2 * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "krb5_locl.h"
36 RCSID("$Id: auth_context.c,v 1.59 2002/09/02 17:11:02 joda Exp $");
39 krb5_auth_con_init(krb5_context context
,
40 krb5_auth_context
*auth_context
)
46 krb5_set_error_string(context
, "malloc: out of memory");
49 memset(p
, 0, sizeof(*p
));
50 ALLOC(p
->authenticator
, 1);
51 if (!p
->authenticator
) {
52 krb5_set_error_string(context
, "malloc: out of memory");
56 memset (p
->authenticator
, 0, sizeof(*p
->authenticator
));
57 p
->flags
= KRB5_AUTH_CONTEXT_DO_TIME
;
59 p
->local_address
= NULL
;
60 p
->remote_address
= NULL
;
63 p
->keytype
= KEYTYPE_NULL
;
64 p
->cksumtype
= CKSUMTYPE_NONE
;
70 krb5_auth_con_free(krb5_context context
,
71 krb5_auth_context auth_context
)
73 if (auth_context
!= NULL
) {
74 krb5_free_authenticator(context
, &auth_context
->authenticator
);
75 if(auth_context
->local_address
){
76 free_HostAddress(auth_context
->local_address
);
77 free(auth_context
->local_address
);
79 if(auth_context
->remote_address
){
80 free_HostAddress(auth_context
->remote_address
);
81 free(auth_context
->remote_address
);
83 krb5_free_keyblock(context
, auth_context
->keyblock
);
84 krb5_free_keyblock(context
, auth_context
->remote_subkey
);
85 krb5_free_keyblock(context
, auth_context
->local_subkey
);
92 krb5_auth_con_setflags(krb5_context context
,
93 krb5_auth_context auth_context
,
96 auth_context
->flags
= flags
;
102 krb5_auth_con_getflags(krb5_context context
,
103 krb5_auth_context auth_context
,
106 *flags
= auth_context
->flags
;
112 krb5_auth_con_setaddrs(krb5_context context
,
113 krb5_auth_context auth_context
,
114 krb5_address
*local_addr
,
115 krb5_address
*remote_addr
)
118 if (auth_context
->local_address
)
119 krb5_free_address (context
, auth_context
->local_address
);
121 auth_context
->local_address
= malloc(sizeof(krb5_address
));
122 krb5_copy_address(context
, local_addr
, auth_context
->local_address
);
125 if (auth_context
->remote_address
)
126 krb5_free_address (context
, auth_context
->remote_address
);
128 auth_context
->remote_address
= malloc(sizeof(krb5_address
));
129 krb5_copy_address(context
, remote_addr
, auth_context
->remote_address
);
135 krb5_auth_con_genaddrs(krb5_context context
,
136 krb5_auth_context auth_context
,
140 krb5_address local_k_address
, remote_k_address
;
141 krb5_address
*lptr
= NULL
, *rptr
= NULL
;
142 struct sockaddr_storage ss_local
, ss_remote
;
143 struct sockaddr
*local
= (struct sockaddr
*)&ss_local
;
144 struct sockaddr
*remote
= (struct sockaddr
*)&ss_remote
;
147 if(flags
& KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR
) {
148 if (auth_context
->local_address
== NULL
) {
149 len
= sizeof(ss_local
);
150 if(getsockname(fd
, local
, &len
) < 0) {
152 krb5_set_error_string (context
, "getsockname: %s",
156 ret
= krb5_sockaddr2address (context
, local
, &local_k_address
);
158 if(flags
& KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR
) {
159 krb5_sockaddr2port (context
, local
, &auth_context
->local_port
);
161 auth_context
->local_port
= 0;
162 lptr
= &local_k_address
;
165 if(flags
& KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR
) {
166 len
= sizeof(ss_remote
);
167 if(getpeername(fd
, remote
, &len
) < 0) {
169 krb5_set_error_string (context
, "getpeername: %s", strerror(ret
));
172 ret
= krb5_sockaddr2address (context
, remote
, &remote_k_address
);
174 if(flags
& KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR
) {
175 krb5_sockaddr2port (context
, remote
, &auth_context
->remote_port
);
177 auth_context
->remote_port
= 0;
178 rptr
= &remote_k_address
;
180 ret
= krb5_auth_con_setaddrs (context
,
186 krb5_free_address (context
, lptr
);
188 krb5_free_address (context
, rptr
);
194 krb5_auth_con_setaddrs_from_fd (krb5_context context
,
195 krb5_auth_context auth_context
,
198 int fd
= *(int*)p_fd
;
200 if(auth_context
->local_address
== NULL
)
201 flags
|= KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR
;
202 if(auth_context
->remote_address
== NULL
)
203 flags
|= KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR
;
204 return krb5_auth_con_genaddrs(context
, auth_context
, fd
, flags
);
208 krb5_auth_con_getaddrs(krb5_context context
,
209 krb5_auth_context auth_context
,
210 krb5_address
**local_addr
,
211 krb5_address
**remote_addr
)
214 krb5_free_address (context
, *local_addr
);
215 *local_addr
= malloc (sizeof(**local_addr
));
216 if (*local_addr
== NULL
) {
217 krb5_set_error_string(context
, "malloc: out of memory");
220 krb5_copy_address(context
,
221 auth_context
->local_address
,
225 krb5_free_address (context
, *remote_addr
);
226 *remote_addr
= malloc (sizeof(**remote_addr
));
227 if (*remote_addr
== NULL
) {
228 krb5_set_error_string(context
, "malloc: out of memory");
229 krb5_free_address (context
, *local_addr
);
233 krb5_copy_address(context
,
234 auth_context
->remote_address
,
239 static krb5_error_code
240 copy_key(krb5_context context
,
245 return krb5_copy_keyblock(context
, in
, out
);
246 *out
= NULL
; /* is this right? */
251 krb5_auth_con_getkey(krb5_context context
,
252 krb5_auth_context auth_context
,
253 krb5_keyblock
**keyblock
)
255 return copy_key(context
, auth_context
->keyblock
, keyblock
);
259 krb5_auth_con_getlocalsubkey(krb5_context context
,
260 krb5_auth_context auth_context
,
261 krb5_keyblock
**keyblock
)
263 return copy_key(context
, auth_context
->local_subkey
, keyblock
);
267 krb5_auth_con_getremotesubkey(krb5_context context
,
268 krb5_auth_context auth_context
,
269 krb5_keyblock
**keyblock
)
271 return copy_key(context
, auth_context
->remote_subkey
, keyblock
);
275 krb5_auth_con_setkey(krb5_context context
,
276 krb5_auth_context auth_context
,
277 krb5_keyblock
*keyblock
)
279 if(auth_context
->keyblock
)
280 krb5_free_keyblock(context
, auth_context
->keyblock
);
281 return copy_key(context
, keyblock
, &auth_context
->keyblock
);
285 krb5_auth_con_setlocalsubkey(krb5_context context
,
286 krb5_auth_context auth_context
,
287 krb5_keyblock
*keyblock
)
289 if(auth_context
->local_subkey
)
290 krb5_free_keyblock(context
, auth_context
->local_subkey
);
291 return copy_key(context
, keyblock
, &auth_context
->local_subkey
);
295 krb5_auth_con_generatelocalsubkey(krb5_context context
,
296 krb5_auth_context auth_context
,
300 krb5_keyblock
*subkey
;
302 ret
= krb5_generate_subkey (context
, key
, &subkey
);
305 if(auth_context
->local_subkey
)
306 krb5_free_keyblock(context
, auth_context
->local_subkey
);
307 auth_context
->local_subkey
= subkey
;
313 krb5_auth_con_setremotesubkey(krb5_context context
,
314 krb5_auth_context auth_context
,
315 krb5_keyblock
*keyblock
)
317 if(auth_context
->remote_subkey
)
318 krb5_free_keyblock(context
, auth_context
->remote_subkey
);
319 return copy_key(context
, keyblock
, &auth_context
->remote_subkey
);
323 krb5_auth_con_setcksumtype(krb5_context context
,
324 krb5_auth_context auth_context
,
325 krb5_cksumtype cksumtype
)
327 auth_context
->cksumtype
= cksumtype
;
332 krb5_auth_con_getcksumtype(krb5_context context
,
333 krb5_auth_context auth_context
,
334 krb5_cksumtype
*cksumtype
)
336 *cksumtype
= auth_context
->cksumtype
;
341 krb5_auth_con_setkeytype (krb5_context context
,
342 krb5_auth_context auth_context
,
343 krb5_keytype keytype
)
345 auth_context
->keytype
= keytype
;
350 krb5_auth_con_getkeytype (krb5_context context
,
351 krb5_auth_context auth_context
,
352 krb5_keytype
*keytype
)
354 *keytype
= auth_context
->keytype
;
360 krb5_auth_con_setenctype(krb5_context context
,
361 krb5_auth_context auth_context
,
364 if(auth_context
->keyblock
)
365 krb5_free_keyblock(context
, auth_context
->keyblock
);
366 ALLOC(auth_context
->keyblock
, 1);
367 if(auth_context
->keyblock
== NULL
)
369 auth_context
->keyblock
->keytype
= etype
;
374 krb5_auth_con_getenctype(krb5_context context
,
375 krb5_auth_context auth_context
,
378 krb5_abortx(context
, "unimplemented krb5_auth_getenctype called");
383 krb5_auth_con_getlocalseqnumber(krb5_context context
,
384 krb5_auth_context auth_context
,
387 *seqnumber
= auth_context
->local_seqnumber
;
392 krb5_auth_con_setlocalseqnumber (krb5_context context
,
393 krb5_auth_context auth_context
,
396 auth_context
->local_seqnumber
= seqnumber
;
401 krb5_auth_getremoteseqnumber(krb5_context context
,
402 krb5_auth_context auth_context
,
405 *seqnumber
= auth_context
->remote_seqnumber
;
410 krb5_auth_con_setremoteseqnumber (krb5_context context
,
411 krb5_auth_context auth_context
,
414 auth_context
->remote_seqnumber
= seqnumber
;
420 krb5_auth_con_getauthenticator(krb5_context context
,
421 krb5_auth_context auth_context
,
422 krb5_authenticator
*authenticator
)
424 *authenticator
= malloc(sizeof(**authenticator
));
425 if (*authenticator
== NULL
) {
426 krb5_set_error_string(context
, "malloc: out of memory");
430 copy_Authenticator(auth_context
->authenticator
,
437 krb5_free_authenticator(krb5_context context
,
438 krb5_authenticator
*authenticator
)
440 free_Authenticator (*authenticator
);
441 free (*authenticator
);
442 *authenticator
= NULL
;
447 krb5_auth_con_setuserkey(krb5_context context
,
448 krb5_auth_context auth_context
,
449 krb5_keyblock
*keyblock
)
451 if(auth_context
->keyblock
)
452 krb5_free_keyblock(context
, auth_context
->keyblock
);
453 return krb5_copy_keyblock(context
, keyblock
, &auth_context
->keyblock
);
457 krb5_auth_con_getrcache(krb5_context context
,
458 krb5_auth_context auth_context
,
461 *rcache
= auth_context
->rcache
;
466 krb5_auth_con_setrcache(krb5_context context
,
467 krb5_auth_context auth_context
,
470 auth_context
->rcache
= rcache
;
474 #if 0 /* not implemented */
477 krb5_auth_con_initivector(krb5_context context
,
478 krb5_auth_context auth_context
)
480 krb5_abortx(context
, "unimplemented krb5_auth_con_initivector called");
485 krb5_auth_con_setivector(krb5_context context
,
486 krb5_auth_context auth_context
,
487 krb5_pointer ivector
)
489 krb5_abortx(context
, "unimplemented krb5_auth_con_setivector called");
492 #endif /* not implemented */