OSX prefspane use Kerberos Preferences for defaults

if we have forwardable tickets, e.g., as a pref, get those.
and so on. this way tickets AFS got are not "Weird"

Change-Id: I81d70dc72e777503c8d1e588ae6cba6f33c6dc44
Reviewed-on: http://gerrit.openafs.org/2965
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>

diff --git a/src/platform/DARWIN/AFSPreference/Krb5Util.h b/src/platform/DARWIN/AFSPreference/Krb5Util.h
index deed0564febc9ba74a8220462788cf04a5b5e4b0..1ce4eee1b6ff06cdde0fafad8c415c88cda072a8 100644 (file)
--- a/src/platform/DARWIN/AFSPreference/Krb5Util.h
+++ b/src/platform/DARWIN/AFSPreference/Krb5Util.h
@@ -8,6 +8,7 @@
 
 #import <Foundation/Foundation.h>
 #import <Kerberos/Kerberos.h>
+#import <Kerberos/KerberosLogin.h>
 
 @interface Krb5Util : NSObject {
 

diff --git a/src/platform/DARWIN/AFSPreference/Krb5Util.m b/src/platform/DARWIN/AFSPreference/Krb5Util.m
index 663a9f005eb64d5f1576be4f3cf3efe7c381ef8f..f88d882207688778ceb684781f6707a3ad074905 100644 (file)
--- a/src/platform/DARWIN/AFSPreference/Krb5Util.m
+++ b/src/platform/DARWIN/AFSPreference/Krb5Util.m
@@ -14,13 +14,77 @@
        KLStatus                kstatus = noErr;
        char                    *princName = 0L;
        KLBoolean       outFoundValidTickets = false;
+       KLLoginOptions  inLoginOptions = nil;
+
        @try{
                kstatus = KLCacheHasValidTickets(nil, kerberosVersion_All, &outFoundValidTickets, nil, nil);
                if(!outFoundValidTickets) {
-                       kstatus = KLAcquireNewInitialTickets(nil, nil, &princ, &princName);
-                       if(kstatus != noErr && kstatus != klUserCanceledErr) @throw [NSException exceptionWithName:@"Krb5Util"
-                                                                                                                                                                                               reason:@"getNewTicketIfNotPresent"
-                                                                                                                                                                                         userInfo:nil];
+                   kstatus = KLCreateLoginOptions(&inLoginOptions);
+                   if (kstatus != noErr)
+                       @throw [NSException exceptionWithName:@"Krb5Util"
+                                           reason:@"getNewTicketIfNotPresent"
+                                           userInfo:nil];
+                   else {
+                       KLLifetime valuel;
+                       KLSize sizel = sizeof (valuel);
+                       KLBoolean value;
+                       KLSize size = sizeof (value);
+                       kstatus = KLGetDefaultLoginOption (loginOption_DefaultTicketLifetime, &valuel, &sizel);
+
+                       if (kstatus == noErr)
+                           kstatus = KLLoginOptionsSetTicketLifetime
+                               (inLoginOptions, valuel);
+
+                       kstatus = KLGetDefaultLoginOption
+                           (loginOption_DefaultRenewableTicket, &value,
+                            &size);
+                       if (kstatus == noErr)
+                           if ((value != 0) &&
+                               ((kstatus = KLGetDefaultLoginOption
+                                 (loginOption_DefaultRenewableLifetime,
+                                  &value, &size)) == noErr))
+                               kstatus = KLLoginOptionsSetRenewableLifetime
+                               (inLoginOptions, value);
+                           else {
+                               kstatus = KLLoginOptionsSetRenewableLifetime(inLoginOptions, 0L);
+                       }
+                       kstatus = KLGetDefaultLoginOption
+                           (loginOption_DefaultForwardableTicket, &value,
+                            &size);
+
+                       if (kstatus == noErr)
+                           kstatus = KLLoginOptionsSetForwardable
+                               (inLoginOptions, value);
+
+                       kstatus = KLGetDefaultLoginOption
+                           (loginOption_DefaultProxiableTicket, &value,
+                            &size);
+
+                       if (kstatus == noErr)
+                           kstatus = KLLoginOptionsSetProxiable
+                               (inLoginOptions, value);
+
+                       kstatus = KLGetDefaultLoginOption
+                           (loginOption_DefaultAddresslessTicket, &value,
+                            &size);
+
+                       if (kstatus == noErr)
+                           kstatus = KLLoginOptionsSetAddressless
+                               (inLoginOptions, value);
+                   }
+
+                   if (kstatus == noErr)
+                       kstatus = KLAcquireNewInitialTickets(nil,
+                                                            inLoginOptions,
+                                                            &princ,
+                                                            &princName);
+                   if(kstatus != noErr && kstatus != klUserCanceledErr)
+                       @throw [NSException exceptionWithName:@"Krb5Util"
+                                           reason:@"getNewTicketIfNotPresent"
+                                           userInfo:nil];
+                   if (inLoginOptions != NULL) {
+                       KLDisposeLoginOptions (inLoginOptions);
+                   }
                }
        }
        @catch (NSException * e) {