48
k5_data_equal(krb5_data d1, krb5_data d2, unsigned int length)
53
return (d1.length == length &&
54
d1.length == d2.length &&
55
memcmp(d1.data, d2.data, length) == 0);
59
48
/* does the ccache have a valid TGT? */
61
50
get_tgt_time(const char *ccname) {
64
53
krb5_cc_cursor cur;
66
55
krb5_principal principal;
67
krb5_data tgt = { .data = "krbtgt",
69
56
time_t credtime = 0;
71
59
if (krb5_init_context(&context)) {
72
60
syslog(LOG_DEBUG, "%s: unable to init krb5 context", __func__);
84
if ((realm = smb_krb5_principal_get_realm(context, principal)) == NULL) {
85
syslog(LOG_DEBUG, "%s: unable to get realm", __func__);
96
89
while (!credtime && !krb5_cc_next_cred(context, ccache, &cur, &creds)) {
97
if (k5_data_equal(creds.server->realm, principal->realm, 0) &&
98
k5_data_equal(creds.server->data[0], tgt, tgt.length) &&
99
k5_data_equal(creds.server->data[1], principal->realm, 0) &&
91
if (smb_krb5_unparse_name(NULL, context, creds.server, &name)) {
92
syslog(LOG_DEBUG, "%s: unable to unparse name", __func__);
95
if (krb5_realm_compare(context, creds.server, principal) &&
96
strnequal(name, KRB5_TGS_NAME, KRB5_TGS_NAME_SIZE) &&
97
strnequal(name+KRB5_TGS_NAME_SIZE+1, realm, strlen(realm)) &&
100
98
creds.times.endtime > time(NULL))
101
99
credtime = creds.times.endtime;
102
100
krb5_free_cred_contents(context, &creds);
104
104
krb5_cc_end_seq_get(context, ccache, &cur);
107
106
krb5_free_principal(context, principal);
108
#if defined(KRB5_TC_OPENCLOSE)
109
109
krb5_cc_set_flags(context, ccache, KRB5_TC_OPENCLOSE);
110
111
krb5_cc_close(context, ccache);
112
113
krb5_free_context(context);