tmpprinc->length = length;
tmpprinc->type = type;
- kret = krb5_fcc_read_data(context, id, krb5_princ_realm(context, tmpprinc));
+ kret = krb5_fcc_read_data(context, id, &tmpprinc->realm);
i = 0;
CHECK(kret);
for (i=0; i < length; i++) {
- kret = krb5_fcc_read_data(context, id, krb5_princ_component(context, tmpprinc, i));
+ kret = krb5_fcc_read_data(context, id, &tmpprinc->data[i]);
CHECK(kret);
}
*princ = tmpprinc;
errout:
while(--i >= 0)
- free(krb5_princ_component(context, tmpprinc, i)->data);
- free(krb5_princ_realm(context, tmpprinc)->data);
+ free(tmpprinc->data[i].data);
+ free(tmpprinc->realm.data);
free(tmpprinc->data);
free(tmpprinc);
return kret;
k5_cc_mutex_assert_locked(context, &((krb5_fcc_data *) id->data)->lock);
- type = krb5_princ_type(context, princ);
- tmp = length = krb5_princ_size(context, princ);
+ type = princ->type;
+ tmp = length = princ->length;
if (data->version == KRB5_FCC_FVNO_1) {
/*
ret = krb5_fcc_store_int32(context, id, tmp);
CHECK(ret);
- ret = krb5_fcc_store_data(context, id, krb5_princ_realm(context, princ));
+ ret = krb5_fcc_store_data(context, id, &princ->realm);
CHECK(ret);
for (i=0; i < length; i++) {
- ret = krb5_fcc_store_data(context, id, krb5_princ_component(context, princ, i));
+ ret = krb5_fcc_store_data(context, id, &princ->data[i]);
CHECK(ret);
}
tmpprinc->length = length;
tmpprinc->type = type;
- kret = krb5_krcc_parse_krb5data(context, id,
- krb5_princ_realm(context, tmpprinc), bc);
+ kret = krb5_krcc_parse_krb5data(context, id, &tmpprinc->realm, bc);
i = 0;
CHECK(kret);
for (i = 0; i < length; i++) {
- kret = krb5_krcc_parse_krb5data(context, id,
- krb5_princ_component(context, tmpprinc,
- i), bc);
+ kret = krb5_krcc_parse_krb5data(context, id, &tmpprinc->data[i], bc);
CHECK(kret);
}
*princ = tmpprinc;
errout:
while (--i >= 0)
- free(krb5_princ_component(context, tmpprinc, i)->data);
- free(krb5_princ_realm(context, tmpprinc)->data);
+ free(tmpprinc->data[i].data);
+ free(tmpprinc->realm.data);
free(tmpprinc->data);
free(tmpprinc);
return kret;
krb5_error_code kret;
krb5_int32 i, length, tmp, type;
- type = krb5_princ_type(context, princ);
- tmp = length = krb5_princ_size(context, princ);
+ type = princ->type;
+ tmp = length = princ->length;
kret = krb5_krcc_unparse_int32(context, id, type, bc);
CHECK_OUT(kret);
kret = krb5_krcc_unparse_int32(context, id, tmp, bc);
CHECK_OUT(kret);
- kret = krb5_krcc_unparse_krb5data(context, id,
- krb5_princ_realm(context, princ), bc);
+ kret = krb5_krcc_unparse_krb5data(context, id, &princ->realm, bc);
CHECK_OUT(kret);
for (i = 0; i < length; i++) {
- kret = krb5_krcc_unparse_krb5data(context, id,
- krb5_princ_component(context, princ,
- i), bc);
+ kret = krb5_krcc_unparse_krb5data(context, id, &princ->data[i], bc);
CHECK_OUT(kret);
}
krb5_is_config_principal(krb5_context context,
krb5_const_principal principal)
{
- const krb5_data *realm;
-
- realm = krb5_princ_realm(context, principal);
+ const krb5_data *realm = &principal->realm;
if (realm->length != sizeof(conf_realm) - 1 ||
memcmp(realm->data, conf_realm, sizeof(conf_realm) - 1) != 0)
}
u_princ_size = princ_size;
- krb5_princ_set_realm_length(context, ret_entry->principal, u_princ_size);
+ ret_entry->principal->realm.length = u_princ_size;
tmpdata = malloc(u_princ_size+1);
if (!tmpdata) {
error = ENOMEM;
tmpdata[princ_size] = 0; /* Some things might be expecting null */
/* termination... ``Be conservative in */
/* what you send out'' */
- krb5_princ_set_realm_data(context, ret_entry->principal, tmpdata);
+ ret_entry->principal->realm.data = tmpdata;
for (i = 0; i < count; i++) {
- princ = krb5_princ_component(context, ret_entry->principal, i);
+ princ = &ret_entry->principal->data[i];
if (!fread(&princ_size, sizeof(princ_size), 1, KTFILEP(id))) {
error = KRB5_KT_END;
goto fail;
return 0;
fail:
- for (i = 0; i < krb5_princ_size(context, ret_entry->principal); i++) {
- princ = krb5_princ_component(context, ret_entry->principal, i);
- if (princ->data)
- free(princ->data);
- }
+ for (i = 0; i < ret_entry->principal->length; i++)
+ free(ret_entry->principal->data[i].data);
free(ret_entry->principal->data);
ret_entry->principal->data = 0;
free(ret_entry->principal);
}
if (KTVERSION(id) == KRB5_KT_VNO_1) {
- count = (krb5_int16) krb5_princ_size(context, entry->principal) + 1;
+ count = (krb5_int16)entry->principal->length + 1;
} else {
- count = htons((u_short) krb5_princ_size(context, entry->principal));
+ count = htons((u_short)entry->principal->length);
}
if (!fwrite(&count, sizeof(count), 1, KTFILEP(id))) {
abend:
return KRB5_KT_IOERR;
}
- size = krb5_princ_realm(context, entry->principal)->length;
+ size = entry->principal->realm.length;
if (KTVERSION(id) != KRB5_KT_VNO_1)
size = htons(size);
if (!fwrite(&size, sizeof(size), 1, KTFILEP(id))) {
goto abend;
}
- if (!fwrite(krb5_princ_realm(context, entry->principal)->data, sizeof(char),
- krb5_princ_realm(context, entry->principal)->length, KTFILEP(id))) {
+ if (!fwrite(entry->principal->realm.data, sizeof(char),
+ entry->principal->realm.length, KTFILEP(id))) {
goto abend;
}
- count = (krb5_int16) krb5_princ_size(context, entry->principal);
+ count = (krb5_int16)entry->principal->length;
for (i = 0; i < count; i++) {
- princ = krb5_princ_component(context, entry->principal, i);
+ princ = &entry->principal->data[i];
size = princ->length;
if (KTVERSION(id) != KRB5_KT_VNO_1)
size = htons(size);
* Write out the principal type
*/
if (KTVERSION(id) != KRB5_KT_VNO_1) {
- princ_type = htonl(krb5_princ_type(context, entry->principal));
+ princ_type = htonl(entry->principal->type);
if (!fwrite(&princ_type, sizeof(princ_type), 1, KTFILEP(id))) {
goto abend;
}
krb5_int32 total_size, i;
krb5_error_code retval = 0;
- count = (krb5_int16) krb5_princ_size(context, entry->principal);
+ count = (krb5_int16)entry->principal->length;
total_size = sizeof(count);
- total_size += krb5_princ_realm(context, entry->principal)->length + (sizeof(krb5_int16));
+ total_size += entry->principal->realm.length + sizeof(krb5_int16);
- for (i = 0; i < count; i++) {
- total_size += krb5_princ_component(context, entry->principal,i)->length
- + (sizeof(krb5_int16));
- }
+ for (i = 0; i < count; i++)
+ total_size += entry->principal->data[i].length + sizeof(krb5_int16);
total_size += sizeof(entry->principal->type);
total_size += sizeof(entry->timestamp);
}
va_end(ap);
*princ = princ_ret;
- krb5_princ_type(context, princ_ret) = KRB5_NT_UNKNOWN;
+ princ_ret->type = KRB5_NT_UNKNOWN;
return 0;
free_out:
if (!retval) {
princ->type = KRB5_NT_UNKNOWN;
princ->magic = KV5M_PRINCIPAL;
- krb5_princ_set_realm_data(context, princ, r);
- krb5_princ_set_realm_length(context, princ, rlen);
+ princ->realm = make_data(r, rlen);
princ->data = data;
princ->length = count;
r = NULL; /* take ownership */
Tprintf ((".. checking '%.*s'\n", (int) realm->length, realm->data));
for (i = 0; cdata->tgs[i]; i++) {
- if (data_eq (*krb5_princ_realm (cdata->ctx, cdata->tgs[i]), *realm))
+ if (data_eq (cdata->tgs[i]->realm, *realm))
return 0;
}
Tprintf (("BAD!\n"));
return KRB5_CONFIG_CANTOPEN;
*name = *inst = '\0';
- switch (krb5_princ_size(context, princ)) {
+ switch (princ->length) {
case 2:
/* Check if this principal is listed in the table */
- compo = krb5_princ_component(context, princ, 0);
+ compo = &princ->data[0];
p = sconv_list;
while (p->v4_str) {
if (p->len == compo->length
if (strlcpy(name, p->v4_str, ANAME_SZ) >= ANAME_SZ)
return KRB5_INVALID_PRINCIPAL;
if (p->flags & DO_REALM_CONVERSION) {
- compo = krb5_princ_component(context, princ, 1);
+ compo = &princ->data[1];
c = strnchr(compo->data, '.', compo->length);
if (!c || (c - compo->data) >= INST_SZ - 1)
return KRB5_INVALID_PRINCIPAL;
/* If inst isn't set, the service isn't listed in the table, */
/* so just copy it. */
if (*inst == '\0') {
- compo = krb5_princ_component(context, princ, 1);
+ compo = &princ->data[1];
if (compo->length >= INST_SZ - 1)
return KRB5_INVALID_PRINCIPAL;
memcpy(inst, compo->data, compo->length);
case 1:
/* name may have been set above; otherwise, just copy it */
if (*name == '\0') {
- compo = krb5_princ_component(context, princ, 0);
+ compo = &princ->data[0];
if (compo->length >= ANAME_SZ)
return KRB5_INVALID_PRINCIPAL;
memcpy(name, compo->data, compo->length);
return KRB5_INVALID_PRINCIPAL;
}
- compo = krb5_princ_realm(context, princ);
+ compo = &princ->realm;
tmp_prealm = malloc(compo->length + 1);
if (tmp_prealm == NULL)
krb5_copy_principal(krb5_context context, krb5_const_principal inprinc, krb5_principal *outprinc)
{
register krb5_principal tempprinc;
- register int i, nelems;
+ krb5_int32 i;
tempprinc = (krb5_principal)malloc(sizeof(krb5_principal_data));
*tempprinc = *inprinc;
- nelems = (int) krb5_princ_size(context, inprinc);
- tempprinc->data = malloc(nelems * sizeof(krb5_data));
+ tempprinc->data = malloc(inprinc->length * sizeof(krb5_data));
if (tempprinc->data == 0) {
free(tempprinc);
return ENOMEM;
}
- for (i = 0; i < nelems; i++) {
- if (krb5int_copy_data_contents(context,
- krb5_princ_component(context, inprinc, i),
- krb5_princ_component(context, tempprinc, i)) != 0) {
+ for (i = 0; i < inprinc->length; i++) {
+ if (krb5int_copy_data_contents(context, &inprinc->data[i],
+ &tempprinc->data[i]) != 0) {
while (--i >= 0)
- free(krb5_princ_component(context, tempprinc, i)->data);
+ free(tempprinc->data[i].data);
free (tempprinc->data);
free (tempprinc);
return ENOMEM;
if (krb5int_copy_data_contents_add0(context, &inprinc->realm,
&tempprinc->realm) != 0) {
- for (i = 0; i < nelems; i++)
- free(krb5_princ_component(context, tempprinc, i)->data);
+ for (i = 0; i < inprinc->length; i++)
+ free(tempprinc->data[i].data);
free(tempprinc->data);
free(tempprinc);
return ENOMEM;
krb5_data *target_realm;
krb5_clear_error_message(context);
- target_realm = krb5_princ_realm(context, request->server);
+ target_realm = &request->server->realm;
if (opte->opt_private->fast_ccache_name) {
TRACE_FAST_ARMOR_CCACHE(context, opte->opt_private->fast_ccache_name);
state->fast_state_flags |= KRB5INT_FAST_ARMOR_AVAIL;
if (tgt.addresses && *tgt.addresses) {
if (rhost == NULL) {
- if (krb5_princ_type(context, server) != KRB5_NT_SRV_HST) {
+ if (server->type != KRB5_NT_SRV_HST) {
retval = KRB5_FWD_BAD_PRINCIPAL;
goto errout;
}
- if (krb5_princ_size(context, server) < 2){
+ if (server->length < 2){
retval = KRB5_CC_BADNAME;
goto errout;
}
/* We didn't request canonicalization. */
- if (!IS_TGS_PRINC(context, in_cred->server) ||
- !IS_TGS_PRINC(context, dec_rep->ticket->server)) {
+ if (!IS_TGS_PRINC(in_cred->server) ||
+ !IS_TGS_PRINC(dec_rep->ticket->server)) {
/* Canonicalization not requested, and not a TGS referral. */
return KRB5_KDCREP_MODIFIED;
}
/* make sure the response hasn't been tampered with..... */
retval = 0;
- if (s4u2self && !IS_TGS_PRINC(context, dec_rep->ticket->server)) {
+ if (s4u2self && !IS_TGS_PRINC(dec_rep->ticket->server)) {
/* Final hop, check whether KDC supports S4U2Self */
if (krb5_principal_compare(context, dec_rep->client, in_cred->server))
retval = KRB5KDC_ERR_PADATA_TYPE_NOSUPP;
send_again:
use_master = 0;
- retval = krb5_sendto_kdc(context, &request_data,
- krb5_princ_realm(context, in_cred->server),
+ retval = krb5_sendto_kdc(context, &request_data, &in_cred->server->realm,
&response_data, &use_master, tcp_only);
if (retval == 0) {
if (krb5_is_krb_error(&response_data)) {
/* Old versions of Active Directory can rewrite the server name instead of
* returning a referral. Try a non-referral query if we see this. */
- if (!IS_TGS_PRINC(context, ctx->reply_creds->server)) {
+ if (!IS_TGS_PRINC(ctx->reply_creds->server)) {
TRACE_TKT_CREDS_NON_TGT(context, ctx->reply_creds->server);
return begin_non_referral(context, ctx);
}
return ctx->reply_code;
/* Verify that we got a TGT. */
- if (!IS_TGS_PRINC(context, ctx->reply_creds->server))
+ if (!IS_TGS_PRINC(ctx->reply_creds->server))
return KRB5_KDCREP_MODIFIED;
/* Use this tgt for the next request. */
TRACE_TKT_CREDS_CLOSER_REALM(context, ctx->next_realm);
} else {
/* Verify that we got a TGT. */
- if (!IS_TGS_PRINC(context, ctx->reply_creds->server))
+ if (!IS_TGS_PRINC(ctx->reply_creds->server))
return KRB5_KDCREP_MODIFIED;
/* Use this tgt for the next request regardless of what it is. */
* principal) and we requested (and received) a TGT.
*/
canon_req = ((request->kdc_options & KDC_OPT_CANONICALIZE) != 0) ||
- (krb5_princ_type(context, request->client) ==
- KRB5_NT_ENTERPRISE_PRINCIPAL) ||
+ request->client->type == KRB5_NT_ENTERPRISE_PRINCIPAL ||
(request->kdc_options & KDC_OPT_REQUEST_ANONYMOUS);
if (canon_req) {
- canon_ok = IS_TGS_PRINC(context, request->server) &&
- IS_TGS_PRINC(context, as_reply->enc_part2->server);
+ canon_ok = IS_TGS_PRINC(request->server) &&
+ IS_TGS_PRINC(as_reply->enc_part2->server);
if (!canon_ok && (request->kdc_options & KDC_OPT_REQUEST_ANONYMOUS)) {
canon_ok = krb5_principal_compare_any_realm(context,
as_reply->client,
* Windows Server 2008 R2 RODC insists on TGS principal names having the
* right name type.
*/
- if (krb5_princ_size(context, server) == 2 &&
- data_eq_string(*krb5_princ_component(context, server, 0),
- KRB5_TGS_NAME)) {
- krb5_princ_type(context, server) = KRB5_NT_SRV_INST;
- }
+ if (server->length == 2 && data_eq_string(server->data[0], KRB5_TGS_NAME))
+ server->type = KRB5_NT_SRV_INST;
*server_out = server;
return 0;
}
goto cleanup;
krb5_free_principal(context, ctx->request->client);
ctx->request->client = new_client;
- krb5_princ_type(context, ctx->request->client) = KRB5_NT_WELLKNOWN;
+ ctx->request->client->type = KRB5_NT_WELLKNOWN;
}
}
/* We will also handle anonymous if the input principal is the anonymous
if (krb5_principal_compare_any_realm(context, ctx->request->client,
krb5_anonymous_principal())) {
ctx->request->kdc_options |= KDC_OPT_REQUEST_ANONYMOUS;
- krb5_princ_type(context, ctx->request->client) = KRB5_NT_WELLKNOWN;
+ ctx->request->client->type = KRB5_NT_WELLKNOWN;
}
code = restart_init_creds_loop(context, ctx, NULL);
if (code)
} else if (canon_flag && ctx->err_reply->error == KDC_ERR_WRONG_REALM) {
if (ctx->err_reply->client == NULL ||
- !krb5_princ_realm(context, ctx->err_reply->client)->length) {
+ !ctx->err_reply->client->realm.length) {
code = KRB5KDC_ERR_WRONG_REALM;
goto cleanup;
}
#define in_clock_skew(date, now) (labs((date)-(now)) < context->clockskew)
-#define IS_TGS_PRINC(c, p) \
- (krb5_princ_size((c), (p)) == 2 && \
- data_eq_string(*krb5_princ_component((c), (p), 0), KRB5_TGS_NAME))
+#define IS_TGS_PRINC(p) ((p)->length == 2 && \
+ data_eq_string((p)->data[0], KRB5_TGS_NAME))
typedef krb5_error_code
(*k5_pacb_fn)(krb5_context context, krb5_keyblock *subkey, krb5_kdc_req *req,
return;
if (val->data) {
- i = krb5_princ_size(context, val);
+ i = val->length;
while(--i >= 0)
- free(krb5_princ_component(context, val, i)->data);
+ free(val->data[i].data);
free(val->data);
}
free(val->realm.data);
krb5_data *ret, int use_realm)
{
unsigned int size = 0, offset=0;
- krb5_int32 nelem;
- register int i;
+ krb5_int32 i;
*ret = empty_data();
if (pr == NULL)
return 0;
- nelem = krb5_princ_size(context, pr);
-
if (use_realm)
- size += krb5_princ_realm(context, pr)->length;
+ size += pr->realm.length;
- for (i = 0; i < (int) nelem; i++)
- size += krb5_princ_component(context, pr, i)->length;
+ for (i = 0; i < pr->length; i++)
+ size += pr->data[i].length;
if (alloc_data(ret, size))
return ENOMEM;
if (use_realm) {
- offset = krb5_princ_realm(context, pr)->length;
- memcpy(ret->data, krb5_princ_realm(context, pr)->data, offset);
+ offset = pr->realm.length;
+ memcpy(ret->data, pr->realm.data, offset);
}
- for (i = 0; i < (int) nelem; i++) {
- memcpy(&ret->data[offset], krb5_princ_component(context, pr, i)->data,
- krb5_princ_component(context, pr, i)->length);
- offset += krb5_princ_component(context, pr, i)->length;
+ for (i = 0; i < pr->length; i++) {
+ memcpy(&ret->data[offset], pr->data[i].data, pr->data[i].length);
+ offset += pr->data[i].length;
}
return 0;
}
krb5_const_principal princ2,
int flags)
{
- const krb5_data *realm1 = krb5_princ_realm(context, princ1);
- const krb5_data *realm2 = krb5_princ_realm(context, princ2);
+ const krb5_data *realm1 = &princ1->realm;
+ const krb5_data *realm2 = &princ2->realm;
if (realm1->length != realm2->length)
return FALSE;
krb5_const_principal princ2,
int flags)
{
- register int i;
- krb5_int32 nelem;
+ krb5_int32 i;
unsigned int utf8 = (flags & KRB5_PRINCIPAL_COMPARE_UTF8) != 0;
unsigned int casefold = (flags & KRB5_PRINCIPAL_COMPARE_CASEFOLD) != 0;
krb5_principal upn1 = NULL;
if (flags & KRB5_PRINCIPAL_COMPARE_ENTERPRISE) {
/* Treat UPNs as if they were real principals */
- if (krb5_princ_type(context, princ1) == KRB5_NT_ENTERPRISE_PRINCIPAL) {
+ if (princ1->type == KRB5_NT_ENTERPRISE_PRINCIPAL) {
if (upn_to_principal(context, princ1, &upn1) == 0)
princ1 = upn1;
}
- if (krb5_princ_type(context, princ2) == KRB5_NT_ENTERPRISE_PRINCIPAL) {
+ if (princ2->type == KRB5_NT_ENTERPRISE_PRINCIPAL) {
if (upn_to_principal(context, princ2, &upn2) == 0)
princ2 = upn2;
}
}
- nelem = krb5_princ_size(context, princ1);
- if (nelem != krb5_princ_size(context, princ2))
+ if (princ1->length != princ2->length)
goto out;
if ((flags & KRB5_PRINCIPAL_COMPARE_IGNORE_REALM) == 0 &&
!realm_compare_flags(context, princ1, princ2, flags))
goto out;
- for (i = 0; i < (int) nelem; i++) {
- const krb5_data *p1 = krb5_princ_component(context, princ1, i);
- const krb5_data *p2 = krb5_princ_component(context, princ2, i);
+ for (i = 0; i < princ1->length; i++) {
+ const krb5_data *p1 = &princ1->data[i];
+ const krb5_data *p2 = &princ2->data[i];
krb5_boolean eq;
if (casefold) {
server = req->ticket->server;
}
/* Get an rcache if necessary. */
- if (((*auth_context)->rcache == NULL)
- && ((*auth_context)->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME)
- && server) {
- if ((retval = krb5_get_server_rcache(context,
- krb5_princ_component(context,server,0),
- &(*auth_context)->rcache)))
+ if (((*auth_context)->rcache == NULL) &&
+ ((*auth_context)->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) &&
+ server != NULL && server->length > 0) {
+ retval = krb5_get_server_rcache(context, &server->data[0],
+ &(*auth_context)->rcache);
+ if (retval)
goto cleanup;
}
/* okay, now check cross-realm policy */
krb5_data * realm;
krb5_transited * trans;
- realm = krb5_princ_realm(context, req->ticket->enc_part2->client);
+ realm = &req->ticket->enc_part2->client->realm;
trans = &(req->ticket->enc_part2->transited);
/*
krb5_data * realm;
krb5_transited * trans;
- realm = krb5_princ_realm(context, req->ticket->enc_part2->client);
+ realm = &req->ticket->enc_part2->client->realm;
trans = &(req->ticket->enc_part2->transited);
/*
*/
if (trans->tr_contents.length > 0 && trans->tr_contents.data[0]) {
retval = krb5_check_transited_list(context, &(trans->tr_contents),
- realm,
- krb5_princ_realm (context,server));
+ realm, &server->realm);
}
}
/*
* Setup the replay cache.
*/
- if (server) {
- problem = krb5_get_server_rcache(context,
- krb5_princ_component(context, server, 0), &rcache);
+ if (server != NULL && server->length > 0) {
+ problem = krb5_get_server_rcache(context, &server->data[0],
+ &rcache);
} else {
null_server.length = 7;
null_server.data = "default";
}
if (in_creds->client != NULL &&
- krb5_princ_type(context, in_creds->client) !=
- KRB5_NT_ENTERPRISE_PRINCIPAL) {
+ in_creds->client->type != KRB5_NT_ENTERPRISE_PRINCIPAL) {
int anonymous;
anonymous = krb5_principal_compare(context, in_creds->client,
{
krb5_error_code code;
int i;
- krb5_int32 name_type;
char *p;
krb5_data data;
data.length = 4;
- for (i = 0; i < krb5_princ_size(context, req->user); i++) {
- data.length += krb5_princ_component(context, req->user, i)->length;
- }
- data.length += krb5_princ_realm(context, req->user)->length;
+ for (i = 0; i < req->user->length; i++)
+ data.length += req->user->data[i].length;
+ data.length += req->user->realm.length;
data.length += req->auth_package.length;
p = data.data = malloc(data.length);
if (data.data == NULL)
return ENOMEM;
- name_type = krb5_princ_type(context, req->user);
- p[0] = (name_type >> 0 ) & 0xFF;
- p[1] = (name_type >> 8 ) & 0xFF;
- p[2] = (name_type >> 16) & 0xFF;
- p[3] = (name_type >> 24) & 0xFF;
+ p[0] = (req->user->type >> 0) & 0xFF;
+ p[1] = (req->user->type >> 8) & 0xFF;
+ p[2] = (req->user->type >> 16) & 0xFF;
+ p[3] = (req->user->type >> 24) & 0xFF;
p += 4;
- for (i = 0; i < krb5_princ_size(context, req->user); i++) {
- memcpy(p, krb5_princ_component(context, req->user, i)->data,
- krb5_princ_component(context, req->user, i)->length);
- p += krb5_princ_component(context, req->user, i)->length;
+ for (i = 0; i < req->user->length; i++) {
+ memcpy(p, req->user->data[i].data, req->user->data[i].length);
+ p += req->user->data[i].length;
}
- memcpy(p, krb5_princ_realm(context, req->user)->data,
- krb5_princ_realm(context, req->user)->length);
- p += krb5_princ_realm(context, req->user)->length;
+ memcpy(p, req->user->realm.data, req->user->realm.length);
+ p += req->user->realm.length;
memcpy(p, req->auth_package.data, req->auth_package.length);
memset(&s4u_user, 0, sizeof(s4u_user));
- if (in_creds->client != NULL &&
- krb5_princ_size(context, in_creds->client)) {
- if (krb5_princ_type(context, in_creds->client) ==
- KRB5_NT_ENTERPRISE_PRINCIPAL)
- {
+ if (in_creds->client != NULL && in_creds->client->length > 0) {
+ if (in_creds->client->type == KRB5_NT_ENTERPRISE_PRINCIPAL) {
code = krb5_build_principal_ext(context,
&s4u_user.user_id.user,
user_realm->length,
s4u_user.user_id.options = KRB5_S4U_OPTS_USE_REPLY_KEY_USAGE;
/* First, acquire a TGT to the user's realm. */
- code = krb5int_tgtname(context, user_realm,
- krb5_princ_realm(context, in_creds->server), &tgs);
+ code = krb5int_tgtname(context, user_realm, &in_creds->server->realm,
+ &tgs);
if (code != 0)
goto cleanup;
krb5_pa_data **enc_padata = NULL;
krb5_keyblock *subkey = NULL;
- if (s4u_user.user_id.user != NULL &&
- krb5_princ_size(context, s4u_user.user_id.user)) {
+ if (s4u_user.user_id.user != NULL && s4u_user.user_id.user->length) {
in_padata = calloc(2, sizeof(krb5_pa_data *));
if (in_padata == NULL) {
code = ENOMEM;
(*out_creds)->server)) {
code = 0;
goto cleanup;
- } else if (IS_TGS_PRINC(context, (*out_creds)->server)) {
+ } else if (IS_TGS_PRINC((*out_creds)->server)) {
krb5_data *r1 = &tgtptr->server->data[1];
krb5_data *r2 = &(*out_creds)->server->data[1];
goto cleanup;
}
- code = krb5_get_self_cred_from_kdc(context, options, ccache,
- in_creds, subject_cert,
- krb5_princ_realm(context, realm),
- out_creds);
+ code = krb5_get_self_cred_from_kdc(context, options, ccache, in_creds,
+ subject_cert, &realm->realm, out_creds);
if (code != 0)
goto cleanup;
if (!newrealm)
return ENOMEM;
- (void) free(krb5_princ_realm(context,principal)->data);
-
- krb5_princ_realm(context, principal)->length = length;
- krb5_princ_realm(context, principal)->data = newrealm;
+ free(principal->realm.data);
+ principal->realm = make_data(newrealm, length);
return 0;
}
err(context, 0, "%s != %s", princ_short, princ_unparsed);
free(princ_unparsed);
- realm = krb5_princ_realm(context, p)->data;
+ realm = p->realm.data;
asprintf(&princ_reformed, "%s@%s", princ_short, realm);
* Windows Server 2008 R2 RODC insists on TGS principal names having the
* right name type.
*/
- krb5_princ_type(context, *tgtprinc) = KRB5_NT_SRV_INST;
+ (*tgtprinc)->type = KRB5_NT_SRV_INST;
return ret;
}
int flags, char **name, unsigned int *size)
{
char *q;
- int i;
- krb5_int32 nelem;
+ krb5_int32 i;
unsigned int totalsize = 0;
char *default_realm = NULL;
krb5_error_code ret = 0;
if (ret != 0)
goto cleanup;
- krb5_princ_realm(context, &p)->length = strlen(default_realm);
- krb5_princ_realm(context, &p)->data = default_realm;
+ p.realm = string2data(default_realm);
if (krb5_realm_compare(context, &p, principal))
flags |= KRB5_PRINCIPAL_UNPARSE_NO_REALM;
}
if ((flags & KRB5_PRINCIPAL_UNPARSE_NO_REALM) == 0) {
- totalsize += component_length_quoted(krb5_princ_realm(context,
- principal),
- flags);
+ totalsize += component_length_quoted(&principal->realm, flags);
totalsize++; /* This is for the separator */
}
- nelem = krb5_princ_size(context, principal);
- for (i = 0; i < (int) nelem; i++) {
- totalsize += component_length_quoted(krb5_princ_component(context, principal, i), flags);
+ for (i = 0; i < principal->length; i++) {
+ totalsize += component_length_quoted(&principal->data[i], flags);
totalsize++; /* This is for the separator */
}
- if (nelem == 0)
+ if (principal->length == 0)
totalsize++;
/*
q = *name;
- for (i = 0; i < (int) nelem; i++) {
- q += copy_component_quoting(q,
- krb5_princ_component(context,
- principal,
- i),
- flags);
+ for (i = 0; i < principal->length; i++) {
+ q += copy_component_quoting(q, &principal->data[i], flags);
*q++ = COMPONENT_SEP;
}
q--; /* Back up last component separator */
if ((flags & KRB5_PRINCIPAL_UNPARSE_NO_REALM) == 0) {
*q++ = REALM_SEP;
- q += copy_component_quoting(q, krb5_princ_realm(context, principal), flags);
+ q += copy_component_quoting(q, &principal->realm, flags);
}
*q++ = '\0';
do {
int socktype = (use_tcp ? SOCK_STREAM : SOCK_DGRAM);
- if ((code = locate_kpasswd(callback_ctx.context,
- krb5_princ_realm(callback_ctx.context,
- creds->server),
- &sl, socktype)))
+ code = locate_kpasswd(callback_ctx.context, &creds->server->realm, &sl,
+ socktype);
+ if (code)
break;
addrlen = sizeof(remote_addr);
code = krb5_cc_get_principal (context, ccache, &creds.client);
if (!code) {
code = krb5_build_principal(context, &creds.server,
- krb5_princ_realm(context, change_password_for)->length,
- krb5_princ_realm(context, change_password_for)->data,
+ change_password_for->realm.length,
+ change_password_for->realm.data,
"kadmin", "changepw", NULL);
if (!code) {
code = krb5_get_credentials(context, 0, ccache, &creds, &credsp);
if (errno || ind > num_comps)
break;
current = end;
- datap = ind > 0 ? krb5_princ_component(context, aname, ind - 1) :
- krb5_princ_realm(context, aname);
- if (!datap)
- break;
+ datap = ind > 0 ? &aname->data[ind - 1] : &aname->realm;
k5_buf_add_len(&selstring, datap->data, datap->length);
}
realm, sname, remote_host,
(char *)0);
if (retval == 0)
- krb5_princ_type(context, *ret_princ) = type;
+ (*ret_princ)->type = type;
TRACE_SNAME_TO_PRINCIPAL_RETURN(context, *ret_princ);
projects / thirdparty / krb5.git / commitdiff
