source: vendor/3.5.0/source4/auth/kerberos/kerberos.c

Last change on this file was 414, checked in by Herwig Bauernfeind, 16 years ago

Samba 3.5.0: Initial import
File size: 3.5 KB
Line 
1/*
2 Unix SMB/CIFS implementation.
3 kerberos utility library
4 Copyright (C) Andrew Tridgell 2001
5 Copyright (C) Remus Koos 2001
6 Copyright (C) Nalin Dahyabhai 2004.
7 Copyright (C) Jeremy Allison 2004.
8 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004-2005
9
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
14
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
19
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
22*/
23
24#include "includes.h"
25#include "system/kerberos.h"
26#include "auth/kerberos/kerberos.h"
27
28#ifdef HAVE_KRB5
29
30/*
31 simulate a kinit, putting the tgt in the given credentials cache.
32 Orignally by remus@snapserver.com
33
34 This version is built to use a keyblock, rather than needing the
35 original password.
36*/
37 krb5_error_code kerberos_kinit_keyblock_cc(krb5_context ctx, krb5_ccache cc,
38 krb5_principal principal, krb5_keyblock *keyblock,
39 time_t *expire_time, time_t *kdc_time)
40{
41 krb5_error_code code = 0;
42 krb5_creds my_creds;
43 krb5_get_init_creds_opt *options;
44
45 if ((code = krb5_get_init_creds_opt_alloc(ctx, &options))) {
46 return code;
47 }
48
49 krb5_get_init_creds_opt_set_default_flags(ctx, NULL, NULL, options);
50
51 if ((code = krb5_get_init_creds_keyblock(ctx, &my_creds, principal, keyblock,
52 0, NULL, options))) {
53 return code;
54 }
55
56 if ((code = krb5_cc_initialize(ctx, cc, principal))) {
57 krb5_get_init_creds_opt_free(ctx, options);
58 krb5_free_cred_contents(ctx, &my_creds);
59 return code;
60 }
61
62 if ((code = krb5_cc_store_cred(ctx, cc, &my_creds))) {
63 krb5_get_init_creds_opt_free(ctx, options);
64 krb5_free_cred_contents(ctx, &my_creds);
65 return code;
66 }
67
68 if (expire_time) {
69 *expire_time = (time_t) my_creds.times.endtime;
70 }
71
72 if (kdc_time) {
73 *kdc_time = (time_t) my_creds.times.starttime;
74 }
75
76 krb5_get_init_creds_opt_free(ctx, options);
77 krb5_free_cred_contents(ctx, &my_creds);
78
79 return 0;
80}
81
82/*
83 simulate a kinit, putting the tgt in the given credentials cache.
84 Orignally by remus@snapserver.com
85*/
86 krb5_error_code kerberos_kinit_password_cc(krb5_context ctx, krb5_ccache cc,
87 krb5_principal principal, const char *password,
88 time_t *expire_time, time_t *kdc_time)
89{
90 krb5_error_code code = 0;
91 krb5_creds my_creds;
92 krb5_get_init_creds_opt *options;
93
94 if ((code = krb5_get_init_creds_opt_alloc(ctx, &options))) {
95 return code;
96 }
97
98 krb5_get_init_creds_opt_set_default_flags(ctx, NULL, NULL, options);
99
100 if ((code = krb5_get_init_creds_password(ctx, &my_creds, principal, password,
101 NULL,
102 NULL, 0, NULL, options))) {
103 return code;
104 }
105
106 if ((code = krb5_cc_initialize(ctx, cc, principal))) {
107 krb5_get_init_creds_opt_free(ctx, options);
108 krb5_free_cred_contents(ctx, &my_creds);
109 return code;
110 }
111
112 if ((code = krb5_cc_store_cred(ctx, cc, &my_creds))) {
113 krb5_get_init_creds_opt_free(ctx, options);
114 krb5_free_cred_contents(ctx, &my_creds);
115 return code;
116 }
117
118 if (expire_time) {
119 *expire_time = (time_t) my_creds.times.endtime;
120 }
121
122 if (kdc_time) {
123 *kdc_time = (time_t) my_creds.times.starttime;
124 }
125
126 krb5_get_init_creds_opt_free(ctx, options);
127 krb5_free_cred_contents(ctx, &my_creds);
128
129 return 0;
130}
131
132
133#endif
Note: See TracBrowser for help on using the repository browser.