2 * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "krb5_locl.h"
37 RCSID("$Id: replay.c,v 1.9 2001/07/03 19:33:13 assar Exp $");
39 struct krb5_rcache_data
{
44 krb5_rc_resolve(krb5_context context
,
48 id
->name
= strdup(name
);
49 if(id
->name
== NULL
) {
50 krb5_set_error_string (context
, "malloc: out of memory");
51 return KRB5_RC_MALLOC
;
57 krb5_rc_resolve_type(krb5_context context
,
61 if(strcmp(type
, "FILE")) {
62 krb5_set_error_string (context
, "replay cache type %s not supported",
64 return KRB5_RC_TYPE_NOTFOUND
;
66 *id
= calloc(1, sizeof(**id
));
68 krb5_set_error_string (context
, "malloc: out of memory");
69 return KRB5_RC_MALLOC
;
75 krb5_rc_resolve_full(krb5_context context
,
77 const char *string_name
)
80 if(strncmp(string_name
, "FILE:", 5)) {
81 krb5_set_error_string (context
, "replay cache type %s not supported",
83 return KRB5_RC_TYPE_NOTFOUND
;
85 ret
= krb5_rc_resolve_type(context
, id
, "FILE");
88 ret
= krb5_rc_resolve(context
, *id
, string_name
+ 5);
93 krb5_rc_default_name(krb5_context context
)
95 return "FILE:/var/run/default_rcache";
99 krb5_rc_default_type(krb5_context context
)
105 krb5_rc_default(krb5_context context
,
108 return krb5_rc_resolve_full(context
, id
, krb5_rc_default_name(context
));
113 unsigned char data
[16];
117 krb5_rc_initialize(krb5_context context
,
119 krb5_deltat auth_lifespan
)
121 FILE *f
= fopen(id
->name
, "w");
127 krb5_set_error_string (context
, "open(%s): %s", id
->name
,
131 tmp
.stamp
= auth_lifespan
;
132 fwrite(&tmp
, 1, sizeof(tmp
), f
);
138 krb5_rc_recover(krb5_context context
,
145 krb5_rc_destroy(krb5_context context
,
150 if(remove(id
->name
) < 0) {
152 krb5_set_error_string (context
, "remove(%s): %s", id
->name
,
156 return krb5_rc_close(context
, id
);
160 krb5_rc_close(krb5_context context
,
169 checksum_authenticator(Authenticator
*auth
, void *data
)
175 MD5_Update (&md5
, auth
->crealm
, strlen(auth
->crealm
));
176 for(i
= 0; i
< auth
->cname
.name_string
.len
; i
++)
177 MD5_Update(&md5
, auth
->cname
.name_string
.val
[i
],
178 strlen(auth
->cname
.name_string
.val
[i
]));
179 MD5_Update (&md5
, &auth
->ctime
, sizeof(auth
->ctime
));
180 MD5_Update (&md5
, &auth
->cusec
, sizeof(auth
->cusec
));
181 MD5_Final (data
, &md5
);
185 krb5_rc_store(krb5_context context
,
187 krb5_donot_replay
*rep
)
189 struct rc_entry ent
, tmp
;
194 ent
.stamp
= time(NULL
);
195 checksum_authenticator(rep
, ent
.data
);
196 f
= fopen(id
->name
, "r");
199 krb5_set_error_string (context
, "open(%s): %s", id
->name
,
203 fread(&tmp
, sizeof(ent
), 1, f
);
204 t
= ent
.stamp
- tmp
.stamp
;
205 while(fread(&tmp
, sizeof(ent
), 1, f
)){
208 if(memcmp(tmp
.data
, ent
.data
, sizeof(ent
.data
)) == 0){
210 krb5_clear_error_string (context
);
211 return KRB5_RC_REPLAY
;
217 krb5_set_error_string (context
, "%s: %s", id
->name
, strerror(ret
));
221 f
= fopen(id
->name
, "a");
223 krb5_set_error_string (context
, "open(%s): %s", id
->name
,
225 return KRB5_RC_IO_UNKNOWN
;
227 fwrite(&ent
, 1, sizeof(ent
), f
);
233 krb5_rc_expunge(krb5_context context
,
240 krb5_rc_get_lifespan(krb5_context context
,
242 krb5_deltat
*auth_lifespan
)
244 FILE *f
= fopen(id
->name
, "r");
247 r
= fread(&ent
, sizeof(ent
), 1, f
);
250 *auth_lifespan
= ent
.stamp
;
253 krb5_clear_error_string (context
);
254 return KRB5_RC_IO_UNKNOWN
;
258 krb5_rc_get_name(krb5_context context
,
265 krb5_rc_get_type(krb5_context context
,
272 krb5_get_server_rcache(krb5_context context
,
273 const krb5_data
*piece
,
279 char *tmp
= malloc(4 * piece
->length
+ 1);
283 krb5_set_error_string (context
, "malloc: out of memory");
286 strvisx(tmp
, piece
->data
, piece
->length
, VIS_WHITE
| VIS_OCTAL
);
288 asprintf(&name
, "FILE:rc_%s_%u", tmp
, (unsigned)geteuid());
290 asprintf(&name
, "FILE:rc_%s", tmp
);
294 krb5_set_error_string (context
, "malloc: out of memory");
298 ret
= krb5_rc_resolve_full(context
, &rcache
, name
);