2 * Portability glue functions for Kerberos.
4 * This file provides definitions of the interfaces that portable/krb5.h
5 * ensures exist if the function wasn't available in the Kerberos libraries.
6 * Everything in this file will be protected by #ifndef. If the native
7 * Kerberos libraries are fully capable, this file will be skipped.
9 * The canonical version of this file is maintained in the rra-c-util package,
10 * which can be found at <http://www.eyrie.org/~eagle/software/rra-c-util/>.
12 * Written by Russ Allbery <eagle@eyrie.org>
14 * The authors hereby relinquish any claim to any copyright that they may have
15 * in this work, whether granted under contract or by operation of law or
16 * international treaty, and hereby commit to the public, at large, that they
17 * shall not, at any time in the future, seek to enforce any copyright in this
18 * work against any person or entity, or prevent any person or entity from
19 * copying, publishing, distributing or creating derivative works of this
24 #include <portable/krb5.h>
25 #include <portable/system.h>
29 /* Figure out what header files to include for error reporting. */
30 #if !defined(HAVE_KRB5_GET_ERROR_MESSAGE) && !defined(HAVE_KRB5_GET_ERR_TEXT)
31 # if !defined(HAVE_KRB5_GET_ERROR_STRING)
32 # if defined(HAVE_IBM_SVC_KRB5_SVC_H)
33 # include <ibm_svc/krb5_svc.h>
34 # elif defined(HAVE_ET_COM_ERR_H)
35 # include <et/com_err.h>
42 /* Used for unused parameters to silence gcc warnings. */
43 #define UNUSED __attribute__((__unused__))
46 * This string is returned for unknown error messages. We use a static
47 * variable so that we can be sure not to free it.
49 static const char error_unknown[] = "unknown error";
52 #ifndef HAVE_KRB5_GET_ERROR_MESSAGE
54 * Given a Kerberos error code, return the corresponding error. Prefer the
55 * Kerberos interface if available since it will provide context-specific
56 * error information, whereas the error_message() call will only provide a
60 krb5_get_error_message(krb5_context ctx UNUSED, krb5_error_code code UNUSED)
62 const char *msg = NULL;
64 # if defined(HAVE_KRB5_GET_ERROR_STRING)
65 msg = krb5_get_error_string(ctx);
66 # elif defined(HAVE_KRB5_GET_ERR_TEXT)
67 msg = krb5_get_err_text(ctx, code);
68 # elif defined(HAVE_KRB5_SVC_GET_MSG)
69 krb5_svc_get_msg(code, (char **) &msg);
71 msg = error_message(code);
78 #endif /* !HAVE_KRB5_GET_ERROR_MESSAGE */
81 #ifndef HAVE_KRB5_FREE_ERROR_MESSAGE
83 * Free an error string if necessary. If we returned a static string, make
84 * sure we don't free it.
86 * This code assumes that the set of implementations that have
87 * krb5_free_error_message is a subset of those with krb5_get_error_message.
88 * If this assumption ever breaks, we may call the wrong free function.
91 krb5_free_error_message(krb5_context ctx UNUSED, const char *msg)
93 if (msg == error_unknown)
95 # if defined(HAVE_KRB5_GET_ERROR_STRING)
96 krb5_free_error_string(ctx, (char *) msg);
97 # elif defined(HAVE_KRB5_SVC_GET_MSG)
98 krb5_free_string(ctx, (char *) msg);
101 #endif /* !HAVE_KRB5_FREE_ERROR_MESSAGE */
104 #ifndef HAVE_KRB5_GET_INIT_CREDS_OPT_ALLOC
106 * Allocate and initialize a krb5_get_init_creds_opt struct. This code
107 * assumes that an all-zero bit pattern will create a NULL pointer.
110 krb5_get_init_creds_opt_alloc(krb5_context ctx UNUSED,
111 krb5_get_init_creds_opt **opts)
113 *opts = calloc(1, sizeof(krb5_get_init_creds_opt));
116 krb5_get_init_creds_opt_init(*opts);
119 #endif /* !HAVE_KRB5_GET_INIT_CREDS_OPT_ALLOC */
122 #ifndef HAVE_KRB5_PRINCIPAL_GET_REALM
124 * Return the realm of a principal as a const char *.
127 krb5_principal_get_realm(krb5_context ctx UNUSED, krb5_const_principal princ)
129 const krb5_data *data;
131 data = krb5_princ_realm(ctx, princ);
132 if (data == NULL || data->data == NULL)
136 #endif /* !HAVE_KRB5_PRINCIPAL_GET_REALM */