2 * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "krb5_locl.h"
36 typedef struct krb5_fcache
{
46 #define KRB5_FCC_FVNO_1 1
47 #define KRB5_FCC_FVNO_2 2
48 #define KRB5_FCC_FVNO_3 3
49 #define KRB5_FCC_FVNO_4 4
51 #define FCC_TAG_DELTATIME 1
53 #define FCACHE(X) ((krb5_fcache*)(X)->data.data)
55 #define FILENAME(X) (FCACHE(X)->filename)
57 #define FCC_CURSOR(C) ((struct fcc_cursor*)(C))
60 fcc_get_name(krb5_context context
,
67 _krb5_xlock(krb5_context context
, int fd
, krb5_boolean exclusive
,
76 l
.l_type
= exclusive
? F_WRLCK
: F_RDLCK
;
77 l
.l_whence
= SEEK_SET
;
78 ret
= fcntl(fd
, F_SETLKW
, &l
);
80 ret
= flock(fd
, exclusive
? LOCK_EX
: LOCK_SH
);
84 if(ret
== EACCES
) /* fcntl can return EACCES instead of EAGAIN */
90 case EINVAL
: /* filesystem doesn't support locking, let the user have it */
94 krb5_set_error_message(context
, ret
,
95 N_("timed out locking cache file %s", "file"),
99 krb5_set_error_message(context
, ret
,
100 N_("error locking cache file %s: %s",
102 filename
, strerror(ret
));
109 _krb5_xunlock(krb5_context context
, int fd
)
117 l
.l_whence
= SEEK_SET
;
118 ret
= fcntl(fd
, F_SETLKW
, &l
);
120 ret
= flock(fd
, LOCK_UN
);
127 case EINVAL
: /* filesystem doesn't support locking, let the user have it */
131 krb5_set_error_message(context
, ret
,
132 N_("Failed to unlock file: %s", ""),
139 static krb5_error_code
140 write_storage(krb5_context context
, krb5_storage
*sp
, int fd
)
146 ret
= krb5_storage_to_data(sp
, &data
);
148 krb5_set_error_message(context
, ret
, N_("malloc: out of memory", ""));
151 sret
= write(fd
, data
.data
, data
.length
);
152 ret
= (sret
!= data
.length
);
153 krb5_data_free(&data
);
156 krb5_set_error_message(context
, ret
,
157 N_("Failed to write FILE credential data", ""));
164 static krb5_error_code
165 fcc_lock(krb5_context context
, krb5_ccache id
,
166 int fd
, krb5_boolean exclusive
)
168 return _krb5_xlock(context
, fd
, exclusive
, fcc_get_name(context
, id
));
171 static krb5_error_code
172 fcc_unlock(krb5_context context
, int fd
)
174 return _krb5_xunlock(context
, fd
);
177 static krb5_error_code
178 fcc_resolve(krb5_context context
, krb5_ccache
*id
, const char *res
)
181 f
= malloc(sizeof(*f
));
183 krb5_set_error_message(context
, KRB5_CC_NOMEM
,
184 N_("malloc: out of memory", ""));
185 return KRB5_CC_NOMEM
;
187 f
->filename
= strdup(res
);
188 if(f
->filename
== NULL
){
190 krb5_set_error_message(context
, KRB5_CC_NOMEM
,
191 N_("malloc: out of memory", ""));
192 return KRB5_CC_NOMEM
;
195 (*id
)->data
.data
= f
;
196 (*id
)->data
.length
= sizeof(*f
);
201 * Try to scrub the contents of `filename' safely.
210 pos
= lseek(fd
, 0, SEEK_END
);
213 if (lseek(fd
, 0, SEEK_SET
) < 0)
215 memset(buf
, 0, sizeof(buf
));
217 ssize_t tmp
= write(fd
, buf
, min(sizeof(buf
), pos
));
228 * Erase `filename' if it exists, trying to remove the contents if
229 * it's `safe'. We always try to remove the file, it it exists. It's
230 * only overwritten if it's a regular file (not a symlink and not a
235 _krb5_erase_file(krb5_context context
, const char *filename
)
238 struct stat sb1
, sb2
;
241 ret
= lstat (filename
, &sb1
);
245 fd
= open(filename
, O_RDWR
| O_BINARY
);
253 ret
= _krb5_xlock(context
, fd
, 1, filename
);
258 if (unlink(filename
) < 0) {
259 _krb5_xunlock(context
, fd
);
263 ret
= fstat (fd
, &sb2
);
265 _krb5_xunlock(context
, fd
);
270 /* check if someone was playing with symlinks */
272 if (sb1
.st_dev
!= sb2
.st_dev
|| sb1
.st_ino
!= sb2
.st_ino
) {
273 _krb5_xunlock(context
, fd
);
278 /* there are still hard links to this file */
280 if (sb2
.st_nlink
!= 0) {
281 _krb5_xunlock(context
, fd
);
286 ret
= scrub_file (fd
);
288 _krb5_xunlock(context
, fd
);
292 ret
= _krb5_xunlock(context
, fd
);
297 static krb5_error_code
298 fcc_gen_new(krb5_context context
, krb5_ccache
*id
)
304 f
= malloc(sizeof(*f
));
306 krb5_set_error_message(context
, KRB5_CC_NOMEM
,
307 N_("malloc: out of memory", ""));
308 return KRB5_CC_NOMEM
;
310 asprintf (&file
, "%sXXXXXX", KRB5_DEFAULT_CCFILE_ROOT
);
313 krb5_set_error_message(context
, KRB5_CC_NOMEM
,
314 N_("malloc: out of memory", ""));
315 return KRB5_CC_NOMEM
;
320 krb5_set_error_message(context
, ret
, N_("mkstemp %s failed", ""), file
);
328 (*id
)->data
.data
= f
;
329 (*id
)->data
.length
= sizeof(*f
);
334 storage_set_flags(krb5_context context
, krb5_storage
*sp
, int vno
)
338 case KRB5_FCC_FVNO_1
:
339 flags
|= KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS
;
340 flags
|= KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE
;
341 flags
|= KRB5_STORAGE_HOST_BYTEORDER
;
343 case KRB5_FCC_FVNO_2
:
344 flags
|= KRB5_STORAGE_HOST_BYTEORDER
;
346 case KRB5_FCC_FVNO_3
:
347 flags
|= KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE
;
349 case KRB5_FCC_FVNO_4
:
353 "storage_set_flags called with bad vno (%x)", vno
);
355 krb5_storage_set_flags(sp
, flags
);
358 static krb5_error_code
359 fcc_open(krb5_context context
,
365 krb5_boolean exclusive
= ((flags
| O_WRONLY
) == flags
||
366 (flags
| O_RDWR
) == flags
);
368 const char *filename
= FILENAME(id
);
370 fd
= open(filename
, flags
, mode
);
373 krb5_set_error_message(context
, ret
, N_("open(%s): %s", "file, error"),
374 filename
, strerror(ret
));
379 if((ret
= fcc_lock(context
, id
, fd
, exclusive
)) != 0) {
387 static krb5_error_code
388 fcc_initialize(krb5_context context
,
390 krb5_principal primary_principal
)
392 krb5_fcache
*f
= FCACHE(id
);
395 char *filename
= f
->filename
;
399 ret
= fcc_open(context
, id
, &fd
, O_RDWR
| O_CREAT
| O_EXCL
| O_BINARY
| O_CLOEXEC
, 0600);
404 sp
= krb5_storage_emem();
405 krb5_storage_set_eof_code(sp
, KRB5_CC_END
);
406 if(context
->fcache_vno
!= 0)
407 f
->version
= context
->fcache_vno
;
409 f
->version
= KRB5_FCC_FVNO_4
;
410 ret
|= krb5_store_int8(sp
, 5);
411 ret
|= krb5_store_int8(sp
, f
->version
);
412 storage_set_flags(context
, sp
, f
->version
);
413 if(f
->version
== KRB5_FCC_FVNO_4
&& ret
== 0) {
415 if (context
->kdc_sec_offset
) {
416 ret
|= krb5_store_int16 (sp
, 12); /* length */
417 ret
|= krb5_store_int16 (sp
, FCC_TAG_DELTATIME
); /* Tag */
418 ret
|= krb5_store_int16 (sp
, 8); /* length of data */
419 ret
|= krb5_store_int32 (sp
, context
->kdc_sec_offset
);
420 ret
|= krb5_store_int32 (sp
, context
->kdc_usec_offset
);
422 ret
|= krb5_store_int16 (sp
, 0);
425 ret
|= krb5_store_principal(sp
, primary_principal
);
427 ret
|= write_storage(context
, sp
, fd
);
429 krb5_storage_free(sp
);
431 fcc_unlock(context
, fd
);
435 krb5_set_error_message (context
, ret
, N_("close %s: %s", ""),
436 FILENAME(id
), strerror(ret
));
441 static krb5_error_code
442 fcc_close(krb5_context context
,
446 krb5_data_free(&id
->data
);
450 static krb5_error_code
451 fcc_destroy(krb5_context context
,
454 _krb5_erase_file(context
, FILENAME(id
));
458 static krb5_error_code
459 fcc_store_cred(krb5_context context
,
466 ret
= fcc_open(context
, id
, &fd
, O_WRONLY
| O_APPEND
| O_BINARY
| O_CLOEXEC
, 0);
472 sp
= krb5_storage_emem();
473 krb5_storage_set_eof_code(sp
, KRB5_CC_END
);
474 storage_set_flags(context
, sp
, FCACHE(id
)->version
);
475 if (!krb5_config_get_bool_default(context
, NULL
, TRUE
,
477 "fcc-mit-ticketflags",
479 krb5_storage_set_flags(sp
, KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER
);
480 ret
= krb5_store_creds(sp
, creds
);
482 ret
= write_storage(context
, sp
, fd
);
483 krb5_storage_free(sp
);
485 fcc_unlock(context
, fd
);
489 krb5_set_error_message (context
, ret
, N_("close %s: %s", ""),
490 FILENAME(id
), strerror(ret
));
496 static krb5_error_code
497 init_fcc (krb5_context context
,
499 krb5_storage
**ret_sp
,
507 ret
= fcc_open(context
, id
, &fd
, O_RDONLY
| O_BINARY
| O_CLOEXEC
, 0);
511 sp
= krb5_storage_from_fd(fd
);
513 krb5_clear_error_message(context
);
517 krb5_storage_set_eof_code(sp
, KRB5_CC_END
);
518 ret
= krb5_ret_int8(sp
, &pvno
);
520 if(ret
== KRB5_CC_END
) {
522 krb5_set_error_message(context
, ret
,
523 N_("Empty credential cache file: %s", ""),
526 krb5_set_error_message(context
, ret
, N_("Error reading pvno "
527 "in cache file: %s", ""),
532 ret
= KRB5_CCACHE_BADVNO
;
533 krb5_set_error_message(context
, ret
, N_("Bad version number in credential "
534 "cache file: %s", ""),
538 ret
= krb5_ret_int8(sp
, &tag
); /* should not be host byte order */
540 ret
= KRB5_CC_FORMAT
;
541 krb5_set_error_message(context
, ret
, "Error reading tag in "
542 "cache file: %s", FILENAME(id
));
545 FCACHE(id
)->version
= tag
;
546 storage_set_flags(context
, sp
, FCACHE(id
)->version
);
548 case KRB5_FCC_FVNO_4
: {
551 ret
= krb5_ret_int16 (sp
, &length
);
553 ret
= KRB5_CC_FORMAT
;
554 krb5_set_error_message(context
, ret
,
555 N_("Error reading tag length in "
556 "cache file: %s", ""), FILENAME(id
));
560 int16_t dtag
, data_len
;
564 ret
= krb5_ret_int16 (sp
, &dtag
);
566 ret
= KRB5_CC_FORMAT
;
567 krb5_set_error_message(context
, ret
, N_("Error reading dtag in "
568 "cache file: %s", ""),
572 ret
= krb5_ret_int16 (sp
, &data_len
);
574 ret
= KRB5_CC_FORMAT
;
575 krb5_set_error_message(context
, ret
,
576 N_("Error reading dlength "
577 "in cache file: %s",""),
582 case FCC_TAG_DELTATIME
:
583 ret
= krb5_ret_int32 (sp
, &context
->kdc_sec_offset
);
585 ret
= KRB5_CC_FORMAT
;
586 krb5_set_error_message(context
, ret
,
587 N_("Error reading kdc_sec in "
588 "cache file: %s", ""),
592 ret
= krb5_ret_int32 (sp
, &context
->kdc_usec_offset
);
594 ret
= KRB5_CC_FORMAT
;
595 krb5_set_error_message(context
, ret
,
596 N_("Error reading kdc_usec in "
597 "cache file: %s", ""),
603 for (i
= 0; i
< data_len
; ++i
) {
604 ret
= krb5_ret_int8 (sp
, &dummy
);
606 ret
= KRB5_CC_FORMAT
;
607 krb5_set_error_message(context
, ret
,
608 N_("Error reading unknown "
609 "tag in cache file: %s", ""),
616 length
-= 4 + data_len
;
620 case KRB5_FCC_FVNO_3
:
621 case KRB5_FCC_FVNO_2
:
622 case KRB5_FCC_FVNO_1
:
625 ret
= KRB5_CCACHE_BADVNO
;
626 krb5_set_error_message(context
, ret
,
627 N_("Unknown version number (%d) in "
628 "credential cache file: %s", ""),
629 (int)tag
, FILENAME(id
));
638 krb5_storage_free(sp
);
639 fcc_unlock(context
, fd
);
644 static krb5_error_code
645 fcc_get_principal(krb5_context context
,
647 krb5_principal
*principal
)
653 ret
= init_fcc (context
, id
, &sp
, &fd
);
656 ret
= krb5_ret_principal(sp
, principal
);
658 krb5_clear_error_message(context
);
659 krb5_storage_free(sp
);
660 fcc_unlock(context
, fd
);
665 static krb5_error_code
666 fcc_end_get (krb5_context context
,
668 krb5_cc_cursor
*cursor
);
670 static krb5_error_code
671 fcc_get_first (krb5_context context
,
673 krb5_cc_cursor
*cursor
)
676 krb5_principal principal
;
678 *cursor
= malloc(sizeof(struct fcc_cursor
));
679 if (*cursor
== NULL
) {
680 krb5_set_error_message(context
, ENOMEM
, N_("malloc: out of memory", ""));
683 memset(*cursor
, 0, sizeof(struct fcc_cursor
));
685 ret
= init_fcc (context
, id
, &FCC_CURSOR(*cursor
)->sp
,
686 &FCC_CURSOR(*cursor
)->fd
);
692 ret
= krb5_ret_principal (FCC_CURSOR(*cursor
)->sp
, &principal
);
694 krb5_clear_error_message(context
);
695 fcc_end_get(context
, id
, cursor
);
698 krb5_free_principal (context
, principal
);
699 fcc_unlock(context
, FCC_CURSOR(*cursor
)->fd
);
703 static krb5_error_code
704 fcc_get_next (krb5_context context
,
706 krb5_cc_cursor
*cursor
,
710 if((ret
= fcc_lock(context
, id
, FCC_CURSOR(*cursor
)->fd
, FALSE
)) != 0)
713 ret
= krb5_ret_creds(FCC_CURSOR(*cursor
)->sp
, creds
);
715 krb5_clear_error_message(context
);
717 fcc_unlock(context
, FCC_CURSOR(*cursor
)->fd
);
721 static krb5_error_code
722 fcc_end_get (krb5_context context
,
724 krb5_cc_cursor
*cursor
)
726 krb5_storage_free(FCC_CURSOR(*cursor
)->sp
);
727 close (FCC_CURSOR(*cursor
)->fd
);
733 static krb5_error_code
734 fcc_remove_cred(krb5_context context
,
740 krb5_ccache copy
, newfile
;
744 ret
= krb5_cc_new_unique(context
, krb5_cc_type_memory
, NULL
, ©
);
748 ret
= krb5_cc_copy_cache(context
, id
, copy
);
750 krb5_cc_destroy(context
, copy
);
754 ret
= krb5_cc_remove_cred(context
, copy
, which
, cred
);
756 krb5_cc_destroy(context
, copy
);
760 asprintf(&newname
, "FILE:%s.XXXXXX", FILENAME(id
));
761 if (newname
== NULL
) {
762 krb5_cc_destroy(context
, copy
);
766 fd
= mkstemp(&newname
[5]);
769 krb5_cc_destroy(context
, copy
);
774 ret
= krb5_cc_resolve(context
, newname
, &newfile
);
778 krb5_cc_destroy(context
, copy
);
782 ret
= krb5_cc_copy_cache(context
, copy
, newfile
);
783 krb5_cc_destroy(context
, copy
);
786 krb5_cc_destroy(context
, newfile
);
790 ret
= rename(&newname
[5], FILENAME(id
));
794 krb5_cc_close(context
, newfile
);
799 static krb5_error_code
800 fcc_set_flags(krb5_context context
,
808 fcc_get_version(krb5_context context
,
811 return FCACHE(id
)->version
;
818 static krb5_error_code
819 fcc_get_cache_first(krb5_context context
, krb5_cc_cursor
*cursor
)
821 struct fcache_iter
*iter
;
823 iter
= calloc(1, sizeof(*iter
));
825 krb5_set_error_message(context
, ENOMEM
, N_("malloc: out of memory", ""));
833 static krb5_error_code
834 fcc_get_cache_next(krb5_context context
, krb5_cc_cursor cursor
, krb5_ccache
*id
)
836 struct fcache_iter
*iter
= cursor
;
839 char *expandedfn
= NULL
;
842 krb5_clear_error_message(context
);
847 fn
= krb5_cc_default_name(context
);
848 if (fn
== NULL
|| strncasecmp(fn
, "FILE:", 5) != 0) {
849 ret
= _krb5_expand_default_cc_name(context
,
850 KRB5_DEFAULT_CCNAME_FILE
,
856 ret
= krb5_cc_resolve(context
, fn
, id
);
863 static krb5_error_code
864 fcc_end_cache_get(krb5_context context
, krb5_cc_cursor cursor
)
866 struct fcache_iter
*iter
= cursor
;
871 static krb5_error_code
872 fcc_move(krb5_context context
, krb5_ccache from
, krb5_ccache to
)
874 krb5_error_code ret
= 0;
876 ret
= rename(FILENAME(from
), FILENAME(to
));
877 if (ret
&& errno
!= EXDEV
) {
879 krb5_set_error_message(context
, ret
,
880 N_("Rename of file from %s "
881 "to %s failed: %s", ""),
882 FILENAME(from
), FILENAME(to
),
885 } else if (ret
&& errno
== EXDEV
) {
886 /* make a copy and delete the orignal */
887 krb5_ssize_t sz1
, sz2
;
891 ret
= fcc_open(context
, from
, &fd1
, O_RDONLY
| O_BINARY
| O_CLOEXEC
, 0);
895 unlink(FILENAME(to
));
897 ret
= fcc_open(context
, to
, &fd2
,
898 O_WRONLY
| O_CREAT
| O_EXCL
| O_BINARY
| O_CLOEXEC
, 0600);
902 while((sz1
= read(fd1
, buf
, sizeof(buf
))) > 0) {
903 sz2
= write(fd2
, buf
, sz1
);
906 krb5_set_error_message(context
, ret
,
907 N_("Failed to write data from one file "
908 "credential cache to the other", ""));
914 krb5_set_error_message(context
, ret
,
915 N_("Failed to read data from one file "
916 "credential cache to the other", ""));
920 fcc_unlock(context
, fd2
);
924 fcc_unlock(context
, fd1
);
927 _krb5_erase_file(context
, FILENAME(from
));
930 _krb5_erase_file(context
, FILENAME(to
));
935 /* make sure ->version is uptodate */
939 ret
= init_fcc (context
, to
, &sp
, &fd
);
941 krb5_storage_free(sp
);
942 fcc_unlock(context
, fd
);
946 fcc_destroy(context
, from
);
951 static krb5_error_code
952 fcc_get_default_name(krb5_context context
, char **str
)
954 return _krb5_expand_default_cc_name(context
,
955 KRB5_DEFAULT_CCNAME_FILE
,
959 static krb5_error_code
960 fcc_lastchange(krb5_context context
, krb5_ccache id
, krb5_timestamp
*mtime
)
966 ret
= fcc_open(context
, id
, &fd
, O_RDONLY
| O_BINARY
| O_CLOEXEC
, 0);
969 ret
= fstat(fd
, &sb
);
973 krb5_set_error_message(context
, ret
, N_("Failed to stat cache file", ""));
976 *mtime
= sb
.st_mtime
;
981 * Variable containing the FILE based credential cache implemention.
983 * @ingroup krb5_ccache
986 KRB5_LIB_VARIABLE
const krb5_cc_ops krb5_fcc_ops
= {
996 NULL
, /* fcc_retrieve */
1004 fcc_get_cache_first
,
1008 fcc_get_default_name
,