2 * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "krb5_locl.h"
35 #include "store-int.h"
39 #define BYTEORDER_IS(SP, V) (((SP)->flags & KRB5_STORAGE_BYTEORDER_MASK) == (V))
40 #define BYTEORDER_IS_LE(SP) BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_LE)
41 #define BYTEORDER_IS_BE(SP) BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_BE)
42 #define BYTEORDER_IS_HOST(SP) (BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_HOST) || \
43 krb5_storage_is_flags((SP), KRB5_STORAGE_HOST_BYTEORDER))
46 krb5_storage_set_flags(krb5_storage
*sp
, krb5_flags flags
)
52 krb5_storage_clear_flags(krb5_storage
*sp
, krb5_flags flags
)
58 krb5_storage_is_flags(krb5_storage
*sp
, krb5_flags flags
)
60 return (sp
->flags
& flags
) == flags
;
64 krb5_storage_set_byteorder(krb5_storage
*sp
, krb5_flags byteorder
)
66 sp
->flags
&= ~KRB5_STORAGE_BYTEORDER_MASK
;
67 sp
->flags
|= byteorder
;
71 krb5_storage_get_byteorder(krb5_storage
*sp
, krb5_flags byteorder
)
73 return sp
->flags
& KRB5_STORAGE_BYTEORDER_MASK
;
77 krb5_storage_seek(krb5_storage
*sp
, off_t offset
, int whence
)
79 return (*sp
->seek
)(sp
, offset
, whence
);
83 krb5_storage_read(krb5_storage
*sp
, void *buf
, size_t len
)
85 return sp
->fetch(sp
, buf
, len
);
89 krb5_storage_write(krb5_storage
*sp
, const void *buf
, size_t len
)
91 return sp
->store(sp
, buf
, len
);
95 krb5_storage_set_eof_code(krb5_storage
*sp
, int code
)
101 _krb5_put_int(void *buffer
, unsigned long value
, size_t size
)
103 unsigned char *p
= buffer
;
105 for (i
= size
- 1; i
>= 0; i
--) {
113 _krb5_get_int(void *buffer
, unsigned long *value
, size_t size
)
115 unsigned char *p
= buffer
;
118 for (i
= 0; i
< size
; i
++)
125 krb5_storage_free(krb5_storage
*sp
)
135 krb5_storage_to_data(krb5_storage
*sp
, krb5_data
*data
)
141 pos
= sp
->seek(sp
, 0, SEEK_CUR
);
142 size
= (size_t)sp
->seek(sp
, 0, SEEK_END
);
143 ret
= krb5_data_alloc (data
, size
);
145 sp
->seek(sp
, pos
, SEEK_SET
);
149 sp
->seek(sp
, 0, SEEK_SET
);
150 sp
->fetch(sp
, data
->data
, data
->length
);
151 sp
->seek(sp
, pos
, SEEK_SET
);
156 static krb5_error_code
157 krb5_store_int(krb5_storage
*sp
,
166 _krb5_put_int(v
, value
, len
);
167 ret
= sp
->store(sp
, v
, len
);
169 return (ret
<0)?errno
:sp
->eof_code
;
174 krb5_store_int32(krb5_storage
*sp
,
177 if(BYTEORDER_IS_HOST(sp
))
178 value
= htonl(value
);
179 else if(BYTEORDER_IS_LE(sp
))
180 value
= bswap32(value
);
181 return krb5_store_int(sp
, value
, 4);
184 static krb5_error_code
185 krb5_ret_int(krb5_storage
*sp
,
192 ret
= sp
->fetch(sp
, v
, len
);
194 return (ret
<0)?errno
:sp
->eof_code
;
195 _krb5_get_int(v
, &w
, len
);
201 krb5_ret_int32(krb5_storage
*sp
,
204 krb5_error_code ret
= krb5_ret_int(sp
, value
, 4);
207 if(BYTEORDER_IS_HOST(sp
))
208 *value
= htonl(*value
);
209 else if(BYTEORDER_IS_LE(sp
))
210 *value
= bswap32(*value
);
215 krb5_store_int16(krb5_storage
*sp
,
218 if(BYTEORDER_IS_HOST(sp
))
219 value
= htons(value
);
220 else if(BYTEORDER_IS_LE(sp
))
221 value
= bswap16(value
);
222 return krb5_store_int(sp
, value
, 2);
226 krb5_ret_int16(krb5_storage
*sp
,
231 ret
= krb5_ret_int(sp
, &v
, 2);
235 if(BYTEORDER_IS_HOST(sp
))
236 *value
= htons(*value
);
237 else if(BYTEORDER_IS_LE(sp
))
238 *value
= bswap16(*value
);
243 krb5_store_int8(krb5_storage
*sp
,
248 ret
= sp
->store(sp
, &value
, sizeof(value
));
249 if (ret
!= sizeof(value
))
250 return (ret
<0)?errno
:sp
->eof_code
;
255 krb5_ret_int8(krb5_storage
*sp
,
260 ret
= sp
->fetch(sp
, value
, sizeof(*value
));
261 if (ret
!= sizeof(*value
))
262 return (ret
<0)?errno
:sp
->eof_code
;
267 krb5_store_data(krb5_storage
*sp
,
271 ret
= krb5_store_int32(sp
, data
.length
);
274 ret
= sp
->store(sp
, data
.data
, data
.length
);
275 if(ret
!= data
.length
){
284 krb5_ret_data(krb5_storage
*sp
,
290 ret
= krb5_ret_int32(sp
, &size
);
293 ret
= krb5_data_alloc (data
, size
);
297 ret
= sp
->fetch(sp
, data
->data
, size
);
299 return (ret
< 0)? errno
: sp
->eof_code
;
305 krb5_store_string(krb5_storage
*sp
, const char *s
)
308 data
.length
= strlen(s
);
309 data
.data
= (void*)s
;
310 return krb5_store_data(sp
, data
);
314 krb5_ret_string(krb5_storage
*sp
,
319 ret
= krb5_ret_data(sp
, &data
);
322 *string
= realloc(data
.data
, data
.length
+ 1);
327 (*string
)[data
.length
] = 0;
332 krb5_store_stringz(krb5_storage
*sp
, const char *s
)
334 size_t len
= strlen(s
) + 1;
337 ret
= sp
->store(sp
, s
, len
);
348 krb5_ret_stringz(krb5_storage
*sp
,
356 while((ret
= sp
->fetch(sp
, &c
, 1)) == 1){
360 tmp
= realloc (s
, len
);
382 krb5_store_principal(krb5_storage
*sp
,
388 if(!krb5_storage_is_flags(sp
, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE
)) {
389 ret
= krb5_store_int32(sp
, p
->name
.name_type
);
392 if(krb5_storage_is_flags(sp
, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS
))
393 ret
= krb5_store_int32(sp
, p
->name
.name_string
.len
+ 1);
395 ret
= krb5_store_int32(sp
, p
->name
.name_string
.len
);
398 ret
= krb5_store_string(sp
, p
->realm
);
400 for(i
= 0; i
< p
->name
.name_string
.len
; i
++){
401 ret
= krb5_store_string(sp
, p
->name
.name_string
.val
[i
]);
408 krb5_ret_principal(krb5_storage
*sp
,
409 krb5_principal
*princ
)
417 p
= calloc(1, sizeof(*p
));
421 if(krb5_storage_is_flags(sp
, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE
))
422 type
= KRB5_NT_UNKNOWN
;
423 else if((ret
= krb5_ret_int32(sp
, &type
))){
427 if((ret
= krb5_ret_int32(sp
, &ncomp
))){
431 if(krb5_storage_is_flags(sp
, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS
))
433 p
->name
.name_type
= type
;
434 p
->name
.name_string
.len
= ncomp
;
435 ret
= krb5_ret_string(sp
, &p
->realm
);
437 p
->name
.name_string
.val
= calloc(ncomp
, sizeof(*p
->name
.name_string
.val
));
438 if(p
->name
.name_string
.val
== NULL
){
442 for(i
= 0; i
< ncomp
; i
++){
443 ret
= krb5_ret_string(sp
, &p
->name
.name_string
.val
[i
]);
444 if(ret
) return ret
; /* XXX */
451 krb5_store_keyblock(krb5_storage
*sp
, krb5_keyblock p
)
454 ret
= krb5_store_int16(sp
, p
.keytype
);
457 if(krb5_storage_is_flags(sp
, KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE
)){
458 /* this should really be enctype, but it is the same as
460 ret
= krb5_store_int16(sp
, p
.keytype
);
464 ret
= krb5_store_data(sp
, p
.keyvalue
);
469 krb5_ret_keyblock(krb5_storage
*sp
, krb5_keyblock
*p
)
474 ret
= krb5_ret_int16(sp
, &tmp
);
478 if(krb5_storage_is_flags(sp
, KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE
)){
479 ret
= krb5_ret_int16(sp
, &tmp
);
483 ret
= krb5_ret_data(sp
, &p
->keyvalue
);
488 krb5_store_times(krb5_storage
*sp
, krb5_times times
)
491 ret
= krb5_store_int32(sp
, times
.authtime
);
493 ret
= krb5_store_int32(sp
, times
.starttime
);
495 ret
= krb5_store_int32(sp
, times
.endtime
);
497 ret
= krb5_store_int32(sp
, times
.renew_till
);
502 krb5_ret_times(krb5_storage
*sp
, krb5_times
*times
)
506 ret
= krb5_ret_int32(sp
, &tmp
);
507 times
->authtime
= tmp
;
509 ret
= krb5_ret_int32(sp
, &tmp
);
510 times
->starttime
= tmp
;
512 ret
= krb5_ret_int32(sp
, &tmp
);
513 times
->endtime
= tmp
;
515 ret
= krb5_ret_int32(sp
, &tmp
);
516 times
->renew_till
= tmp
;
521 krb5_store_address(krb5_storage
*sp
, krb5_address p
)
524 ret
= krb5_store_int16(sp
, p
.addr_type
);
526 ret
= krb5_store_data(sp
, p
.address
);
531 krb5_ret_address(krb5_storage
*sp
, krb5_address
*adr
)
535 ret
= krb5_ret_int16(sp
, &t
);
538 ret
= krb5_ret_data(sp
, &adr
->address
);
543 krb5_store_addrs(krb5_storage
*sp
, krb5_addresses p
)
547 ret
= krb5_store_int32(sp
, p
.len
);
549 for(i
= 0; i
<p
.len
; i
++){
550 ret
= krb5_store_address(sp
, p
.val
[i
]);
557 krb5_ret_addrs(krb5_storage
*sp
, krb5_addresses
*adr
)
563 ret
= krb5_ret_int32(sp
, &tmp
);
566 ALLOC(adr
->val
, adr
->len
);
567 for(i
= 0; i
< adr
->len
; i
++){
568 ret
= krb5_ret_address(sp
, &adr
->val
[i
]);
575 krb5_store_authdata(krb5_storage
*sp
, krb5_authdata auth
)
579 ret
= krb5_store_int32(sp
, auth
.len
);
581 for(i
= 0; i
< auth
.len
; i
++){
582 ret
= krb5_store_int16(sp
, auth
.val
[i
].ad_type
);
584 ret
= krb5_store_data(sp
, auth
.val
[i
].ad_data
);
591 krb5_ret_authdata(krb5_storage
*sp
, krb5_authdata
*auth
)
597 ret
= krb5_ret_int32(sp
, &tmp
);
599 ALLOC_SEQ(auth
, tmp
);
600 for(i
= 0; i
< tmp
; i
++){
601 ret
= krb5_ret_int16(sp
, &tmp2
);
603 auth
->val
[i
].ad_type
= tmp2
;
604 ret
= krb5_ret_data(sp
, &auth
->val
[i
].ad_data
);
615 for (i
= 0; i
< 32; i
++) {
616 r
= r
<< 1 | (b
& 1);
628 _krb5_store_creds_internal(krb5_storage
*sp
, krb5_creds
*creds
, int v0_6
)
632 ret
= krb5_store_principal(sp
, creds
->client
);
635 ret
= krb5_store_principal(sp
, creds
->server
);
638 ret
= krb5_store_keyblock(sp
, creds
->session
);
641 ret
= krb5_store_times(sp
, creds
->times
);
644 ret
= krb5_store_int8(sp
, 0); /* this is probably the
645 enc-tkt-in-skey bit from KDCOptions */
649 ret
= krb5_store_int32(sp
, creds
->flags
.i
);
653 ret
= krb5_store_int32(sp
, bitswap32(TicketFlags2int(creds
->flags
.b
)));
657 ret
= krb5_store_addrs(sp
, creds
->addresses
);
660 ret
= krb5_store_authdata(sp
, creds
->authdata
);
663 ret
= krb5_store_data(sp
, creds
->ticket
);
666 ret
= krb5_store_data(sp
, creds
->second_ticket
);
671 * store `creds' on `sp' returning error or zero
675 krb5_store_creds(krb5_storage
*sp
, krb5_creds
*creds
)
677 return _krb5_store_creds_internal(sp
, creds
, 1);
681 _krb5_store_creds_heimdal_0_7(krb5_storage
*sp
, krb5_creds
*creds
)
683 return _krb5_store_creds_internal(sp
, creds
, 0);
687 _krb5_store_creds_heimdal_pre_0_7(krb5_storage
*sp
, krb5_creds
*creds
)
689 return _krb5_store_creds_internal(sp
, creds
, 1);
693 krb5_ret_creds(krb5_storage
*sp
, krb5_creds
*creds
)
699 memset(creds
, 0, sizeof(*creds
));
700 ret
= krb5_ret_principal (sp
, &creds
->client
);
701 if(ret
) goto cleanup
;
702 ret
= krb5_ret_principal (sp
, &creds
->server
);
703 if(ret
) goto cleanup
;
704 ret
= krb5_ret_keyblock (sp
, &creds
->session
);
705 if(ret
) goto cleanup
;
706 ret
= krb5_ret_times (sp
, &creds
->times
);
707 if(ret
) goto cleanup
;
708 ret
= krb5_ret_int8 (sp
, &dummy8
);
709 if(ret
) goto cleanup
;
710 ret
= krb5_ret_int32 (sp
, &dummy32
);
711 if(ret
) goto cleanup
;
713 * Runtime detect the what is the higher bits of the bitfield. If
714 * any of the higher bits are set in the input data, its either a
715 * new ticket flag (and this code need to be removed), or its a
716 * MIT cache (or new Heimdal cache), lets change it to our current
720 u_int32_t mask
= 0xffff0000;
722 creds
->flags
.b
.anonymous
= 1;
723 if (creds
->flags
.i
& mask
)
726 dummy32
= bitswap32(dummy32
);
728 creds
->flags
.i
= dummy32
;
729 ret
= krb5_ret_addrs (sp
, &creds
->addresses
);
730 if(ret
) goto cleanup
;
731 ret
= krb5_ret_authdata (sp
, &creds
->authdata
);
732 if(ret
) goto cleanup
;
733 ret
= krb5_ret_data (sp
, &creds
->ticket
);
734 if(ret
) goto cleanup
;
735 ret
= krb5_ret_data (sp
, &creds
->second_ticket
);
739 krb5_free_creds_contents(context
, creds
); /* XXX */