summaryrefslogtreecommitdiff
path: root/src/providers
diff options
context:
space:
mode:
Diffstat (limited to 'src/providers')
-rw-r--r--src/providers/krb5/krb5_child.c49
-rw-r--r--src/providers/krb5/krb5_utils.c61
2 files changed, 22 insertions, 88 deletions
diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c
index 4d12b90a..a7999b7e 100644
--- a/src/providers/krb5/krb5_child.c
+++ b/src/providers/krb5/krb5_child.c
@@ -1147,51 +1147,6 @@ done:
}
-static char * get_ccache_name_by_principal(TALLOC_CTX *mem_ctx,
- krb5_context ctx,
- krb5_principal principal,
- const char *ccname)
-{
- krb5_error_code kerr;
- krb5_ccache tmp_cc = NULL;
- char *tmp_ccname = NULL;
- char *ret_ccname = NULL;
-
- kerr = krb5_cc_set_default_name(ctx, ccname);
- if (kerr != 0) {
- KRB5_CHILD_DEBUG(SSSDBG_MINOR_FAILURE, kerr);
- return NULL;
- }
-
- kerr = krb5_cc_cache_match(ctx, principal, &tmp_cc);
- if (kerr != 0) {
- KRB5_CHILD_DEBUG(SSSDBG_TRACE_INTERNAL, kerr);
- return NULL;
- }
-
- kerr = krb5_cc_get_full_name(ctx, tmp_cc, &tmp_ccname);
- if (kerr !=0) {
- KRB5_CHILD_DEBUG(SSSDBG_MINOR_FAILURE, kerr);
- goto done;
- }
-
- ret_ccname = talloc_strdup(mem_ctx, tmp_ccname);
- if (ret_ccname == NULL) {
- DEBUG(SSSDBG_OP_FAILURE, ("talloc_strdup failed (ENOMEM).\n"));
- }
-
-done:
- if (tmp_cc != NULL) {
- kerr = krb5_cc_close(ctx, tmp_cc);
- if (kerr != 0) {
- KRB5_CHILD_DEBUG(SSSDBG_MINOR_FAILURE, kerr);
- }
- }
- krb5_free_string(ctx, tmp_ccname);
-
- return ret_ccname;
-}
-
static krb5_error_code get_and_save_tgt(struct krb5_req *kr,
const char *password)
{
@@ -1250,8 +1205,8 @@ static krb5_error_code get_and_save_tgt(struct krb5_req *kr,
* directly with file ccache (DIR::/...), but cache collection
* should be returned back to back end.
*/
- cc_name = get_ccache_name_by_principal(kr->pd, kr->ctx, principal,
- kr->ccname);
+ cc_name = sss_get_ccache_name_for_principal(kr->pd, kr->ctx, principal,
+ kr->ccname);
if (cc_name == NULL) {
cc_name = kr->ccname;
}
diff --git a/src/providers/krb5/krb5_utils.c b/src/providers/krb5/krb5_utils.c
index 860c71b0..1b6d57c6 100644
--- a/src/providers/krb5/krb5_utils.c
+++ b/src/providers/krb5/krb5_utils.c
@@ -969,32 +969,6 @@ cc_dir_create(const char *location, pcre *illegal_re,
return create_ccache_dir_head(dir_name, illegal_re, uid, gid, private_path);
}
-static krb5_error_code
-get_ccache_for_princ(krb5_context context, const char *location,
- const char *princ, krb5_ccache *_ccache)
-{
- krb5_error_code krberr;
- krb5_principal client_principal = NULL;
-
- krberr = krb5_cc_set_default_name(context, location);
- if (krberr != 0) {
- KRB5_DEBUG(SSSDBG_OP_FAILURE, context, krberr);
- DEBUG(SSSDBG_CRIT_FAILURE, ("krb5_cc_resolve failed.\n"));
- return krberr;
- }
-
- krberr = krb5_parse_name(context, princ, &client_principal);
- if (krberr != 0) {
- KRB5_DEBUG(SSSDBG_OP_FAILURE, context, krberr);
- DEBUG(SSSDBG_CRIT_FAILURE, ("krb5_parse_name failed.\n"));
- return krberr;
- }
-
- krberr = krb5_cc_cache_match(context, client_principal, _ccache);
- krb5_free_principal(context, client_principal);
- return krberr;
-}
-
errno_t
cc_dir_check_existing(const char *location, uid_t uid,
const char *realm, const char *princ,
@@ -1138,9 +1112,9 @@ cc_dir_cache_for_princ(TALLOC_CTX *mem_ctx, const char *location,
{
krb5_context context = NULL;
krb5_error_code krberr;
- krb5_ccache ccache = NULL;
- char *name;
+ char *name = NULL;
const char *ccname;
+ krb5_principal client_principal = NULL;
ccname = sss_krb5_residual_check_type(location, SSS_KRB5_TYPE_DIR);
if (!ccname) {
@@ -1160,27 +1134,32 @@ cc_dir_cache_for_princ(TALLOC_CTX *mem_ctx, const char *location,
return NULL;
}
- krberr = get_ccache_for_princ(context, location, princ, &ccache);
- if (krberr) {
- DEBUG(SSSDBG_TRACE_FUNC, ("No principal for %s in %s\n",
- princ, location));
- krb5_free_context(context);
- return NULL;
+ krberr = krb5_parse_name(context, princ, &client_principal);
+ if (krberr != 0) {
+ KRB5_DEBUG(SSSDBG_OP_FAILURE, context, krberr);
+ DEBUG(SSSDBG_CRIT_FAILURE, ("krb5_parse_name failed.\n"));
+ goto done;
}
/* This function is called only as a way to validate that,
* we have the right cache
*/
- krberr = krb5_cc_get_full_name(context, ccache, &name);
- if (ccache) krb5_cc_close(context, ccache);
- krb5_free_context(context);
- if (krberr) {
- KRB5_DEBUG(SSSDBG_OP_FAILURE, context, krberr);
+ name = sss_get_ccache_name_for_principal(mem_ctx, context,
+ client_principal, location);
+ if (name == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE, ("Could not get full name of ccache\n"));
- return NULL;
+ goto done;
}
- return talloc_strdup(mem_ctx, location);
+ talloc_zfree(name);
+ /* everytime return location for dir_cache */
+ name = talloc_strdup(mem_ctx, location);
+
+done:
+ krb5_free_principal(context, client_principal);
+ krb5_free_context(context);
+
+ return name;
}
errno_t
generated by cgit (git 2.34.1) at 2024-06-02 13:24:41 +0000