2 * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
39 hdb_principal2key(krb5_context context
, krb5_const_principal p
, krb5_data
*key
)
45 ret
= copy_Principal(p
, &new);
48 new.name
.name_type
= 0;
50 ASN1_MALLOC_ENCODE(Principal
, key
->data
, key
->length
, &new, &len
, ret
);
51 if (ret
== 0 && key
->length
!= len
)
52 krb5_abortx(context
, "internal asn.1 encoder error");
58 hdb_key2principal(krb5_context context
, krb5_data
*key
, krb5_principal p
)
60 return decode_Principal(key
->data
, key
->length
, p
, NULL
);
64 hdb_entry2value(krb5_context context
, const hdb_entry
*ent
, krb5_data
*value
)
69 ASN1_MALLOC_ENCODE(hdb_entry
, value
->data
, value
->length
, ent
, &len
, ret
);
70 if (ret
== 0 && value
->length
!= len
)
71 krb5_abortx(context
, "internal asn.1 encoder error");
76 hdb_value2entry(krb5_context context
, krb5_data
*value
, hdb_entry
*ent
)
78 return decode_hdb_entry(value
->data
, value
->length
, ent
, NULL
);
82 hdb_entry_alias2value(krb5_context context
,
83 const hdb_entry_alias
*alias
,
89 ASN1_MALLOC_ENCODE(hdb_entry_alias
, value
->data
, value
->length
,
91 if (ret
== 0 && value
->length
!= len
)
92 krb5_abortx(context
, "internal asn.1 encoder error");
97 hdb_value2entry_alias(krb5_context context
, krb5_data
*value
,
100 return decode_hdb_entry_alias(value
->data
, value
->length
, ent
, NULL
);
104 _hdb_fetch(krb5_context context
, HDB
*db
, krb5_const_principal principal
,
105 unsigned flags
, hdb_entry_ex
*entry
)
107 krb5_data key
, value
;
110 hdb_principal2key(context
, principal
, &key
);
111 code
= db
->hdb__get(context
, db
, key
, &value
);
112 krb5_data_free(&key
);
115 code
= hdb_value2entry(context
, &value
, &entry
->entry
);
116 if (code
== ASN1_BAD_ID
&& (flags
& HDB_F_CANON
) == 0) {
117 krb5_data_free(&value
);
118 return HDB_ERR_NOENTRY
;
119 } else if (code
== ASN1_BAD_ID
) {
120 hdb_entry_alias alias
;
122 code
= hdb_value2entry_alias(context
, &value
, &alias
);
124 krb5_data_free(&value
);
127 hdb_principal2key(context
, alias
.principal
, &key
);
128 krb5_data_free(&value
);
129 free_hdb_entry_alias(&alias
);
131 code
= db
->hdb__get(context
, db
, key
, &value
);
132 krb5_data_free(&key
);
135 code
= hdb_value2entry(context
, &value
, &entry
->entry
);
137 krb5_data_free(&value
);
141 krb5_data_free(&value
);
142 if (db
->hdb_master_key_set
&& (flags
& HDB_F_DECRYPT
)) {
143 code
= hdb_unseal_keys (context
, db
, &entry
->entry
);
145 hdb_free_entry(context
, entry
);
150 static krb5_error_code
151 hdb_remove_aliases(krb5_context context
, HDB
*db
, krb5_data
*key
)
153 const HDB_Ext_Aliases
*aliases
;
154 krb5_error_code code
;
159 code
= db
->hdb__get(context
, db
, *key
, &value
);
160 if (code
== HDB_ERR_NOENTRY
)
165 code
= hdb_value2entry(context
, &value
, &oldentry
);
166 krb5_data_free(&value
);
170 code
= hdb_entry_get_aliases(&oldentry
, &aliases
);
171 if (code
|| aliases
== NULL
) {
172 free_hdb_entry(&oldentry
);
175 for (i
= 0; i
< aliases
->aliases
.len
; i
++) {
178 hdb_principal2key(context
, &aliases
->aliases
.val
[i
], &akey
);
179 code
= db
->hdb__del(context
, db
, akey
);
180 krb5_data_free(&akey
);
182 free_hdb_entry(&oldentry
);
186 free_hdb_entry(&oldentry
);
190 static krb5_error_code
191 hdb_add_aliases(krb5_context context
, HDB
*db
,
192 unsigned flags
, hdb_entry_ex
*entry
)
194 const HDB_Ext_Aliases
*aliases
;
195 krb5_error_code code
;
196 krb5_data key
, value
;
199 code
= hdb_entry_get_aliases(&entry
->entry
, &aliases
);
200 if (code
|| aliases
== NULL
)
203 for (i
= 0; i
< aliases
->aliases
.len
; i
++) {
204 hdb_entry_alias entryalias
;
205 entryalias
.principal
= entry
->entry
.principal
;
207 hdb_principal2key(context
, &aliases
->aliases
.val
[i
], &key
);
208 code
= hdb_entry_alias2value(context
, &entryalias
, &value
);
210 krb5_data_free(&key
);
213 code
= db
->hdb__put(context
, db
, flags
, key
, value
);
214 krb5_data_free(&key
);
215 krb5_data_free(&value
);
223 _hdb_store(krb5_context context
, HDB
*db
, unsigned flags
, hdb_entry_ex
*entry
)
225 krb5_data key
, value
;
228 if(entry
->entry
.generation
== NULL
) {
230 entry
->entry
.generation
= malloc(sizeof(*entry
->entry
.generation
));
231 if(entry
->entry
.generation
== NULL
) {
232 krb5_set_error_string(context
, "malloc: out of memory");
235 gettimeofday(&t
, NULL
);
236 entry
->entry
.generation
->time
= t
.tv_sec
;
237 entry
->entry
.generation
->usec
= t
.tv_usec
;
238 entry
->entry
.generation
->gen
= 0;
240 entry
->entry
.generation
->gen
++;
241 hdb_principal2key(context
, entry
->entry
.principal
, &key
);
242 code
= hdb_seal_keys(context
, db
, &entry
->entry
);
244 krb5_data_free(&key
);
249 code
= hdb_remove_aliases(context
, db
, &key
);
251 krb5_data_free(&key
);
254 hdb_entry2value(context
, &entry
->entry
, &value
);
255 code
= db
->hdb__put(context
, db
, flags
& HDB_F_REPLACE
, key
, value
);
256 krb5_data_free(&value
);
257 krb5_data_free(&key
);
261 code
= hdb_add_aliases(context
, db
, flags
, entry
);
267 _hdb_remove(krb5_context context
, HDB
*db
, krb5_const_principal principal
)
272 hdb_principal2key(context
, principal
, &key
);
274 code
= hdb_remove_aliases(context
, db
, &key
);
276 krb5_data_free(&key
);
279 code
= db
->hdb__del(context
, db
, key
);
280 krb5_data_free(&key
);