From: Greg Hudson Date: Thu, 8 Apr 2010 16:41:17 +0000 (+0000) Subject: Merge trunk changes from r23842 to r23874 to iakerb branch X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9a1ae79166231f2c56bbb374e704774a2f5efabb;p=thirdparty%2Fkrb5.git Merge trunk changes from r23842 to r23874 to iakerb branch git-svn-id: svn://anonsvn.mit.edu/krb5/branches/iakerb@23875 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/clients/ksu/ccache.c b/src/clients/ksu/ccache.c index 2eafd0934f..786a1751c5 100644 --- a/src/clients/ksu/ccache.c +++ b/src/clients/ksu/ccache.c @@ -87,12 +87,8 @@ krb5_error_code krb5_ccache_copy (context, cc_def, cc_other_tag, *stored = krb5_find_princ_in_cred_list(context, cc_def_creds_arr, primary_principal); -#ifdef HAVE_LSTAT if (!lstat( cc_other_name, &st_temp)) -#else /*HAVE_LSTAT*/ - if (!stat( cc_other_name, &st_temp)) -#endif - return EINVAL; + return EINVAL; if (krb5_seteuid(0)||krb5_seteuid(target_uid)) { return errno; @@ -679,141 +675,137 @@ krb5_error_code krb5_ccache_copy_restricted (context, cc_def, cc_other_tag, } -#ifdef HAVE_LSTAT if (!lstat( cc_other_name, &st_temp)) { -#else /*HAVE_LSTAT*/ - if (!stat( cc_other_name, &st_temp)) { -#endif - return EINVAL; - } + return EINVAL; + } - if (krb5_seteuid(0)||krb5_seteuid(target_uid)) { - return errno; - } + if (krb5_seteuid(0)||krb5_seteuid(target_uid)) { + return errno; + } - if ((retval = krb5_cc_initialize(context, *cc_other, prst))){ - return retval; - } + if ((retval = krb5_cc_initialize(context, *cc_other, prst))){ + return retval; + } - retval = krb5_store_some_creds(context, * cc_other, - cc_def_creds_arr, cc_other_creds_arr, prst, stored); + retval = krb5_store_some_creds(context, * cc_other, + cc_def_creds_arr, cc_other_creds_arr, prst, stored); - if (cc_def_creds_arr){ - while (cc_def_creds_arr[i]){ - krb5_free_creds(context, cc_def_creds_arr[i]); - i++; - } + if (cc_def_creds_arr){ + while (cc_def_creds_arr[i]){ + krb5_free_creds(context, cc_def_creds_arr[i]); + i++; } + } - i=0; + i=0; - if(cc_other_creds_arr){ - while (cc_other_creds_arr[i]){ - krb5_free_creds(context, cc_other_creds_arr[i]); - i++; - } + if(cc_other_creds_arr){ + while (cc_other_creds_arr[i]){ + krb5_free_creds(context, cc_other_creds_arr[i]); + i++; } - - *cc_out = *cc_other; - return retval; } - krb5_error_code krb5_ccache_filter (context, cc, prst) - krb5_context context; + *cc_out = *cc_other; + return retval; +} + +krb5_error_code krb5_ccache_filter (context, cc, prst) + krb5_context context; krb5_ccache cc; krb5_principal prst; - { +{ - int i=0; - krb5_error_code retval=0; - krb5_principal temp_principal; - krb5_creds ** cc_creds_arr = NULL; - const char * cc_name; - krb5_boolean stored; - struct stat st_temp; + int i=0; + krb5_error_code retval=0; + krb5_principal temp_principal; + krb5_creds ** cc_creds_arr = NULL; + const char * cc_name; + krb5_boolean stored; + struct stat st_temp; - cc_name = krb5_cc_get_name(context, cc); + cc_name = krb5_cc_get_name(context, cc); - if ( ! stat(cc_name, &st_temp)){ + if ( ! stat(cc_name, &st_temp)){ - if (auth_debug) { - fprintf(stderr,"putting cache %s through a filter for -z option\n", cc_name); - } + if (auth_debug) { + fprintf(stderr,"putting cache %s through a filter for -z option\n", cc_name); + } - if ((retval = krb5_get_nonexp_tkts(context, cc, &cc_creds_arr))){ - return retval; - } + if ((retval = krb5_get_nonexp_tkts(context, cc, &cc_creds_arr))){ + return retval; + } - if ((retval = krb5_cc_get_principal(context, cc, &temp_principal))){ - return retval; - } + if ((retval = krb5_cc_get_principal(context, cc, &temp_principal))){ + return retval; + } - if ((retval = krb5_cc_initialize(context, cc, temp_principal))){ - return retval; - } + if ((retval = krb5_cc_initialize(context, cc, temp_principal))){ + return retval; + } - if ((retval = krb5_store_some_creds(context, cc, cc_creds_arr, - NULL, prst, &stored))){ - return retval; - } + if ((retval = krb5_store_some_creds(context, cc, cc_creds_arr, + NULL, prst, &stored))){ + return retval; + } - if (cc_creds_arr){ - while (cc_creds_arr[i]){ - krb5_free_creds(context, cc_creds_arr[i]); - i++; - } + if (cc_creds_arr){ + while (cc_creds_arr[i]){ + krb5_free_creds(context, cc_creds_arr[i]); + i++; } } - return 0; } + return 0; +} - krb5_boolean krb5_find_princ_in_cred_list (context, creds_list, princ) - krb5_context context; +krb5_boolean krb5_find_princ_in_cred_list (context, creds_list, princ) + krb5_context context; krb5_creds **creds_list; krb5_principal princ; - { - - int i = 0; - krb5_boolean temp_stored = FALSE; - - if (creds_list){ - while(creds_list[i]){ - if (krb5_principal_compare(context, - creds_list[i]->client, - princ)== TRUE){ - temp_stored = TRUE; - break; - } +{ - i++; + int i = 0; + krb5_boolean temp_stored = FALSE; + + if (creds_list){ + while(creds_list[i]){ + if (krb5_principal_compare(context, + creds_list[i]->client, + princ)== TRUE){ + temp_stored = TRUE; + break; } - } - return temp_stored; + i++; + } } - krb5_error_code krb5_find_princ_in_cache (context, cc, princ, found) - krb5_context context; + return temp_stored; +} + +krb5_error_code krb5_find_princ_in_cache (context, cc, princ, found) + krb5_context context; krb5_ccache cc; krb5_principal princ; krb5_boolean *found; - { - krb5_error_code retval; - krb5_creds ** creds_list = NULL; - const char * cc_name; - struct stat st_temp; +{ + krb5_error_code retval; + krb5_creds ** creds_list = NULL; + const char * cc_name; + struct stat st_temp; - cc_name = krb5_cc_get_name(context, cc); + cc_name = krb5_cc_get_name(context, cc); - if ( ! stat(cc_name, &st_temp)){ - if ((retval = krb5_get_nonexp_tkts(context, cc, &creds_list))){ - return retval; - } + if ( ! stat(cc_name, &st_temp)){ + if ((retval = krb5_get_nonexp_tkts(context, cc, &creds_list))){ + return retval; } - - *found = krb5_find_princ_in_cred_list(context, creds_list, princ); - return 0; } + + *found = krb5_find_princ_in_cred_list(context, creds_list, princ); + return 0; +} diff --git a/src/configure.in b/src/configure.in index 8e2afb2d41..b74fb8d1e3 100644 --- a/src/configure.in +++ b/src/configure.in @@ -169,7 +169,7 @@ AC_PROG_AWK AC_PROG_LEX AC_C_CONST AC_HEADER_DIRENT -AC_CHECK_FUNCS(strdup setvbuf inet_ntoa inet_aton seteuid setresuid setreuid setegid setresgid setregid setsid flock fchmod chmod strftime strptime geteuid setenv unsetenv getenv gmtime_r localtime_r bswap16 bswap64 mkstemp getusershell lstat access getcwd srand48 srand srandom stat strchr strerror strerror_r) +AC_CHECK_FUNCS(strdup setvbuf inet_ntoa inet_aton seteuid setresuid setreuid setegid setresgid setregid setsid flock fchmod chmod strftime strptime geteuid setenv unsetenv getenv gmtime_r localtime_r bswap16 bswap64 mkstemp getusershell access getcwd srand48 srand srandom stat strchr strerror strerror_r) AC_CHECK_FUNC(mkstemp, [MKSTEMP_ST_OBJ= diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin index 9eb734b0fb..ba4f0c9717 100644 --- a/src/include/krb5/krb5.hin +++ b/src/include/krb5/krb5.hin @@ -1851,6 +1851,13 @@ krb5_principal2salt(krb5_context, krb5_const_principal, krb5_data *); krb5_error_code KRB5_CALLCONV krb5_cc_resolve(krb5_context, const char *, krb5_ccache *); +/** + * Create a new handle referring to the same cache as @a in. + * The new handle and @a in can be closed independently. + */ +krb5_error_code KRB5_CALLCONV +krb5_cc_dup(krb5_context context, krb5_ccache in, krb5_ccache *out); + const char *KRB5_CALLCONV krb5_cc_default_name(krb5_context); diff --git a/src/lib/krb5/ccache/ccbase.c b/src/lib/krb5/ccache/ccbase.c index 2e40b48f32..023c7b158f 100644 --- a/src/lib/krb5/ccache/ccbase.c +++ b/src/lib/krb5/ccache/ccbase.c @@ -238,6 +238,12 @@ krb5_cc_resolve (krb5_context context, const char *name, krb5_ccache *cache) return ops->resolve(context, cache, resid); } +krb5_error_code KRB5_CALLCONV +krb5_cc_dup(krb5_context context, krb5_ccache in, krb5_ccache *out) +{ + return in->ops->resolve(context, out, in->ops->get_name(context, in)); +} + /* * cc_getops * diff --git a/src/util/testrealm.py b/src/util/testrealm.py index 826cb00b01..39a348bda2 100644 --- a/src/util/testrealm.py +++ b/src/util/testrealm.py @@ -33,10 +33,12 @@ progpaths = [ os.path.join('kadmin', 'cli'), os.path.join('kadmin', 'dbutil'), os.path.join('kadmin', 'ktutil'), + os.path.join('clients', 'kdestroy'), os.path.join('clients', 'kinit'), os.path.join('clients', 'klist'), - os.path.join('clients', 'kdestroy'), os.path.join('clients', 'kpasswd'), + os.path.join('clients', 'ksu'), + os.path.join('clients', 'kvno'), 'slave' ]