svn rev #25155: trunk/src/ include/ include/krb5/ lib/ lib/krb5/ lib/krb5/ccache/ ...
ghudson@MIT.EDU
ghudson at MIT.EDU
Mon Sep 5 12:26:37 EDT 2011
http://src.mit.edu/fisheye/changelog/krb5/?cs=25155
Commit By: ghudson
Log Message:
ticket: 6954
subject: Add new cache collection APIs
* krb5_cc_get_full_name retrieves the full type:name of a cache.
* krb5_cc_switch makes a cache the primary cache.
* krb5_cc_cache_match searches the collection for a client principal.
* krb5_free_string releases a string (for the krb5_cc_get_full_name
result).
All of these are from Heimdal except for krb5_free_string (Heimdal uses
krb5_xfree).
Changed Files:
U trunk/src/include/k5-int.h
U trunk/src/include/krb5/krb5.hin
U trunk/src/lib/krb5/ccache/cc_dir.c
U trunk/src/lib/krb5/ccache/cc_file.c
U trunk/src/lib/krb5/ccache/cc_keyring.c
U trunk/src/lib/krb5/ccache/cc_memory.c
U trunk/src/lib/krb5/ccache/cc_mslsa.c
U trunk/src/lib/krb5/ccache/ccbase.c
U trunk/src/lib/krb5/ccache/cccursor.c
U trunk/src/lib/krb5/ccache/ccfns.c
U trunk/src/lib/krb5/krb/kfree.c
U trunk/src/lib/krb5/libkrb5.exports
U trunk/src/lib/krb5_32.def
Modified: trunk/src/include/k5-int.h
===================================================================
--- trunk/src/include/k5-int.h 2011-09-05 16:26:30 UTC (rev 25154)
+++ trunk/src/include/k5-int.h 2011-09-05 16:26:37 UTC (rev 25155)
@@ -2367,6 +2367,7 @@
krb5_timestamp *);
krb5_error_code (KRB5_CALLCONV *lock)(krb5_context, krb5_ccache);
krb5_error_code (KRB5_CALLCONV *unlock)(krb5_context, krb5_ccache);
+ krb5_error_code (KRB5_CALLCONV *switch_to)(krb5_context, krb5_ccache);
};
extern const krb5_cc_ops *krb5_cc_dfl_ops;
Modified: trunk/src/include/krb5/krb5.hin
===================================================================
--- trunk/src/include/krb5/krb5.hin 2011-09-05 16:26:30 UTC (rev 25154)
+++ trunk/src/include/krb5/krb5.hin 2011-09-05 16:26:37 UTC (rev 25155)
@@ -2285,6 +2285,18 @@
const char * KRB5_CALLCONV
krb5_cc_get_name(krb5_context context, krb5_ccache cache);
+/*
+ * Retrieve the full name of a credential cache.
+ *
+ * @param [in] context Library context
+ * @param [in] cache Credential cache handle
+ * @param [out] fullname_out Full name of cache
+ *
+ */
+krb5_error_code KRB5_CALLCONV
+krb5_cc_get_full_name(krb5_context context, krb5_ccache cache,
+ char **fullname_out);
+
#if KRB5_DEPRECATED
krb5_error_code KRB5_CALLCONV
krb5_cc_gen_new(krb5_context context, krb5_ccache *cache);
@@ -4393,6 +4405,54 @@
krb5_boolean KRB5_CALLCONV
krb5_is_config_principal(krb5_context context, krb5_const_principal principal);
+/**
+ * Make a credential cache the primary cache for its collection.
+ *
+ * @param [in] context Library context
+ * @param [in] cache Credential cache handle
+ *
+ * If the type of @a cache supports it, set @a cache to be the primary
+ * credential cache for the collection it belongs to.
+ *
+ * @retval
+ * 0 Success, or the type of @a cache doesn't support switching
+ * @return
+ * Kerberos error codes
+ */
+krb5_error_code KRB5_CALLCONV
+krb5_cc_switch(krb5_context context, krb5_ccache cache);
+
+/**
+ * Determine whether a credential cache type supports switching.
+ *
+ * @param [in] context Library context
+ * @param [in] type Credential cache type
+ *
+ * @retval @c TRUE if @a type supports switching
+ * @retval @a FALSE if it does not or is not a valid credential cache type.
+ */
+krb5_boolean KRB5_CALLCONV
+krb5_cc_support_switch(krb5_context context, const char *type);
+
+/**
+ * Find a credential cache with a specified client principal.
+ *
+ * @param [in] context Library context
+ * @param [in] client Client principal
+ * @param [out] cache_out Credential cache handle
+ *
+ * Find a cache within the collection whose default principal is @a client.
+ * Use @a krb5_cc_close to close @a ccache when it is no longer needed.
+ *
+ * @retval 0 Success
+ * @retval KRB5_CC_NOTFOUND
+ *
+ * @sa krb5_cccol_cursor_new
+ */
+krb5_error_code KRB5_CALLCONV
+krb5_cc_cache_match(krb5_context context, krb5_principal client,
+ krb5_ccache *cache_out);
+
/* krb5_free.c */
/**
* Free the storage assigned to a principal.
@@ -4571,6 +4631,15 @@
krb5_free_unparsed_name(krb5_context context, char *val);
/**
+ * Free a string allocated by a krb5 function.
+ *
+ * @param [in] context Library context
+ * @param [in] val String to be freed
+ */
+void KRB5_CALLCONV
+krb5_free_string(krb5_context context, char *val);
+
+/**
* Free an array of checksum types.
*
* @param [in] context Library context
Modified: trunk/src/lib/krb5/ccache/cc_dir.c
===================================================================
--- trunk/src/lib/krb5/ccache/cc_dir.c 2011-09-05 16:26:30 UTC (rev 25154)
+++ trunk/src/lib/krb5/ccache/cc_dir.c 2011-09-05 16:26:37 UTC (rev 25155)
@@ -672,6 +672,30 @@
return krb5_fcc_ops.unlock(context, data->fcc);
}
+static krb5_error_code KRB5_CALLCONV
+dcc_switch_to(krb5_context context, krb5_ccache cache)
+{
+ dcc_data *data = cache->data;
+ char *primary_path = NULL, *dirname = NULL, *filename = NULL;
+ krb5_error_code ret;
+
+ ret = split_path(context, data->residual + 1, &dirname, &filename);
+ if (ret)
+ return ret;
+
+ ret = primary_pathname(dirname, &primary_path);
+ if (ret)
+ goto cleanup;
+
+ ret = write_primary_file(primary_path, filename);
+
+cleanup:
+ free(primary_path);
+ free(dirname);
+ free(filename);
+ return ret;
+}
+
const krb5_cc_ops krb5_dcc_ops = {
0,
"DIR",
@@ -698,6 +722,7 @@
NULL, /* wasdefault */
dcc_lock,
dcc_unlock,
+ dcc_switch_to,
};
#endif /* not _WIN32 */
Modified: trunk/src/lib/krb5/ccache/cc_file.c
===================================================================
--- trunk/src/lib/krb5/ccache/cc_file.c 2011-09-05 16:26:30 UTC (rev 25154)
+++ trunk/src/lib/krb5/ccache/cc_file.c 2011-09-05 16:26:37 UTC (rev 25155)
@@ -2557,6 +2557,7 @@
NULL, /* wasdefault */
krb5_fcc_lock,
krb5_fcc_unlock,
+ NULL, /* switch_to */
};
#if defined(_WIN32)
@@ -2626,4 +2627,5 @@
NULL, /* wasdefault */
krb5_fcc_lock,
krb5_fcc_unlock,
+ NULL, /* switch_to */
};
Modified: trunk/src/lib/krb5/ccache/cc_keyring.c
===================================================================
--- trunk/src/lib/krb5/ccache/cc_keyring.c 2011-09-05 16:26:30 UTC (rev 25154)
+++ trunk/src/lib/krb5/ccache/cc_keyring.c 2011-09-05 16:26:37 UTC (rev 25155)
@@ -2073,6 +2073,7 @@
NULL, /* wasdefault */
krb5_krcc_lock,
krb5_krcc_unlock,
+ NULL, /* switch_to */
};
#else /* !USE_KEYRING_CCACHE */
@@ -2106,5 +2107,6 @@
NULL,
NULL,
NULL,
+ NULL,
};
#endif /* USE_KEYRING_CCACHE */
Modified: trunk/src/lib/krb5/ccache/cc_memory.c
===================================================================
--- trunk/src/lib/krb5/ccache/cc_memory.c 2011-09-05 16:26:30 UTC (rev 25154)
+++ trunk/src/lib/krb5/ccache/cc_memory.c 2011-09-05 16:26:37 UTC (rev 25155)
@@ -827,4 +827,5 @@
NULL, /* wasdefault */
krb5_mcc_lock,
krb5_mcc_unlock,
+ NULL, /* switch_to */
};
Modified: trunk/src/lib/krb5/ccache/cc_mslsa.c
===================================================================
--- trunk/src/lib/krb5/ccache/cc_mslsa.c 2011-09-05 16:26:30 UTC (rev 25154)
+++ trunk/src/lib/krb5/ccache/cc_mslsa.c 2011-09-05 16:26:37 UTC (rev 25155)
@@ -2758,5 +2758,6 @@
NULL,
NULL,
NULL,
+ NULL,
};
#endif /* _WIN32 */
Modified: trunk/src/lib/krb5/ccache/ccbase.c
===================================================================
--- trunk/src/lib/krb5/ccache/ccbase.c 2011-09-05 16:26:30 UTC (rev 25154)
+++ trunk/src/lib/krb5/ccache/ccbase.c 2011-09-05 16:26:37 UTC (rev 25155)
@@ -418,6 +418,16 @@
return ret;
}
+krb5_boolean KRB5_CALLCONV
+krb5_cc_support_switch(krb5_context context, const char *type)
+{
+ const krb5_cc_ops *ops;
+ krb5_error_code err;
+
+ err = krb5int_cc_getops(context, type, &ops);
+ return (err ? FALSE : (ops->switch_to != NULL));
+}
+
krb5_error_code
k5_cc_mutex_init(k5_cc_mutex *m)
{
Modified: trunk/src/lib/krb5/ccache/cccursor.c
===================================================================
--- trunk/src/lib/krb5/ccache/cccursor.c 2011-09-05 16:26:30 UTC (rev 25154)
+++ trunk/src/lib/krb5/ccache/cccursor.c 2011-09-05 16:26:37 UTC (rev 25155)
@@ -358,3 +358,47 @@
errout:
return ret;
}
+
+krb5_error_code
+krb5_cc_cache_match(krb5_context context, krb5_principal client,
+ krb5_ccache *cache_out)
+{
+ krb5_error_code ret;
+ krb5_cccol_cursor cursor;
+ krb5_ccache cache;
+ krb5_principal princ;
+ char *name;
+ krb5_boolean eq;
+
+ *cache_out = NULL;
+ ret = krb5_cccol_cursor_new(context, &cursor);
+ if (ret)
+ return ret;
+
+ while ((ret = krb5_cccol_cursor_next(context, cursor, &cache)) == 0 &&
+ cache != NULL) {
+ ret = krb5_cc_get_principal(context, cache, &princ);
+ if (ret == 0) {
+ eq = krb5_principal_compare(context, princ, client);
+ krb5_free_principal(context, princ);
+ if (eq)
+ break;
+ }
+ krb5_cc_close(context, cache);
+ }
+ krb5_cccol_cursor_free(context, &cursor);
+ if (ret)
+ return ret;
+ if (cache == NULL) {
+ ret = krb5_unparse_name(context, client, &name);
+ if (ret == 0) {
+ krb5_set_error_message(context, KRB5_CC_NOTFOUND,
+ _("Can't find client principal %s in "
+ "cache collection"), name);
+ krb5_free_unparsed_name(context, name);
+ }
+ ret = KRB5_CC_NOTFOUND;
+ } else
+ *cache_out = cache;
+ return ret;
+}
Modified: trunk/src/lib/krb5/ccache/ccfns.c
===================================================================
--- trunk/src/lib/krb5/ccache/ccfns.c 2011-09-05 16:26:30 UTC (rev 25154)
+++ trunk/src/lib/krb5/ccache/ccfns.c 2011-09-05 16:26:37 UTC (rev 25155)
@@ -33,6 +33,20 @@
}
krb5_error_code KRB5_CALLCONV
+krb5_cc_get_full_name(krb5_context context, krb5_ccache cache,
+ char **fullname_out)
+{
+ char *name;
+
+ *fullname_out = NULL;
+ if (asprintf(&name, "%s:%s", cache->ops->prefix,
+ cache->ops->get_name(context, cache)) < 0)
+ return ENOMEM;
+ *fullname_out = name;
+ return 0;
+}
+
+krb5_error_code KRB5_CALLCONV
krb5_cc_gen_new(krb5_context context, krb5_ccache *cache)
{
TRACE_CC_GEN_NEW(context, cache);
@@ -323,3 +337,11 @@
krb5_free_cred_contents(context, &mcred);
return ret;
}
+
+krb5_error_code KRB5_CALLCONV
+krb5_cc_switch(krb5_context context, krb5_ccache cache)
+{
+ if (cache->ops->switch_to == NULL)
+ return 0;
+ return cache->ops->switch_to(context, cache);
+}
Modified: trunk/src/lib/krb5/krb/kfree.c
===================================================================
--- trunk/src/lib/krb5/krb/kfree.c 2011-09-05 16:26:30 UTC (rev 25154)
+++ trunk/src/lib/krb5/krb/kfree.c 2011-09-05 16:26:37 UTC (rev 25155)
@@ -522,6 +522,12 @@
}
void KRB5_CALLCONV
+krb5_free_string(krb5_context context, char *val)
+{
+ free(val);
+}
+
+void KRB5_CALLCONV
krb5_free_sam_challenge(krb5_context ctx, krb5_sam_challenge *sc)
{
if (!sc)
Modified: trunk/src/lib/krb5/libkrb5.exports
===================================================================
--- trunk/src/lib/krb5/libkrb5.exports 2011-09-05 16:26:30 UTC (rev 25154)
+++ trunk/src/lib/krb5/libkrb5.exports 2011-09-05 16:26:37 UTC (rev 25155)
@@ -183,6 +183,7 @@
krb5_build_principal_alloc_va
krb5_build_principal_ext
krb5_build_principal_va
+krb5_cc_cache_match
krb5_cc_close
krb5_cc_copy_creds
krb5_cc_default
@@ -194,6 +195,7 @@
krb5_cc_file_ops
krb5_cc_gen_new
krb5_cc_get_config
+krb5_cc_get_full_name
krb5_cc_get_name
krb5_cc_get_principal
krb5_cc_get_type
@@ -210,6 +212,8 @@
krb5_cc_set_flags
krb5_cc_start_seq_get
krb5_cc_store_cred
+krb5_cc_support_switch
+krb5_cc_switch
krb5_cccol_cursor_free
krb5_cccol_cursor_new
krb5_cccol_cursor_next
@@ -322,6 +326,7 @@
krb5_free_sam_response_2
krb5_free_sam_response_2_contents
krb5_free_sam_response_contents
+krb5_free_string
krb5_free_tgt_creds
krb5_free_ticket
krb5_free_tickets
Modified: trunk/src/lib/krb5_32.def
===================================================================
--- trunk/src/lib/krb5_32.def 2011-09-05 16:26:30 UTC (rev 25154)
+++ trunk/src/lib/krb5_32.def 2011-09-05 16:26:37 UTC (rev 25155)
@@ -412,3 +412,8 @@
krb5_init_context_profile @386
krb5int_c_mandatory_cksumtype @387 ; PRIVATE GSSAPI
krb5int_arcfour_gsscrypt @388 ; PRIVATE GSSAPI
+ krb5_cc_cache_match @389
+ krb5_cc_get_full_name @390
+ krb5_cc_support_switch @391
+ krb5_cc_switch @392
+ krb5_free_string @393
More information about the cvs-krb5
mailing list