krb5_cc_cursor cur;
krb5_creds creds;
krb5_principal princ;
- krb5_flags flags;
krb5_error_code code;
- flags = 0; /* turns off OPENCLOSE mode */
- if ((code = krb5_cc_set_flags(kcontext, cache, flags))) {
- com_err(progname, code, "");
- return 1;
- }
if ((code = krb5_cc_get_principal(kcontext, cache, &princ))) {
com_err(progname, code, "");
return 1;
com_err(progname, code, _("while finishing ticket retrieval"));
return 1;
}
- flags = KRB5_TC_OPENCLOSE; /* turns on OPENCLOSE mode */
- if ((code = krb5_cc_set_flags(kcontext, cache, flags))) {
- com_err(progname, code, _("while closing ccache"));
- return 1;
- }
return 0;
} else {
com_err(progname, code, _("while retrieving a ticket"));
krb5_principal princ;
krb5_boolean found_tgt, found_current_tgt, found_current_cred;
- if (krb5_cc_set_flags(kcontext, cache, 0) != 0)
- return 1;
if (krb5_cc_get_principal(kcontext, cache, &princ) != 0)
return 1;
if (krb5_cc_start_seq_get(kcontext, cache, &cur) != 0)
return 1;
if (krb5_cc_end_seq_get(kcontext, cache, &cur) != 0)
return 1;
- if (krb5_cc_set_flags(kcontext, cache, KRB5_TC_OPENCLOSE) != 0)
- return 1;
/* If the cache contains at least one local TGT, require that it be
* current. Otherwise accept any current cred. */
exit(1);
}
- if (((retval = krb5_cc_set_flags(ksu_context, cc_source, 0x0)) != 0)
- && (retval != KRB5_FCC_NOFILE)) {
- com_err(prog_name, retval, _("while opening ccache"));
- exit(1);
- }
if ((retval = get_best_princ_for_target(ksu_context, source_uid,
target_uid, source_user,
target_user, cc_source,
krb5_timestamp endtime;
krb5_boolean is_tgt;
- /* Turn off OPENCLOSE mode while extensive frobbing is going on.
- * Turn on NOTICKET, as we don't need session keys here. */
+ /* Turn on NOTICKET, as we don't need session keys here. */
code = krb5_cc_set_flags(context, ccache, KRB5_TC_NOTICKET);
if (code)
return code;
goto cleanup;
}
- (void)krb5_cc_set_flags(context, ccache, KRB5_TC_OPENCLOSE);
-
cleanup:
- (void)krb5_cc_set_flags(context, ccache, KRB5_TC_OPENCLOSE);
+ (void)krb5_cc_set_flags(context, ccache, 0);
krb5_free_principal(context, ccache_princ);
krb5_free_principal(context, tgt_princ);
return code;
krb5_flags oflags = 0;
#define fetchcreds (fetched.creds)
- kret = krb5_cc_get_flags(context, id, &oflags);
- if (kret != KRB5_OK)
- return kret;
- if (oflags & KRB5_TC_OPENCLOSE)
- (void) krb5_cc_set_flags(context, id, oflags & ~KRB5_TC_OPENCLOSE);
kret = krb5_cc_start_seq_get(context, id, &cursor);
- if (kret != KRB5_OK) {
- if (oflags & KRB5_TC_OPENCLOSE)
- krb5_cc_set_flags(context, id, oflags);
+ if (kret != KRB5_OK)
return kret;
- }
while (krb5_cc_next_cred(context, id, &cursor, &fetchcreds) == KRB5_OK) {
if (krb5int_cc_creds_match_request(context, whichfields, mcreds, &fetchcreds))
} else {
krb5_cc_end_seq_get(context, id, &cursor);
*creds = fetchcreds;
- if (oflags & KRB5_TC_OPENCLOSE)
- krb5_cc_set_flags(context, id, oflags);
return KRB5_OK;
}
}
/* If we get here, a match wasn't found */
krb5_cc_end_seq_get(context, id, &cursor);
- if (oflags & KRB5_TC_OPENCLOSE)
- krb5_cc_set_flags(context, id, oflags);
if (have_creds) {
*creds = best.creds;
return KRB5_OK;
krb5_cc_copy_creds(krb5_context context, krb5_ccache incc, krb5_ccache outcc)
{
krb5_error_code code;
- krb5_flags flags;
krb5_cc_cursor cur = 0;
krb5_creds creds;
- flags = 0; /* turns off OPENCLOSE mode */
- if ((code = krb5_cc_set_flags(context, incc, flags)))
- return(code);
- /* the code for this will open the file for reading only, which
- is not what I had in mind. So I won't turn off OPENCLOSE
- for the output ccache */
-#if 0
- if ((code = krb5_cc_set_flags(context, outcc, flags)))
- return(code);
-#endif
-
if ((code = krb5_cc_start_seq_get(context, incc, &cur)))
goto cleanup;
code = 0;
cleanup:
- flags = KRB5_TC_OPENCLOSE;
-
/* If set then we are in an error pathway */
if (cur)
krb5_cc_end_seq_get(context, incc, &cur);
- if (code)
- krb5_cc_set_flags(context, incc, flags);
- else
- code = krb5_cc_set_flags(context, incc, flags);
-
-#if 0
- if (code)
- krb5_cc_set_flags(context, outcc, flags);
- else
- code = krb5_cc_set_flags(context, outcc, flags);
-#endif
-
return(code);
}
krb5_cc_cursor cur = NULL;
krb5_creds creds;
- /* Turn off TC_OPENCLOSE on input ccache. */
- ret = krb5_cc_set_flags(context, incc, 0);
- if (ret)
- return ret;
ret = krb5_cc_start_seq_get(context, incc, &cur);
if (ret)
- goto cleanup;
+ return ret;
while (!(ret = krb5_cc_next_cred(context, incc, &cur, &creds))) {
- if (krb5_principal_compare(context, princ, creds.server))
- ret = 0;
- else
+ if (!krb5_principal_compare(context, princ, creds.server))
ret = krb5_cc_store_cred(context, outcc, &creds);
krb5_free_cred_contents(context, &creds);
if (ret)
- goto cleanup;
+ break;
}
- if (ret != KRB5_CC_END)
- goto cleanup;
-
- ret = krb5_cc_end_seq_get(context, incc, &cur);
- cur = NULL;
-
-cleanup:
- if (cur != NULL)
- (void)krb5_cc_end_seq_get(context, incc, &cur);
- ret2 = krb5_cc_set_flags(context, incc, KRB5_TC_OPENCLOSE);
- return (ret == 0) ? ret2 : ret;
+ ret2 = krb5_cc_end_seq_get(context, incc, &cur);
+ return (ret == KRB5_CC_END) ? ret2 : ret;
}
static krb5_error_code
krb5_creds c;
int ncreds = 0;
- /* Turn off OPENCLOSE and leave open while we use ccache */
- if (code = krb5_cc_set_flags(k5_context, k5_ccache, 0)) {
+ if (code = krb5_cc_start_seq_get(k5_context, k5_ccache, &cursor)) {
if (code == KRB5_FCC_NOFILE)
return 0;
- if (verbose)
- com_err(NULL, code,
- "while setting cache flags (ticket cache %s)",
- krb5_cc_get_name(k5_context, k5_ccache));
- return -1;
- }
-
- if (code = krb5_cc_start_seq_get(k5_context, k5_ccache, &cursor)) {
if (verbose)
com_err(NULL, code, "while starting to retrieve tickets.");
return -1;
if (code = krb5_cc_end_seq_get(k5_context, k5_ccache, &cursor)) {
if (verbose)
com_err(NULL, code, "while closing ccache.");
- } else if (code = krb5_cc_set_flags(k5_context, k5_ccache,
- KRB5_TC_OPENCLOSE)) {
- if (verbose)
- com_err(NULL, code, "while closing ccache.");
}
return ncreds;
krb5_cc_cursor cursor;
krb5_error_code code;
krb5_creds c;
- krb5_flags flags;
char *sname; /* Name of the service */
char *flags_string(krb5_creds *cred);
#endif
#ifdef KRB5
ncred = 0;
- flags = 0;
- if (code = krb5_cc_set_flags(k5_context, k5_ccache, flags)) {
+ if (code = krb5_cc_start_seq_get(k5_context, k5_ccache, &cursor)) {
if (code != KRB5_FCC_NOFILE) {
return -1;
}
} else {
- if (code = krb5_cc_start_seq_get(k5_context, k5_ccache, &cursor)) {
- return -1;
- }
while (1) {
code = krb5_cc_next_cred(k5_context, k5_ccache, &cursor, &c);
if (code != 0)
if (code = krb5_cc_end_seq_get(k5_context, k5_ccache, &cursor)) {
return -1;
}
- flags = KRB5_TC_OPENCLOSE; /* turns on OPENCLOSE mode */
- if (code = krb5_cc_set_flags(k5_context, k5_ccache, flags)) {
- return -1;
- }
} else {
return -1;
}
TICKETINFO *ticketinfo = NULL;
int retval = 1;
- // Don't need the actual ticket, also turns off OPENCLOSE mode
+ // Don't need the actual ticket.
flags = KRB5_TC_NOTICKET;
code = pkrb5_cc_set_flags(ctx, cache, flags);
if (code) {
functionName = "krb5_cc_end_seq_get";
goto cleanup;
}
- flags = KRB5_TC_OPENCLOSE; /* turns on OPENCLOSE mode */
+ flags = 0;
code = pkrb5_cc_set_flags(ctx, cache, flags);
if (code) {
functionName = "krb5_cc_set_flags";
krb5_error_code code;
BOOL have_tickets = FALSE;
- // Don't need the actual ticket, also turns off OPENCLOSE mode
+ // Don't need the actual ticket.
flags = KRB5_TC_NOTICKET;
code = pkrb5_cc_set_flags(ctx, cache, flags);
if (code)
code = pkrb5_cc_end_seq_get(ctx, cache, &cur);
if (code)
goto cleanup;
- flags = KRB5_TC_OPENCLOSE; /* turns on OPENCLOSE mode */
+ flags = 0;
code = pkrb5_cc_set_flags(ctx, cache, flags);
if (code)
goto cleanup;
projects / thirdparty / krb5.git / commitdiff
