mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
krb5samba: Add a smb_krb5_cc_get_lifetime() function.
Signed-off-by: Simo Sorce <idra@samba.org>
This commit is contained in:
parent
6bec64b12a
commit
4d77466daf
@ -2128,6 +2128,53 @@ krb5_error_code smb_krb5_make_principal(krb5_context context,
|
||||
}
|
||||
#endif
|
||||
|
||||
#if !defined(HAVE_KRB5_CC_GET_LIFETIME) && defined(HAVE_KRB5_CC_RETRIEVE_CRED)
|
||||
/**
|
||||
* @brief Get the lifetime of the initial ticket in the cache.
|
||||
*
|
||||
* @param[in] context The kerberos context.
|
||||
*
|
||||
* @param[in] id The credential cache to get the ticket lifetime.
|
||||
*
|
||||
* @param[out] t A pointer to a time value to store the lifetime.
|
||||
*
|
||||
* @return 0 on success, a krb5_error_code on error.
|
||||
*/
|
||||
krb5_error_code smb_krb5_cc_get_lifetime(krb5_context context,
|
||||
krb5_ccache id,
|
||||
time_t *t)
|
||||
{
|
||||
krb5_error_code rc;
|
||||
krb5_creds mcreds;
|
||||
krb5_creds creds;
|
||||
krb5_timestamp now;
|
||||
|
||||
ZERO_STRUCT(mcreds);
|
||||
|
||||
mcreds.ticket_flags = TKT_FLG_INITIAL;
|
||||
|
||||
rc = krb5_cc_retrieve_cred(context,
|
||||
id,
|
||||
KRB5_TC_MATCH_FLAGS,
|
||||
&mcreds,
|
||||
&creds);
|
||||
if (rc != 0) {
|
||||
return rc;
|
||||
}
|
||||
|
||||
rc = krb5_timeofday(context, &now);
|
||||
if (rc != 0) {
|
||||
return rc;
|
||||
}
|
||||
|
||||
*t = (time_t) (creds.times.endtime - now);
|
||||
|
||||
krb5_free_creds(context, &creds);
|
||||
|
||||
return 0;
|
||||
}
|
||||
#endif /* HAVE_KRB5_CC_GET_LIFETIME */
|
||||
|
||||
/*
|
||||
* smb_krb5_principal_get_realm
|
||||
*
|
||||
|
@ -240,6 +240,18 @@ krb5_error_code smb_krb5_make_principal(krb5_context context,
|
||||
#else
|
||||
#error krb5_make_principal not available
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_KRB5_CC_GET_LIFETIME)
|
||||
#define smb_krb5_cc_get_lifetime krb5_cc_get_lifetime
|
||||
#elif defined(HAVE_KRB5_CC_RETRIEVE_CRED)
|
||||
krb5_error_code smb_krb5_cc_get_lifetime(krb5_context context,
|
||||
krb5_ccache id,
|
||||
time_t *t);
|
||||
#else
|
||||
#error krb5_cc_get_lifetime not available
|
||||
#endif
|
||||
|
||||
|
||||
char *smb_krb5_principal_get_realm(krb5_context context,
|
||||
krb5_principal principal);
|
||||
|
||||
|
@ -3616,6 +3616,8 @@ if test x"$with_ads_support" != x"no"; then
|
||||
AC_CHECK_FUNC_EXT(krb5_free_host_realm, $KRB5_LIBS)
|
||||
AC_CHECK_FUNC_EXT(krb5_get_init_creds_keytab, $KRB5_LIBS)
|
||||
AC_CHECK_FUNC_EXT(krb5_build_principal_alloc_va, $KRB5_LIBS)
|
||||
AC_CHECK_FUNC_EXT(krb5_cc_get_lifetime, $KRB5_LIBS)
|
||||
AC_CHECK_FUNC_EXT(krb5_cc_retrieve_cred, $KRB5_LIBS)
|
||||
AC_CHECK_FUNC_EXT(gss_krb5_import_cred, $KRB5_LIBS)
|
||||
AC_CHECK_FUNC_EXT(gss_get_name_attribute, $KRB5_LIBS)
|
||||
AC_CHECK_FUNC_EXT(gsskrb5_extract_authz_data_from_sec_context, $KRB5_LIBS)
|
||||
|
@ -96,6 +96,7 @@ conf.define('HAVE_E_DATA_POINTER_IN_KRB5_ERROR', 1)
|
||||
conf.define('HAVE_INITIALIZE_KRB5_ERROR_TABLE', 1)
|
||||
conf.define('HAVE_KRB5_ADDRESSES', 1)
|
||||
conf.define('HAVE_KRB5_AUTH_CON_SETKEY', 1)
|
||||
conf.define('HAVE_KRB5_CC_GET_LIFETIME', 1)
|
||||
conf.define('HAVE_KRB5_CRYPTO', 1)
|
||||
conf.define('HAVE_KRB5_CRYPTO_DESTROY', 1)
|
||||
conf.define('HAVE_KRB5_CRYPTO_INIT', 1)
|
||||
|
@ -59,7 +59,8 @@ conf.CHECK_FUNCS('''
|
||||
krb5_get_creds_opt_alloc krb5_get_creds_opt_set_impersonate krb5_get_creds
|
||||
krb5_get_credentials_for_user krb5_get_host_realm krb5_free_host_realm
|
||||
krb5_get_init_creds_keyblock krb5_get_init_creds_keytab
|
||||
krb5_make_principal krb5_build_principal_alloc_va''',
|
||||
krb5_make_principal krb5_build_principal_alloc_va
|
||||
krb5_cc_get_lifetime krb5_cc_retrieve_cred''',
|
||||
lib='krb5 k5crypto')
|
||||
conf.CHECK_DECLS('''krb5_get_credentials_for_user
|
||||
krb5_auth_con_set_req_cksumtype''',
|
||||
|
Loading…
Reference in New Issue
Block a user