2 * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "krb5_locl.h"
38 typedef struct krb5_fcache
{
48 #define KRB5_FCC_FVNO_1 1
49 #define KRB5_FCC_FVNO_2 2
50 #define KRB5_FCC_FVNO_3 3
51 #define KRB5_FCC_FVNO_4 4
53 #define FCC_TAG_DELTATIME 1
55 #define FCACHE(X) ((krb5_fcache*)(X)->data.data)
57 #define FILENAME(X) (FCACHE(X)->filename)
59 #define FCC_CURSOR(C) ((struct fcc_cursor*)(C))
62 fcc_get_name(krb5_context context
,
69 _krb5_xlock(krb5_context context
, int fd
, krb5_boolean exclusive
,
78 l
.l_type
= exclusive
? F_WRLCK
: F_RDLCK
;
79 l
.l_whence
= SEEK_SET
;
80 ret
= fcntl(fd
, F_SETLKW
, &l
);
82 ret
= flock(fd
, exclusive
? LOCK_EX
: LOCK_SH
);
86 if(ret
== EACCES
) /* fcntl can return EACCES instead of EAGAIN */
92 case EINVAL
: /* filesystem doesn't support locking, let the user have it */
96 krb5_set_error_string(context
, "timed out locking cache file %s",
100 krb5_set_error_string(context
, "error locking cache file %s: %s",
101 filename
, strerror(ret
));
108 _krb5_xunlock(krb5_context context
, int fd
)
116 l
.l_whence
= SEEK_SET
;
117 ret
= fcntl(fd
, F_SETLKW
, &l
);
119 ret
= flock(fd
, LOCK_UN
);
126 case EINVAL
: /* filesystem doesn't support locking, let the user have it */
130 krb5_set_error_string(context
,
131 "Failed to unlock file: %s", strerror(ret
));
137 static krb5_error_code
138 write_storage(krb5_context context
, krb5_storage
*sp
, int fd
)
144 ret
= krb5_storage_to_data(sp
, &data
);
146 krb5_set_error_string(context
, "malloc: out of memory");
149 sret
= write(fd
, data
.data
, data
.length
);
150 ret
= (sret
!= data
.length
);
151 krb5_data_free(&data
);
154 krb5_set_error_string(context
, "Failed to write FILE credential data");
161 static krb5_error_code
162 fcc_lock(krb5_context context
, krb5_ccache id
,
163 int fd
, krb5_boolean exclusive
)
165 return _krb5_xlock(context
, fd
, exclusive
, fcc_get_name(context
, id
));
168 static krb5_error_code
169 fcc_unlock(krb5_context context
, int fd
)
171 return _krb5_xunlock(context
, fd
);
174 static krb5_error_code
175 fcc_resolve(krb5_context context
, krb5_ccache
*id
, const char *res
)
178 f
= malloc(sizeof(*f
));
180 krb5_set_error_string(context
, "malloc: out of memory");
181 return KRB5_CC_NOMEM
;
183 f
->filename
= strdup(res
);
184 if(f
->filename
== NULL
){
186 krb5_set_error_string(context
, "malloc: out of memory");
187 return KRB5_CC_NOMEM
;
190 (*id
)->data
.data
= f
;
191 (*id
)->data
.length
= sizeof(*f
);
196 * Try to scrub the contents of `filename' safely.
205 pos
= lseek(fd
, 0, SEEK_END
);
208 if (lseek(fd
, 0, SEEK_SET
) < 0)
210 memset(buf
, 0, sizeof(buf
));
212 ssize_t tmp
= write(fd
, buf
, min(sizeof(buf
), pos
));
223 * Erase `filename' if it exists, trying to remove the contents if
224 * it's `safe'. We always try to remove the file, it it exists. It's
225 * only overwritten if it's a regular file (not a symlink and not a
229 static krb5_error_code
230 erase_file(krb5_context context
, const char *filename
)
233 struct stat sb1
, sb2
;
236 ret
= lstat (filename
, &sb1
);
240 fd
= open(filename
, O_RDWR
| O_BINARY
);
247 ret
= _krb5_xlock(context
, fd
, 1, filename
);
252 if (unlink(filename
) < 0) {
253 _krb5_xunlock(context
, fd
);
257 ret
= fstat (fd
, &sb2
);
259 _krb5_xunlock(context
, fd
);
264 /* check if someone was playing with symlinks */
266 if (sb1
.st_dev
!= sb2
.st_dev
|| sb1
.st_ino
!= sb2
.st_ino
) {
267 _krb5_xunlock(context
, fd
);
272 /* there are still hard links to this file */
274 if (sb2
.st_nlink
!= 0) {
275 _krb5_xunlock(context
, fd
);
280 ret
= scrub_file (fd
);
282 _krb5_xunlock(context
, fd
);
286 ret
= _krb5_xunlock(context
, fd
);
291 static krb5_error_code
292 fcc_gen_new(krb5_context context
, krb5_ccache
*id
)
298 f
= malloc(sizeof(*f
));
300 krb5_set_error_string(context
, "malloc: out of memory");
301 return KRB5_CC_NOMEM
;
303 asprintf (&file
, "%sXXXXXX", KRB5_DEFAULT_CCFILE_ROOT
);
306 krb5_set_error_string(context
, "malloc: out of memory");
307 return KRB5_CC_NOMEM
;
312 krb5_set_error_string(context
, "mkstemp %s", file
);
320 (*id
)->data
.data
= f
;
321 (*id
)->data
.length
= sizeof(*f
);
326 storage_set_flags(krb5_context context
, krb5_storage
*sp
, int vno
)
330 case KRB5_FCC_FVNO_1
:
331 flags
|= KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS
;
332 flags
|= KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE
;
333 flags
|= KRB5_STORAGE_HOST_BYTEORDER
;
335 case KRB5_FCC_FVNO_2
:
336 flags
|= KRB5_STORAGE_HOST_BYTEORDER
;
338 case KRB5_FCC_FVNO_3
:
339 flags
|= KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE
;
341 case KRB5_FCC_FVNO_4
:
345 "storage_set_flags called with bad vno (%x)", vno
);
347 krb5_storage_set_flags(sp
, flags
);
350 static krb5_error_code
351 fcc_open(krb5_context context
,
357 krb5_boolean exclusive
= ((flags
| O_WRONLY
) == flags
||
358 (flags
| O_RDWR
) == flags
);
360 const char *filename
= FILENAME(id
);
362 fd
= open(filename
, flags
, mode
);
365 krb5_set_error_string(context
, "open(%s): %s", filename
,
370 if((ret
= fcc_lock(context
, id
, fd
, exclusive
)) != 0) {
378 static krb5_error_code
379 fcc_initialize(krb5_context context
,
381 krb5_principal primary_principal
)
383 krb5_fcache
*f
= FCACHE(id
);
386 char *filename
= f
->filename
;
390 ret
= fcc_open(context
, id
, &fd
, O_RDWR
| O_CREAT
| O_EXCL
| O_BINARY
, 0600);
395 sp
= krb5_storage_emem();
396 krb5_storage_set_eof_code(sp
, KRB5_CC_END
);
397 if(context
->fcache_vno
!= 0)
398 f
->version
= context
->fcache_vno
;
400 f
->version
= KRB5_FCC_FVNO_4
;
401 ret
|= krb5_store_int8(sp
, 5);
402 ret
|= krb5_store_int8(sp
, f
->version
);
403 storage_set_flags(context
, sp
, f
->version
);
404 if(f
->version
== KRB5_FCC_FVNO_4
&& ret
== 0) {
406 if (context
->kdc_sec_offset
) {
407 ret
|= krb5_store_int16 (sp
, 12); /* length */
408 ret
|= krb5_store_int16 (sp
, FCC_TAG_DELTATIME
); /* Tag */
409 ret
|= krb5_store_int16 (sp
, 8); /* length of data */
410 ret
|= krb5_store_int32 (sp
, context
->kdc_sec_offset
);
411 ret
|= krb5_store_int32 (sp
, context
->kdc_usec_offset
);
413 ret
|= krb5_store_int16 (sp
, 0);
416 ret
|= krb5_store_principal(sp
, primary_principal
);
418 ret
|= write_storage(context
, sp
, fd
);
420 krb5_storage_free(sp
);
422 fcc_unlock(context
, fd
);
426 krb5_set_error_string (context
, "close %s: %s",
427 FILENAME(id
), strerror(ret
));
432 static krb5_error_code
433 fcc_close(krb5_context context
,
437 krb5_data_free(&id
->data
);
441 static krb5_error_code
442 fcc_destroy(krb5_context context
,
445 erase_file(context
, FILENAME(id
));
449 static krb5_error_code
450 fcc_store_cred(krb5_context context
,
457 ret
= fcc_open(context
, id
, &fd
, O_WRONLY
| O_APPEND
| O_BINARY
, 0);
463 sp
= krb5_storage_emem();
464 krb5_storage_set_eof_code(sp
, KRB5_CC_END
);
465 storage_set_flags(context
, sp
, FCACHE(id
)->version
);
466 if (!krb5_config_get_bool_default(context
, NULL
, TRUE
,
468 "fcc-mit-ticketflags",
470 krb5_storage_set_flags(sp
, KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER
);
471 ret
= krb5_store_creds(sp
, creds
);
473 ret
= write_storage(context
, sp
, fd
);
474 krb5_storage_free(sp
);
476 fcc_unlock(context
, fd
);
480 krb5_set_error_string (context
, "close %s: %s",
481 FILENAME(id
), strerror(ret
));
487 static krb5_error_code
488 init_fcc (krb5_context context
,
490 krb5_storage
**ret_sp
,
498 ret
= fcc_open(context
, id
, &fd
, O_RDONLY
| O_BINARY
, 0);
502 sp
= krb5_storage_from_fd(fd
);
504 krb5_clear_error_string(context
);
508 krb5_storage_set_eof_code(sp
, KRB5_CC_END
);
509 ret
= krb5_ret_int8(sp
, &pvno
);
511 if(ret
== KRB5_CC_END
) {
512 krb5_set_error_string(context
, "Empty credential cache file: %s",
516 krb5_set_error_string(context
, "Error reading pvno in "
517 "cache file: %s", FILENAME(id
));
521 krb5_set_error_string(context
, "Bad version number in credential "
522 "cache file: %s", FILENAME(id
));
523 ret
= KRB5_CCACHE_BADVNO
;
526 ret
= krb5_ret_int8(sp
, &tag
); /* should not be host byte order */
528 krb5_set_error_string(context
, "Error reading tag in "
529 "cache file: %s", FILENAME(id
));
530 ret
= KRB5_CC_FORMAT
;
533 FCACHE(id
)->version
= tag
;
534 storage_set_flags(context
, sp
, FCACHE(id
)->version
);
536 case KRB5_FCC_FVNO_4
: {
539 ret
= krb5_ret_int16 (sp
, &length
);
541 ret
= KRB5_CC_FORMAT
;
542 krb5_set_error_string(context
, "Error reading tag length in "
543 "cache file: %s", FILENAME(id
));
547 int16_t dtag
, data_len
;
551 ret
= krb5_ret_int16 (sp
, &dtag
);
553 krb5_set_error_string(context
, "Error reading dtag in "
554 "cache file: %s", FILENAME(id
));
555 ret
= KRB5_CC_FORMAT
;
558 ret
= krb5_ret_int16 (sp
, &data_len
);
560 krb5_set_error_string(context
, "Error reading dlength in "
561 "cache file: %s", FILENAME(id
));
562 ret
= KRB5_CC_FORMAT
;
566 case FCC_TAG_DELTATIME
:
567 ret
= krb5_ret_int32 (sp
, &context
->kdc_sec_offset
);
569 krb5_set_error_string(context
, "Error reading kdc_sec in "
570 "cache file: %s", FILENAME(id
));
571 ret
= KRB5_CC_FORMAT
;
574 ret
= krb5_ret_int32 (sp
, &context
->kdc_usec_offset
);
576 krb5_set_error_string(context
, "Error reading kdc_usec in "
577 "cache file: %s", FILENAME(id
));
578 ret
= KRB5_CC_FORMAT
;
583 for (i
= 0; i
< data_len
; ++i
) {
584 ret
= krb5_ret_int8 (sp
, &dummy
);
586 krb5_set_error_string(context
, "Error reading unknown "
587 "tag in cache file: %s",
589 ret
= KRB5_CC_FORMAT
;
595 length
-= 4 + data_len
;
599 case KRB5_FCC_FVNO_3
:
600 case KRB5_FCC_FVNO_2
:
601 case KRB5_FCC_FVNO_1
:
604 ret
= KRB5_CCACHE_BADVNO
;
605 krb5_set_error_string(context
, "Unknown version number (%d) in "
606 "credential cache file: %s",
607 (int)tag
, FILENAME(id
));
616 krb5_storage_free(sp
);
617 fcc_unlock(context
, fd
);
622 static krb5_error_code
623 fcc_get_principal(krb5_context context
,
625 krb5_principal
*principal
)
631 ret
= init_fcc (context
, id
, &sp
, &fd
);
634 ret
= krb5_ret_principal(sp
, principal
);
636 krb5_clear_error_string(context
);
637 krb5_storage_free(sp
);
638 fcc_unlock(context
, fd
);
643 static krb5_error_code
644 fcc_end_get (krb5_context context
,
646 krb5_cc_cursor
*cursor
);
648 static krb5_error_code
649 fcc_get_first (krb5_context context
,
651 krb5_cc_cursor
*cursor
)
654 krb5_principal principal
;
656 *cursor
= malloc(sizeof(struct fcc_cursor
));
657 if (*cursor
== NULL
) {
658 krb5_set_error_string (context
, "malloc: out of memory");
661 memset(*cursor
, 0, sizeof(struct fcc_cursor
));
663 ret
= init_fcc (context
, id
, &FCC_CURSOR(*cursor
)->sp
,
664 &FCC_CURSOR(*cursor
)->fd
);
670 ret
= krb5_ret_principal (FCC_CURSOR(*cursor
)->sp
, &principal
);
672 krb5_clear_error_string(context
);
673 fcc_end_get(context
, id
, cursor
);
676 krb5_free_principal (context
, principal
);
677 fcc_unlock(context
, FCC_CURSOR(*cursor
)->fd
);
681 static krb5_error_code
682 fcc_get_next (krb5_context context
,
684 krb5_cc_cursor
*cursor
,
688 if((ret
= fcc_lock(context
, id
, FCC_CURSOR(*cursor
)->fd
, FALSE
)) != 0)
691 ret
= krb5_ret_creds(FCC_CURSOR(*cursor
)->sp
, creds
);
693 krb5_clear_error_string(context
);
695 fcc_unlock(context
, FCC_CURSOR(*cursor
)->fd
);
699 static krb5_error_code
700 fcc_end_get (krb5_context context
,
702 krb5_cc_cursor
*cursor
)
704 krb5_storage_free(FCC_CURSOR(*cursor
)->sp
);
705 close (FCC_CURSOR(*cursor
)->fd
);
711 static krb5_error_code
712 fcc_remove_cred(krb5_context context
,
718 krb5_ccache copy
, newfile
;
720 ret
= krb5_cc_gen_new(context
, &krb5_mcc_ops
, ©
);
724 ret
= krb5_cc_copy_cache(context
, id
, copy
);
726 krb5_cc_destroy(context
, copy
);
730 ret
= krb5_cc_remove_cred(context
, copy
, which
, cred
);
732 krb5_cc_destroy(context
, copy
);
736 ret
= krb5_cc_gen_new(context
, &krb5_fcc_ops
, &newfile
);
738 krb5_cc_destroy(context
, copy
);
742 ret
= krb5_cc_copy_cache(context
, copy
, newfile
);
743 krb5_cc_destroy(context
, copy
);
745 krb5_cc_destroy(context
, newfile
);
749 return krb5_cc_move(context
, newfile
, id
);
752 static krb5_error_code
753 fcc_set_flags(krb5_context context
,
761 fcc_get_version(krb5_context context
,
764 return FCACHE(id
)->version
;
771 static krb5_error_code
772 fcc_get_cache_first(krb5_context context
, krb5_cc_cursor
*cursor
)
774 struct fcache_iter
*iter
;
776 iter
= calloc(1, sizeof(*iter
));
778 krb5_set_error_string(context
, "malloc - out of memory");
786 static krb5_error_code
787 fcc_get_cache_next(krb5_context context
, krb5_cc_cursor cursor
, krb5_ccache
*id
)
789 struct fcache_iter
*iter
= cursor
;
792 char *expandedfn
= NULL
;
795 krb5_clear_error_string(context
);
800 fn
= krb5_cc_default_name(context
);
801 if (strncasecmp(fn
, "FILE:", 5) != 0) {
802 ret
= _krb5_expand_default_cc_name(context
,
803 KRB5_DEFAULT_CCNAME_FILE
,
808 ret
= krb5_cc_resolve(context
, fn
, id
);
815 static krb5_error_code
816 fcc_end_cache_get(krb5_context context
, krb5_cc_cursor cursor
)
818 struct fcache_iter
*iter
= cursor
;
823 static krb5_error_code
824 fcc_move(krb5_context context
, krb5_ccache from
, krb5_ccache to
)
826 krb5_error_code ret
= 0;
828 ret
= rename(FILENAME(from
), FILENAME(to
));
829 if (ret
&& errno
!= EXDEV
) {
831 krb5_set_error_string(context
,
832 "Rename of file from %s to %s failed: %s",
833 FILENAME(from
), FILENAME(to
),
836 } else if (ret
&& errno
== EXDEV
) {
837 /* make a copy and delete the orignal */
838 krb5_ssize_t sz1
, sz2
;
842 ret
= fcc_open(context
, from
, &fd1
, O_RDONLY
| O_BINARY
, 0);
846 unlink(FILENAME(to
));
848 ret
= fcc_open(context
, to
, &fd2
,
849 O_WRONLY
| O_CREAT
| O_EXCL
| O_BINARY
, 0600);
853 while((sz1
= read(fd1
, buf
, sizeof(buf
))) > 0) {
854 sz2
= write(fd2
, buf
, sz1
);
857 krb5_set_error_string(context
,
858 "Failed to write data from one file "
859 "credential cache to the other");
865 krb5_set_error_string(context
,
866 "Failed to read data from one file "
867 "credential cache to the other");
871 fcc_unlock(context
, fd2
);
875 fcc_unlock(context
, fd1
);
878 erase_file(context
, FILENAME(from
));
881 erase_file(context
, FILENAME(to
));
886 /* make sure ->version is uptodate */
890 ret
= init_fcc (context
, to
, &sp
, &fd
);
891 krb5_storage_free(sp
);
892 fcc_unlock(context
, fd
);
898 static krb5_error_code
899 fcc_default_name(krb5_context context
, char **str
)
901 return _krb5_expand_default_cc_name(context
,
902 KRB5_DEFAULT_CCNAME_FILE
,
907 * Variable containing the FILE based credential cache implemention.
909 * @ingroup krb5_ccache
912 KRB5_LIB_VARIABLE
const krb5_cc_ops krb5_fcc_ops
= {
922 NULL
, /* fcc_retrieve */