This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
#include "auth/credentials/credentials.h"
#include "auth/credentials/credentials_krb5.h"
#include "libcli/auth/libcli_auth.h"
+#include "lib/events/events.h"
+#include "param/param.h"
/**
* Create a new credentials structure
cred->keytab_obtained = CRED_UNINITIALISED;
cred->principal_obtained = CRED_UNINITIALISED;
+ cred->ccache_threshold = CRED_UNINITIALISED;
+ cred->client_gss_creds_threshold = CRED_UNINITIALISED;
+
cred->old_password = NULL;
cred->smb_krb5_context = NULL;
cred->salt_principal = NULL;
cred->tries = 3;
cred->callback_running = False;
+ cred->ev = NULL;
cli_credentials_set_kerberos_state(cred, CRED_AUTO_USE_KERBEROS);
cli_credentials_set_gensec_features(cred, 0);
struct cli_credentials *anon_credentials;
anon_credentials = cli_credentials_init(mem_ctx);
- cli_credentials_set_conf(anon_credentials);
+ cli_credentials_set_conf(anon_credentials, global_loadparm);
cli_credentials_set_anonymous(anon_credentials);
return anon_credentials;
cred->username = cred->username_cb(cred);
cred->callback_running = False;
cred->username_obtained = CRED_SPECIFIED;
+ cli_credentials_invalidate_ccache(cred, cred->username_obtained);
}
return cred->username;
if (obtained >= cred->username_obtained) {
cred->username = talloc_strdup(cred, val);
cred->username_obtained = obtained;
+ cli_credentials_invalidate_ccache(cred, cred->username_obtained);
return True;
}
cred->principal = cred->principal_cb(cred);
cred->callback_running = False;
cred->principal_obtained = CRED_SPECIFIED;
+ cli_credentials_invalidate_ccache(cred, cred->principal_obtained);
}
if (cred->principal_obtained < cred->username_obtained) {
if (obtained >= cred->principal_obtained) {
cred->principal = talloc_strdup(cred, val);
cred->principal_obtained = obtained;
+ cli_credentials_invalidate_ccache(cred, cred->principal_obtained);
return True;
}
cred->password = cred->password_cb(cred);
cred->callback_running = False;
cred->password_obtained = CRED_CALLBACK_RESULT;
+ cli_credentials_invalidate_ccache(cred, cred->password_obtained);
}
return cred->password;
if (obtained >= cred->password_obtained) {
cred->password = talloc_strdup(cred, val);
cred->password_obtained = obtained;
+ cli_credentials_invalidate_ccache(cred, cred->password_obtained);
cred->nt_hash = NULL;
return True;
if (cred->password_obtained < CRED_CALLBACK) {
cred->password_cb = password_cb;
cred->password_obtained = CRED_CALLBACK;
+ cli_credentials_invalidate_ccache(cred, cred->password_obtained);
return True;
}
cred->domain = cred->domain_cb(cred);
cred->callback_running = False;
cred->domain_obtained = CRED_SPECIFIED;
+ cli_credentials_invalidate_ccache(cred, cred->domain_obtained);
}
return cred->domain;
* calculations */
cred->domain = strupper_talloc(cred, val);
cred->domain_obtained = obtained;
+ cli_credentials_invalidate_ccache(cred, cred->domain_obtained);
return True;
}
cred->realm = cred->realm_cb(cred);
cred->callback_running = False;
cred->realm_obtained = CRED_SPECIFIED;
+ cli_credentials_invalidate_ccache(cred, cred->realm_obtained);
}
return cred->realm;
if (obtained >= cred->realm_obtained) {
cred->realm = strupper_talloc(cred, val);
cred->realm_obtained = obtained;
+ cli_credentials_invalidate_ccache(cred, cred->realm_obtained);
return True;
}
*
* @param cred Credentials structure to fill in
*/
-void cli_credentials_set_conf(struct cli_credentials *cred)
+void cli_credentials_set_conf(struct cli_credentials *cred,
+ struct loadparm_context *lp_ctx)
{
cli_credentials_set_username(cred, "", CRED_UNINITIALISED);
- cli_credentials_set_domain(cred, lp_workgroup(), CRED_UNINITIALISED);
- cli_credentials_set_workstation(cred, lp_netbios_name(), CRED_UNINITIALISED);
- cli_credentials_set_realm(cred, lp_realm(), CRED_UNINITIALISED);
+ cli_credentials_set_domain(cred, lp_workgroup(lp_ctx), CRED_UNINITIALISED);
+ cli_credentials_set_workstation(cred, lp_netbios_name(lp_ctx), CRED_UNINITIALISED);
+ cli_credentials_set_realm(cred, lp_realm(lp_ctx), CRED_UNINITIALISED);
}
/**
{
char *p;
- cli_credentials_set_conf(cred);
+ cli_credentials_set_conf(cred, global_loadparm);
if (getenv("LOGNAME")) {
cli_credentials_set_username(cred, getenv("LOGNAME"), CRED_GUESS_ENV);
}
}
- if (getenv("DOMAIN")) {
- cli_credentials_set_domain(cred, getenv("DOMAIN"), CRED_GUESS_ENV);
- }
-
if (getenv("PASSWD")) {
cli_credentials_set_password(cred, getenv("PASSWD"), CRED_GUESS_ENV);
}
if (getenv("PASSWD_FD")) {
- cli_credentials_parse_password_fd(cred, atoi(getenv("PASSWD_FD")), CRED_GUESS_FILE);
+ cli_credentials_parse_password_fd(cred, atoi(getenv("PASSWD_FD")),
+ CRED_GUESS_FILE);
}
p = getenv("PASSWD_FILE");
return (cred->tries > 0);
}
+
+/*
+ set the common event context for this set of credentials
+ */
+void cli_credentials_set_event_context(struct cli_credentials *cred, struct event_context *ev)
+{
+ cred->ev = ev;
+}
+
+/*
+ set the common event context for this set of credentials
+ */
+struct event_context *cli_credentials_get_event_context(struct cli_credentials *cred)
+{
+ if (cred->ev == NULL) {
+ cred->ev = event_context_find(cred);
+ }
+ return cred->ev;
+}