src/platform/DARWIN/AFSPreference/Krb5Util.m

   1 //
   2 //  Krb5Util.m
   3 //  OpenAFS
   4 //
   5 //  Created by Claudio Bisegni on 20/03/10.
   6 //  Copyright 2010 INFN. All rights reserved.
   7 //
   8
   9 #import "Krb5Util.h"
  10
  11 @implementation Krb5Util
  12 +(KLStatus) getNewTicketIfNotPresent {
  13         KLPrincipal             princ = nil;
  14         KLStatus                kstatus = noErr;
  15         char                    *princName = 0L;
  16         KLBoolean       outFoundValidTickets = false;
  17         KLLoginOptions  inLoginOptions = nil;
  18
  19         @try{
  20                 kstatus = KLCacheHasValidTickets(nil, kerberosVersion_All, &outFoundValidTickets, nil, nil);
  21                 if(!outFoundValidTickets) {
  22                     kstatus = KLCreateLoginOptions(&inLoginOptions);
  23                     if (kstatus != noErr)
  24                         @throw [NSException exceptionWithName:@"Krb5Util"
  25                                             reason:@"getNewTicketIfNotPresent"
  26                                             userInfo:nil];
  27                     else {
  28                         KLLifetime valuel;
  29                         KLSize sizel = sizeof (valuel);
  30                         KLBoolean value;
  31                         KLSize size = sizeof (value);
  32                         kstatus = KLGetDefaultLoginOption (loginOption_DefaultTicketLifetime, &valuel, &sizel);
  33
  34                         if (kstatus == noErr)
  35                             kstatus = KLLoginOptionsSetTicketLifetime
  36                                 (inLoginOptions, valuel);
  37
  38                         kstatus = KLGetDefaultLoginOption
  39                             (loginOption_DefaultRenewableTicket, &value,
  40                              &size);
  41                         if (kstatus == noErr)
  42                             if ((value != 0) &&
  43                                 ((kstatus = KLGetDefaultLoginOption
  44                                   (loginOption_DefaultRenewableLifetime,
  45                                    &value, &size)) == noErr))
  46                                 kstatus = KLLoginOptionsSetRenewableLifetime
  47                                 (inLoginOptions, value);
  48                             else {
  49                                 kstatus = KLLoginOptionsSetRenewableLifetime(inLoginOptions, 0L);
  50                         }
  51                         kstatus = KLGetDefaultLoginOption
  52                             (loginOption_DefaultForwardableTicket, &value,
  53                              &size);
  54
  55                         if (kstatus == noErr)
  56                             kstatus = KLLoginOptionsSetForwardable
  57                                 (inLoginOptions, value);
  58
  59                         kstatus = KLGetDefaultLoginOption
  60                             (loginOption_DefaultProxiableTicket, &value,
  61                              &size);
  62
  63                         if (kstatus == noErr)
  64                             kstatus = KLLoginOptionsSetProxiable
  65                                 (inLoginOptions, value);
  66
  67                         kstatus = KLGetDefaultLoginOption
  68                             (loginOption_DefaultAddresslessTicket, &value,
  69                              &size);
  70
  71                         if (kstatus == noErr)
  72                             kstatus = KLLoginOptionsSetAddressless
  73                                 (inLoginOptions, value);
  74                     }
  75
  76                     if (kstatus == noErr)
  77                         kstatus = KLAcquireNewInitialTickets(nil,
  78                                                              inLoginOptions,
  79                                                              &princ,
  80                                                              &princName);
  81                     if(kstatus != noErr && kstatus != klUserCanceledErr)
  82                         @throw [NSException exceptionWithName:@"Krb5Util"
  83                                             reason:@"getNewTicketIfNotPresent"
  84                                             userInfo:nil];
  85                     if (inLoginOptions != NULL) {
  86                         KLDisposeLoginOptions (inLoginOptions);
  87                     }
  88                 }
  89         }
  90         @catch (NSException * e) {
  91                 @throw e;
  92         }
  93         @finally {
  94                 KLDisposeString (princName);
  95                 KLDisposePrincipal (princ);
  96         }
  97         return kstatus;
  98 }
  99
 100 +(KLStatus) renewTicket:(NSTimeInterval)secToExpire
 101                           renewTime:(NSTimeInterval)renewTime {
 102         KLPrincipal             princ = nil;
 103         KLStatus                kstatus = noErr;
 104         char                    *princName = 0L;
 105         KLTime          expireStartTime;
 106         KLLoginOptions  inLoginOptions;
 107         KLLifetime      inTicketLifetime = renewTime;
 108         NSDate                  *expirationDate = nil;
 109         @try {
 110                 //prepare the login option
 111                 kstatus = KLCreateLoginOptions(&inLoginOptions);
 112                 //set the lifetime of ticket
 113                 kstatus = KLLoginOptionsSetTicketLifetime (inLoginOptions,  inTicketLifetime);
 114                 kstatus = KLLoginOptionsSetRenewableLifetime (inLoginOptions, 0L);
 115                 kstatus = KLLoginOptionsSetTicketStartTime (inLoginOptions, 0);
 116                 //set the preference renewable time
 117                 //kstatus =  KLLoginOptionsSetRenewableLifetime (inLoginOptions, inTicketLifetime);
 118                 //check the start time
 119                 kstatus = KLTicketExpirationTime (nil, kerberosVersion_All, &expireStartTime);
 120                 expirationDate = [NSDate dateWithTimeIntervalSince1970:expireStartTime];
 121
 122                 //NSLog(@"Ticket Expiration time: %@", [expirationDate description]);
 123                 NSTimeInterval secondToExpireTime = [expirationDate timeIntervalSinceNow];
 124                 if(secondToExpireTime <= secToExpire) {
 125                         kstatus = KLRenewInitialTickets ( nil, inLoginOptions, nil, nil);
 126                         //kstatus = KLTicketExpirationTime (nil, kerberosVersion_All, &expireStartTime);
 127                         //expirationDate = [NSDate dateWithTimeIntervalSince1970:expireStartTime];
 128                         //NSLog(@"Ticket Renewed Unitl %@", expirationDate);
 129                 }
 130         }
 131         @catch (NSException * e) {
 132                 @throw e;
 133         }
 134         @finally {
 135                 KLDisposeString (princName);
 136                 KLDisposePrincipal (princ);
 137                 KLDisposeLoginOptions(inLoginOptions);
 138         }
 139         return kstatus;
 140 }
 141 @end