-: 0:Source:in_tkt_sky.c -: 0:Graph:/var/tsitkova/Sources/v10/trunk/src/lib/krb5/krb/in_tkt_sky.so.gcno -: 0:Data:/var/tsitkova/Sources/v10/trunk/src/lib/krb5/krb/in_tkt_sky.so.gcda -: 0:Runs:1602 -: 0:Programs:1 -: 1:/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -: 2:/* lib/krb5/krb/in_tkt_sky.c */ -: 3:/* -: 4: * Copyright 1990,1991, 2008 by the Massachusetts Institute of Technology. -: 5: * All Rights Reserved. -: 6: * -: 7: * Export of this software from the United States of America may -: 8: * require a specific license from the United States Government. -: 9: * It is the responsibility of any person or organization contemplating -: 10: * export to obtain such a license before exporting. -: 11: * -: 12: * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -: 13: * distribute this software and its documentation for any purpose and -: 14: * without fee is hereby granted, provided that the above copyright -: 15: * notice appear in all copies and that both that copyright notice and -: 16: * this permission notice appear in supporting documentation, and that -: 17: * the name of M.I.T. not be used in advertising or publicity pertaining -: 18: * to distribution of the software without specific, written prior -: 19: * permission. Furthermore if you modify this software you must label -: 20: * your software as modified software and not distribute it in such a -: 21: * fashion that it might be confused with the original M.I.T. software. -: 22: * M.I.T. makes no representations about the suitability of -: 23: * this software for any purpose. It is provided "as is" without express -: 24: * or implied warranty. -: 25: */ -: 26: -: 27:#include "k5-int.h" -: 28: -: 29:/* A krb5_gic_get_as_key_fct shim for copying a caller-provided keyblock into -: 30: * the AS keyblock. */ -: 31:static krb5_error_code #####: 32:get_as_key_skey(krb5_context context, krb5_principal client, -: 33: krb5_enctype etype, krb5_prompter_fct prompter, -: 34: void *prompter_data, krb5_data *salt, krb5_data *params, -: 35: krb5_keyblock *as_key, void *gak_data) -: 36:{ #####: 37: const krb5_keyblock *key = gak_data; -: 38: #####: 39: if (!krb5_c_valid_enctype(etype)) #####: 40: return(KRB5_PROG_ETYPE_NOSUPP); #####: 41: if (as_key->length) #####: 42: krb5_free_keyblock_contents(context, as_key); #####: 43: return krb5int_c_copy_keyblock_contents(context, key, as_key); -: 44:} -: 45: -: 46:/* -: 47: Similar to krb5_get_in_tkt_with_password. -: 48: -: 49: Attempts to get an initial ticket for creds->client to use server -: 50: creds->server, (realm is taken from creds->client), with options -: 51: options, and using creds->times.starttime, creds->times.endtime, -: 52: creds->times.renew_till as from, till, and rtime. -: 53: creds->times.renew_till is ignored unless the RENEWABLE option is requested. -: 54: -: 55: If addrs is non-NULL, it is used for the addresses requested. If it is -: 56: null, the system standard addresses are used. -: 57: -: 58: If keyblock is NULL, an appropriate key for creds->client is retrieved -: 59: from the system key store (e.g. /etc/srvtab). If keyblock is non-NULL, -: 60: it is used as the decryption key. -: 61: -: 62: A succesful call will place the ticket in the credentials cache ccache. -: 63: -: 64: returns system errors, encryption errors -: 65: -: 66:*/ -: 67:krb5_error_code KRB5_CALLCONV #####: 68:krb5_get_in_tkt_with_skey(krb5_context context, krb5_flags options, -: 69: krb5_address *const *addrs, krb5_enctype *ktypes, -: 70: krb5_preauthtype *pre_auth_types, -: 71: const krb5_keyblock *key, krb5_ccache ccache, -: 72: krb5_creds *creds, krb5_kdc_rep **ret_as_reply) -: 73:{ -: 74: krb5_error_code retval; -: 75: char *server; -: 76: krb5_principal server_princ, client_princ; #####: 77: int use_master = 0; #####: 78: krb5_get_init_creds_opt *opts = NULL; -: 79: -: 80:#ifndef LEAN_CLIENT #####: 81: if (key == NULL) { #####: 82: return krb5_get_in_tkt_with_keytab(context, options, addrs, ktypes, -: 83: pre_auth_types, NULL, ccache, -: 84: creds, ret_as_reply); -: 85: } -: 86:#endif /* LEAN_CLIENT */ -: 87: #####: 88: retval = krb5int_populate_gic_opt(context, &opts, options, addrs, ktypes, -: 89: pre_auth_types, creds); #####: 90: if (retval) #####: 91: return retval; #####: 92: retval = krb5_unparse_name(context, creds->server, &server); #####: 93: if (retval) { #####: 94: krb5_get_init_creds_opt_free(context, opts); #####: 95: return retval; -: 96: } #####: 97: server_princ = creds->server; #####: 98: client_princ = creds->client; #####: 99: retval = krb5int_get_init_creds(context, creds, creds->client, -: 100: krb5_prompter_posix, NULL, 0, server, opts, -: 101: get_as_key_skey, (void *) key, &use_master, -: 102: ret_as_reply); #####: 103: krb5_free_unparsed_name(context, server); #####: 104: krb5_get_init_creds_opt_free(context, opts); #####: 105: if (retval) #####: 106: return retval; #####: 107: krb5_free_principal( context, creds->server); #####: 108: krb5_free_principal( context, creds->client); #####: 109: creds->client = client_princ; #####: 110: creds->server = server_princ; -: 111: /* store it in the ccache! */ #####: 112: if (ccache) #####: 113: retval = krb5_cc_store_cred(context, ccache, creds); #####: 114: return retval; -: 115:}