Lines Matching refs:kssl_ctx
1050 /* Given krb5 service (typically "kssl") and hostname in kssl_ctx,
1061 kssl_cget_tkt( /* UPDATE */ KSSL_CTX *kssl_ctx,
1076 if (!kssl_ctx)
1079 "No kssl_ctx defined.\n");
1082 else if (!kssl_ctx->service_host)
1085 "kssl_ctx service_host undefined.\n");
1098 kssl_ctx->service_host,
1099 (kssl_ctx->service_name)? kssl_ctx->service_name: KRB5SVC,
1104 kssl_ctx->service_host,
1105 (kssl_ctx->service_name)? kssl_ctx->service_name:
1136 kssl_ctx->enctype = krb5credsp->session.keytype;
1138 kssl_ctx->enctype = krb5credsp->keyblock.enctype;
1187 if (kssl_ctx_setkey(kssl_ctx, &krb5credsp->session))
1193 if (kssl_ctx_setkey(kssl_ctx, &krb5credsp->keyblock))
1203 kssl_ctx_show(kssl_ctx);
1301 /* Given krb5 service name in KSSL_CTX *kssl_ctx (typically "kssl"),
1304 ** to SSL Server in KSSL_CTX *kssl_ctx.
1309 kssl_sget_tkt( /* UPDATE */ KSSL_CTX *kssl_ctx,
1327 if (!kssl_ctx)
1330 "No kssl_ctx defined.\n");
1335 printf("in kssl_sget_tkt(%s)\n", kstring(kssl_ctx->service_name));
1370 (kssl_ctx->service_name)? kssl_ctx->service_name: KRB5SVC,
1398 /* kssl_ctx->keytab_file == NULL ==> use Kerberos default
1400 if (kssl_ctx->keytab_file)
1402 krb5rc = krb5_kt_resolve(krb5context, kssl_ctx->keytab_file,
1521 else if (kssl_ctx_setprinc(kssl_ctx, KSSL_CLIENT,
1529 else if (kssl_ctx_setkey(kssl_ctx, krb5ticket->enc_part2->session))
1542 kssl_ctx->enctype = krb5ticket->enc_part.enctype;
1550 kssl_ctx_show(kssl_ctx);
1561 /* Allocate & return a new kssl_ctx struct.
1563 KSSL_CTX *
1566 return ((KSSL_CTX *) kssl_calloc(1, sizeof(KSSL_CTX)));
1570 /* Frees a kssl_ctx struct and any allocated memory it holds.
1573 KSSL_CTX *
1574 kssl_ctx_free(KSSL_CTX *kssl_ctx)
1576 if (kssl_ctx == NULL) return kssl_ctx;
1578 if (kssl_ctx->key) OPENSSL_cleanse(kssl_ctx->key,
1579 kssl_ctx->length);
1580 if (kssl_ctx->key) kssl_free(kssl_ctx->key);
1581 if (kssl_ctx->client_princ) kssl_free(kssl_ctx->client_princ);
1582 if (kssl_ctx->service_host) kssl_free(kssl_ctx->service_host);
1583 if (kssl_ctx->service_name) kssl_free(kssl_ctx->service_name);
1584 if (kssl_ctx->keytab_file) kssl_free(kssl_ctx->keytab_file);
1586 kssl_free(kssl_ctx);
1587 return (KSSL_CTX *) NULL;
1593 ** of the kssl_ctx struct.
1596 kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
1603 if (kssl_ctx == NULL || entity == NULL) return KSSL_CTX_ERR;
1607 case KSSL_CLIENT: princ = &kssl_ctx->client_princ; break;
1608 case KSSL_SERVER: princ = &kssl_ctx->service_host; break;
1647 /* Set one of the plain (char *) string members of the kssl_ctx struct.
1653 kssl_ctx_setstring(KSSL_CTX *kssl_ctx, int which, char *text)
1657 if (!kssl_ctx) return KSSL_CTX_ERR;
1661 case KSSL_SERVICE: string = &kssl_ctx->service_name; break;
1662 case KSSL_SERVER: string = &kssl_ctx->service_host; break;
1663 case KSSL_CLIENT: string = &kssl_ctx->client_princ; break;
1664 case KSSL_KEYTAB: string = &kssl_ctx->keytab_file; break;
1684 /* Copy the Kerberos session key from a (krb5_keyblock *) to a kssl_ctx
1685 ** struct. Clear kssl_ctx->key if Kerberos session key is NULL.
1688 kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session)
1694 if (!kssl_ctx) return KSSL_CTX_ERR;
1696 if (kssl_ctx->key)
1698 OPENSSL_cleanse(kssl_ctx->key, kssl_ctx->length);
1699 kssl_free(kssl_ctx->key);
1714 kssl_ctx->enctype = enctype;
1715 kssl_ctx->length = length;
1719 kssl_ctx->enctype = ENCTYPE_UNKNOWN;
1720 kssl_ctx->length = 0;
1724 if ((kssl_ctx->key =
1725 (krb5_octet FAR *) kssl_calloc(1, kssl_ctx->length)) == NULL)
1727 kssl_ctx->length = 0;
1731 memcpy(kssl_ctx->key, contents, length);
1737 /* Display contents of kssl_ctx struct
1740 kssl_ctx_show(KSSL_CTX *kssl_ctx)
1744 printf("kssl_ctx: ");
1745 if (kssl_ctx == NULL)
1751 printf("%p\n", (void *)kssl_ctx);
1754 (kssl_ctx->service_name)? kssl_ctx->service_name: "NULL");
1756 (kssl_ctx->client_princ)? kssl_ctx->client_princ: "NULL");
1758 (kssl_ctx->service_host)? kssl_ctx->service_host: "NULL");
1760 (kssl_ctx->keytab_file)? kssl_ctx->keytab_file: "NULL");
1762 kssl_ctx->enctype, kssl_ctx->length);
1764 for (i=0; i < kssl_ctx->length && kssl_ctx->key; i++)
1766 printf("%02x", kssl_ctx->key[i]);
1773 kssl_keytab_is_available(KSSL_CTX *kssl_ctx)
1785 /* kssl_ctx->keytab_file == NULL ==> use Kerberos default
1787 if (kssl_ctx->keytab_file)
1789 krb5rc = krb5_kt_resolve(krb5context, kssl_ctx->keytab_file,
1803 kssl_ctx->service_name ? kssl_ctx->service_name: KRB5SVC,
1831 kssl_tgt_is_available(KSSL_CTX *kssl_ctx)
1841 if (!kssl_ctx)
1844 if (!kssl_ctx->service_host)
1851 kssl_ctx->service_host,
1852 (kssl_ctx->service_name)? kssl_ctx->service_name: KRB5SVC,
1871 kssl_ctx_show(kssl_ctx);
1995 /* IN */ KSSL_CTX *kssl_ctx,
2056 enctype = dec_authent->etype->data[0]; /* should = kssl_ctx->enctype */
2078 if (!EVP_CipherInit(&ciph_ctx,enc,kssl_ctx->key,iv,0))
2197 void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx)
2199 s->kssl_ctx = kctx;
2202 KSSL_CTX * SSL_get0_kssl_ctx(SSL *s)
2204 return s->kssl_ctx;
2207 char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx)