2 * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
19 * 3. Neither the name of the Institute nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 #include "krb5_locl.h"
38 typedef struct krb5_fcache
{
50 #define KRB5_FCC_FVNO_1 1
51 #define KRB5_FCC_FVNO_2 2
52 #define KRB5_FCC_FVNO_3 3
53 #define KRB5_FCC_FVNO_4 4
55 #define FCC_TAG_DELTATIME 1
57 #define FCACHE(X) ((krb5_fcache*)(X)->data.data)
59 #define FILENAME(X) (FCACHE(X)->filename)
61 #define FCC_CURSOR(C) ((struct fcc_cursor*)(C))
63 static const char* KRB5_CALLCONV
64 fcc_get_name(krb5_context context
,
67 if (FCACHE(id
) == NULL
)
73 KRB5_LIB_FUNCTION
int KRB5_LIB_CALL
74 _krb5_xlock(krb5_context context
, int fd
, krb5_boolean exclusive
,
83 l
.l_type
= exclusive
? F_WRLCK
: F_RDLCK
;
84 l
.l_whence
= SEEK_SET
;
85 ret
= fcntl(fd
, F_SETLKW
, &l
);
87 ret
= flock(fd
, exclusive
? LOCK_EX
: LOCK_SH
);
91 if(ret
== EACCES
) /* fcntl can return EACCES instead of EAGAIN */
97 case EINVAL
: /* filesystem doesn't support locking, let the user have it */
101 krb5_set_error_message(context
, ret
,
102 N_("timed out locking cache file %s", "file"),
107 rk_strerror_r(ret
, buf
, sizeof(buf
));
108 krb5_set_error_message(context
, ret
,
109 N_("error locking cache file %s: %s",
110 "file, error"), filename
, buf
);
117 KRB5_LIB_FUNCTION
int KRB5_LIB_CALL
118 _krb5_xunlock(krb5_context context
, int fd
)
126 l
.l_whence
= SEEK_SET
;
127 ret
= fcntl(fd
, F_SETLKW
, &l
);
129 ret
= flock(fd
, LOCK_UN
);
136 case EINVAL
: /* filesystem doesn't support locking, let the user have it */
141 rk_strerror_r(ret
, buf
, sizeof(buf
));
142 krb5_set_error_message(context
, ret
,
143 N_("Failed to unlock file: %s", ""), buf
);
150 static krb5_error_code
151 write_storage(krb5_context context
, krb5_storage
*sp
, int fd
)
157 ret
= krb5_storage_to_data(sp
, &data
);
159 krb5_set_error_message(context
, ret
, N_("malloc: out of memory", ""));
162 sret
= write(fd
, data
.data
, data
.length
);
163 ret
= (sret
!= (ssize_t
)data
.length
);
164 krb5_data_free(&data
);
167 krb5_set_error_message(context
, ret
,
168 N_("Failed to write FILE credential data", ""));
175 static krb5_error_code KRB5_CALLCONV
176 fcc_lock(krb5_context context
, krb5_ccache id
,
177 int fd
, krb5_boolean exclusive
)
179 return _krb5_xlock(context
, fd
, exclusive
, fcc_get_name(context
, id
));
182 static krb5_error_code KRB5_CALLCONV
183 fcc_unlock(krb5_context context
, int fd
)
185 return _krb5_xunlock(context
, fd
);
188 static krb5_error_code KRB5_CALLCONV
189 fcc_resolve(krb5_context context
, krb5_ccache
*id
, const char *res
)
192 f
= malloc(sizeof(*f
));
194 krb5_set_error_message(context
, KRB5_CC_NOMEM
,
195 N_("malloc: out of memory", ""));
196 return KRB5_CC_NOMEM
;
198 f
->filename
= strdup(res
);
199 if(f
->filename
== NULL
){
201 krb5_set_error_message(context
, KRB5_CC_NOMEM
,
202 N_("malloc: out of memory", ""));
203 return KRB5_CC_NOMEM
;
206 (*id
)->data
.data
= f
;
207 (*id
)->data
.length
= sizeof(*f
);
212 * Try to scrub the contents of `filename' safely.
221 pos
= lseek(fd
, 0, SEEK_END
);
224 if (lseek(fd
, 0, SEEK_SET
) < 0)
226 memset(buf
, 0, sizeof(buf
));
229 size_t wr
= sizeof(buf
);
232 tmp
= write(fd
, buf
, wr
);
247 * Erase `filename' if it exists, trying to remove the contents if
248 * it's `safe'. We always try to remove the file, it it exists. It's
249 * only overwritten if it's a regular file (not a symlink and not a
253 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
254 _krb5_erase_file(krb5_context context
, const char *filename
)
257 struct stat sb1
, sb2
;
260 ret
= lstat (filename
, &sb1
);
264 fd
= open(filename
, O_RDWR
| O_BINARY
| O_CLOEXEC
| O_NOFOLLOW
);
272 ret
= _krb5_xlock(context
, fd
, 1, filename
);
277 if (unlink(filename
) < 0) {
278 _krb5_xunlock(context
, fd
);
282 ret
= fstat(fd
, &sb2
);
284 _krb5_xunlock(context
, fd
);
289 /* check if someone was playing with symlinks */
291 if (sb1
.st_dev
!= sb2
.st_dev
|| sb1
.st_ino
!= sb2
.st_ino
) {
292 _krb5_xunlock(context
, fd
);
297 /* there are still hard links to this file */
299 if (sb2
.st_nlink
!= 0) {
300 _krb5_xunlock(context
, fd
);
305 ret
= scrub_file(fd
);
307 _krb5_xunlock(context
, fd
);
311 ret
= _krb5_xunlock(context
, fd
);
316 static krb5_error_code KRB5_CALLCONV
317 fcc_gen_new(krb5_context context
, krb5_ccache
*id
)
319 char *file
= NULL
, *exp_file
= NULL
;
324 f
= malloc(sizeof(*f
));
326 krb5_set_error_message(context
, KRB5_CC_NOMEM
,
327 N_("malloc: out of memory", ""));
328 return KRB5_CC_NOMEM
;
330 ret
= asprintf(&file
, "%sXXXXXX", KRB5_DEFAULT_CCFILE_ROOT
);
331 if(ret
< 0 || file
== NULL
) {
333 krb5_set_error_message(context
, KRB5_CC_NOMEM
,
334 N_("malloc: out of memory", ""));
335 return KRB5_CC_NOMEM
;
337 ret
= _krb5_expand_path_tokens(context
, file
, &exp_file
);
346 fd
= mkstemp(exp_file
);
348 ret
= (krb5_error_code
)errno
;
349 krb5_set_error_message(context
, ret
, N_("mkstemp %s failed", ""), exp_file
);
355 f
->filename
= exp_file
;
357 (*id
)->data
.data
= f
;
358 (*id
)->data
.length
= sizeof(*f
);
363 storage_set_flags(krb5_context context
, krb5_storage
*sp
, int vno
)
367 case KRB5_FCC_FVNO_1
:
368 flags
|= KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS
;
369 flags
|= KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE
;
370 flags
|= KRB5_STORAGE_HOST_BYTEORDER
;
372 case KRB5_FCC_FVNO_2
:
373 flags
|= KRB5_STORAGE_HOST_BYTEORDER
;
375 case KRB5_FCC_FVNO_3
:
376 flags
|= KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE
;
378 case KRB5_FCC_FVNO_4
:
382 "storage_set_flags called with bad vno (%x)", vno
);
384 krb5_storage_set_flags(sp
, flags
);
387 static krb5_error_code KRB5_CALLCONV
388 fcc_open(krb5_context context
,
390 const char *operation
,
395 krb5_boolean exclusive
= ((flags
| O_WRONLY
) == flags
||
396 (flags
| O_RDWR
) == flags
);
398 const char *filename
;
399 struct stat sb1
, sb2
;
407 flags
|= O_BINARY
| O_CLOEXEC
| O_NOFOLLOW
;
411 if (FCACHE(id
) == NULL
)
412 return krb5_einval(context
, 2);
414 filename
= FILENAME(id
);
416 strict_checking
= (flags
& O_CREAT
) == 0 &&
417 (context
->flags
& KRB5_CTX_F_FCACHE_STRICT_CHECKING
) != 0;
420 memset(&sb1
, 0, sizeof(sb1
));
421 ret
= lstat(filename
, &sb1
);
423 if (!S_ISREG(sb1
.st_mode
)) {
424 krb5_set_error_message(context
, EPERM
,
425 N_("Refuses to open symlinks for caches FILE:%s", ""), filename
);
428 } else if (errno
!= ENOENT
|| !(flags
& O_CREAT
)) {
429 krb5_set_error_message(context
, ret
, N_("%s lstat(%s)", "file, error"),
430 operation
, filename
);
434 fd
= open(filename
, flags
, mode
);
438 rk_strerror_r(ret
, buf
, sizeof(buf
));
439 krb5_set_error_message(context
, ret
, N_("%s open(%s): %s", "file, error"),
440 operation
, filename
, buf
);
445 ret
= fstat(fd
, &sb2
);
447 krb5_clear_error_message(context
);
451 if (!S_ISREG(sb2
.st_mode
)) {
452 krb5_set_error_message(context
, EPERM
, N_("Refuses to open non files caches: FILE:%s", ""), filename
);
458 if (sb1
.st_dev
&& sb1
.st_ino
&&
459 (sb1
.st_dev
!= sb2
.st_dev
|| sb1
.st_ino
!= sb2
.st_ino
)) {
461 * Perhaps we raced with a rename(). To complain about
462 * symlinks in that case would cause unnecessary concern, so
463 * we check for that possibility and loop. This has no
464 * TOCTOU problems because we redo the open(). We could also
465 * not do any of this checking if O_NOFOLLOW != 0...
468 ret
= lstat(filename
, &sb3
);
469 if (ret
|| sb1
.st_dev
!= sb2
.st_dev
||
470 sb3
.st_dev
!= sb2
.st_dev
|| sb3
.st_ino
!= sb2
.st_ino
) {
471 krb5_set_error_message(context
, EPERM
, N_("Refuses to open possible symlink for caches: FILE:%s", ""), filename
);
475 krb5_set_error_message(context
, EPERM
, N_("Raced too many times with renames of FILE:%s", ""), filename
);
482 if (sb2
.st_nlink
!= 1) {
483 krb5_set_error_message(context
, EPERM
, N_("Refuses to open hardlinks for caches FILE:%s", ""), filename
);
488 if (strict_checking
) {
491 * XXX WIN32: Needs to have ACL checking code!
492 * st_mode comes out as 100666, and st_uid is no use.
495 * XXX Should probably add options to improve control over this
496 * check. We might want strict checking of everything except
499 if (sb2
.st_uid
!= geteuid()) {
500 krb5_set_error_message(context
, EPERM
, N_("Refuses to open cache files not own by myself FILE:%s (owned by %d)", ""), filename
, (int)sb2
.st_uid
);
504 if ((sb2
.st_mode
& 077) != 0) {
505 krb5_set_error_message(context
, EPERM
,
506 N_("Refuses to open group/other readable files FILE:%s", ""), filename
);
513 if((ret
= fcc_lock(context
, id
, fd
, exclusive
)) != 0) {
521 static krb5_error_code KRB5_CALLCONV
522 fcc_initialize(krb5_context context
,
524 krb5_principal primary_principal
)
526 krb5_fcache
*f
= FCACHE(id
);
531 return krb5_einval(context
, 2);
533 unlink (f
->filename
);
535 ret
= fcc_open(context
, id
, "initialize", &fd
, O_RDWR
| O_CREAT
| O_EXCL
, 0600);
540 sp
= krb5_storage_emem();
541 krb5_storage_set_eof_code(sp
, KRB5_CC_END
);
542 if(context
->fcache_vno
!= 0)
543 f
->version
= context
->fcache_vno
;
545 f
->version
= KRB5_FCC_FVNO_4
;
546 ret
|= krb5_store_int8(sp
, 5);
547 ret
|= krb5_store_int8(sp
, f
->version
);
548 storage_set_flags(context
, sp
, f
->version
);
549 if(f
->version
== KRB5_FCC_FVNO_4
&& ret
== 0) {
551 if (context
->kdc_sec_offset
) {
552 ret
|= krb5_store_int16 (sp
, 12); /* length */
553 ret
|= krb5_store_int16 (sp
, FCC_TAG_DELTATIME
); /* Tag */
554 ret
|= krb5_store_int16 (sp
, 8); /* length of data */
555 ret
|= krb5_store_int32 (sp
, context
->kdc_sec_offset
);
556 ret
|= krb5_store_int32 (sp
, context
->kdc_usec_offset
);
558 ret
|= krb5_store_int16 (sp
, 0);
561 ret
|= krb5_store_principal(sp
, primary_principal
);
563 ret
|= write_storage(context
, sp
, fd
);
565 krb5_storage_free(sp
);
567 fcc_unlock(context
, fd
);
572 rk_strerror_r(ret
, buf
, sizeof(buf
));
573 krb5_set_error_message (context
, ret
, N_("close %s: %s", ""),
579 static krb5_error_code KRB5_CALLCONV
580 fcc_close(krb5_context context
,
583 if (FCACHE(id
) == NULL
)
584 return krb5_einval(context
, 2);
587 krb5_data_free(&id
->data
);
591 static krb5_error_code KRB5_CALLCONV
592 fcc_destroy(krb5_context context
,
595 if (FCACHE(id
) == NULL
)
596 return krb5_einval(context
, 2);
598 _krb5_erase_file(context
, FILENAME(id
));
602 static krb5_error_code KRB5_CALLCONV
603 fcc_store_cred(krb5_context context
,
610 ret
= fcc_open(context
, id
, "store", &fd
, O_WRONLY
| O_APPEND
, 0);
616 sp
= krb5_storage_emem();
617 krb5_storage_set_eof_code(sp
, KRB5_CC_END
);
618 storage_set_flags(context
, sp
, FCACHE(id
)->version
);
619 if (!krb5_config_get_bool_default(context
, NULL
, TRUE
,
621 "fcc-mit-ticketflags",
623 krb5_storage_set_flags(sp
, KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER
);
624 ret
= krb5_store_creds(sp
, creds
);
626 ret
= write_storage(context
, sp
, fd
);
627 krb5_storage_free(sp
);
629 fcc_unlock(context
, fd
);
633 rk_strerror_r(ret
, buf
, sizeof(buf
));
635 krb5_set_error_message (context
, ret
, N_("close %s: %s", ""),
642 static krb5_error_code
643 init_fcc(krb5_context context
,
645 const char *operation
,
646 krb5_storage
**ret_sp
,
648 krb5_deltat
*kdc_offset
)
658 ret
= fcc_open(context
, id
, operation
, &fd
, O_RDONLY
, 0);
662 sp
= krb5_storage_from_fd(fd
);
664 krb5_clear_error_message(context
);
668 krb5_storage_set_eof_code(sp
, KRB5_CC_END
);
669 ret
= krb5_ret_int8(sp
, &pvno
);
671 if(ret
== KRB5_CC_END
) {
673 krb5_set_error_message(context
, ret
,
674 N_("Empty credential cache file: %s", ""),
677 krb5_set_error_message(context
, ret
, N_("Error reading pvno "
678 "in cache file: %s", ""),
683 ret
= KRB5_CCACHE_BADVNO
;
684 krb5_set_error_message(context
, ret
, N_("Bad version number in credential "
685 "cache file: %s", ""),
689 ret
= krb5_ret_int8(sp
, &tag
); /* should not be host byte order */
691 ret
= KRB5_CC_FORMAT
;
692 krb5_set_error_message(context
, ret
, "Error reading tag in "
693 "cache file: %s", FILENAME(id
));
696 FCACHE(id
)->version
= tag
;
697 storage_set_flags(context
, sp
, FCACHE(id
)->version
);
699 case KRB5_FCC_FVNO_4
: {
702 ret
= krb5_ret_int16 (sp
, &length
);
704 ret
= KRB5_CC_FORMAT
;
705 krb5_set_error_message(context
, ret
,
706 N_("Error reading tag length in "
707 "cache file: %s", ""), FILENAME(id
));
711 int16_t dtag
, data_len
;
715 ret
= krb5_ret_int16 (sp
, &dtag
);
717 ret
= KRB5_CC_FORMAT
;
718 krb5_set_error_message(context
, ret
, N_("Error reading dtag in "
719 "cache file: %s", ""),
723 ret
= krb5_ret_int16 (sp
, &data_len
);
725 ret
= KRB5_CC_FORMAT
;
726 krb5_set_error_message(context
, ret
,
727 N_("Error reading dlength "
728 "in cache file: %s",""),
733 case FCC_TAG_DELTATIME
: {
736 ret
= krb5_ret_int32 (sp
, &offset
);
737 ret
|= krb5_ret_int32 (sp
, &context
->kdc_usec_offset
);
739 ret
= KRB5_CC_FORMAT
;
740 krb5_set_error_message(context
, ret
,
741 N_("Error reading kdc_sec in "
742 "cache file: %s", ""),
746 context
->kdc_sec_offset
= offset
;
748 *kdc_offset
= offset
;
752 for (i
= 0; i
< data_len
; ++i
) {
753 ret
= krb5_ret_int8 (sp
, &dummy
);
755 ret
= KRB5_CC_FORMAT
;
756 krb5_set_error_message(context
, ret
,
757 N_("Error reading unknown "
758 "tag in cache file: %s", ""),
765 length
-= 4 + data_len
;
769 case KRB5_FCC_FVNO_3
:
770 case KRB5_FCC_FVNO_2
:
771 case KRB5_FCC_FVNO_1
:
774 ret
= KRB5_CCACHE_BADVNO
;
775 krb5_set_error_message(context
, ret
,
776 N_("Unknown version number (%d) in "
777 "credential cache file: %s", ""),
778 (int)tag
, FILENAME(id
));
787 krb5_storage_free(sp
);
788 fcc_unlock(context
, fd
);
793 static krb5_error_code KRB5_CALLCONV
794 fcc_get_principal(krb5_context context
,
796 krb5_principal
*principal
)
802 ret
= init_fcc (context
, id
, "get-pricipal", &sp
, &fd
, NULL
);
805 ret
= krb5_ret_principal(sp
, principal
);
807 krb5_clear_error_message(context
);
808 krb5_storage_free(sp
);
809 fcc_unlock(context
, fd
);
814 static krb5_error_code KRB5_CALLCONV
815 fcc_end_get (krb5_context context
,
817 krb5_cc_cursor
*cursor
);
819 static krb5_error_code KRB5_CALLCONV
820 fcc_get_first (krb5_context context
,
822 krb5_cc_cursor
*cursor
)
825 krb5_principal principal
;
827 if (FCACHE(id
) == NULL
)
828 return krb5_einval(context
, 2);
830 *cursor
= malloc(sizeof(struct fcc_cursor
));
831 if (*cursor
== NULL
) {
832 krb5_set_error_message(context
, ENOMEM
, N_("malloc: out of memory", ""));
835 memset(*cursor
, 0, sizeof(struct fcc_cursor
));
837 ret
= init_fcc(context
, id
, "get-frist", &FCC_CURSOR(*cursor
)->sp
,
838 &FCC_CURSOR(*cursor
)->fd
, NULL
);
844 ret
= krb5_ret_principal (FCC_CURSOR(*cursor
)->sp
, &principal
);
846 krb5_clear_error_message(context
);
847 fcc_end_get(context
, id
, cursor
);
850 krb5_free_principal (context
, principal
);
851 fcc_unlock(context
, FCC_CURSOR(*cursor
)->fd
);
855 static krb5_error_code KRB5_CALLCONV
856 fcc_get_next (krb5_context context
,
858 krb5_cc_cursor
*cursor
,
863 if (FCACHE(id
) == NULL
)
864 return krb5_einval(context
, 2);
866 if (FCC_CURSOR(*cursor
) == NULL
)
867 return krb5_einval(context
, 3);
869 if((ret
= fcc_lock(context
, id
, FCC_CURSOR(*cursor
)->fd
, FALSE
)) != 0)
871 FCC_CURSOR(*cursor
)->cred_start
= lseek(FCC_CURSOR(*cursor
)->fd
,
874 ret
= krb5_ret_creds(FCC_CURSOR(*cursor
)->sp
, creds
);
876 krb5_clear_error_message(context
);
878 FCC_CURSOR(*cursor
)->cred_end
= lseek(FCC_CURSOR(*cursor
)->fd
,
881 fcc_unlock(context
, FCC_CURSOR(*cursor
)->fd
);
885 static krb5_error_code KRB5_CALLCONV
886 fcc_end_get (krb5_context context
,
888 krb5_cc_cursor
*cursor
)
891 if (FCACHE(id
) == NULL
)
892 return krb5_einval(context
, 2);
894 if (FCC_CURSOR(*cursor
) == NULL
)
895 return krb5_einval(context
, 3);
897 krb5_storage_free(FCC_CURSOR(*cursor
)->sp
);
898 close (FCC_CURSOR(*cursor
)->fd
);
904 static void KRB5_CALLCONV
905 cred_delete(krb5_context context
,
907 krb5_cc_cursor
*cursor
,
912 krb5_data orig_cred_data
;
913 unsigned char *cred_data_in_file
= NULL
;
915 struct stat sb1
, sb2
;
918 krb5_flags flags
= 0;
919 krb5_const_realm srealm
= krb5_principal_get_realm(context
, cred
->server
);
921 /* This is best-effort code; if we lose track of errors here it's OK */
923 heim_assert(FCC_CURSOR(*cursor
)->cred_start
< FCC_CURSOR(*cursor
)->cred_end
,
924 "fcache internal error");
926 krb5_data_zero(&orig_cred_data
);
927 if (!krb5_config_get_bool_default(context
, NULL
, TRUE
,
929 "fcc-mit-ticketflags",
931 flags
= KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER
;
933 sp
= krb5_storage_emem();
936 krb5_storage_set_eof_code(sp
, KRB5_CC_END
);
937 storage_set_flags(context
, sp
, FCACHE(id
)->version
);
939 krb5_storage_set_flags(sp
, KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER
);
941 /* Get a copy of what the cred should look like in the file; see below */
942 ret
= krb5_store_creds(sp
, cred
);
946 ret
= krb5_storage_to_data(sp
, &orig_cred_data
);
949 krb5_storage_free(sp
);
951 cred_data_in_file
= malloc(orig_cred_data
.length
);
952 if (cred_data_in_file
== NULL
)
956 * Mark the cred expired; krb5_cc_retrieve_cred() callers should use
957 * KRB5_TC_MATCH_TIMES, so this should be good enough...
959 cred
->times
.endtime
= 0;
961 /* ...except for config creds because we don't check their endtimes */
962 if (srealm
&& strcmp(srealm
, "X-CACHECONF:") == 0) {
963 ret
= krb5_principal_set_realm(context
, cred
->server
, "X-RMED-CONF:");
968 sp
= krb5_storage_emem();
971 krb5_storage_set_eof_code(sp
, KRB5_CC_END
);
972 storage_set_flags(context
, sp
, FCACHE(id
)->version
);
974 krb5_storage_set_flags(sp
, KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER
);
976 ret
= krb5_store_creds(sp
, cred
);
978 /* The new cred must be the same size as the old cred */
979 new_cred_sz
= krb5_storage_seek(sp
, 0, SEEK_END
);
980 if (new_cred_sz
!= orig_cred_data
.length
|| new_cred_sz
!=
981 (FCC_CURSOR(*cursor
)->cred_end
- FCC_CURSOR(*cursor
)->cred_start
)) {
982 /* XXX This really can't happen. Assert like above? */
983 krb5_set_error_message(context
, EINVAL
,
984 N_("Credential deletion failed on ccache "
985 "FILE:%s: new credential size did not "
986 "match old credential size", ""),
991 ret
= fcc_open(context
, id
, "remove_cred", &fd
, O_RDWR
, 0);
996 * Check that we're updating the same file where we got the
997 * cred's offset, else we'd be corrupting a new ccache.
999 if (fstat(FCC_CURSOR(*cursor
)->fd
, &sb1
) == -1 ||
1000 fstat(fd
, &sb2
) == -1)
1002 if (sb1
.st_dev
!= sb2
.st_dev
|| sb1
.st_ino
!= sb2
.st_ino
)
1006 * Make sure what we overwrite is what we expected.
1008 * FIXME: We *really* need the ccache v4 tag for ccache ID. This
1009 * check that we're only overwriting something that looks exactly
1010 * like what we want to is probably good enough in practice, but
1011 * it's not guaranteed to work.
1013 if (lseek(fd
, FCC_CURSOR(*cursor
)->cred_start
, SEEK_SET
) == (off_t
)-1)
1015 bytes
= read(fd
, cred_data_in_file
, orig_cred_data
.length
);
1016 if (bytes
!= orig_cred_data
.length
)
1018 if (memcmp(orig_cred_data
.data
, cred_data_in_file
, bytes
) != 0)
1020 if (lseek(fd
, FCC_CURSOR(*cursor
)->cred_start
, SEEK_SET
) == (off_t
)-1)
1022 ret
= write_storage(context
, sp
, fd
);
1025 fcc_unlock(context
, fd
);
1026 if (close(fd
) < 0 && ret
== 0) {
1029 /* This error might be useful */
1030 rk_strerror_r(ret
, buf
, sizeof(buf
));
1032 krb5_set_error_message(context
, ret
, N_("close %s: %s", ""),
1036 krb5_data_free(&orig_cred_data
);
1037 free(cred_data_in_file
);
1038 krb5_storage_free(sp
);
1042 static krb5_error_code KRB5_CALLCONV
1043 fcc_remove_cred(krb5_context context
,
1048 krb5_error_code ret
, ret2
;
1049 krb5_cc_cursor cursor
;
1050 krb5_creds found_cred
;
1052 if (FCACHE(id
) == NULL
)
1053 return krb5_einval(context
, 2);
1055 ret
= krb5_cc_start_seq_get(context
, id
, &cursor
);
1058 while ((ret
= krb5_cc_next_cred(context
, id
, &cursor
, &found_cred
)) == 0) {
1059 if (!krb5_compare_creds(context
, which
, mcred
, &found_cred
))
1061 cred_delete(context
, id
, &cursor
, &found_cred
);
1062 krb5_free_cred_contents(context
, &found_cred
);
1064 ret2
= krb5_cc_end_seq_get(context
, id
, &cursor
);
1067 if (ret
== KRB5_CC_END
)
1072 static krb5_error_code KRB5_CALLCONV
1073 fcc_set_flags(krb5_context context
,
1077 if (FCACHE(id
) == NULL
)
1078 return krb5_einval(context
, 2);
1083 static int KRB5_CALLCONV
1084 fcc_get_version(krb5_context context
,
1087 if (FCACHE(id
) == NULL
)
1090 return FCACHE(id
)->version
;
1093 struct fcache_iter
{
1097 static krb5_error_code KRB5_CALLCONV
1098 fcc_get_cache_first(krb5_context context
, krb5_cc_cursor
*cursor
)
1100 struct fcache_iter
*iter
;
1102 iter
= calloc(1, sizeof(*iter
));
1104 krb5_set_error_message(context
, ENOMEM
, N_("malloc: out of memory", ""));
1112 static krb5_error_code KRB5_CALLCONV
1113 fcc_get_cache_next(krb5_context context
, krb5_cc_cursor cursor
, krb5_ccache
*id
)
1115 struct fcache_iter
*iter
= cursor
;
1116 krb5_error_code ret
;
1117 const char *fn
, *cc_type
;
1121 return krb5_einval(context
, 2);
1124 krb5_clear_error_message(context
);
1130 * Note: do not allow krb5_cc_default_name() to recurse via
1131 * krb5_cc_cache_match().
1132 * Note that context->default_cc_name will be NULL even though
1133 * KRB5CCNAME is set in the environment if
1134 * krb5_cc_set_default_name() hasn't
1136 fn
= krb5_cc_default_name(context
);
1137 ret
= krb5_cc_resolve(context
, fn
, &cc
);
1140 cc_type
= krb5_cc_get_type(context
, cc
);
1141 if (strcmp(cc_type
, "FILE") != 0) {
1142 krb5_cc_close(context
, cc
);
1151 static krb5_error_code KRB5_CALLCONV
1152 fcc_end_cache_get(krb5_context context
, krb5_cc_cursor cursor
)
1154 struct fcache_iter
*iter
= cursor
;
1157 return krb5_einval(context
, 2);
1163 static krb5_error_code KRB5_CALLCONV
1164 fcc_move(krb5_context context
, krb5_ccache from
, krb5_ccache to
)
1166 krb5_error_code ret
= 0;
1168 ret
= rk_rename(FILENAME(from
), FILENAME(to
));
1170 if (ret
&& errno
!= EXDEV
) {
1173 rk_strerror_r(ret
, buf
, sizeof(buf
));
1174 krb5_set_error_message(context
, ret
,
1175 N_("Rename of file from %s "
1176 "to %s failed: %s", ""),
1177 FILENAME(from
), FILENAME(to
), buf
);
1179 } else if (ret
&& errno
== EXDEV
) {
1180 /* make a copy and delete the orignal */
1181 krb5_ssize_t sz1
, sz2
;
1185 ret
= fcc_open(context
, from
, "move/from", &fd1
, O_RDONLY
, 0);
1189 unlink(FILENAME(to
));
1191 ret
= fcc_open(context
, to
, "move/to", &fd2
,
1192 O_WRONLY
| O_CREAT
| O_EXCL
, 0600);
1196 while((sz1
= read(fd1
, buf
, sizeof(buf
))) > 0) {
1197 sz2
= write(fd2
, buf
, sz1
);
1200 krb5_set_error_message(context
, ret
,
1201 N_("Failed to write data from one file "
1202 "credential cache to the other", ""));
1208 krb5_set_error_message(context
, ret
,
1209 N_("Failed to read data from one file "
1210 "credential cache to the other", ""));
1214 fcc_unlock(context
, fd2
);
1218 fcc_unlock(context
, fd1
);
1221 _krb5_erase_file(context
, FILENAME(from
));
1224 _krb5_erase_file(context
, FILENAME(to
));
1229 /* make sure ->version is uptodate */
1233 if ((ret
= init_fcc (context
, to
, "move", &sp
, &fd
, NULL
)) == 0) {
1235 krb5_storage_free(sp
);
1236 fcc_unlock(context
, fd
);
1241 fcc_close(context
, from
);
1246 static krb5_error_code KRB5_CALLCONV
1247 fcc_get_default_name(krb5_context context
, char **str
)
1249 return _krb5_expand_default_cc_name(context
,
1250 KRB5_DEFAULT_CCNAME_FILE
,
1254 static krb5_error_code KRB5_CALLCONV
1255 fcc_lastchange(krb5_context context
, krb5_ccache id
, krb5_timestamp
*mtime
)
1257 krb5_error_code ret
;
1261 ret
= fcc_open(context
, id
, "lastchange", &fd
, O_RDONLY
, 0);
1264 ret
= fstat(fd
, &sb
);
1268 krb5_set_error_message(context
, ret
, N_("Failed to stat cache file", ""));
1271 *mtime
= sb
.st_mtime
;
1275 static krb5_error_code KRB5_CALLCONV
1276 fcc_set_kdc_offset(krb5_context context
, krb5_ccache id
, krb5_deltat kdc_offset
)
1281 static krb5_error_code KRB5_CALLCONV
1282 fcc_get_kdc_offset(krb5_context context
, krb5_ccache id
, krb5_deltat
*kdc_offset
)
1284 krb5_error_code ret
;
1285 krb5_storage
*sp
= NULL
;
1287 ret
= init_fcc(context
, id
, "get-kdc-offset", &sp
, &fd
, kdc_offset
);
1289 krb5_storage_free(sp
);
1290 fcc_unlock(context
, fd
);
1298 * Variable containing the FILE based credential cache implemention.
1300 * @ingroup krb5_ccache
1303 KRB5_LIB_VARIABLE
const krb5_cc_ops krb5_fcc_ops
= {
1304 KRB5_CC_OPS_VERSION
,
1313 NULL
, /* fcc_retrieve */
1321 fcc_get_cache_first
,
1325 fcc_get_default_name
,