Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 :
4 : Kerberos backend for GENSEC
5 :
6 : Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004
7 : Copyright (C) Andrew Tridgell 2001
8 : Copyright (C) Luke Howard 2002-2003
9 : Copyright (C) Stefan Metzmacher 2004-2005
10 :
11 : This program is free software; you can redistribute it and/or modify
12 : it under the terms of the GNU General Public License as published by
13 : the Free Software Foundation; either version 3 of the License, or
14 : (at your option) any later version.
15 :
16 : This program is distributed in the hope that it will be useful,
17 : but WITHOUT ANY WARRANTY; without even the implied warranty of
18 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 : GNU General Public License for more details.
20 :
21 :
22 : You should have received a copy of the GNU General Public License
23 : along with this program. If not, see <http://www.gnu.org/licenses/>.
24 : */
25 :
26 : #include "includes.h"
27 : #include "auth/auth.h"
28 : #include "auth/gensec/gensec.h"
29 : #include "auth/gensec/gensec_internal.h"
30 : #include "gensec_krb5_internal.h"
31 : #include "gensec_krb5_helpers.h"
32 : #include "system/kerberos.h"
33 : #include "auth/kerberos/kerberos.h"
34 :
35 16 : static struct gensec_krb5_state *get_private_state(const struct gensec_security *gensec_security)
36 : {
37 16 : struct gensec_krb5_state *gensec_krb5_state = NULL;
38 :
39 16 : if (strcmp(gensec_security->ops->name, "krb5") != 0) {
40 : /* We require that the krb5 mechanism is being used. */
41 0 : return NULL;
42 : }
43 :
44 16 : gensec_krb5_state = talloc_get_type(gensec_security->private_data,
45 : struct gensec_krb5_state);
46 16 : return gensec_krb5_state;
47 : }
48 :
49 : /*
50 : * Returns 1 if our ticket has the initial flag set, 0 if not, and -1 in case of
51 : * error.
52 : */
53 16 : int gensec_krb5_initial_ticket(const struct gensec_security *gensec_security)
54 : {
55 16 : struct gensec_krb5_state *gensec_krb5_state = NULL;
56 :
57 16 : gensec_krb5_state = get_private_state(gensec_security);
58 16 : if (gensec_krb5_state == NULL) {
59 0 : return -1;
60 : }
61 :
62 16 : if (gensec_krb5_state->ticket == NULL) {
63 : /* We don't have a ticket */
64 0 : return -1;
65 : }
66 :
67 : #ifdef SAMBA4_USES_HEIMDAL
68 12 : return gensec_krb5_state->ticket->ticket.flags.initial;
69 : #else /* MIT KERBEROS */
70 4 : return (gensec_krb5_state->ticket->enc_part2->flags & TKT_FLG_INITIAL) ? 1 : 0;
71 : #endif /* SAMBA4_USES_HEIMDAL */
72 : }
|
