4  * The context structure is the internal state maintained by the pam-krb5
7  * Copyright 2005-2009, 2014, 2020-2021 Russ Allbery <eagle@eyrie.org>
11  * Copyright 1999-2000 Frank Cusack <fcusack@fcusack.com>
13  * SPDX-License-Identifier: BSD-3-clause or GPL-1+
17 #include <portable/pam.h>
23 #include <pam-util/args.h>
24 #include <pam-util/logging.h>
28  * Create a new context and populate it with the user from PAM and the current
43     ctx->cache = NULL;  in pamk5_context_new()
44     ctx->princ = NULL;  in pamk5_context_new()
45     ctx->creds = NULL;  in pamk5_context_new()
46     ctx->fast_cache = NULL;  in pamk5_context_new()
47     ctx->context = args->ctx;  in pamk5_context_new()
48     args->config->ctx = ctx;  in pamk5_context_new()
54     retval = pam_get_user(args->pamh, &name, NULL);  in pamk5_context_new()
62     ctx->name = strdup(name);  in pamk5_context_new()
63     args->user = ctx->name;  in pamk5_context_new()
66     if (args->realm != NULL) {  in pamk5_context_new()
67         retval = krb5_set_default_realm(ctx->context, args->realm);  in pamk5_context_new()
83  * Retrieve a context from the PAM data structures, returning failure if no
92     pamret = pam_get_data(args->pamh, "pam_krb5", (void *) &args->config->ctx);  in pamk5_context_fetch()
94         args->config->ctx = NULL;  in pamk5_context_fetch()
95     if (pamret == PAM_SUCCESS && args->config->ctx == NULL)  in pamk5_context_fetch()
97     if (args->config->ctx != NULL)  in pamk5_context_fetch()
98         args->user = args->config->ctx->name;  in pamk5_context_fetch()
109  * by our code) and pamk5_context_destroy (called by PAM as a data callback).
116     free(ctx->name);  in context_free()
117     if (ctx->context != NULL) {  in context_free()
118         if (ctx->princ != NULL)  in context_free()
119             krb5_free_principal(ctx->context, ctx->princ);  in context_free()
120         if (ctx->cache != NULL) {  in context_free()
121             if (ctx->dont_destroy_cache)  in context_free()
122                 krb5_cc_close(ctx->context, ctx->cache);  in context_free()
124                 krb5_cc_destroy(ctx->context, ctx->cache);  in context_free()
126         if (ctx->creds != NULL) {  in context_free()
127             krb5_free_cred_contents(ctx->context, ctx->creds);  in context_free()
128             free(ctx->creds);  in context_free()
131             krb5_free_context(ctx->context);  in context_free()
133     if (ctx->fast_cache != NULL)  in context_free()
134         krb5_cc_destroy(ctx->context, ctx->fast_cache);  in context_free()
140  * Free the current context, used internally by pam-krb5 code.  This is a
142  * context if it's the same as the top-level context and handles other
143  * bookkeeping in the top-level pam_args struct.
148     if (args->config->ctx == NULL)  in pamk5_context_free()
150     if (args->user == args->config->ctx->name)  in pamk5_context_free()
151         args->user = NULL;  in pamk5_context_free()
152     context_free(args->config->ctx, args->ctx != args->config->ctx->context);  in pamk5_context_free()
153     args->config->ctx = NULL;  in pamk5_context_free()
158  * The PAM callback to destroy the context stored in the PAM data structures.
172         ctx->dont_destroy_cache = true;  in pamk5_context_destroy()