root/source4/auth/kerberos/kerberos.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. kerberos_kinit_keyblock_cc
  2. kerberos_kinit_password_cc

   1 /* 
   2    Unix SMB/CIFS implementation.
   3    kerberos utility library
   4    Copyright (C) Andrew Tridgell 2001
   5    Copyright (C) Remus Koos 2001
   6    Copyright (C) Nalin Dahyabhai 2004.
   7    Copyright (C) Jeremy Allison 2004.
   8    Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004-2005
   9 
  10    This program is free software; you can redistribute it and/or modify
  11    it under the terms of the GNU General Public License as published by
  12    the Free Software Foundation; either version 3 of the License, or
  13    (at your option) any later version.
  14    
  15    This program is distributed in the hope that it will be useful,
  16    but WITHOUT ANY WARRANTY; without even the implied warranty of
  17    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  18    GNU General Public License for more details.
  19    
  20    You should have received a copy of the GNU General Public License
  21    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  22 */
  23 
  24 #include "includes.h"
  25 #include "system/kerberos.h"
  26 #include "auth/kerberos/kerberos.h"
  27 
  28 #ifdef HAVE_KRB5
  29 
  30 /*
  31   simulate a kinit, putting the tgt in the given credentials cache. 
  32   Orignally by remus@snapserver.com
  33  
  34   This version is built to use a keyblock, rather than needing the
  35   original password.
  36 */
  37  krb5_error_code kerberos_kinit_keyblock_cc(krb5_context ctx, krb5_ccache cc, 
     /* [<][>][^][v][top][bottom][index][help] */
  38                                 krb5_principal principal, krb5_keyblock *keyblock,
  39                                 time_t *expire_time, time_t *kdc_time)
  40 {
  41         krb5_error_code code = 0;
  42         krb5_creds my_creds;
  43         krb5_get_init_creds_opt options;
  44 
  45         krb5_get_init_creds_opt_init(&options);
  46 
  47         krb5_get_init_creds_opt_set_default_flags(ctx, NULL, NULL, &options);
  48 
  49         if ((code = krb5_get_init_creds_keyblock(ctx, &my_creds, principal, keyblock,
  50                                                  0, NULL, &options))) {
  51                 return code;
  52         }
  53         
  54         if ((code = krb5_cc_initialize(ctx, cc, principal))) {
  55                 krb5_free_cred_contents(ctx, &my_creds);
  56                 return code;
  57         }
  58         
  59         if ((code = krb5_cc_store_cred(ctx, cc, &my_creds))) {
  60                 krb5_free_cred_contents(ctx, &my_creds);
  61                 return code;
  62         }
  63         
  64         if (expire_time) {
  65                 *expire_time = (time_t) my_creds.times.endtime;
  66         }
  67 
  68         if (kdc_time) {
  69                 *kdc_time = (time_t) my_creds.times.starttime;
  70         }
  71 
  72         krb5_free_cred_contents(ctx, &my_creds);
  73         
  74         return 0;
  75 }
  76 
  77 /*
  78   simulate a kinit, putting the tgt in the given credentials cache. 
  79   Orignally by remus@snapserver.com
  80 */
  81  krb5_error_code kerberos_kinit_password_cc(krb5_context ctx, krb5_ccache cc, 
     /* [<][>][^][v][top][bottom][index][help] */
  82                                 krb5_principal principal, const char *password, 
  83                                 time_t *expire_time, time_t *kdc_time)
  84 {
  85         krb5_error_code code = 0;
  86         krb5_creds my_creds;
  87         krb5_get_init_creds_opt options;
  88 
  89         krb5_get_init_creds_opt_init(&options);
  90 
  91         krb5_get_init_creds_opt_set_default_flags(ctx, NULL, NULL, &options);
  92 
  93         if ((code = krb5_get_init_creds_password(ctx, &my_creds, principal, password, 
  94                                                  NULL, 
  95                                                  NULL, 0, NULL, &options))) {
  96                 return code;
  97         }
  98         
  99         if ((code = krb5_cc_initialize(ctx, cc, principal))) {
 100                 krb5_free_cred_contents(ctx, &my_creds);
 101                 return code;
 102         }
 103         
 104         if ((code = krb5_cc_store_cred(ctx, cc, &my_creds))) {
 105                 krb5_free_cred_contents(ctx, &my_creds);
 106                 return code;
 107         }
 108         
 109         if (expire_time) {
 110                 *expire_time = (time_t) my_creds.times.endtime;
 111         }
 112 
 113         if (kdc_time) {
 114                 *kdc_time = (time_t) my_creds.times.starttime;
 115         }
 116 
 117         krb5_free_cred_contents(ctx, &my_creds);
 118         
 119         return 0;
 120 }
 121 
 122 
 123 #endif

/* [<][>][^][v][top][bottom][index][help] */