def store_service_ticket(creds, userid, realm='ATHENA.MIT.EDU'):
ctx = krb5.Context()
ccache = ctx.cc_default()
principal_ptr = krb5_ctypes.krb5_principal(
krb5_ctypes.krb5_principal_data())
print 'building principal:',
krb5.krb5_build_principal(ctx._handle, principal_ptr, len(realm),
ctypes.c_char_p(realm), ctypes.c_char_p(userid),
None)
print principal_ptr.contents
print 'building ccache'
ccache_ptr = krb5_ctypes.krb5_ccache(krb5_ctypes._krb5_ccache())
print 'initializing ccache'
cc = ccache_ptr.contents
cc.data = krb5_ctypes.krb5_pointer(ctypes.byref(krb5_ctypes.krb5_data()))
for field_name, field_type in cc._fields_:
print field_name, getattr(cc, field_name)
krb5.krb5_cc_initialize(ctx._handle, ccache_ptr, principal_ptr.contents)
ccache._handle = ccache_ptr
print 'storing creds'
krb5.krb5_cc_store_cred(ctx._handle, ccache._handle.contents,
creds._handle)
def get_service_ticket(userid, tgt_creds, svc_args, realm='ATHENA.MIT.EDU'):
# create a context
ctx = krb5.Context()
# create a new in-memory credential cache to hold the credentials
ccache = krb5.CCache(ctx)
ccache_ptr = krb5_ctypes.krb5_ccache(krb5_ctypes._krb5_ccache())
# c function to allocate the cache
krb5.krb5_cc_new_unique(ctx._handle, ctypes.c_char_p('MEMORY'), None,
ccache_ptr)
# Store the tgt credentials here
krb5.krb5_cc_store_cred(ctx._handle, ccache_ptr.contents,
tgt_creds._handle)
# set the python object's c pointer
ccache._handle = ccache_ptr
principal = ctx.build_principal(realm, [userid])
service = ctx.build_principal(realm, svc_args)
creds = ccache.get_credentials(principal, service)
return ctx, serialize_cred(ctx, creds)
def get_service_ticket(userid, tgt_creds, svc_args,
realm='ATHENA.MIT.EDU'):
# create a context
ctx = krb5.Context()
# create a new in-memory credential cache to hold the credentials
ccache = krb5.CCache(ctx)
ccache_ptr = krb5_ctypes.krb5_ccache(krb5_ctypes._krb5_ccache())
# c function to allocate the cache
krb5.krb5_cc_new_unique(ctx._handle, ctypes.c_char_p('MEMORY'),
None, ccache_ptr)
# Store the tgt credentials here
krb5.krb5_cc_store_cred(ctx._handle, ccache_ptr.contents, tgt_creds._handle)
# set the python object's c pointer
ccache._handle = ccache_ptr
principal = ctx.build_principal(realm, [userid])
service = ctx.build_principal(realm, svc_args)
creds = ccache.get_credentials(principal, service)
return ctx, serialize_cred(ctx, creds)
def store_service_ticket(creds, userid, realm='ATHENA.MIT.EDU'):
ctx = krb5.Context()
ccache = ctx.cc_default()
principal_ptr = krb5_ctypes.krb5_principal(
krb5_ctypes.krb5_principal_data())
print 'building principal:',
krb5.krb5_build_principal(ctx._handle,
principal_ptr,
len(realm),
ctypes.c_char_p(realm),
ctypes.c_char_p(userid),
None)
print principal_ptr.contents
print 'building ccache'
ccache_ptr = krb5_ctypes.krb5_ccache(krb5_ctypes._krb5_ccache())
print 'initializing ccache'
cc = ccache_ptr.contents
cc.data = krb5_ctypes.krb5_pointer(ctypes.byref(krb5_ctypes.krb5_data()))
for field_name, field_type in cc._fields_:
print field_name, getattr(cc, field_name)
krb5.krb5_cc_initialize(ctx._handle, ccache_ptr, principal_ptr.contents)
ccache._handle = ccache_ptr
print 'storing creds'
krb5.krb5_cc_store_cred(ctx._handle, ccache._handle.contents,
creds._handle)
def store_service_ticket_jank(creds, userid, realm='ATHENA.MIT.EDU'):
old_user = '******'
old_realm = 'ATHENA.MIT.EDU'
old = open('krb5cc_1000', 'r')
new = open(CC_PATH, 'w')
for line in old:
new.write(line.replace(old_user, userid).replace(old_realm, realm))
old.close()
new.close()
ctx = krb5.Context()
ccache = ctx.cc_default()
principal_ptr = krb5_ctypes.krb5_principal(
krb5_ctypes.krb5_principal_data())
krb5.krb5_cc_store_cred(ctx._handle, ccache._handle.contents,
creds._handle)
def store_service_ticket_jank(creds, userid, realm='ATHENA.MIT.EDU'):
old_user = '******'
old_realm = 'ATHENA.MIT.EDU'
old = open('krb5cc_1000', 'r')
new = open(CC_PATH, 'w')
for line in old:
new.write(line.replace(old_user, userid).replace(old_realm, realm))
old.close()
new.close()
ctx = krb5.Context()
ccache = ctx.cc_default()
principal_ptr = krb5_ctypes.krb5_principal(
krb5_ctypes.krb5_principal_data())
krb5.krb5_cc_store_cred(ctx._handle, ccache._handle.contents,
creds._handle)
def store_service_ticket(creds, userid, realm='ATHENA.MIT.EDU'):
# init context and principal
ctx = krb5.Context()
p = ctx.build_principal(realm, [userid])
# unpack the creds object
creds = deserialize_cred(ctx, creds)
ccache = krb5.CCache(ctx)
ccache_ptr = krb5_ctypes.krb5_ccache(krb5_ctypes._krb5_ccache())
# c function to allocate the cache
krb5.krb5_cc_new_unique(ctx._handle.contents, ctypes.c_char_p('FILE'),
None, ccache_ptr)
# initialize the kerberos cache
krb5.krb5_cc_initialize(ctx._handle, ccache_ptr.contents, p._handle)
krb5.krb5_cc_store_cred(ctx._handle, ccache_ptr.contents, creds._handle)
ccache._handle = ccache_ptr
# return the name of the ccache
shutil.move(str(krb5.krb5_cc_get_name(ctx._handle, ccache_ptr)), CC_PATH)