X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/python-afs.git/blobdiff_plain/0842a9cde6fc828bf8c3f3840dab0532b303bd22..41165a6d2c880400afc4b04700d05bd3fa537a42:/afs/_pts.pyx?ds=sidebyside

diff --git a/afs/_pts.pyx b/afs/_pts.pyx
index 1a90ea6..3c10b70 100644
--- a/afs/_pts.pyx
+++ b/afs/_pts.pyx
@@ -1,8 +1,8 @@
-from afs cimport *
-from afs import pyafs_error
+from afs._util cimport *
+from afs._util import pyafs_error
 import re
 
-cdef import from "afs/ptuser.h":
+cdef extern from "afs/ptuser.h":
     enum:
         PR_MAXNAMELEN
         PRGRP
@@ -68,11 +68,11 @@ cdef import from "afs/ptuser.h":
     int ubik_PR_ListEntries(ubik_client *, afs_int32, afs_int32, afs_int32, prentries *, afs_int32 *)
     int ubik_PR_SetFieldsEntry(ubik_client *, afs_int32, afs_int32, afs_int32, afs_int32, afs_int32, afs_int32, afs_int32, afs_int32)
 
-cdef import from "afs/pterror.h":
+cdef extern from "afs/pterror.h":
     enum:
         PRNOENT
 
-cdef import from "krb5/krb5.h":
+cdef extern from "krb5/krb5.h":
     struct _krb5_context:
         pass
     struct krb5_principal_data:
@@ -654,3 +654,43 @@ cdef class PTS:
         finally:
             if ctx is not NULL:
                 krb5_free_context(ctx)
+
+    def _Krb5ToAfs(self, krb5_name):
+        """Convert a Kerberos v5 principal to an AFS one."""
+        cdef krb5_context ctx = NULL
+        cdef krb5_principal k5_princ = NULL
+        cdef char *k4_name, *k4_inst, *k4_realm
+        cdef object afs_princ
+        cdef object afs_name, afs_realm
+
+        k4_name = <char *>malloc(40)
+        k4_name[0] = '\0'
+        k4_inst = <char *>malloc(40)
+        k4_inst[0] = '\0'
+        k4_realm = <char *>malloc(40)
+        k4_realm[0] = '\0'
+
+        code = krb5_init_context(&ctx)
+        try:
+            pyafs_error(code)
+
+            code = krb5_parse_name(ctx, krb5_name, &k5_princ)
+            try:
+                pyafs_error(code)
+
+                code = krb5_524_conv_principal(ctx, k5_princ, k4_name, k4_inst, k4_realm)
+                pyafs_error(code)
+
+                afs_princ = kname_unparse(k4_name, k4_inst, k4_realm)
+                afs_name, afs_realm = afs_princ.rsplit('@', 1)
+
+                if k4_realm == self.realm:
+                    return afs_name
+                else:
+                    return '%s@%s' % (afs_name, afs_realm.lower())
+            finally:
+                if k5_princ is not NULL:
+                    krb5_free_principal(ctx, k5_princ)
+        finally:
+            if ctx is not NULL:
+                krb5_free_context(ctx)