* and options. The fields of *mcreds will be aliased to the fields
* of in_creds, so the contents of *mcreds should not be freed.
*/
-krb5_error_code
-krb5int_construct_matching_creds(krb5_context context, krb5_flags options,
- krb5_creds *in_creds, krb5_creds *mcreds,
- krb5_flags *fields)
+static krb5_error_code
+construct_matching_creds(krb5_context context, krb5_flags options,
+ krb5_creds *in_creds, krb5_creds *mcreds,
+ krb5_flags *fields)
{
if (!in_creds || !in_creds->server || !in_creds->client)
return EINVAL;
return 0;
}
+/* Simple wrapper around krb5_cc_retrieve_cred which allocates the result
+ * container. */
+static krb5_error_code
+cache_get(krb5_context context, krb5_ccache ccache, krb5_flags flags,
+ krb5_creds *in_creds, krb5_creds **out_creds)
+{
+ krb5_error_code code;
+ krb5_creds *creds;
+
+ *out_creds = NULL;
+
+ creds = malloc(sizeof(*creds));
+ if (creds == NULL)
+ return ENOMEM;
+
+ code = krb5_cc_retrieve_cred(context, ccache, flags, in_creds, creds);
+ if (code != 0) {
+ free(creds);
+ return code;
+ }
+
+ *out_creds = creds;
+ return 0;
+}
+
+krb5_error_code
+k5_get_cached_cred(krb5_context context, krb5_flags options,
+ krb5_ccache ccache, krb5_creds *in_creds,
+ krb5_creds **creds_out)
+{
+ krb5_error_code code;
+ krb5_creds mcreds;
+ krb5_flags fields;
+
+ *creds_out = NULL;
+
+ code = construct_matching_creds(context, options, in_creds,
+ &mcreds, &fields);
+ if (code)
+ return code;
+
+ return cache_get(context, ccache, fields, &mcreds, creds_out);
+}
+
/*
* krb5_tkt_creds_step() is implemented using a tail call style. Every
* begin_*, step_*, or *_request function is responsible for returning an
return code;
}
-/* Simple wrapper around krb5_cc_retrieve_cred which allocates the result
- * container. */
-static krb5_error_code
-cache_get(krb5_context context, krb5_ccache ccache, krb5_flags flags,
- krb5_creds *in_creds, krb5_creds **out_creds)
-{
- krb5_error_code code;
- krb5_creds *creds;
-
- *out_creds = NULL;
-
- creds = malloc(sizeof(*creds));
- if (creds == NULL)
- return ENOMEM;
-
- code = krb5_cc_retrieve_cred(context, ccache, flags, in_creds, creds);
- if (code != 0) {
- free(creds);
- return code;
- }
-
- *out_creds = creds;
- return 0;
-}
-
/*
* Set up the request given by ctx->tgs_in_creds, using ctx->cur_tgt. KDC
* options for the requests are determined by ctx->cur_tgt->ticket_flags and
check_cache(krb5_context context, krb5_tkt_creds_context ctx)
{
krb5_error_code code;
- krb5_creds mcreds;
- krb5_flags fields;
krb5_creds req_in_creds;
/* Check the cache for the originally requested server principal. */
req_in_creds = *ctx->in_creds;
req_in_creds.server = ctx->req_server;
- code = krb5int_construct_matching_creds(context, ctx->req_options,
- &req_in_creds, &mcreds, &fields);
- if (code)
- return code;
- code = cache_get(context, ctx->ccache, fields, &mcreds, &ctx->reply_creds);
+ code = k5_get_cached_cred(context, ctx->req_options, ctx->ccache,
+ &req_in_creds, &ctx->reply_creds);
if (code == 0) {
ctx->state = STATE_COMPLETE;
return 0;
krb5_plugin_vtable vtable);
krb5_error_code
-krb5int_construct_matching_creds(krb5_context context, krb5_flags options,
- krb5_creds *in_creds, krb5_creds *mcreds,
- krb5_flags *fields);
+k5_get_cached_cred(krb5_context context, krb5_flags options,
+ krb5_ccache ccache, krb5_creds *in_creds,
+ krb5_creds **creds_out);
#define IS_TGS_PRINC(p) ((p)->length == 2 && \
data_eq_string((p)->data[0], KRB5_TGS_NAME))
{
krb5_error_code code;
krb5_const_principal canonprinc;
- krb5_creds mcreds, copy, *creds, *ncreds;
- krb5_flags fields;
+ krb5_creds copy, *creds;
struct canonprinc iter = { in_creds->server, .no_hostrealm = TRUE };
*out_creds = NULL;
- code = krb5int_construct_matching_creds(context, options, in_creds,
- &mcreds, &fields);
- if (code != 0)
- return code;
-
- ncreds = calloc(1, sizeof(*ncreds));
- if (ncreds == NULL)
- return ENOMEM;
- ncreds->magic = KV5M_CRED;
-
- code = krb5_cc_retrieve_cred(context, ccache, fields, &mcreds, ncreds);
- if (code) {
- free(ncreds);
- } else {
- *out_creds = ncreds;
- }
-
+ code = k5_get_cached_cred(context, options, ccache, in_creds, out_creds);
if ((code != KRB5_CC_NOTFOUND && code != KRB5_CC_NOT_KTYPE) ||
options & KRB5_GC_CACHED)
return code;
projects / thirdparty / krb5.git / commitdiff
