Last active
December 10, 2015 09:21
-
-
Save jenrzzz/d8c471625cc018d6f555 to your computer and use it in GitHub Desktop.
Trying to find a portable way to get the active Kerberos principal name
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#ifdef __APPLE__ | |
/* /System/Library/Frameworks/GSS.framework/GSS should be statically linked */ | |
#include <GSS/GSS.h> | |
#else | |
#include <gssapi/gssapi.h> | |
#include <gssapi/gssapi_krb5.h> | |
#endif | |
void init_gss() { | |
OM_uint32 major_status, minor_status; | |
/* gss_init_sec_context(&minor_status, */ | |
} | |
void acquire_cred() { | |
gss_cred_id_t cred = NULL; | |
OM_uint32 minor_status; | |
gss_name_t aname = NULL; | |
} | |
char * display_name(gss_name_t name, gss_buffer_t str) { | |
OM_uint32 minor_status; | |
gss_OID type; | |
gss_display_name(&minor_status, name, str, &type); | |
return str->value; | |
} | |
void inquire_cred() { | |
OM_uint32 minor_status; | |
gss_name_t name; | |
OM_uint32 lifetime; | |
gss_buffer_desc str; | |
int rv = gss_inquire_cred(&minor_status, GSS_C_NO_CREDENTIAL, &name, &lifetime, NULL, NULL); | |
switch(rv) { | |
case GSS_S_COMPLETE: | |
printf("%s valid for %d seconds\n", display_name(name, &str), lifetime); | |
break; | |
case GSS_S_CREDENTIALS_EXPIRED: | |
printf("%s is expired\n", display_name(name, &str)); | |
break; | |
case GSS_S_DEFECTIVE_CREDENTIAL: | |
printf("%s is not valid\n", display_name(name, &str)); | |
break; | |
case GSS_S_NO_CRED: | |
puts("There are no default credentials available."); | |
break; | |
default: | |
printf("Something bad happened: minor status %d\n", minor_status); | |
break; | |
} | |
} | |
int main() { | |
inquire_cred(); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'ffi' | |
module GSS | |
extend FFI::Library | |
FFI::add_typedef(:uint32, :OM_uint32) | |
ffi_lib ['/System/Frameworks/GSS.framework/GSS', 'gss'], FFI::Library::LIBC | |
# void *malloc(size_t size); | |
attach_function :malloc, [:size_t], :pointer | |
# void *memcpy(void *dest, const void *src, size_t n); | |
attach_function :memcpy, [:pointer, :pointer, :size_t], :pointer | |
# OM_uint32 gss_display_name(OM_uint32 * minor_status, | |
# gss_name_t input_name, | |
# gss_buffer_t output_name_buffer, | |
# gss_OID * output_name_type) | |
attach_function :gss_display_name, [:pointer, :pointer, :pointer, :pointer], :OM_uint32 | |
# OM_uint32 gss_inquire_cred(OM_uint32 * minor_status, | |
# gss_cred_id_t cred_handle, | |
# gss_name_t * name, | |
# OM_uint32 * lifetime, | |
# gss_cred_usage_t * cred_usage, | |
# gss_OID_set * mechanisms) | |
attach_function :gss_inquire_cred, 6.times.collect { :pointer }, :OM_uint32 | |
# OM_uint32 gss_release_name(OM_uint32 * minor_status, gss_name_t * name); | |
attach_function :gss_release_name, [:pointer, :pointer], :OM_uint32 | |
# OM_uint32 gss_release_buffer(OM_uint32 * minor_status, gss_buffer_t buffer); | |
attach_function :gss_release_buffer, [:pointer, :pointer], :OM_uint32 | |
# OM_uint32 gss_release_cred(OM_uint32 *minor_status, gss_cred_id_t *cred_handle); | |
attach_function :gss_release_cred, [:pointer, :pointer], :OM_uint32 | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment