Skip to content

Commit 221b553

Browse files
frozencemeteryfrozencemetery
committed
Separate cred and ccache manipulation in gpp_store_remote_creds()
Signed-off-by: Robbie Harwood <[email protected]> Reviewed-by: Simo Sorce <[email protected]>
1 parent 8f30647 commit 221b553

File tree

1 file changed

+39
-23
lines changed

1 file changed

+39
-23
lines changed

src/mechglue/gpp_creds.c

Lines changed: 39 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -136,6 +136,40 @@ bool gpp_creds_are_equal(gssx_cred *a, gssx_cred *b)
136136
return true;
137137
}
138138

139+
static krb5_error_code gpp_construct_cred(gssx_cred *creds, krb5_context ctx,
140+
krb5_creds *cred, char *cred_name)
141+
{
142+
XDR xdrctx;
143+
bool xdrok;
144+
krb5_error_code ret = 0;
145+
146+
memset(cred, 0, sizeof(*cred));
147+
148+
memcpy(cred_name, creds->desired_name.display_name.octet_string_val,
149+
creds->desired_name.display_name.octet_string_len);
150+
cred_name[creds->desired_name.display_name.octet_string_len] = '\0';
151+
152+
ret = krb5_parse_name(ctx, cred_name, &cred->client);
153+
if (ret) {
154+
return ret;
155+
}
156+
157+
ret = krb5_parse_name(ctx, GPKRB_SRV_NAME, &cred->server);
158+
if (ret) {
159+
return ret;
160+
}
161+
162+
cred->ticket.data = malloc(GPKRB_MAX_CRED_SIZE);
163+
xdrmem_create(&xdrctx, cred->ticket.data, GPKRB_MAX_CRED_SIZE,
164+
XDR_ENCODE);
165+
xdrok = xdr_gssx_cred(&xdrctx, creds);
166+
if (!xdrok) {
167+
return ENOSPC;
168+
}
169+
cred->ticket.length = xdr_getpos(&xdrctx);
170+
return 0;
171+
}
172+
139173
uint32_t gpp_store_remote_creds(uint32_t *min, bool default_creds,
140174
gss_const_key_value_set_t cred_store,
141175
gssx_cred *creds)
@@ -145,17 +179,18 @@ uint32_t gpp_store_remote_creds(uint32_t *min, bool default_creds,
145179
krb5_creds cred;
146180
krb5_error_code ret;
147181
char cred_name[creds->desired_name.display_name.octet_string_len + 1];
148-
XDR xdrctx;
149-
bool xdrok;
150182
const char *cc_type;
151183

152184
*min = 0;
153185

154-
memset(&cred, 0, sizeof(cred));
155-
156186
ret = krb5_init_context(&ctx);
157187
if (ret) goto done;
158188

189+
ret = gpp_construct_cred(creds, ctx, &cred, cred_name);
190+
if (ret) {
191+
goto done;
192+
}
193+
159194
if (cred_store) {
160195
for (unsigned i = 0; i < cred_store->count; i++) {
161196
if (strcmp(cred_store->elements[i].key, "ccache") == 0) {
@@ -175,25 +210,6 @@ uint32_t gpp_store_remote_creds(uint32_t *min, bool default_creds,
175210
if (ret) goto done;
176211
}
177212

178-
memcpy(cred_name, creds->desired_name.display_name.octet_string_val,
179-
creds->desired_name.display_name.octet_string_len);
180-
cred_name[creds->desired_name.display_name.octet_string_len] = '\0';
181-
182-
ret = krb5_parse_name(ctx, cred_name, &cred.client);
183-
if (ret) goto done;
184-
185-
ret = krb5_parse_name(ctx, GPKRB_SRV_NAME, &cred.server);
186-
if (ret) goto done;
187-
188-
cred.ticket.data = malloc(GPKRB_MAX_CRED_SIZE);
189-
xdrmem_create(&xdrctx, cred.ticket.data, GPKRB_MAX_CRED_SIZE, XDR_ENCODE);
190-
xdrok = xdr_gssx_cred(&xdrctx, creds);
191-
if (!xdrok) {
192-
ret = ENOSPC;
193-
goto done;
194-
}
195-
cred.ticket.length = xdr_getpos(&xdrctx);
196-
197213
cc_type = krb5_cc_get_type(ctx, ccache);
198214
if (strcmp(cc_type, "FILE") == 0) {
199215
/* FILE ccaches don't handle updates properly: if they have the same

0 commit comments

Comments
 (0)