#include "gsskrb5_locl.h"
#include <heim_threads.h>
static void
iter_creds_f(OM_uint32 flags,
int pku2u,
void *userctx ,
void (*cred_iter)(void *, gss_OID, gss_cred_id_t))
{
krb5_context context;
krb5_cccol_cursor cursor;
krb5_error_code ret;
krb5_ccache id;
GSSAPI_KRB5_INIT_VOID(&context);
ret = krb5_cccol_cursor_new (context, &cursor);
if (ret)
goto out;
while (krb5_cccol_cursor_next (context, cursor, &id) == 0 && id != NULL) {
gsskrb5_cred handle;
OM_uint32 junk;
krb5_principal principal;
krb5_boolean principal_is_pku2u, use_this = TRUE;
ret = krb5_cc_get_principal(context, id, &principal);
if (ret) {
krb5_cc_close(context, id);
continue;
}
principal_is_pku2u = krb5_principal_is_pku2u(context, principal);
if (pku2u && !principal_is_pku2u)
use_this = FALSE;
else if (!pku2u && principal_is_pku2u)
use_this = FALSE;
if (!use_this) {
krb5_free_principal(context, principal);
krb5_cc_close(context, id);
continue;
}
handle = calloc(1, sizeof(*handle));
if (handle == NULL) {
krb5_cc_close(context, id);
goto out;
}
HEIMDAL_MUTEX_init(&handle->cred_id_mutex);
handle->usage = GSS_C_INITIATE;
handle->principal = principal;
__gsskrb5_ccache_lifetime(&junk, context, id,
handle->principal, &handle->endtime);
handle->keytab = NULL;
handle->ccache = id;
cred_iter(userctx, GSS_KRB5_MECHANISM, (gss_cred_id_t)handle);
}
krb5_cccol_cursor_free(context, &cursor);
out:
cred_iter(userctx, NULL, NULL);
}
void
_gss_pku2u_iter_creds_f(OM_uint32 flags,
void *userctx ,
void (*cred_iter)(void *, gss_OID, gss_cred_id_t))
{
iter_creds_f(flags, 1, userctx, cred_iter);
}
void
_gss_krb5_iter_creds_f(OM_uint32 flags,
void *userctx ,
void (*cred_iter)(void *, gss_OID, gss_cred_id_t))
{
iter_creds_f(flags, 0, userctx, cred_iter);
}
void
_gss_iakerb_iter_creds_f(OM_uint32 flags,
void *userctx ,
void (*cred_iter)(void *, gss_OID, gss_cred_id_t))
{
cred_iter(userctx, NULL, NULL);
}