From 3e1c4c79a1c4f7762432a5816a50f84e0bf89348 Mon Sep 17 00:00:00 2001 From: Derrick Brashear Date: Fri, 22 Jul 2011 14:24:08 -0400 Subject: [PATCH] macos: avoid KLRenewInitialTickets crash in Lion the shimmed heimdal in Lion crashes on this call now. the shim also exports diddly squat. fine, we pick over what IS exported and use only calls available to us. should be exactly as functional as before. Reviewed-on: http://gerrit.openafs.org/5065 Tested-by: BuildBot Reviewed-by: Derrick Brashear (cherry picked from commit 62cccc4547bd816dfffb2c1a4431c3c674d302f8) Change-Id: I44ec9305c3f8e07cb68b2614b237b62e29a66516 Reviewed-on: http://gerrit.openafs.org/5071 Tested-by: BuildBot Reviewed-by: Derrick Brashear --- src/platform/DARWIN/AFSPreference/Krb5Util.m | 64 ++++++++++++++++++-- 1 file changed, 60 insertions(+), 4 deletions(-) diff --git a/src/platform/DARWIN/AFSPreference/Krb5Util.m b/src/platform/DARWIN/AFSPreference/Krb5Util.m index f88d88220..2b892e17b 100644 --- a/src/platform/DARWIN/AFSPreference/Krb5Util.m +++ b/src/platform/DARWIN/AFSPreference/Krb5Util.m @@ -122,10 +122,66 @@ //NSLog(@"Ticket Expiration time: %@", [expirationDate description]); NSTimeInterval secondToExpireTime = [expirationDate timeIntervalSinceNow]; if(secondToExpireTime <= secToExpire) { - kstatus = KLRenewInitialTickets ( nil, inLoginOptions, nil, nil); - //kstatus = KLTicketExpirationTime (nil, kerberosVersion_All, &expireStartTime); - //expirationDate = [NSDate dateWithTimeIntervalSince1970:expireStartTime]; - //NSLog(@"Ticket Renewed Unitl %@", expirationDate); +#if defined(MAC_OS_X_VERSION_10_7) && (MAC_OS_X_VERSION_MAX_ALLOWED > MAC_OS_X_VERSION_10_6) + krb5_creds in; + krb5_error_code ret; + krb5_ccache id = NULL; + static dispatch_once_t once = 0; + static krb5_context kcontext; + krb5_principal me=NULL; + krb5_principal server=NULL; + krb5_timestamp now; + + dispatch_once(&once, ^{ + krb5_init_context(&kcontext); + }); + + krb5_timeofday(kcontext, &now); + memset((char *)&in, 0, sizeof(in)); + in.times.starttime = 0; + in.times.endtime = now + inTicketLifetime; + in.times.renew_till = now + inTicketLifetime; + + krb5_cc_default(kcontext, &id); + if (ret == 0) { + ret = krb5_cc_get_principal(kcontext, id, + &me); + in.client = me; + } + if (ret == 0) { + ret = krb5_build_principal_ext(kcontext, &server, + krb5_princ_realm(kcontext, + in.client)->length, + krb5_princ_realm(kcontext, + in.client)->data, + 6, "krbtgt", + krb5_princ_realm(kcontext, + in.client)->length, + krb5_princ_realm(kcontext, + in.client)->data, + 0); + } + if (ret == 0) { + in.server = server; + ret = krb5_get_renewed_creds(kcontext, &in, me, id, server); + } + if (ret == 0) { + ret = krb5_cc_initialize (kcontext, id, me); + ret = krb5_cc_store_cred(kcontext, id, &in); + krb5_cc_close(kcontext,id); + } + krb5_free_principal(kcontext, server); +#else + KLPrincipal klprinc = nil; + kstatus = KLRenewInitialTickets ( klprinc, inLoginOptions, nil, nil); +#endif + +#if 0 + /* handoff to growl agent? */ + kstatus = KLTicketExpirationTime (nil, kerberosVersion_All, &expireStartTime); + expirationDate = [NSDate dateWithTimeIntervalSince1970:expireStartTime]; + BuildNotificationInfo(@"Ticket Renewed Unitl %@", expirationDate, callbackInfo->dcref, callbackInfo->regref, callbackInfo->icon); +#endif } } @catch (NSException * e) { -- 2.39.5