Added KDC timesyncing support to the CCAPI ccache backend for CCAPI v5 and

later. v5 is the first version of the CCAPI to support the kdc timesyncing API. ticket: 5403 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19071 dc483132-0cff-0310-8789-dd5450dbe970
author: Alexandra Ellwood <lxs@mit.edu> 2007-01-18 23:24:13 +0000
committer: Alexandra Ellwood <lxs@mit.edu> 2007-01-18 23:24:13 +0000
commit: 635cbee21b123f08d56ad654ec61a2bccee73c24 (patch)
tree: 378b621a5ebe3346e100419deff9c6a9edf6f12f /src
parent: 6152fdfde148b3df254b92df2754853907b29965 (diff)
1 files changed, 72 insertions, 10 deletions
diff --git a/src/lib/krb5/ccache/ccapi/stdcc.c b/src/lib/krb5/ccache/ccapi/stdcc.c
index edbec11f2..36bc780e2 100644
--- a/src/lib/krb5/ccache/ccapi/stdcc.c
+++ b/src/lib/krb5/ccache/ccapi/stdcc.c
@@ -56,6 +56,7 @@
 
 #ifdef USE_CCAPI_V3
 cc_context_t gCntrlBlock = NULL;
+cc_int32 gCCVersion = 0;
 #else
 apiCB *gCntrlBlock = NULL;
 #endif
@@ -222,13 +223,59 @@ static krb5_error_code cc_err_xlate(int err)
 
 
 #ifdef USE_CCAPI_V3
+
+static krb5_error_code stdccv3_get_timeoffset (krb5_context in_context,
+                                               cc_ccache_t  in_ccache)
+{
+    krb5_error_code err = 0;
+    
+    if (gCCVersion >= ccapi_version_5) {
+        krb5_os_context os_ctx = (krb5_os_context) in_context->os_context;
+        cc_time_t time_offset = 0;
+    
+        err = cc_ccache_get_kdc_time_offset (in_ccache, cc_credentials_v5,
+                                             &time_offset);
+    
+        if (!err) {
+            os_ctx->time_offset = time_offset;
+            os_ctx->usec_offset = 0;
+            os_ctx->os_flags = ((os_ctx->os_flags & ~KRB5_OS_TOFFSET_TIME) |
+                                KRB5_OS_TOFFSET_VALID);
+        }
+        
+        if (err == ccErrTimeOffsetNotSet) {
+            err = 0;  /* okay if there is no time offset */
+        }
+    }
+    
+    return err; /* Don't translate.  Callers will translate for us */
+}
+
+static krb5_error_code stdccv3_set_timeoffset (krb5_context in_context,
+                                               cc_ccache_t  in_ccache)
+{
+    krb5_error_code err = 0;
+    
+    if (gCCVersion >= ccapi_version_5) {
+        krb5_os_context os_ctx = (krb5_os_context) in_context->os_context;
+        
+        if (!err && os_ctx->os_flags & KRB5_OS_TOFFSET_VALID) {
+            err = cc_ccache_set_kdc_time_offset (in_ccache, 
+                                                 cc_credentials_v5,
+                                                 os_ctx->time_offset);
+        }
+    }
+    
+    return err; /* Don't translate.  Callers will translate for us */
+}
+
 static krb5_error_code stdccv3_setup (krb5_context context,
                                       stdccCacheDataPtr ccapi_data)
 {
     krb5_error_code err = 0;
     
     if (!err && !gCntrlBlock) {
-        err = cc_initialize (&gCntrlBlock, ccapi_version_max, NULL, NULL);
+        err = cc_initialize (&gCntrlBlock, ccapi_version_max, &gCCVersion, NULL);
     }
     
     if (!err && ccapi_data && !ccapi_data->NamedCache) {
@@ -237,6 +284,10 @@ static krb5_error_code stdccv3_setup (krb5_context context,
                                       &ccapi_data->NamedCache);
     }
     
+    if (!err && ccapi_data && ccapi_data->NamedCache) {
+        err = stdccv3_get_timeoffset (context, ccapi_data->NamedCache);
+    }
+    
     return err; /* Don't translate.  Callers will translate for us */
 }
 
@@ -245,6 +296,7 @@ void krb5_stdcc_shutdown()
 {
     if (gCntrlBlock) { cc_context_release(gCntrlBlock); }
     gCntrlBlock = NULL;
+    gCCVersion = 0;
 }
 
 /*
@@ -278,11 +330,15 @@ krb5_stdccv3_generate_new (krb5_context context, krb5_ccache *id )
     }
     
     if (!err) {
-        err = cc_context_create_new_ccache (gCntrlBlock, cc_credentials_v5, 0L,
+        err = cc_context_create_new_ccache (gCntrlBlock, cc_credentials_v5, "",
                                             &ccache);
     }
     
     if (!err) {
+        err = stdccv3_set_timeoffset (context, ccache);
+    }
+    
+    if (!err) {
         err = cc_ccache_get_name (ccache, &ccstring);
     }
     
@@ -395,6 +451,7 @@ krb5_stdccv3_initialize (krb5_context context,
     krb5_error_code err = 0;
     stdccCacheDataPtr ccapi_data = id->data;
     char *name = NULL;
+    cc_ccache_t ccache = NULL;
     
     if (id == NULL) { err = KRB5_CC_NOMEM; }
     
@@ -406,22 +463,27 @@ krb5_stdccv3_initialize (krb5_context context,
         err = krb5_unparse_name(context, princ, &name);
     }
     
-    if (!err && ccapi_data->NamedCache) {
-        err = cc_ccache_release(ccapi_data->NamedCache);
-        ccapi_data->NamedCache = NULL;
-    }
-    
     if (!err) {
         err = cc_context_create_ccache (gCntrlBlock, ccapi_data->cache_name, 
                                         cc_credentials_v5, name,
-                                        &ccapi_data->NamedCache);
+                                        &ccache);
     }
     
     if (!err) {
-        cache_changed();
+        err = stdccv3_set_timeoffset (context, ccache);
+    }
+    
+    if (!err) {
+        if (ccapi_data->NamedCache) {
+            err = cc_ccache_release (ccapi_data->NamedCache);
+        }
+        ccapi_data->NamedCache = ccache;
+        ccache = NULL; /* take ownership */
+        cache_changed ();
     }
     
-    if (name) { krb5_free_unparsed_name(context, name); }
+    if (ccache) { cc_ccache_release (ccache); }
+    if (name  ) { krb5_free_unparsed_name(context, name); }
     
     return cc_err_xlate(err);
 }
author	Alexandra Ellwood <lxs@mit.edu>	2007-01-18 23:24:13 +0000
committer	Alexandra Ellwood <lxs@mit.edu>	2007-01-18 23:24:13 +0000
commit	635cbee21b123f08d56ad654ec61a2bccee73c24 (patch)
tree	378b621a5ebe3346e100419deff9c6a9edf6f12f /src
parent	6152fdfde148b3df254b92df2754853907b29965 (diff)