Implement cccol iterators for mslsa

Also implement  switch_to stub

Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
(cherry picked from commit 218193bb93d8cf9fd82087533c45602b6a8c5151)

Fix macro redefinition warnings in cc_mslsa.c

Include ntstatus.h and define WIN32_NO_STATUS before including winnt.h

Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
(cherry picked from commit ee6fbe222b34b28c617d4e6df994700af471b1b6)

fix leak in cc_mslsa.c

cc_name needs to be freed in krb5_lcc_close().

Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
(cherry picked from commit dcd9202f058830eacbbdfd0dd26bd82d8101e8fd)

ticket: 7213
version_fixed: 1.10.3
status: resolved

diff --git a/src/lib/krb5/ccache/cc_mslsa.c b/src/lib/krb5/ccache/cc_mslsa.c
index 3d579d6e8ef655dabb6586abb6d8635fde319868..de1dcb3b026a604b23b00e8f78f5372be3bd143b 100644 (file)
--- a/src/lib/krb5/ccache/cc_mslsa.c
+++ b/src/lib/krb5/ccache/cc_mslsa.c
@@ -53,6 +53,8 @@
 #define UNICODE
 #define _UNICODE
 
+#include <ntstatus.h>
+#define WIN32_NO_STATUS
 #include "k5-int.h"
 #include "com_err.h"
 #include "cc-int.h"
@@ -70,7 +72,6 @@
 #endif
 #define _WIN32_WINNT 0x0600
 #include <ntsecapi.h>
-#include <ntstatus.h>
 
 
 /* The following two features can only be built using the version of the
@@ -2161,6 +2162,8 @@ krb5_lcc_close(krb5_context context, krb5_ccache id)
 
         if (data) {
             LsaDeregisterLogonProcess(data->LogonHandle);
+            if (data->cc_name)
+                free(data->cc_name);
             free(data);
         }
         free(id);
@@ -2735,6 +2738,58 @@ krb5_lcc_get_flags(krb5_context context, krb5_ccache id, krb5_flags *flags)
     return KRB5_OK;
 }
 
+struct krb5int_lcc_iterator {
+    int id;
+};
+
+static krb5_error_code KRB5_CALLCONV
+krb5_lcc_ptcursor_new(krb5_context context, krb5_cc_ptcursor *cursor)
+{
+    krb5_cc_ptcursor new_cursor = (krb5_cc_ptcursor )malloc(sizeof(*new_cursor));
+    if (!new_cursor)
+        return ENOMEM;
+    new_cursor->ops = &krb5_lcc_ops;
+    new_cursor->data = (krb5_pointer)(1);
+    *cursor = new_cursor;
+    new_cursor = NULL;
+    return 0;
+}
+
+static krb5_error_code KRB5_CALLCONV
+krb5_lcc_ptcursor_next(krb5_context context, krb5_cc_ptcursor cursor, krb5_ccache *ccache)
+{
+    krb5_error_code code = 0;
+    *ccache = 0;
+    if (cursor->data == NULL)
+        return 0;
+
+    cursor->data = NULL;
+    if ((code = krb5_lcc_resolve(context, ccache, ""))) {
+        if (code != KRB5_FCC_NOFILE)
+            /* Note that we only want to return serious errors.
+             * Any non-zero return code will prevent the cccol iterator
+             * from advancing to the next ccache collection. */
+            return code;
+    }
+    return 0;
+}
+
+static krb5_error_code KRB5_CALLCONV
+krb5_lcc_ptcursor_free(krb5_context context, krb5_cc_ptcursor *cursor)
+{
+    if (*cursor) {
+        free(*cursor);
+        *cursor = NULL;
+    }
+    return 0;
+}
+
+static krb5_error_code KRB5_CALLCONV
+krb5_lcc_switch_to(krb5_context context, krb5_ccache id)
+{
+    return 0;
+}
+
 const krb5_cc_ops krb5_lcc_ops = {
     0,
     "MSLSA",
@@ -2753,12 +2808,14 @@ const krb5_cc_ops krb5_lcc_ops = {
     krb5_lcc_remove_cred,
     krb5_lcc_set_flags,
     krb5_lcc_get_flags,
-    NULL,
-    NULL,
-    NULL,
-    NULL,
-    NULL,
-    NULL,
-    NULL,
+    krb5_lcc_ptcursor_new,
+    krb5_lcc_ptcursor_next,
+    krb5_lcc_ptcursor_free,
+    NULL, /* move */
+    NULL, /* lastchange */
+    NULL, /* wasdefault */
+    NULL, /* lock */
+    NULL, /* unlock */
+    krb5_lcc_switch_to,
 };
 #endif /* _WIN32 */