aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorcaillon <caillon@517b70f8-ed25-0410-8bf6-f5db08f7b76e>2005-10-31 18:15:52 +0000
committercaillon <caillon@517b70f8-ed25-0410-8bf6-f5db08f7b76e>2005-10-31 18:15:52 +0000
commit63a0df578ddfee1a279c041f21a09ca4f8f5e89d (patch)
treec71de4ab8a287dcdd73ab56a4f90190ee10ea218 /src
parent95965c74229a08e163295c52b39abd9d748bb5db (diff)
2005-10-31 Christopher Aillon <caillon@redhat.com>
* src/krb5-auth-dialog.c: Fix test to determine whether we are using krb5 using new get_tgt_from_ccache () function from Nalin Dahyabhai <nalin@redhat.com> git-svn-id: http://svn.gnome.org/svn/krb5-auth-dialog/trunk@32 517b70f8-ed25-0410-8bf6-f5db08f7b76e
Diffstat (limited to 'src')
-rw-r--r--src/krb5-auth-dialog.c72
1 files changed, 54 insertions, 18 deletions
diff --git a/src/krb5-auth-dialog.c b/src/krb5-auth-dialog.c
index 5dfaa23..2bd2215 100644
--- a/src/krb5-auth-dialog.c
+++ b/src/krb5-auth-dialog.c
@@ -374,30 +374,66 @@ renew_credentials (void)
}
gboolean
-using_krb5()
+get_tgt_from_ccache (krb5_context context, krb5_creds *creds)
{
- const gchar *krb5ccname;
+ krb5_ccache ccache;
+ krb5_cc_cursor cursor;
+ krb5_creds mcreds;
+ krb5_principal principal, tgt_principal;
+ gboolean ret;
+
+ memset(&ccache, 0, sizeof(ccache));
+ ret = FALSE;
+ if (krb5_cc_default(context, &ccache) == 0)
+ {
+ memset(&principal, 0, sizeof(principal));
+ if (krb5_cc_get_principal(context, ccache, &principal) == 0)
+ {
+ memset(&tgt_principal, 0, sizeof(tgt_principal));
+ if (krb5_build_principal_ext(context, &tgt_principal,
+ principal->realm.length,
+ principal->realm.data,
+ KRB5_TGS_NAME_SIZE,
+ KRB5_TGS_NAME,
+ principal->realm.length,
+ principal->realm.data,
+ 0) == 0) {
+ memset(creds, 0, sizeof(*creds));
+ memset(&mcreds, 0, sizeof(mcreds));
+ mcreds.client = principal;
+ mcreds.server = tgt_principal;
+ if (krb5_cc_retrieve_cred(context, ccache,
+ 0,
+ &mcreds,
+ creds) == 0)
+ {
+ ret = TRUE;
+ } else {
+ memset(creds, 0, sizeof(*creds));
+ }
+ krb5_free_principal(context, tgt_principal);
+ }
+ krb5_free_principal(context, principal);
+ }
+ krb5_cc_close(context, ccache);
+ }
+ return ret;
+}
- gboolean success;
- int exit_status;
- GError *error;
+gboolean
+using_krb5()
+{
+ krb5_error_code err;
+ gboolean have_tgt = FALSE;
+ krb5_creds creds;
- /* See if we have a credential cache specified. */
- krb5ccname = g_getenv("KRB5CCNAME");
- if (krb5ccname != NULL)
+ err = krb5_init_context(&kcontext);
+ if (err)
return TRUE;
- /* Nope, let's see if we have any prior tickets. */
- success = g_spawn_command_line_sync("klist -s",
- NULL, NULL,
- &exit_status,
- &error);
-
- if (success == TRUE && error == NULL &&
- WIFEXITED(exit_status) && WEXITSTATUS(exit_status) == 0)
- return TRUE;
+ have_tgt = get_tgt_from_ccache(kcontext, &creds);
- return FALSE;
+ return have_tgt;
}
int