Develop Kerberos renew system for ticket
[openafs.git] / src / platform / DARWIN / AFSPreference / Krb5Util.m
1 //
2 //  Krb5Util.m
3 //  OpenAFS
4 //
5 //  Created by Claudio Bisegni on 20/03/10.
6 //  Copyright 2010 INFN. All rights reserved.
7 //
8
9 #import "Krb5Util.h"
10
11 @implementation Krb5Util
12 +(KLStatus) getNewTicketIfNotPresent {
13
14         KLPrincipal             princ = nil;
15         KLStatus                kstatus = noErr;
16         char                    *princName = 0L;
17         KLBoolean       outFoundValidTickets = false;
18         @try{
19                 kstatus = KLCacheHasValidTickets(nil, kerberosVersion_All, &outFoundValidTickets, nil, nil);
20                 if(!outFoundValidTickets) {
21                         kstatus = KLAcquireNewInitialTickets(nil, nil, &princ, &princName);
22                         if(kstatus != noErr && kstatus != klUserCanceledErr) @throw [NSException exceptionWithName:@"Krb5Util"
23                                                                                                                                                                                                 reason:@"getNewTicketIfNotPresent"
24                                                                                                                                                                                           userInfo:nil];
25                 }
26         }
27         @catch (NSException * e) {
28                 @throw e;
29         }
30         @finally {
31                 KLDisposeString (princName);
32                 KLDisposePrincipal (princ);
33         }
34         return kstatus;
35 }
36
37 +(KLStatus) renewTicket:(NSTimeInterval)secToExpire
38                           renewTime:(NSTimeInterval)renewTime {
39         KLPrincipal             princ = nil;
40         KLStatus                kstatus = noErr;
41         char                    *princName = 0L;
42         KLTime          expireStartTime;
43         KLLoginOptions  inLoginOptions;
44         KLLifetime      inTicketLifetime = renewTime;
45         NSDate                  *expirationDate = nil;
46
47         @try {
48                 //prepare the login option
49                 kstatus = KLCreateLoginOptions(&inLoginOptions);
50                 //set the lifetime of ticket
51                 kstatus = KLLoginOptionsSetTicketLifetime (inLoginOptions,  inTicketLifetime);
52                 kstatus = KLLoginOptionsSetRenewableLifetime (inLoginOptions, 0L);
53                 kstatus = KLLoginOptionsSetTicketStartTime (inLoginOptions, 0);
54                 //set the preference renewable time
55                 //kstatus =  KLLoginOptionsSetRenewableLifetime (inLoginOptions, inTicketLifetime);
56                 //check the start time
57                 kstatus = KLTicketExpirationTime (nil, kerberosVersion_All, &expireStartTime);
58
59                 expirationDate = [NSDate dateWithTimeIntervalSince1970:expireStartTime];
60                 //NSLog(@"Ticket Expiration time: %@", [expirationDate description]);
61                 NSTimeInterval secondToExpireTime = [expirationDate timeIntervalSinceNow];
62                 if(secondToExpireTime <= secToExpire) {
63
64                         kstatus = KLRenewInitialTickets ( nil, inLoginOptions, nil, nil);
65
66                         kstatus = KLTicketExpirationTime (nil, kerberosVersion_All, &expireStartTime);
67
68                         expirationDate = [NSDate dateWithTimeIntervalSince1970:expireStartTime];
69                         //NSLog(@"Ticket Renewed Unitl %@", expirationDate);
70                 }
71         }
72         @catch (NSException * e) {
73                 @throw e;
74         }
75         @finally {
76                 KLDisposeString (princName);
77                 KLDisposePrincipal (princ);
78                 KLDisposeLoginOptions(inLoginOptions);
79         }
80         return kstatus;
81 }
82 @end