/* util_krb.c */
#ifdef HAVE_HEIMDAL_VERSION
+
#define KRB_TIME_FOREVER ((time_t)~0L)
+
#define KRB_KEY_TYPE(key) ((key)->keytype)
#define KRB_KEY_DATA(key) ((key)->keyvalue.data)
#define KRB_KEY_LENGTH(key) ((key)->keyvalue.length)
-#else
-#define KRB_TIME_FOREVER KRB5_INT32_MAX
-#define KRB_KEY_TYPE(key) ((key)->enctype)
-#define KRB_KEY_DATA(key) ((key)->contents)
-#define KRB_KEY_LENGTH(key) ((key)->length)
-#endif /* HAVE_HEIMDAL_VERSION */
-#define KRB_KEY_INIT(key) do { \
- KRB_KEY_TYPE(key) = ENCTYPE_NULL; \
- KRB_KEY_DATA(key) = NULL; \
- KRB_KEY_LENGTH(key) = 0; \
- } while (0)
-
-#ifdef HAVE_HEIMDAL_VERSION
#define KRB_PRINC_LENGTH(princ) ((princ)->name.name_string.len)
#define KRB_PRINC_TYPE(princ) ((princ)->name.name_type)
#define KRB_PRINC_NAME(princ) ((princ)->name.name_string.val)
#define KRB_PRINC_REALM(princ) ((princ)->realm)
+
+#define KRB_KT_ENT_KEYBLOCK(e) (&(e)->keyblock)
+#define KRB_KT_ENT_FREE(c, e) krb5_kt_free_entry((c), (e))
+
#define KRB_CRYPTO_CONTEXT(ctx) (krbCrypto)
+
#else
+
+#define KRB_TIME_FOREVER KRB5_INT32_MAX
+
+#define KRB_KEY_TYPE(key) ((key)->enctype)
+#define KRB_KEY_DATA(key) ((key)->contents)
+#define KRB_KEY_LENGTH(key) ((key)->length)
+
#define KRB_PRINC_LENGTH(princ) (krb5_princ_size(NULL, (princ)))
#define KRB_PRINC_TYPE(princ) (krb5_princ_type(NULL, (princ)))
#define KRB_PRINC_NAME(princ) (krb5_princ_name(NULL, (princ)))
#define KRB_PRINC_REALM(princ) (krb5_princ_realm(NULL, (princ)))
+
+#define KRB_KT_ENT_KEYBLOCK(e) (&(e)->key)
+#define KRB_KT_ENT_FREE(c, e) krb5_free_keytab_entry_contents((c), (e))
+
#define KRB_CRYPTO_CONTEXT(ctx) (&(ctx)->rfc3961Key)
+
#endif /* HAVE_HEIMDAL_VERSION */
+#define KRB_KEY_INIT(key) do { \
+ KRB_KEY_TYPE(key) = ENCTYPE_NULL; \
+ KRB_KEY_DATA(key) = NULL; \
+ KRB_KEY_LENGTH(key) = 0; \
+ } while (0)
+
#ifdef HAVE_HEIMDAL_VERSION
#define GSS_IOV_BUFFER_FLAG_ALLOCATE GSS_IOV_BUFFER_TYPE_FLAG_ALLOCATE
#define GSS_IOV_BUFFER_FLAG_ALLOCATED GSS_IOV_BUFFER_TYPE_FLAG_ALLOCATED
krb5_error_code code;
krb5_keytab keytab = NULL;
krb5_keytab_entry ktent = { 0 };
-#ifdef HAVE_HEIMDAL_VERSION
- krb5_kt_cursor cursor = { 0 };
-#else
- krb5_kt_cursor cursor = NULL;
-#endif
+ krb5_kt_cursor cursor;
*princ = NULL;
memset(key, 0, sizeof(*key));
+ memset(&cursor, 0, sizeof(cursor));
code = krb5_kt_default(krbContext, &keytab);
if (code != 0)
while ((code = krb5_kt_next_entry(krbContext, keytab,
&ktent, &cursor)) == 0) {
-#ifdef HAVE_HEIMDAL_VERSION
- if (ktent.keyblock.keytype == ctx->encryptionType)
+ if (KRB_KEY_TYPE(KRB_KT_ENT_KEYBLOCK(&ktent)) == ctx->encryptionType)
break;
else
- krb5_kt_free_entry(krbContext, &ktent);
-#else
- if (ktent.key.enctype == ctx->encryptionType)
- break;
- else
- krb5_free_keytab_entry_contents(krbContext, &ktent);
-#endif
+ KRB_KT_ENT_FREE(krbContext, &ktent);
}
}
if (code == 0) {
*princ = ktent.principal;
-#ifdef HAVE_HEIMDAL_VERSION
- *key = ktent.keyblock;
-#else
- *key = ktent.key;
-#endif
+ *key = *KRB_KT_ENT_KEYBLOCK(&ktent);
}
cleanup:
if (cred == GSS_C_NO_CREDENTIAL || cred->name == GSS_C_NO_NAME)
krb5_kt_end_seq_get(krbContext, keytab, &cursor);
krb5_kt_close(krbContext, keytab);
-
if (code != 0)
-#ifdef HAVE_HEIMDAL_VERSION
- krb5_kt_free_entry(krbContext, &ktent);
-#else
- krb5_free_keytab_entry_contents(krbContext, &ktent);
-#endif
+ KRB_KT_ENT_FREE(krbContext, &ktent);
return code;
}
{
OM_uint32 major, tmpMinor;
krb5_error_code code;
+ krb5_context krbContext;
gss_buffer_desc attrBuf = GSS_C_EMPTY_BUFFER;
#ifdef HAVE_HEIMDAL_VERSION
- AuthorizationData authDataBuf, *authData = &authDataBuf;
+ krb5_authdata authDataBuf, *authData = &authDataBuf;
AuthorizationDataElement authDatum = { 0 };
#else
krb5_authdata *authData[2], authDatum = { 0 };
#endif
- krb5_context krbContext;
GSSEAP_KRB_INIT(&krbContext);