return princ_ncomp(principal, component);
}
-krb5_error_code
+enum realm_presence {
+ MAY,
+ MUSTNOT,
+ MUST
+};
+
+static krb5_error_code
parse_name(krb5_context context,
const char *name,
- krb5_boolean short_form,
+ enum realm_presence realm_presence,
krb5_principal *principal)
{
krb5_error_code ret;
*q++ = c;
}
if (got_realm) {
- if (short_form) {
+ if (realm_presence == MUSTNOT) {
krb5_set_error_string (context, "realm found in 'short' principal expected to be without one!");
ret = KRB5_PARSE_MALFORMED;
goto exit;
realm[q - start] = 0;
}
}else{
- if (short_form) {
+ if (realm_presence == MAY) {
ret = krb5_get_default_realm (context, &realm);
if (ret)
goto exit;
- } else {
+ } else if (realm_presence == MUSTNOT) {
realm = NULL;
+ } else if (realm_presence == MUST) {
+ krb5_set_error_string (context, "realm NOT found in principal expected to be with one!");
+ ret = KRB5_PARSE_MALFORMED;
+ goto exit;
}
comp[n] = malloc(q - start + 1);
const char *name,
krb5_principal *principal)
{
- return parse_name(context, name, FALSE, principal);
+ return parse_name(context, name, MAY, principal);
}
krb5_error_code KRB5_LIB_FUNCTION
const char *name,
krb5_principal *principal)
{
- return parse_name(context, name, TRUE, principal);
+ return parse_name(context, name, MUSTNOT, principal);
+}
+
+krb5_error_code KRB5_LIB_FUNCTION
+krb5_parse_name_mustrealm(krb5_context context,
+ const char *name,
+ krb5_principal *principal)
+{
+ return parse_name(context, name, MUST, principal);
}
static const char quotable_chars[] = " \n\t\b\\/@";
static const char replace_chars[] = " ntb\\/@";
krb5_keytab keytab,
krb5_flags *ap_req_options,
krb5_ticket **ticket,
- krb5_keyblock **keyblock)
+ krb5_keyblock **return_keyblock)
{
krb5_error_code ret;
krb5_ap_req ap_req;
+ krb5_keyblock *keyblock = NULL;
krb5_principal service = NULL;
- krb5_keyblock *local_keyblock;
+
+ if (return_keyblock)
+ *return_keyblock = NULL;
if (*auth_context == NULL) {
ret = krb5_auth_con_init(context, auth_context);
&ap_req,
server,
keytab,
- &local_keyblock);
+ &keyblock);
if(ret)
goto out;
} else {
ret = krb5_copy_keyblock(context,
(*auth_context)->keyblock,
- &local_keyblock);
+ &keyblock);
if (ret)
goto out;
}
auth_context,
&ap_req,
server,
- local_keyblock,
+ keyblock,
0,
ap_req_options,
ticket);
- if (ret) {
- krb5_free_keyblock(context, local_keyblock);
- } else {
- *keyblock = local_keyblock;
- }
+
+ if (ret == 0 && return_keyblock)
+ *return_keyblock = keyblock;
+ else
+ krb5_free_keyblock(context, keyblock);
out:
free_AP_REQ(&ap_req);
if(service)
krb5_free_principal(context, service);
-
return ret;
}
krb5_flags *ap_req_options,
krb5_ticket **ticket)
{
- krb5_error_code ret;
- krb5_keyblock *keyblock;
-
- ret = krb5_rd_req_return_keyblock(context,
- auth_context,
- inbuf,
- server,
- keytab,
- ap_req_options,
- ticket,
- &keyblock);
-
- krb5_free_keyblock(context, keyblock);
- return ret;
+ return krb5_rd_req_return_keyblock(context,
+ auth_context,
+ inbuf,
+ server,
+ keytab,
+ ap_req_options,
+ ticket,
+ NULL);
+
}
git.samba.org / jelmer / samba4-debian.git / commitdiff