{
int i=0;
krb5_ccache * cc_other;
- const char * cc_def_name;
- const char * cc_other_name;
krb5_error_code retval=0;
krb5_creds ** cc_def_creds_arr = NULL;
krb5_creds ** cc_other_creds_arr = NULL;
- struct stat st_temp;
cc_other = (krb5_ccache *) xcalloc(1, sizeof (krb5_ccache));
return retval;
}
- cc_def_name = krb5_cc_get_name(context, cc_def);
- cc_other_name = krb5_cc_get_name(context, *cc_other);
-
- if ( ! stat(cc_def_name, &st_temp)){
+ if (ks_ccache_is_initialized(context, cc_def)) {
if((retval = krb5_get_nonexp_tkts(context,cc_def,&cc_def_creds_arr))){
return retval;
}
}
- if (!lstat( cc_other_name, &st_temp))
+ if (ks_ccache_name_is_initialized(context, cc_other_tag))
return EINVAL;
if (krb5_seteuid(0)||krb5_seteuid(target_uid)) {
krb5_ccache cct;
krb5_principal primary_principal;
{
- const char * cct_name;
- const char * ccs_name;
krb5_error_code retval=0;
krb5_principal temp_principal;
krb5_creds ** ccs_creds_arr = NULL;
int i=0;
- struct stat st_temp;
- ccs_name = krb5_cc_get_name(context, ccs);
- cct_name = krb5_cc_get_name(context, cct);
-
- if ( ! stat(ccs_name, &st_temp)){
+ if (ks_ccache_is_initialized(context, ccs)) {
if ((retval = krb5_get_nonexp_tkts(context, ccs, &ccs_creds_arr))){
return retval;
}
}
- if ( ! stat(cct_name, &st_temp)){
+ if (ks_ccache_is_initialized(context, cct)) {
if ((retval = krb5_cc_get_principal(context, cct, &temp_principal))){
return retval;
}
krb5_creds ** cc_creds_arr = NULL;
const char * cc_name;
krb5_boolean stored;
- struct stat st_temp;
cc_name = krb5_cc_get_name(context, cc);
- if ( ! stat(cc_name, &st_temp)){
-
+ if (ks_ccache_is_initialized(context, cc)) {
if (auth_debug) {
fprintf(stderr,"putting cache %s through a filter for -z option\n", cc_name);
}
{
krb5_error_code retval;
krb5_creds ** creds_list = NULL;
- const char * cc_name;
- struct stat st_temp;
-
- cc_name = krb5_cc_get_name(context, cc);
- if ( ! stat(cc_name, &st_temp)){
+ if (ks_ccache_is_initialized(context, cc)) {
if ((retval = krb5_get_nonexp_tkts(context, cc, &creds_list))){
return retval;
}
*found = krb5_find_princ_in_cred_list(context, creds_list, princ);
return 0;
}
+
+krb5_boolean
+ks_ccache_name_is_initialized(krb5_context context, const char *cctag)
+{
+ krb5_boolean result;
+ krb5_ccache cc;
+
+ if (krb5_cc_resolve(context, cctag, &cc) != 0)
+ return FALSE;
+ result = ks_ccache_is_initialized(context, cc);
+ krb5_cc_close(context, cc);
+
+ return result;
+}
+
+krb5_boolean
+ks_ccache_is_initialized(krb5_context context, krb5_ccache cc)
+{
+ krb5_principal princ;
+ krb5_error_code retval;
+
+ if (cc == NULL)
+ return FALSE;
+
+ retval = krb5_cc_get_principal(context, cc, &princ);
+ if (retval == 0)
+ krb5_free_principal(context, princ);
+
+ return retval == 0;
+}
krb5_principal kdc_server;
krb5_error_code retval;
krb5_boolean temp_found = FALSE;
- const char * cc_source_name;
- struct stat st_temp;
- cc_source_name = krb5_cc_get_name(context, cc);
-
- if ( ! stat(cc_source_name, &st_temp)){
+ if (ks_ccache_is_initialized(context, cc)) {
retval = find_ticket(context, cc, client, end_server, &temp_found);
if (retval)
{
princ_info princ_trials[10];
- const char * cc_source_name;
krb5_principal cc_def_princ = NULL;
krb5_principal temp_client;
krb5_principal target_client;
struct stat tb;
int count =0;
int i;
- struct stat st_temp;
*path_out = 0;
if (options->princ)
return 0;
- cc_source_name = krb5_cc_get_name(context, cc_source);
-
-
- if (! stat(cc_source_name, &st_temp)) {
+ if (ks_ccache_is_initialized(context, cc_source)) {
retval = krb5_cc_get_principal(context, cc_source, &cc_def_princ);
if (retval)
return retval;
(krb5_context, krb5_ccache, krb5_creds **, krb5_creds **,
krb5_principal, krb5_boolean *);
+extern krb5_boolean ks_ccache_name_is_initialized
+(krb5_context, const char *);
+
+extern krb5_boolean ks_ccache_is_initialized
+(krb5_context, krb5_ccache);
+
extern krb5_error_code krb5_ccache_refresh
(krb5_context, krb5_ccache);
extern krb5_error_code get_params (int *, int, char **, char ***);
-extern char *get_dir_of_file (const char *);
-
/* heuristic.c */
extern krb5_error_code get_all_princ_from_file (FILE *, char ***);
__attribute__ ((__format__ (__printf__, 1, 2)))
#endif
;
-char * get_dir_of_file();
/* Note -e and -a options are mutually exclusive */
/* insure the proper specification of target user as well as catching
const char * cc_source_tag = NULL;
uid_t source_gid;
const char * cc_source_tag_tmp = NULL;
- char * cc_target_tag_tmp=NULL;
char * cmd = NULL, * exec_cmd = NULL;
int errflg = 0;
krb5_boolean auth_val;
extern char * getpass(), *crypt();
int pargc;
char ** pargv;
- struct stat st_temp;
krb5_boolean stored = FALSE;
krb5_principal kdc_server;
krb5_boolean zero_password;
- char * dir_of_cc_target;
krb5_boolean restrict_creds;
options.opt = KRB5_DEFAULT_OPTIONS;
if ( strchr(cc_source_tag, ':')){
cc_source_tag_tmp = strchr(cc_source_tag, ':') + 1;
- if( stat( cc_source_tag_tmp, &st_temp)){
+ if (!ks_ccache_name_is_initialized(ksu_context,
+ cc_source_tag)) {
com_err(prog_name, errno,
- _("while looking for credentials file %s"),
+ _("while looking for credentials cache %s"),
cc_source_tag_tmp);
exit (1);
}
exit(1);
}
- if (cc_target_tag == NULL) {
-
- cc_target_tag = (char *)xcalloc(KRB5_SEC_BUFFSIZE ,sizeof(char));
- /* make sure that the new ticket file does not already exist
- This is run as source_uid because it is reasonable to
- require the source user to have write to where the target
- cache will be created.*/
-
- do {
- snprintf(cc_target_tag, KRB5_SEC_BUFFSIZE, "%s%ld.%d",
- KRB5_SECONDARY_CACHE,
- (long) target_uid, gen_sym());
- cc_target_tag_tmp = strchr(cc_target_tag, ':') + 1;
-
- }while ( !stat ( cc_target_tag_tmp, &st_temp));
- }
-
-
- dir_of_cc_target = get_dir_of_file(cc_target_tag_tmp);
-
- if (access(dir_of_cc_target, R_OK | W_OK )){
- fprintf(stderr,
- _("%s does not have correct permissions for %s\n"),
- source_user, cc_target_tag);
- exit(1);
- }
+ /*
+ * Make sure that the new ticket file does not already exist.
+ * This is run as source_uid because it is reasonable to
+ * require the source user to have write to where the target
+ * cache will be created.
+ */
+ cc_target_tag = (char *)xcalloc(KRB5_SEC_BUFFSIZE, sizeof(char));
+ do {
+ snprintf(cc_target_tag, KRB5_SEC_BUFFSIZE, "%s%ld.%d",
+ KRB5_SECONDARY_CACHE,
+ (long)target_uid, gen_sym());
+ } while (ks_ccache_name_is_initialized(ksu_context, cc_target_tag));
if (auth_debug){
fprintf(stderr, " source cache = %s\n", cc_source_tag);
exit(1);
}
- if (access( cc_target_tag_tmp, R_OK | W_OK )){
- com_err(prog_name, errno,
- _("%s does not have correct permissions for %s, %s aborted"),
- target_user, cc_target_tag_tmp, prog_name);
- exit(1);
- }
-
if ( cc_source)
krb5_cc_close(ksu_context, cc_source);
krb5_ccache cc;
{
krb5_error_code retval;
- const char * cc_name;
- struct stat st_temp;
krb5_seteuid(0);
if (krb5_seteuid(target_uid) < 0) {
exit(1);
}
- cc_name = krb5_cc_get_name(context, cc);
- if ( ! stat(cc_name, &st_temp)){
+ if (ks_ccache_is_initialized(context, cc)) {
if ((retval = krb5_cc_destroy(context, cc)))
com_err(prog_name, retval, _("while destroying cache"));
}
}
}
-
-char *get_dir_of_file(path)
- const char *path;
-{
- char * temp_path;
- char * ptr;
-
- temp_path = xstrdup(path);
-
- if ((ptr = strrchr( temp_path, '/'))) {
- *ptr = '\0';
- } else {
- free (temp_path);
- temp_path = xmalloc(MAXPATHLEN);
- if (temp_path)
- getcwd(temp_path, MAXPATHLEN);
- }
- return temp_path;
-}
-
krb5_error_code
ksu_tgtname(context, server, client, tgtprinc)
krb5_context context;
projects / thirdparty / krb5.git / commitdiff
