1 /* $NetBSD: kcm.c,v 1.1.1.2 2014/04/24 12:45:50 pettai Exp $ */
4 * Copyright (c) 2005, PADL Software Pty Ltd.
7 * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
20 * 3. Neither the name of PADL Software nor the names of its contributors
21 * may be used to endorse or promote products derived from this software
22 * without specific prior written permission.
24 * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND
25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27 * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE
28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 #include "krb5_locl.h"
41 * Client library for Kerberos Credentials Manager (KCM) daemon
47 static krb5_error_code
48 kcm_set_kdc_offset(krb5_context
, krb5_ccache
, krb5_deltat
);
50 static const char *kcm_ipc_name
= "ANY:org.h5l.kcm";
52 typedef struct krb5_kcmcache
{
56 typedef struct krb5_kcm_cursor
{
63 #define KCMCACHE(X) ((krb5_kcmcache *)(X)->data.data)
64 #define CACHENAME(X) (KCMCACHE(X)->name)
65 #define KCMCURSOR(C) ((krb5_kcm_cursor)(C))
67 static HEIMDAL_MUTEX kcm_mutex
= HEIMDAL_MUTEX_INITIALIZER
;
68 static heim_ipc kcm_ipc
= NULL
;
70 static krb5_error_code
71 kcm_send_request(krb5_context context
,
72 krb5_storage
*request
,
73 krb5_data
*response_data
)
75 krb5_error_code ret
= 0;
76 krb5_data request_data
;
78 HEIMDAL_MUTEX_lock(&kcm_mutex
);
80 ret
= heim_ipc_init_context(kcm_ipc_name
, &kcm_ipc
);
81 HEIMDAL_MUTEX_unlock(&kcm_mutex
);
83 return KRB5_CC_NOSUPP
;
85 ret
= krb5_storage_to_data(request
, &request_data
);
87 krb5_clear_error_message(context
);
91 ret
= heim_ipc_call(kcm_ipc
, &request_data
, response_data
, NULL
);
92 krb5_data_free(&request_data
);
95 krb5_clear_error_message(context
);
102 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
103 krb5_kcm_storage_request(krb5_context context
,
105 krb5_storage
**storage_p
)
112 sp
= krb5_storage_emem();
114 krb5_set_error_message(context
, KRB5_CC_NOMEM
, N_("malloc: out of memory", ""));
115 return KRB5_CC_NOMEM
;
118 /* Send MAJOR | VERSION | OPCODE */
119 ret
= krb5_store_int8(sp
, KCM_PROTOCOL_VERSION_MAJOR
);
122 ret
= krb5_store_int8(sp
, KCM_PROTOCOL_VERSION_MINOR
);
125 ret
= krb5_store_int16(sp
, opcode
);
132 krb5_set_error_message(context
, ret
,
133 N_("Failed to encode KCM request", ""));
134 krb5_storage_free(sp
);
140 static krb5_error_code
141 kcm_alloc(krb5_context context
, const char *name
, krb5_ccache
*id
)
145 k
= malloc(sizeof(*k
));
147 krb5_set_error_message(context
, KRB5_CC_NOMEM
,
148 N_("malloc: out of memory", ""));
149 return KRB5_CC_NOMEM
;
153 k
->name
= strdup(name
);
154 if (k
->name
== NULL
) {
156 krb5_set_error_message(context
, KRB5_CC_NOMEM
,
157 N_("malloc: out of memory", ""));
158 return KRB5_CC_NOMEM
;
163 (*id
)->data
.data
= k
;
164 (*id
)->data
.length
= sizeof(*k
);
169 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
170 krb5_kcm_call(krb5_context context
,
171 krb5_storage
*request
,
172 krb5_storage
**response_p
,
173 krb5_data
*response_data_p
)
175 krb5_data response_data
;
178 krb5_storage
*response
;
180 if (response_p
!= NULL
)
183 krb5_data_zero(&response_data
);
185 ret
= kcm_send_request(context
, request
, &response_data
);
189 response
= krb5_storage_from_data(&response_data
);
190 if (response
== NULL
) {
191 krb5_data_free(&response_data
);
195 ret
= krb5_ret_int32(response
, &status
);
197 krb5_storage_free(response
);
198 krb5_data_free(&response_data
);
199 return KRB5_CC_FORMAT
;
203 krb5_storage_free(response
);
204 krb5_data_free(&response_data
);
208 if (response_p
!= NULL
) {
209 *response_data_p
= response_data
;
210 *response_p
= response
;
215 krb5_storage_free(response
);
216 krb5_data_free(&response_data
);
222 kcm_free(krb5_context context
, krb5_ccache
*id
)
224 krb5_kcmcache
*k
= KCMCACHE(*id
);
229 memset(k
, 0, sizeof(*k
));
230 krb5_data_free(&(*id
)->data
);
235 kcm_get_name(krb5_context context
,
238 return CACHENAME(id
);
241 static krb5_error_code
242 kcm_resolve(krb5_context context
, krb5_ccache
*id
, const char *res
)
244 return kcm_alloc(context
, res
, id
);
253 static krb5_error_code
254 kcm_gen_new(krb5_context context
, krb5_ccache
*id
)
258 krb5_storage
*request
, *response
;
259 krb5_data response_data
;
261 ret
= kcm_alloc(context
, NULL
, id
);
267 ret
= krb5_kcm_storage_request(context
, KCM_OP_GEN_NEW
, &request
);
269 kcm_free(context
, id
);
273 ret
= krb5_kcm_call(context
, request
, &response
, &response_data
);
275 krb5_storage_free(request
);
276 kcm_free(context
, id
);
280 ret
= krb5_ret_stringz(response
, &k
->name
);
284 krb5_storage_free(request
);
285 krb5_storage_free(response
);
286 krb5_data_free(&response_data
);
289 kcm_free(context
, id
);
302 static krb5_error_code
303 kcm_initialize(krb5_context context
,
305 krb5_principal primary_principal
)
308 krb5_kcmcache
*k
= KCMCACHE(id
);
309 krb5_storage
*request
;
311 ret
= krb5_kcm_storage_request(context
, KCM_OP_INITIALIZE
, &request
);
315 ret
= krb5_store_stringz(request
, k
->name
);
317 krb5_storage_free(request
);
321 ret
= krb5_store_principal(request
, primary_principal
);
323 krb5_storage_free(request
);
327 ret
= krb5_kcm_call(context
, request
, NULL
, NULL
);
329 krb5_storage_free(request
);
331 if (context
->kdc_sec_offset
)
332 kcm_set_kdc_offset(context
, id
, context
->kdc_sec_offset
);
337 static krb5_error_code
338 kcm_close(krb5_context context
,
341 kcm_free(context
, &id
);
352 static krb5_error_code
353 kcm_destroy(krb5_context context
,
357 krb5_kcmcache
*k
= KCMCACHE(id
);
358 krb5_storage
*request
;
360 ret
= krb5_kcm_storage_request(context
, KCM_OP_DESTROY
, &request
);
364 ret
= krb5_store_stringz(request
, k
->name
);
366 krb5_storage_free(request
);
370 ret
= krb5_kcm_call(context
, request
, NULL
, NULL
);
372 krb5_storage_free(request
);
384 static krb5_error_code
385 kcm_store_cred(krb5_context context
,
390 krb5_kcmcache
*k
= KCMCACHE(id
);
391 krb5_storage
*request
;
393 ret
= krb5_kcm_storage_request(context
, KCM_OP_STORE
, &request
);
397 ret
= krb5_store_stringz(request
, k
->name
);
399 krb5_storage_free(request
);
403 ret
= krb5_store_creds(request
, creds
);
405 krb5_storage_free(request
);
409 ret
= krb5_kcm_call(context
, request
, NULL
, NULL
);
411 krb5_storage_free(request
);
426 static krb5_error_code
427 kcm_retrieve(krb5_context context
,
430 const krb5_creds
*mcred
,
434 krb5_kcmcache
*k
= KCMCACHE(id
);
435 krb5_storage
*request
, *response
;
436 krb5_data response_data
;
438 ret
= krb5_kcm_storage_request(context
, KCM_OP_RETRIEVE
, &request
);
442 ret
= krb5_store_stringz(request
, k
->name
);
444 krb5_storage_free(request
);
448 ret
= krb5_store_int32(request
, which
);
450 krb5_storage_free(request
);
454 ret
= krb5_store_creds_tag(request
, rk_UNCONST(mcred
));
456 krb5_storage_free(request
);
460 ret
= krb5_kcm_call(context
, request
, &response
, &response_data
);
462 krb5_storage_free(request
);
466 ret
= krb5_ret_creds(response
, creds
);
470 krb5_storage_free(request
);
471 krb5_storage_free(response
);
472 krb5_data_free(&response_data
);
485 static krb5_error_code
486 kcm_get_principal(krb5_context context
,
488 krb5_principal
*principal
)
491 krb5_kcmcache
*k
= KCMCACHE(id
);
492 krb5_storage
*request
, *response
;
493 krb5_data response_data
;
495 ret
= krb5_kcm_storage_request(context
, KCM_OP_GET_PRINCIPAL
, &request
);
499 ret
= krb5_store_stringz(request
, k
->name
);
501 krb5_storage_free(request
);
505 ret
= krb5_kcm_call(context
, request
, &response
, &response_data
);
507 krb5_storage_free(request
);
511 ret
= krb5_ret_principal(response
, principal
);
515 krb5_storage_free(request
);
516 krb5_storage_free(response
);
517 krb5_data_free(&response_data
);
530 static krb5_error_code
531 kcm_get_first (krb5_context context
,
533 krb5_cc_cursor
*cursor
)
537 krb5_kcmcache
*k
= KCMCACHE(id
);
538 krb5_storage
*request
, *response
;
539 krb5_data response_data
;
541 ret
= krb5_kcm_storage_request(context
, KCM_OP_GET_CRED_UUID_LIST
, &request
);
545 ret
= krb5_store_stringz(request
, k
->name
);
547 krb5_storage_free(request
);
551 ret
= krb5_kcm_call(context
, request
, &response
, &response_data
);
552 krb5_storage_free(request
);
556 c
= calloc(1, sizeof(*c
));
559 krb5_set_error_message(context
, ret
,
560 N_("malloc: out of memory", ""));
569 sret
= krb5_storage_read(response
, &uuid
, sizeof(uuid
));
573 } else if (sret
!= sizeof(uuid
)) {
578 ptr
= realloc(c
->uuids
, sizeof(c
->uuids
[0]) * (c
->length
+ 1));
582 krb5_set_error_message(context
, ENOMEM
,
583 N_("malloc: out of memory", ""));
588 memcpy(&c
->uuids
[c
->length
], &uuid
, sizeof(uuid
));
592 krb5_storage_free(response
);
593 krb5_data_free(&response_data
);
614 static krb5_error_code
615 kcm_get_next (krb5_context context
,
617 krb5_cc_cursor
*cursor
,
621 krb5_kcmcache
*k
= KCMCACHE(id
);
622 krb5_kcm_cursor c
= KCMCURSOR(*cursor
);
623 krb5_storage
*request
, *response
;
624 krb5_data response_data
;
629 if (c
->offset
>= c
->length
)
632 ret
= krb5_kcm_storage_request(context
, KCM_OP_GET_CRED_BY_UUID
, &request
);
636 ret
= krb5_store_stringz(request
, k
->name
);
638 krb5_storage_free(request
);
642 sret
= krb5_storage_write(request
,
643 &c
->uuids
[c
->offset
],
644 sizeof(c
->uuids
[c
->offset
]));
646 if (sret
!= sizeof(c
->uuids
[c
->offset
])) {
647 krb5_storage_free(request
);
648 krb5_clear_error_message(context
);
652 ret
= krb5_kcm_call(context
, request
, &response
, &response_data
);
653 krb5_storage_free(request
);
654 if (ret
== KRB5_CC_END
) {
658 ret
= krb5_ret_creds(response
, creds
);
662 krb5_storage_free(response
);
663 krb5_data_free(&response_data
);
676 static krb5_error_code
677 kcm_end_get (krb5_context context
,
679 krb5_cc_cursor
*cursor
)
681 krb5_kcm_cursor c
= KCMCURSOR(*cursor
);
700 static krb5_error_code
701 kcm_remove_cred(krb5_context context
,
707 krb5_kcmcache
*k
= KCMCACHE(id
);
708 krb5_storage
*request
;
710 ret
= krb5_kcm_storage_request(context
, KCM_OP_REMOVE_CRED
, &request
);
714 ret
= krb5_store_stringz(request
, k
->name
);
716 krb5_storage_free(request
);
720 ret
= krb5_store_int32(request
, which
);
722 krb5_storage_free(request
);
726 ret
= krb5_store_creds_tag(request
, cred
);
728 krb5_storage_free(request
);
732 ret
= krb5_kcm_call(context
, request
, NULL
, NULL
);
734 krb5_storage_free(request
);
738 static krb5_error_code
739 kcm_set_flags(krb5_context context
,
744 krb5_kcmcache
*k
= KCMCACHE(id
);
745 krb5_storage
*request
;
747 ret
= krb5_kcm_storage_request(context
, KCM_OP_SET_FLAGS
, &request
);
751 ret
= krb5_store_stringz(request
, k
->name
);
753 krb5_storage_free(request
);
757 ret
= krb5_store_int32(request
, flags
);
759 krb5_storage_free(request
);
763 ret
= krb5_kcm_call(context
, request
, NULL
, NULL
);
765 krb5_storage_free(request
);
770 kcm_get_version(krb5_context context
,
778 * get back list of uuids
781 static krb5_error_code
782 kcm_get_cache_first(krb5_context context
, krb5_cc_cursor
*cursor
)
786 krb5_storage
*request
, *response
;
787 krb5_data response_data
;
791 c
= calloc(1, sizeof(*c
));
794 krb5_set_error_message(context
, ret
,
795 N_("malloc: out of memory", ""));
799 ret
= krb5_kcm_storage_request(context
, KCM_OP_GET_CACHE_UUID_LIST
, &request
);
803 ret
= krb5_kcm_call(context
, request
, &response
, &response_data
);
804 krb5_storage_free(request
);
813 sret
= krb5_storage_read(response
, &uuid
, sizeof(uuid
));
817 } else if (sret
!= sizeof(uuid
)) {
822 ptr
= realloc(c
->uuids
, sizeof(c
->uuids
[0]) * (c
->length
+ 1));
825 krb5_set_error_message(context
, ret
,
826 N_("malloc: out of memory", ""));
831 memcpy(&c
->uuids
[c
->length
], &uuid
, sizeof(uuid
));
835 krb5_storage_free(response
);
836 krb5_data_free(&response_data
);
853 static krb5_error_code
854 kcm_get_cache_next(krb5_context context
, krb5_cc_cursor cursor
, const krb5_cc_ops
*ops
, krb5_ccache
*id
)
857 krb5_kcm_cursor c
= KCMCURSOR(cursor
);
858 krb5_storage
*request
, *response
;
859 krb5_data response_data
;
867 if (c
->offset
>= c
->length
)
870 ret
= krb5_kcm_storage_request(context
, KCM_OP_GET_CACHE_BY_UUID
, &request
);
874 sret
= krb5_storage_write(request
,
875 &c
->uuids
[c
->offset
],
876 sizeof(c
->uuids
[c
->offset
]));
878 if (sret
!= sizeof(c
->uuids
[c
->offset
])) {
879 krb5_storage_free(request
);
880 krb5_clear_error_message(context
);
884 ret
= krb5_kcm_call(context
, request
, &response
, &response_data
);
885 krb5_storage_free(request
);
886 if (ret
== KRB5_CC_END
)
889 ret
= krb5_ret_stringz(response
, &name
);
890 krb5_storage_free(response
);
891 krb5_data_free(&response_data
);
894 ret
= _krb5_cc_allocate(context
, ops
, id
);
896 ret
= kcm_alloc(context
, name
, id
);
903 static krb5_error_code
904 kcm_get_cache_next_kcm(krb5_context context
, krb5_cc_cursor cursor
, krb5_ccache
*id
)
906 #ifndef KCM_IS_API_CACHE
907 return kcm_get_cache_next(context
, cursor
, &krb5_kcm_ops
, id
);
913 static krb5_error_code
914 kcm_get_cache_next_api(krb5_context context
, krb5_cc_cursor cursor
, krb5_ccache
*id
)
916 return kcm_get_cache_next(context
, cursor
, &krb5_akcm_ops
, id
);
920 static krb5_error_code
921 kcm_end_cache_get(krb5_context context
, krb5_cc_cursor cursor
)
923 krb5_kcm_cursor c
= KCMCURSOR(cursor
);
931 static krb5_error_code
932 kcm_move(krb5_context context
, krb5_ccache from
, krb5_ccache to
)
935 krb5_kcmcache
*oldk
= KCMCACHE(from
);
936 krb5_kcmcache
*newk
= KCMCACHE(to
);
937 krb5_storage
*request
;
939 ret
= krb5_kcm_storage_request(context
, KCM_OP_MOVE_CACHE
, &request
);
943 ret
= krb5_store_stringz(request
, oldk
->name
);
945 krb5_storage_free(request
);
949 ret
= krb5_store_stringz(request
, newk
->name
);
951 krb5_storage_free(request
);
954 ret
= krb5_kcm_call(context
, request
, NULL
, NULL
);
956 krb5_storage_free(request
);
960 static krb5_error_code
961 kcm_get_default_name(krb5_context context
, const krb5_cc_ops
*ops
,
962 const char *defstr
, char **str
)
965 krb5_storage
*request
, *response
;
966 krb5_data response_data
;
971 ret
= krb5_kcm_storage_request(context
, KCM_OP_GET_DEFAULT_CACHE
, &request
);
975 ret
= krb5_kcm_call(context
, request
, &response
, &response_data
);
976 krb5_storage_free(request
);
978 return _krb5_expand_default_cc_name(context
, defstr
, str
);
980 ret
= krb5_ret_stringz(response
, &name
);
981 krb5_storage_free(response
);
982 krb5_data_free(&response_data
);
986 asprintf(str
, "%s:%s", ops
->prefix
, name
);
994 static krb5_error_code
995 kcm_get_default_name_api(krb5_context context
, char **str
)
997 return kcm_get_default_name(context
, &krb5_akcm_ops
,
998 KRB5_DEFAULT_CCNAME_KCM_API
, str
);
1001 static krb5_error_code
1002 kcm_get_default_name_kcm(krb5_context context
, char **str
)
1004 return kcm_get_default_name(context
, &krb5_kcm_ops
,
1005 KRB5_DEFAULT_CCNAME_KCM_KCM
, str
);
1008 static krb5_error_code
1009 kcm_set_default(krb5_context context
, krb5_ccache id
)
1011 krb5_error_code ret
;
1012 krb5_storage
*request
;
1013 krb5_kcmcache
*k
= KCMCACHE(id
);
1015 ret
= krb5_kcm_storage_request(context
, KCM_OP_SET_DEFAULT_CACHE
, &request
);
1019 ret
= krb5_store_stringz(request
, k
->name
);
1021 krb5_storage_free(request
);
1025 ret
= krb5_kcm_call(context
, request
, NULL
, NULL
);
1026 krb5_storage_free(request
);
1031 static krb5_error_code
1032 kcm_lastchange(krb5_context context
, krb5_ccache id
, krb5_timestamp
*mtime
)
1034 *mtime
= time(NULL
);
1038 static krb5_error_code
1039 kcm_set_kdc_offset(krb5_context context
, krb5_ccache id
, krb5_deltat kdc_offset
)
1041 krb5_kcmcache
*k
= KCMCACHE(id
);
1042 krb5_error_code ret
;
1043 krb5_storage
*request
;
1045 ret
= krb5_kcm_storage_request(context
, KCM_OP_SET_KDC_OFFSET
, &request
);
1049 ret
= krb5_store_stringz(request
, k
->name
);
1051 krb5_storage_free(request
);
1054 ret
= krb5_store_int32(request
, kdc_offset
);
1056 krb5_storage_free(request
);
1060 ret
= krb5_kcm_call(context
, request
, NULL
, NULL
);
1061 krb5_storage_free(request
);
1066 static krb5_error_code
1067 kcm_get_kdc_offset(krb5_context context
, krb5_ccache id
, krb5_deltat
*kdc_offset
)
1069 krb5_kcmcache
*k
= KCMCACHE(id
);
1070 krb5_error_code ret
;
1071 krb5_storage
*request
, *response
;
1072 krb5_data response_data
;
1075 ret
= krb5_kcm_storage_request(context
, KCM_OP_GET_KDC_OFFSET
, &request
);
1079 ret
= krb5_store_stringz(request
, k
->name
);
1081 krb5_storage_free(request
);
1085 ret
= krb5_kcm_call(context
, request
, &response
, &response_data
);
1086 krb5_storage_free(request
);
1090 ret
= krb5_ret_int32(response
, &offset
);
1091 krb5_storage_free(response
);
1092 krb5_data_free(&response_data
);
1096 *kdc_offset
= offset
;
1102 * Variable containing the KCM based credential cache implemention.
1104 * @ingroup krb5_ccache
1107 KRB5_LIB_VARIABLE
const krb5_cc_ops krb5_kcm_ops
= {
1108 KRB5_CC_OPS_VERSION
,
1117 NULL
/* kcm_retrieve */,
1125 kcm_get_cache_first
,
1126 kcm_get_cache_next_kcm
,
1129 kcm_get_default_name_kcm
,
1136 KRB5_LIB_VARIABLE
const krb5_cc_ops krb5_akcm_ops
= {
1137 KRB5_CC_OPS_VERSION
,
1146 NULL
/* kcm_retrieve */,
1154 kcm_get_cache_first
,
1155 kcm_get_cache_next_api
,
1158 kcm_get_default_name_api
,
1166 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
1167 _krb5_kcm_is_running(krb5_context context
)
1169 krb5_error_code ret
;
1170 krb5_ccache_data ccdata
;
1171 krb5_ccache id
= &ccdata
;
1172 krb5_boolean running
;
1174 ret
= kcm_alloc(context
, NULL
, &id
);
1178 running
= (_krb5_kcm_noop(context
, id
) == 0);
1180 kcm_free(context
, &id
);
1191 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1192 _krb5_kcm_noop(krb5_context context
,
1195 krb5_error_code ret
;
1196 krb5_storage
*request
;
1198 ret
= krb5_kcm_storage_request(context
, KCM_OP_NOOP
, &request
);
1202 ret
= krb5_kcm_call(context
, request
, NULL
, NULL
);
1204 krb5_storage_free(request
);
1212 * ServerPrincipalPresent
1213 * ServerPrincipal OPTIONAL
1219 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1220 _krb5_kcm_get_initial_ticket(krb5_context context
,
1222 krb5_principal server
,
1225 krb5_kcmcache
*k
= KCMCACHE(id
);
1226 krb5_error_code ret
;
1227 krb5_storage
*request
;
1229 ret
= krb5_kcm_storage_request(context
, KCM_OP_GET_INITIAL_TICKET
, &request
);
1233 ret
= krb5_store_stringz(request
, k
->name
);
1235 krb5_storage_free(request
);
1239 ret
= krb5_store_int8(request
, (server
== NULL
) ? 0 : 1);
1241 krb5_storage_free(request
);
1245 if (server
!= NULL
) {
1246 ret
= krb5_store_principal(request
, server
);
1248 krb5_storage_free(request
);
1253 ret
= krb5_store_keyblock(request
, *key
);
1255 krb5_storage_free(request
);
1259 ret
= krb5_kcm_call(context
, request
, NULL
, NULL
);
1261 krb5_storage_free(request
);
1276 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1277 _krb5_kcm_get_ticket(krb5_context context
,
1279 krb5_kdc_flags flags
,
1280 krb5_enctype enctype
,
1281 krb5_principal server
)
1283 krb5_error_code ret
;
1284 krb5_kcmcache
*k
= KCMCACHE(id
);
1285 krb5_storage
*request
;
1287 ret
= krb5_kcm_storage_request(context
, KCM_OP_GET_TICKET
, &request
);
1291 ret
= krb5_store_stringz(request
, k
->name
);
1293 krb5_storage_free(request
);
1297 ret
= krb5_store_int32(request
, flags
.i
);
1299 krb5_storage_free(request
);
1303 ret
= krb5_store_int32(request
, enctype
);
1305 krb5_storage_free(request
);
1309 ret
= krb5_store_principal(request
, server
);
1311 krb5_storage_free(request
);
1315 ret
= krb5_kcm_call(context
, request
, NULL
, NULL
);
1317 krb5_storage_free(request
);
1321 #endif /* HAVE_KCM */