From 63a0df578ddfee1a279c041f21a09ca4f8f5e89d Mon Sep 17 00:00:00 2001 From: caillon Date: Mon, 31 Oct 2005 18:15:52 +0000 Subject: [PATCH] 2005-10-31 Christopher Aillon * src/krb5-auth-dialog.c: Fix test to determine whether we are using krb5 using new get_tgt_from_ccache () function from Nalin Dahyabhai git-svn-id: http://svn.gnome.org/svn/krb5-auth-dialog/trunk@32 517b70f8-ed25-0410-8bf6-f5db08f7b76e --- ChangeLog | 6 ++++ src/krb5-auth-dialog.c | 72 +++++++++++++++++++++++++++++++----------- 2 files changed, 60 insertions(+), 18 deletions(-) diff --git a/ChangeLog b/ChangeLog index 74c19b5..85cbae7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2005-10-31 Christopher Aillon + + * src/krb5-auth-dialog.c: Fix test to determine whether we + are using krb5 using new get_tgt_from_ccache () function + from Nalin Dahyabhai + 2005-10-31 Christopher Aillon * src/krb5-auth-dialog.c: Set the application name. diff --git a/src/krb5-auth-dialog.c b/src/krb5-auth-dialog.c index 5dfaa23..2bd2215 100644 --- a/src/krb5-auth-dialog.c +++ b/src/krb5-auth-dialog.c @@ -374,30 +374,66 @@ renew_credentials (void) } gboolean -using_krb5() +get_tgt_from_ccache (krb5_context context, krb5_creds *creds) { - const gchar *krb5ccname; + krb5_ccache ccache; + krb5_cc_cursor cursor; + krb5_creds mcreds; + krb5_principal principal, tgt_principal; + gboolean ret; + + memset(&ccache, 0, sizeof(ccache)); + ret = FALSE; + if (krb5_cc_default(context, &ccache) == 0) + { + memset(&principal, 0, sizeof(principal)); + if (krb5_cc_get_principal(context, ccache, &principal) == 0) + { + memset(&tgt_principal, 0, sizeof(tgt_principal)); + if (krb5_build_principal_ext(context, &tgt_principal, + principal->realm.length, + principal->realm.data, + KRB5_TGS_NAME_SIZE, + KRB5_TGS_NAME, + principal->realm.length, + principal->realm.data, + 0) == 0) { + memset(creds, 0, sizeof(*creds)); + memset(&mcreds, 0, sizeof(mcreds)); + mcreds.client = principal; + mcreds.server = tgt_principal; + if (krb5_cc_retrieve_cred(context, ccache, + 0, + &mcreds, + creds) == 0) + { + ret = TRUE; + } else { + memset(creds, 0, sizeof(*creds)); + } + krb5_free_principal(context, tgt_principal); + } + krb5_free_principal(context, principal); + } + krb5_cc_close(context, ccache); + } + return ret; +} - gboolean success; - int exit_status; - GError *error; +gboolean +using_krb5() +{ + krb5_error_code err; + gboolean have_tgt = FALSE; + krb5_creds creds; - /* See if we have a credential cache specified. */ - krb5ccname = g_getenv("KRB5CCNAME"); - if (krb5ccname != NULL) + err = krb5_init_context(&kcontext); + if (err) return TRUE; - /* Nope, let's see if we have any prior tickets. */ - success = g_spawn_command_line_sync("klist -s", - NULL, NULL, - &exit_status, - &error); - - if (success == TRUE && error == NULL && - WIFEXITED(exit_status) && WEXITSTATUS(exit_status) == 0) - return TRUE; + have_tgt = get_tgt_from_ccache(kcontext, &creds); - return FALSE; + return have_tgt; } int -- 2.34.1