From c5e3c6a36532a33560dbb28949932e2ca0480123 Mon Sep 17 00:00:00 2001
From: Chenxiong Qi <cqi@redhat.com>
Date: Dec 01 2016 06:38:47 +0000
Subject: Rewrite has_creds


Original has_creds calls krb5_cccol_have_content that is only available since
version 1.11 of krb5 library, but in EL6, e.g. the CentOS and RHEL6, just an
old version in the repository. Rewriting has_creds aims to make cccolutils be
usable in all Fedora dist and both EL6 and EL7.

Signed-off-by: Chenxiong Qi <cqi@redhat.com>

---

diff --git a/.gitignore b/.gitignore
index ea2253b..8f0dd56 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,8 @@
 /MANIFEST
+*.swp
+*.so
+*.pyc
+
+.env/
+*.egg-info/
+build/
diff --git a/cccolutils.c b/cccolutils.c
index aff1c8d..29d9216 100644
--- a/cccolutils.c
+++ b/cccolutils.c
@@ -70,21 +70,49 @@ get_username(PyObject *self, PyObject *args)
 static PyObject *
 has_creds(PyObject *self, PyObject *args)
 {
+	krb5_ccache cache;
+	krb5_cccol_cursor cursor;
+	krb5_cc_cursor cache_cursor;
+	krb5_creds creds;
 	krb5_error_code code;
-	code = krb5_cccol_have_content(kcontext);
-	if (code == 0)
-	{
-		Py_RETURN_TRUE;
-	}
-	else if (code == KRB5_CC_NOTFOUND)
-	{
+	int found = FALSE;
+
+	if (krb5_cccol_cursor_new(kcontext, &cursor))
 		Py_RETURN_FALSE;
-	}
-	else
+
+	while (!(code = krb5_cccol_cursor_next(kcontext, cursor, &cache)) &&
+	       cache != NULL)
 	{
-		PyErr_SetString(PyExc_RuntimeError, "Error checking content of credential cache.");
-		return NULL;
+		code = krb5_cc_start_seq_get(kcontext, cache, &cache_cursor);
+		if (code)
+			break;
+
+		while (0 == krb5_cc_next_cred(kcontext, cache, &cache_cursor, &creds))
+		{
+			if (!krb5_is_config_principal(kcontext, creds.server))
+			{
+				found = TRUE;
+				krb5_free_cred_contents(kcontext, &creds);
+				break;
+			}
+		}
+
+		krb5_cc_end_seq_get(kcontext, cache, &cache_cursor);
+		krb5_cc_close(kcontext, cache);
+
+		if (found)
+			/* If a credential is already found in this current
+			 * credential cache, no need to iterate next credential
+			 * cache and terminate now. */
+			break;
 	}
+
+	krb5_cccol_cursor_free(kcontext, &cursor);
+
+	if (found)
+		Py_RETURN_TRUE;
+	else
+		Py_RETURN_FALSE;
 }
 
 static PyMethodDef CCColUtilsMethods[] = {