cc_ccache_f Struct Reference

Detailed Description

Function pointer table for cc_ccache_t. For more information see cc_ccache_t Overview.

Data Fields

Field Documentation

cc_int32(* release)(cc_ccache_t io_ccache)
 

cc_ccache_release(): Release memory associated with a cc_ccache_t object.

Parameters:
io_ccache the ccache object to release.
Returns:
On success, ccNoError. On failure, an error code representing the failure.
Note:
Does not modify the ccache. If you wish to remove the ccache see cc_ccache_destroy().

cc_int32(* destroy)(cc_ccache_t io_ccache)
 

cc_ccache_destroy(): Destroy a ccache.

Parameters:
io_ccache the ccache object to destroy and release.
Returns:
On success, ccNoError. On failure, an error code representing the failure.
Destroy the ccache referred to by io_ccache and releases memory associated with the io_ccache object. After this call io_ccache becomes invalid. If io_ccache was the default ccache, the next ccache in the cache collection (if any) becomes the new default.

cc_int32(* set_default)(cc_ccache_t io_ccache)
 

cc_ccache_set_default(): Make a ccache the default ccache.

Parameters:
io_ccache a ccache object to make the new default ccache.
Returns:
On success, ccNoError. On failure, an error code representing the failure.

cc_int32(* get_credentials_version)(cc_ccache_t in_ccache, cc_uint32 *out_credentials_version)
 

cc_ccache_get_credentials_version(): Get the credentials version of a ccache.

Parameters:
in_ccache a ccache object.
out_credentials_version on exit, the credentials version of in_ccache.
Returns:
On success, ccNoError. On failure, an error code representing the failure.
cc_ccache_get_credentials_version() returns one value of the enumerated type cc_credentials_vers. The possible return values are cc_credentials_v4 (if ccache's v4 principal has been set), cc_credentials_v5 (if ccache's v5 principal has been set), or cc_credentials_v4_v5 (if both ccache's v4 and v5 principals have been set). A ccache's principal is set with one of cc_context_create_ccache(), cc_context_create_new_ccache(), cc_context_create_default_ccache(), or cc_ccache_set_principal().

cc_int32(* get_name)(cc_ccache_t in_ccache, cc_string_t *out_name)
 

cc_ccache_get_name(): Get the name of a ccache.

Parameters:
in_ccache a ccache object.
out_name on exit, a cc_string_t representing the name of in_ccache. out_name must be released with cc_string_release().
Returns:
On success, ccNoError. On failure, an error code representing the failure.

cc_int32(* get_principal)(cc_ccache_t in_ccache, cc_uint32 in_credentials_version, cc_string_t *out_principal)
 

cc_ccache_get_principal(): Get the principal of a ccache.

Parameters:
in_ccache a ccache object.
in_credentials_version the credentials version to get the principal for.
out_principal on exit, a cc_string_t representing the principal of in_ccache. out_principal must be released with cc_string_release().
Returns:
On success, ccNoError. On failure, an error code representing the failure.
Return the principal for the ccache that was set via cc_context_create_ccache(), cc_context_create_default_ccache(), cc_context_create_new_ccache(), or cc_ccache_set_principal(). Principals for v4 and v5 are separate, but should be kept synchronized for each ccache; they can be retrieved by passing cc_credentials_v4 or cc_credentials_v5 in cred_vers. Passing cc_credentials_v4_v5 will result in the error ccErrBadCredentialsVersion.

cc_int32(* set_principal)(cc_ccache_t io_ccache, cc_uint32 in_credentials_version, const char *in_principal)
 

cc_ccache_set_principal(): Set the principal of a ccache.

Parameters:
in_ccache a ccache object.
in_credentials_version the credentials version to set the principal for.
in_principal a C string representing the new principal of in_ccache.
Returns:
On success, ccNoError. On failure, an error code representing the failure.
Set the a principal for ccache. The v4 and v5 principals can be set independently, but they should always be kept equal, up to differences in string representation between v4 and v5. Passing cc_credentials_v4_v5 in cred_vers will result in the error ccErrBadCredentialsVersion.

cc_int32(* store_credentials)(cc_ccache_t io_ccache, const cc_credentials_union *in_credentials_union)
 

cc_ccache_store_credentials(): Store credentials in a ccache.

Parameters:
io_ccache a ccache object.
in_credentials_union the credentials to store in io_ccache.
Returns:
On success, ccNoError. On failure, an error code representing the failure.
Store a copy of credentials in the ccache.

See the description of the credentials types for the meaning of cc_credentials_union fields.

Before credentials of a specific credential type can be stored in a ccache, the corresponding principal version has to be set. For example, before you can store Kerberos v4 credentials in a ccache, the Kerberos v4 principal has to be set either by cc_context_create_ccache(), cc_context_create_default_ccache(), cc_context_create_new_ccache(), or cc_ccache_set_principal(); likewise for Kerberos v5. Otherwise, ccErrBadCredentialsVersion is returned.

cc_int32(* remove_credentials)(cc_ccache_t io_ccache, cc_credentials_t in_credentials)
 

cc_ccache_remove_credentials(): Remove credentials from a ccache.

Parameters:
io_ccache a ccache object.
in_credentials the credentials to remove from io_ccache.
Returns:
On success, ccNoError. On failure, an error code representing the failure.
Removes credentials from a ccache. Note that credentials must be previously acquired from the CCache API; only exactly matching credentials will be removed. (This places the burden of determining exactly which credentials to remove on the caller, but ensures there is no ambigity about which credentials will be removed.) cc_credentials_t objects can be obtained by iterating over the ccache's credentials with cc_ccache_new_credentials_iterator().

If found, the credentials are removed from the ccache. The credentials parameter is not modified and should be freed by the caller. It is legitimate to call this function while an iterator is traversing the ccache, and the deletion of a credential already returned by cc_credentials_iterator_next() will not disturb sequence of credentials returned by cc_credentials_iterator_next().

cc_int32(* new_credentials_iterator)(cc_ccache_t in_ccache, cc_credentials_iterator_t *out_credentials_iterator)
 

cc_ccache_new_credentials_iterator(): Iterate over credentials in a ccache.

Parameters:
in_ccache a ccache object.
out_credentials_iterator a credentials iterator for io_ccache.
Returns:
On success, ccNoError. On failure, an error code representing the failure.
Allocates memory for iterator and initializes it. Successive calls to cc_credentials_iterator_next() will return credentials from the ccache.

If changes are made to the ccache while an iterator is being used on it, the iterator must return at least the intersection, and at most the union, of the set of credentials that were in the ccache when the iteration began and the set of credentials that are in the ccache when it ends.

cc_int32(* move)(cc_ccache_t io_source_ccache, cc_ccache_t io_destination_ccache)
 

cc_ccache_move(): Move the contents of one ccache into another, destroying the source.

Parameters:
io_source_ccache a ccache object to move.
io_destination_ccache a ccache object replace with the contents of io_source_ccache.
Returns:
On success, ccNoError. On failure, an error code representing the failure.
cc_ccache_move() atomically copies the credentials, credential versions and principals from one ccache to another. On successful completion io_source_ccache will be released and the ccache it points to will be destroyed. Any credentials previously in io_destination_ccache will be replaced with credentials from io_source_ccache. The only part of io_destination_ccache which remains constant is the name. Any other callers referring to io_destination_ccache will suddenly see new data in it.

Typically cc_ccache_move() is used when the caller wishes to safely overwrite the contents of a ccache with new data which requires several steps to generate. cc_ccache_move() allows the caller to create a temporary ccache (which can be destroyed if any intermediate step fails) and the atomically copy the temporary cache into the destination.

cc_int32(* lock)(cc_ccache_t io_ccache, cc_uint32 in_lock_type, cc_uint32 in_block)
 

cc_ccache_lock(): Lock a ccache.

Parameters:
io_ccache the ccache object for the ccache you wish to lock.
in_lock_type the type of lock to obtain.
in_block whether or not the function should block if the lock cannot be obtained immediately.
Returns:
On success, ccNoError. On failure, an error code representing the failure.
Attempts to acquire an advisory lock for a ccache. Allowed values for lock_type are:

  • cc_lock_read: a read lock.
  • cc_lock_write: a write lock
  • cc_lock_upgrade: upgrade an already-obtained read lock to a write lock
  • cc_lock_downgrade: downgrade an already-obtained write lock to a read lock
If block is cc_lock_block, lock() will not return until the lock is acquired. If block is cc_lock_noblock, lock() will return immediately, either acquiring the lock and returning ccNoError, or failing to acquire the lock and returning an error explaining why.

To avoid having to deal with differences between thread semantics on different platforms, locks are granted per ccache, rather than per thread or per process. That means that different threads of execution have to acquire separate contexts in order to be able to synchronize with each other.

The lock should be unlocked by using cc_ccache_unlock().

Note:
All locks are advisory. For example, callers which do not call cc_ccache_lock() and cc_ccache_unlock() will not be prevented from writing to the ccache when you have a read lock. This is because the CCAPI locking was added after the first release and thus adding mandatory locks would have changed the user experience and performance of existing applications.

cc_int32(* unlock)(cc_ccache_t io_ccache)
 

cc_ccache_unlock(): Unlock a ccache.

Parameters:
io_ccache a ccache object.
Returns:
On success, ccNoError. On failure, an error code representing the failure.

cc_int32(* get_last_default_time)(cc_ccache_t in_ccache, cc_time_t *out_last_default_time)
 

cc_ccache_get_change_time(): Get the last time a ccache was the default ccache.

Parameters:
in_ccache a cache object.
out_last_default_time on exit, the last time the ccache was default.
Returns:
On success, ccNoError. On failure, an error code representing the failure.
This function returns the last time when the ccache was made the default ccache. This allows clients to sort the ccaches by how recently they were default, which is useful for user listing of ccaches. If the ccache was never default, ccErrNeverDefault is returned.

cc_int32(* get_change_time)(cc_ccache_t in_ccache, cc_time_t *out_change_time)
 

cc_ccache_get_change_time(): Get the last time a ccache changed.

Parameters:
in_ccache a cache object.
out_change_time on exit, the last time the ccache changed.
Returns:
On success, ccNoError. If the ccache was never the default ccache, ccErrNeverDefault. Otherwise, an error code representing the failure.
This function returns the time of the most recent change made to a ccache. By maintaining a local copy the caller can deduce whether or not the ccache has been modified since the previous call to cc_ccache_get_change_time().

The time returned by cc_ccache_get_change_time() increases whenever:

  • a credential is stored
  • a credential is removed
  • a ccache principal is changed
  • the ccache becomes the default ccache
  • the ccache is no longer the default ccache
Note:
In order to be able to compare two values returned by cc_ccache_get_change_time(), the caller must use the same ccache object to acquire them. Callers should maintain a single ccache object in memory for cc_ccache_get_change_time() calls rather than creating a new ccache object for every call.
See also:
wait_for_change

cc_int32(* compare)(cc_ccache_t in_ccache, cc_ccache_t in_compare_to_ccache, cc_uint32 *out_equal)
 

cc_ccache_compare(): Compare two ccache objects.

Parameters:
in_ccache a ccache object.
in_compare_to_ccache a ccache object to compare with in_ccache.
out_equal on exit, whether or not the two ccaches refer to the same ccache.
Returns:
On success, ccNoError. On failure, an error code representing the failure.

cc_int32(* get_kdc_time_offset)(cc_ccache_t in_ccache, cc_uint32 in_credentials_version, cc_time_t *out_time_offset)
 

cc_ccache_get_kdc_time_offset(): Get the KDC time offset for credentials in a ccache.

Parameters:
in_ccache a ccache object.
in_credentials_version the credentials version to get the time offset for.
out_time_offset on exit, the KDC time offset for in_ccache for credentials version in_credentials_version.
Returns:
On success, ccNoError if a time offset was obtained or ccErrTimeOffsetNotSet if a time offset has not been set. On failure, an error code representing the failure.
See also:
set_kdc_time_offset, clear_kdc_time_offset
Sometimes the KDC and client's clocks get out of sync. cc_ccache_get_kdc_time_offset() returns the difference between the KDC and client's clocks at the time credentials were acquired. This offset allows callers to figure out how much time is left on a given credential even though the end_time is based on the KDC's clock not the client's clock.

cc_int32(* set_kdc_time_offset)(cc_ccache_t io_ccache, cc_uint32 in_credentials_version, cc_time_t in_time_offset)
 

cc_ccache_set_kdc_time_offset(): Set the KDC time offset for credentials in a ccache.

Parameters:
in_ccache a ccache object.
in_credentials_version the credentials version to get the time offset for.
in_time_offset the new KDC time offset for in_ccache for credentials version in_credentials_version.
Returns:
On success, ccNoError. On failure, an error code representing the failure.
See also:
get_kdc_time_offset, clear_kdc_time_offset
Sometimes the KDC and client's clocks get out of sync. cc_ccache_set_kdc_time_offset() sets the difference between the KDC and client's clocks at the time credentials were acquired. This offset allows callers to figure out how much time is left on a given credential even though the end_time is based on the KDC's clock not the client's clock.

cc_int32(* clear_kdc_time_offset)(cc_ccache_t io_ccache, cc_uint32 in_credentials_version)
 

cc_ccache_clear_kdc_time_offset(): Clear the KDC time offset for credentials in a ccache.

Parameters:
in_ccache a ccache object.
in_credentials_version the credentials version to get the time offset for.
Returns:
On success, ccNoError. On failure, an error code representing the failure.
See also:
get_kdc_time_offset, set_kdc_time_offset
Sometimes the KDC and client's clocks get out of sync. cc_ccache_clear_kdc_time_offset() clears the difference between the KDC and client's clocks at the time credentials were acquired. This offset allows callers to figure out how much time is left on a given credential even though the end_time is based on the KDC's clock not the client's clock.

cc_int32(* wait_for_change)(cc_ccache_t in_ccache)
 

cc_ccache_wait_for_change(): Wait for the next change to a ccache.

Parameters:
in_ccache a ccache object.
Returns:
On success, ccNoError. On failure, an error code representing the failure.
This function blocks until the next change is made to the ccache referenced by in_ccache. By repeatedly calling cc_ccache_wait_for_change() from a worker thread the caller can effectively receive callbacks whenever the ccache changes. This is considerably more efficient than polling with cc_ccache_get_change_time().

cc_ccache_wait_for_change() will return whenever:

  • a credential is stored
  • a credential is removed
  • the ccache principal is changed
  • the ccache becomes the default ccache
  • the ccache is no longer the default ccache
Note:
In order to make sure that the caller doesn't miss any changes, cc_ccache_wait_for_change() always returns immediately after the first time it is called on a new ccache object. Callers must use the same ccache object for successive calls to cc_ccache_wait_for_change() rather than creating a new ccache object for every call.
See also:
get_change_time

Generated on Tue Oct 2 17:16:05 2007 for Credentials Cache API by  doxygen 1.4.6