAreEquivalent = kim_comparison_is_equal_to (comparison); - } - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLDisposePrincipal (KLPrincipal inPrincipal) -{ - kim_identity_free (&inPrincipal); - return klNoErr; -} - -/* ------------------------------------------------------------------------ */ - -/* KLLoginOptions functions */ - -KLStatus KLCreateLoginOptions (KLLoginOptions *outOptions) -{ - return kl_check_error (kim_options_create (outOptions)); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLLoginOptionsSetTicketLifetime (KLLoginOptions ioOptions, - KLLifetime inTicketLifetime) -{ - return kl_check_error (kim_options_set_lifetime (ioOptions, inTicketLifetime)); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLLoginOptionsSetForwardable (KLLoginOptions ioOptions, - KLBoolean inForwardable) -{ - return kl_check_error (kim_options_set_forwardable (ioOptions, inForwardable)); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLLoginOptionsSetProxiable (KLLoginOptions ioOptions, - KLBoolean inProxiable) -{ - return kl_check_error (kim_options_set_proxiable (ioOptions, inProxiable)); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLLoginOptionsSetRenewableLifetime (KLLoginOptions ioOptions, - KLLifetime inRenewableLifetime) -{ - KLStatus err = klNoErr; - - err = kim_options_set_renewable (ioOptions, inRenewableLifetime > 0); - - if (!err && inRenewableLifetime > 0) { - err = kim_options_set_renewal_lifetime (ioOptions, inRenewableLifetime); - } - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLLoginOptionsSetAddressless (KLLoginOptions ioOptions, - KLBoolean inAddressless) -{ - return kl_check_error (kim_options_set_addressless (ioOptions, inAddressless)); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLLoginOptionsSetTicketStartTime (KLLoginOptions ioOptions, - KLTime inStartTime) -{ - return kl_check_error (kim_options_set_start_time (ioOptions, inStartTime)); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLLoginOptionsSetServiceName (KLLoginOptions ioOptions, - const char *inServiceName) -{ - return kl_check_error (kim_options_set_service_name (ioOptions, inServiceName)); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLDisposeLoginOptions(KLLoginOptions ioOptions) -{ - kim_options_free (&ioOptions); - return klNoErr; -} - -/* ------------------------------------------------------------------------ */ - -KLStatus KLDisposeString (char *inStringToDispose) -{ - kim_string_free ((kim_string *)&inStringToDispose); - return klNoErr; -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -KLStatus __KLSetApplicationPrompter (KLPrompterProcPtr inPrompter) -{ - /* Deprecated */ - return klNoErr; -} - -/* ------------------------------------------------------------------------ */ - -KLStatus __KLSetHomeDirectoryAccess (KLBoolean inAllowHomeDirectoryAccess) -{ - return kl_check_error (kim_library_set_allow_home_directory_access (inAllowHomeDirectoryAccess)); -} - -/* ------------------------------------------------------------------------ */ - -KLBoolean __KLAllowHomeDirectoryAccess (void) -{ - return kim_library_allow_home_directory_access (); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus __KLSetAutomaticPrompting (KLBoolean inAllowAutomaticPrompting) -{ - return kl_check_error (kim_library_set_allow_automatic_prompting (inAllowAutomaticPrompting)); -} - -/* ------------------------------------------------------------------------ */ - -KLBoolean __KLAllowAutomaticPrompting (void) -{ - return kl_check_error (kim_library_allow_automatic_prompting ()); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus __KLSetPromptMechanism (KLPromptMechanism inPromptMechanism) -{ - kim_error err = KIM_NO_ERROR; - - if (inPromptMechanism == klPromptMechanism_None) { - err = kim_library_set_allow_automatic_prompting (0); - } else { - err = kim_library_set_allow_automatic_prompting (1); - } - - return kl_check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -KLPromptMechanism __KLPromptMechanism (void) -{ - kim_ui_environment environment = kim_library_ui_environment (); - - if (environment == KIM_UI_ENVIRONMENT_GUI) { - return klPromptMechanism_GUI; - } else if (environment == KIM_UI_ENVIRONMENT_CLI) { - return klPromptMechanism_CLI; - } - return klPromptMechanism_None; -} - -/* ------------------------------------------------------------------------ */ - -KLBoolean __KLAllowRememberPassword (void) -{ - return kl_check_error (kim_os_identity_allow_save_password ()); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus __KLCreatePrincipalFromTriplet (const char *inName, - const char *inInstance, - const char *inRealm, - KLKerberosVersion inKerberosVersion, - KLPrincipal *outPrincipal) -{ - return kl_check_error (kim_identity_create_from_components (outPrincipal, - inRealm, - inName, - inInstance, - NULL)); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus __KLGetTripletFromPrincipal (KLPrincipal inPrincipal, - KLKerberosVersion inKerberosVersion, - char **outName, - char **outInstance, - char **outRealm) -{ - return KLGetTripletFromPrincipal (inPrincipal, - outName, outInstance, outRealm); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus __KLCreatePrincipalFromKerberos5Principal (krb5_principal inPrincipal, - KLPrincipal *outPrincipal) -{ - return KLCreatePrincipalFromKerberos5Principal (inPrincipal, outPrincipal); - -} - -/* ------------------------------------------------------------------------ */ - -KLStatus __KLGetKerberos5PrincipalFromPrincipal (KLPrincipal inPrincipal, - krb5_context inContext, - krb5_principal *outKrb5Principal) -{ - return kl_check_error (kim_identity_get_krb5_principal (inPrincipal, - inContext, - outKrb5Principal)); -} - -/* ------------------------------------------------------------------------ */ - -KLBoolean __KLPrincipalIsTicketGrantingService (KLPrincipal inPrincipal) -{ - kim_boolean is_tgt = FALSE; - kim_error err = kim_identity_is_tgt_service (inPrincipal, &is_tgt); - - return !err ? is_tgt : FALSE; -} - -/* ------------------------------------------------------------------------ */ - -KLStatus __KLGetKeychainPasswordForPrincipal (KLPrincipal inPrincipal, - char **outPassword) -{ - return kl_check_error (kim_os_identity_get_saved_password (inPrincipal, - (kim_string *) outPassword)); -} - - -/* ------------------------------------------------------------------------ */ - -KLStatus __KLPrincipalSetKeychainPassword (KLPrincipal inPrincipal, - const char *inPassword) -{ - return kl_check_error (kim_os_identity_set_saved_password (inPrincipal, - inPassword)); -} - -/* ------------------------------------------------------------------------ */ - -KLStatus __KLRemoveKeychainPasswordForPrincipal (KLPrincipal inPrincipal) -{ - return kl_check_error (kim_os_identity_remove_saved_password (inPrincipal)); -} - -#pragma mark - - -// --------------------------------------------------------------------------- - -krb5_get_init_creds_opt *__KLLoginOptionsGetKerberos5Options (KLLoginOptions ioOptions) -{ - return kim_options_init_cred_options (ioOptions); -} - -// --------------------------------------------------------------------------- - -KLTime __KLLoginOptionsGetStartTime (KLLoginOptions ioOptions) -{ - return kim_options_start_time (ioOptions); -} - -// --------------------------------------------------------------------------- - -char *__KLLoginOptionsGetServiceName (KLLoginOptions ioOptions) -{ - return kim_options_service_name (ioOptions); -} - - - -#endif /* KIM_TO_KLL_SHIM */ diff --git a/src/kim/lib/mac/KerberosLogin.exports b/src/kim/lib/mac/KerberosLogin.exports deleted file mode 100644 index 9fd85f41f..000000000 --- a/src/kim/lib/mac/KerberosLogin.exports +++ /dev/null @@ -1,107 +0,0 @@ - -# Public API: - -KLAcquireTickets -KLAcquireNewTickets -KLAcquireTicketsWithPassword -KLAcquireNewTicketsWithPassword - -KLAcquireInitialTickets -KLAcquireNewInitialTickets -KLAcquireInitialTicketsWithPassword -KLAcquireNewInitialTicketsWithPassword -KLAcquireNewInitialTicketCredentialsWithPassword -KLStoreNewInitialTicketCredentials - -KLVerifyInitialTickets -KLVerifyInitialTicketCredentials -KLAcquireNewInitialTicketsWithKeytab - -KLChangePassword -KLChangePasswordWithPasswords -KLRenewInitialTickets -KLValidateInitialTickets -KLDestroyTickets - -KLLastChangedTime -KLCacheHasValidTickets -KLTicketStartTime -KLTicketExpirationTime -KLSetSystemDefaultCache - -KLHandleError -KLGetErrorString - -KLCancelAllDialogs - -KLSetApplicationOptions -KLGetApplicationOptions - -KLSetIdleCallback -KLGetIdleCallback - -KLGetDefaultLoginOption -KLSetDefaultLoginOption - -KLFindKerberosRealmByName -KLGetKerberosRealm -KLSetKerberosRealm -KLRemoveKerberosRealm -KLInsertKerberosRealm -KLRemoveAllKerberosRealms -KLCountKerberosRealms -KLGetKerberosDefaultRealm -KLGetKerberosDefaultRealmByName -KLSetKerberosDefaultRealm -KLSetKerberosDefaultRealmByName - -KLCreatePrincipalFromTriplet -KLCreatePrincipalFromString -KLGetTripletFromPrincipal -KLGetStringFromPrincipal -KLGetDisplayStringFromPrincipal -KLComparePrincipal -KLDisposePrincipal - -KLCreateLoginOptions -KLLoginOptionsSetTicketLifetime -KLLoginOptionsSetForwardable -KLLoginOptionsSetProxiable -KLLoginOptionsSetRenewableLifetime -KLLoginOptionsSetAddressless -KLLoginOptionsSetTicketStartTime -KLLoginOptionsSetServiceName -KLDisposeLoginOptions - -KLDisposeString - -# Private APIs being used by external callers: - -#__KLChangePasswordWithPasswordsCompat -#__KLAcquireInitialTicketsForCache -#__KLPrompter - -__KLSetApplicationPrompter - -__KLSetHomeDirectoryAccess -__KLAllowHomeDirectoryAccess - -__KLSetAutomaticPrompting -__KLAllowAutomaticPrompting -__KLSetPromptMechanism -__KLPromptMechanism -__KLAllowRememberPassword - -__KLCreatePrincipalFromTriplet -__KLGetTripletFromPrincipal -__KLCreatePrincipalFromKerberos5Principal -__KLGetKerberos5PrincipalFromPrincipal -__KLPrincipalIsTicketGrantingService - -__KLGetKeychainPasswordForPrincipal -__KLPrincipalSetKeychainPassword -__KLRemoveKeychainPasswordForPrincipal - -__KLLoginOptionsGetKerberos5Options -__KLLoginOptionsGetStartTime -__KLLoginOptionsGetServiceName diff --git a/src/kim/lib/mac/KerberosLogin.h b/src/kim/lib/mac/KerberosLogin.h deleted file mode 100644 index 6d98c1878..000000000 --- a/src/kim/lib/mac/KerberosLogin.h +++ /dev/null @@ -1,456 +0,0 @@ -/* -* Copyright 2008 Massachusetts Institute of Technology. -* All Rights Reserved. -* -* Export of this software from the United States of America may -* require a specific license from the United States Government. -* It is the responsibility of any person or organization contemplating -* export to obtain such a license before exporting. -* -* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -* distribute this software and its documentation for any purpose and -* without fee is hereby granted, provided that the above copyright -* notice appear in all copies and that both that copyright notice and -* this permission notice appear in supporting documentation, and that -* the name of M.I.T. not be used in advertising or publicity pertaining -* to distribution of the software without specific, written prior -* permission. Furthermore if you modify this software you must label -* your software as modified software and not distribute it in such a -* fashion that it might be confused with the original M.I.T. software. -* M.I.T. makes no representations about the suitability of -* this software for any purpose. It is provided "as is" without express -* or implied warranty. -*/ - -#ifndef __KERBEROSLOGIN__ -#define __KERBEROSLOGIN__ - -#include <kim/kim.h> - -#if defined(macintosh) || (defined(__MACH__) && defined(__APPLE__)) -# include <TargetConditionals.h> -# if TARGET_RT_MAC_CFM -# error "Use KfM 4.0 SDK headers for CFM compilation." -# endif -#endif - -#if (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) >= 30203 -# define KERBEROSLOGIN_DEPRECATED __attribute__((deprecated)) -#else -# define KERBEROSLOGIN_DEPRECATED -#endif - -#include <sys/types.h> -#include <krb5.h> - -#ifdef __cplusplus -extern "C" { -#endif - -#if TARGET_OS_MAC -# pragma pack(push,2) -#endif - -/* - * Kerberos version constants - */ -enum { - kerberosVersion_Any = 0, - kerberosVersion_V4 = 1, - kerberosVersion_V5 = 2, - kerberosVersion_All = 0xFFFFFFFF -}; -typedef int32_t KLEKerberosVersion; - -/* - * Dialog identifier constants - */ -enum { - loginLibrary_LoginDialog, - loginLibrary_OptionsDialog, - loginLibrary_ChangePasswordDialog, - loginLibrary_ProgressDialog, - loginLibrary_PrompterDialog, - loginLibrary_UnknownDialog = -1 -}; -typedef int32_t KLEDialogIdentifiers; - - -/* - * Option identifier constants - */ -enum { - /* Initial values and ranges */ - loginOption_LoginName = 'name', - loginOption_LoginInstance = 'inst', - - loginOption_RememberPrincipal = 'prin', - loginOption_RememberExtras = 'extr', - - loginOption_MinimalTicketLifetime = '-lif', - loginOption_MaximalTicketLifetime = '+lif', - loginOption_DefaultTicketLifetime = '0lif', - - loginOption_DefaultRenewableTicket = '0rtx', - loginOption_MinimalRenewableLifetime = '-rlf', - loginOption_MaximalRenewableLifetime = '+rlf', - loginOption_DefaultRenewableLifetime = '0rlf', - - loginOption_DefaultForwardableTicket = '0fwd', - loginOption_DefaultProxiableTicket = '0prx', - loginOption_DefaultAddresslessTicket = '0adr' -}; -typedef int32_t KLEDefaultLoginOptions; - - -/* - * Realm list constants - */ -enum { - realmList_Start = 0, - realmList_End = 0xFFFF -}; -typedef int32_t KLERealmListIndexes; - -#define klFirstError 19276 -#define klLastError 19876 - -/* - * Error codes - */ -enum { - klNoErr = 0, - - /* Parameter errors */ - klParameterErr = 19276, - klBadPrincipalErr, - klBadPasswordErr, - klBadLoginOptionsErr, - klInvalidVersionErr, - klCapsLockErr, - klBadV5ContextErr, - - /* Get/SetKerberosOption errors */ - klBufferTooSmallErr = 19376, - klBufferTooLargeErr, - klInvalidOptionErr, - klBadOptionValueErr, - - /* Runtime Login errors */ - klUserCanceledErr = 19476, - klMemFullErr, - klPreferencesReadErr, - klPreferencesWriteErr, - klV5InitializationFailedErr, - klPrincipalDoesNotExistErr, - klSystemDefaultDoesNotExistErr, - klCredentialsExpiredErr, - klNoRealmsErr, - klRealmDoesNotExistErr, - klNoCredentialsErr, - klCredentialsBadAddressErr, - klCacheDoesNotExistErr, - klNoHostnameErr, - klCredentialsNeedValidationErr, - - /* Password changing errors */ - klPasswordMismatchErr = 19576, - klInsecurePasswordErr, - klPasswordChangeFailedErr, - - /* Login IPC errors */ - klCantContactServerErr = 19776, - klCantDisplayUIErr, - klServerInsecureErr - -}; -typedef int32_t KLEStatus; - -/* - * Types - */ - -typedef int32_t KLStatus; /* one of KLEStatus */ -typedef u_int32_t KLKerberosVersion; /* one of KLEKerberosVersion */ -typedef u_int32_t KLDefaultLoginOption; /* one of KLEDefaultLoginOptions */ -typedef u_int32_t KLLoginMode; /* one of KLELoginMode */ -typedef u_int32_t KLDialogIdentifier; /* one of KLEDialogIdentifiers */ -typedef u_int32_t KLIndex; /* index (used for the realm list) */ -typedef u_int32_t KLLifetime; /* Lifetime in seconds */ -typedef u_int32_t KLTime; /* Unix time (seconds since 1/1/1970 00:00:00 GMT) */ -typedef u_int32_t KLSize; /* size of a buffer */ -typedef u_int32_t KLRefCon; /* application ref con */ -typedef int8_t KLBoolean; /* true or false! (unsigned 8 byte value to match Boolean) */ -typedef int16_t KLSInt16; /* used for Darwin-compat for KLApplicationOptions */ - -/* Callback API for Kerberos Login Mach IPC idle filter */ -typedef void (*KLIdleCallback) (KLRefCon appData); -#define CallKLIdleCallback(userRoutine, appData) ((userRoutine) (appData)) - -/* Principal information */ -typedef kim_identity KLPrincipal; - -/* Login Options */ -typedef kim_options KLLoginOptions; - -/* - * - * Functions - * - */ - -/* Deprecated functions -- provided for compatibility with KfM 4.0 */ - -KLStatus KLAcquireTickets (KLPrincipal inPrincipal, - KLPrincipal *outPrincipal, - char **outCredCacheName) - KERBEROSLOGIN_DEPRECATED; - -KLStatus KLAcquireNewTickets (KLPrincipal inPrincipal, - KLPrincipal *outPrincipal, - char **outCredCacheName) - KERBEROSLOGIN_DEPRECATED; - -KLStatus KLAcquireTicketsWithPassword (KLPrincipal inPrincipal, - KLLoginOptions inLoginOptions, - const char *inPassword, - char **outCredCacheName) - KERBEROSLOGIN_DEPRECATED; - -KLStatus KLAcquireNewTicketsWithPassword (KLPrincipal inPrincipal, - KLLoginOptions inLoginOptions, - const char *inPassword, - char **outCredCacheName) - KERBEROSLOGIN_DEPRECATED; - -KLStatus KLSetApplicationOptions (const void *inAppOptions) - KERBEROSLOGIN_DEPRECATED; - -KLStatus KLGetApplicationOptions (void *outAppOptions) - KERBEROSLOGIN_DEPRECATED; - - -/* Kerberos Login high-level API */ -KLStatus KLAcquireInitialTickets (KLPrincipal inPrincipal, - KLLoginOptions inLoginOptions, - KLPrincipal *outPrincipal, - char **outCredCacheName); - -KLStatus KLAcquireNewInitialTickets (KLPrincipal inPrincipal, - KLLoginOptions inLoginOptions, - KLPrincipal *outPrincipal, - char **outCredCacheName); - -KLStatus KLDestroyTickets (KLPrincipal inPrincipal); - -KLStatus KLChangePassword (KLPrincipal inPrincipal); - - -/* Kerberos Login dialog low level functions */ - -KLStatus KLAcquireInitialTicketsWithPassword (KLPrincipal inPrincipal, - KLLoginOptions inLoginOptions, - const char *inPassword, - char **outCredCacheName); - -KLStatus KLAcquireNewInitialTicketsWithPassword (KLPrincipal inPrincipal, - KLLoginOptions inLoginOptions, - const char *inPassword, - char **outCredCacheName); - -KLStatus KLAcquireNewInitialTicketCredentialsWithPassword (KLPrincipal inPrincipal, - KLLoginOptions inLoginOptions, - const char *inPassword, - krb5_context inV5Context, - KLBoolean *outGotV4Credentials, - KLBoolean *outGotV5Credentials, - void *outV4Credentials, - krb5_creds *outV5Credentials); - -KLStatus KLStoreNewInitialTicketCredentials (KLPrincipal inPrincipal, - krb5_context inV5Context, - void *inV4Credentials, - krb5_creds *inV5Credentials, - char **outCredCacheName); - -KLStatus KLVerifyInitialTickets (KLPrincipal inPrincipal, - KLBoolean inFailIfNoHostKey, - char **outCredCacheName); - -KLStatus KLVerifyInitialTicketCredentials (void *inV4Credentials, - krb5_creds *inV5Credentials, - KLBoolean inFailIfNoHostKey); - -KLStatus KLAcquireNewInitialTicketsWithKeytab (KLPrincipal inPrincipal, - KLLoginOptions inLoginOptions, - const char *inKeytabName, - char **outCredCacheName); - -KLStatus KLRenewInitialTickets (KLPrincipal inPrincipal, - KLLoginOptions inLoginOptions, - KLPrincipal *outPrincipal, - char **outCredCacheName); - -KLStatus KLValidateInitialTickets (KLPrincipal inPrincipal, - KLLoginOptions inLoginOptions, - char **outCredCacheName); - -KLStatus KLLastChangedTime (KLTime *outLastChangedTime); - -KLStatus KLCacheHasValidTickets (KLPrincipal inPrincipal, - KLKerberosVersion inKerberosVersion, - KLBoolean *outFoundValidTickets, - KLPrincipal *outPrincipal, - char **outCredCacheName); - -KLStatus KLTicketStartTime (KLPrincipal inPrincipal, - KLKerberosVersion inKerberosVersion, - KLTime *outStartTime); - -KLStatus KLTicketExpirationTime (KLPrincipal inPrincipal, - KLKerberosVersion inKerberosVersion, - KLTime *outExpirationTime); - -KLStatus KLSetSystemDefaultCache (KLPrincipal inPrincipal); - -KLStatus KLHandleError (KLStatus inError, - KLDialogIdentifier inDialogIdentifier, - KLBoolean inShowAlert); - -KLStatus KLGetErrorString (KLStatus inError, - char **outErrorString); - -KLStatus KLCancelAllDialogs (void); - -/* Kerberos change password dialog low level functions */ - -KLStatus KLChangePasswordWithPasswords (KLPrincipal inPrincipal, - const char *inOldPassword, - const char *inNewPassword, - KLBoolean *outRejected, - char **outRejectionError, - char **outRejectionDescription); - -/* Application Configuration functions */ - -KLStatus KLSetIdleCallback (const KLIdleCallback inCallback, - const KLRefCon inRefCon); - -KLStatus KLGetIdleCallback (KLIdleCallback* inCallback, - KLRefCon* inRefCon); - -/* Library configuration functions */ - -KLStatus KLGetDefaultLoginOption (const KLDefaultLoginOption inOption, - void *ioBuffer, - KLSize *ioBufferSize); - -KLStatus KLSetDefaultLoginOption (const KLDefaultLoginOption inOption, - const void *inBuffer, - const KLSize inBufferSize); - -/* Realm configuration functions */ - -KLStatus KLFindKerberosRealmByName (const char *inRealmName, - KLIndex *outIndex); - -KLStatus KLGetKerberosRealm (KLIndex inIndex, - char **outRealmName); - -KLStatus KLSetKerberosRealm (KLIndex inIndex, - const char *inRealmName); - -KLStatus KLRemoveKerberosRealm (KLIndex inIndex); - -KLStatus KLInsertKerberosRealm (KLIndex inInsertBeforeIndex, - const char *inRealmName); - -KLStatus KLRemoveAllKerberosRealms (void); - -KLSize KLCountKerberosRealms (void); - -KLStatus KLGetKerberosDefaultRealm(KLIndex *outIndex); - -KLStatus KLGetKerberosDefaultRealmByName (char **outRealmName); - -KLStatus KLSetKerberosDefaultRealm (KLIndex inIndex); - -KLStatus KLSetKerberosDefaultRealmByName (const char *inRealm); - -/* KLPrincipal functions */ - -KLStatus KLCreatePrincipalFromTriplet (const char *inName, - const char *inInstance, - const char *inRealm, - KLPrincipal *outPrincipal); - -KLStatus KLCreatePrincipalFromString (const char *inFullPrincipal, - KLKerberosVersion inKerberosVersion, - KLPrincipal *outPrincipal); - -KLStatus KLCreatePrincipalFromKerberos5Principal (krb5_principal inKerberos5Principal, - KLPrincipal *outPrincipal); - -KLStatus KLCreatePrincipalFromPrincipal (KLPrincipal inPrincipal, - KLPrincipal *outPrincipal); - -KLStatus KLGetTripletFromPrincipal (KLPrincipal inPrincipal, - char **outName, - char **outInstance, - char **outRealm); - -KLStatus KLGetStringFromPrincipal (KLPrincipal inPrincipal, - KLKerberosVersion inKerberosVersion, - char **outFullPrincipal); - -KLStatus KLGetDisplayStringFromPrincipal (KLPrincipal inPrincipal, - KLKerberosVersion inKerberosVersion, - char **outFullPrincipal); - -KLStatus KLComparePrincipal (KLPrincipal inFirstPrincipal, - KLPrincipal inSecondPrincipal, - KLBoolean *outAreEquivalent); - -KLStatus KLDisposePrincipal (KLPrincipal inPrincipal); - -/* KLLoginOptions functions */ - -KLStatus KLCreateLoginOptions (KLLoginOptions *outOptions); - -KLStatus KLLoginOptionsSetTicketLifetime (KLLoginOptions ioOptions, - KLLifetime inTicketLifetime); - -KLStatus KLLoginOptionsSetForwardable (KLLoginOptions ioOptions, - KLBoolean inForwardable); - -KLStatus KLLoginOptionsSetProxiable (KLLoginOptions ioOptions, - KLBoolean inProxiable); - -KLStatus KLLoginOptionsSetRenewableLifetime (KLLoginOptions ioOptions, - KLLifetime inRenewableLifetime); - -KLStatus KLLoginOptionsSetAddressless (KLLoginOptions ioOptions, - KLBoolean inAddressless); - -KLStatus KLLoginOptionsSetTicketStartTime (KLLoginOptions ioOptions, - KLTime inStartTime); - -KLStatus KLLoginOptionsSetServiceName (KLLoginOptions ioOptions, - const char *inServiceName); - -KLStatus KLDisposeLoginOptions(KLLoginOptions ioOptions); - - -/* Misc function */ - -KLStatus KLDisposeString (char *inStringToDispose); - -#if TARGET_OS_MAC -# pragma pack(pop) -#endif - -#ifdef __cplusplus -} -#endif - -#endif /* __KERBEROSLOGIN__ */ diff --git a/src/kim/lib/mac/KerberosLoginErrors.et b/src/kim/lib/mac/KerberosLoginErrors.et deleted file mode 100755 index 22ee35274..000000000 --- a/src/kim/lib/mac/KerberosLoginErrors.et +++ /dev/null @@ -1,88 +0,0 @@ -# $Copyright: -# -# Copyrigh 1998-2008 by the Massachusetts Institute of Technology. -# -# All rights reserved. -# -# Permission to use, copy, modify, and distribute this software and its -# documentation for any purpose and without fee is hereby granted, -# provided that the above copyright notice appear in all copies and that -# both that copyright notice and this permission notice appear in -# supporting documentation, and that the name of M.I.T. not be used in -# advertising or publicity pertaining to distribution of the software -# without specific, written prior permission. Furthermore if you modify -# this software you must label your software as modified software and not -# distribute it in such a fashion that it might be confused with the -# original MIT software. M.I.T. makes no representations about the -# suitability of this software for any purpose. It is provided "as is" -# without express or implied warranty. -# -# THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED -# WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF -# MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. -# -# Individual source code files are copyright MIT, Cygnus Support, -# OpenVision, Oracle, Sun Soft, FundsXpress, and others. -# -# Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira, -# and Zephyr are trademarks of the Massachusetts Institute of Technology -# (MIT). No commercial use of these trademarks may be made without prior -# written permission of MIT. -# -# "Commercial use" means use of a name in a product or other for-profit -# manner. It does NOT prevent a commercial firm from referring to the MIT -# trademarks in order to convey information (although in doing so, -# recognition of their trademark status should be given). -# $ - -# $Header$ - -error_table_base 19276 -error_table_manager "Kerberos Login" -error_table KLL - -# 19276 -error_code klParameterErr, "Invalid argument" -error_code klBadPrincipalErr, "Invalid principal" -error_code klBadPasswordErr, "Invalid password argument" -error_code klBadLoginOptionsErr, "Invalid login options argument" -error_code klInvalidVersionErr, "Invalid Kerberos version (not 4 or 5)" -error_code klCapsLockErr, "Password Incorrect (check your Caps Lock)" -error_code klBadV5ContextErr, "Invalid Kerberos 5 context" - -# 19376 -index 100 -error_code klBufferTooSmallErr, "Kerberos default login option buffer too small" -error_code klBufferTooLargeErr, "Kerberos default login option buffer too large" -error_code klInvalidOptionErr, "Invalid Kerberos default login option" -error_code klBadOptionValueErr, "Invalid value for Kerberos default login option" - -# 19476 -index 200 -error_code klUserCanceledErr, "The user cancelled the operation" -error_code klMemFullErr, "Out of memory" -error_code klPreferencesReadErr, "Unable to read Kerberos Login preferences. The file may be missing, inaccessible or corrupted." -error_code klPreferencesWriteErr, "Unable to write Kerberos Login preferences. The file may be inaccessible." -error_code klV5InitializationFailedErr, "Unable to initialize Kerberos v5" -error_code klPrincipalDoesNotExistErr, "Principal does not exist" -error_code klSystemDefaultDoesNotExistErr, "The system default cache does not exist yet" -error_code klCredentialsExpiredErr, "Your tickets have expired" -error_code klNoRealmsErr, "There are no realms" -error_code klRealmDoesNotExistErr, "The specified realm is not in your configuration file or does not exist" -error_code klNoCredentialsErr, "You do not have tickets for this principal and Kerberos version" -error_code klCredentialsBadAddressErr, "The IP address(es) in your tickets do not match your computer's IP address" -error_code klCacheDoesNotExistErr, "The specified cache does not exist" -error_code klNoHostnameErr, "Unable to get local hostname or address information" -error_code klCredentialsNeedValidationErr, "Your tickets need to be validated." -# 19576 -index 300 -error_code klPasswordMismatchErr, "Password mismatch" -error_code klInsecurePasswordErr, "Your new password is insecure; please pick another one" -error_code klPasswordChangeFailedErr, "Kerberos password change failed." -# 19776 -index 500 -error_code klCantContactServerErr, "Can't find KerberosLoginServer" -error_code klCantDisplayUIErr, "Can't display user interface from this environment" -error_code klServerInsecureErr, "Fatal security error. Client/server effective uid mismatch!" - -end diff --git a/src/kim/lib/mac/KerberosLoginPrivate.h b/src/kim/lib/mac/KerberosLoginPrivate.h deleted file mode 100644 index 09048397f..000000000 --- a/src/kim/lib/mac/KerberosLoginPrivate.h +++ /dev/null @@ -1,122 +0,0 @@ -/* -* Copyright 1998-2008 Massachusetts Institute of Technology. -* All Rights Reserved. -* -* Export of this software from the United States of America may -* require a specific license from the United States Government. -* It is the responsibility of any person or organization contemplating -* export to obtain such a license before exporting. -* -* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -* distribute this software and its documentation for any purpose and -* without fee is hereby granted, provided that the above copyright -* notice appear in all copies and that both that copyright notice and -* this permission notice appear in supporting documentation, and that -* the name of M.I.T. not be used in advertising or publicity pertaining -* to distribution of the software without specific, written prior -* permission. Furthermore if you modify this software you must label -* your software as modified software and not distribute it in such a -* fashion that it might be confused with the original M.I.T. software. -* M.I.T. makes no representations about the suitability of -* this software for any purpose. It is provided "as is" without express -* or implied warranty. -*/ - -#ifndef __KERBEROSLOGINPRIVATE__ -#define __KERBEROSLOGINPRIVATE__ - -#if defined(macintosh) || (defined(__MACH__) && defined(__APPLE__)) -# include <TargetConditionals.h> -# if TARGET_RT_MAC_CFM -# error "Use KfM 4.0 SDK headers for CFM compilation." -# endif -#endif - -#include <Kerberos/KerberosLogin.h> -#include <Kerberos/krb5.h> - -#ifdef __cplusplus -extern "C" { -#endif - -enum { - klPromptMechanism_Autodetect = 0, - klPromptMechanism_GUI = 1, - klPromptMechanism_CLI = 2, - klPromptMechanism_None = 0xFFFFFFFF -}; -typedef uint32_t KLPromptMechanism; - -/*************/ -/*** Types ***/ -/*************/ - -#ifdef KERBEROSLOGIN_DEPRECATED - -typedef krb5_error_code (*KLPrompterProcPtr) (krb5_context context, - void *data, - const char *name, - const char *banner, - int num_prompts, - krb5_prompt prompts[]); -KLStatus __KLSetApplicationPrompter (KLPrompterProcPtr inPrompter); - -#endif /* KERBEROSLOGIN_DEPRECATED */ - -/*****************/ -/*** Functions ***/ -/*****************/ - -KLStatus __KLSetHomeDirectoryAccess (KLBoolean inAllowHomeDirectoryAccess); -KLBoolean __KLAllowHomeDirectoryAccess (void); - -KLStatus __KLSetAutomaticPrompting (KLBoolean inAllowAutomaticPrompting); -KLBoolean __KLAllowAutomaticPrompting (void); - -KLBoolean __KLAllowRememberPassword (void); - -KLStatus __KLSetPromptMechanism (KLPromptMechanism inPromptMechanism); -KLPromptMechanism __KLPromptMechanism (void); - -KLStatus __KLCreatePrincipalFromTriplet (const char *inName, - const char *inInstance, - const char *inRealm, - KLKerberosVersion inKerberosVersion, - KLPrincipal *outPrincipal); - -KLStatus __KLGetTripletFromPrincipal (KLPrincipal inPrincipal, - KLKerberosVersion inKerberosVersion, - char **outName, - char **outInstance, - char **outRealm); - -KLStatus __KLCreatePrincipalFromKerberos5Principal (krb5_principal inPrincipal, - KLPrincipal *outPrincipal); - -KLStatus __KLGetKerberos5PrincipalFromPrincipal (KLPrincipal inPrincipal, - krb5_context inContext, - krb5_principal *outKrb5Principal); - -KLStatus __KLGetRealmFromPrincipal (KLPrincipal inPrincipal, char **outRealm); - -KLBoolean __KLPrincipalIsTicketGrantingService (KLPrincipal inPrincipal); - -KLStatus __KLGetKeychainPasswordForPrincipal (KLPrincipal inPrincipal, - char **outPassword); - -KLStatus __KLPrincipalSetKeychainPassword (KLPrincipal inPrincipal, - const char *inPassword); - -KLStatus __KLRemoveKeychainPasswordForPrincipal (KLPrincipal inPrincipal); - -#if TARGET_OS_MAC -# if defined(__MWERKS__) -# pragma import reset -# endif -#endif - -#ifdef __cplusplus -} -#endif - -#endif /* __KERBEROSLOGINPRIVATE__ */ diff --git a/src/kim/lib/mac/kim_os_debug.c b/src/kim/lib/mac/kim_os_debug.c deleted file mode 100644 index 1119cb591..000000000 --- a/src/kim/lib/mac/kim_os_debug.c +++ /dev/null @@ -1,36 +0,0 @@ -/* kim/lib/mac/kim_os_debug.c */ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include <CoreServices/CoreServices.h> -#include <Kerberos/KerberosDebug.h> - -#include "kim_os_private.h" - -/* ------------------------------------------------------------------------ */ - -void kim_os_debug_print (kim_string in_string) -{ - dprintf (in_string); -} diff --git a/src/kim/lib/mac/kim_os_identity.c b/src/kim/lib/mac/kim_os_identity.c deleted file mode 100644 index fd08c6601..000000000 --- a/src/kim/lib/mac/kim_os_identity.c +++ /dev/null @@ -1,313 +0,0 @@ -/* kim/lib/mac/kim_os_identity.c */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include <pwd.h> -#include <unistd.h> -#include <Security/Security.h> - -#include "kim_os_private.h" - -/* ------------------------------------------------------------------------ */ - -kim_boolean kim_os_identity_allow_save_password (void) -{ - kim_boolean disabled = 0; - CFPropertyListRef disable_pref = NULL; - - disable_pref = CFPreferencesCopyValue (CFSTR ("SavePasswordDisabled"), - KIM_PREFERENCES_FILE, - kCFPreferencesAnyUser, - kCFPreferencesAnyHost); - if (!disable_pref) { - disable_pref = CFPreferencesCopyValue (CFSTR ("SavePasswordDisabled"), - KIM_PREFERENCES_FILE, - kCFPreferencesAnyUser, - kCFPreferencesCurrentHost); - } - - if (!disable_pref) { - disable_pref = CFPreferencesCopyValue (CFSTR ("SavePasswordDisabled"), - KA_PREFERENCES_FILE, - kCFPreferencesAnyUser, - kCFPreferencesAnyHost); - } - - if (!disable_pref) { - disable_pref = CFPreferencesCopyValue (CFSTR ("SavePasswordDisabled"), - KA_PREFERENCES_FILE, - kCFPreferencesAnyUser, - kCFPreferencesCurrentHost); - } - - disabled = (disable_pref && - CFGetTypeID (disable_pref) == CFBooleanGetTypeID () && - CFBooleanGetValue (disable_pref)); - - if (disable_pref) { CFRelease (disable_pref); } - - return !disabled; -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_identity_get_saved_password (kim_identity in_identity, - kim_string *out_password) -{ - kim_error err = KIM_NO_ERROR; - kim_string realm = NULL; - kim_string name = NULL; - void *buffer = NULL; - UInt32 length = 0; - - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_password) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err && !kim_library_allow_home_directory_access ()) { - err = check_error (ENOENT); /* simulate no password found */ - } - - if (!err && !kim_os_identity_allow_save_password ()) { - err = kim_os_identity_remove_saved_password (in_identity); - if (!err) { - err = check_error (ENOENT); /* simulate no password found */ - } - } - - if (!err) { - err = kim_identity_get_components_string (in_identity, &name); - } - - if (!err) { - err = kim_identity_get_realm (in_identity, &realm); - } - - if (!err) { - err = SecKeychainFindGenericPassword (nil, - strlen (realm), realm, - strlen (name), name, - &length, &buffer, - nil); - - if (!err && !buffer) { err = check_error (ENOENT); } - } - - if (!err) { - err = kim_string_create_from_buffer (out_password, buffer, length); - } - - kim_string_free (&name); - kim_string_free (&realm); - if (buffer) { SecKeychainItemFreeContent (NULL, buffer); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_identity_set_saved_password (kim_identity in_identity, - kim_string in_password) -{ - kim_error err = KIM_NO_ERROR; - kim_string realm = NULL; - kim_string name = NULL; - - if (!err && !in_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_password) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err && !kim_library_allow_home_directory_access ()) { - return KIM_NO_ERROR; /* simulate no error */ - } - - if (!err && !kim_os_identity_allow_save_password ()) { - return kim_os_identity_remove_saved_password (in_identity); - } - - if (!err) { - err = kim_identity_get_components_string (in_identity, &name); - } - - if (!err) { - err = kim_identity_get_realm (in_identity, &realm); - } - - if (!err) { - SecKeychainItemRef itemRef = NULL; - UInt32 namelen = strlen (name); - UInt32 realmlen = strlen (realm); - - /* Add the password to the keychain */ - err = SecKeychainAddGenericPassword (nil, - realmlen, realm, - namelen, name, - strlen (in_password), in_password, - &itemRef); - - if (err == errSecDuplicateItem) { - /* We've already stored a password for this principal - * but it might have changed so update it */ - void *buffer = NULL; - UInt32 length = 0; - - err = SecKeychainFindGenericPassword (nil, - realmlen, realm, - namelen, name, - &length, &buffer, - &itemRef); - - if (!err) { - SecKeychainAttribute attrs[] = { - { kSecAccountItemAttr, namelen, (char *) name }, - { kSecServiceItemAttr, realmlen, (char *) realm } }; - UInt32 count = sizeof(attrs) / sizeof(attrs[0]); - const SecKeychainAttributeList attrList = { count, attrs }; - - err = SecKeychainItemModifyAttributesAndData (itemRef, - &attrList, - strlen (in_password), - in_password); - } - - } else if (!err) { - /* We added a new entry, add a descriptive label */ - SecKeychainAttributeList *copiedAttrs = NULL; - SecKeychainAttributeInfo attrInfo; - UInt32 tag = 7; - UInt32 format = CSSM_DB_ATTRIBUTE_FORMAT_STRING; - kim_string label = NULL; - - attrInfo.count = 1; - attrInfo.tag = &tag; - attrInfo.format = &format; - - err = SecKeychainItemCopyAttributesAndData (itemRef, &attrInfo, - NULL, &copiedAttrs, - 0, NULL); - - if (!err) { - /* Label format used by Apple patches */ - err = kim_string_create_from_format (&label, "%s (%s)", - realm, name); - } - - if (!err) { - SecKeychainAttributeList attrList; - SecKeychainAttribute attr; - - /* Copy the tag they gave us and copy in our label */ - attr.tag = copiedAttrs->attr->tag; - attr.length = strlen (label); - attr.data = (char *) label; - - attrList.count = 1; - attrList.attr = &attr; - - /* And modify. */ - err = SecKeychainItemModifyAttributesAndData (itemRef, &attrList, - 0, NULL); - } - - if (label ) { kim_string_free (&label); } - if (copiedAttrs) { SecKeychainItemFreeAttributesAndData (copiedAttrs, NULL); } - } - - if (itemRef) { CFRelease (itemRef); } - } - - kim_string_free (&name); - kim_string_free (&realm); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_identity_remove_saved_password (kim_identity in_identity) -{ - kim_error err = KIM_NO_ERROR; - kim_string realm = NULL; - kim_string name = NULL; - - if (!err && !in_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err && !kim_library_allow_home_directory_access ()) { - return KIM_NO_ERROR; /* simulate no error */ - } - - if (!err) { - err = kim_identity_get_components_string (in_identity, &name); - } - - if (!err) { - err = kim_identity_get_realm (in_identity, &realm); - } - - if (!err) { - SecKeychainItemRef itemRef = NULL; - UInt32 namelen = strlen (name); - UInt32 realmlen = strlen (realm); - void *buffer = NULL; - UInt32 length = 0; - - err = SecKeychainFindGenericPassword (nil, - realmlen, realm, - namelen, name, - &length, &buffer, - &itemRef); - - if (!err) { - err = SecKeychainItemDelete (itemRef); - - } else if (err == errSecItemNotFound) { - err = KIM_NO_ERROR; /* No password not an error */ - } - - if (itemRef) { CFRelease (itemRef); } - } - - kim_string_free (&name); - kim_string_free (&realm); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_identity_create_for_username (kim_identity *out_identity) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !out_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - struct passwd *pw = getpwuid (getuid ()); - if (pw) { - err = kim_identity_create_from_string (out_identity, pw->pw_name); - } else { - *out_identity = KIM_IDENTITY_ANY; - } - } - - return check_error (err); -} diff --git a/src/kim/lib/mac/kim_os_library.c b/src/kim/lib/mac/kim_os_library.c deleted file mode 100644 index ac9c4aa42..000000000 --- a/src/kim/lib/mac/kim_os_library.c +++ /dev/null @@ -1,331 +0,0 @@ -/* kim/lib/mac/kim_os_library.c */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include <CoreFoundation/CoreFoundation.h> -#include <Security/AuthSession.h> -#include <mach-o/dyld.h> -#include "k5-int.h" -#include "k5-thread.h" -#include <krb5/krb5.h> - -#include "kim_os_private.h" - - -static k5_mutex_t g_bundle_lookup_mutex = K5_MUTEX_PARTIAL_INITIALIZER; - -MAKE_INIT_FUNCTION(kim_os_library_thread_init); -MAKE_FINI_FUNCTION(kim_os_library_thread_fini); - -/* ------------------------------------------------------------------------ */ - -static int kim_os_library_thread_init (void) -{ - kim_error err = KIM_NO_ERROR; - - if (!err) { - err = k5_mutex_finish_init (&g_bundle_lookup_mutex); - } - - return err; -} - -/* ------------------------------------------------------------------------ */ - -static void kim_os_library_thread_fini (void) -{ - if (!INITIALIZER_RAN (kim_os_library_thread_init) || PROGRAM_EXITING ()) { - return; - } - k5_mutex_destroy (&g_bundle_lookup_mutex); -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_library_lock_for_bundle_lookup (void) -{ - kim_error err = CALL_INIT_FUNCTION (kim_os_library_thread_init); - - if (!err) { - err = k5_mutex_lock (&g_bundle_lookup_mutex); - } - - return err; -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_library_unlock_for_bundle_lookup (void) -{ - kim_error err = CALL_INIT_FUNCTION (kim_os_library_thread_init); - - if (!err) { - err = k5_mutex_unlock (&g_bundle_lookup_mutex); - } - - return err; -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -kim_boolean kim_os_library_caller_uses_gui (void) -{ - kim_boolean caller_uses_gui = 0; - - /* Check for the HIToolbox (Carbon) or AppKit (Cocoa). - * If either is loaded, we are a GUI app! */ - CFBundleRef appKitBundle = CFBundleGetBundleWithIdentifier (CFSTR ("com.apple.AppKit")); - CFBundleRef hiToolBoxBundle = CFBundleGetBundleWithIdentifier (CFSTR ("com.apple.HIToolbox")); - - if (hiToolBoxBundle && CFBundleIsExecutableLoaded (hiToolBoxBundle)) { - caller_uses_gui = 1; /* Using Carbon */ - } - - if (appKitBundle && CFBundleIsExecutableLoaded (appKitBundle)) { - caller_uses_gui = 1; /* Using Cocoa */ - } - - return caller_uses_gui; -} - -/* ------------------------------------------------------------------------ */ - -kim_ui_environment kim_os_library_get_ui_environment (void) -{ -#ifdef KIM_BUILTIN_UI - kim_boolean has_gui_access = 0; - SessionAttributeBits sattrs = 0L; - - has_gui_access = ((SessionGetInfo (callerSecuritySession, - NULL, &sattrs) == noErr) && - (sattrs & sessionHasGraphicAccess)); - - if (has_gui_access && kim_os_library_caller_uses_gui ()) { - return KIM_UI_ENVIRONMENT_GUI; - } - - { - int fd_stdin = fileno (stdin); - int fd_stdout = fileno (stdout); - char *fd_stdin_name = ttyname (fd_stdin); - - /* Session info isn't reliable for remote sessions. - * Check manually for terminal access with file descriptors */ - if (isatty (fd_stdin) && isatty (fd_stdout) && fd_stdin_name) { - return KIM_UI_ENVIRONMENT_CLI; - } - } - - /* If we don't have a CLI but can talk to the GUI, use that */ - if (has_gui_access) { - return KIM_UI_ENVIRONMENT_GUI; - } - - kim_debug_printf ("kim_os_library_get_ui_environment(): no way to talk to the user."); -#endif - return KIM_UI_ENVIRONMENT_NONE; -} - -/* ------------------------------------------------------------------------ */ - -kim_boolean kim_os_library_caller_is_server (void) -{ - CFBundleRef mainBundle = CFBundleGetMainBundle (); - if (mainBundle) { - CFStringRef mainBundleID = CFBundleGetIdentifier (mainBundle); - if (mainBundleID) { - CFComparisonResult result; - result = CFStringCompare (mainBundleID, CFSTR(kim_os_agent_bundle_id), 0); - if (result == kCFCompareEqualTo) { - return TRUE; - } - } - } - - return FALSE; -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_library_get_application_path (kim_string *out_path) -{ - kim_error err = KIM_NO_ERROR; - kim_string path = NULL; - CFBundleRef bundle = CFBundleGetMainBundle (); - - if (!err && !out_path) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - /* Check if the caller is a bundle */ - if (!err && bundle) { - CFURLRef bundle_url = CFBundleCopyBundleURL (bundle); - CFURLRef resources_url = CFBundleCopyResourcesDirectoryURL (bundle); - CFURLRef executable_url = CFBundleCopyExecutableURL (bundle); - CFURLRef absolute_url = NULL; - CFStringRef cfpath = NULL; - - if (bundle_url && resources_url && !CFEqual (bundle_url, resources_url)) { - absolute_url = CFURLCopyAbsoluteURL (bundle_url); - } else if (executable_url) { - absolute_url = CFURLCopyAbsoluteURL (executable_url); - } - - if (absolute_url) { - cfpath = CFURLCopyFileSystemPath (absolute_url, - kCFURLPOSIXPathStyle); - if (!cfpath) { err = check_error (KIM_OUT_OF_MEMORY_ERR); } - } - - if (!err && cfpath) { - err = kim_os_string_create_from_cfstring (&path, cfpath); - } - - if (cfpath ) { CFRelease (cfpath); } - if (absolute_url ) { CFRelease (absolute_url); } - if (bundle_url ) { CFRelease (bundle_url); } - if (resources_url ) { CFRelease (resources_url); } - if (executable_url) { CFRelease (executable_url); } - } - - /* Caller is not a bundle, try _NSGetExecutablePath */ - /* Note: this does not work on CFM applications */ - if (!err && !path) { - char *buffer = NULL; - uint32_t len = 0; - - /* Tiny stupid buffer to get the length of the path */ - if (!err) { - buffer = malloc (1); - if (!buffer) { err = check_error (KIM_OUT_OF_MEMORY_ERR); } - } - - /* Get the length of the path */ - if (!err) { - if (_NSGetExecutablePath (buffer, &len) != 0) { - char *temp = realloc (buffer, len + 1); - if (!temp) { - err = check_error (KIM_OUT_OF_MEMORY_ERR); - } else { - buffer = temp; - } - } - } - - /* Get the path */ - if (!err) { - if (_NSGetExecutablePath (buffer, &len) != 0) { - err = check_error (KIM_OUT_OF_MEMORY_ERR); - } else { - err = kim_string_copy (&path, buffer); - } - } - - if (buffer) { free (buffer); } - } - - if (!err) { - *out_path = path; - path = NULL; - } - - kim_string_free (&path); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_library_get_caller_name (kim_string *out_application_name) -{ - kim_error err = KIM_NO_ERROR; - kim_string name = NULL; - CFBundleRef bundle = CFBundleGetMainBundle (); - CFStringRef cfname = NULL; - - if (!err && !out_application_name) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err && bundle) { - cfname = CFBundleGetValueForInfoDictionaryKey (bundle, - kCFBundleNameKey); - - if (!cfname || CFGetTypeID (cfname) != CFStringGetTypeID ()) { - cfname = CFBundleGetValueForInfoDictionaryKey (bundle, - kCFBundleExecutableKey); - } - - if (cfname) { - cfname = CFStringCreateCopy (kCFAllocatorDefault, cfname); - } - } - - if (!err && !cfname) { - kim_string path = NULL; - CFURLRef cfpath = NULL; - CFURLRef cfpathnoext = NULL; - - err = kim_os_library_get_application_path (&path); - - if (!err) { - cfpath = CFURLCreateFromFileSystemRepresentation (kCFAllocatorDefault, - (const UInt8 *) path, - strlen (path), - 0); - - if (cfpath) { - cfpathnoext = CFURLCreateCopyDeletingPathExtension (kCFAllocatorDefault, - cfpath); - } - - if (cfpathnoext) { - cfname = CFURLCopyLastPathComponent (cfpathnoext); - } else { - cfname = CFURLCopyLastPathComponent (cfpath); - } - } - - if (cfpathnoext) { CFRelease (cfpathnoext); } - if (cfpath ) { CFRelease (cfpath); } - kim_string_free (&path); - } - - if (!err && cfname) { - err = kim_os_string_create_from_cfstring (&name, cfname); - } - - if (!err) { - *out_application_name = name; - name = NULL; - - } - - if (cfname) { CFRelease (cfname); } - kim_string_free (&name); - - return check_error (err); -} diff --git a/src/kim/lib/mac/kim_os_preferences.c b/src/kim/lib/mac/kim_os_preferences.c deleted file mode 100644 index 7756f2014..000000000 --- a/src/kim/lib/mac/kim_os_preferences.c +++ /dev/null @@ -1,1071 +0,0 @@ -/* kim/lib/mac/kim_os_preferences.c */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include <CoreFoundation/CoreFoundation.h> - -#include "kim_os_private.h" - -#define kim_os_preference_any_identity "KIM_IDENTITY_ANY" - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -static CFStringRef kim_os_preferences_cfstring_for_key (kim_preference_key in_key) -{ - if (in_key == kim_preference_key_options) { - return CFSTR ("CredentialOptions"); - - } else if (in_key == kim_preference_key_lifetime) { - return CFSTR ("CredentialLifetime"); - - } else if (in_key == kim_preference_key_renewable) { - return CFSTR ("RenewableCredentials"); - - } else if (in_key == kim_preference_key_renewal_lifetime) { - return CFSTR ("CredentialRenewalLifetime"); - - } else if (in_key == kim_preference_key_forwardable) { - return CFSTR ("ForwardableCredentials"); - - } else if (in_key == kim_preference_key_proxiable) { - return CFSTR ("ProxiableCredentials"); - - } else if (in_key == kim_preference_key_addressless) { - return CFSTR ("AddresslessCredentials"); - - } else if (in_key == kim_preference_key_remember_options) { - return CFSTR ("RememberCredentialAttributes"); - - } else if (in_key == kim_preference_key_client_identity) { - return CFSTR ("ClientIdentity"); - - } else if (in_key == kim_preference_key_remember_client_identity) { - return CFSTR ("RememberClientIdentity"); - - } else if (in_key == kim_preference_key_favorites) { - return CFSTR ("FavoriteIdentities"); - - } else if (in_key == kim_preference_key_minimum_lifetime) { - return CFSTR ("MinimumLifetime"); - - } else if (in_key == kim_preference_key_maximum_lifetime) { - return CFSTR ("MaximumLifetime"); - - } else if (in_key == kim_preference_key_minimum_renewal_lifetime) { - return CFSTR ("MinimumRenewalLifetime"); - - } else if (in_key == kim_preference_key_maximum_renewal_lifetime) { - return CFSTR ("MaximumRenewalLifetime"); - - } - - return NULL; /* ignore unsupported keys */ -} - -/* ------------------------------------------------------------------------ */ - -static CFStringRef kim_os_preferences_compat_cfstring_for_key (kim_preference_key in_key) -{ - if (in_key == kim_preference_key_lifetime) { - return CFSTR ("KLDefaultTicketLifetime"); - - } else if (in_key == kim_preference_key_renewable) { - return CFSTR ("KLGetRenewableTickets"); - - } else if (in_key == kim_preference_key_renewal_lifetime) { - return CFSTR ("KLDefaultRenewableLifetime"); - - } else if (in_key == kim_preference_key_forwardable) { - return CFSTR ("KLDefaultForwardableTicket"); - - } else if (in_key == kim_preference_key_proxiable) { - return CFSTR ("KLGetProxiableTickets"); - - } else if (in_key == kim_preference_key_addressless) { - return CFSTR ("KLGetAddresslessTickets"); - - } else if (in_key == kim_preference_key_remember_options) { - return CFSTR ("KLRememberExtras"); - - } else if (in_key == kim_preference_key_client_identity) { - return CFSTR ("KLName"); - - } else if (in_key == kim_preference_key_remember_client_identity) { - return CFSTR ("KLRememberPrincipal"); - - } else if (in_key == kim_preference_key_favorites) { - return CFSTR ("KLFavoriteIdentities"); - - } else if (in_key == kim_preference_key_minimum_lifetime) { - return CFSTR ("KLMinimumTicketLifetime"); - - } else if (in_key == kim_preference_key_maximum_lifetime) { - return CFSTR ("KLMaximumTicketLifetime"); - - } else if (in_key == kim_preference_key_minimum_renewal_lifetime) { - return CFSTR ("KLMinimumRenewableLifetime"); - - } else if (in_key == kim_preference_key_maximum_renewal_lifetime) { - return CFSTR ("KLMaximumRenewableLifetime"); - - } - - return NULL; /* ignore unsupported keys */ -} - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_os_preferences_copy_value_for_file (CFStringRef in_key, - CFTypeID in_type, - CFStringRef in_file, - CFPropertyListRef *out_value) -{ - - kim_error err = KIM_NO_ERROR; - CFPropertyListRef value = NULL; - CFStringRef users[] = { kCFPreferencesCurrentUser, kCFPreferencesAnyUser, NULL }; - CFStringRef hosts[] = { kCFPreferencesCurrentHost, kCFPreferencesAnyHost, NULL }; - - if (!err && !in_key ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_file ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_value) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - kim_count u, h; - - if (!kim_library_allow_home_directory_access()) { - users[0] = kCFPreferencesAnyUser; - users[1] = NULL; - } - - for (u = 0; !value && users[u]; u++) { - for (h = 0; !value && hosts[h]; h++) { - value = CFPreferencesCopyValue (in_key, in_file, users[u], hosts[h]); - } - } - - if (value && CFGetTypeID (value) != in_type) { - err = check_error (KIM_PREFERENCES_READ_ERR); - } - } - - - if (!err) { - *out_value = value; - value = NULL; - } - - if (value) { CFRelease (value); } - - return check_error (err); -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_os_preferences_copy_value (kim_preference_key in_key, - CFTypeID in_type, - CFPropertyListRef *out_value) -{ - kim_error err = KIM_NO_ERROR; - CFStringRef key = kim_os_preferences_cfstring_for_key (in_key); - - err = kim_os_preferences_copy_value_for_file (key, in_type, - KIM_PREFERENCES_FILE, - out_value); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_os_preferences_copy_value_compat (kim_preference_key in_key, - CFTypeID in_type, - CFPropertyListRef *out_value) -{ - kim_error err = KIM_NO_ERROR; - CFStringRef key = kim_os_preferences_compat_cfstring_for_key (in_key); - - err = kim_os_preferences_copy_value_for_file (key, in_type, - KLL_PREFERENCES_FILE, - out_value); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_os_preferences_set_value (kim_preference_key in_key, - CFPropertyListRef in_value) -{ - kim_error err = KIM_NO_ERROR; - CFStringRef key = NULL; - - /* in_value may be NULL if removing the key */ - - if (!err) { - key = kim_os_preferences_cfstring_for_key (in_key); - } - - if (!err && key) { - kim_boolean homedir_ok = kim_library_allow_home_directory_access(); - CFStringRef user = homedir_ok ? kCFPreferencesCurrentUser : kCFPreferencesAnyUser; - CFStringRef host = homedir_ok ? kCFPreferencesAnyHost : kCFPreferencesCurrentHost; - - CFPreferencesSetValue (key, in_value, KIM_PREFERENCES_FILE, user, host); - if (!CFPreferencesSynchronize (KIM_PREFERENCES_FILE, user, host)) { - err = check_error (KIM_PREFERENCES_WRITE_ERR); - } - } - - return check_error (err); -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_preferences_get_identity_for_key (kim_preference_key in_key, - kim_identity in_hardcoded_default, - kim_identity *out_identity) -{ - kim_error err = KIM_NO_ERROR; - kim_string string = NULL; - CFStringRef value = NULL; - - if (!err && !out_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_os_preferences_copy_value (in_key, CFStringGetTypeID (), - (CFPropertyListRef *) &value); - - } - - if (!err && !value) { - err = kim_os_preferences_copy_value_compat (in_key, CFStringGetTypeID (), - (CFPropertyListRef *) &value); - } - - if (!err) { - if (value) { - err = kim_os_string_create_from_cfstring (&string, value); - - if (!err) { - if (!strcmp (kim_os_preference_any_identity, string)) { - *out_identity = KIM_IDENTITY_ANY; - - } else { - err = kim_identity_create_from_string (out_identity, string); - } - } - } else { - err = kim_identity_copy (out_identity, in_hardcoded_default); - } - } - - kim_string_free (&string); - if (value) { CFRelease (value); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_preferences_set_identity_for_key (kim_preference_key in_key, - kim_identity in_identity) -{ - kim_error err = KIM_NO_ERROR; - CFStringRef value = NULL; - kim_string string = NULL; - - /* in_identity can be KIM_IDENTITY_ANY */ - - if (!err) { - if (in_identity) { - err = kim_identity_get_string (in_identity, &string); - - } else { - err = kim_string_copy (&string, kim_os_preference_any_identity); - } - } - - if (!err) { - err = kim_os_string_get_cfstring (string, &value); - } - - if (!err) { - err = kim_os_preferences_set_value (in_key, value); - } - - if (value) { CFRelease (value); } - kim_string_free (&string); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_preferences_get_lifetime_for_key (kim_preference_key in_key, - kim_lifetime in_hardcoded_default, - kim_lifetime *out_lifetime) -{ - kim_error err = KIM_NO_ERROR; - CFNumberRef value = NULL; - - if (!err && !out_lifetime) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_os_preferences_copy_value (in_key, CFNumberGetTypeID (), - (CFPropertyListRef *) &value); - } - - if (!err && !value) { - err = kim_os_preferences_copy_value_compat (in_key, CFNumberGetTypeID (), - (CFPropertyListRef *) &value); - } - - if (!err) { - if (value) { - SInt32 number; // CFNumbers are signed so we need to cast - if (CFNumberGetValue (value, kCFNumberSInt32Type, &number) != TRUE) { - err = KIM_OUT_OF_MEMORY_ERR; - } else { - *out_lifetime = number; - } - } else { - *out_lifetime = in_hardcoded_default; - } - } - - if (value) { CFRelease (value); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_preferences_set_lifetime_for_key (kim_preference_key in_key, - kim_lifetime in_lifetime) -{ - kim_error err = KIM_NO_ERROR; - CFNumberRef value = NULL; - SInt32 number = (SInt32) in_lifetime; - - if (!err) { - value = CFNumberCreate (kCFAllocatorDefault, kCFNumberSInt32Type, &number); - if (!value) { err = KIM_OUT_OF_MEMORY_ERR; } - } - - if (!err) { - err = kim_os_preferences_set_value (in_key, value); - } - - if (value) { CFRelease (value); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_preferences_get_boolean_for_key (kim_preference_key in_key, - kim_boolean in_hardcoded_default, - kim_boolean *out_boolean) -{ - kim_error err = KIM_NO_ERROR; - CFBooleanRef value = NULL; - - if (!err && !out_boolean) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_os_preferences_copy_value (in_key, CFBooleanGetTypeID (), - (CFPropertyListRef *) &value); - } - - if (!err && !value) { - err = kim_os_preferences_copy_value_compat (in_key, CFBooleanGetTypeID (), - (CFPropertyListRef *) &value); - } - - if (!err) { - if (value) { - *out_boolean = CFBooleanGetValue (value); - } else { - *out_boolean = in_hardcoded_default; - } - } - - if (value) { CFRelease (value); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_preferences_set_boolean_for_key (kim_preference_key in_key, - kim_boolean in_boolean) -{ - kim_error err = KIM_NO_ERROR; - CFBooleanRef value = in_boolean ? kCFBooleanTrue : kCFBooleanFalse; - - if (!err) { - err = kim_os_preferences_set_value (in_key, value); - } - - return check_error (err); -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_os_preferences_copy_value_for_dict_key (CFDictionaryRef in_dictionary, - kim_preference_key in_key, - CFTypeID in_type, - CFPropertyListRef *out_value) -{ - kim_error err = KIM_NO_ERROR; - CFPropertyListRef value = NULL; - - if (!err && !in_dictionary) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_value ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - CFStringRef key = kim_os_preferences_cfstring_for_key (in_key); - - value = CFDictionaryGetValue (in_dictionary, key); - if (value && CFGetTypeID (value) != in_type) { - err = check_error (KIM_PREFERENCES_READ_ERR); - } - } - - if (!err) { - *out_value = value; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_os_preferences_set_value_for_dict_key (CFMutableDictionaryRef in_dictionary, - kim_preference_key in_key, - CFPropertyListRef in_value) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_dictionary) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_value ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - CFStringRef key = kim_os_preferences_cfstring_for_key (in_key); - - CFDictionarySetValue (in_dictionary, key, in_value); - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_os_preferences_dictionary_to_options (CFDictionaryRef in_dictionary, - kim_options *out_options) -{ - kim_error err = KIM_NO_ERROR; - kim_options options = KIM_OPTIONS_DEFAULT; - kim_boolean found_options = 0; - - if (!err && !in_dictionary) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_options ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_options_create_empty (&options); - } - - if (!err) { - CFBooleanRef value = NULL; - - err = kim_os_preferences_copy_value_for_dict_key (in_dictionary, - kim_preference_key_renewable, - CFBooleanGetTypeID (), - (CFPropertyListRef *) &value); - - if (!err && value) { - found_options = 1; - err = kim_options_set_renewable (options, CFBooleanGetValue (value)); - } - } - - if (!err) { - CFNumberRef value = NULL; - SInt32 lifetime; // CFNumbers are signed so we need to cast - - err = kim_os_preferences_copy_value_for_dict_key (in_dictionary, - kim_preference_key_lifetime, - CFNumberGetTypeID (), - (CFPropertyListRef *) &value); - - if (!err && value && CFNumberGetValue (value, kCFNumberSInt32Type, - &lifetime)) { - found_options = 1; - err = kim_options_set_lifetime (options, lifetime); - } - } - - if (!err) { - CFNumberRef value = NULL; - SInt32 lifetime; // CFNumbers are signed so we need to cast - - err = kim_os_preferences_copy_value_for_dict_key (in_dictionary, - kim_preference_key_renewal_lifetime, - CFNumberGetTypeID (), - (CFPropertyListRef *) &value); - - if (!err && value && CFNumberGetValue (value, kCFNumberSInt32Type, - &lifetime)) { - found_options = 1; - err = kim_options_set_renewal_lifetime (options, lifetime); - } } - - if (!err) { - CFBooleanRef value = NULL; - - err = kim_os_preferences_copy_value_for_dict_key (in_dictionary, - kim_preference_key_forwardable, - CFBooleanGetTypeID (), - (CFPropertyListRef *) &value); - - if (!err && value) { - found_options = 1; - err = kim_options_set_forwardable (options, CFBooleanGetValue (value)); - } - } - - if (!err) { - CFBooleanRef value = NULL; - - err = kim_os_preferences_copy_value_for_dict_key (in_dictionary, - kim_preference_key_proxiable, - CFBooleanGetTypeID (), - (CFPropertyListRef *) &value); - - if (!err && value) { - found_options = 1; - err = kim_options_set_proxiable (options, CFBooleanGetValue (value)); - } - } - - if (!err) { - CFBooleanRef value = NULL; - - err = kim_os_preferences_copy_value_for_dict_key (in_dictionary, - kim_preference_key_addressless, - CFBooleanGetTypeID (), - (CFPropertyListRef *) &value); - - if (!err && value) { - found_options = 1; - err = kim_options_set_addressless (options, CFBooleanGetValue (value)); - } - } - - if (!err && !found_options) { - kim_options_free (&options); - options = KIM_OPTIONS_DEFAULT; - } - - if (!err) { - *out_options = options; - options = NULL; - } - - kim_options_free (&options); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_os_preferences_options_to_dictionary (kim_options in_options, - CFMutableDictionaryRef io_dictionary) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_options ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !io_dictionary) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - CFNumberRef value = NULL; - kim_lifetime lifetime; - - err = kim_options_get_lifetime (in_options, &lifetime); - - if (!err) { - SInt32 number = (SInt32) lifetime; - - value = CFNumberCreate (kCFAllocatorDefault, - kCFNumberSInt32Type, &number); - if (!value) { err = KIM_OUT_OF_MEMORY_ERR; } - } - - if (!err) { - err = kim_os_preferences_set_value_for_dict_key (io_dictionary, - kim_preference_key_lifetime, - value); - } - - if (value) { CFRelease (value); } - } - - if (!err) { - kim_boolean boolean; - - err = kim_options_get_renewable (in_options, &boolean); - - if (!err) { - CFBooleanRef value = boolean ? kCFBooleanTrue : kCFBooleanFalse; - - err = kim_os_preferences_set_value_for_dict_key (io_dictionary, - kim_preference_key_renewable, - value); - } - } - - if (!err) { - CFNumberRef value = NULL; - kim_lifetime lifetime; - - err = kim_options_get_renewal_lifetime (in_options, &lifetime); - - if (!err) { - SInt32 number = (SInt32) lifetime; - - value = CFNumberCreate (kCFAllocatorDefault, - kCFNumberSInt32Type, &number); - if (!value) { err = KIM_OUT_OF_MEMORY_ERR; } - } - - if (!err) { - err = kim_os_preferences_set_value_for_dict_key (io_dictionary, - kim_preference_key_renewal_lifetime, - value); - } - - if (value) { CFRelease (value); } - } - - if (!err) { - kim_boolean boolean; - - err = kim_options_get_forwardable (in_options, &boolean); - - if (!err) { - CFBooleanRef value = boolean ? kCFBooleanTrue : kCFBooleanFalse; - - err = kim_os_preferences_set_value_for_dict_key (io_dictionary, - kim_preference_key_forwardable, - value); - } - } - - if (!err) { - kim_boolean boolean; - - err = kim_options_get_proxiable (in_options, &boolean); - - if (!err) { - CFBooleanRef value = boolean ? kCFBooleanTrue : kCFBooleanFalse; - - err = kim_os_preferences_set_value_for_dict_key (io_dictionary, - kim_preference_key_proxiable, - value); - } - } - - if (!err) { - kim_boolean boolean; - - err = kim_options_get_addressless (in_options, &boolean); - - if (!err) { - CFBooleanRef value = boolean ? kCFBooleanTrue : kCFBooleanFalse; - - err = kim_os_preferences_set_value_for_dict_key (io_dictionary, - kim_preference_key_addressless, - value); - } - } - - return check_error (err); -} - - - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_os_preferences_get_options_compat (kim_options *out_options) -{ - kim_error err = KIM_NO_ERROR; - kim_options options = KIM_OPTIONS_DEFAULT; - kim_boolean found_options = 0; - - if (!err && !out_options) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_options_create_empty (&options); - } - - if (!err) { - CFNumberRef value = NULL; - SInt32 lifetime; // CFNumbers are signed so we need to cast - - err = kim_os_preferences_copy_value_compat (kim_preference_key_lifetime, - CFNumberGetTypeID (), - (CFPropertyListRef *) &value); - - if (!err && value && CFNumberGetValue (value, kCFNumberSInt32Type, - &lifetime)) { - found_options = 1; - err = kim_options_set_lifetime (options, lifetime); - } - - if (value) { CFRelease (value); } - } - - if (!err) { - CFBooleanRef value = NULL; - - err = kim_os_preferences_copy_value_compat (kim_preference_key_renewable, - CFBooleanGetTypeID (), - (CFPropertyListRef *) &value); - - if (!err && value) { - found_options = 1; - err = kim_options_set_renewable (options, CFBooleanGetValue (value)); - } - - if (value) { CFRelease (value); } - } - - if (!err) { - CFNumberRef value = NULL; - SInt32 lifetime; // CFNumbers are signed so we need to cast - - err = kim_os_preferences_copy_value_compat (kim_preference_key_renewal_lifetime, - CFNumberGetTypeID (), - (CFPropertyListRef *) &value); - - if (!err && value && CFNumberGetValue (value, kCFNumberSInt32Type, - &lifetime)) { - found_options = 1; - err = kim_options_set_renewal_lifetime (options, lifetime); - } - - if (value) { CFRelease (value); } - } - - if (!err) { - CFBooleanRef value = NULL; - - err = kim_os_preferences_copy_value_compat (kim_preference_key_forwardable, - CFBooleanGetTypeID (), - (CFPropertyListRef *) &value); - - if (!err && value) { - found_options = 1; - err = kim_options_set_forwardable (options, CFBooleanGetValue (value)); - } - - if (value) { CFRelease (value); } - } - - if (!err) { - CFBooleanRef value = NULL; - - err = kim_os_preferences_copy_value_compat (kim_preference_key_proxiable, - CFBooleanGetTypeID (), - (CFPropertyListRef *) &value); - - if (!err && value) { - found_options = 1; - err = kim_options_set_proxiable (options, CFBooleanGetValue (value)); - } - - if (value) { CFRelease (value); } - } - - if (!err) { - CFBooleanRef value = NULL; - - err = kim_os_preferences_copy_value_compat (kim_preference_key_addressless, - CFBooleanGetTypeID (), - (CFPropertyListRef *) &value); - - if (!err && value) { - found_options = 1; - err = kim_options_set_addressless (options, CFBooleanGetValue (value)); - } - - if (value) { CFRelease (value); } - } - - if (!err && !found_options) { - kim_options_free (&options); - options = KIM_OPTIONS_DEFAULT; - } - - if (!err) { - *out_options = options; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_preferences_get_options_for_key (kim_preference_key in_key, - kim_options *out_options) -{ - kim_error err = KIM_NO_ERROR; - CFDictionaryRef dictionary = NULL; - kim_options options = KIM_OPTIONS_DEFAULT; - - if (!err && !out_options) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_os_preferences_copy_value (in_key, CFDictionaryGetTypeID (), - (CFPropertyListRef *) &dictionary); - - if (!err && dictionary) { - err = kim_os_preferences_dictionary_to_options (dictionary, &options); - } - } - - if (!err && !dictionary) { - err = kim_os_preferences_get_options_compat (&options); - } - - if (!err) { - *out_options = options; - } - - if (dictionary) { CFRelease (dictionary); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_preferences_set_options_for_key (kim_preference_key in_key, - kim_options in_options) -{ - kim_error err = KIM_NO_ERROR; - CFMutableDictionaryRef dictionary = NULL; - - /* in_options may be KIM_OPTIONS_DEFAULT, in which case we empty the dict */ - - if (!err && in_options) { - dictionary = CFDictionaryCreateMutable (kCFAllocatorDefault, 0, - &kCFTypeDictionaryKeyCallBacks, - &kCFTypeDictionaryValueCallBacks); - if (!dictionary) { err = check_error (KIM_OUT_OF_MEMORY_ERR); } - - if (!err) { - err = kim_os_preferences_options_to_dictionary (in_options, dictionary); - } - } - - if (!err) { - /* NULL dictioray will remove any entry for this key */ - err = kim_os_preferences_set_value (in_key, dictionary); - } - - if (dictionary) { CFRelease (dictionary); } - - return check_error (err); -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_preferences_get_favorites_for_key (kim_preference_key in_key, - kim_favorites io_favorites) -{ - kim_error err = KIM_NO_ERROR; - CFArrayRef value = NULL; - - if (!err && !io_favorites) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_os_preferences_copy_value (in_key, CFArrayGetTypeID (), - (CFPropertyListRef *) &value); - } - - if (!err && value) { - if (!value || CFArrayGetCount (value) < 1) { - err = kim_favorites_remove_all_identities (io_favorites); - - } else { - CFIndex count = CFArrayGetCount (value); - CFIndex i; - - for (i = 0; !err && i < count; i++) { - CFDictionaryRef dictionary = NULL; - CFStringRef cfstring = NULL; - - dictionary = (CFDictionaryRef) CFArrayGetValueAtIndex (value, i); - if (!dictionary || CFGetTypeID (dictionary) != CFDictionaryGetTypeID ()) { - err = check_error (KIM_PREFERENCES_READ_ERR); - } - - if (!err) { - err = kim_os_preferences_copy_value_for_dict_key (dictionary, - kim_preference_key_client_identity, - CFStringGetTypeID (), - (CFPropertyListRef *) &cfstring); - } - - if (!err && cfstring) { - kim_string string = NULL; - kim_identity identity = NULL; - kim_options options = KIM_OPTIONS_DEFAULT; - - err = kim_os_string_create_from_cfstring (&string, cfstring); - - if (!err) { - err = kim_identity_create_from_string (&identity, string); - } - - if (!err && (CFDictionaryGetCount (dictionary) > 1)) { - err = kim_os_preferences_dictionary_to_options (dictionary, - &options); - } - - if (!err) { - err = kim_favorites_add_identity (io_favorites, identity, - options); - } - - kim_string_free (&string); - kim_options_free (&options); - kim_identity_free (&identity); - } - } - - if (err) { - kim_favorites_remove_all_identities (io_favorites); - } - } - } - - if (value) { CFRelease (value); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ -kim_error kim_os_preferences_set_favorites_for_key (kim_preference_key in_key, - kim_favorites in_favorites) -{ - kim_error err = KIM_NO_ERROR; - kim_count count = 0; - CFMutableArrayRef array = NULL; - - if (!err && !in_favorites) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_favorites_get_number_of_identities (in_favorites, &count); - } - - if (!err) { - array = CFArrayCreateMutable (kCFAllocatorDefault, count, - &kCFTypeArrayCallBacks); - if (!array) { err = KIM_OUT_OF_MEMORY_ERR; } - } - - if (!err) { - kim_count i; - - for (i = 0; !err && i < count; i++) { - kim_identity identity = NULL; - kim_options options = NULL; - kim_string string = NULL; - CFStringRef cfstring = NULL; - CFMutableDictionaryRef dictionary = NULL; - - err = kim_favorites_get_identity_at_index (in_favorites, i, - &identity, - &options); - - if (!err) { - err = kim_identity_get_string (identity, &string); - } - - if (!err) { - err = kim_os_string_get_cfstring (string, &cfstring); - } - - if (!err) { - dictionary = CFDictionaryCreateMutable (kCFAllocatorDefault, 0, - &kCFTypeDictionaryKeyCallBacks, - &kCFTypeDictionaryValueCallBacks); - if (!dictionary) { err = check_error (KIM_OUT_OF_MEMORY_ERR); } - } - - if (!err) { - err = kim_os_preferences_set_value_for_dict_key (dictionary, - kim_preference_key_client_identity, - cfstring); - } - - if (!err && options) { - err = kim_os_preferences_options_to_dictionary (options, - dictionary); - } - - if (!err) { - CFArrayAppendValue (array, dictionary); - } - - if (dictionary) { CFRelease (dictionary); } - if (cfstring ) { CFRelease (cfstring); } - kim_string_free (&string); - kim_options_free (&options); - kim_identity_free (&identity); - } - } - - if (!err) { - err = kim_os_preferences_set_value (in_key, array); - } - - if (array) { CFRelease (array); } - - return check_error (err); -} diff --git a/src/kim/lib/mac/kim_os_private.h b/src/kim/lib/mac/kim_os_private.h deleted file mode 100644 index e75586a51..000000000 --- a/src/kim/lib/mac/kim_os_private.h +++ /dev/null @@ -1,55 +0,0 @@ -/* kim/lib/mac/kim_os_private.h */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIM_OS_PRIVATE_H -#define KIM_OS_PRIVATE_H - -#include <CoreFoundation/CoreFoundation.h> -#include "kim_private.h" - -#define kim_os_agent_bundle_id "edu.mit.Kerberos.KerberosAgent" - -#define KIM_PREFERENCES_FILE CFSTR("edu.mit.Kerberos.IdentityManagement") -#define KLL_PREFERENCES_FILE CFSTR("edu.mit.Kerberos.KerberosLogin") -#define KA_PREFERENCES_FILE CFSTR("edu.mit.Kerberos.KerberosAgent") - -kim_error kim_os_library_lock_for_bundle_lookup (void); -kim_error kim_os_library_unlock_for_bundle_lookup (void); - -kim_error kim_os_library_get_application_path (kim_string *out_path); - -kim_error kim_os_string_create_from_cfstring (kim_string *out_string, - CFStringRef in_cfstring); - -kim_error kim_os_string_get_cfstring (kim_string in_string, - CFStringRef *out_cfstring); - -kim_error kim_os_string_compare_to_cfstring (kim_string in_string, - CFStringRef in_compare_to_cfstring, - kim_comparison *out_comparison); - -kim_error kim_os_library_get_application_path (kim_string *out_path); - -#endif /* KIM_PRIVATE_H */ diff --git a/src/kim/lib/mac/kim_os_selection_hints.c b/src/kim/lib/mac/kim_os_selection_hints.c deleted file mode 100644 index dec1a1017..000000000 --- a/src/kim/lib/mac/kim_os_selection_hints.c +++ /dev/null @@ -1,534 +0,0 @@ -/* kim/lib/mac/kim_os_selection_hints.c */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#define KIM_SELECTION_HINTS_FILE CFSTR("edu.mit.Kerberos.SelectionHints") - -#define KIM_SELECTION_HINTS_ARRAY CFSTR("Hints") - -#define KIM_SERVICE_IDENTITY_HINT CFSTR("KIMServiceIdentityHint") -#define KIM_APPLICATION_ID_HINT CFSTR("KIMApplicationIDHint") -#define KIM_USER_HINT CFSTR("KIMUserHint") -#define KIM_CLIENT_REALM_HINT CFSTR("KIMClientRealmHint") -#define KIM_SERVICE_HINT CFSTR("KIMServiceHint") -#define KIM_SERVICE_REALM_HINT CFSTR("KIMServiceRealmHint") -#define KIM_SERVER_HINT CFSTR("KIMServerHint") -#define KIM_IDENTITY_HINT CFSTR("KIMIdentityHint") - -#define KIM_MAX_HINTS 8 /* the number of hint types above */ - -#include "kim_os_private.h" - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_os_selection_hints_get_selection_hints_array (CFArrayRef *out_selection_hints_array) -{ - kim_error err = KIM_NO_ERROR; - CFPropertyListRef value = NULL; - CFStringRef users[] = { kCFPreferencesCurrentUser, kCFPreferencesAnyUser, NULL }; - CFStringRef hosts[] = { kCFPreferencesCurrentHost, kCFPreferencesAnyHost, NULL }; - - if (!err && !out_selection_hints_array) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - kim_count u, h; - - if (!kim_library_allow_home_directory_access()) { - users[0] = kCFPreferencesAnyUser; - users[1] = NULL; - } - - for (u = 0; !value && users[u]; u++) { - for (h = 0; !value && hosts[h]; h++) { - value = CFPreferencesCopyValue (KIM_SELECTION_HINTS_ARRAY, - KIM_SELECTION_HINTS_FILE, - users[u], hosts[h]); - } - } - - if (value && CFGetTypeID (value) != CFArrayGetTypeID ()) { - err = check_error (KIM_PREFERENCES_READ_ERR); - } - } - - if (!err) { - *out_selection_hints_array = value; - value = NULL; - } - - if (value) { CFRelease (value); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_os_selection_hints_set_selection_hints_array (CFArrayRef in_selection_hints_array) -{ - kim_error err = KIM_NO_ERROR; - - if (!err && !in_selection_hints_array) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - kim_boolean homedir_ok = kim_library_allow_home_directory_access(); - CFStringRef user = homedir_ok ? kCFPreferencesCurrentUser : kCFPreferencesAnyUser; - CFStringRef host = homedir_ok ? kCFPreferencesAnyHost : kCFPreferencesCurrentHost; - - CFPreferencesSetValue (KIM_SELECTION_HINTS_ARRAY, in_selection_hints_array, - KIM_SELECTION_HINTS_FILE, user, host); - if (!CFPreferencesSynchronize (KIM_SELECTION_HINTS_FILE, user, host)) { - err = check_error (KIM_PREFERENCES_WRITE_ERR); - } - } - - return check_error (err); -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_os_selection_hints_create_dictionary (kim_selection_hints in_selection_hints, - kim_identity in_identity, - CFDictionaryRef *out_hints_dictionary) -{ - kim_error err = KIM_NO_ERROR; - kim_selection_hints_preference_strings preference_strings = { NULL, NULL, NULL, NULL, NULL, NULL, NULL }; - kim_string identity_string = NULL; - CFStringRef keys[KIM_MAX_HINTS] = { NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }; - CFStringRef values[KIM_MAX_HINTS] = { NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }; - CFIndex i = 0; - - if (!err && !in_selection_hints ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_hints_dictionary) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_selection_hints_get_preference_strings (in_selection_hints, &preference_strings); - } - - if (!err) { - err = kim_identity_get_string (in_identity, &identity_string); - } - - if (!err) { - keys[i] = KIM_APPLICATION_ID_HINT; - err = kim_os_string_get_cfstring (preference_strings.application_identifier, &values[i]); - } - - if (!err) { - keys[++i] = KIM_IDENTITY_HINT; - err = kim_os_string_get_cfstring (identity_string, &values[i]); - } - - if (!err && preference_strings.service_identity) { - keys[++i] = KIM_SERVICE_IDENTITY_HINT; - err = kim_os_string_get_cfstring (preference_strings.service_identity, &values[i]); - } - - if (!err && preference_strings.user) { - keys[++i] = KIM_USER_HINT; - err = kim_os_string_get_cfstring (preference_strings.user, &values[i]); - } - - if (!err && preference_strings.client_realm) { - keys[++i] = KIM_CLIENT_REALM_HINT; - err = kim_os_string_get_cfstring (preference_strings.client_realm, &values[i]); - } - - if (!err && preference_strings.service) { - keys[++i] = KIM_SERVICE_HINT; - err = kim_os_string_get_cfstring (preference_strings.service, &values[i]); - } - - if (!err && preference_strings.service_realm) { - keys[++i] = KIM_SERVICE_REALM_HINT; - err = kim_os_string_get_cfstring (preference_strings.service_realm, &values[i]); - } - - if (!err && preference_strings.server) { - keys[++i] = KIM_SERVER_HINT; - err = kim_os_string_get_cfstring (preference_strings.server, &values[i]); - } - - if (!err) { - *out_hints_dictionary = CFDictionaryCreate (kCFAllocatorDefault, - (const void **) keys, - (const void **) values, - i+1, /* number of hints */ - &kCFTypeDictionaryKeyCallBacks, - &kCFTypeDictionaryValueCallBacks); - } - - for (i = 0; i < KIM_MAX_HINTS; i++) { if (values[i]) { CFRelease (values[i]); } } - kim_string_free (&identity_string); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -static kim_boolean kim_os_selection_hints_compare_hint (kim_string in_string, - CFStringRef in_value) -{ - kim_boolean equal = 0; - - if (!in_string && !in_value) { - equal = 1; - - } else if (in_string && in_value) { - if (CFGetTypeID (in_value) == CFStringGetTypeID ()) { - kim_comparison comparison; - - kim_error err = kim_os_string_compare_to_cfstring (in_string, in_value, - &comparison); - - if (!err && kim_comparison_is_equal_to (comparison)) { - equal = 1; - } - } else { - kim_debug_printf ("%s: Malformed string in hints dictionary.", __FUNCTION__); - } - } - - return equal; -} - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_os_selection_hints_compare_to_dictionary (kim_selection_hints in_selection_hints, - CFDictionaryRef in_hints_dictionary, - kim_boolean *out_hints_equal) -{ - kim_error err = KIM_NO_ERROR; - kim_selection_hints_preference_strings preference_strings = { NULL, NULL, NULL, NULL, NULL, NULL, NULL }; - kim_boolean hints_equal = 1; - - if (!err && !in_selection_hints ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_hints_dictionary) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_hints_equal ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_selection_hints_get_preference_strings (in_selection_hints, &preference_strings); - } - - if (!err && hints_equal) { - hints_equal = kim_os_selection_hints_compare_hint (preference_strings.application_identifier, - CFDictionaryGetValue (in_hints_dictionary, - KIM_APPLICATION_ID_HINT)); - } - - if (!err && hints_equal) { - hints_equal = kim_os_selection_hints_compare_hint (preference_strings.service_identity, - CFDictionaryGetValue (in_hints_dictionary, - KIM_SERVICE_IDENTITY_HINT)); - } - - if (!err && hints_equal) { - hints_equal = kim_os_selection_hints_compare_hint (preference_strings.user, - CFDictionaryGetValue (in_hints_dictionary, - KIM_USER_HINT)); - } - - if (!err && hints_equal) { - hints_equal = kim_os_selection_hints_compare_hint (preference_strings.client_realm, - CFDictionaryGetValue (in_hints_dictionary, - KIM_CLIENT_REALM_HINT)); - } - - if (!err && hints_equal) { - hints_equal = kim_os_selection_hints_compare_hint (preference_strings.service, - CFDictionaryGetValue (in_hints_dictionary, - KIM_SERVICE_HINT)); - } - - if (!err && hints_equal) { - hints_equal = kim_os_selection_hints_compare_hint (preference_strings.service_realm, - CFDictionaryGetValue (in_hints_dictionary, - KIM_SERVICE_REALM_HINT)); - } - - if (!err && hints_equal) { - hints_equal = kim_os_selection_hints_compare_hint (preference_strings.server, - CFDictionaryGetValue (in_hints_dictionary, - KIM_SERVER_HINT)); - } - - if (!err) { - *out_hints_equal = hints_equal; - } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -static kim_error kim_os_selection_hints_get_dictionary_identity (CFDictionaryRef in_dictionary, - kim_identity *out_identity) -{ - kim_error err = KIM_NO_ERROR; - CFStringRef identity_cfstr = NULL; - kim_string identity_string = NULL; - - identity_cfstr = CFDictionaryGetValue (in_dictionary, KIM_IDENTITY_HINT); - if (!identity_cfstr || CFGetTypeID (identity_cfstr) != CFStringGetTypeID ()) { - kim_debug_printf ("%s: Malformed hints dictionary (invalid identity).", __FUNCTION__); - err = check_error (KIM_PREFERENCES_READ_ERR); - } - - if (!err) { - err = kim_os_string_create_from_cfstring (&identity_string, identity_cfstr); - } - - if (!err) { - err = kim_identity_create_from_string (out_identity, identity_string); - } - - kim_string_free (&identity_string); - - return check_error (err); -} - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_selection_hints_lookup_identity (kim_selection_hints in_selection_hints, - kim_identity *out_identity) -{ - kim_error err = KIM_NO_ERROR; - CFArrayRef hints_array = NULL; - CFIndex i = 0; - CFIndex count = 0; - kim_boolean found = 0; - CFDictionaryRef found_dictionary = NULL; - - if (!err && !in_selection_hints) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_os_selection_hints_get_selection_hints_array (&hints_array); - } - - if (!err && hints_array) { - count = CFArrayGetCount (hints_array); - } - - for (i = 0; !err && !found && i < count; i++) { - CFDictionaryRef dictionary = NULL; - - dictionary = CFArrayGetValueAtIndex (hints_array, i); - if (!dictionary) { err = KIM_OUT_OF_MEMORY_ERR; } - - if (!err && CFGetTypeID (dictionary) != CFDictionaryGetTypeID ()) { - kim_debug_printf ("%s: Malformed entry in hints array.", __FUNCTION__); - continue; /* skip entries which aren't dictionaries */ - } - - if (!err) { - err = kim_os_selection_hints_compare_to_dictionary (in_selection_hints, - dictionary, - &found); - } - - if (!err && found) { - found_dictionary = dictionary; - } - } - - if (!err && found) { - err = kim_os_selection_hints_get_dictionary_identity (found_dictionary, - out_identity); - } - - if (hints_array) { CFRelease (hints_array); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_selection_hints_remember_identity (kim_selection_hints in_selection_hints, - kim_identity in_identity) -{ - kim_error err = KIM_NO_ERROR; - CFArrayRef old_hints_array = NULL; - CFMutableArrayRef new_hints_array = NULL; - CFIndex count = 0; - CFIndex i = 0; - kim_boolean hint_already_exists = 0; - kim_boolean hints_array_changed = 0; - - if (!err && !in_selection_hints) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_os_selection_hints_get_selection_hints_array (&old_hints_array); - } - - if (!err) { - if (old_hints_array) { - new_hints_array = CFArrayCreateMutableCopy (kCFAllocatorDefault, 0, - old_hints_array); - } else { - new_hints_array = CFArrayCreateMutable (kCFAllocatorDefault, 0, - &kCFTypeArrayCallBacks); - } - if (!new_hints_array) { err = KIM_OUT_OF_MEMORY_ERR; } - } - - if (!err) { - count = CFArrayGetCount (new_hints_array); - } - - for (i = 0; !err && i < count; i++) { - CFDictionaryRef dictionary = NULL; - kim_identity identity = NULL; - kim_boolean hints_equal = 0; - - dictionary = CFArrayGetValueAtIndex (new_hints_array, i); - if (!dictionary) { err = KIM_OUT_OF_MEMORY_ERR; } - - if (!err && CFGetTypeID (dictionary) != CFDictionaryGetTypeID ()) { - kim_debug_printf ("%s: Malformed entry in hints array.", __FUNCTION__); - continue; /* skip entries which aren't dictionaries */ - } - - if (!err) { - err = kim_os_selection_hints_compare_to_dictionary (in_selection_hints, - dictionary, - &hints_equal); - } - - if (!err && hints_equal) { - kim_comparison comparison; - - err = kim_os_selection_hints_get_dictionary_identity (dictionary, - &identity); - - if (!err) { - err = kim_identity_compare (in_identity, identity, &comparison); - } - - if (!err) { - if (kim_comparison_is_equal_to (comparison) && !hint_already_exists) { - hint_already_exists = 1; - } else { - CFArrayRemoveValueAtIndex (new_hints_array, i); - i--; /* back up one index so we don't skip */ - count = CFArrayGetCount (new_hints_array); /* count changed */ - hints_array_changed = 1; - } - } - - kim_identity_free (&identity); - } - } - - if (!err && !hint_already_exists) { - CFDictionaryRef new_hint_dictionary = NULL; - - err = kim_os_selection_hints_create_dictionary (in_selection_hints, - in_identity, - &new_hint_dictionary); - - if (!err) { - CFArrayInsertValueAtIndex (new_hints_array, 0, new_hint_dictionary); - hints_array_changed = 1; - } - - if (new_hint_dictionary) { CFRelease (new_hint_dictionary); } - } - - if (!err && hints_array_changed) { - err = kim_os_selection_hints_set_selection_hints_array (new_hints_array); - } - - if (new_hints_array ) { CFRelease (new_hints_array); } - if (old_hints_array ) { CFRelease (old_hints_array); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_selection_hints_forget_identity (kim_selection_hints in_selection_hints) -{ - kim_error err = KIM_NO_ERROR; - CFArrayRef old_hints_array = NULL; - CFMutableArrayRef new_hints_array = NULL; - CFIndex count = 0; - CFIndex i = 0; - - if (!err && !in_selection_hints) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_os_selection_hints_get_selection_hints_array (&old_hints_array); - } - - if (!err) { - new_hints_array = CFArrayCreateMutableCopy (kCFAllocatorDefault, 0, - old_hints_array); - if (!new_hints_array) { err = KIM_OUT_OF_MEMORY_ERR; } - } - - if (!err) { - count = CFArrayGetCount (new_hints_array); - } - - for (i = 0; !err && i < count; i++) { - CFDictionaryRef dictionary = NULL; - kim_boolean hints_equal = 0; - - dictionary = CFArrayGetValueAtIndex (new_hints_array, i); - if (!dictionary) { err = KIM_OUT_OF_MEMORY_ERR; } - - if (!err && CFGetTypeID (dictionary) != CFDictionaryGetTypeID ()) { - kim_debug_printf ("%s: Malformed entry in hints array.", __FUNCTION__); - continue; /* skip entries which aren't dictionaries */ - } - - if (!err) { - err = kim_os_selection_hints_compare_to_dictionary (in_selection_hints, - dictionary, - &hints_equal); - } - - if (!err && hints_equal) { - CFArrayRemoveValueAtIndex (new_hints_array, i); - i--; /* back up one index so we don't skip */ - count = CFArrayGetCount (new_hints_array); /* count changed */ - } - } - - if (!err) { - err = kim_os_selection_hints_set_selection_hints_array (new_hints_array); - } - - if (new_hints_array) { CFRelease (new_hints_array); } - - return check_error (err); -} diff --git a/src/kim/lib/mac/kim_os_string.c b/src/kim/lib/mac/kim_os_string.c deleted file mode 100644 index 1f27b79fb..000000000 --- a/src/kim/lib/mac/kim_os_string.c +++ /dev/null @@ -1,236 +0,0 @@ -/* kim/lib/mac/kim_os_string.c */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include <CoreFoundation/CoreFoundation.h> - -#include "kim_os_private.h" - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_string_create_localized (kim_string *out_string, - kim_string in_string) -{ - kim_error lock_err = kim_os_library_lock_for_bundle_lookup (); - kim_error err = lock_err; - kim_string string = NULL; - CFStringRef cfkey = NULL; - - if (!err && !out_string) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_string ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_os_string_get_cfstring (in_string, &cfkey); - } - - if (!err && kim_library_allow_home_directory_access ()) { - CFStringRef cfstring = NULL; - CFBundleRef framework = CFBundleGetBundleWithIdentifier (CFSTR ("edu.mit.Kerberos")); - CFBundleRef main_bundle = CFBundleGetMainBundle (); - - if (framework) { - cfstring = CFCopyLocalizedStringFromTableInBundle (cfkey, - CFSTR ("InfoPlist"), - framework, - ""); - } - - if (main_bundle && !cfstring) { - cfstring = CFCopyLocalizedStringFromTableInBundle (cfkey, - CFSTR ("InfoPlist"), - main_bundle, - ""); - } - - if (!err && cfstring) { - err = kim_os_string_create_from_cfstring (&string, cfstring); - } - - if (cfstring) { CFRelease (cfstring); } - } - - if (!err && !string) { - err = kim_string_copy (&string, in_string); - } - - if (!err) { - *out_string = string; - string = NULL; - } - - if (cfkey) { CFRelease (cfkey); } - kim_string_free (&string); - - if (!lock_err) { kim_os_library_unlock_for_bundle_lookup (); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_string_create_from_cfstring (kim_string *out_string, - CFStringRef in_cfstring) -{ - kim_error err = KIM_NO_ERROR; - kim_string string = NULL; - CFIndex length = 0; - - if (!err && !out_string ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_cfstring) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - char *ptr = NULL; - - /* check if in_cfstring is a C string internally so we can - * avoid using CFStringGetMaximumSizeForEncoding which is wasteful */ - ptr = (char *) CFStringGetCStringPtr(in_cfstring, - kCFStringEncodingUTF8); - if (ptr) { - string = strdup (ptr); - if (!string) { err = check_error (KIM_OUT_OF_MEMORY_ERR); } - - } else { - length = CFStringGetMaximumSizeForEncoding (CFStringGetLength (in_cfstring), - kCFStringEncodingUTF8) + 1; - - string = (char *) calloc (length, sizeof (char)); - if (!string) { err = check_error (KIM_OUT_OF_MEMORY_ERR); } - - if (!err) { - if (!CFStringGetCString (in_cfstring, - (char *) string, - length, - kCFStringEncodingUTF8)) { - err = KIM_OUT_OF_MEMORY_ERR; - } - } - } - } - - - if (!err) { - *out_string = string; - string = NULL; - } - - kim_string_free (&string); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_string_get_cfstring (kim_string in_string, - CFStringRef *out_cfstring) -{ - kim_error err = KIM_NO_ERROR; - CFStringRef cfstring = NULL; - - if (!err && !in_string ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_cfstring) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - cfstring = CFStringCreateWithCString (kCFAllocatorDefault, - in_string, - kCFStringEncodingUTF8); - if (!cfstring) { err = KIM_OUT_OF_MEMORY_ERR; } - } - - if (!err) { - *out_cfstring = cfstring; - cfstring = NULL; - } - - if (cfstring) { CFRelease (cfstring); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_string_compare (kim_string in_string, - kim_string in_compare_to_string, - kim_boolean in_case_insensitive, - kim_comparison *out_comparison) -{ - kim_error err = KIM_NO_ERROR; - CFStringRef cfstring = NULL; - CFStringRef compare_to_cfstring = NULL; - - if (!err && !in_string ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_compare_to_string) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_comparison ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_os_string_get_cfstring (in_string, - &cfstring); - } - - if (!err) { - err = kim_os_string_get_cfstring (in_compare_to_string, - &compare_to_cfstring); - } - - if (!err) { - CFOptionFlags options = (in_case_insensitive ? - 1 : kCFCompareCaseInsensitive); - - /* Returned CFComparisonResult is compatible with kim_comparison_t */ - *out_comparison = CFStringCompare (cfstring, - compare_to_cfstring, - options); - } - - if (cfstring ) { CFRelease (cfstring); } - if (compare_to_cfstring) { CFRelease (compare_to_cfstring); } - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_string_compare_to_cfstring (kim_string in_string, - CFStringRef in_compare_to_cfstring, - kim_comparison *out_comparison) -{ - kim_error err = KIM_NO_ERROR; - CFStringRef cfstring = NULL; - - if (!err && !in_string ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_compare_to_cfstring) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_comparison ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_os_string_get_cfstring (in_string, &cfstring); - } - - if (!err) { - /* Returned CFComparisonResult is compatible with kim_comparison_t */ - *out_comparison = CFStringCompare (cfstring, in_compare_to_cfstring, 0); - } - - if (cfstring) { CFRelease (cfstring); } - - return check_error (err); -} diff --git a/src/kim/lib/mac/kim_os_ui_gui.c b/src/kim/lib/mac/kim_os_ui_gui.c deleted file mode 100644 index edc38ab25..000000000 --- a/src/kim/lib/mac/kim_os_ui_gui.c +++ /dev/null @@ -1,562 +0,0 @@ -/* kim/lib/mac/kim_os_ui_gui.c */ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifdef KIM_BUILTIN_UI - -#include "kim_os_private.h" - -#include "k5_mig_client.h" - -#include <mach/mach.h> -#include <mach/mach_error.h> -#include <unistd.h> - -/* ------------------------------------------------------------------------ */ - -static inline int32_t kim_os_ui_gui_send_request (int32_t in_launch_server, - k5_ipc_stream in_request_stream, - k5_ipc_stream *out_reply_stream) -{ - return k5_ipc_send_request (kim_os_agent_bundle_id, - in_launch_server, - in_request_stream, - out_reply_stream); -} - - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_ui_gui_init (kim_ui_context *io_context) -{ - kim_error err = KIM_NO_ERROR; - kim_string name = NULL; - kim_string path = NULL; - k5_ipc_stream request = NULL; - k5_ipc_stream reply = NULL; - - if (!err && !io_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_library_get_application_name (&name); - } - - if (!err) { - err = kim_os_library_get_application_path (&path); - } - - if (!err) { - err = krb5int_ipc_stream_new (&request); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (request, "init"); - } - - if (!err) { - err = krb5int_ipc_stream_write_int32 (request, getpid()); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (request, name ? name : ""); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (request, path ? path : ""); - } - - if (!err) { - err = kim_os_ui_gui_send_request (1 /* launch server */, - request, - &reply); - } - - if (!err) { - int32_t result = 0; - - err = krb5int_ipc_stream_read_int32 (reply, &result); - if (!err) { err = check_error (result); } - } - - if (!err) { - io_context->tcontext = NULL; - } - - krb5int_ipc_stream_release (request); - krb5int_ipc_stream_release (reply); - kim_string_free (&name); - kim_string_free (&path); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_ui_gui_enter_identity (kim_ui_context *in_context, - kim_options io_options, - kim_identity *out_identity, - kim_boolean *out_change_password) -{ - kim_error err = KIM_NO_ERROR; - k5_ipc_stream request = NULL; - k5_ipc_stream reply = NULL; - char *identity_string = NULL; - kim_identity identity = NULL; - uint32_t change_password = 0; - - if (!err && !io_options ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_change_password) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = krb5int_ipc_stream_new (&request); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (request, "enter_identity"); - } - - if (!err) { - err = kim_options_write_to_stream (io_options, request); - } - - if (!err) { - err = kim_os_ui_gui_send_request (0 /* don't launch server */, - request, - &reply); - if (!reply) { err = check_error (KIM_NO_SERVER_ERR); } - } - - if (!err) { - int32_t result = 0; - - err = krb5int_ipc_stream_read_int32 (reply, &result); - if (!err) { err = check_error (result); } - } - - if (!err) { - err = krb5int_ipc_stream_read_string (reply, &identity_string); - } - - if (!err) { - err = krb5int_ipc_stream_read_uint32 (reply, &change_password); - } - - if (!err) { - err = kim_options_read_from_stream (io_options, reply); - } - - if (!err) { - err = kim_identity_create_from_string (&identity, identity_string); - } - - if (!err) { - *out_identity = identity; - identity = NULL; - *out_change_password = change_password; - } - - kim_identity_free (&identity); - krb5int_ipc_stream_free_string (identity_string); - krb5int_ipc_stream_release (request); - krb5int_ipc_stream_release (reply); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_ui_gui_select_identity (kim_ui_context *in_context, - kim_selection_hints io_hints, - kim_identity *out_identity, - kim_boolean *out_change_password) -{ - kim_error err = KIM_NO_ERROR; - k5_ipc_stream request = NULL; - k5_ipc_stream reply = NULL; - char *identity_string = NULL; - kim_options options = NULL; - kim_identity identity = NULL; - uint32_t change_password = 0; - - if (!err && !io_hints ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_change_password) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = krb5int_ipc_stream_new (&request); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (request, "select_identity"); - } - - if (!err) { - err = kim_selection_hints_write_to_stream (io_hints, request); - } - - if (!err) { - err = kim_os_ui_gui_send_request (0 /* don't launch server */, - request, - &reply); - if (!reply) { err = check_error (KIM_NO_SERVER_ERR); } - } - - if (!err) { - int32_t result = 0; - - err = krb5int_ipc_stream_read_int32 (reply, &result); - if (!err) { err = check_error (result); } - } - - if (!err) { - err = krb5int_ipc_stream_read_string (reply, &identity_string); - } - - if (!err) { - err = kim_identity_create_from_string (&identity, identity_string); - } - - if (!err) { - err = krb5int_ipc_stream_read_uint32 (reply, &change_password); - } - - if (!err) { - err = kim_options_create_from_stream (&options, reply); - } - - if (!err) { - err = kim_selection_hints_set_options (io_hints, options); - } - - if (!err) { - *out_identity = identity; - identity = NULL; - *out_change_password = change_password; - } - - kim_identity_free (&identity); - kim_options_free (&options); - krb5int_ipc_stream_free_string (identity_string); - krb5int_ipc_stream_release (request); - krb5int_ipc_stream_release (reply); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_ui_gui_auth_prompt (kim_ui_context *in_context, - kim_identity in_identity, - kim_prompt_type in_type, - kim_boolean in_allow_save_reply, - kim_boolean in_hide_reply, - kim_string in_title, - kim_string in_message, - kim_string in_description, - char **out_reply, - kim_boolean *out_save_reply) -{ - kim_error err = KIM_NO_ERROR; - k5_ipc_stream request = NULL; - k5_ipc_stream reply = NULL; - kim_string identity_string = NULL; - - if (!err && !in_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_reply ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - /* in_title, in_message or in_description may be NULL */ - - if (!err) { - err = kim_identity_get_string (in_identity, &identity_string); - } - - if (!err) { - err = krb5int_ipc_stream_new (&request); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (request, "auth_prompt"); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (request, identity_string); - } - - if (!err) { - err = krb5int_ipc_stream_write_int32 (request, in_type); - } - - if (!err) { - err = krb5int_ipc_stream_write_int32 (request, in_allow_save_reply); - } - - if (!err) { - err = krb5int_ipc_stream_write_int32 (request, in_hide_reply); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (request, - in_title ? in_title : ""); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (request, - in_message ? in_message : ""); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (request, - in_description ? in_description : ""); - } - - if (!err) { - err = kim_os_ui_gui_send_request (0 /* don't launch server */, - request, - &reply); - if (!reply) { err = check_error (KIM_NO_SERVER_ERR); } - } - - if (!err) { - int32_t result = 0; - - err = krb5int_ipc_stream_read_int32 (reply, &result); - if (!err) { err = check_error (result); } - } - - if (!err) { - err = krb5int_ipc_stream_read_string (reply, out_reply); - } - - if (!err) { - err = krb5int_ipc_stream_read_int32 (reply, out_save_reply); - } - - kim_string_free (&identity_string); - - krb5int_ipc_stream_release (request); - krb5int_ipc_stream_release (reply); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_ui_gui_change_password (kim_ui_context *in_context, - kim_identity in_identity, - kim_boolean in_old_password_expired, - char **out_old_password, - char **out_new_password, - char **out_vfy_password) -{ - kim_error err = KIM_NO_ERROR; - k5_ipc_stream request = NULL; - k5_ipc_stream reply = NULL; - kim_string identity_string = NULL; - - char *old_password = NULL; - char *new_password = NULL; - char *vfy_password = NULL; - - if (!err && !in_identity ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_old_password) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_new_password) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !out_vfy_password) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_identity_get_string (in_identity, &identity_string); - } - - if (!err) { - err = krb5int_ipc_stream_new (&request); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (request, "change_password"); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (request, identity_string); - } - - if (!err) { - err = krb5int_ipc_stream_write_int32 (request, in_old_password_expired); - } - - if (!err) { - err = kim_os_ui_gui_send_request (0 /* don't launch server */, - request, - &reply); - if (!reply) { err = check_error (KIM_NO_SERVER_ERR); } - } - - if (!err) { - int32_t result = 0; - - err = krb5int_ipc_stream_read_int32 (reply, &result); - if (!err) { err = check_error (result); } - } - - if (!err) { - err = krb5int_ipc_stream_read_string (reply, &old_password); - } - - if (!err) { - err = krb5int_ipc_stream_read_string (reply, &new_password); - } - - if (!err) { - err = krb5int_ipc_stream_read_string (reply, &vfy_password); - } - - if (!err) { - *out_old_password = (char *) old_password; - old_password = NULL; - *out_new_password = (char *) new_password; - new_password = NULL; - *out_vfy_password = (char *) vfy_password; - vfy_password = NULL; - } - - kim_string_free (&identity_string); - krb5int_ipc_stream_free_string (old_password); - krb5int_ipc_stream_free_string (new_password); - krb5int_ipc_stream_free_string (vfy_password); - - krb5int_ipc_stream_release (request); - krb5int_ipc_stream_release (reply); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_ui_gui_handle_error (kim_ui_context *in_context, - kim_identity in_identity, - kim_error in_error, - kim_string in_error_message, - kim_string in_error_description) -{ - kim_error err = KIM_NO_ERROR; - k5_ipc_stream request = NULL; - k5_ipc_stream reply = NULL; - kim_string identity_string = NULL; - - if (!err && !in_error_message ) { err = check_error (KIM_NULL_PARAMETER_ERR); } - if (!err && !in_error_description) { err = check_error (KIM_NULL_PARAMETER_ERR); } - - if (!err) { - err = kim_identity_get_string (in_identity, &identity_string); - } - - if (!err) { - err = krb5int_ipc_stream_new (&request); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (request, "handle_error"); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (request, identity_string); - } - - if (!err) { - err = krb5int_ipc_stream_write_int32 (request, in_error); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (request, in_error_message); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (request, in_error_description); - } - - if (!err) { - err = kim_os_ui_gui_send_request (0 /* don't launch server */, - request, - &reply); - if (!reply) { err = check_error (KIM_NO_SERVER_ERR); } - } - - if (!err) { - int32_t result = 0; - - err = krb5int_ipc_stream_read_int32 (reply, &result); - if (!err) { err = check_error (result); } - } - - kim_string_free (&identity_string); - - krb5int_ipc_stream_release (request); - krb5int_ipc_stream_release (reply); - - return check_error (err); -} - -/* ------------------------------------------------------------------------ */ - -void kim_os_ui_gui_free_string (kim_ui_context *in_context, - char **io_string) -{ - kim_string_free ((kim_string *) io_string); -} - -/* ------------------------------------------------------------------------ */ - -kim_error kim_os_ui_gui_fini (kim_ui_context *io_context) -{ - kim_error err = KIM_NO_ERROR; - k5_ipc_stream request = NULL; - k5_ipc_stream reply = NULL; - - if (!err) { - err = krb5int_ipc_stream_new (&request); - } - - if (!err) { - err = krb5int_ipc_stream_write_string (request, "fini"); - } - - if (!err) { - err = kim_os_ui_gui_send_request (0 /* don't launch server */, - request, - &reply); - if (!reply) { err = check_error (KIM_NO_SERVER_ERR); } - } - - if (!err) { - int32_t result = 0; - - err = krb5int_ipc_stream_read_int32 (reply, &result); - if (!err) { err = check_error (result); } - } - - krb5int_ipc_stream_release (request); - krb5int_ipc_stream_release (reply); - - return check_error (err); -} - -#endif /* KIM_BUILTIN_UI */ diff --git a/src/kim/test/main.c b/src/kim/test/main.c deleted file mode 100644 index 4bb91f587..000000000 --- a/src/kim/test/main.c +++ /dev/null @@ -1,77 +0,0 @@ -/* kim/test/main.c */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "test_kim_identity.h" -#include "test_kim_preferences.h" -#include "test_kim_selection_hints.h" - -int main (int argc, const char * argv[]) -{ - kim_test_state_t state = NULL; - - if (test_init (&state)) { - return 1; - } - - test_kim_identity_create_from_krb5_principal (state); - - test_kim_identity_create_from_string (state); - - test_kim_identity_create_from_components (state); - - test_kim_identity_copy (state); - - test_kim_identity_compare (state); - - test_kim_identity_get_display_string (state); - - test_kim_identity_get_realm (state); - - test_kim_identity_get_number_of_components (state); - - test_kim_identity_get_component_at_index (state); - - test_kim_identity_get_krb5_principal (state); - - test_kim_preferences_create (state); - - test_kim_preferences_copy (state); - - test_kim_preferences_set_options (state); - - test_kim_preferences_set_remember_options (state); - - test_kim_preferences_set_client_identity (state); - - test_kim_selection_hints_set_hint (state); - - test_kim_selection_hints_remember_identity (state); - - test_kim_preferences_add_favorite_identity (state); - - test_kim_preferences_remove_favorite_identity(state); - - return test_cleanup (state); -} diff --git a/src/kim/test/test_kim_common.c b/src/kim/test/test_kim_common.c deleted file mode 100644 index 9615d1063..000000000 --- a/src/kim/test/test_kim_common.c +++ /dev/null @@ -1,137 +0,0 @@ -/* kim/test/test_kim_common.c */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include <test_kim_common.h> - -const char *k_no_test_name = "No test name set"; - -/* ------------------------------------------------------------------------ */ - -int test_init (kim_test_state_t *out_state) -{ - kim_test_state_t state = NULL; - - printf ("Initializing tests... "); - - state = malloc (sizeof (*state)); - if (!state) { - printf ("out of memory.\n\n"); - return 1; - } - - state->test_name = k_no_test_name; - state->global_fail_count = 0; - state->test_fail_count = 0; - - *out_state = state; - - printf ("done.\n\n"); - - return 0; -} - -/* ------------------------------------------------------------------------ */ - -int test_cleanup (kim_test_state_t io_state) -{ - int global_fail_count = io_state->global_fail_count; - - printf ("Exiting. %d total failures.", global_fail_count); - free (io_state); - - return global_fail_count; -} - -/* ------------------------------------------------------------------------ */ - -void start_test (kim_test_state_t in_state, - const char *in_test_name) -{ - in_state->test_name = in_test_name; - in_state->test_fail_count = 0; - - printf ("Testing %s...\n", in_state->test_name); -} - -/* ------------------------------------------------------------------------ */ - -void end_test (kim_test_state_t in_state) -{ - printf ("Finished testing %s. %d failures.\n\n", - in_state->test_name, in_state->test_fail_count); - - in_state->test_name = k_no_test_name; - in_state->global_fail_count += in_state->test_fail_count; - in_state->test_fail_count = 0; -} - -/* ------------------------------------------------------------------------ */ - -void fail_if_error (kim_test_state_t in_state, - const char *in_function, - kim_error in_err, - const char *in_format, - ...) -{ - if (in_err) { - va_list args; - kim_string message = NULL; - - kim_error err = kim_string_create_for_last_error (&message, in_err); - - printf ("\tFAILURE: "); - printf ("%s() got %d (%s) ", - in_function, in_err, !err ? message : "Unknown"); - - va_start (args, in_format); - vprintf (in_format, args); - va_end (args); - - printf ("\n"); - - in_state->test_fail_count++; - - kim_string_free (&message); - } -} - -/* ------------------------------------------------------------------------ */ - -void log_failure (kim_test_state_t in_state, - const char *in_format, - ...) -{ - va_list args; - - printf ("\tFAILURE: "); - - va_start (args, in_format); - vprintf (in_format, args); - va_end (args); - - printf ("\n"); - - in_state->test_fail_count++; -} diff --git a/src/kim/test/test_kim_common.h b/src/kim/test/test_kim_common.h deleted file mode 100644 index 2845ecb60..000000000 --- a/src/kim/test/test_kim_common.h +++ /dev/null @@ -1,67 +0,0 @@ -/* kim/test/test_kim_common.h */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef TEST_KIM_COMMON_H -#define TEST_KIM_COMMON_H - -#include <kim/kim.h> -#include <stdlib.h> -#include <stdio.h> -#include <string.h> - -typedef struct kim_test_state_d { - const char *test_name; - int global_fail_count; - int test_fail_count; -} *kim_test_state_t; - -int test_init (kim_test_state_t *out_state); - -int test_cleanup (kim_test_state_t io_state); - -void start_test (kim_test_state_t in_state, - const char *in_test_name); - -void end_test (kim_test_state_t in_state); - -void fail_if_error (kim_test_state_t in_state, - const char *in_function, - kim_error in_err, - const char *in_format, - ...) -#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 7) -__attribute__ ((__format__ (__printf__, 4, 5))) -#endif -; - -void log_failure (kim_test_state_t in_state, - const char *in_format, - ...) -#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 7) -__attribute__ ((__format__ (__printf__, 2, 3))) -#endif -; - -#endif /* TEST_KIM_COMMON_H */ diff --git a/src/kim/test/test_kim_identity.c b/src/kim/test/test_kim_identity.c deleted file mode 100644 index 00252014e..000000000 --- a/src/kim/test/test_kim_identity.c +++ /dev/null @@ -1,594 +0,0 @@ -/* kim/test/test_kim_identity.c */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "test_kim_identity.h" - -typedef struct test_identity_d { - const char *string; - const char *display_string; - kim_boolean is_tgt_service; - const char *realm; - kim_count component_count; - const char *components[5]; -} test_identity; - - -test_identity test_identities[] = { - {"a@B", "a@B", 0, "B", 1, { "a", NULL, NULL, NULL, NULL } }, - {"user@EXAMPLE.COM", "user@EXAMPLE.COM", 0, "EXAMPLE.COM", 1, { "user", NULL, NULL, NULL, NULL } }, - {"krbtgt@EXAMPLE.COM", "krbtgt@EXAMPLE.COM", 0, "EXAMPLE.COM", 1, { "krbtgt", NULL, NULL, NULL, NULL } }, - {"krbtgt/EXAMPLE.COM@EXAMPLE.COM", "krbtgt/EXAMPLE.COM@EXAMPLE.COM", 1, "EXAMPLE.COM", 2, { "krbtgt", "EXAMPLE.COM", NULL, NULL, NULL } }, - {"krbtgt/OTHER.COM@EXAMPLE.COM", "krbtgt/OTHER.COM@EXAMPLE.COM", 1, "EXAMPLE.COM", 2, { "krbtgt", "OTHER.COM", NULL, NULL, NULL } }, - {"a space@EXAMPLE.COM", "a space@EXAMPLE.COM", 0, "EXAMPLE.COM", 1, { "a space", NULL, NULL, NULL, NULL } }, - {"üñîçödé@EXAMPLE.COM", "üñîçödé@EXAMPLE.COM", 0, "EXAMPLE.COM", 1, { "üñîçödé", NULL, NULL, NULL, NULL } }, - {"user.name@EXAMPLE.COM", "user.name@EXAMPLE.COM", 0, "EXAMPLE.COM", 1, { "user.name", NULL, NULL, NULL, NULL } }, - {"user\\/instance@EXAMPLE.COM", "user/instance@EXAMPLE.COM", 0, "EXAMPLE.COM", 1, { "user\/instance", NULL, NULL, NULL, NULL } }, - {"user\\@instance@EXAMPLE.COM", "user@instance@EXAMPLE.COM", 0, "EXAMPLE.COM", 1, { "user\@instance", NULL, NULL, NULL, NULL } }, - {"user/instance@EXAMPLE.COM", "user/instance@EXAMPLE.COM", 0, "EXAMPLE.COM", 2, { "user", "instance", NULL, NULL, NULL } }, - {"user/i1/i2@EXAMPLE.COM", "user/i1/i2@EXAMPLE.COM", 0, "EXAMPLE.COM", 3, { "user", "i1", "i2", NULL, NULL } }, - {"user/i1/i2/i3/i4@EXAMPLE.COM", "user/i1/i2/i3/i4@EXAMPLE.COM", 0, "EXAMPLE.COM", 5, { "user", "i1", "i2", "i3", "i4" } }, - {"an insanely long principal for testing icky hex key principals/an insanely long instance for testing icky hex key principals@AN-INSANELY-LONG-REALM-NAME-FOR-TESTING-AUTOGENERATED-REALM-NAMES", - "an insanely long principal for testing icky hex key principals/an insanely long instance for testing icky hex key principals@AN-INSANELY-LONG-REALM-NAME-FOR-TESTING-AUTOGENERATED-REALM-NAMES", - 0, "AN-INSANELY-LONG-REALM-NAME-FOR-TESTING-AUTOGENERATED-REALM-NAMES", - 2, { "an insanely long principal for testing icky hex key principals", "an insanely long instance for testing icky hex key principals", NULL, NULL, NULL } }, - { NULL, NULL, 0, NULL, 0, { NULL, NULL, NULL, NULL, NULL } }, -}; - -/* ------------------------------------------------------------------------ */ - -void test_kim_identity_create_from_krb5_principal (kim_test_state_t state) -{ - kim_count i = 0; - - start_test (state, "kim_identity_create_from_krb5_principal"); - - for (i = 0; test_identities[i].string; i++) { - kim_error err = KIM_NO_ERROR; - krb5_context context = NULL; - krb5_principal principal = NULL; - kim_identity identity = NULL; - kim_string string = NULL; - - printf ("."); - - err = krb5_init_context (&context); - fail_if_error (state, "krb5_init_context", err, - "while initializing context"); - - if (!err) { - err = krb5_parse_name (context, test_identities[i].string, &principal); - fail_if_error (state, "krb5_parse_name", err, - "while creating krb5_principal for %s", - test_identities[i].string); - } - - if (!err) { - err = kim_identity_create_from_krb5_principal (&identity, context, principal); - fail_if_error (state, "kim_identity_create_from_string", err, - "while creating the identity for %s", - test_identities[i].string); - } - - if (!err) { - err = kim_identity_get_string (identity, &string); - fail_if_error (state, "kim_identity_get_string", err, - "while getting the string for %s", - test_identities[i].string); - } - - if (!err && strcmp (string, test_identities[i].string)) { - log_failure (state, "Unexpected string (got '%s', expected '%s')", - string, test_identities[i].string); - } - - kim_string_free (&string); - kim_identity_free (&identity); - if (principal) { krb5_free_principal (context, principal); } - if (context ) { krb5_free_context (context); } - } - - printf ("\n"); - - end_test (state); -} - -/* ------------------------------------------------------------------------ */ - -void test_kim_identity_create_from_string (kim_test_state_t state) -{ - kim_count i = 0; - - start_test (state, "kim_identity_create_from_string"); - - for (i = 0; test_identities[i].string; i++) { - kim_error err = KIM_NO_ERROR; - kim_identity identity = NULL; - kim_string string = NULL; - - printf ("."); - - if (!err) { - err = kim_identity_create_from_string (&identity, test_identities[i].string); - fail_if_error (state, "kim_identity_create_from_string", err, - "while creating the identity for %s", - test_identities[i].string); - } - - if (!err) { - err = kim_identity_get_string (identity, &string); - fail_if_error (state, "kim_identity_get_string", err, - "while getting the string for %s", - test_identities[i].string); - } - - if (!err && strcmp (string, test_identities[i].string)) { - log_failure (state, "Unexpected string (got '%s', expected '%s')", - string, test_identities[i].string); - } - - kim_string_free (&string); - kim_identity_free (&identity); - } - - printf ("\n"); - - end_test (state); -} - - -/* ------------------------------------------------------------------------ */ - -void test_kim_identity_create_from_components (kim_test_state_t state) -{ - kim_count i = 0; - - start_test (state, "kim_identity_create_from_components"); - - for (i = 0; test_identities[i].string; i++) { - kim_error err = KIM_NO_ERROR; - kim_identity identity = NULL; - kim_string string = NULL; - - printf ("."); - - if (!err) { - err = kim_identity_create_from_components (&identity, - test_identities[i].realm, - test_identities[i].components[0], - test_identities[i].components[1], - test_identities[i].components[2], - test_identities[i].components[3], - test_identities[i].components[4], - NULL); - fail_if_error (state, "kim_identity_create_from_components", err, - "while creating the identity for %s", - test_identities[i].string); - } - - if (!err) { - err = kim_identity_get_string (identity, &string); - fail_if_error (state, "kim_identity_get_string", err, - "while getting the string for %s", - test_identities[i].string); - } - - if (!err && strcmp (string, test_identities[i].string)) { - log_failure (state, "Unexpected string (got '%s', expected '%s')", - string, test_identities[i].string); - } - - kim_string_free (&string); - kim_identity_free (&identity); - } - - printf ("\n"); - - end_test (state); -} - -/* ------------------------------------------------------------------------ */ - -void test_kim_identity_copy (kim_test_state_t state) -{ - kim_count i = 0; - - start_test (state, "kim_identity_copy"); - - for (i = 0; test_identities[i].string; i++) { - kim_error err = KIM_NO_ERROR; - kim_identity identity = NULL; - kim_identity identity_copy = NULL; - kim_string string = NULL; - - printf ("."); - - if (!err) { - err = kim_identity_create_from_string (&identity, test_identities[i].string); - fail_if_error (state, "kim_identity_create_from_string", err, - "while creating the identity for %s", - test_identities[i].string); - } - - if (!err) { - err = kim_identity_copy (&identity_copy, identity); - fail_if_error (state, "kim_identity_copy", err, - "while copying %s", test_identities[i].string); - } - - if (!err) { - err = kim_identity_get_string (identity_copy, &string); - fail_if_error (state, "kim_identity_get_string", err, - "while getting the string for the copy of %s", - test_identities[i].string); - } - - if (!err && strcmp (string, test_identities[i].string)) { - log_failure (state, "Unexpected string (got '%s', expected '%s')", - string, test_identities[i].string); - } - - kim_string_free (&string); - kim_identity_free (&identity_copy); - kim_identity_free (&identity); - } - - printf ("\n"); - - end_test (state); -} - -/* ------------------------------------------------------------------------ */ - -void test_kim_identity_compare (kim_test_state_t state) -{ - kim_count i, j = 0; - - start_test (state, "kim_identity_create_from_string"); - - for (i = 0; test_identities[i].string; i++) { - kim_error err = KIM_NO_ERROR; - kim_identity identity = NULL; - - printf ("."); - - err = kim_identity_create_from_string (&identity, test_identities[i].string); - fail_if_error (state, "kim_identity_create_from_string", err, - "while creating the identity for %s", - test_identities[i].string); - - for (j = 0; !err && test_identities[j].string; j++) { - kim_identity compare_to_identity = NULL; - kim_comparison comparison = 0; - - err = kim_identity_create_from_string (&compare_to_identity, test_identities[j].string); - fail_if_error (state, "kim_identity_create_from_string", err, - "while creating the identity for %s", - test_identities[j].string); - - if (!err) { - err = kim_identity_compare (identity, compare_to_identity, &comparison); - fail_if_error (state, "kim_identity_compare", err, - "while comparing %s and %s", - test_identities[i].string, test_identities[j].string); - } - - if (!err) { - if (i == j && !kim_comparison_is_equal_to (comparison)) { - log_failure (state, "Expected %s and %s to be equal but kim_identity_compare returned %d", - test_identities[i].string, test_identities[j].string, comparison); - - } else if (i != j && kim_comparison_is_equal_to (comparison)) { - log_failure (state, "Expected %s and %s to be NOT equal but kim_identity_compare returned %d", - test_identities[i].string, test_identities[j].string, comparison); - } - } - - kim_identity_free (&compare_to_identity); - } - - kim_identity_free (&identity); - } - - printf ("\n"); - - end_test (state); -} - -/* ------------------------------------------------------------------------ */ - -void test_kim_identity_get_display_string (kim_test_state_t state) -{ - kim_count i = 0; - - start_test (state, "kim_identity_get_display_string"); - - for (i = 0; test_identities[i].string; i++) { - kim_error err = KIM_NO_ERROR; - kim_identity identity = NULL; - kim_string string = NULL; - - printf ("."); - - if (!err) { - err = kim_identity_create_from_string (&identity, test_identities[i].string); - fail_if_error (state, "kim_identity_create_from_string", err, - "while creating the identity for %s", - test_identities[i].string); - } - - if (!err) { - err = kim_identity_get_display_string (identity, &string); - fail_if_error (state, "kim_identity_get_display_string", err, - "while getting the display string for %s", - test_identities[i].string); - } - - if (!err && strcmp (string, test_identities[i].display_string)) { - log_failure (state, "Unexpected display string for %s (got '%s', expected '%s')", - test_identities[i].string, string, test_identities[i].display_string); - } - - kim_string_free (&string); - kim_identity_free (&identity); - } - - printf ("\n"); - - end_test (state); -} - -/* ------------------------------------------------------------------------ */ - -void test_kim_identity_get_realm (kim_test_state_t state) -{ - kim_count i = 0; - - start_test (state, "kim_identity_get_realm"); - - for (i = 0; test_identities[i].string; i++) { - kim_error err = KIM_NO_ERROR; - kim_identity identity = NULL; - kim_string realm = NULL; - - printf ("."); - - if (!err) { - err = kim_identity_create_from_string (&identity, test_identities[i].string); - fail_if_error (state, "kim_identity_create_from_string", err, - "while creating the identity for %s", - test_identities[i].string); - } - - if (!err) { - err = kim_identity_get_realm (identity, &realm); - fail_if_error (state, "kim_identity_get_realm", err, - "while getting the realm for %s", test_identities[i].string); - } - - if (!err && strcmp (realm, test_identities[i].realm)) { - log_failure (state, "Unexpected realm string (got '%s', expected '%s')", - realm, test_identities[i].realm); - } - - kim_string_free (&realm); - kim_identity_free (&identity); - } - - printf ("\n"); - - end_test (state); -} - -/* ------------------------------------------------------------------------ */ - -void test_kim_identity_get_number_of_components (kim_test_state_t state) -{ - kim_count i = 0; - - start_test (state, "kim_identity_get_number_of_components"); - - for (i = 0; test_identities[i].string; i++) { - kim_error err = KIM_NO_ERROR; - kim_identity identity = NULL; - kim_count count = 0; - - printf ("."); - - if (!err) { - err = kim_identity_create_from_string (&identity, test_identities[i].string); - fail_if_error (state, "kim_identity_create_from_string", err, - "while creating the identity for %s", - test_identities[i].string); - } - - if (!err) { - err = kim_identity_get_number_of_components (identity, &count); - fail_if_error (state, "kim_identity_get_number_of_components", err, - "while getting number of components of %s", - test_identities[i].string); - } - - if (!err && (count != test_identities[i].component_count)) { - log_failure (state, "Unexpected component count of %s (got %d, expected %d)", - test_identities[i].string, (int) count, (int) test_identities[i].component_count); - } - - kim_identity_free (&identity); - } - - printf ("\n"); - - end_test (state); -} - -/* ------------------------------------------------------------------------ */ - -void test_kim_identity_get_component_at_index (kim_test_state_t state) -{ - kim_count i = 0; - - start_test (state, "kim_identity_get_component_at_index"); - - for (i = 0; test_identities[i].string; i++) { - kim_error err = KIM_NO_ERROR; - kim_identity identity = NULL; - kim_count c = 0; - - printf ("."); - - if (!err) { - err = kim_identity_create_from_string (&identity, test_identities[i].string); - fail_if_error (state, "kim_identity_create_from_string", err, - "while creating the identity for %s", - test_identities[i].string); - } - - for (c = 0; !err && c < test_identities[i].component_count; c++) { - kim_string component = NULL; - - err = kim_identity_get_component_at_index (identity, c, &component); - fail_if_error (state, "kim_identity_get_component_at_index", err, - "while getting component %d of %s", (int) c, - test_identities[i].string); - - if (!err && strcmp (component, test_identities[i].components[c])) { - log_failure (state, "Unexpected component %d of %s (got '%s', expected '%s')", - (int) c, test_identities[i].string, - component, test_identities[i].components[c]); - } - - kim_string_free (&component); - } - - kim_identity_free (&identity); - } - - printf ("\n"); - - end_test (state); -} - -/* ------------------------------------------------------------------------ */ - -void test_kim_identity_get_krb5_principal (kim_test_state_t state) -{ - kim_count i = 0; - - start_test (state, "kim_identity_get_krb5_principal"); - - for (i = 0; test_identities[i].string; i++) { - kim_error err = KIM_NO_ERROR; - krb5_context context = NULL; - krb5_principal principal = NULL; - krb5_principal identity_principal = NULL; - kim_identity identity = NULL; - - printf ("."); - - err = krb5_init_context (&context); - fail_if_error (state, "krb5_init_context", err, - "while initializing context"); - - if (!err) { - err = krb5_parse_name (context, test_identities[i].string, &principal); - fail_if_error (state, "krb5_parse_name", err, - "while creating krb5_principal for %s", - test_identities[i].string); - } - - if (!err && !err) { - err = kim_identity_create_from_string (&identity, test_identities[i].string); - fail_if_error (state, "kim_identity_create_from_string", err, - "while creating the identity for %s", - test_identities[i].string); - } - - if (!err && !err) { - err = kim_identity_get_krb5_principal (identity, context, &identity_principal); - fail_if_error (state, "kim_identity_get_krb5_principal", err, - "while getting the krb5_principal for %s", - test_identities[i].string); - } - - if (!err && !err) { - if (!krb5_principal_compare (context, principal, identity_principal)) { - log_failure (state, "Principal and identity principal for %s do not match", - test_identities[i].string); - } - } - - kim_identity_free (&identity); - if (identity_principal) { krb5_free_principal (context, identity_principal); } - if (principal ) { krb5_free_principal (context, principal); } - if (context ) { krb5_free_context (context); } - } - - printf ("\n"); - - end_test (state); -} - -/* ------------------------------------------------------------------------ */ -/* -void test_kim_identity_is_tgt_service (kim_test_state_t state) -{ - kim_count i = 0; - - start_test (state, "kim_identity_is_tgt_service"); - - for (i = 0; test_identities[i].string; i++) { - kim_error err = KIM_NO_ERROR; - kim_identity_t identity = NULL; - kim_boolean_t is_tgt_service = 0; - - printf ("."); - - if (!err) { - err = kim_identity_create_from_string (&identity, test_identities[i].string); - fail_if_error (state, "kim_identity_create_from_string", err, - "while creating the identity for %s", - test_identities[i].string); - } - - if (!err) { - err = kim_identity_is_tgt_service (identity, &is_tgt_service); - fail_if_error (state, "kim_identity_is_tgt_service", err, - "while determining if %s is a tgt service", - test_identities[i].string); - } - - if (!err && (is_tgt_service != test_identities[i].is_tgt_service)) { - log_failure (state, "Unexpected result from kim_identity_is_tgt_service for %s (got %d, expected %d)", - test_identities[i].string, is_tgt_service, test_identities[i].is_tgt_service); - } - - kim_identity_free (&identity); - } - - printf ("\n"); - - end_test (state); -} -*/ diff --git a/src/kim/test/test_kim_identity.h b/src/kim/test/test_kim_identity.h deleted file mode 100644 index b8504d621..000000000 --- a/src/kim/test/test_kim_identity.h +++ /dev/null @@ -1,51 +0,0 @@ -/* kim/test/test_kim_identity.h */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef TEST_KIM_IDENTITY_H -#define TEST_KIM_IDENTITY_H - -#include "test_kim_common.h" - -void test_kim_identity_create_from_krb5_principal (kim_test_state_t state); - -void test_kim_identity_create_from_string (kim_test_state_t state); - -void test_kim_identity_create_from_components (kim_test_state_t state); - -void test_kim_identity_copy (kim_test_state_t state); - -void test_kim_identity_compare (kim_test_state_t state); - -void test_kim_identity_get_display_string (kim_test_state_t state); - -void test_kim_identity_get_realm (kim_test_state_t state); - -void test_kim_identity_get_number_of_components (kim_test_state_t state); - -void test_kim_identity_get_component_at_index (kim_test_state_t state); - -void test_kim_identity_get_krb5_principal (kim_test_state_t state); - -#endif /* TEST_KIM_IDENTITY_H */ diff --git a/src/kim/test/test_kim_preferences.c b/src/kim/test/test_kim_preferences.c deleted file mode 100644 index 8f05da0da..000000000 --- a/src/kim/test/test_kim_preferences.c +++ /dev/null @@ -1,917 +0,0 @@ -/* kim/test/test_kim_preferences.c */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "test_kim_preferences.h" - -#define TEST_LIFETIME 7777 - -void print_favorites(kim_test_state_t state); -kim_boolean favorites_contains_identity(kim_test_state_t state, kim_identity identity); - -/* ------------------------------------------------------------------------ */ - -void print_favorites(kim_test_state_t state) -{ - kim_error err = KIM_NO_ERROR; - kim_preferences prefs = NULL; - kim_count count, j; - kim_string string; - - err = kim_preferences_create (&prefs); - fail_if_error (state, "kim_preferences_create", err, - "while creating preferences"); - - if (!err) { - err = kim_preferences_get_number_of_favorite_identities (prefs, &count); - fail_if_error (state, "kim_preferences_get_number_of_favorite_identities", err, - "while getting number of favorite identities"); - printf("%qu favorites...\n", count); - } - - - for (j = 0; j < count; j++) { - kim_identity compare_identity = NULL; - kim_options compare_options = NULL; - err = kim_preferences_get_favorite_identity_at_index (prefs, j, - &compare_identity, - &compare_options); - fail_if_error (state, "kim_preferences_get_favorite_identity_at_index", err, - "while getting favorite identity %d", (int) j); - - if (!err) - { - kim_identity_get_display_string(compare_identity, &string); - printf(" %2qu: %s\n", j, string); - } - - kim_identity_free (&compare_identity); - kim_options_free (&compare_options); - } - - kim_preferences_free (&prefs); -} - -/* ------------------------------------------------------------------------ */ - -kim_boolean favorites_contains_identity(kim_test_state_t state, kim_identity identity) -{ - kim_error err = KIM_NO_ERROR; - kim_preferences prefs = NULL; - kim_count count, j; - kim_boolean found = 0; - - err = kim_preferences_create (&prefs); - fail_if_error (state, "kim_preferences_create", err, - "while creating preferences"); - - if (!err) { - err = kim_preferences_get_number_of_favorite_identities (prefs, &count); - fail_if_error (state, "kim_preferences_get_number_of_favorite_identities", err, - "while getting number of favorite identities"); - } - - for (j = 0; j < count; j++) { - kim_identity compare_identity = NULL; - kim_options compare_options = NULL; - kim_comparison comparison = 0; - - err = kim_preferences_get_favorite_identity_at_index (prefs, j, - &compare_identity, - &compare_options); - fail_if_error (state, "kim_preferences_get_favorite_identity_at_index", err, - "while getting favorite identity %d", (int) j); - - if (!err) { - kim_string display_string = NULL; - err = kim_identity_compare (identity, compare_identity, - &comparison); - if (err) { - kim_identity_get_display_string(identity, &display_string); - fail_if_error (state, "kim_identity_compare", err, - "while comparing %s to favorite identity %d", - display_string, (int) j); - } - } - - if (!err && kim_comparison_is_equal_to (comparison)) { - found = 1; - } - - kim_identity_free (&compare_identity); - kim_options_free (&compare_options); - } - - kim_preferences_free (&prefs); - - return found; -} - -/* ------------------------------------------------------------------------ */ - -void test_kim_preferences_create (kim_test_state_t state) -{ - - start_test (state, "kim_preferences_create"); - - { - kim_error err = KIM_NO_ERROR; - kim_preferences prefs = NULL; - - err = kim_preferences_create (&prefs); - fail_if_error (state, "kim_preferences_create", err, - "while creating preferences"); - - kim_preferences_free (&prefs); - } - - end_test (state); -} - -/* ------------------------------------------------------------------------ */ - -void test_kim_preferences_copy (kim_test_state_t state) -{ - - start_test (state, "test_kim_preferences_copy"); - - { - kim_error err = KIM_NO_ERROR; - kim_preferences prefs = NULL; - kim_preferences prefs_copy = NULL; - - err = kim_preferences_create (&prefs); - fail_if_error (state, "kim_preferences_create", err, - "while creating preferences"); - - if (!err) { - err = kim_preferences_copy (&prefs_copy, prefs); - fail_if_error (state, "kim_preferences_copy", err, - "while copying preferences"); - } - - kim_preferences_free (&prefs_copy); - kim_preferences_free (&prefs); - } - - end_test (state); -} - -/* ------------------------------------------------------------------------ */ - -void test_kim_preferences_set_options (kim_test_state_t state) -{ - kim_error err = KIM_NO_ERROR; - - start_test (state, "kim_preferences_set_options"); - - if (!err) { - kim_preferences prefs = NULL; - kim_options options = NULL; - - err = kim_preferences_create (&prefs); - fail_if_error (state, "kim_preferences_create", err, - "while creating preferences"); - - if (!err) { - err = kim_preferences_get_options (prefs, &options); - fail_if_error (state, "kim_preferences_get_options", err, - "while getting old options"); - } - - if (!err) { - err = kim_options_set_lifetime (options, TEST_LIFETIME); - fail_if_error (state, "kim_options_set_lifetime", err, - "while setting the lifetime to %d", TEST_LIFETIME); - } - - if (!err) { - err = kim_preferences_set_options (prefs, options); - fail_if_error (state, "kim_preferences_set_options", err, - "while setting the new options"); - } - - if (!err) { - err = kim_preferences_synchronize (prefs); - fail_if_error (state, "kim_preferences_synchronize", err, - "while setting the identity to KIM_IDENTITY_ANY"); - } - - kim_options_free (&options); - kim_preferences_free (&prefs); - } - - if (!err) { - kim_preferences prefs = NULL; - kim_options verify_options = NULL; - kim_lifetime lifetime = 0; - - err = kim_preferences_create (&prefs); - fail_if_error (state, "kim_preferences_create", err, - "while creating preferences"); - - - if (!err) { - err = kim_preferences_get_options (prefs, &verify_options); - fail_if_error (state, "kim_preferences_get_options", err, - "while getting options for verification"); - } - - if (!err) { - err = kim_options_get_lifetime (verify_options, &lifetime); - fail_if_error (state, "kim_options_get_data", err, - "while getting the custom data of the verify options"); - } - - if (!err && lifetime != TEST_LIFETIME) { - log_failure (state, "Unexpected lifetime in options (got %d, expected %d)", - (int) lifetime, TEST_LIFETIME); - } - - kim_options_free (&verify_options); - kim_preferences_free (&prefs); - } - - end_test (state); -} - -/* ------------------------------------------------------------------------ */ - -void test_kim_preferences_set_remember_options (kim_test_state_t state) -{ - - kim_error err = KIM_NO_ERROR; - - start_test (state, "kim_preferences_set_remember_options"); - - if (!err) { - kim_preferences prefs = NULL; - - err = kim_preferences_create (&prefs); - fail_if_error (state, "kim_preferences_create", err, - "while creating preferences"); - - if (!err) { - err = kim_preferences_set_remember_options (prefs, TRUE); - fail_if_error (state, "kim_preferences_set_remember_options", err, - "while setting the preference to remember options"); - } - - if (!err) { - err = kim_preferences_synchronize (prefs); - fail_if_error (state, "kim_preferences_synchronize", err, - "while setting the identity to KIM_IDENTITY_ANY"); - } - - kim_preferences_free (&prefs); - } - - if (!err) { - kim_preferences prefs = NULL; - kim_boolean remember_options = TRUE; - - err = kim_preferences_create (&prefs); - fail_if_error (state, "kim_preferences_create", err, - "while creating preferences"); - - if (!err) { - err = kim_preferences_get_remember_options (prefs, &remember_options); - fail_if_error (state, "kim_preferences_get_remember_options", err, - "while getting the preference to remember options"); - } - - if (!err && !remember_options) { - log_failure (state, "Unexpected remember options preference (got %d, expected TRUE)", - remember_options); - } - - kim_preferences_free (&prefs); - } - - if (!err) { - kim_preferences prefs = NULL; - - err = kim_preferences_create (&prefs); - fail_if_error (state, "kim_preferences_create", err, - "while creating preferences"); - - if (!err) { - err = kim_preferences_set_remember_options (prefs, FALSE); - fail_if_error (state, "kim_preferences_set_remember_options", err, - "while setting the preference to remember options"); - } - - if (!err) { - err = kim_preferences_synchronize (prefs); - fail_if_error (state, "kim_preferences_synchronize", err, - "while setting the identity to KIM_IDENTITY_ANY"); - } - - kim_preferences_free (&prefs); - } - - if (!err) { - kim_preferences prefs = NULL; - kim_boolean remember_options = FALSE; - - err = kim_preferences_create (&prefs); - fail_if_error (state, "kim_preferences_create", err, - "while creating preferences"); - - if (!err) { - err = kim_preferences_get_remember_options (prefs, &remember_options); - fail_if_error (state, "kim_preferences_get_remember_options", err, - "while getting the preference to remember options"); - } - - if (!err && remember_options) { - log_failure (state, "Unexpected remember options preference (got %d, expected 0)", - remember_options); - } - - kim_preferences_free (&prefs); - } - - end_test (state); -} - -/* ------------------------------------------------------------------------ */ - -void test_kim_preferences_set_client_identity (kim_test_state_t state) -{ - - kim_error err = KIM_NO_ERROR; - kim_string test_string = "user@EXAMPLE.COM"; - kim_identity test_identity = KIM_IDENTITY_ANY; - kim_identity identity = KIM_IDENTITY_ANY; - kim_comparison comparison = 0; - - start_test (state, "kim_preferences_set_client_identity"); - - - if (!err) { - err = kim_identity_create_from_string (&test_identity, test_string); - fail_if_error (state, "kim_identity_create_from_string", err, - "while creating the identity for %s", test_string); - } - - if (!err) { - kim_preferences prefs = NULL; - - err = kim_preferences_create (&prefs); - fail_if_error (state, "kim_preferences_create", err, - "while creating preferences"); - - if (!err) { - err = kim_preferences_set_client_identity (prefs, KIM_IDENTITY_ANY); - fail_if_error (state, "kim_preferences_set_client_identity", err, - "while setting the identity to KIM_IDENTITY_ANY"); - } - - if (!err) { - err = kim_preferences_synchronize (prefs); - fail_if_error (state, "kim_preferences_synchronize", err, - "while setting the identity to KIM_IDENTITY_ANY"); - } - - kim_preferences_free (&prefs); - } - - if (!err) { - kim_preferences prefs = NULL; - - err = kim_preferences_create (&prefs); - fail_if_error (state, "kim_preferences_create", err, - "while creating preferences"); - - if (!err) { - err = kim_preferences_get_client_identity (prefs, &identity); - fail_if_error (state, "kim_preferences_get_client_identity", err, - "while getting the client identity preference"); - } - - if (!err && identity != KIM_IDENTITY_ANY) { - log_failure (state, "Unexpected client identity preference (got %p, expected %p)", - identity, KIM_IDENTITY_ANY); - kim_identity_free (&identity); - } - - kim_preferences_free (&prefs); - } - - if (!err) { - kim_preferences prefs = NULL; - - err = kim_preferences_create (&prefs); - fail_if_error (state, "kim_preferences_create", err, - "while creating preferences"); - - if (!err) { - err = kim_preferences_set_client_identity (prefs, test_identity); - fail_if_error (state, "kim_preferences_set_client_identity", err, - "while setting the identity to %s", test_string); - } - - if (!err) { - err = kim_preferences_synchronize (prefs); - fail_if_error (state, "kim_preferences_synchronize", err, - "while setting the identity to KIM_IDENTITY_ANY"); - } - - kim_preferences_free (&prefs); - } - - - if (!err) { - kim_preferences prefs = NULL; - kim_string string = NULL; - - err = kim_preferences_create (&prefs); - fail_if_error (state, "kim_preferences_create", err, - "while creating preferences"); - - if (!err) { - err = kim_preferences_get_client_identity (prefs, &identity); - fail_if_error (state, "kim_preferences_get_client_identity", err, - "while getting the client identity preference"); - } - - if (!err && identity) { - err = kim_identity_get_string (identity, &string); - fail_if_error (state, "kim_identity_get_string", err, - "while getting the string for client identity preference"); - } - - if (!err) { - err = kim_identity_compare (identity, test_identity, &comparison); - fail_if_error (state, "kim_identity_compare", err, - "while comparing %s to the identity preference %s", - test_string, string ? string : "NULL"); - } - - if (!err && !kim_comparison_is_equal_to (comparison)) { - log_failure (state, "Unexpected client identity preference (got %s, expected %s)", - string ? string : "NULL", test_string); - kim_identity_free (&identity); - } - - kim_string_free (&string); - kim_preferences_free (&prefs); - } - - kim_identity_free (&identity); - kim_identity_free (&test_identity); - - end_test (state); -} - - -struct favorite_identity { - kim_string identity; - kim_lifetime lifetime; - kim_lifetime renewal_lifetime; -}; - -struct favorite_identity fids[] = { -{ "bob@EXAMPLE.COM", 7777, 8888 }, -{ "alice@UNIVERSITY.EDU", 12345, 54321 }, -{ "bob@COMPANY.COM", 5555, 6666 }, -{ "alice/admin@EXAMPLE.COM", 2222, 3333 }, -{ NULL, 0, 0 } -}; - -/* ------------------------------------------------------------------------ */ - -void test_kim_preferences_add_favorite_identity (kim_test_state_t state) -{ - kim_error err = KIM_NO_ERROR; - - start_test (state, "kim_preferences_add_favorite_identity"); - - if (!err) { - kim_preferences prefs = NULL; - kim_options options = NULL; - kim_count i; - - err = kim_preferences_create (&prefs); - fail_if_error (state, "kim_preferences_create", err, - "while creating preferences"); - - if (!err) { - err = kim_preferences_remove_all_favorite_identities (prefs); - fail_if_error (state, "kim_preferences_remove_all_favorite_identities", err, - "while removing all favorite identities"); - } - - if (!err) { - err = kim_options_create (&options); - fail_if_error (state, "kim_options_create", err, - "while creating options"); - } - - for (i = 0; !err && fids[i].identity; i++) { - kim_identity identity = NULL; - - err = kim_identity_create_from_string (&identity, fids[i].identity); - fail_if_error (state, "kim_identity_create_from_string", err, - "while creating the identity for %s", - fids[i].identity); - - if (!err) { - err = kim_options_set_lifetime (options, fids[i].lifetime); - fail_if_error (state, "kim_options_set_lifetime", err, - "while setting the lifetime to %d", - (int) fids[i].lifetime); - } - - if (!err) { - err = kim_options_set_renewal_lifetime (options, fids[i].renewal_lifetime); - fail_if_error (state, "kim_options_set_renewal_lifetime", err, - "while setting the renewal lifetime to %d", - (int) fids[i].renewal_lifetime); - } - - if (!err) { - err = kim_preferences_add_favorite_identity (prefs, identity, options); - fail_if_error (state, "kim_preferences_add_favorite_identity", err, - "while adding %s to the favorite identities", - fids[i].identity); - } - - kim_identity_free (&identity); - } - - if (!err) { - err = kim_preferences_synchronize (prefs); - fail_if_error (state, "kim_preferences_synchronize", err, - "while setting the favorite identities"); - } - - kim_options_free (&options); - kim_preferences_free (&prefs); - } - - if (!err) { - kim_preferences prefs = NULL; - kim_count count, i; - - err = kim_preferences_create (&prefs); - fail_if_error (state, "kim_preferences_create", err, - "while creating preferences"); - - if (!err) { - err = kim_preferences_get_number_of_favorite_identities (prefs, &count); - fail_if_error (state, "kim_preferences_get_number_of_favorite_identities", err, - "while getting number of favorite identities"); - } - - - for (i = 0; !err && fids[i].identity; i++) { - kim_identity identity = NULL; - kim_count j; - kim_boolean found = 0; - - err = kim_identity_create_from_string (&identity, fids[i].identity); - fail_if_error (state, "kim_identity_create_from_string", err, - "while creating the identity for %s", - fids[i].identity); - - for (j = 0; j < count; j++) { - kim_identity compare_identity = NULL; - kim_options compare_options = NULL; - kim_comparison comparison; - - err = kim_preferences_get_favorite_identity_at_index (prefs, j, - &compare_identity, - &compare_options); - fail_if_error (state, "kim_preferences_get_favorite_identity_at_index", err, - "while getting favorite identity %d", (int) j); - - if (!err) { - err = kim_identity_compare (identity, compare_identity, - &comparison); - fail_if_error (state, "kim_identity_compare", err, - "while comparing %s to favorite identity %d", - fids[i].identity, (int) i); - } - - if (!err && kim_comparison_is_equal_to (comparison)) { - kim_lifetime compare_lifetime; - kim_lifetime compare_renewal_lifetime; - - found = 1; - - err = kim_options_get_lifetime (compare_options, &compare_lifetime); - fail_if_error (state, "kim_options_get_lifetime", err, - "while getting the lifetime for %s", - fids[i].identity); - - if (!err && fids[i].lifetime != compare_lifetime) { - log_failure (state, "Unexpected lifetime for %s (got %d, expected %d)", - fids[i].identity, (int) compare_lifetime, - (int) fids[i].lifetime); - } - - if (!err) { - err = kim_options_get_renewal_lifetime (compare_options, - &compare_renewal_lifetime); - fail_if_error (state, "kim_options_get_renewal_lifetime", err, - "while getting the lifetime for %s", - fids[i].identity); - } - - if (!err && fids[i].renewal_lifetime != compare_renewal_lifetime) { - log_failure (state, "Unexpected renewal lifetime for %s (got %d, expected %d)", - fids[i].identity, - (int) compare_renewal_lifetime, - (int) fids[i].renewal_lifetime); - } - } - - kim_identity_free (&compare_identity); - kim_options_free (&compare_options); - } - - if (!err && !found) { - log_failure (state, "Favorite identity %s not found in favorite identities list", - fids[i].identity); - } - - kim_identity_free (&identity); - } - - if (!err && i != count) { - log_failure (state, "Unexpected number of favorite identities (got %d, expected %d)", - (int) count, (int) i); - } - - kim_preferences_free (&prefs); - } - - end_test (state); -} - -/* ------------------------------------------------------------------------ */ - -void test_kim_preferences_remove_favorite_identity (kim_test_state_t state) -{ - kim_error err = KIM_NO_ERROR; - - start_test (state, "kim_preferences_remove_favorite_identity"); - /* - * 1. Remove all favorites to start with a clean slate - * 2. Add some favorites - * 3. Verify added favorites - * 4. Remove those favorites one by one, checking each time to make sure they were removed - */ - - // Remove old and add new - if (!err) { - kim_preferences prefs = NULL; - kim_options options = NULL; - kim_count i; - - err = kim_preferences_create (&prefs); - fail_if_error (state, "kim_preferences_create", err, - "while creating preferences"); - - if (!err) { - err = kim_preferences_remove_all_favorite_identities (prefs); - fail_if_error (state, "kim_preferences_remove_all_favorite_identities", err, - "while removing all favorite identities"); - } - - if (!err) { - err = kim_preferences_get_number_of_favorite_identities (prefs, &i); - fail_if_error (state, "kim_preferences_get_number_of_favorite_identities", err, - "while getting number of favorite identities after clearing"); - } - - if (!err) { - err = kim_options_create (&options); - fail_if_error (state, "kim_options_create", err, - "while creating options"); - } - - for (i = 0; !err && fids[i].identity; i++) { - kim_identity identity = NULL; - - err = kim_identity_create_from_string (&identity, fids[i].identity); - fail_if_error (state, "kim_identity_create_from_string", err, - "while creating the identity for %s", - fids[i].identity); - - if (!err) { - err = kim_options_set_lifetime (options, fids[i].lifetime); - fail_if_error (state, "kim_options_set_lifetime", err, - "while setting the lifetime to %d", - (int) fids[i].lifetime); - } - - if (!err) { - err = kim_options_set_renewal_lifetime (options, fids[i].renewal_lifetime); - fail_if_error (state, "kim_options_set_renewal_lifetime", err, - "while setting the renewal lifetime to %d", - (int) fids[i].renewal_lifetime); - } - - if (!err) { - err = kim_preferences_add_favorite_identity (prefs, identity, options); - fail_if_error (state, "kim_preferences_add_favorite_identity", err, - "while adding %s to the favorite identities", - fids[i].identity); - } - - kim_identity_free (&identity); - } - - if (!err) { - err = kim_preferences_synchronize (prefs); - fail_if_error (state, "kim_preferences_synchronize", err, - "while setting the favorite identities"); - } - - kim_options_free (&options); - kim_preferences_free (&prefs); - } - - // Verify add - if (!err) { - kim_preferences prefs = NULL; - kim_count count, i; - - err = kim_preferences_create (&prefs); - fail_if_error (state, "kim_preferences_create", err, - "while creating preferences"); - - if (!err) { - err = kim_preferences_get_number_of_favorite_identities (prefs, &count); - fail_if_error (state, "kim_preferences_get_number_of_favorite_identities", err, - "while getting number of favorite identities"); - } - - - for (i = 0; !err && fids[i].identity; i++) { - kim_identity identity = NULL; - kim_count j; - kim_boolean found = 0; - - err = kim_identity_create_from_string (&identity, fids[i].identity); - fail_if_error (state, "kim_identity_create_from_string", err, - "while creating the identity for %s", - fids[i].identity); - - for (j = 0; j < count; j++) { - kim_identity compare_identity = NULL; - kim_options compare_options = NULL; - kim_comparison comparison; - - err = kim_preferences_get_favorite_identity_at_index (prefs, j, - &compare_identity, - &compare_options); - fail_if_error (state, "kim_preferences_get_favorite_identity_at_index", err, - "while getting favorite identity %d", (int) j); - - if (!err) { - err = kim_identity_compare (identity, compare_identity, - &comparison); - fail_if_error (state, "kim_identity_compare", err, - "while comparing %s to favorite identity %d", - fids[i].identity, (int) i); - } - - if (!err && kim_comparison_is_equal_to (comparison)) { - kim_lifetime compare_lifetime; - kim_lifetime compare_renewal_lifetime; - - found = 1; - - err = kim_options_get_lifetime (compare_options, &compare_lifetime); - fail_if_error (state, "kim_options_get_lifetime", err, - "while getting the lifetime for %s", - fids[i].identity); - - if (!err && fids[i].lifetime != compare_lifetime) { - log_failure (state, "Unexpected lifetime for %s (got %d, expected %d)", - fids[i].identity, (int) compare_lifetime, - (int) fids[i].lifetime); - } - - if (!err) { - err = kim_options_get_renewal_lifetime (compare_options, - &compare_renewal_lifetime); - fail_if_error (state, "kim_options_get_renewal_lifetime", err, - "while getting the lifetime for %s", - fids[i].identity); - } - - if (!err && fids[i].renewal_lifetime != compare_renewal_lifetime) { - log_failure (state, "Unexpected renewal lifetime for %s (got %d, expected %d)", - fids[i].identity, - (int) compare_renewal_lifetime, - (int) fids[i].renewal_lifetime); - } - } - - kim_identity_free (&compare_identity); - kim_options_free (&compare_options); - } - - if (!err && !found) { - log_failure (state, "Favorite identity %s not found in favorite identities list", - fids[i].identity); - } - - kim_identity_free (&identity); - } - - if (!err && i != count) { - log_failure (state, "Unexpected number of favorite identities (got %d, expected %d)", - (int) count, (int) i); - } - - kim_preferences_free (&prefs); - } - - // Remove one by one - if (!err) { - kim_preferences prefs = NULL; - kim_count count, j; - - err = kim_preferences_create (&prefs); - fail_if_error (state, "kim_preferences_create", err, - "while creating preferences"); - - if (!err) { - err = kim_preferences_get_number_of_favorite_identities (prefs, &count); - fail_if_error (state, "kim_preferences_get_number_of_favorite_identities", err, - "while getting number of favorite identities"); - } - - for (j = 0; j < count; j++) { - kim_identity compare_identity = NULL; - kim_options compare_options = NULL; - kim_string string = NULL; - - err = kim_preferences_get_favorite_identity_at_index (prefs, 0, - &compare_identity, - &compare_options); - fail_if_error (state, "kim_preferences_get_favorite_identity_at_index", err, - "while getting favorite identity %d", (int) j); - - if (!err) { - err = kim_identity_get_display_string(compare_identity, &string); - fail_if_error (state, "kim_identity_get_display_string", err, - "while getting the display string for identity %d", (int) j); - } - - if (!err) { - err = kim_preferences_remove_favorite_identity(prefs, compare_identity); - fail_if_error (state, "kim_preferences_remove_favorite_identity", err, - "while removing favorite identity %d \"%s\"", (int) j, string); - } - - if (!err) { - err = kim_preferences_synchronize (prefs); - fail_if_error (state, "kim_preferences_synchronize", err, - "while removing favorite %qu: %s", j, string); - } - - if (!err && favorites_contains_identity(state, compare_identity)) { - kim_string display_string = NULL; - kim_identity_get_display_string(compare_identity, &display_string); - log_failure (state, "Favorite identities still contains %s after removal", - display_string); - } - - kim_string_free (&string); - kim_identity_free (&compare_identity); - kim_options_free (&compare_options); - } - - kim_preferences_free (&prefs); - } - - end_test (state); -} diff --git a/src/kim/test/test_kim_preferences.h b/src/kim/test/test_kim_preferences.h deleted file mode 100644 index bf7397ad1..000000000 --- a/src/kim/test/test_kim_preferences.h +++ /dev/null @@ -1,45 +0,0 @@ -/* kim/test/test_kim_preferences.h */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef TEST_KIM_PREFERENCES_H -#define TEST_KIM_PREFERENCES_H - -#include "test_kim_common.h" - -void test_kim_preferences_create (kim_test_state_t state); - -void test_kim_preferences_copy (kim_test_state_t state); - -void test_kim_preferences_set_options (kim_test_state_t state); - -void test_kim_preferences_set_remember_options (kim_test_state_t state); - -void test_kim_preferences_set_client_identity (kim_test_state_t state); - -void test_kim_preferences_add_favorite_identity (kim_test_state_t state); - -void test_kim_preferences_remove_favorite_identity (kim_test_state_t state); - -#endif /* TEST_KIM_PREFERENCES_H */ diff --git a/src/kim/test/test_kim_selection_hints.c b/src/kim/test/test_kim_selection_hints.c deleted file mode 100644 index 4b5d90ac6..000000000 --- a/src/kim/test/test_kim_selection_hints.c +++ /dev/null @@ -1,177 +0,0 @@ -/* kim/test/test_kim_selection_hints.c */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "test_kim_selection_hints.h" - -#define KSH_TEST_ID "edu.mit.Kerberos.test_kim" - -#define KSH_IDENTITY "jdoe@USERS.EXAMPLE.COM" - -typedef struct test_selection_hint_d { - kim_string key; - kim_string hint; -} test_selection_hint; - -test_selection_hint test_hints[] = { - { kim_hint_key_service_identity, "service/server.example.com@EXAMPLE.COM" }, - { kim_hint_key_service, "service" }, - { kim_hint_key_server, "server.example.com" }, - { kim_hint_key_service_realm, "EXAMPLE.COM" }, - { kim_hint_key_user, "jdoe" }, - { kim_hint_key_client_realm, "USERS.EXAMPLE.COM" }, - { NULL, NULL } -}; - -/* ------------------------------------------------------------------------ */ - -void test_kim_selection_hints_set_hint (kim_test_state_t state) -{ - kim_error err = KIM_NO_ERROR; - kim_count i = 0; - - start_test (state, "test_kim_selection_hints_set_hint"); - - for (i = 0; !err && test_hints[i].key; i++) { - kim_selection_hints hints = NULL; - kim_string string = NULL; - kim_comparison comparison = 0; - - printf ("."); - - err = kim_selection_hints_create (&hints, KSH_TEST_ID); - fail_if_error (state, "kim_selection_hints_create", err, - "while creating selection hints for %s", KSH_TEST_ID); - - if (!err) { - err = kim_selection_hints_set_hint (hints, test_hints[i].key, test_hints[i].hint); - fail_if_error (state, "kim_selection_hints_set_hint", - err, "while setting hint %s to %s", - test_hints[i].key, test_hints[i].hint); - } - - if (!err) { - err = kim_selection_hints_get_hint (hints, test_hints[i].key, &string); - fail_if_error (state, "kim_selection_hints_get_hint", - err, "while getting hint %s", test_hints[i].key); - } - - if (!err) { - err = kim_string_compare (test_hints[i].hint, string, &comparison); - fail_if_error (state, "kim_identity_compare", err, - "while comparing %s to %s (hint %s)", - test_hints[i].hint, - string ? string : "NULL", test_hints[i].key); - } - - if (!err && !kim_comparison_is_equal_to (comparison)) { - log_failure (state, "Unexpected hint %s (got %s, expected %s)", - test_hints[i].key, - string ? string : "NULL", - test_hints[i].hint); - } - - kim_string_free (&string); - kim_selection_hints_free (&hints); - } - - end_test (state); -} - - - -/* ------------------------------------------------------------------------ */ - -void test_kim_selection_hints_remember_identity (kim_test_state_t state) -{ - kim_error err = KIM_NO_ERROR; - kim_selection_hints hints = NULL; - kim_count i = 0; - kim_identity client_identity = NULL; - kim_string string = NULL; - kim_identity identity = KIM_IDENTITY_ANY; - kim_comparison comparison = 0; - - start_test (state, "kim_selection_hints_remember_identity"); - - if (!err) { - err = kim_selection_hints_create (&hints, KSH_TEST_ID); - fail_if_error (state, "kim_selection_hints_create", err, - "while creating selection hints for %s", KSH_TEST_ID); - } - - for (i = 0; !err && test_hints[i].key; i++) { - err = kim_selection_hints_set_hint (hints, test_hints[i].key, test_hints[i].hint); - fail_if_error (state, "kim_selection_hints_set_hint", - err, "while setting hint %s to %s", - test_hints[i].key, test_hints[i].hint); - } - - if (!err) { - err = kim_identity_create_from_string (&client_identity, - KSH_IDENTITY); - fail_if_error (state, "kim_identity_create_from_string", err, - "while creating an identity for %s", - KSH_IDENTITY); - } - - if (!err) { - err = kim_selection_hints_remember_identity (hints, client_identity); - fail_if_error (state, "kim_selection_hints_remember_identity", - err, "while remembering identity %s", - KSH_IDENTITY); - } - - if (!err) { - err = kim_selection_hints_get_identity (hints, &identity); - fail_if_error (state, "kim_selection_hints_get_identity", - err, "while checking if identity is %s", - KSH_IDENTITY); - } - - if (!err && identity) { - err = kim_identity_get_string (identity, &string); - fail_if_error (state, "kim_identity_get_string", err, - "while getting the string for the client identity hint"); - } - - if (!err) { - err = kim_identity_compare (client_identity, identity, &comparison); - fail_if_error (state, "kim_identity_compare", err, - "while comparing %s to the identity hint %s", - KSH_IDENTITY, string ? string : "NULL"); - } - - if (!err && !kim_comparison_is_equal_to (comparison)) { - log_failure (state, "Unexpected client identity hint (got %s, expected %s)", - string ? string : "NULL", KSH_IDENTITY); - } - - kim_string_free (&string); - kim_identity_free (&identity); - kim_identity_free (&client_identity); - kim_selection_hints_free (&hints); - - end_test (state); -} diff --git a/src/kim/test/test_kim_selection_hints.h b/src/kim/test/test_kim_selection_hints.h deleted file mode 100644 index babf27e95..000000000 --- a/src/kim/test/test_kim_selection_hints.h +++ /dev/null @@ -1,35 +0,0 @@ -/* kim/test/test_kim_selection_hints.h */ -/* - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef TEST_KIM_SELECTION_HINTS_H -#define TEST_KIM_SELECTION_HINTS_H - -#include "test_kim_common.h" - -void test_kim_selection_hints_set_hint (kim_test_state_t state); - -void test_kim_selection_hints_remember_identity (kim_test_state_t state); - -#endif /* TEST_KIM_SELECTION_HINTS_H */ diff --git a/src/kim/test/test_kll.c b/src/kim/test/test_kll.c deleted file mode 100644 index e0261480c..000000000 --- a/src/kim/test/test_kll.c +++ /dev/null @@ -1,555 +0,0 @@ -#include <Kerberos/Kerberos.h> -#include <stdio.h> -#include <syslog.h> -#include <stdarg.h> -#include <time.h> - -/* Prototypes */ -void Initialize(void); -void TestErrorHandling (void); -void TestHighLevelAPI (void); -void TestKLPrincipal (void); -void TestKerberosRealms (void); -void TestLoginOptions (void); -char* TimeToString (char* timeString, long t); -void TestApplicationOptions (void); -void MyKerberosLoginIdleCallback ( - KLRefCon inAppData); - -int main(void) -{ - KLTime t; - KLStatus err; - KLPrincipal principal; - - /* force use of UI */ - fclose (stdin); - - err = KLCreatePrincipalFromTriplet ("nobody", "", "TEST-KERBEROS-1.3.1", &principal); - printf ("KLCreatePrincipalFromTriplet(nobody@TEST-KERBEROS-1.3.1) (err = %d)\n", err); - if (err == klNoErr) { - err = KLChangePassword (principal); - printf ("KLChangePassword() (err = %d)\n", err); - KLDisposePrincipal (principal); - } - - err = KLLastChangedTime(&t); - printf ("KLLastChangedTime returned %d (err = %d)\n", t, err); - - TestKLPrincipal (); - TestLoginOptions (); - TestApplicationOptions (); - TestErrorHandling (); - TestKerberosRealms (); - TestHighLevelAPI (); - - err = KLLastChangedTime(&t); - printf ("KLLastChangedTime returned %d (err = %d)\n", t, err); - - return 0; -} - -void TestErrorHandling (void) -{ - long err; - char* errorString; - - err = KLGetErrorString (KRB5KRB_AP_ERR_BAD_INTEGRITY, &errorString); - printf ("KLGetErrorString() returned %s (err = %ld)\n", errorString, err); - if (!err) { KLDisposeString (errorString); } - - err = KLGetErrorString (klCredentialsBadAddressErr, &errorString); - printf ("KLGetErrorString() returned %s (err = %ld)\n", errorString, err); - if (!err) { KLDisposeString (errorString); } - - err = KLGetErrorString (klCacheDoesNotExistErr, &errorString); - printf ("KLGetErrorString() returned %s (err = %ld)\n", errorString, err); - if (!err) { KLDisposeString (errorString); } - - err = KLGetErrorString (klPasswordMismatchErr, &errorString); - printf ("KLGetErrorString() returned %s (err = %ld)\n", errorString, err); - if (!err) { KLDisposeString (errorString); } - - err = KLGetErrorString (klInsecurePasswordErr, &errorString); - printf ("KLGetErrorString() returned %s (err = %ld)\n", errorString, err); - if (!err) { KLDisposeString (errorString); } - - err = KLGetErrorString (klPasswordChangeFailedErr, &errorString); - printf ("KLGetErrorString() returned %s (err = %ld)\n", errorString, err); - if (!err) { KLDisposeString (errorString); } - - err = KLGetErrorString (klCantContactServerErr, &errorString); - printf ("KLGetErrorString() returned %s (err = %ld)\n", errorString, err); - if (!err) { KLDisposeString (errorString); } - - err = KLGetErrorString (klCantDisplayUIErr, &errorString); - printf ("KLGetErrorString() returned %s (err = %ld)\n", errorString, err); - if (!err) { KLDisposeString (errorString); } -} - -void TestHighLevelAPI (void) -{ - KLStatus err; - KLPrincipal inPrincipal, outPrincipal, outPrincipal2; - char *outCredCacheName, *outCredCacheName2; - KLTime expirationTime; - char* principalString; - char timeString[256]; - KLBoolean valid; - - err = KLCreatePrincipalFromTriplet ("grail", "", "TESTV5-KERBEROS-1.3.1", &inPrincipal); - printf ("KLCreatePrincipalFromTriplet(grail@TESTV5-KERBEROS-1.3.1) (err = %d)\n", err); - if (err == klNoErr) { - err = KLAcquireNewInitialTicketsWithPassword (inPrincipal, NULL, "liarg", &outCredCacheName); - if (err != klNoErr) { - printf ("KLAcquireNewInitialTicketsWithPassword() returned err = %d\n", err); - } else { - printf ("KLAcquireNewInitialTicketsWithPassword() returned '%s'\n", outCredCacheName); - KLDisposeString (outCredCacheName); - } - KLDisposePrincipal (inPrincipal); - } - - err = KLCreatePrincipalFromTriplet ("nobody", "", "TEST-KERBEROS-1.3.1", &inPrincipal); - printf ("KLCreatePrincipalFromTriplet(nobody@TEST-KERBEROS-1.3.1) (err = %d)\n", err); - if (err == klNoErr) { - err = KLAcquireNewInitialTicketsWithPassword (inPrincipal, NULL, "ydobon", &outCredCacheName); - if (err != klNoErr) { - printf ("KLAcquireNewInitialTicketsWithPassword() returned err = %d\n", err); - } else { - printf ("KLAcquireNewInitialTicketsWithPassword() returned '%s'\n", outCredCacheName); - KLDisposeString (outCredCacheName); - } - KLDisposePrincipal (inPrincipal); - } - - err = KLAcquireNewInitialTickets (NULL, NULL, &inPrincipal, &outCredCacheName); - printf ("KLAcquireNewInitialTickets() (err = %d)\n", err); - if (err == klNoErr) { - KLDisposeString (outCredCacheName); - err = KLAcquireInitialTickets (inPrincipal, NULL, &outPrincipal, &outCredCacheName); - printf ("KLAcquireInitialTickets() (err = %d)\n", err); - if (err == klNoErr) { - KLDisposeString (outCredCacheName); - KLDisposePrincipal (outPrincipal); - } - KLDisposePrincipal (inPrincipal); - } - - err = KLSetDefaultLoginOption (loginOption_LoginName, "testname", 3); - printf ("KLSetDefaultLoginOption(loginOption_LoginName) to testname (err = %d)\n", err); - if (err == klNoErr) { - err = KLSetDefaultLoginOption (loginOption_LoginInstance, "testinstance", 6); - printf ("KLSetDefaultLoginOption(loginOption_LoginInstance) to testinstance (err = %d)\n", err); - } - - err = KLAcquireNewInitialTickets (NULL, NULL, &inPrincipal, &outCredCacheName); - printf ("KLAcquireNewInitialTickets() (err = %d)\n", err); - if (err == klNoErr) { - KLDisposeString (outCredCacheName); - KLDisposePrincipal (inPrincipal); - } - - // Principal == NULL - while (KLAcquireNewInitialTickets (NULL, NULL, &outPrincipal, &outCredCacheName) == klNoErr) { - err = KLTicketExpirationTime (outPrincipal, kerberosVersion_All, &expirationTime); - err = KLCacheHasValidTickets (outPrincipal, kerberosVersion_All, &valid, &outPrincipal2, &outCredCacheName2); - if (err == klNoErr) { - err = KLGetStringFromPrincipal (outPrincipal2, kerberosVersion_V4, &principalString); - if (err == klNoErr) { - printf ("KLGetStringFromPrincipal returned string '%s'\n", principalString); - KLDisposeString (principalString); - } - KLDisposePrincipal (outPrincipal2); - KLDisposeString (outCredCacheName2); - err = KLCacheHasValidTickets (outPrincipal, kerberosVersion_All, &valid, NULL, NULL); - if (err != klNoErr) { - printf ("KLCacheHasValidTickets returned error = %d\n", err); - } - } - err = KLCacheHasValidTickets (outPrincipal, kerberosVersion_All, &valid, NULL, NULL); - KLDisposeString (outCredCacheName); - KLDisposePrincipal (outPrincipal); - } - - err = KLAcquireNewInitialTickets (NULL, NULL, &outPrincipal, &outCredCacheName); - if (err == klNoErr) { - KLDisposeString (outCredCacheName); - KLDisposePrincipal (outPrincipal); - } - - - err = KLCreatePrincipalFromTriplet ("nobody", "", "TEST-KERBEROS-1.3.1", &inPrincipal); - printf ("KLCreatePrincipalFromTriplet(nobody@TEST-KERBEROS-1.3.1) (err = %d)\n", err); - if (err == klNoErr) { - err = KLAcquireNewInitialTickets (inPrincipal, NULL, &outPrincipal, &outCredCacheName); - printf ("KLAcquireNewInitialTickets(nobody@TEST-KERBEROS-1.3.1) (err = %d)\n", err); - if (err == klNoErr) { - KLDisposeString (outCredCacheName); - KLDisposePrincipal (outPrincipal); - } - err = KLDestroyTickets (inPrincipal); - - KLDisposePrincipal (inPrincipal); - } - - err = KLCreatePrincipalFromTriplet ("nobody", "", "TEST-KERBEROS-1.3.1", &inPrincipal); - printf ("KLCreatePrincipalFromTriplet(nobody@TEST-KERBEROS-1.3.1) (err = %d)\n", err); - if (err == klNoErr) { - err = KLAcquireInitialTickets (inPrincipal, NULL, &outPrincipal, &outCredCacheName); - printf ("KLAcquireInitialTickets(nobody@TEST-KERBEROS-1.3.1) (err = %d)\n", err); - if (err == klNoErr) { - KLDisposeString (outCredCacheName); - KLDisposePrincipal (outPrincipal); - } - - err = KLAcquireNewInitialTickets (inPrincipal, NULL, &outPrincipal, &outCredCacheName); - if (err == klNoErr) { - err = KLGetStringFromPrincipal (outPrincipal, kerberosVersion_V5, &principalString); - if (err == klNoErr) { - err = KLTicketExpirationTime (outPrincipal, kerberosVersion_All, &expirationTime); - printf ("Tickets for principal '%s' expire on %s\n", - principalString, TimeToString(timeString, expirationTime)); - - KLDisposeString (principalString); - } - KLDisposeString (outCredCacheName); - KLDisposePrincipal (outPrincipal); - } - - err = KLChangePassword (inPrincipal); - printf ("KLChangePassword() (err = %d)\n", err); - - err = KLDestroyTickets (inPrincipal); - printf ("KLDestroyTickets() (err = %d)\n", err); - - KLDisposePrincipal (inPrincipal); - } - -} - - -void TestKLPrincipal (void) -{ - KLStatus err = klNoErr; - KLPrincipal extraLongPrincipal = NULL; - KLPrincipal principal = NULL; - KLPrincipal adminPrincipal = NULL; - KLPrincipal adminPrincipalV4 = NULL; - KLPrincipal adminPrincipalV5 = NULL; - char *principalString = NULL; - char *user = NULL; - char *instance = NULL; - char *realm = NULL; - - printf ("Entering TestKLPrincipal()\n"); - printf ("----------------------------------------------------------------\n"); - - err = KLCreatePrincipalFromString ("thisprincipalnameislongerthanissupportedbyKerberos4@TEST-KERBEROS-1.3.1", - kerberosVersion_V5, &extraLongPrincipal); - printf ("KLCreatePrincipalFromString " - "('thisprincipalnameislongerthanissupportedbyKerberos4@TEST-KERBEROS-1.3.1') " - "(err = %s)\n", error_message(err)); - - printf ("----------------------------------------------------------------\n"); - - err = KLCreatePrincipalFromTriplet ("nobody", "", "TEST-KERBEROS-1.3.1", &principal); - printf ("KLCreatePrincipalFromTriplet ('nobody' '' 'TEST-KERBEROS-1.3.1') (err = %s)\n", - error_message(err)); - - if (err == klNoErr) { - err = KLGetStringFromPrincipal (principal, kerberosVersion_V5, &principalString); - if (err == klNoErr) { - printf ("KLGetStringFromPrincipal (nobody@TEST-KERBEROS-1.3.1, v5) returned string '%s'\n", principalString); - KLDisposeString (principalString); - } else { - printf ("KLGetStringFromPrincipal(nobody@TEST-KERBEROS-1.3.1, v5) returned (err = %s)\n", error_message(err)); - } - - err = KLGetStringFromPrincipal (principal, kerberosVersion_V4, &principalString); - if (err == klNoErr) { - printf ("KLGetStringFromPrincipal (nobody@TEST-KERBEROS-1.3.1, v4) returned string '%s'\n", principalString); - KLDisposeString (principalString); - } else { - printf ("KLGetStringFromPrincipal(nobody@TEST-KERBEROS-1.3.1, v4) returned (err = %s)\n", error_message(err)); - } - - err = KLGetTripletFromPrincipal (principal, &user, &instance, &realm); - if (err == klNoErr) { - printf ("KLGetTripletFromPrincipal (nobody@TEST-KERBEROS-1.3.1) returned triplet %s' '%s' '%s'\n", - user, instance, realm); - KLDisposeString (user); - KLDisposeString (instance); - KLDisposeString (realm); - } else { - printf ("KLGetTripletFromPrincipal(nobody@TEST-KERBEROS-1.3.1) returned (err = %s)\n", error_message(err)); - } - } - - printf ("----------------------------------------------------------------\n"); - - err = KLCreatePrincipalFromTriplet ("nobody", "admin", "TEST-KERBEROS-1.3.1", &adminPrincipal); - printf ("KLCreatePrincipalFromTriplet ('nobody' 'admin' 'TEST-KERBEROS-1.3.1') (err = %d)\n", err); - - if (err == klNoErr) { - err = KLGetStringFromPrincipal (adminPrincipal, kerberosVersion_V5, &principalString); - if (err == klNoErr) { - printf ("KLGetStringFromPrincipal (nobody/admin@TEST-KERBEROS-1.3.1, v5) returned string '%s'\n", principalString); - KLDisposeString (principalString); - } else { - printf ("KLGetStringFromPrincipal(nobody/admin@TEST-KERBEROS-1.3.1, v5) returned (err = %d)\n", err); - } - - err = KLGetStringFromPrincipal (adminPrincipal, kerberosVersion_V4, &principalString); - if (err == klNoErr) { - printf ("KLGetStringFromPrincipal (nobody/admin@TEST-KERBEROS-1.3.1, v4) returned string '%s'\n", principalString); - KLDisposeString (principalString); - } else { - printf ("KLGetStringFromPrincipal(nobody/admin@TEST-KERBEROS-1.3.1, v4) returned (err = %d)\n", err); - } - - err = KLGetTripletFromPrincipal (adminPrincipal, &user, &instance, &realm); - if (err == klNoErr) { - printf ("KLGetTripletFromPrincipal (nobody/admin@TEST-KERBEROS-1.3.1) returned triplet %s' '%s' '%s'\n", - user, instance, realm); - KLDisposeString (user); - KLDisposeString (instance); - KLDisposeString (realm); - } else { - printf ("KLGetTripletFromPrincipal(lxs/admin@TEST-KERBEROS-1.3.1) returned (err = %d)\n", err); - } - } - - printf ("----------------------------------------------------------------\n"); - - err = KLCreatePrincipalFromString ("nobody/root@TEST-KERBEROS-1.3.1", kerberosVersion_V5, &adminPrincipalV5); - printf ("KLCreatePrincipalFromString ('nobody/root@TEST-KERBEROS-1.3.1', v5) (err = %d)\n", err); - if (err == klNoErr) { - err = KLGetStringFromPrincipal (adminPrincipalV5, kerberosVersion_V5, &principalString); - if (err == klNoErr) { - printf ("KLGetStringFromPrincipal (nobody/root@TEST-KERBEROS-1.3.1, v5) returned string '%s'\n", principalString); - KLDisposeString (principalString); - } else { - printf ("KLGetStringFromPrincipal(nobody/root@TEST-KERBEROS-1.3.1, v5) returned (err = %d)\n", err); - } - - err = KLGetStringFromPrincipal (adminPrincipalV5, kerberosVersion_V4, &principalString); - if (err == klNoErr) { - printf ("KLGetStringFromPrincipal (nobody/admin@TEST-KERBEROS-1.3.1, v4) returned string '%s'\n", principalString); - KLDisposeString (principalString); - } else { - printf ("KLGetStringFromPrincipal(nobody/admin@TEST-KERBEROS-1.3.1, v4) returned (err = %d)\n", err); - } - - err = KLGetTripletFromPrincipal (adminPrincipalV5, &user, &instance, &realm); - if (err == klNoErr) { - printf ("KLGetTripletFromPrincipal (nobody/admin@TEST-KERBEROS-1.3.1) returned triplet %s' '%s' '%s'\n", - user, instance, realm); - KLDisposeString (user); - KLDisposeString (instance); - KLDisposeString (realm); - } else { - printf ("KLGetTripletFromPrincipal(nobody/admin@TEST-KERBEROS-1.3.1) returned (err = %d)\n", err); - } - } - - printf ("----------------------------------------------------------------\n"); - - err = KLCreatePrincipalFromString ("nobody.admin@TEST-KERBEROS-1.3.1", kerberosVersion_V4, &adminPrincipalV4); - printf ("KLCreatePrincipalFromString ('nobody.admin@TEST-KERBEROS-1.3.1') (err = %d)\n", err); - if (err == klNoErr) { - err = KLGetStringFromPrincipal (adminPrincipalV4, kerberosVersion_V5, &principalString); - if (err == klNoErr) { - printf ("KLGetStringFromPrincipal (nobody.admin@TEST-KERBEROS-1.3.1, v5) returned string '%s'\n", principalString); - KLDisposeString (principalString); - } else { - printf ("KLGetStringFromPrincipal(nobody.admin@TEST-KERBEROS-1.3.1, v5) returned (err = %d)\n", err); - } - - err = KLGetStringFromPrincipal (adminPrincipalV4, kerberosVersion_V4, &principalString); - if (err == klNoErr) { - printf ("KLGetStringFromPrincipal (nobody.admin@TEST-KERBEROS-1.3.1, v4) returned string '%s'\n", principalString); - KLDisposeString (principalString); - } else { - printf ("KLGetStringFromPrincipal(nobody.admin@TEST-KERBEROS-1.3.1, v4) returned (err = %d)\n", err); - } - - err = KLGetTripletFromPrincipal (adminPrincipalV4, &user, &instance, &realm); - if (err == klNoErr) { - printf ("KLGetTripletFromPrincipal (nobody.admin@TEST-KERBEROS-1.3.1) returned triplet %s' '%s' '%s'\n", - user, instance, realm); - KLDisposeString (user); - KLDisposeString (instance); - KLDisposeString (realm); - } else { - printf ("KLGetTripletFromPrincipal(nobody.admin@TEST-KERBEROS-1.3.1) returned (err = %d)\n", err); - } - } - - printf ("----------------------------------------------------------------\n"); - - if (adminPrincipalV4 != NULL && adminPrincipalV5 != NULL) { - KLBoolean equivalent; - - err = KLComparePrincipal (adminPrincipalV5, adminPrincipalV4, &equivalent); - if (err == klNoErr) { - printf ("KLComparePrincipal %s comparing nobody/admin@TEST-KERBEROS-1.3.1 and nobody.admin@TEST-KERBEROS-1.3.1\n", - equivalent ? "passed" : "FAILED"); - } else { - printf ("KLComparePrincipal returned (err = %d)\n", err); - } - } - - if (principal != NULL && adminPrincipalV5 != NULL) { - KLBoolean equivalent; - - err = KLComparePrincipal (principal, adminPrincipalV4, &equivalent); - if (err == klNoErr) { - printf ("KLComparePrincipal %s comparing nobody@TEST-KERBEROS-1.3.1 and nobody.admin@TEST-KERBEROS-1.3.1\n", - equivalent ? "FAILED" : "passed"); - } else { - printf ("KLComparePrincipal returned (err = %d)\n", err); - } - } - - if (principal != NULL && adminPrincipalV5 != NULL) { - KLBoolean equivalent; - - err = KLComparePrincipal (principal, adminPrincipalV5, &equivalent); - if (err == klNoErr) { - printf ("KLComparePrincipal %s comparing nobody@TEST-KERBEROS-1.3.1 and nobody/admin@TEST-KERBEROS-1.3.1\n", - equivalent ? "FAILED" : "passed"); - } else { - printf ("KLComparePrincipal returned (err = %d)\n", err); - } - } - - if (adminPrincipal != NULL && adminPrincipalV5 != NULL) { - KLBoolean equivalent; - - err = KLComparePrincipal (adminPrincipalV5, principal, &equivalent); - if (err == klNoErr) { - printf ("KLComparePrincipal %s comparing nobody/admin@TEST-KERBEROS-1.3.1 and nobody@TEST-KERBEROS-1.3.1\n", - equivalent ? "FAILED" : "passed"); - } else { - printf ("KLComparePrincipal returned (err = %d)\n", err); - } - } - - printf ("----------------------------------------------------------------\n\n"); - - if (extraLongPrincipal != NULL) KLDisposePrincipal (extraLongPrincipal); - if (adminPrincipalV5 != NULL) KLDisposePrincipal (adminPrincipalV5); - if (adminPrincipalV4 != NULL) KLDisposePrincipal (adminPrincipalV4); - if (adminPrincipal != NULL) KLDisposePrincipal (adminPrincipal); - if (principal != NULL) KLDisposePrincipal (principal); -} - - -void TestApplicationOptions (void) -{ - KLSetIdleCallback (MyKerberosLoginIdleCallback, 101); -} - -void TestKerberosRealms (void) -{ - printf ("About to test Kerberos realms\n"); - KLRemoveAllKerberosRealms (); - KLAcquireNewInitialTickets (NULL, NULL, NULL, NULL); - - KLInsertKerberosRealm (realmList_End, "FOO"); - KLInsertKerberosRealm (realmList_End, "BAR"); - KLInsertKerberosRealm (realmList_End, "BAZ"); - KLAcquireNewInitialTickets (NULL, NULL, NULL, NULL); - - KLInsertKerberosRealm (realmList_End, "FOO"); - KLAcquireNewInitialTickets (NULL, NULL, NULL, NULL); - - KLSetKerberosRealm (0, "QUUX"); - KLAcquireNewInitialTickets (NULL, NULL, NULL, NULL); - - KLRemoveKerberosRealm (0); - KLAcquireNewInitialTickets (NULL, NULL, NULL, NULL); - - KLSetKerberosRealm (2, "TEST-KERBEROS-1.3.1"); - KLAcquireNewInitialTickets (NULL, NULL, NULL, NULL); - - KLRemoveAllKerberosRealms (); - KLInsertKerberosRealm (realmList_End, "TEST-KERBEROS-1.3.1"); - KLInsertKerberosRealm (realmList_End, "TEST-KERBEROS-1.0.6"); - KLInsertKerberosRealm (realmList_End, "TESTV5-KERBEROS-1.0.6"); - KLInsertKerberosRealm (realmList_End, "TEST-KERBEROS-1.1.1"); - KLInsertKerberosRealm (realmList_End, "TESTV5-KERBEROS-1.1.1"); - KLInsertKerberosRealm (realmList_End, "TEST-KERBEROS-1.2.0"); - KLInsertKerberosRealm (realmList_End, "TESTV5-KERBEROS-1.2.0"); - KLInsertKerberosRealm (realmList_End, "TEST-HEIMDAL-0.3D"); - KLInsertKerberosRealm (realmList_End, "TESTV5-HEIMDAL-0.3D"); - KLInsertKerberosRealm (realmList_End, "TEST-KTH-KRB-1.1"); -} - - -void TestLoginOptions (void) -{ - KLBoolean optionSetting; - KLStatus err = klNoErr; - KLLifetime lifetime; - - lifetime = 10*60; - KLSetDefaultLoginOption(loginOption_MinimalTicketLifetime, &lifetime, sizeof(KLLifetime)); - - lifetime = 8*60*60; - KLSetDefaultLoginOption(loginOption_MaximalTicketLifetime, &lifetime, sizeof(KLLifetime)); - - lifetime = 8*60*60; - KLSetDefaultLoginOption(loginOption_DefaultTicketLifetime, &lifetime, sizeof(KLLifetime)); - - optionSetting = FALSE; - KLSetDefaultLoginOption(loginOption_DefaultForwardableTicket, &optionSetting, sizeof(optionSetting)); - - optionSetting = TRUE; - KLSetDefaultLoginOption(loginOption_RememberPrincipal, &optionSetting, sizeof(optionSetting)); - - optionSetting = TRUE; - err = KLSetDefaultLoginOption(loginOption_RememberExtras, &optionSetting, sizeof(optionSetting)); - - if (err == klNoErr) { - KLAcquireNewInitialTickets (NULL, NULL, NULL, NULL); - optionSetting = TRUE; - KLAcquireNewInitialTickets (NULL, NULL, NULL, NULL); - } -} - - -/* Lame date formatting stolen from CCacheDump, like ctime but with no \n */ - -static const char *day_name[] = {"Sunday", "Monday", "Tuesday", "Wednesday", "Thursday", "Friday", "Saturday"}; - -static const char *month_name[] = {"January", "February", "March","April","May","June", -"July", "August", "September", "October", "November","December"}; - -char* TimeToString (char* timeString, long t) -{ - /* we come in in 1970 time */ - time_t timer = (time_t) t; - struct tm tm; - - tm = *localtime (&timer); - - sprintf(timeString, "%.3s %.3s%3d %.2d:%.2d:%.2d %d", - day_name[tm.tm_wday], - month_name[tm.tm_mon], - tm.tm_mday, - tm.tm_hour, - tm.tm_min, - tm.tm_sec, - tm.tm_year + 1900); - - return timeString; -} - - -void MyKerberosLoginIdleCallback (KLRefCon inAppData) -{ - syslog (LOG_ALERT, "App got callback while waiting for Mach IPC (appData == %d)\n", inAppData); - // KLCancelAllDialogs (); -} diff --git a/src/kim/test/test_kll_terminal.c b/src/kim/test/test_kll_terminal.c deleted file mode 100644 index 20a5e7898..000000000 --- a/src/kim/test/test_kll_terminal.c +++ /dev/null @@ -1,39 +0,0 @@ -#include <Kerberos/Kerberos.h> - - - -int main (void) -{ - KLStatus err; - KLPrincipal principal; - char *principalName; - char *cacheName; - - printf ("Testing KLAcquireNewTickets (nil)...\n"); - - err = KLAcquireNewTickets (nil, &principal, &cacheName); - if (err == klNoErr) { - err = KLGetStringFromPrincipal (principal, kerberosVersion_V5, &principalName); - if (err == klNoErr) { - printf ("Got tickets for '%s' in cache '%s'\n", principalName, cacheName); - KLDisposeString (principalName); - } else { - printf ("KLGetStringFromPrincipal() returned (err = %ld)\n", err); - } - KLDisposeString (cacheName); - - printf ("Testing KLChangePassword (principal)...\n"); - - err = KLChangePassword (principal); - if (err != klNoErr) { - printf ("KLChangePassword() returned (err = %ld)\n", err); - } - - KLDisposePrincipal (principal); - } else { - printf ("KLAcquireNewTickets() returned (err = %ld)\n", err); - } - - printf ("All done testing!\n"); - return 0; -} diff --git a/src/kim/test/test_ui_plugin.c b/src/kim/test/test_ui_plugin.c deleted file mode 100644 index e2f101089..000000000 --- a/src/kim/test/test_ui_plugin.c +++ /dev/null @@ -1,471 +0,0 @@ -/* kim/test/test_ui_plugin.c */ -/* - * Copyright 2008 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include <kim/kim.h> -#include <kim/kim_ui_plugin.h> -#include <asl.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> - - -typedef struct { - const char *magic; - aslclient asl_context; - int got_error; -} *test_ui_context; - -const char *magic = "test_ui_context_magic"; - -/* ------------------------------------------------------------------------ */ - -static void test_ui_vlog (test_ui_context in_context, - const char *in_format, - va_list in_args) -{ - if (!in_context) { - asl_log (NULL, NULL, ASL_LEVEL_ERR, "NULL context!"); - - } else if (strcmp (in_context->magic, magic)) { - asl_log (NULL, NULL, ASL_LEVEL_ERR, - "Magic mismatch. Context corrupted!"); - - } else { - asl_vlog (in_context->asl_context, NULL, ASL_LEVEL_NOTICE, - in_format, in_args); - } -} - -/* ------------------------------------------------------------------------ */ - -static void test_ui_log_ (void *in_context, - const char *in_function, - const char *in_format, ...) -{ - test_ui_context context = in_context; - char *format = NULL; - va_list args; - - asprintf (&format, "%s: %s", in_function, in_format); - - va_start (args, in_format); - test_ui_vlog (context, format, args); - va_end (args); - - free (format); -} - -#define test_ui_log(context, format, ...) test_ui_log_(context, __FUNCTION__, format, ## __VA_ARGS__) - -#pragma mark - - -/* ------------------------------------------------------------------------ */ - -static kim_error test_ui_init (void **out_context) -{ - kim_error err = KIM_NO_ERROR; - test_ui_context context = NULL; - - if (!err) { - context = malloc (sizeof (*context)); - if (!context) { err = KIM_OUT_OF_MEMORY_ERR; } - } - - if (!err) { - context->got_error = 0; - context->magic = magic; - context->asl_context = asl_open (NULL, - "com.apple.console", - ASL_OPT_NO_DELAY | ASL_OPT_STDERR); - if (!context->asl_context) { err = KIM_OUT_OF_MEMORY_ERR; } - } - - if (!err) { - test_ui_log (context, "returning with no error."); - } else { - kim_string estring = NULL; - - kim_string_create_for_last_error (&estring, err); - test_ui_log (NULL, "returning %d: %s", err, estring); - kim_string_free (&estring); - } - - if (!err) { - *out_context = context; - context = NULL; - } - - free (context); - - return err; -} - -/* ------------------------------------------------------------------------ */ - -static kim_error test_ui_enter_identity (void *in_context, - kim_options io_options, - kim_identity *out_identity, - kim_boolean *out_change_password) -{ - kim_error err = KIM_NO_ERROR; - kim_identity identity = NULL; - - test_ui_log (in_context, "entering..."); - - if (!err) { - test_ui_context context = in_context; - if (context->got_error > 1) { - test_ui_log (in_context, "\tfailed twice, giving up..."); - context->got_error = 0; - err = KIM_USER_CANCELED_ERR; - } - } - - if (!err) { - err = kim_options_set_lifetime (io_options, 1800); - } - - if (!err) { - err = kim_options_set_renewal_lifetime (io_options, 3600); - } - - if (!err) { - err = kim_identity_create_from_string (&identity, - "nobody@TEST-KERBEROS-1.5"); - } - - if (!err) { - *out_identity = identity; - identity = NULL; - *out_change_password = 0; - } - - kim_identity_free (&identity); - - if (!err) { - test_ui_log (in_context, "returning with no error."); - } else { - kim_string estring = NULL; - - kim_string_create_for_last_error (&estring, err); - test_ui_log (in_context, "returning %d: %s", err, estring); - kim_string_free (&estring); - } - - return err; -} - -/* ------------------------------------------------------------------------ */ - -static kim_error test_ui_select_identity (void *in_context, - kim_selection_hints io_hints, - kim_identity *out_identity, - kim_boolean *out_change_password) -{ - kim_error err = KIM_NO_ERROR; - kim_identity identity = NULL; - kim_options options = NULL; - - test_ui_log (in_context, "entering..."); - - if (!err) { - test_ui_context context = in_context; - if (context->got_error > 1) { - test_ui_log (in_context, "\tfailed twice, giving up..."); - context->got_error = 0; - err = KIM_USER_CANCELED_ERR; - } - } - - if (!err) { - err = kim_selection_hints_get_options (io_hints, &options); - } - - if (!err && !options) { - err = kim_options_create (&options); - } - - if (!err) { - err = kim_options_set_lifetime (options, 1800); - } - - if (!err) { - err = kim_options_set_renewal_lifetime (options, 3600); - } - - if (!err) { - err = kim_selection_hints_set_options (io_hints, options); - } - - if (!err) { - err = kim_identity_create_from_string (&identity, - "nobody@TEST-KERBEROS-1.5"); - } - - if (!err) { - *out_identity = identity; - identity = NULL; - *out_change_password = 0; - } - - kim_options_free (&options); - kim_identity_free (&identity); - - if (!err) { - test_ui_log (in_context, "returning with no error."); - } else { - kim_string estring = NULL; - - kim_string_create_for_last_error (&estring, err); - test_ui_log (in_context, "returning %d: %s", err, estring); - kim_string_free (&estring); - } - - return err; -} - -/* ------------------------------------------------------------------------ */ - -static kim_error test_ui_auth_prompt (void *in_context, - kim_identity in_identity, - kim_prompt_type in_type, - kim_boolean in_allow_save_reply, - kim_boolean in_hide_reply, - kim_string in_title, - kim_string in_message, - kim_string in_description, - char **out_reply, - kim_boolean *out_save_reply) -{ - kim_error err = KIM_NO_ERROR; - kim_string string = NULL; - char *reply = NULL; - - test_ui_log (in_context, "entering..."); - - if (!err) { - err = kim_identity_get_display_string (in_identity, &string); - } - - if (!err) { - test_ui_log (in_context, "\tidentity = %s", string); - test_ui_log (in_context, "\ttype = %d", in_type); - test_ui_log (in_context, "\tallow_save_reply = %d", in_allow_save_reply); - test_ui_log (in_context, "\thide_reply = %d", in_hide_reply); - test_ui_log (in_context, "\ttitle = %s", in_title); - test_ui_log (in_context, "\tmessage = %s", in_message); - test_ui_log (in_context, "\tdescription = %s", in_description); - - reply = strdup ("ydobon"); - if (!reply) { err = KIM_OUT_OF_MEMORY_ERR; } - } - - if (!err) { - test_ui_context context = in_context; - if (context->got_error > 1) { - test_ui_log (in_context, "\tfailed twice, giving up..."); - context->got_error = 0; - err = KIM_USER_CANCELED_ERR; - } - } - - if (!err) { - *out_reply = reply; - reply = NULL; - *out_save_reply = 0; - } - - free (reply); - kim_string_free (&string); - - if (!err) { - test_ui_log (in_context, "returning with no error."); - } else { - kim_string estring = NULL; - - kim_string_create_for_last_error (&estring, err); - test_ui_log (in_context, "returning %d: %s", err, estring); - kim_string_free (&estring); - } - - return err; -} - -/* ------------------------------------------------------------------------ */ - -static kim_error test_ui_change_password (void *in_context, - kim_identity in_identity, - kim_boolean in_old_password_expired, - char **out_old_password, - char **out_new_password, - char **out_verify_password) -{ - kim_error err = KIM_NO_ERROR; - kim_string string = NULL; - char *old_password = NULL; - char *new_password = NULL; - char *vfy_password = NULL; - - test_ui_log (in_context, "entering..."); - - if (!err) { - err = kim_identity_get_display_string (in_identity, &string); - } - - if (!err) { - test_ui_log (in_context, "\tidentity = %s", string); - test_ui_log (in_context, "\told_password_expired = %d", - in_old_password_expired); - - old_password = strdup ("ydobon"); - new_password = strdup ("foo"); - vfy_password = strdup ("foo"); - if (!old_password || !new_password || !vfy_password) { - err = KIM_OUT_OF_MEMORY_ERR; - } - } - - if (!err) { - test_ui_context context = in_context; - if (context->got_error > 1) { - test_ui_log (in_context, "\tfailed twice, giving up..."); - context->got_error = 0; - err = KIM_USER_CANCELED_ERR; - } - } - - if (!err) { - *out_old_password = old_password; - old_password = NULL; - *out_new_password = new_password; - new_password = NULL; - *out_verify_password = vfy_password; - vfy_password = NULL; - } - - free (old_password); - free (new_password); - free (vfy_password); - kim_string_free (&string); - - if (!err) { - test_ui_log (in_context, "returning with no error."); - } else { - kim_string estring = NULL; - - kim_string_create_for_last_error (&estring, err); - test_ui_log (in_context, "returning %d: %s", err, estring); - kim_string_free (&estring); - } - - return err; -} - -/* ------------------------------------------------------------------------ */ - -static kim_error test_ui_handle_error (void *in_context, - kim_identity in_identity, - kim_error in_error, - kim_string in_error_message, - kim_string in_error_description) -{ - kim_error err = KIM_NO_ERROR; - kim_string string = NULL; - - test_ui_log (in_context, "entering..."); - - if (!err) { - err = kim_identity_get_display_string (in_identity, &string); - } - - if (!err) { - test_ui_context context = in_context; - - test_ui_log (in_context, "\tidentity = %s", string); - test_ui_log (in_context, "\terror = %d", in_error); - test_ui_log (in_context, "\tmessage = %s", in_error_message); - test_ui_log (in_context, "\tdescription = %s", in_error_description); - - context->got_error++; - } - - kim_string_free (&string); - - if (!err) { - test_ui_log (in_context, "returning with no error."); - } else { - kim_string estring = NULL; - - kim_string_create_for_last_error (&estring, err); - test_ui_log (in_context, "returning %d: %s", err, estring); - kim_string_free (&estring); - } - - return err; -} - -/* ------------------------------------------------------------------------ */ - -static void test_ui_free_string (void *in_context, - char **io_string) -{ - /* strings zeroed by caller so just print pointer value */ - test_ui_log (in_context, "freeing string %p", *io_string); - - free (*io_string); - *io_string = NULL; -} - -/* ------------------------------------------------------------------------ */ - -static kim_error test_ui_fini (void *io_context) -{ - kim_error err = KIM_NO_ERROR; - - test_ui_log (io_context, "deallocating..."); - - if (io_context) { - test_ui_context context = io_context; - - asl_close (context->asl_context); - free (context); - } - - return err; -} - -/* ------------------------------------------------------------------------ */ - -kim_ui_plugin_ftable_v0 kim_ui_0 = { - 0, - test_ui_init, - test_ui_enter_identity, - test_ui_select_identity, - test_ui_auth_prompt, - test_ui_change_password, - test_ui_handle_error, - test_ui_free_string, - test_ui_fini -}; diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c index a784dd37d..d7daecb22 100644 --- a/src/lib/gssapi/krb5/acquire_cred.c +++ b/src/lib/gssapi/krb5/acquire_cred.c @@ -78,10 +78,7 @@ #include <strings.h> #endif -#if defined(USE_KIM) -#include <kim/kim.h> -#include "kim_library_private.h" -#elif defined(USE_LEASH) +#ifdef USE_LEASH #ifdef _WIN64 #define LEASH_DLL "leashw64.dll" #else @@ -270,62 +267,6 @@ acquire_accept_cred(krb5_context context, } #endif /* LEAN_CLIENT */ -#ifdef USE_KIM -krb5_error_code -get_ccache_kim(krb5_context context, krb5_principal desired_princ, - krb5_ccache *ccache_out) -{ - kim_error err; - kim_ccache kimccache = NULL; - kim_identity identity = NULL; - kim_credential_state state; - krb5_ccache ccache; - - *ccache_out = NULL; - - err = kim_identity_create_from_krb5_principal(&identity, context, - desired_princ); - if (err) - goto cleanup; - - err = kim_ccache_create_from_client_identity(&kimccache, identity); - if (err) - goto cleanup; - - err = kim_ccache_get_state(kimccache, &state); - if (err) - goto cleanup; - - if (state != kim_credentials_state_valid) { - if (state == kim_credentials_state_needs_validation) { - err = kim_ccache_validate(kimccache, KIM_OPTIONS_DEFAULT); - if (err) - goto cleanup; - } else { - kim_ccache_free(&kimccache); - } - } - - if (!kimccache && kim_library_allow_automatic_prompting()) { - /* ccache does not already exist, create a new one. */ - err = kim_ccache_create_new(&kimccache, identity, KIM_OPTIONS_DEFAULT); - if (err) - goto cleanup; - } - - err = kim_ccache_get_krb5_ccache(kimccache, context, &ccache); - if (err) - goto cleanup; - - *ccache_out = ccache; - -cleanup: - kim_ccache_free(&kimccache); - kim_identity_free(&identity); - return err; -} -#endif /* USE_KIM */ - #ifdef USE_LEASH static krb5_error_code get_ccache_leash(krb5_context context, krb5_principal desired_princ, @@ -575,9 +516,7 @@ acquire_init_cred(krb5_context context, code = krb5int_cc_default(context, &ccache); } else if (desired_princ) { /* Try to find an appropriate ccache for the desired name. */ -#if defined(USE_KIM) - code = get_ccache_kim(context, desired_princ, &ccache); -#elif defined(USE_LEASH) +#ifdef USE_LEASH code = get_ccache_leash(context, desired_princ, &ccache); #else code = krb5_cc_cache_match(context, desired_princ, &ccache); diff --git a/src/lib/krb5/ccache/ccdefault.c b/src/lib/krb5/ccache/ccdefault.c index e43b1638b..1d3625c4d 100644 --- a/src/lib/krb5/ccache/ccdefault.c +++ b/src/lib/krb5/ccache/ccdefault.c @@ -26,10 +26,7 @@ #include "k5-int.h" -#if defined(USE_KIM) -#include <kim/kim.h> -#include "kim_library_private.h" -#elif defined(USE_LEASH) +#ifdef USE_LEASH static void (*pLeash_AcquireInitialTicketsIfNeeded)(krb5_context,krb5_principal,char*,int) = NULL; static HANDLE hLeashDLL = INVALID_HANDLE_VALUE; #ifdef _WIN64 @@ -75,46 +72,6 @@ krb5int_cc_default(krb5_context context, krb5_ccache *ccache) return KV5M_CONTEXT; } -#ifdef USE_KIM - if (kim_library_allow_automatic_prompting ()) { - kim_error err = KIM_NO_ERROR; - kim_ccache kimccache = NULL; - kim_identity identity = KIM_IDENTITY_ANY; - kim_credential_state state; - kim_string name = NULL; - - err = kim_ccache_create_from_display_name (&kimccache, - krb5_cc_default_name (context)); - - if (!err) { - err = kim_ccache_get_client_identity (kimccache, &identity); - } - - if (!err) { - err = kim_ccache_get_state (kimccache, &state); - } - - if (err || state != kim_credentials_state_valid) { - /* Either the ccache is does not exist or is invalid. Get new - * tickets. Use the identity in the ccache if there was one. */ - kim_ccache_free (&kimccache); - err = kim_ccache_create_new (&kimccache, - identity, KIM_OPTIONS_DEFAULT); - } - - if (!err) { - err = kim_ccache_get_display_name (kimccache, &name); - } - - if (!err) { - krb5_cc_set_default_name (context, name); - } - - kim_identity_free (&identity); - kim_string_free (&name); - kim_ccache_free (&kimccache); - } -#else #ifdef USE_LEASH if ( hLeashDLL == INVALID_HANDLE_VALUE ) { hLeashDLL = LoadLibrary(LEASH_DLL); @@ -135,7 +92,6 @@ krb5int_cc_default(krb5_context context, krb5_ccache *ccache) } } #endif -#endif return krb5_cc_default (context, ccache); } diff --git a/src/lib/krb5/krb/gic_pwd.c b/src/lib/krb5/krb/gic_pwd.c index b8406a651..f5c0b3027 100644 --- a/src/lib/krb5/krb/gic_pwd.c +++ b/src/lib/krb5/krb/gic_pwd.c @@ -310,11 +310,6 @@ krb5_get_init_creds_password(krb5_context context, use_master = 0; } -#ifdef USE_KIM - if (ret == KRB5KDC_ERR_KEY_EXP) - goto cleanup; /* Login library will deal appropriately with this error */ -#endif - /* at this point, we have an error from the master. if the error is not password expired, or if it is but there's no prompter, return this error */ diff --git a/src/lib/krb5/os/init_os_ctx.c b/src/lib/krb5/os/init_os_ctx.c index f7dc42994..7cded7ce5 100644 --- a/src/lib/krb5/os/init_os_ctx.c +++ b/src/lib/krb5/os/init_os_ctx.c @@ -30,10 +30,6 @@ #include "os-proto.h" #include "prof_int.h" /* XXX for profile_copy, not public yet */ -#ifdef USE_KIM -#include "kim_library_private.h" -#endif - #if defined(_WIN32) #include <winsock.h> #include <Shlobj.h> @@ -298,13 +294,6 @@ os_get_default_config_files(profile_filespec_t **pfiles, krb5_boolean secure) unsigned int ent_len; const char *s, *t; -#ifdef USE_KIM - /* If kim_library_allow_home_directory_access() == FALSE, we are probably - * trying to authenticate to a fileserver for the user's homedir. - */ - if (!kim_library_allow_home_directory_access ()) - secure = 1; -#endif if (secure) { filepath = DEFAULT_SECURE_PROFILE_PATH; } else { diff --git a/src/util/support/errors.c b/src/util/support/errors.c index 0cd39277d..5dba532b5 100644 --- a/src/util/support/errors.c +++ b/src/util/support/errors.c @@ -12,10 +12,6 @@ #include "k5-platform.h" #include "supp-int.h" -#ifdef USE_KIM -#include "kim_string_private.h" -#endif - /* It would be nice to just use error_message() always. Pity that it's defined in a library that depends on this one, and we're not allowed to make circular dependencies. */ @@ -69,13 +65,6 @@ krb5int_vset_error_fl (struct errinfo *ep, long code, { va_list args2; char *str = NULL, *str2, *slash; -#ifdef USE_KIM - kim_string loc_fmt = NULL; - - /* Try to localize the format string */ - if (kim_os_string_create_localized(&loc_fmt, fmt) == KIM_NO_ERROR) - fmt = loc_fmt; -#endif /* try vasprintf first */ va_copy(args2, args); @@ -108,10 +97,6 @@ krb5int_vset_error_fl (struct errinfo *ep, long code, } ep->code = code; ep->msg = str ? str : ep->scratch_buf; - -#ifdef USE_KIM - kim_string_free(&loc_fmt); -#endif } const char * |