2 * Copyright (c) 1997-2008 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "krb5_locl.h"
35 #include "store-int.h"
37 #define BYTEORDER_IS(SP, V) (((SP)->flags & KRB5_STORAGE_BYTEORDER_MASK) == (V))
38 #define BYTEORDER_IS_LE(SP) BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_LE)
39 #define BYTEORDER_IS_BE(SP) BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_BE)
40 #define BYTEORDER_IS_HOST(SP) (BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_HOST) || \
41 krb5_storage_is_flags((SP), KRB5_STORAGE_HOST_BYTEORDER))
44 * Add the flags on a storage buffer by or-ing in the flags to the buffer.
46 * @param sp the storage buffer to set the flags on
47 * @param flags the flags to set
49 * @ingroup krb5_storage
52 KRB5_LIB_FUNCTION
void KRB5_LIB_CALL
53 krb5_storage_set_flags(krb5_storage
*sp
, krb5_flags flags
)
59 * Clear the flags on a storage buffer
61 * @param sp the storage buffer to clear the flags on
62 * @param flags the flags to clear
64 * @ingroup krb5_storage
67 KRB5_LIB_FUNCTION
void KRB5_LIB_CALL
68 krb5_storage_clear_flags(krb5_storage
*sp
, krb5_flags flags
)
74 * Return true or false depending on if the storage flags is set or
75 * not. NB testing for the flag 0 always return true.
77 * @param sp the storage buffer to check flags on
78 * @param flags The flags to test for
80 * @return true if all the flags are set, false if not.
82 * @ingroup krb5_storage
85 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
86 krb5_storage_is_flags(krb5_storage
*sp
, krb5_flags flags
)
88 return (sp
->flags
& flags
) == flags
;
92 * Set the new byte order of the storage buffer.
94 * @param sp the storage buffer to set the byte order for.
95 * @param byteorder the new byte order.
97 * The byte order are: KRB5_STORAGE_BYTEORDER_BE,
98 * KRB5_STORAGE_BYTEORDER_LE and KRB5_STORAGE_BYTEORDER_HOST.
100 * @ingroup krb5_storage
103 KRB5_LIB_FUNCTION
void KRB5_LIB_CALL
104 krb5_storage_set_byteorder(krb5_storage
*sp
, krb5_flags byteorder
)
106 sp
->flags
&= ~KRB5_STORAGE_BYTEORDER_MASK
;
107 sp
->flags
|= byteorder
;
111 * Return the current byteorder for the buffer. See krb5_storage_set_byteorder() for the list or byte order contants.
113 * @ingroup krb5_storage
116 KRB5_LIB_FUNCTION krb5_flags KRB5_LIB_CALL
117 krb5_storage_get_byteorder(krb5_storage
*sp
)
119 return sp
->flags
& KRB5_STORAGE_BYTEORDER_MASK
;
123 * Set the max alloc value
125 * @param sp the storage buffer set the max allow for
126 * @param size maximum size to allocate, use 0 to remove limit
128 * @ingroup krb5_storage
131 KRB5_LIB_FUNCTION
void KRB5_LIB_CALL
132 krb5_storage_set_max_alloc(krb5_storage
*sp
, size_t size
)
134 sp
->max_alloc
= size
;
137 /* don't allocate unresonable amount of memory */
138 static krb5_error_code
139 size_too_large(krb5_storage
*sp
, size_t size
)
141 if (sp
->max_alloc
&& sp
->max_alloc
< size
)
142 return HEIM_ERR_TOO_BIG
;
146 static krb5_error_code
147 size_too_large_num(krb5_storage
*sp
, size_t count
, size_t size
)
149 if (sp
->max_alloc
== 0 || size
== 0)
151 size
= sp
->max_alloc
/ size
;
153 return HEIM_ERR_TOO_BIG
;
158 * Seek to a new offset.
160 * @param sp the storage buffer to seek in.
161 * @param offset the offset to seek
162 * @param whence relateive searching, SEEK_CUR from the current
163 * position, SEEK_END from the end, SEEK_SET absolute from the start.
165 * @return The new current offset
167 * @ingroup krb5_storage
170 KRB5_LIB_FUNCTION off_t KRB5_LIB_CALL
171 krb5_storage_seek(krb5_storage
*sp
, off_t offset
, int whence
)
173 return (*sp
->seek
)(sp
, offset
, whence
);
177 * Truncate the storage buffer in sp to offset.
179 * @param sp the storage buffer to truncate.
180 * @param offset the offset to truncate too.
182 * @return An Kerberos 5 error code.
184 * @ingroup krb5_storage
187 KRB5_LIB_FUNCTION
int KRB5_LIB_CALL
188 krb5_storage_truncate(krb5_storage
*sp
, off_t offset
)
190 return (*sp
->trunc
)(sp
, offset
);
194 * Read to the storage buffer.
196 * @param sp the storage buffer to read from
197 * @param buf the buffer to store the data in
198 * @param len the length to read
200 * @return The length of data read (can be shorter then len), or negative on error.
202 * @ingroup krb5_storage
205 KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL
206 krb5_storage_read(krb5_storage
*sp
, void *buf
, size_t len
)
208 return sp
->fetch(sp
, buf
, len
);
212 * Write to the storage buffer.
214 * @param sp the storage buffer to write to
215 * @param buf the buffer to write to the storage buffer
216 * @param len the length to write
218 * @return The length of data written (can be shorter then len), or negative on error.
220 * @ingroup krb5_storage
223 KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL
224 krb5_storage_write(krb5_storage
*sp
, const void *buf
, size_t len
)
226 return sp
->store(sp
, buf
, len
);
230 * Set the return code that will be used when end of storage is reached.
232 * @param sp the storage
233 * @param code the error code to return on end of storage
235 * @ingroup krb5_storage
238 KRB5_LIB_FUNCTION
void KRB5_LIB_CALL
239 krb5_storage_set_eof_code(krb5_storage
*sp
, int code
)
245 * Get the return code that will be used when end of storage is reached.
247 * @param sp the storage
249 * @return storage error code
251 * @ingroup krb5_storage
254 KRB5_LIB_FUNCTION
int KRB5_LIB_CALL
255 krb5_storage_get_eof_code(krb5_storage
*sp
)
261 * Free a krb5 storage.
263 * @param sp the storage to free.
265 * @return An Kerberos 5 error code.
267 * @ingroup krb5_storage
270 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
271 krb5_storage_free(krb5_storage
*sp
)
281 * Copy the contnent of storage
283 * @param sp the storage to copy to a data
284 * @param data the copied data, free with krb5_data_free()
286 * @return 0 for success, or a Kerberos 5 error code on failure.
288 * @ingroup krb5_storage
291 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
292 krb5_storage_to_data(krb5_storage
*sp
, krb5_data
*data
)
297 pos
= sp
->seek(sp
, 0, SEEK_CUR
);
299 return HEIM_ERR_NOT_SEEKABLE
;
300 size
= sp
->seek(sp
, 0, SEEK_END
);
301 ret
= size_too_large(sp
, size
);
304 ret
= krb5_data_alloc(data
, size
);
306 sp
->seek(sp
, pos
, SEEK_SET
);
310 sp
->seek(sp
, 0, SEEK_SET
);
311 sp
->fetch(sp
, data
->data
, data
->length
);
312 sp
->seek(sp
, pos
, SEEK_SET
);
317 static krb5_error_code
318 krb5_store_int(krb5_storage
*sp
,
327 _krb5_put_int(v
, value
, len
);
328 ret
= sp
->store(sp
, v
, len
);
331 if ((size_t)ret
!= len
)
337 * Store a int32 to storage, byte order is controlled by the settings
338 * on the storage, see krb5_storage_set_byteorder().
340 * @param sp the storage to write too
341 * @param value the value to store
343 * @return 0 for success, or a Kerberos 5 error code on failure.
345 * @ingroup krb5_storage
348 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
349 krb5_store_int32(krb5_storage
*sp
,
352 if(BYTEORDER_IS_HOST(sp
))
353 value
= htonl(value
);
354 else if(BYTEORDER_IS_LE(sp
))
355 value
= bswap32(value
);
356 return krb5_store_int(sp
, value
, 4);
360 * Store a uint32 to storage, byte order is controlled by the settings
361 * on the storage, see krb5_storage_set_byteorder().
363 * @param sp the storage to write too
364 * @param value the value to store
366 * @return 0 for success, or a Kerberos 5 error code on failure.
368 * @ingroup krb5_storage
371 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
372 krb5_store_uint32(krb5_storage
*sp
,
375 return krb5_store_int32(sp
, (int32_t)value
);
378 static krb5_error_code
379 krb5_ret_int(krb5_storage
*sp
,
386 ret
= sp
->fetch(sp
, v
, len
);
389 if ((size_t)ret
!= len
)
391 _krb5_get_int(v
, &w
, len
);
397 * Read a int32 from storage, byte order is controlled by the settings
398 * on the storage, see krb5_storage_set_byteorder().
400 * @param sp the storage to write too
401 * @param value the value read from the buffer
403 * @return 0 for success, or a Kerberos 5 error code on failure.
405 * @ingroup krb5_storage
408 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
409 krb5_ret_int32(krb5_storage
*sp
,
412 krb5_error_code ret
= krb5_ret_int(sp
, value
, 4);
415 if(BYTEORDER_IS_HOST(sp
))
416 *value
= htonl(*value
);
417 else if(BYTEORDER_IS_LE(sp
))
418 *value
= bswap32(*value
);
423 * Read a uint32 from storage, byte order is controlled by the settings
424 * on the storage, see krb5_storage_set_byteorder().
426 * @param sp the storage to write too
427 * @param value the value read from the buffer
429 * @return 0 for success, or a Kerberos 5 error code on failure.
431 * @ingroup krb5_storage
434 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
435 krb5_ret_uint32(krb5_storage
*sp
,
441 ret
= krb5_ret_int32(sp
, &v
);
443 *value
= (uint32_t)v
;
449 * Store a int16 to storage, byte order is controlled by the settings
450 * on the storage, see krb5_storage_set_byteorder().
452 * @param sp the storage to write too
453 * @param value the value to store
455 * @return 0 for success, or a Kerberos 5 error code on failure.
457 * @ingroup krb5_storage
460 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
461 krb5_store_int16(krb5_storage
*sp
,
464 if(BYTEORDER_IS_HOST(sp
))
465 value
= htons(value
);
466 else if(BYTEORDER_IS_LE(sp
))
467 value
= bswap16(value
);
468 return krb5_store_int(sp
, value
, 2);
472 * Store a uint16 to storage, byte order is controlled by the settings
473 * on the storage, see krb5_storage_set_byteorder().
475 * @param sp the storage to write too
476 * @param value the value to store
478 * @return 0 for success, or a Kerberos 5 error code on failure.
480 * @ingroup krb5_storage
483 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
484 krb5_store_uint16(krb5_storage
*sp
,
487 return krb5_store_int16(sp
, (int16_t)value
);
491 * Read a int16 from storage, byte order is controlled by the settings
492 * on the storage, see krb5_storage_set_byteorder().
494 * @param sp the storage to write too
495 * @param value the value read from the buffer
497 * @return 0 for success, or a Kerberos 5 error code on failure.
499 * @ingroup krb5_storage
502 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
503 krb5_ret_int16(krb5_storage
*sp
,
508 ret
= krb5_ret_int(sp
, &v
, 2);
512 if(BYTEORDER_IS_HOST(sp
))
513 *value
= htons(*value
);
514 else if(BYTEORDER_IS_LE(sp
))
515 *value
= bswap16(*value
);
520 * Read a int16 from storage, byte order is controlled by the settings
521 * on the storage, see krb5_storage_set_byteorder().
523 * @param sp the storage to write too
524 * @param value the value read from the buffer
526 * @return 0 for success, or a Kerberos 5 error code on failure.
528 * @ingroup krb5_storage
531 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
532 krb5_ret_uint16(krb5_storage
*sp
,
538 ret
= krb5_ret_int16(sp
, &v
);
540 *value
= (uint16_t)v
;
546 * Store a int8 to storage.
548 * @param sp the storage to write too
549 * @param value the value to store
551 * @return 0 for success, or a Kerberos 5 error code on failure.
553 * @ingroup krb5_storage
556 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
557 krb5_store_int8(krb5_storage
*sp
,
562 ret
= sp
->store(sp
, &value
, sizeof(value
));
563 if (ret
!= sizeof(value
))
564 return (ret
<0)?errno
:sp
->eof_code
;
569 * Store a uint8 to storage.
571 * @param sp the storage to write too
572 * @param value the value to store
574 * @return 0 for success, or a Kerberos 5 error code on failure.
576 * @ingroup krb5_storage
579 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
580 krb5_store_uint8(krb5_storage
*sp
,
583 return krb5_store_int8(sp
, (int8_t)value
);
587 * Read a int8 from storage
589 * @param sp the storage to write too
590 * @param value the value read from the buffer
592 * @return 0 for success, or a Kerberos 5 error code on failure.
594 * @ingroup krb5_storage
597 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
598 krb5_ret_int8(krb5_storage
*sp
,
603 ret
= sp
->fetch(sp
, value
, sizeof(*value
));
604 if (ret
!= sizeof(*value
))
605 return (ret
<0)?errno
:sp
->eof_code
;
610 * Read a uint8 from storage
612 * @param sp the storage to write too
613 * @param value the value read from the buffer
615 * @return 0 for success, or a Kerberos 5 error code on failure.
617 * @ingroup krb5_storage
620 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
621 krb5_ret_uint8(krb5_storage
*sp
,
627 ret
= krb5_ret_int8(sp
, &v
);
635 * Store a data to the storage. The data is stored with an int32 as
636 * lenght plus the data (not padded).
638 * @param sp the storage buffer to write to
639 * @param data the buffer to store.
641 * @return 0 on success, a Kerberos 5 error code on failure.
643 * @ingroup krb5_storage
646 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
647 krb5_store_data(krb5_storage
*sp
,
651 ret
= krb5_store_int32(sp
, data
.length
);
654 ret
= sp
->store(sp
, data
.data
, data
.length
);
657 if((size_t)ret
!= data
.length
)
663 * Parse a data from the storage.
665 * @param sp the storage buffer to read from
666 * @param data the parsed data
668 * @return 0 on success, a Kerberos 5 error code on failure.
670 * @ingroup krb5_storage
673 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
674 krb5_ret_data(krb5_storage
*sp
,
680 ret
= krb5_ret_int32(sp
, &size
);
683 ret
= size_too_large(sp
, size
);
686 ret
= krb5_data_alloc (data
, size
);
690 ret
= sp
->fetch(sp
, data
->data
, size
);
692 return (ret
< 0)? errno
: sp
->eof_code
;
698 * Store a string to the buffer. The data is formated as an len:uint32
699 * plus the string itself (not padded).
701 * @param sp the storage buffer to write to
702 * @param s the string to store.
704 * @return 0 on success, a Kerberos 5 error code on failure.
706 * @ingroup krb5_storage
709 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
710 krb5_store_string(krb5_storage
*sp
, const char *s
)
713 data
.length
= strlen(s
);
714 data
.data
= rk_UNCONST(s
);
715 return krb5_store_data(sp
, data
);
719 * Parse a string from the storage.
721 * @param sp the storage buffer to read from
722 * @param string the parsed string
724 * @return 0 on success, a Kerberos 5 error code on failure.
726 * @ingroup krb5_storage
730 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
731 krb5_ret_string(krb5_storage
*sp
,
736 ret
= krb5_ret_data(sp
, &data
);
739 *string
= realloc(data
.data
, data
.length
+ 1);
744 (*string
)[data
.length
] = 0;
749 * Store a zero terminated string to the buffer. The data is stored
750 * one character at a time until a NUL is stored.
752 * @param sp the storage buffer to write to
753 * @param s the string to store.
755 * @return 0 on success, a Kerberos 5 error code on failure.
757 * @ingroup krb5_storage
760 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
761 krb5_store_stringz(krb5_storage
*sp
, const char *s
)
763 size_t len
= strlen(s
) + 1;
766 ret
= sp
->store(sp
, s
, len
);
769 if((size_t)ret
!= len
)
775 * Parse zero terminated string from the storage.
777 * @param sp the storage buffer to read from
778 * @param string the parsed string
780 * @return 0 on success, a Kerberos 5 error code on failure.
782 * @ingroup krb5_storage
785 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
786 krb5_ret_stringz(krb5_storage
*sp
,
794 while((ret
= sp
->fetch(sp
, &c
, 1)) == 1){
798 ret
= size_too_large(sp
, len
);
801 tmp
= realloc (s
, len
);
821 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
822 krb5_store_stringnl(krb5_storage
*sp
, const char *s
)
824 size_t len
= strlen(s
);
827 ret
= sp
->store(sp
, s
, len
);
830 if((size_t)ret
!= len
)
832 ret
= sp
->store(sp
, "\n", 1);
844 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
845 krb5_ret_stringnl(krb5_storage
*sp
,
854 while((ret
= sp
->fetch(sp
, &c
, 1)) == 1){
861 if (expect_nl
&& c
!= '\n') {
863 return KRB5_BADMSGTYPE
;
867 ret
= size_too_large(sp
, len
);
870 tmp
= realloc (s
, len
);
893 * Write a principal block to storage.
895 * @param sp the storage buffer to write to
896 * @param p the principal block to write.
898 * @return 0 on success, a Kerberos 5 error code on failure.
900 * @ingroup krb5_storage
903 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
904 krb5_store_principal(krb5_storage
*sp
,
905 krb5_const_principal p
)
910 if(!krb5_storage_is_flags(sp
, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE
)) {
911 ret
= krb5_store_int32(sp
, p
->name
.name_type
);
914 if(krb5_storage_is_flags(sp
, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS
))
915 ret
= krb5_store_int32(sp
, p
->name
.name_string
.len
+ 1);
917 ret
= krb5_store_int32(sp
, p
->name
.name_string
.len
);
920 ret
= krb5_store_string(sp
, p
->realm
);
922 for(i
= 0; i
< p
->name
.name_string
.len
; i
++){
923 ret
= krb5_store_string(sp
, p
->name
.name_string
.val
[i
]);
930 * Parse principal from the storage.
932 * @param sp the storage buffer to read from
933 * @param princ the parsed principal
935 * @return 0 on success, a Kerberos 5 error code on failure.
937 * @ingroup krb5_storage
940 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
941 krb5_ret_principal(krb5_storage
*sp
,
942 krb5_principal
*princ
)
950 p
= calloc(1, sizeof(*p
));
954 if(krb5_storage_is_flags(sp
, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE
))
955 type
= KRB5_NT_UNKNOWN
;
956 else if((ret
= krb5_ret_int32(sp
, &type
))){
960 if((ret
= krb5_ret_int32(sp
, &ncomp
))){
964 if(krb5_storage_is_flags(sp
, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS
))
970 ret
= size_too_large_num(sp
, ncomp
, sizeof(p
->name
.name_string
.val
[0]));
975 p
->name
.name_type
= type
;
976 p
->name
.name_string
.len
= ncomp
;
977 ret
= krb5_ret_string(sp
, &p
->realm
);
982 p
->name
.name_string
.val
= calloc(ncomp
, sizeof(p
->name
.name_string
.val
[0]));
983 if(p
->name
.name_string
.val
== NULL
&& ncomp
!= 0){
988 for(i
= 0; i
< ncomp
; i
++){
989 ret
= krb5_ret_string(sp
, &p
->name
.name_string
.val
[i
]);
992 free(p
->name
.name_string
.val
[i
--]);
1003 * Store a keyblock to the storage.
1005 * @param sp the storage buffer to write to
1006 * @param p the keyblock to write
1008 * @return 0 on success, a Kerberos 5 error code on failure.
1010 * @ingroup krb5_storage
1013 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1014 krb5_store_keyblock(krb5_storage
*sp
, krb5_keyblock p
)
1017 ret
= krb5_store_int16(sp
, p
.keytype
);
1020 if(krb5_storage_is_flags(sp
, KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE
)){
1021 /* this should really be enctype, but it is the same as
1023 ret
= krb5_store_int16(sp
, p
.keytype
);
1027 ret
= krb5_store_data(sp
, p
.keyvalue
);
1032 * Read a keyblock from the storage.
1034 * @param sp the storage buffer to write to
1035 * @param p the keyblock read from storage, free using krb5_free_keyblock()
1037 * @return 0 on success, a Kerberos 5 error code on failure.
1039 * @ingroup krb5_storage
1042 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1043 krb5_ret_keyblock(krb5_storage
*sp
, krb5_keyblock
*p
)
1048 ret
= krb5_ret_int16(sp
, &tmp
);
1052 if(krb5_storage_is_flags(sp
, KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE
)){
1053 ret
= krb5_ret_int16(sp
, &tmp
);
1057 ret
= krb5_ret_data(sp
, &p
->keyvalue
);
1062 * Write a times block to storage.
1064 * @param sp the storage buffer to write to
1065 * @param times the times block to write.
1067 * @return 0 on success, a Kerberos 5 error code on failure.
1069 * @ingroup krb5_storage
1072 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1073 krb5_store_times(krb5_storage
*sp
, krb5_times times
)
1076 ret
= krb5_store_int32(sp
, times
.authtime
);
1078 ret
= krb5_store_int32(sp
, times
.starttime
);
1080 ret
= krb5_store_int32(sp
, times
.endtime
);
1082 ret
= krb5_store_int32(sp
, times
.renew_till
);
1087 * Read a times block from the storage.
1089 * @param sp the storage buffer to write to
1090 * @param times the times block read from storage
1092 * @return 0 on success, a Kerberos 5 error code on failure.
1094 * @ingroup krb5_storage
1097 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1098 krb5_ret_times(krb5_storage
*sp
, krb5_times
*times
)
1102 ret
= krb5_ret_int32(sp
, &tmp
);
1103 times
->authtime
= tmp
;
1105 ret
= krb5_ret_int32(sp
, &tmp
);
1106 times
->starttime
= tmp
;
1108 ret
= krb5_ret_int32(sp
, &tmp
);
1109 times
->endtime
= tmp
;
1111 ret
= krb5_ret_int32(sp
, &tmp
);
1112 times
->renew_till
= tmp
;
1117 * Write a address block to storage.
1119 * @param sp the storage buffer to write to
1120 * @param p the address block to write.
1122 * @return 0 on success, a Kerberos 5 error code on failure.
1124 * @ingroup krb5_storage
1127 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1128 krb5_store_address(krb5_storage
*sp
, krb5_address p
)
1131 ret
= krb5_store_int16(sp
, p
.addr_type
);
1133 ret
= krb5_store_data(sp
, p
.address
);
1138 * Read a address block from the storage.
1140 * @param sp the storage buffer to write to
1141 * @param adr the address block read from storage
1143 * @return 0 on success, a Kerberos 5 error code on failure.
1145 * @ingroup krb5_storage
1148 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1149 krb5_ret_address(krb5_storage
*sp
, krb5_address
*adr
)
1153 ret
= krb5_ret_int16(sp
, &t
);
1156 ret
= krb5_ret_data(sp
, &adr
->address
);
1161 * Write a addresses block to storage.
1163 * @param sp the storage buffer to write to
1164 * @param p the addresses block to write.
1166 * @return 0 on success, a Kerberos 5 error code on failure.
1168 * @ingroup krb5_storage
1171 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1172 krb5_store_addrs(krb5_storage
*sp
, krb5_addresses p
)
1176 ret
= krb5_store_int32(sp
, p
.len
);
1178 for(i
= 0; i
<p
.len
; i
++){
1179 ret
= krb5_store_address(sp
, p
.val
[i
]);
1186 * Read a addresses block from the storage.
1188 * @param sp the storage buffer to write to
1189 * @param adr the addresses block read from storage
1191 * @return 0 on success, a Kerberos 5 error code on failure.
1193 * @ingroup krb5_storage
1196 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1197 krb5_ret_addrs(krb5_storage
*sp
, krb5_addresses
*adr
)
1203 ret
= krb5_ret_int32(sp
, &tmp
);
1205 ret
= size_too_large_num(sp
, tmp
, sizeof(adr
->val
[0]));
1206 if (ret
) return ret
;
1208 ALLOC(adr
->val
, adr
->len
);
1209 if (adr
->val
== NULL
&& adr
->len
!= 0)
1211 for(i
= 0; i
< adr
->len
; i
++){
1212 ret
= krb5_ret_address(sp
, &adr
->val
[i
]);
1219 * Write a auth data block to storage.
1221 * @param sp the storage buffer to write to
1222 * @param auth the auth data block to write.
1224 * @return 0 on success, a Kerberos 5 error code on failure.
1226 * @ingroup krb5_storage
1229 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1230 krb5_store_authdata(krb5_storage
*sp
, krb5_authdata auth
)
1232 krb5_error_code ret
;
1234 ret
= krb5_store_int32(sp
, auth
.len
);
1236 for(i
= 0; i
< auth
.len
; i
++){
1237 ret
= krb5_store_int16(sp
, auth
.val
[i
].ad_type
);
1239 ret
= krb5_store_data(sp
, auth
.val
[i
].ad_data
);
1246 * Read a auth data from the storage.
1248 * @param sp the storage buffer to write to
1249 * @param auth the auth data block read from storage
1251 * @return 0 on success, a Kerberos 5 error code on failure.
1253 * @ingroup krb5_storage
1256 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1257 krb5_ret_authdata(krb5_storage
*sp
, krb5_authdata
*auth
)
1259 krb5_error_code ret
;
1263 ret
= krb5_ret_int32(sp
, &tmp
);
1265 ret
= size_too_large_num(sp
, tmp
, sizeof(auth
->val
[0]));
1266 if (ret
) return ret
;
1267 ALLOC_SEQ(auth
, tmp
);
1268 if (auth
->val
== NULL
&& tmp
!= 0)
1270 for(i
= 0; i
< tmp
; i
++){
1271 ret
= krb5_ret_int16(sp
, &tmp2
);
1273 auth
->val
[i
].ad_type
= tmp2
;
1274 ret
= krb5_ret_data(sp
, &auth
->val
[i
].ad_data
);
1281 bitswap32(int32_t b
)
1285 for (i
= 0; i
< 32; i
++) {
1286 r
= r
<< 1 | (b
& 1);
1293 * Write a credentials block to storage.
1295 * @param sp the storage buffer to write to
1296 * @param creds the creds block to write.
1298 * @return 0 on success, a Kerberos 5 error code on failure.
1300 * @ingroup krb5_storage
1303 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1304 krb5_store_creds(krb5_storage
*sp
, krb5_creds
*creds
)
1308 ret
= krb5_store_principal(sp
, creds
->client
);
1311 ret
= krb5_store_principal(sp
, creds
->server
);
1314 ret
= krb5_store_keyblock(sp
, creds
->session
);
1317 ret
= krb5_store_times(sp
, creds
->times
);
1320 ret
= krb5_store_int8(sp
, creds
->second_ticket
.length
!= 0); /* is_skey */
1324 if(krb5_storage_is_flags(sp
, KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER
))
1325 ret
= krb5_store_int32(sp
, creds
->flags
.i
);
1327 ret
= krb5_store_int32(sp
, bitswap32(TicketFlags2int(creds
->flags
.b
)));
1331 ret
= krb5_store_addrs(sp
, creds
->addresses
);
1334 ret
= krb5_store_authdata(sp
, creds
->authdata
);
1337 ret
= krb5_store_data(sp
, creds
->ticket
);
1340 ret
= krb5_store_data(sp
, creds
->second_ticket
);
1345 * Read a credentials block from the storage.
1347 * @param sp the storage buffer to write to
1348 * @param creds the credentials block read from storage
1350 * @return 0 on success, a Kerberos 5 error code on failure.
1352 * @ingroup krb5_storage
1355 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1356 krb5_ret_creds(krb5_storage
*sp
, krb5_creds
*creds
)
1358 krb5_error_code ret
;
1362 memset(creds
, 0, sizeof(*creds
));
1363 ret
= krb5_ret_principal (sp
, &creds
->client
);
1364 if(ret
) goto cleanup
;
1365 ret
= krb5_ret_principal (sp
, &creds
->server
);
1366 if(ret
) goto cleanup
;
1367 ret
= krb5_ret_keyblock (sp
, &creds
->session
);
1368 if(ret
) goto cleanup
;
1369 ret
= krb5_ret_times (sp
, &creds
->times
);
1370 if(ret
) goto cleanup
;
1371 ret
= krb5_ret_int8 (sp
, &dummy8
);
1372 if(ret
) goto cleanup
;
1373 ret
= krb5_ret_int32 (sp
, &dummy32
);
1374 if(ret
) goto cleanup
;
1376 * Runtime detect the what is the higher bits of the bitfield. If
1377 * any of the higher bits are set in the input data, it's either a
1378 * new ticket flag (and this code need to be removed), or it's a
1379 * MIT cache (or new Heimdal cache), lets change it to our current
1383 uint32_t mask
= 0xffff0000;
1385 creds
->flags
.b
.anonymous
= 1;
1386 if (creds
->flags
.i
& mask
)
1389 dummy32
= bitswap32(dummy32
);
1391 creds
->flags
.i
= dummy32
;
1392 ret
= krb5_ret_addrs (sp
, &creds
->addresses
);
1393 if(ret
) goto cleanup
;
1394 ret
= krb5_ret_authdata (sp
, &creds
->authdata
);
1395 if(ret
) goto cleanup
;
1396 ret
= krb5_ret_data (sp
, &creds
->ticket
);
1397 if(ret
) goto cleanup
;
1398 ret
= krb5_ret_data (sp
, &creds
->second_ticket
);
1402 krb5_free_cred_contents(context
, creds
); /* XXX */
1408 #define SC_CLIENT_PRINCIPAL 0x0001
1409 #define SC_SERVER_PRINCIPAL 0x0002
1410 #define SC_SESSION_KEY 0x0004
1411 #define SC_TICKET 0x0008
1412 #define SC_SECOND_TICKET 0x0010
1413 #define SC_AUTHDATA 0x0020
1414 #define SC_ADDRESSES 0x0040
1417 * Write a tagged credentials block to storage.
1419 * @param sp the storage buffer to write to
1420 * @param creds the creds block to write.
1422 * @return 0 on success, a Kerberos 5 error code on failure.
1424 * @ingroup krb5_storage
1427 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1428 krb5_store_creds_tag(krb5_storage
*sp
, krb5_creds
*creds
)
1434 header
|= SC_CLIENT_PRINCIPAL
;
1436 header
|= SC_SERVER_PRINCIPAL
;
1437 if (creds
->session
.keytype
!= ETYPE_NULL
)
1438 header
|= SC_SESSION_KEY
;
1439 if (creds
->ticket
.data
)
1440 header
|= SC_TICKET
;
1441 if (creds
->second_ticket
.length
)
1442 header
|= SC_SECOND_TICKET
;
1443 if (creds
->authdata
.len
)
1444 header
|= SC_AUTHDATA
;
1445 if (creds
->addresses
.len
)
1446 header
|= SC_ADDRESSES
;
1448 ret
= krb5_store_int32(sp
, header
);
1452 if (creds
->client
) {
1453 ret
= krb5_store_principal(sp
, creds
->client
);
1458 if (creds
->server
) {
1459 ret
= krb5_store_principal(sp
, creds
->server
);
1464 if (creds
->session
.keytype
!= ETYPE_NULL
) {
1465 ret
= krb5_store_keyblock(sp
, creds
->session
);
1470 ret
= krb5_store_times(sp
, creds
->times
);
1473 ret
= krb5_store_int8(sp
, creds
->second_ticket
.length
!= 0); /* is_skey */
1477 ret
= krb5_store_int32(sp
, bitswap32(TicketFlags2int(creds
->flags
.b
)));
1481 if (creds
->addresses
.len
) {
1482 ret
= krb5_store_addrs(sp
, creds
->addresses
);
1487 if (creds
->authdata
.len
) {
1488 ret
= krb5_store_authdata(sp
, creds
->authdata
);
1493 if (creds
->ticket
.data
) {
1494 ret
= krb5_store_data(sp
, creds
->ticket
);
1499 if (creds
->second_ticket
.data
) {
1500 ret
= krb5_store_data(sp
, creds
->second_ticket
);
1509 * Read a tagged credentials block from the storage.
1511 * @param sp the storage buffer to write to
1512 * @param creds the credentials block read from storage
1514 * @return 0 on success, a Kerberos 5 error code on failure.
1516 * @ingroup krb5_storage
1519 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1520 krb5_ret_creds_tag(krb5_storage
*sp
,
1523 krb5_error_code ret
;
1525 int32_t dummy32
, header
;
1527 memset(creds
, 0, sizeof(*creds
));
1529 ret
= krb5_ret_int32 (sp
, &header
);
1530 if (ret
) goto cleanup
;
1532 if (header
& SC_CLIENT_PRINCIPAL
) {
1533 ret
= krb5_ret_principal (sp
, &creds
->client
);
1534 if(ret
) goto cleanup
;
1536 if (header
& SC_SERVER_PRINCIPAL
) {
1537 ret
= krb5_ret_principal (sp
, &creds
->server
);
1538 if(ret
) goto cleanup
;
1540 if (header
& SC_SESSION_KEY
) {
1541 ret
= krb5_ret_keyblock (sp
, &creds
->session
);
1542 if(ret
) goto cleanup
;
1544 ret
= krb5_ret_times (sp
, &creds
->times
);
1545 if(ret
) goto cleanup
;
1546 ret
= krb5_ret_int8 (sp
, &dummy8
);
1547 if(ret
) goto cleanup
;
1548 ret
= krb5_ret_int32 (sp
, &dummy32
);
1549 if(ret
) goto cleanup
;
1551 * Runtime detect the what is the higher bits of the bitfield. If
1552 * any of the higher bits are set in the input data, it's either a
1553 * new ticket flag (and this code need to be removed), or it's a
1554 * MIT cache (or new Heimdal cache), lets change it to our current
1558 uint32_t mask
= 0xffff0000;
1560 creds
->flags
.b
.anonymous
= 1;
1561 if (creds
->flags
.i
& mask
)
1564 dummy32
= bitswap32(dummy32
);
1566 creds
->flags
.i
= dummy32
;
1567 if (header
& SC_ADDRESSES
) {
1568 ret
= krb5_ret_addrs (sp
, &creds
->addresses
);
1569 if(ret
) goto cleanup
;
1571 if (header
& SC_AUTHDATA
) {
1572 ret
= krb5_ret_authdata (sp
, &creds
->authdata
);
1573 if(ret
) goto cleanup
;
1575 if (header
& SC_TICKET
) {
1576 ret
= krb5_ret_data (sp
, &creds
->ticket
);
1577 if(ret
) goto cleanup
;
1579 if (header
& SC_SECOND_TICKET
) {
1580 ret
= krb5_ret_data (sp
, &creds
->second_ticket
);
1581 if(ret
) goto cleanup
;
1587 krb5_free_cred_contents(context
, creds
); /* XXX */