Permalink
Browse files

Unify krb5_get_init_creds_keytab code paths

Use krb5_init_creds_set_keytab in krb5_get_init_creds_keytab, so that
processing added to the former will be used by the latter.  This is
slightly awkward because of the way we do the use_master fallback, in
that we have to duplicate some of krb5int_get_init_creds.

Based on a patch from Stef Walter.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25817 dc483132-0cff-0310-8789-dd5450dbe970
  • Loading branch information...
1 parent 343b0f7 commit d1da158f47ea604bed4d5db5e98a976a9e54ccd0 @greghudson greghudson committed Apr 19, 2012
Showing with 55 additions and 15 deletions.
  1. +2 −1 src/lib/krb5/krb/deps
  2. +5 −6 src/lib/krb5/krb/get_in_tkt.c
  3. +44 −8 src/lib/krb5/krb/gic_keytab.c
  4. +4 −0 src/lib/krb5/krb/int-proto.h
View
@@ -473,7 +473,8 @@ gic_keytab.so gic_keytab.po $(OUTPRE)gic_keytab.$(OBJEXT): \
$(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
$(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
$(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
- $(top_srcdir)/include/socket-utils.h gic_keytab.c init_creds_ctx.h
+ $(top_srcdir)/include/socket-utils.h gic_keytab.c init_creds_ctx.h \
+ int-proto.h
gic_opt.so gic_opt.po $(OUTPRE)gic_opt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
@@ -542,10 +542,9 @@ krb5_init_creds_free(krb5_context context,
free(ctx);
}
-static krb5_error_code
-init_creds_get(krb5_context context,
- krb5_init_creds_context ctx,
- int *use_master)
+krb5_error_code
+k5_init_creds_get(krb5_context context, krb5_init_creds_context ctx,
+ int *use_master)
{
krb5_error_code code;
krb5_data request;
@@ -599,7 +598,7 @@ krb5_init_creds_get(krb5_context context,
{
int use_master = 0;
- return init_creds_get(context, ctx, &use_master);
+ return k5_init_creds_get(context, ctx, &use_master);
}
krb5_error_code KRB5_CALLCONV
@@ -1664,7 +1663,7 @@ krb5int_get_init_creds(krb5_context context,
goto cleanup;
}
- code = init_creds_get(context, ctx, use_master);
+ code = k5_init_creds_get(context, ctx, use_master);
if (code != 0)
goto cleanup;
@@ -26,6 +26,7 @@
#ifndef LEAN_CLIENT
#include "k5-int.h"
+#include "int-proto.h"
#include "init_creds_ctx.h"
static krb5_error_code
@@ -87,6 +88,44 @@ krb5_init_creds_set_keytab(krb5_context context,
return 0;
}
+static krb5_error_code
+get_init_creds_keytab(krb5_context context, krb5_creds *creds,
+ krb5_principal client, krb5_keytab keytab,
+ krb5_deltat start_time, char *in_tkt_service,
+ krb5_get_init_creds_opt *options, int *use_master)
+{
+ krb5_error_code ret;
+ krb5_init_creds_context ctx = NULL;
+
+ ret = krb5_init_creds_init(context, client, NULL, NULL, start_time,
+ options, &ctx);
+ if (ret != 0)
+ goto cleanup;
+
+ if (in_tkt_service) {
+ ret = krb5_init_creds_set_service(context, ctx, in_tkt_service);
+ if (ret != 0)
+ goto cleanup;
+ }
+
+ ret = krb5_init_creds_set_keytab(context, ctx, keytab);
+ if (ret != 0)
+ goto cleanup;
+
+ ret = k5_init_creds_get(context, ctx, use_master);
+ if (ret != 0)
+ goto cleanup;
+
+ ret = krb5_init_creds_get_creds(context, ctx, creds);
+ if (ret != 0)
+ goto cleanup;
+
+cleanup:
+ krb5_init_creds_free(context, ctx);
+
+ return ret;
+}
+
krb5_error_code KRB5_CALLCONV
krb5_get_init_creds_keytab(krb5_context context,
krb5_creds *creds,
@@ -111,10 +150,8 @@ krb5_get_init_creds_keytab(krb5_context context,
/* first try: get the requested tkt from any kdc */
- ret = krb5int_get_init_creds(context, creds, client, NULL, NULL,
- start_time, in_tkt_service, options,
- get_as_key_keytab, (void *) keytab,
- &use_master,NULL);
+ ret = get_init_creds_keytab(context, creds, client, keytab, start_time,
+ in_tkt_service, options, &use_master);
/* check for success */
@@ -132,10 +169,9 @@ krb5_get_init_creds_keytab(krb5_context context,
if (!use_master) {
use_master = 1;
- ret2 = krb5int_get_init_creds(context, creds, client, NULL, NULL,
- start_time, in_tkt_service, options,
- get_as_key_keytab, (void *) keytab,
- &use_master, NULL);
+ ret2 = get_init_creds_keytab(context, creds, client, keytab,
+ start_time, in_tkt_service, options,
+ &use_master);
if (ret2 == 0) {
ret = 0;
@@ -196,4 +196,8 @@ krb5int_mk_setpw_req(krb5_context context, krb5_auth_context auth_context,
void
k5_ccselect_free_context(krb5_context context);
+krb5_error_code
+k5_init_creds_get(krb5_context context, krb5_init_creds_context ctx,
+ int *use_master);
+
#endif /* KRB5_INT_FUNC_PROTO__ */

0 comments on commit d1da158

Please sign in to comment.