| /freebsd/tools/regression/security/proc_to_proc/ |
| H A D | scenario.c | 68 static struct cred creds[] = { variable
92 { &creds[0], &creds[0], 0, 0, 0, 0, 0, 0, "0. priv on priv"},
93 { &creds[0], &creds[1], 0, 0, 0, 0, 0, 0, "1. priv on priv"},
94 { &creds[1], &creds[0], 0, 0, 0, 0, 0, 0, "2. priv on priv"},
95 { &creds[1], &creds[1], 0, 0, 0, 0, 0, 0, "3. priv on priv"},
97 { &creds[0], &creds[2], 0, 0, 0, 0, 0, 0, "4. priv on unpriv1"},
98 { &creds[0], &creds[3], 0, 0, 0, 0, 0, 0, "5. priv on unpriv1"},
99 { &creds[1], &creds[2], 0, 0, 0, 0, 0, 0, "6. priv on unpriv1"},
100 { &creds[1], &creds[3], 0, 0, 0, 0, 0, 0, "7. priv on unpriv1"},
102 { &creds[2], &creds[0], EPERM, EPERM, EPERM, EPERM, 0, EPERM, "8. unpriv1 on priv"},
[all …]
|
| /freebsd/crypto/heimdal/lib/krb5/ |
| H A D | rd_error.c | 73 const krb5_creds *creds) in krb5_error_from_rd_error() argument
83 if (creds != NULL) { in krb5_error_from_rd_error()
84 krb5_unparse_name_fixed(context, creds->client, in krb5_error_from_rd_error()
86 krb5_unparse_name_fixed(context, creds->server, in krb5_error_from_rd_error()
94 creds ? "(" : "", in krb5_error_from_rd_error()
95 creds ? clientname : "", in krb5_error_from_rd_error()
96 creds ? ")" : ""); in krb5_error_from_rd_error()
101 creds ? "(" : "", in krb5_error_from_rd_error()
102 creds ? servername : "", in krb5_error_from_rd_error()
103 creds ? ")" : ""); in krb5_error_from_rd_error()
[all …]
|
| H A D | store.c | 1304 krb5_store_creds(krb5_storage *sp, krb5_creds *creds) in krb5_store_creds() argument
1308 ret = krb5_store_principal(sp, creds->client); in krb5_store_creds()
1311 ret = krb5_store_principal(sp, creds->server); in krb5_store_creds()
1314 ret = krb5_store_keyblock(sp, creds->session); in krb5_store_creds()
1317 ret = krb5_store_times(sp, creds->times); in krb5_store_creds()
1320 ret = krb5_store_int8(sp, creds->second_ticket.length != 0); /* is_skey */ in krb5_store_creds()
1325 ret = krb5_store_int32(sp, creds->flags.i); in krb5_store_creds()
1327 ret = krb5_store_int32(sp, bitswap32(TicketFlags2int(creds->flags.b))); in krb5_store_creds()
1331 ret = krb5_store_addrs(sp, creds->addresses); in krb5_store_creds()
1334 ret = krb5_store_authdata(sp, creds->authdata); in krb5_store_creds()
[all …]
|
| H A D | rd_cred.c | 260 krb5_creds *creds; in krb5_rd_cred() local
262 creds = calloc(1, sizeof(*creds)); in krb5_rd_cred()
263 if(creds == NULL) { in krb5_rd_cred()
270 ASN1_MALLOC_ENCODE(Ticket, creds->ticket.data, creds->ticket.length, in krb5_rd_cred()
273 free(creds); in krb5_rd_cred()
276 if(creds->ticket.length != len) in krb5_rd_cred()
278 copy_EncryptionKey (&kci->key, &creds->session); in krb5_rd_cred()
281 &creds->client, in krb5_rd_cred()
285 creds->flags.b = *kci->flags; in krb5_rd_cred()
287 creds->times.authtime = *kci->authtime; in krb5_rd_cred()
[all …]
|
| H A D | creds.c | 210 const krb5_creds * mcreds, const krb5_creds * creds) in krb5_compare_creds() argument
217 creds->server); in krb5_compare_creds()
220 creds->server); in krb5_compare_creds()
226 creds->client); in krb5_compare_creds()
229 creds->client); in krb5_compare_creds()
233 match = mcreds->session.keytype == creds->session.keytype; in krb5_compare_creds()
236 match = mcreds->flags.i == creds->flags.i; in krb5_compare_creds()
239 match = (creds->flags.i & mcreds->flags.i) == mcreds->flags.i; in krb5_compare_creds()
242 match = krb5_times_equal(&mcreds->times, &creds->times); in krb5_compare_creds()
246 match = (mcreds->times.renew_till <= creds->times.renew_till) && in krb5_compare_creds()
[all …]
|
| H A D | ticket.c | 652 krb5_creds *creds, in _krb5_extract_ticket() argument
679 creds->session.keyvalue.length = 0; in _krb5_extract_ticket()
680 creds->session.keyvalue.data = NULL; in _krb5_extract_ticket()
681 creds->session.keytype = rep->enc_part.key.keytype; in _krb5_extract_ticket()
682 ret = krb5_data_copy (&creds->session.keyvalue, in _krb5_extract_ticket()
702 creds->client, in _krb5_extract_ticket()
704 &creds->session); in _krb5_extract_ticket()
710 krb5_free_principal (context, creds->client); in _krb5_extract_ticket()
711 creds->client = tmp_principal; in _krb5_extract_ticket()
724 creds->server, in _krb5_extract_ticket()
[all …]
|
| H A D | mcache.c | 46 } *creds; member
98 m->creds = NULL; in mcc_alloc()
220 l = m->creds; in mcc_destroy()
229 m->creds = NULL; in mcc_destroy()
237 krb5_creds *creds) in mcc_store_cred() argument
252 l->next = m->creds; in mcc_store_cred()
253 m->creds = l; in mcc_store_cred()
255 ret = krb5_copy_creds_contents (context, creds, &l->cred); in mcc_store_cred()
257 m->creds = l->next; in mcc_store_cred()
289 *cursor = m->creds; in mcc_get_first()
[all …]
|
| H A D | verify_init.c | 72 krb5_creds *creds, in krb5_verify_init_creds() argument
124 creds->client); in krb5_verify_init_creds()
129 creds); in krb5_verify_init_creds()
134 if (!krb5_principal_compare (context, server, creds->server)) { in krb5_verify_init_creds()
139 match_cred.client = creds->client; in krb5_verify_init_creds()
152 creds = new_creds; in krb5_verify_init_creds()
159 creds, in krb5_verify_init_creds()
216 krb5_creds *creds, in krb5_get_validated_creds() argument
225 if (krb5_principal_compare(context, creds->client, client) != TRUE) { in krb5_get_validated_creds()
239 ret = krb5_verify_init_creds(context, creds, server, NULL, NULL, &vopt); in krb5_get_validated_creds()
|
| H A D | get_in_tkt.c | 147 krb5_creds *creds, in init_as_req() argument
177 ret = _krb5_principal2principalname (a->req_body.cname, creds->client); in init_as_req()
180 ret = _krb5_principal2principalname (a->req_body.sname, creds->server); in init_as_req()
183 ret = copy_Realm(&creds->client->realm, &a->req_body.realm); in init_as_req()
187 if(creds->times.starttime) { in init_as_req()
194 *a->req_body.from = creds->times.starttime; in init_as_req()
196 if(creds->times.endtime){ in init_as_req()
198 *a->req_body.till = creds->times.endtime; in init_as_req()
200 if(creds->times.renew_till){ in init_as_req()
207 *a->req_body.rtime = creds->times.renew_till; in init_as_req()
[all …]
|
| H A D | changepw.c | 70 krb5_creds *creds, in chgpw_send_request() argument
90 krb5_principal_compare(context, creds->client, targprinc) != TRUE) in chgpw_send_request()
99 creds, in chgpw_send_request()
162 krb5_creds *creds, in setpw_send_request() argument
186 creds, in setpw_send_request()
506 krb5_creds *creds, in change_password_loop() argument
526 realm = creds->client->realm; in change_password_loop()
592 creds, in change_password_loop()
689 krb5_creds *creds, in krb5_change_password() argument
705 return change_password_loop(context, creds, NULL, newpw, in krb5_change_password()
[all …]
|
| H A D | sendauth.c | 85 krb5_creds *creds; in krb5_sendauth() local
147 ret = krb5_get_credentials (context, 0, ccache, in_creds, &creds); in krb5_sendauth()
154 creds = in_creds; in krb5_sendauth()
162 creds, in krb5_sendauth()
166 *out_creds = creds; in krb5_sendauth()
168 krb5_free_creds(context, creds); in krb5_sendauth()
|
| H A D | init_creds_pw.c | 615 const krb5_creds *creds, in init_as_req() argument
640 ret = _krb5_principal2principalname (a->req_body.cname, creds->client); in init_as_req()
643 ret = copy_Realm(&creds->client->realm, &a->req_body.realm); in init_as_req()
647 ret = _krb5_principal2principalname (a->req_body.sname, creds->server); in init_as_req()
651 if(creds->times.starttime) { in init_as_req()
658 *a->req_body.from = creds->times.starttime; in init_as_req()
660 if(creds->times.endtime){ in init_as_req()
662 *a->req_body.till = creds->times.endtime; in init_as_req()
664 if(creds->times.renew_till){ in init_as_req()
671 *a->req_body.rtime = creds->times.renew_till; in init_as_req()
[all …]
|
| H A D | get_for_creds.c | 114 krb5_creds creds; in krb5_fwd_tgt_creds() local
137 memset (&creds, 0, sizeof(creds)); in krb5_fwd_tgt_creds()
138 creds.client = client; in krb5_fwd_tgt_creds()
141 &creds.server, in krb5_fwd_tgt_creds()
154 &creds, in krb5_fwd_tgt_creds()
|
| /freebsd/crypto/heimdal/lib/gssapi/krb5/ |
| H A D | creds.c | 64 krb5_creds *creds; in _gsskrb5_export_cred() local
74 &creds); in _gsskrb5_export_cred()
81 ret = krb5_store_creds(sp, creds); in _gsskrb5_export_cred()
82 krb5_free_creds(context, creds); in _gsskrb5_export_cred()
189 krb5_creds creds; in _gsskrb5_import_cred() local
191 ret = krb5_ret_creds(sp, &creds); in _gsskrb5_import_cred()
204 ret = krb5_cc_initialize(context, id, creds.client); in _gsskrb5_import_cred()
211 ret = krb5_cc_store_cred(context, id, &creds); in _gsskrb5_import_cred()
212 krb5_free_cred_contents(context, &creds); in _gsskrb5_import_cred()
|
| H A D | init_sec_context.c | 321 krb5_creds creds; in do_delegation() local
325 memset (&creds, 0, sizeof(creds)); in do_delegation()
328 kret = krb5_cc_get_principal(context, ccache, &creds.client); in do_delegation()
333 &creds.server, in do_delegation()
334 creds.client->realm, in do_delegation()
336 creds.client->realm, in do_delegation()
341 creds.times.endtime = 0; in do_delegation()
356 &creds, in do_delegation()
365 if (creds.client) in do_delegation()
366 krb5_free_principal(context, creds.client); in do_delegation()
[all …]
|
| /freebsd/crypto/heimdal/kcm/ |
| H A D | cache.c | 164 for (k = p->creds; k != NULL; k = k->next) in kcm_debug_ccache()
318 slot->creds = NULL; in kcm_ccache_alloc()
346 k = ccache->creds; in kcm_ccache_remove_creds_internal()
355 ccache->creds = NULL; in kcm_ccache_remove_creds_internal()
489 if (ccache->creds == NULL) { in kcm_ccache_destroy_if_empty()
500 krb5_creds *creds, in kcm_ccache_store_cred() argument
509 ret = kcm_ccache_store_cred_internal(context, ccache, creds, copy, &tmp); in kcm_ccache_store_cred()
522 for (c = ccache->creds; c != NULL; c = c->next) in kcm_ccache_find_cred_uuid()
534 krb5_creds *creds, in kcm_ccache_store_cred_internal() argument
541 for (c = &ccache->creds; *c != NULL; c = &(*c)->next) in kcm_ccache_store_cred_internal()
[all …]
|
| H A D | glue.c | 117 krb5_creds *creds) in kcmss_store_cred() argument
125 ret = kcm_ccache_store_cred_internal(context, c, creds, 1, &tmp); in kcmss_store_cred()
135 krb5_creds *creds) in kcmss_retrieve() argument
148 ret = krb5_copy_creds_contents(context, credp, creds); in kcmss_retrieve()
180 *cursor = c->creds; in kcmss_get_first()
189 krb5_creds *creds) in kcmss_get_next() argument
198 creds); in kcmss_get_next()
|
| /freebsd/lib/libpam/modules/pam_krb5/ |
| H A D | pam_krb5.c | 119 krb5_creds creds; in pam_sm_authenticate() local
281 memset(&creds, 0, sizeof(krb5_creds)); in pam_sm_authenticate()
282 krbret = krb5_get_init_creds_password(krbctx, &creds, princ, in pam_sm_authenticate()
312 krbret = krb5_cc_store_cred(krbctx, ccache, &creds); in pam_sm_authenticate()
367 krb5_free_cred_contents(krbctx, &creds); in pam_sm_authenticate()
409 krb5_creds creds; in pam_sm_setcred()
576 while (krb5_cc_next_cred(krbctx, ccache_temp, &cursor, &creds) == 0) { in pam_sm_setcred()
577 krbret = krb5_cc_store_cred(krbctx, ccache_perm, &creds); in pam_sm_setcred()
582 krb5_free_cred_contents(krbctx, &creds); in pam_sm_setcred()
586 krb5_free_cred_contents(krbctx, &creds); in pam_sm_setcred()
[all …]
|
| /freebsd/crypto/heimdal/appl/kf/ |
| H A D | kf.c | 135 krb5_creds creds; in proto() local
204 memset (&creds, 0, sizeof(creds)); in proto()
220 creds.client = principal; in proto()
223 &creds.server, in proto()
235 creds.times.endtime = 0; in proto()
246 &creds, in proto()
|
| /freebsd/crypto/heimdal/kuser/ |
| H A D | klist.c | 237 krb5_creds creds; in print_tickets() local
305 &creds)) == 0) { in print_tickets()
306 if (!do_hidden && krb5_is_config_principal(context, creds.server)) { in print_tickets()
309 print_cred_verbose(context, &creds); in print_tickets()
311 print_cred(context, &creds, ct, do_flags); in print_tickets()
313 krb5_free_cred_contents (context, &creds); in print_tickets()
339 krb5_creds creds; in check_for_tgt() local
353 ret = krb5_cc_retrieve_cred (context, ccache, 0, &pattern, &creds); in check_for_tgt()
361 expired = time(NULL) > creds.times.endtime; in check_for_tgt()
364 *expiration = creds.times.endtime; in check_for_tgt()
[all …]
|
| /freebsd/crypto/heimdal/doc/ |
| H A D | init-creds | 66 krb5_creds *creds,
216 krb5_creds *creds,
222 This function will use the initial ticket in creds to make an AP_REQ
233 If the service of the ticket in creds is the same as the service name
289 krb5_get_init_creds(context, &creds, client,
292 krb5_cc_store_cred(context, ccache, &creds);
293 krb5_free_cred_contents(context, &creds);
297 krb5_get_init_creds(context, &creds, client,
300 krb5_verify_init_creds(context, &creds, NULL, NULL, &vcc, NULL);
302 krb5_cc_store_cred(context, ccache, &creds);
[all …]
|
| /freebsd/crypto/openssh/ |
| H A D | platform.c | 131 char **creds = NULL, *chroot_creds[] = in platform_setusercontext_post_groups() local
136 creds = chroot_creds; in platform_setusercontext_post_groups()
138 if (setpcred(pw->pw_name, creds) == -1) in platform_setusercontext_post_groups()
|
| H A D | auth-krb5.c | 75 krb5_creds creds; in auth_krb5_password() local
142 problem = krb5_get_init_creds_password(authctxt->krb5_ctx, &creds, in auth_krb5_password()
153 problem = krb5_verify_init_creds(authctxt->krb5_ctx, &creds, server, in auth_krb5_password()
177 authctxt->krb5_fwd_ccache, &creds); in auth_krb5_password()
|
| H A D | gss-serv.c | 120 ctx->name, 0, oidset, GSS_C_ACCEPT, &ctx->creds, in ssh_gssapi_acquire_cred()
128 ctx->creds = GSS_C_NO_CREDENTIAL; in ssh_gssapi_acquire_cred()
184 &ctx->context, ctx->creds, recv_tok, in ssh_gssapi_accept_ctx()
314 client->creds = ctx->client_creds; in ssh_gssapi_getclient()
376 gss_release_cred(&lmin, &gssapi_client.creds); in ssh_gssapi_userok()
|
| /freebsd/lib/libpam/modules/pam_ksu/ |
| H A D | pam_ksu.c | 115 krb5_creds creds; in auth_krb5() local
143 rv = krb5_get_init_creds_password(context, &creds, su_principal, in auth_krb5()
153 rv = krb5_verify_init_creds(context, &creds, NULL, NULL, NULL, in auth_krb5()
155 krb5_free_cred_contents(context, &creds); in auth_krb5()
|