-: 0:Source:val_cred.c -: 0:Graph:/var/tsitkova/Sources/v10/trunk/src/lib/gssapi/krb5/val_cred.so.gcno -: 0:Data:/var/tsitkova/Sources/v10/trunk/src/lib/gssapi/krb5/val_cred.so.gcda -: 0:Runs:1069 -: 0:Programs:1 -: 1:/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -: 2:/* -: 3: * Copyright 1997, 2007 by Massachusetts Institute of Technology -: 4: * All Rights Reserved. -: 5: * -: 6: * Export of this software from the United States of America may -: 7: * require a specific license from the United States Government. -: 8: * It is the responsibility of any person or organization contemplating -: 9: * export to obtain such a license before exporting. -: 10: * -: 11: * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -: 12: * distribute this software and its documentation for any purpose and -: 13: * without fee is hereby granted, provided that the above copyright -: 14: * notice appear in all copies and that both that copyright notice and -: 15: * this permission notice appear in supporting documentation, and that -: 16: * the name of M.I.T. not be used in advertising or publicity pertaining -: 17: * to distribution of the software without specific, written prior -: 18: * permission. Furthermore if you modify this software you must label -: 19: * your software as modified software and not distribute it in such a -: 20: * fashion that it might be confused with the original M.I.T. software. -: 21: * M.I.T. makes no representations about the suitability of -: 22: * this software for any purpose. It is provided "as is" without express -: 23: * or implied warranty. -: 24: */ -: 25: -: 26:#include "gssapiP_krb5.h" -: 27: -: 28:/* Check to see whether or not a GSSAPI krb5 credential is valid. If -: 29: * it is not, return an error. */ -: 30: -: 31:OM_uint32 270: 32:krb5_gss_validate_cred_1(OM_uint32 *minor_status, gss_cred_id_t cred_handle, -: 33: krb5_context context) -: 34:{ -: 35: krb5_gss_cred_id_t cred; -: 36: krb5_error_code code; -: 37: krb5_principal princ; -: 38: 270: 39: cred = (krb5_gss_cred_id_t) cred_handle; -: 40: 270: 41: code = k5_mutex_lock(&cred->lock); 270: 42: if (code) { #####: 43: *minor_status = code; #####: 44: return GSS_S_FAILURE; -: 45: } -: 46: 270: 47: if (cred->ccache) { 108: 48: if ((code = krb5_cc_get_principal(context, cred->ccache, &princ))) { #####: 49: k5_mutex_unlock(&cred->lock); #####: 50: *minor_status = code; #####: 51: return(GSS_S_DEFECTIVE_CREDENTIAL); -: 52: } 216: 53: if (!cred->proxy_cred && 108: 54: !krb5_principal_compare(context, princ, cred->name->princ)) { #####: 55: k5_mutex_unlock(&cred->lock); #####: 56: *minor_status = KG_CCACHE_NOMATCH; #####: 57: return(GSS_S_DEFECTIVE_CREDENTIAL); -: 58: } 108: 59: (void)krb5_free_principal(context, princ); -: 60: } 270: 61: *minor_status = 0; 270: 62: return GSS_S_COMPLETE; -: 63:} -: 64: -: 65:OM_uint32 27: 66:krb5_gss_validate_cred(minor_status, cred_handle) -: 67: OM_uint32 *minor_status; -: 68: gss_cred_id_t cred_handle; -: 69:{ -: 70: krb5_context context; -: 71: krb5_error_code code; -: 72: OM_uint32 maj; -: 73: 27: 74: code = krb5_gss_init_context(&context); 27: 75: if (code) { #####: 76: *minor_status = code; #####: 77: return GSS_S_FAILURE; -: 78: } -: 79: 27: 80: maj = krb5_gss_validate_cred_1(minor_status, cred_handle, context); 27: 81: if (maj == 0) { 27: 82: krb5_gss_cred_id_t cred = (krb5_gss_cred_id_t) cred_handle; -: 83: k5_mutex_assert_locked(&cred->lock); 27: 84: k5_mutex_unlock(&cred->lock); -: 85: } 27: 86: save_error_info(*minor_status, context); 27: 87: krb5_free_context(context); 27: 88: return maj; -: 89:}