[krbdev.mit.edu #6281] krb5_cc_cache_match

Thu Dec 4 13:38:49 EST 2008

diff -Nur -x '*~' -x '*.orig' -x '*.rej' -x '*.pbxbtree' -x '*.pbxindex' -x lha.mode1v3 -x lha.mode2v3 -x lha.pbxuser -x windows -x .DS_Store Kerberos.AEP-6.5fc1.orig/KerberosFramework/Kerberos5/Projects/krb5.pbexp Kerberos.AEP-6.5fc1/KerberosFramework/Kerberos5/Projects/krb5.pbexp

--- Kerberos.AEP-6.5fc1.orig/KerberosFramework/Kerberos5/Projects/krb5.pbexp	2008-11-14 10:40:47.000000000 -0800
+++ Kerberos.AEP-6.5fc1/KerberosFramework/Kerberos5/Projects/krb5.pbexp	2008-11-14 11:04:20.000000000 -0800
@@ -355,3 +355,4 @@
 _krb5_is_config_principal
 _krb5_ipc_client_set_target_uid
 _krb5_ipc_client_clear_target
+_krb5_cc_cache_match
\ No newline at end of file
diff -Nur -x '*~' -x '*.orig' -x '*.rej' -x '*.pbxbtree' -x '*.pbxindex' -x lha.mode1v3 -x lha.mode2v3 -x lha.pbxuser -x windows -x .DS_Store Kerberos.AEP-6.5fc1.orig/KerberosFramework/Kerberos5/Sources/include/krb5/krb5.hin Kerberos.AEP-6.5fc1/KerberosFramework/Kerberos5/Sources/include/krb5/krb5.hin
--- Kerberos.AEP-6.5fc1.orig/KerberosFramework/Kerberos5/Sources/include/krb5/krb5.hin	2008-11-14 10:40:47.000000000 -0800
+++ Kerberos.AEP-6.5fc1/KerberosFramework/Kerberos5/Sources/include/krb5/krb5.hin	2008-11-14 11:03:02.000000000 -0800
@@ -1311,6 +1311,10 @@
 krb5_error_code KRB5_CALLCONV
 krb5_cc_unlock (krb5_context context, krb5_ccache ccache);
 
+krb5_error_code KRB5_CALLCONV
+krb5_cc_cache_match (krb5_context context,
+		     krb5_principal client,
+		     krb5_ccache *id);
 
 krb5_error_code KRB5_CALLCONV
 krb5_cccol_cursor_new(krb5_context context, krb5_cccol_cursor *cursor);
diff -Nur -x '*~' -x '*.orig' -x '*.rej' -x '*.pbxbtree' -x '*.pbxindex' -x lha.mode1v3 -x lha.mode2v3 -x lha.pbxuser -x windows -x .DS_Store Kerberos.AEP-6.5fc1.orig/KerberosFramework/Kerberos5/Sources/lib/krb5/ccache/ccfns.c Kerberos.AEP-6.5fc1/KerberosFramework/Kerberos5/Sources/lib/krb5/ccache/ccfns.c
--- Kerberos.AEP-6.5fc1.orig/KerberosFramework/Kerberos5/Sources/lib/krb5/ccache/ccfns.c	2008-11-14 10:40:47.000000000 -0800
+++ Kerberos.AEP-6.5fc1/KerberosFramework/Kerberos5/Sources/lib/krb5/ccache/ccfns.c	2008-11-14 11:14:36.000000000 -0800
@@ -344,3 +344,67 @@
     krb5_free_cred_contents(context, &mcred);
     return ret;
 }
+
+/*!
+ * \return On failure, error code is returned and `id' is set to NULL.
+ *
+ * \param context A Kerberos 5 context
+ * \param client The principal to search for
+ * \param id the returned credential cache
+ *
+ * \brief Search for a matching credential cache that have the
+ *    `principal' as the default principal. On success, `id' needs to be
+ *    freed with krb5_cc_close() or krb5_cc_destroy().
+ */
+
+krb5_error_code KRB5_CALLCONV
+krb5_cc_cache_match (krb5_context context,
+		     krb5_principal client,
+		     krb5_ccache *id)
+{
+    krb5_cccol_cursor cursor;
+    krb5_error_code ret;
+    krb5_ccache cache = NULL;
+
+    *id = NULL;
+
+    ret = krb5_cccol_cursor_new (context, &cursor);
+    if (ret)
+	return ret;
+
+    while ((ret = krb5_cccol_cursor_next (context, cursor, &cache)) == 0 && cache != NULL) {
+	krb5_principal principal;
+
+	ret = krb5_cc_get_principal(context, cache, &principal);
+	if (ret == 0) {
+	    krb5_boolean match;
+	
+	    match = krb5_principal_compare(context, principal, client);
+	    krb5_free_principal(context, principal);
+	    if (match)
+		break;
+	}
+
+	krb5_cc_close(context, cache);
+	cache = NULL;
+    }
+
+    krb5_cccol_cursor_free(context, &cursor);
+
+    if (cache == NULL) {
+	char *str;
+
+	krb5_unparse_name(context, client, &str);
+
+	krb5_set_error_message(context, KRB5_CC_NOTFOUND,
+			       "Principal %s not found in a "
+			       "credential cache",
+			       str ? str : "<out of memory>");
+	if (str)
+	    free(str);
+	return KRB5_CC_NOTFOUND;
+    }
+    *id = cache;
+
+    return 0;
+}


