本文整理汇总了C++中rk_UNCONST函数的典型用法代码示例。如果您正苦于以下问题:C++ rk_UNCONST函数的具体用法?C++ rk_UNCONST怎么用?C++ rk_UNCONST使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了rk_UNCONST函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: rk_UNCONST
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "spnego_locl.h"
/*
* Apparently Microsoft got the OID wrong, and used
* 1.2.840.48018.1.2.2 instead. We need both this and
* the correct Kerberos OID here in order to deal with
* this. Because this is manifest in SPNEGO only I'd
* prefer to deal with this here rather than inside the
* Kerberos mechanism.
*/
gss_OID_desc _gss_spnego_mskrb_mechanism_oid_desc =
{9, rk_UNCONST("\x2a\x86\x48\x82\xf7\x12\x01\x02\x02")};
gss_OID_desc _gss_spnego_krb5_mechanism_oid_desc =
{9, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02")};
/*
* Allocate a SPNEGO context handle
*/
OM_uint32 GSSAPI_CALLCONV
_gss_spnego_alloc_sec_context (OM_uint32 * minor_status,
gss_ctx_id_t *context_handle)
{
gssspnego_ctx ctx;
ctx = calloc(1, sizeof(*ctx));
if (ctx == NULL) {示例2: parse_rsa_private_key
//.........这里部分代码省略.........
}
iv = strchr(type, ',');
if (iv == NULL) {
free(type);
hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED,
"IV missing");
return HX509_PARSING_KEY_FAILED;
}
*iv++ = '\0';
size = strlen(iv);
ivdata = malloc(size);
if (ivdata == NULL) {
hx509_clear_error_string(context);
free(type);
return ENOMEM;
}
cipher = EVP_get_cipherbyname(type);
if (cipher == NULL) {
free(ivdata);
hx509_set_error_string(context, 0, HX509_ALG_NOT_SUPP,
"RSA key encrypted with "
"unsupported cipher: %s",
type);
free(type);
return HX509_ALG_NOT_SUPP;
}
#define PKCS5_SALT_LEN 8
ssize = hex_decode(iv, ivdata, size);
free(type);
type = NULL;
iv = NULL;
if (ssize < 0 || ssize < PKCS5_SALT_LEN || ssize < EVP_CIPHER_iv_length(cipher)) {
free(ivdata);
hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED,
"Salt have wrong length in RSA key file");
return HX509_PARSING_KEY_FAILED;
}
pw = _hx509_lock_get_passwords(lock);
if (pw != NULL) {
const void *password;
size_t passwordlen;
for (i = 0; i < pw->len; i++) {
password = pw->val[i];
passwordlen = strlen(password);
ret = try_decrypt(context, c, hx509_signature_rsa(),
cipher, ivdata, password, passwordlen,
data, len);
if (ret == 0) {
decrypted = 1;
break;
}
}
}
if (!decrypted) {
hx509_prompt prompt;
char password[128];
memset(&prompt, 0, sizeof(prompt));
prompt.prompt = "Password for keyfile: ";
prompt.type = HX509_PROMPT_TYPE_PASSWORD;
prompt.reply.data = password;
prompt.reply.length = sizeof(password);
ret = hx509_lock_prompt(lock, &prompt);
if (ret == 0)
ret = try_decrypt(context, c, hx509_signature_rsa(),
cipher, ivdata, password, strlen(password),
data, len);
/* XXX add password to lock password collection ? */
memset(password, 0, sizeof(password));
}
free(ivdata);
} else {
heim_octet_string keydata;
keydata.data = rk_UNCONST(data);
keydata.length = len;
ret = _hx509_collector_private_key_add(context,
c,
hx509_signature_rsa(),
NULL,
&keydata,
NULL);
}
return ret;
}示例3: rk_UNCONST
* SUCH DAMAGE.
*/
#include "hprop.h"
static int inetd_flag = -1;
static int help_flag;
static int version_flag;
static int print_dump;
static const char *database;
static int from_stdin;
static char *local_realm;
static char *ktname = NULL;
struct getargs args[] = {
{ "database", 'd', arg_string, rk_UNCONST(&database), "database", "file" },
{ "stdin", 'n', arg_flag, &from_stdin, "read from stdin", NULL },
{ "print", 0, arg_flag, &print_dump, "print dump to stdout", NULL },
#ifdef SUPPORT_INETD
{ "inetd", 'i', arg_negative_flag, &inetd_flag,
"Not started from inetd", NULL },
#endif
{ "keytab", 'k', arg_string, &ktname, "keytab to use for authentication", "keytab" },
{ "realm", 'r', arg_string, &local_realm, "realm to use", NULL },
{ "version", 0, arg_flag, &version_flag, NULL, NULL },
{ "help", 'h', arg_flag, &help_flag, NULL, NULL}
};
static int num_args = sizeof(args) / sizeof(args[0]);
static char unparseable_name[] = "unparseable name";
示例4: load_plugins
static krb5_error_code
load_plugins(krb5_context context)
{
struct plugin *e;
krb5_error_code ret;
char **dirs = NULL, **di;
struct dirent *entry;
char *path;
DIR *d = NULL;
if (!plugins_needs_scan)
return 0;
plugins_needs_scan = 0;
#ifdef HAVE_DLOPEN
dirs = krb5_config_get_strings(context, NULL, "libdefaults",
"plugin_dir", NULL);
if (dirs == NULL)
dirs = rk_UNCONST(sysplugin_dirs);
for (di = dirs; *di != NULL; di++) {
char * dir = *di;
#ifdef KRB5_USE_PATH_TOKENS
if (_krb5_expand_path_tokens(context, *di, &dir))
goto next_dir;
#endif
trim_trailing_slash(dir);
d = opendir(dir);
if (d == NULL)
goto next_dir;
rk_cloexec_dir(d);
while ((entry = readdir(d)) != NULL) {
char *n = entry->d_name;
/* skip . and .. */
if (!is_valid_plugin_filename(n))
continue;
path = NULL;
ret = 0;
#ifdef __APPLE__
{ /* support loading bundles on MacOS */
size_t len = strlen(n);
if (len > 7 && strcmp(&n[len - 7], ".bundle") == 0)
ret = asprintf(&path, "%s/%s/Contents/MacOS/%.*s", dir, n, (int)(len - 7), n);
}
#endif
if (ret < 0 || path == NULL)
ret = asprintf(&path, "%s/%s", dir, n);
if (ret < 0 || path == NULL) {
ret = ENOMEM;
krb5_set_error_message(context, ret, "malloc: out of memory");
return ret;
}
/* check if already tried */
for (e = registered; e != NULL; e = e->next)
if (e->type == DSO && strcmp(e->u.dso.path, path) == 0)
break;
if (e) {
free(path);
} else {
loadlib(context, path); /* store or frees path */
}
}
closedir(d);
next_dir:
if (dir != *di)
free(dir);
}
if (dirs != rk_UNCONST(sysplugin_dirs))
krb5_config_free_strings(dirs);
#endif /* HAVE_DLOPEN */
return 0;
}示例5: ltm_rsa_public_decrypt
static int
ltm_rsa_public_decrypt(int flen, const unsigned char* from,
unsigned char* to, RSA* rsa, int padding)
{
unsigned char *p;
int res;
size_t size;
mp_int s, us, n, e;
if (padding != RSA_PKCS1_PADDING)
return -1;
if (flen > RSA_size(rsa))
return -2;
mp_init_multi(&e, &n, &s, &us, NULL);
BN2mpz(&n, rsa->n);
BN2mpz(&e, rsa->e);
#if 0
/* Check that the exponent is larger then 3 */
if (mp_int_compare_value(&e, 3) <= 0) {
mp_clear_multi(&e, &n, &s, &us, NULL);
return -3;
}
#endif
mp_read_unsigned_bin(&s, rk_UNCONST(from), flen);
if (mp_cmp(&s, &n) >= 0) {
mp_clear_multi(&e, &n, &s, &us, NULL);
return -4;
}
res = mp_exptmod(&s, &e, &n, &us);
mp_clear_multi(&e, &n, &s, NULL);
if (res != 0) {
mp_clear(&us);
return -5;
}
p = to;
size = mp_unsigned_bin_size(&us);
assert(size <= RSA_size(rsa));
mp_to_unsigned_bin(&us, p);
mp_clear(&us);
/* head zero was skipped by mp_to_unsigned_bin */
if (*p == 0)
return -6;
if (*p != 1)
return -7;
size--; p++;
while (size && *p == 0xff) {
size--; p++;
}
if (size == 0 || *p != 0)
return -8;
size--; p++;
memmove(to, p, size);
return size;
}示例6: return
* assuming that the OID length is less than 128 bytes.
*/
if (len < 2 || *p != 0x06)
return (GSS_S_DEFECTIVE_TOKEN);
if ((p[1] & 0x80) || p[1] > (len - 2))
return (GSS_S_DEFECTIVE_TOKEN);
mech_oid->length = p[1];
p += 2;
len -= 2;
mech_oid->elements = p;
return GSS_S_COMPLETE;
}
static gss_OID_desc krb5_mechanism =
{9, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02")};
static gss_OID_desc ntlm_mechanism =
{10, rk_UNCONST("\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a")};
static gss_OID_desc spnego_mechanism =
{6, rk_UNCONST("\x2b\x06\x01\x05\x05\x02")};
static OM_uint32
choose_mech(const gss_buffer_t input, gss_OID mech_oid)
{
OM_uint32 status;
/*
* First try to parse the gssapi token header and see if it's a
* correct header, use that in the first hand.
*/
示例7: krb5_warn
krb5_warn(context, ret, "hdb_entry2value");
return ret;
}
if(to_stdout)
ret = krb5_write_message(context, &pd->sock, &data);
else
ret = krb5_write_priv_message(context, pd->auth_context,
&pd->sock, &data);
krb5_data_free(&data);
return ret;
}
struct getargs args[] = {
{ "master-key", 'm', arg_string, &mkeyfile, "v5 master key file", "file" },
{ "database", 'd', arg_string, rk_UNCONST(&database), "database", "file" },
{ "source", 0, arg_string, &source_type, "type of database to read",
"heimdal"
"|mit-dump"
},
{ "keytab", 'k', arg_string, rk_UNCONST(&ktname),
"keytab to use for authentication", "keytab" },
{ "v5-realm", 'R', arg_string, &local_realm, "v5 realm to use", NULL },
{ "decrypt", 'D', arg_flag, &decrypt_flag, "decrypt keys", NULL },
{ "encrypt", 'E', arg_flag, &encrypt_flag, "encrypt keys", NULL },
{ "stdout", 'n', arg_flag, &to_stdout, "dump to stdout", NULL },
{ "verbose", 'v', arg_flag, &verbose_flag, NULL, NULL },
{ "version", 0, arg_flag, &version_flag, NULL, NULL },
{ "help", 'h', arg_flag, &help_flag, NULL, NULL }
};示例8: rk_UNCONST
#include <gssapi_mech.h>
/*
* The implementation must reserve static storage for a
* gss_OID_desc object containing the value
* {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
* "\x01\x02\x01\x01"},
* corresponding to an object-identifier value of
* {iso(1) member-body(2) United States(840) mit(113554)
* infosys(1) gssapi(2) generic(1) user_name(1)}. The constant
* GSS_C_NT_USER_NAME should be initialized to point
* to that gss_OID_desc.
*/
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_nt_user_name_oid_desc =
{10, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12" "\x01\x02\x01\x01")};
/*
* The implementation must reserve static storage for a
* gss_OID_desc object containing the value
* {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
* "\x01\x02\x01\x02"},
* corresponding to an object-identifier value of
* {iso(1) member-body(2) United States(840) mit(113554)
* infosys(1) gssapi(2) generic(1) machine_uid_name(2)}.
* The constant GSS_C_NT_MACHINE_UID_NAME should be
* initialized to point to that gss_OID_desc.
*/
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_nt_machine_uid_name_oid_desc =
{10, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12" "\x01\x02\x01\x02")};示例9: BN_num_bytes
{
return BN_num_bytes(rsa->n);
}
#define RSAFUNC(name, body) \
int \
name(int flen,const unsigned char* f, unsigned char* t, RSA* r, int p){\
return body; \
}
RSAFUNC(RSA_public_encrypt, (r)->meth->rsa_pub_enc(flen, f, t, r, p))
RSAFUNC(RSA_public_decrypt, (r)->meth->rsa_pub_dec(flen, f, t, r, p))
RSAFUNC(RSA_private_encrypt, (r)->meth->rsa_priv_enc(flen, f, t, r, p))
RSAFUNC(RSA_private_decrypt, (r)->meth->rsa_priv_dec(flen, f, t, r, p))
static const heim_octet_string null_entry_oid = { 2, rk_UNCONST("\x05\x00") };
static const unsigned sha1_oid_tree[] = { 1, 3, 14, 3, 2, 26 };
static const AlgorithmIdentifier _signature_sha1_data = {
{ 6, rk_UNCONST(sha1_oid_tree) }, rk_UNCONST(&null_entry_oid)
};
static const unsigned sha256_oid_tree[] = { 2, 16, 840, 1, 101, 3, 4, 2, 1 };
static const AlgorithmIdentifier _signature_sha256_data = {
{ 9, rk_UNCONST(sha256_oid_tree) }, rk_UNCONST(&null_entry_oid)
};
static const unsigned md5_oid_tree[] = { 1, 2, 840, 113549, 2, 5 };
static const AlgorithmIdentifier _signature_md5_data = {
{ 6, rk_UNCONST(md5_oid_tree) }, rk_UNCONST(&null_entry_oid)
};
示例10: kc_rsa_sign
static int
kc_rsa_sign(int type, const unsigned char *from, unsigned int flen,
unsigned char *to, unsigned int *tlen, const RSA *rsa)
{
struct kc_rsa *kc = RSA_get_app_data(rk_UNCONST(rsa));
CSSM_RETURN cret;
OSStatus ret;
const CSSM_ACCESS_CREDENTIALS *creds;
SecKeyRef privKeyRef = kc->pkey;
CSSM_CSP_HANDLE cspHandle;
const CSSM_KEY *cssmKey;
CSSM_CC_HANDLE sigHandle = 0;
CSSM_DATA sig, in;
int fret = 0;
CSSM_ALGORITHMS stype;
if (type == NID_md5) {
stype = CSSM_ALGID_MD5;
} else if (type == NID_sha1) {
stype = CSSM_ALGID_SHA1;
} else if (type == NID_sha256) {
stype = CSSM_ALGID_SHA256;
} else if (type == NID_sha384) {
stype = CSSM_ALGID_SHA384;
} else if (type == NID_sha512) {
stype = CSSM_ALGID_SHA512;
} else
return -1;
cret = SecKeyGetCSSMKey(privKeyRef, &cssmKey);
if(cret) heim_abort("SecKeyGetCSSMKey failed: %d", cret);
cret = SecKeyGetCSPHandle(privKeyRef, &cspHandle);
if(cret) heim_abort("SecKeyGetCSPHandle failed: %d", cret);
ret = SecKeyGetCredentials(privKeyRef, CSSM_ACL_AUTHORIZATION_SIGN,
kSecCredentialTypeNoUI, &creds);
if(ret) heim_abort("SecKeyGetCredentials failed: %d", (int)ret);
ret = CSSM_CSP_CreateSignatureContext(cspHandle, CSSM_ALGID_RSA,
creds, cssmKey, &sigHandle);
if(ret) heim_abort("CSSM_CSP_CreateSignatureContext failed: %d", (int)ret);
in.Data = (uint8 *)from;
in.Length = flen;
sig.Data = (uint8 *)to;
sig.Length = kc->keysize;
cret = CSSM_SignData(sigHandle, &in, 1, stype, &sig);
if(cret) {
/* cssmErrorString(cret); */
fret = -1;
} else {
fret = 1;
*tlen = (unsigned int)sig.Length;
}
if(sigHandle)
CSSM_DeleteContext(sigHandle);
return fret;
}示例11: krb5_get_creds
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_get_creds(krb5_context context,
krb5_get_creds_opt opt,
krb5_ccache ccache,
krb5_const_principal inprinc,
krb5_creds **out_creds)
{
krb5_kdc_flags flags;
krb5_flags options;
krb5_creds in_creds;
krb5_error_code ret;
krb5_creds **tgts;
krb5_creds *res_creds;
int i;
if (opt && opt->enctype) {
ret = krb5_enctype_valid(context, opt->enctype);
if (ret)
return ret;
}
memset(&in_creds, 0, sizeof(in_creds));
in_creds.server = rk_UNCONST(inprinc);
ret = krb5_cc_get_principal(context, ccache, &in_creds.client);
if (ret)
return ret;
if (opt)
options = opt->options;
else
options = 0;
flags.i = 0;
*out_creds = NULL;
res_creds = calloc(1, sizeof(*res_creds));
if (res_creds == NULL) {
krb5_free_principal(context, in_creds.client);
krb5_set_error_message(context, ENOMEM,
N_("malloc: out of memory", ""));
return ENOMEM;
}
if (opt && opt->enctype) {
in_creds.session.keytype = opt->enctype;
options |= KRB5_TC_MATCH_KEYTYPE;
}
/*
* If we got a credential, check if credential is expired before
* returning it.
*/
ret = krb5_cc_retrieve_cred(context,
ccache,
options & KRB5_TC_MATCH_KEYTYPE,
&in_creds, res_creds);
/*
* If we got a credential, check if credential is expired before
* returning it, but only if KRB5_GC_EXPIRED_OK is not set.
*/
if (ret == 0) {
krb5_timestamp timeret;
/* If expired ok, don't bother checking */
if(options & KRB5_GC_EXPIRED_OK) {
*out_creds = res_creds;
krb5_free_principal(context, in_creds.client);
goto out;
}
krb5_timeofday(context, &timeret);
if(res_creds->times.endtime > timeret) {
*out_creds = res_creds;
krb5_free_principal(context, in_creds.client);
goto out;
}
if(options & KRB5_GC_CACHED)
krb5_cc_remove_cred(context, ccache, 0, res_creds);
} else if(ret != KRB5_CC_END) {
free(res_creds);
krb5_free_principal(context, in_creds.client);
goto out;
}
free(res_creds);
if(options & KRB5_GC_CACHED) {
krb5_free_principal(context, in_creds.client);
ret = not_found(context, in_creds.server, KRB5_CC_NOTFOUND);
goto out;
}
if(options & KRB5_GC_USER_USER) {
flags.b.enc_tkt_in_skey = 1;
options |= KRB5_GC_NO_STORE;
}
if (options & KRB5_GC_FORWARDABLE)
flags.b.forwardable = 1;
if (options & KRB5_GC_NO_TRANSIT_CHECK)
flags.b.disable_transited_check = 1;
if (options & KRB5_GC_CONSTRAINED_DELEGATION) {
flags.b.request_anonymous = 1; /* XXX ARGH confusion */
//.........这里部分代码省略.........
示例12: hx509_ca_tbs_add_crl_dp_uri
int
hx509_ca_tbs_add_crl_dp_uri(hx509_context context,
hx509_ca_tbs tbs,
const char *uri,
hx509_name issuername)
{
DistributionPoint dp;
int ret;
memset(&dp, 0, sizeof(dp));
dp.distributionPoint = ecalloc(1, sizeof(*dp.distributionPoint));
{
DistributionPointName name;
GeneralName gn;
size_t size;
name.element = choice_DistributionPointName_fullName;
name.u.fullName.len = 1;
name.u.fullName.val = &gn;
gn.element = choice_GeneralName_uniformResourceIdentifier;
gn.u.uniformResourceIdentifier.data = rk_UNCONST(uri);
gn.u.uniformResourceIdentifier.length = strlen(uri);
ASN1_MALLOC_ENCODE(DistributionPointName,
dp.distributionPoint->data,
dp.distributionPoint->length,
&name, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret,
"Failed to encoded DistributionPointName");
goto out;
}
if (dp.distributionPoint->length != size)
_hx509_abort("internal ASN.1 encoder error");
}
if (issuername) {
#if 1
/**
* issuername not supported
*/
hx509_set_error_string(context, 0, EINVAL,
"CRLDistributionPoints.name.issuername not yet supported");
return EINVAL;
#else
GeneralNames *crlissuer;
GeneralName gn;
Name n;
crlissuer = calloc(1, sizeof(*crlissuer));
if (crlissuer == NULL) {
return ENOMEM;
}
memset(&gn, 0, sizeof(gn));
gn.element = choice_GeneralName_directoryName;
ret = hx509_name_to_Name(issuername, &n);
if (ret) {
hx509_set_error_string(context, 0, ret, "out of memory");
goto out;
}
gn.u.directoryName.element = n.element;
gn.u.directoryName.u.rdnSequence = n.u.rdnSequence;
ret = add_GeneralNames(&crlissuer, &gn);
free_Name(&n);
if (ret) {
hx509_set_error_string(context, 0, ret, "out of memory");
goto out;
}
dp.cRLIssuer = &crlissuer;
#endif
}
ret = add_CRLDistributionPoints(&tbs->crldp, &dp);
if (ret) {
hx509_set_error_string(context, 0, ret, "out of memory");
goto out;
}
out:
free_DistributionPoint(&dp);
return ret;
}示例13: ca_sign
//.........这里部分代码省略.........
}
ret = der_copy_bit_string(&tbs->issuerUniqueID, tbsc->issuerUniqueID);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
}
/* subjectUniqueID [2] IMPLICIT BIT STRING OPTIONAL */
if (tbs->subjectUniqueID.length) {
tbsc->subjectUniqueID = calloc(1, sizeof(*tbsc->subjectUniqueID));
if (tbsc->subjectUniqueID == NULL) {
ret = ENOMEM;
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
ret = der_copy_bit_string(&tbs->subjectUniqueID, tbsc->subjectUniqueID);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
}
/* extensions [3] EXPLICIT Extensions OPTIONAL */
tbsc->extensions = calloc(1, sizeof(*tbsc->extensions));
if (tbsc->extensions == NULL) {
ret = ENOMEM;
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
/* Add the text BMP string Domaincontroller to the cert */
if (tbs->flags.domaincontroller) {
data.data = rk_UNCONST("\x1e\x20\x00\x44\x00\x6f\x00\x6d"
"\x00\x61\x00\x69\x00\x6e\x00\x43"
"\x00\x6f\x00\x6e\x00\x74\x00\x72"
"\x00\x6f\x00\x6c\x00\x6c\x00\x65"
"\x00\x72");
data.length = 34;
ret = add_extension(context, tbsc, 0,
&asn1_oid_id_ms_cert_enroll_domaincontroller,
&data);
if (ret)
goto out;
}
/* add KeyUsage */
{
KeyUsage ku;
ku = int2KeyUsage(key_usage);
ASN1_MALLOC_ENCODE(KeyUsage, data.data, data.length, &ku, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
if (size != data.length)
_hx509_abort("internal ASN.1 encoder error");
ret = add_extension(context, tbsc, 1,
&asn1_oid_id_x509_ce_keyUsage, &data);
free(data.data);
if (ret)
goto out;
}
示例14: rk_UNCONST
static struct getargs args[] = {
{ "config-file", 'c', arg_string, &config_file, NULL, NULL },
{ "realm", 'r', arg_string, &realm, NULL, NULL },
{ "keytab", 'k', arg_string, &keytab_str,
"keytab to get authentication from", "kspec" },
{ "time-lost", 0, arg_string, &server_time_lost,
"time before server is considered lost", "time" },
{ "status-file", 0, arg_string, &status_file,
"file to write out status into", "file" },
{ "port", 0, arg_string, &port_str,
"port ipropd-slave will connect to", "port"},
#ifdef SUPPORT_DETACH
{ "detach", 0, arg_flag, &detach_from_console,
"detach from console", NULL },
#endif
{ "hostname", 0, arg_string, rk_UNCONST(&slave_str),
"hostname of slave (if not same as hostname)", "hostname" },
{ "version", 0, arg_flag, &version_flag, NULL, NULL },
{ "help", 0, arg_flag, &help_flag, NULL, NULL }
};
static int num_args = sizeof(args) / sizeof(args[0]);
static void
usage(int status)
{
arg_printusage(args, num_args, NULL, "master");
exit(status);
}
int示例15: krb5_get_creds
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_get_creds(krb5_context context,
krb5_get_creds_opt opt,
krb5_ccache ccache,
krb5_const_principal inprinc,
krb5_creds **out_creds)
{
krb5_kdc_flags flags;
krb5_flags options;
krb5_creds in_creds;
krb5_error_code ret;
krb5_creds **tgts;
krb5_creds *try_creds;
krb5_creds *res_creds;
krb5_name_canon_iterator name_canon_iter = NULL;
krb5_name_canon_rule_options rule_opts;
int i;
if (opt && opt->enctype) {
ret = krb5_enctype_valid(context, opt->enctype);
if (ret)
return ret;
}
memset(&in_creds, 0, sizeof(in_creds));
in_creds.server = rk_UNCONST(inprinc);
ret = krb5_cc_get_principal(context, ccache, &in_creds.client);
if (ret)
return ret;
if (opt)
options = opt->options;
else
options = 0;
flags.i = 0;
*out_creds = NULL;
res_creds = calloc(1, sizeof(*res_creds));
if (res_creds == NULL) {
krb5_free_principal(context, in_creds.client);
return krb5_enomem(context);
}
if (opt && opt->enctype) {
in_creds.session.keytype = opt->enctype;
options |= KRB5_TC_MATCH_KEYTYPE;
}
/* Check for entry in ccache */
if (inprinc->name.name_type == KRB5_NT_SRV_HST_NEEDS_CANON) {
ret = check_cc(context, options, ccache, &in_creds, res_creds);
if (ret == 0) {
*out_creds = res_creds;
goto out;
}
}
ret = krb5_name_canon_iterator_start(context, NULL, &in_creds,
&name_canon_iter);
if (ret)
goto out;
next_rule:
ret = krb5_name_canon_iterate_creds(context, &name_canon_iter, &try_creds,
&rule_opts);
if (ret)
return ret;
if (name_canon_iter == NULL) {
if (options & KRB5_GC_CACHED)
ret = KRB5_CC_NOTFOUND;
else
ret = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN;
goto out;
}
ret = check_cc(context, options, ccache, try_creds, res_creds);
if (ret == 0) {
*out_creds = res_creds;
goto out;
} else if(ret != KRB5_CC_END) {
goto out;
}
if(options & KRB5_GC_CACHED)
goto next_rule;
if(rule_opts & KRB5_NCRO_USE_REFERRALS)
flags.b.canonicalize = 1;
else if(rule_opts & KRB5_NCRO_NO_REFERRALS)
flags.b.canonicalize = 0;
else
flags.b.canonicalize = (options & KRB5_GC_CANONICALIZE) ? 1 : 0;
if(options & KRB5_GC_USER_USER) {
flags.b.enc_tkt_in_skey = 1;
options |= KRB5_GC_NO_STORE;
}
if (options & KRB5_GC_FORWARDABLE)
flags.b.forwardable = 1;
if (options & KRB5_GC_NO_TRANSIT_CHECK)
flags.b.disable_transited_check = 1;
if (options & KRB5_GC_CONSTRAINED_DELEGATION) {
//.........这里部分代码省略.........