search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Move kadmin and ktutil to /usr/bin.
[heimdal.git] / lib / krb5 / store.c
blob21536f7b4587a59f63714cb172228fe3d0fb605b
1 /*
2 * Copyright (c) 1997-2008 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #include "krb5_locl.h"
35 #include "store-int.h"
36
37 #define BYTEORDER_IS(SP, V) (((SP)->flags & KRB5_STORAGE_BYTEORDER_MASK) == (V))
38 #define BYTEORDER_IS_LE(SP) BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_LE)
39 #define BYTEORDER_IS_BE(SP) BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_BE)
40 #define BYTEORDER_IS_HOST(SP) (BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_HOST) || \
41 krb5_storage_is_flags((SP), KRB5_STORAGE_HOST_BYTEORDER))
42
43 /**
44 * Add the flags on a storage buffer by or-ing in the flags to the buffer.
45 *
46 * @param sp the storage buffer to set the flags on
47 * @param flags the flags to set
48 *
49 * @ingroup krb5_storage
50 */
51
52 KRB5_LIB_FUNCTION void KRB5_LIB_CALL
53 krb5_storage_set_flags(krb5_storage *sp, krb5_flags flags)
54 {
55 sp->flags |= flags;
56 }
57
58 /**
59 * Clear the flags on a storage buffer
60 *
61 * @param sp the storage buffer to clear the flags on
62 * @param flags the flags to clear
63 *
64 * @ingroup krb5_storage
65 */
66
67 KRB5_LIB_FUNCTION void KRB5_LIB_CALL
68 krb5_storage_clear_flags(krb5_storage *sp, krb5_flags flags)
69 {
70 sp->flags &= ~flags;
71 }
72
73 /**
74 * Return true or false depending on if the storage flags is set or
75 * not. NB testing for the flag 0 always return true.
76 *
77 * @param sp the storage buffer to check flags on
78 * @param flags The flags to test for
79 *
80 * @return true if all the flags are set, false if not.
81 *
82 * @ingroup krb5_storage
83 */
84
85 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
86 krb5_storage_is_flags(krb5_storage *sp, krb5_flags flags)
87 {
88 return (sp->flags & flags) == flags;
89 }
90
91 /**
92 * Set the new byte order of the storage buffer.
93 *
94 * @param sp the storage buffer to set the byte order for.
95 * @param byteorder the new byte order.
96 *
97 * The byte order are: KRB5_STORAGE_BYTEORDER_BE,
98 * KRB5_STORAGE_BYTEORDER_LE and KRB5_STORAGE_BYTEORDER_HOST.
99 *
100 * @ingroup krb5_storage
101 */
102
103 KRB5_LIB_FUNCTION void KRB5_LIB_CALL
104 krb5_storage_set_byteorder(krb5_storage *sp, krb5_flags byteorder)
105 {
106 sp->flags &= ~KRB5_STORAGE_BYTEORDER_MASK;
107 sp->flags |= byteorder;
108 }
109
110 /**
111 * Return the current byteorder for the buffer. See krb5_storage_set_byteorder() for the list or byte order contants.
112 *
113 * @ingroup krb5_storage
114 */
115
116 KRB5_LIB_FUNCTION krb5_flags KRB5_LIB_CALL
117 krb5_storage_get_byteorder(krb5_storage *sp)
118 {
119 return sp->flags & KRB5_STORAGE_BYTEORDER_MASK;
120 }
121
122 /**
123 * Set the max alloc value
124 *
125 * @param sp the storage buffer set the max allow for
126 * @param size maximum size to allocate, use 0 to remove limit
127 *
128 * @ingroup krb5_storage
129 */
130
131 KRB5_LIB_FUNCTION void KRB5_LIB_CALL
132 krb5_storage_set_max_alloc(krb5_storage *sp, size_t size)
133 {
134 sp->max_alloc = size;
135 }
136
137 /* don't allocate unresonable amount of memory */
138 static krb5_error_code
139 size_too_large(krb5_storage *sp, size_t size)
140 {
141 if (sp->max_alloc && sp->max_alloc < size)
142 return HEIM_ERR_TOO_BIG;
143 return 0;
144 }
145
146 static krb5_error_code
147 size_too_large_num(krb5_storage *sp, size_t count, size_t size)
148 {
149 if (sp->max_alloc == 0 || size == 0)
150 return 0;
151 size = sp->max_alloc / size;
152 if (size < count)
153 return HEIM_ERR_TOO_BIG;
154 return 0;
155 }
156
157 /**
158 * Seek to a new offset.
159 *
160 * @param sp the storage buffer to seek in.
161 * @param offset the offset to seek
162 * @param whence relateive searching, SEEK_CUR from the current
163 * position, SEEK_END from the end, SEEK_SET absolute from the start.
164 *
165 * @return The new current offset
166 *
167 * @ingroup krb5_storage
168 */
169
170 KRB5_LIB_FUNCTION off_t KRB5_LIB_CALL
171 krb5_storage_seek(krb5_storage *sp, off_t offset, int whence)
172 {
173 return (*sp->seek)(sp, offset, whence);
174 }
175
176 /**
177 * Truncate the storage buffer in sp to offset.
178 *
179 * @param sp the storage buffer to truncate.
180 * @param offset the offset to truncate too.
181 *
182 * @return An Kerberos 5 error code.
183 *
184 * @ingroup krb5_storage
185 */
186
187 KRB5_LIB_FUNCTION int KRB5_LIB_CALL
188 krb5_storage_truncate(krb5_storage *sp, off_t offset)
189 {
190 return (*sp->trunc)(sp, offset);
191 }
192
193 /**
194 * Sync the storage buffer to its backing store. If there is no
195 * backing store this function will return success.
196 *
197 * @param sp the storage buffer to sync
198 *
199 * @return A Kerberos 5 error code
200 *
201 * @ingroup krb5_storage
202 */
203
204 KRB5_LIB_FUNCTION int KRB5_LIB_CALL
205 krb5_storage_fsync(krb5_storage *sp)
206 {
207 if (sp->fsync != NULL)
208 return sp->fsync(sp);
209 return 0;
210 }
211
212 /**
213 * Read to the storage buffer.
214 *
215 * @param sp the storage buffer to read from
216 * @param buf the buffer to store the data in
217 * @param len the length to read
218 *
219 * @return The length of data read (can be shorter then len), or negative on error.
220 *
221 * @ingroup krb5_storage
222 */
223
224 KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL
225 krb5_storage_read(krb5_storage *sp, void *buf, size_t len)
226 {
227 return sp->fetch(sp, buf, len);
228 }
229
230 /**
231 * Write to the storage buffer.
232 *
233 * @param sp the storage buffer to write to
234 * @param buf the buffer to write to the storage buffer
235 * @param len the length to write
236 *
237 * @return The length of data written (can be shorter then len), or negative on error.
238 *
239 * @ingroup krb5_storage
240 */
241
242 KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL
243 krb5_storage_write(krb5_storage *sp, const void *buf, size_t len)
244 {
245 return sp->store(sp, buf, len);
246 }
247
248 /**
249 * Set the return code that will be used when end of storage is reached.
250 *
251 * @param sp the storage
252 * @param code the error code to return on end of storage
253 *
254 * @ingroup krb5_storage
255 */
256
257 KRB5_LIB_FUNCTION void KRB5_LIB_CALL
258 krb5_storage_set_eof_code(krb5_storage *sp, int code)
259 {
260 sp->eof_code = code;
261 }
262
263 /**
264 * Get the return code that will be used when end of storage is reached.
265 *
266 * @param sp the storage
267 *
268 * @return storage error code
269 *
270 * @ingroup krb5_storage
271 */
272
273 KRB5_LIB_FUNCTION int KRB5_LIB_CALL
274 krb5_storage_get_eof_code(krb5_storage *sp)
275 {
276 return sp->eof_code;
277 }
278
279 /**
280 * Free a krb5 storage.
281 *
282 * @param sp the storage to free.
283 *
284 * @return An Kerberos 5 error code.
285 *
286 * @ingroup krb5_storage
287 */
288
289 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
290 krb5_storage_free(krb5_storage *sp)
291 {
292 if(sp->free)
293 (*sp->free)(sp);
294 free(sp->data);
295 free(sp);
296 return 0;
297 }
298
299 /**
300 * Copy the contnent of storage
301 *
302 * @param sp the storage to copy to a data
303 * @param data the copied data, free with krb5_data_free()
304 *
305 * @return 0 for success, or a Kerberos 5 error code on failure.
306 *
307 * @ingroup krb5_storage
308 */
309
310 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
311 krb5_storage_to_data(krb5_storage *sp, krb5_data *data)
312 {
313 off_t pos, size;
314 krb5_error_code ret;
315
316 pos = sp->seek(sp, 0, SEEK_CUR);
317 if (pos < 0)
318 return HEIM_ERR_NOT_SEEKABLE;
319 size = sp->seek(sp, 0, SEEK_END);
320 ret = size_too_large(sp, size);
321 if (ret)
322 return ret;
323 ret = krb5_data_alloc(data, size);
324 if (ret) {
325 sp->seek(sp, pos, SEEK_SET);
326 return ret;
327 }
328 if (size) {
329 sp->seek(sp, 0, SEEK_SET);
330 sp->fetch(sp, data->data, data->length);
331 sp->seek(sp, pos, SEEK_SET);
332 }
333 return 0;
334 }
335
336 static krb5_error_code
337 krb5_store_int(krb5_storage *sp,
338 int32_t value,
339 size_t len)
340 {
341 int ret;
342 unsigned char v[16];
343
344 if(len > sizeof(v))
345 return EINVAL;
346 _krb5_put_int(v, value, len);
347 ret = sp->store(sp, v, len);
348 if (ret < 0)
349 return errno;
350 if ((size_t)ret != len)
351 return sp->eof_code;
352 return 0;
353 }
354
355 /**
356 * Store a int32 to storage, byte order is controlled by the settings
357 * on the storage, see krb5_storage_set_byteorder().
358 *
359 * @param sp the storage to write too
360 * @param value the value to store
361 *
362 * @return 0 for success, or a Kerberos 5 error code on failure.
363 *
364 * @ingroup krb5_storage
365 */
366
367 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
368 krb5_store_int32(krb5_storage *sp,
369 int32_t value)
370 {
371 if(BYTEORDER_IS_HOST(sp))
372 value = htonl(value);
373 else if(BYTEORDER_IS_LE(sp))
374 value = bswap32(value);
375 return krb5_store_int(sp, value, 4);
376 }
377
378 /**
379 * Store a uint32 to storage, byte order is controlled by the settings
380 * on the storage, see krb5_storage_set_byteorder().
381 *
382 * @param sp the storage to write too
383 * @param value the value to store
384 *
385 * @return 0 for success, or a Kerberos 5 error code on failure.
386 *
387 * @ingroup krb5_storage
388 */
389
390 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
391 krb5_store_uint32(krb5_storage *sp,
392 uint32_t value)
393 {
394 return krb5_store_int32(sp, (int32_t)value);
395 }
396
397 static krb5_error_code
398 krb5_ret_int(krb5_storage *sp,
399 int32_t *value,
400 size_t len)
401 {
402 int ret;
403 unsigned char v[4];
404 unsigned long w;
405 ret = sp->fetch(sp, v, len);
406 if (ret < 0)
407 return errno;
408 if ((size_t)ret != len)
409 return sp->eof_code;
410 _krb5_get_int(v, &w, len);
411 *value = w;
412 return 0;
413 }
414
415 /**
416 * Read a int32 from storage, byte order is controlled by the settings
417 * on the storage, see krb5_storage_set_byteorder().
418 *
419 * @param sp the storage to write too
420 * @param value the value read from the buffer
421 *
422 * @return 0 for success, or a Kerberos 5 error code on failure.
423 *
424 * @ingroup krb5_storage
425 */
426
427 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
428 krb5_ret_int32(krb5_storage *sp,
429 int32_t *value)
430 {
431 krb5_error_code ret = krb5_ret_int(sp, value, 4);
432 if(ret)
433 return ret;
434 if(BYTEORDER_IS_HOST(sp))
435 *value = htonl(*value);
436 else if(BYTEORDER_IS_LE(sp))
437 *value = bswap32(*value);
438 return 0;
439 }
440
441 /**
442 * Read a uint32 from storage, byte order is controlled by the settings
443 * on the storage, see krb5_storage_set_byteorder().
444 *
445 * @param sp the storage to write too
446 * @param value the value read from the buffer
447 *
448 * @return 0 for success, or a Kerberos 5 error code on failure.
449 *
450 * @ingroup krb5_storage
451 */
452
453 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
454 krb5_ret_uint32(krb5_storage *sp,
455 uint32_t *value)
456 {
457 krb5_error_code ret;
458 int32_t v;
459
460 ret = krb5_ret_int32(sp, &v);
461 if (ret == 0)
462 *value = (uint32_t)v;
463
464 return ret;
465 }
466
467 /**
468 * Store a int16 to storage, byte order is controlled by the settings
469 * on the storage, see krb5_storage_set_byteorder().
470 *
471 * @param sp the storage to write too
472 * @param value the value to store
473 *
474 * @return 0 for success, or a Kerberos 5 error code on failure.
475 *
476 * @ingroup krb5_storage
477 */
478
479 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
480 krb5_store_int16(krb5_storage *sp,
481 int16_t value)
482 {
483 if(BYTEORDER_IS_HOST(sp))
484 value = htons(value);
485 else if(BYTEORDER_IS_LE(sp))
486 value = bswap16(value);
487 return krb5_store_int(sp, value, 2);
488 }
489
490 /**
491 * Store a uint16 to storage, byte order is controlled by the settings
492 * on the storage, see krb5_storage_set_byteorder().
493 *
494 * @param sp the storage to write too
495 * @param value the value to store
496 *
497 * @return 0 for success, or a Kerberos 5 error code on failure.
498 *
499 * @ingroup krb5_storage
500 */
501
502 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
503 krb5_store_uint16(krb5_storage *sp,
504 uint16_t value)
505 {
506 return krb5_store_int16(sp, (int16_t)value);
507 }
508
509 /**
510 * Read a int16 from storage, byte order is controlled by the settings
511 * on the storage, see krb5_storage_set_byteorder().
512 *
513 * @param sp the storage to write too
514 * @param value the value read from the buffer
515 *
516 * @return 0 for success, or a Kerberos 5 error code on failure.
517 *
518 * @ingroup krb5_storage
519 */
520
521 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
522 krb5_ret_int16(krb5_storage *sp,
523 int16_t *value)
524 {
525 int32_t v;
526 int ret;
527 ret = krb5_ret_int(sp, &v, 2);
528 if(ret)
529 return ret;
530 *value = v;
531 if(BYTEORDER_IS_HOST(sp))
532 *value = htons(*value);
533 else if(BYTEORDER_IS_LE(sp))
534 *value = bswap16(*value);
535 return 0;
536 }
537
538 /**
539 * Read a int16 from storage, byte order is controlled by the settings
540 * on the storage, see krb5_storage_set_byteorder().
541 *
542 * @param sp the storage to write too
543 * @param value the value read from the buffer
544 *
545 * @return 0 for success, or a Kerberos 5 error code on failure.
546 *
547 * @ingroup krb5_storage
548 */
549
550 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
551 krb5_ret_uint16(krb5_storage *sp,
552 uint16_t *value)
553 {
554 krb5_error_code ret;
555 int16_t v;
556
557 ret = krb5_ret_int16(sp, &v);
558 if (ret == 0)
559 *value = (uint16_t)v;
560
561 return ret;
562 }
563
564 /**
565 * Store a int8 to storage.
566 *
567 * @param sp the storage to write too
568 * @param value the value to store
569 *
570 * @return 0 for success, or a Kerberos 5 error code on failure.
571 *
572 * @ingroup krb5_storage
573 */
574
575 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
576 krb5_store_int8(krb5_storage *sp,
577 int8_t value)
578 {
579 int ret;
580
581 ret = sp->store(sp, &value, sizeof(value));
582 if (ret != sizeof(value))
583 return (ret<0)?errno:sp->eof_code;
584 return 0;
585 }
586
587 /**
588 * Store a uint8 to storage.
589 *
590 * @param sp the storage to write too
591 * @param value the value to store
592 *
593 * @return 0 for success, or a Kerberos 5 error code on failure.
594 *
595 * @ingroup krb5_storage
596 */
597
598 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
599 krb5_store_uint8(krb5_storage *sp,
600 uint8_t value)
601 {
602 return krb5_store_int8(sp, (int8_t)value);
603 }
604
605 /**
606 * Read a int8 from storage
607 *
608 * @param sp the storage to write too
609 * @param value the value read from the buffer
610 *
611 * @return 0 for success, or a Kerberos 5 error code on failure.
612 *
613 * @ingroup krb5_storage
614 */
615
616 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
617 krb5_ret_int8(krb5_storage *sp,
618 int8_t *value)
619 {
620 int ret;
621
622 ret = sp->fetch(sp, value, sizeof(*value));
623 if (ret != sizeof(*value))
624 return (ret<0)?errno:sp->eof_code;
625 return 0;
626 }
627
628 /**
629 * Read a uint8 from storage
630 *
631 * @param sp the storage to write too
632 * @param value the value read from the buffer
633 *
634 * @return 0 for success, or a Kerberos 5 error code on failure.
635 *
636 * @ingroup krb5_storage
637 */
638
639 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
640 krb5_ret_uint8(krb5_storage *sp,
641 uint8_t *value)
642 {
643 krb5_error_code ret;
644 int8_t v;
645
646 ret = krb5_ret_int8(sp, &v);
647 if (ret == 0)
648 *value = (uint8_t)v;
649
650 return ret;
651 }
652
653 /**
654 * Store a data to the storage. The data is stored with an int32 as
655 * lenght plus the data (not padded).
656 *
657 * @param sp the storage buffer to write to
658 * @param data the buffer to store.
659 *
660 * @return 0 on success, a Kerberos 5 error code on failure.
661 *
662 * @ingroup krb5_storage
663 */
664
665 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
666 krb5_store_data(krb5_storage *sp,
667 krb5_data data)
668 {
669 int ret;
670 ret = krb5_store_int32(sp, data.length);
671 if(ret < 0)
672 return ret;
673 ret = sp->store(sp, data.data, data.length);
674 if(ret < 0)
675 return errno;
676 if((size_t)ret != data.length)
677 return sp->eof_code;
678 return 0;
679 }
680
681 /**
682 * Parse a data from the storage.
683 *
684 * @param sp the storage buffer to read from
685 * @param data the parsed data
686 *
687 * @return 0 on success, a Kerberos 5 error code on failure.
688 *
689 * @ingroup krb5_storage
690 */
691
692 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
693 krb5_ret_data(krb5_storage *sp,
694 krb5_data *data)
695 {
696 int ret;
697 int32_t size;
698
699 ret = krb5_ret_int32(sp, &size);
700 if(ret)
701 return ret;
702 ret = size_too_large(sp, size);
703 if (ret)
704 return ret;
705 ret = krb5_data_alloc (data, size);
706 if (ret)
707 return ret;
708 if (size) {
709 ret = sp->fetch(sp, data->data, size);
710 if(ret != size) {
711 krb5_data_free(data);
712 return (ret < 0)? errno : sp->eof_code;
713 }
714 }
715 return 0;
716 }
717
718 /**
719 * Store a string to the buffer. The data is formated as an len:uint32
720 * plus the string itself (not padded).
721 *
722 * @param sp the storage buffer to write to
723 * @param s the string to store.
724 *
725 * @return 0 on success, a Kerberos 5 error code on failure.
726 *
727 * @ingroup krb5_storage
728 */
729
730 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
731 krb5_store_string(krb5_storage *sp, const char *s)
732 {
733 krb5_data data;
734 data.length = strlen(s);
735 data.data = rk_UNCONST(s);
736 return krb5_store_data(sp, data);
737 }
738
739 /**
740 * Parse a string from the storage.
741 *
742 * @param sp the storage buffer to read from
743 * @param string the parsed string
744 *
745 * @return 0 on success, a Kerberos 5 error code on failure.
746 *
747 * @ingroup krb5_storage
748 */
749
750
751 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
752 krb5_ret_string(krb5_storage *sp,
753 char **string)
754 {
755 int ret;
756 krb5_data data;
757 ret = krb5_ret_data(sp, &data);
758 if(ret)
759 return ret;
760 *string = realloc(data.data, data.length + 1);
761 if(*string == NULL){
762 free(data.data);
763 return ENOMEM;
764 }
765 (*string)[data.length] = 0;
766 return 0;
767 }
768
769 /**
770 * Store a zero terminated string to the buffer. The data is stored
771 * one character at a time until a NUL is stored.
772 *
773 * @param sp the storage buffer to write to
774 * @param s the string to store.
775 *
776 * @return 0 on success, a Kerberos 5 error code on failure.
777 *
778 * @ingroup krb5_storage
779 */
780
781 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
782 krb5_store_stringz(krb5_storage *sp, const char *s)
783 {
784 size_t len = strlen(s) + 1;
785 ssize_t ret;
786
787 ret = sp->store(sp, s, len);
788 if(ret < 0)
789 return ret;
790 if((size_t)ret != len)
791 return sp->eof_code;
792 return 0;
793 }
794
795 /**
796 * Parse zero terminated string from the storage.
797 *
798 * @param sp the storage buffer to read from
799 * @param string the parsed string
800 *
801 * @return 0 on success, a Kerberos 5 error code on failure.
802 *
803 * @ingroup krb5_storage
804 */
805
806 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
807 krb5_ret_stringz(krb5_storage *sp,
808 char **string)
809 {
810 char c;
811 char *s = NULL;
812 size_t len = 0;
813 ssize_t ret;
814
815 while((ret = sp->fetch(sp, &c, 1)) == 1){
816 krb5_error_code eret;
817 char *tmp;
818
819 len++;
820 eret = size_too_large(sp, len);
821 if (eret) {
822 free(s);
823 return eret;
824 }
825 tmp = realloc (s, len);
826 if (tmp == NULL) {
827 free (s);
828 return ENOMEM;
829 }
830 s = tmp;
831 s[len - 1] = c;
832 if(c == 0)
833 break;
834 }
835 if(ret != 1){
836 free(s);
837 if(ret == 0)
838 return sp->eof_code;
839 return ret;
840 }
841 *string = s;
842 return 0;
843 }
844
845 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
846 krb5_store_stringnl(krb5_storage *sp, const char *s)
847 {
848 size_t len = strlen(s);
849 ssize_t ret;
850
851 ret = sp->store(sp, s, len);
852 if(ret < 0)
853 return ret;
854 if((size_t)ret != len)
855 return sp->eof_code;
856 ret = sp->store(sp, "\n", 1);
857 if(ret != 1) {
858 if(ret < 0)
859 return ret;
860 else
861 return sp->eof_code;
862 }
863
864 return 0;
865
866 }
867
868 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
869 krb5_ret_stringnl(krb5_storage *sp,
870 char **string)
871 {
872 int expect_nl = 0;
873 char c;
874 char *s = NULL;
875 size_t len = 0;
876 ssize_t ret;
877
878 while((ret = sp->fetch(sp, &c, 1)) == 1){
879 krb5_error_code eret;
880 char *tmp;
881
882 if (c == '\r') {
883 expect_nl = 1;
884 continue;
885 }
886 if (expect_nl && c != '\n') {
887 free(s);
888 return KRB5_BADMSGTYPE;
889 }
890
891 len++;
892 eret = size_too_large(sp, len);
893 if (eret) {
894 free(s);
895 return eret;
896 }
897 tmp = realloc (s, len);
898 if (tmp == NULL) {
899 free (s);
900 return ENOMEM;
901 }
902 s = tmp;
903 if(c == '\n') {
904 s[len - 1] = '\0';
905 break;
906 }
907 s[len - 1] = c;
908 }
909 if(ret != 1){
910 free(s);
911 if(ret == 0)
912 return sp->eof_code;
913 return ret;
914 }
915 *string = s;
916 return 0;
917 }
918
919 /**
920 * Write a principal block to storage.
921 *
922 * @param sp the storage buffer to write to
923 * @param p the principal block to write.
924 *
925 * @return 0 on success, a Kerberos 5 error code on failure.
926 *
927 * @ingroup krb5_storage
928 */
929
930 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
931 krb5_store_principal(krb5_storage *sp,
932 krb5_const_principal p)
933 {
934 size_t i;
935 int ret;
936
937 if(!krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE)) {
938 ret = krb5_store_int32(sp, p->name.name_type);
939 if(ret) return ret;
940 }
941 if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS))
942 ret = krb5_store_int32(sp, p->name.name_string.len + 1);
943 else
944 ret = krb5_store_int32(sp, p->name.name_string.len);
945
946 if(ret) return ret;
947 ret = krb5_store_string(sp, p->realm);
948 if(ret) return ret;
949 for(i = 0; i < p->name.name_string.len; i++){
950 ret = krb5_store_string(sp, p->name.name_string.val[i]);
951 if(ret) return ret;
952 }
953 return 0;
954 }
955
956 /**
957 * Parse principal from the storage.
958 *
959 * @param sp the storage buffer to read from
960 * @param princ the parsed principal
961 *
962 * @return 0 on success, a Kerberos 5 error code on failure.
963 *
964 * @ingroup krb5_storage
965 */
966
967 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
968 krb5_ret_principal(krb5_storage *sp,
969 krb5_principal *princ)
970 {
971 int i;
972 int ret;
973 krb5_principal p;
974 int32_t type;
975 int32_t ncomp;
976
977 p = calloc(1, sizeof(*p));
978 if(p == NULL)
979 return ENOMEM;
980
981 if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE))
982 type = KRB5_NT_UNKNOWN;
983 else if((ret = krb5_ret_int32(sp, &type))){
984 free(p);
985 return ret;
986 }
987 if((ret = krb5_ret_int32(sp, &ncomp))){
988 free(p);
989 return ret;
990 }
991 if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS))
992 ncomp--;
993 if (ncomp < 0) {
994 free(p);
995 return EINVAL;
996 }
997 ret = size_too_large_num(sp, ncomp, sizeof(p->name.name_string.val[0]));
998 if (ret) {
999 free(p);
1000 return ret;
1001 }
1002 p->name.name_type = type;
1003 p->name.name_string.len = ncomp;
1004 ret = krb5_ret_string(sp, &p->realm);
1005 if(ret) {
1006 free(p);
1007 return ret;
1008 }
1009 p->name.name_string.val = calloc(ncomp, sizeof(p->name.name_string.val[0]));
1010 if(p->name.name_string.val == NULL && ncomp != 0){
1011 free(p->realm);
1012 free(p);
1013 return ENOMEM;
1014 }
1015 for(i = 0; i < ncomp; i++){
1016 ret = krb5_ret_string(sp, &p->name.name_string.val[i]);
1017 if(ret) {
1018 while (i >= 0)
1019 free(p->name.name_string.val[i--]);
1020 free(p->realm);
1021 free(p);
1022 return ret;
1023 }
1024 }
1025 *princ = p;
1026 return 0;
1027 }
1028
1029 /**
1030 * Store a keyblock to the storage.
1031 *
1032 * @param sp the storage buffer to write to
1033 * @param p the keyblock to write
1034 *
1035 * @return 0 on success, a Kerberos 5 error code on failure.
1036 *
1037 * @ingroup krb5_storage
1038 */
1039
1040 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1041 krb5_store_keyblock(krb5_storage *sp, krb5_keyblock p)
1042 {
1043 int ret;
1044 ret = krb5_store_int16(sp, p.keytype);
1045 if(ret) return ret;
1046
1047 if(krb5_storage_is_flags(sp, KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE)){
1048 /* this should really be enctype, but it is the same as
1049 keytype nowadays */
1050 ret = krb5_store_int16(sp, p.keytype);
1051 if(ret) return ret;
1052 }
1053
1054 ret = krb5_store_data(sp, p.keyvalue);
1055 return ret;
1056 }
1057
1058 /**
1059 * Read a keyblock from the storage.
1060 *
1061 * @param sp the storage buffer to write to
1062 * @param p the keyblock read from storage, free using krb5_free_keyblock()
1063 *
1064 * @return 0 on success, a Kerberos 5 error code on failure.
1065 *
1066 * @ingroup krb5_storage
1067 */
1068
1069 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1070 krb5_ret_keyblock(krb5_storage *sp, krb5_keyblock *p)
1071 {
1072 int ret;
1073 int16_t tmp;
1074
1075 ret = krb5_ret_int16(sp, &tmp);
1076 if(ret) return ret;
1077 p->keytype = tmp;
1078
1079 if(krb5_storage_is_flags(sp, KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE)){
1080 ret = krb5_ret_int16(sp, &tmp);
1081 if(ret) return ret;
1082 }
1083
1084 ret = krb5_ret_data(sp, &p->keyvalue);
1085 return ret;
1086 }
1087
1088 /**
1089 * Write a times block to storage.
1090 *
1091 * @param sp the storage buffer to write to
1092 * @param times the times block to write.
1093 *
1094 * @return 0 on success, a Kerberos 5 error code on failure.
1095 *
1096 * @ingroup krb5_storage
1097 */
1098
1099 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1100 krb5_store_times(krb5_storage *sp, krb5_times times)
1101 {
1102 int ret;
1103 ret = krb5_store_int32(sp, times.authtime);
1104 if(ret) return ret;
1105 ret = krb5_store_int32(sp, times.starttime);
1106 if(ret) return ret;
1107 ret = krb5_store_int32(sp, times.endtime);
1108 if(ret) return ret;
1109 ret = krb5_store_int32(sp, times.renew_till);
1110 return ret;
1111 }
1112
1113 /**
1114 * Read a times block from the storage.
1115 *
1116 * @param sp the storage buffer to write to
1117 * @param times the times block read from storage
1118 *
1119 * @return 0 on success, a Kerberos 5 error code on failure.
1120 *
1121 * @ingroup krb5_storage
1122 */
1123
1124 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1125 krb5_ret_times(krb5_storage *sp, krb5_times *times)
1126 {
1127 int ret;
1128 int32_t tmp;
1129 ret = krb5_ret_int32(sp, &tmp);
1130 times->authtime = tmp;
1131 if(ret) return ret;
1132 ret = krb5_ret_int32(sp, &tmp);
1133 times->starttime = tmp;
1134 if(ret) return ret;
1135 ret = krb5_ret_int32(sp, &tmp);
1136 times->endtime = tmp;
1137 if(ret) return ret;
1138 ret = krb5_ret_int32(sp, &tmp);
1139 times->renew_till = tmp;
1140 return ret;
1141 }
1142
1143 /**
1144 * Write a address block to storage.
1145 *
1146 * @param sp the storage buffer to write to
1147 * @param p the address block to write.
1148 *
1149 * @return 0 on success, a Kerberos 5 error code on failure.
1150 *
1151 * @ingroup krb5_storage
1152 */
1153
1154 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1155 krb5_store_address(krb5_storage *sp, krb5_address p)
1156 {
1157 int ret;
1158 ret = krb5_store_int16(sp, p.addr_type);
1159 if(ret) return ret;
1160 ret = krb5_store_data(sp, p.address);
1161 return ret;
1162 }
1163
1164 /**
1165 * Read a address block from the storage.
1166 *
1167 * @param sp the storage buffer to write to
1168 * @param adr the address block read from storage
1169 *
1170 * @return 0 on success, a Kerberos 5 error code on failure.
1171 *
1172 * @ingroup krb5_storage
1173 */
1174
1175 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1176 krb5_ret_address(krb5_storage *sp, krb5_address *adr)
1177 {
1178 int16_t t;
1179 int ret;
1180 ret = krb5_ret_int16(sp, &t);
1181 if(ret) return ret;
1182 adr->addr_type = t;
1183 ret = krb5_ret_data(sp, &adr->address);
1184 return ret;
1185 }
1186
1187 /**
1188 * Write a addresses block to storage.
1189 *
1190 * @param sp the storage buffer to write to
1191 * @param p the addresses block to write.
1192 *
1193 * @return 0 on success, a Kerberos 5 error code on failure.
1194 *
1195 * @ingroup krb5_storage
1196 */
1197
1198 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1199 krb5_store_addrs(krb5_storage *sp, krb5_addresses p)
1200 {
1201 size_t i;
1202 int ret;
1203 ret = krb5_store_int32(sp, p.len);
1204 if(ret) return ret;
1205 for(i = 0; i<p.len; i++){
1206 ret = krb5_store_address(sp, p.val[i]);
1207 if(ret) break;
1208 }
1209 return ret;
1210 }
1211
1212 /**
1213 * Read a addresses block from the storage.
1214 *
1215 * @param sp the storage buffer to write to
1216 * @param adr the addresses block read from storage
1217 *
1218 * @return 0 on success, a Kerberos 5 error code on failure.
1219 *
1220 * @ingroup krb5_storage
1221 */
1222
1223 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1224 krb5_ret_addrs(krb5_storage *sp, krb5_addresses *adr)
1225 {
1226 size_t i;
1227 int ret;
1228 int32_t tmp;
1229
1230 ret = krb5_ret_int32(sp, &tmp);
1231 if(ret) return ret;
1232 ret = size_too_large_num(sp, tmp, sizeof(adr->val[0]));
1233 if (ret) return ret;
1234 adr->len = tmp;
1235 ALLOC(adr->val, adr->len);
1236 if (adr->val == NULL && adr->len != 0)
1237 return ENOMEM;
1238 for(i = 0; i < adr->len; i++){
1239 ret = krb5_ret_address(sp, &adr->val[i]);
1240 if(ret) break;
1241 }
1242 return ret;
1243 }
1244
1245 /**
1246 * Write a auth data block to storage.
1247 *
1248 * @param sp the storage buffer to write to
1249 * @param auth the auth data block to write.
1250 *
1251 * @return 0 on success, a Kerberos 5 error code on failure.
1252 *
1253 * @ingroup krb5_storage
1254 */
1255
1256 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1257 krb5_store_authdata(krb5_storage *sp, krb5_authdata auth)
1258 {
1259 krb5_error_code ret;
1260 size_t i;
1261 ret = krb5_store_int32(sp, auth.len);
1262 if(ret) return ret;
1263 for(i = 0; i < auth.len; i++){
1264 ret = krb5_store_int16(sp, auth.val[i].ad_type);
1265 if(ret) break;
1266 ret = krb5_store_data(sp, auth.val[i].ad_data);
1267 if(ret) break;
1268 }
1269 return 0;
1270 }
1271
1272 /**
1273 * Read a auth data from the storage.
1274 *
1275 * @param sp the storage buffer to write to
1276 * @param auth the auth data block read from storage
1277 *
1278 * @return 0 on success, a Kerberos 5 error code on failure.
1279 *
1280 * @ingroup krb5_storage
1281 */
1282
1283 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1284 krb5_ret_authdata(krb5_storage *sp, krb5_authdata *auth)
1285 {
1286 krb5_error_code ret;
1287 int32_t tmp;
1288 int16_t tmp2;
1289 int i;
1290 ret = krb5_ret_int32(sp, &tmp);
1291 if(ret) return ret;
1292 ret = size_too_large_num(sp, tmp, sizeof(auth->val[0]));
1293 if (ret) return ret;
1294 ALLOC_SEQ(auth, tmp);
1295 if (auth->val == NULL && tmp != 0)
1296 return ENOMEM;
1297 for(i = 0; i < tmp; i++){
1298 ret = krb5_ret_int16(sp, &tmp2);
1299 if(ret) break;
1300 auth->val[i].ad_type = tmp2;
1301 ret = krb5_ret_data(sp, &auth->val[i].ad_data);
1302 if(ret) break;
1303 }
1304 return ret;
1305 }
1306
1307 static int32_t
1308 bitswap32(int32_t b)
1309 {
1310 int32_t r = 0;
1311 int i;
1312 for (i = 0; i < 32; i++) {
1313 r = r << 1 | (b & 1);
1314 b = b >> 1;
1315 }
1316 return r;
1317 }
1318
1319 /**
1320 * Write a credentials block to storage.
1321 *
1322 * @param sp the storage buffer to write to
1323 * @param creds the creds block to write.
1324 *
1325 * @return 0 on success, a Kerberos 5 error code on failure.
1326 *
1327 * @ingroup krb5_storage
1328 */
1329
1330 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1331 krb5_store_creds(krb5_storage *sp, krb5_creds *creds)
1332 {
1333 int ret;
1334
1335 ret = krb5_store_principal(sp, creds->client);
1336 if(ret)
1337 return ret;
1338 ret = krb5_store_principal(sp, creds->server);
1339 if(ret)
1340 return ret;
1341 ret = krb5_store_keyblock(sp, creds->session);
1342 if(ret)
1343 return ret;
1344 ret = krb5_store_times(sp, creds->times);
1345 if(ret)
1346 return ret;
1347 ret = krb5_store_int8(sp, creds->second_ticket.length != 0); /* is_skey */
1348 if(ret)
1349 return ret;
1350
1351 if(krb5_storage_is_flags(sp, KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER))
1352 ret = krb5_store_int32(sp, creds->flags.i);
1353 else
1354 ret = krb5_store_int32(sp, bitswap32(TicketFlags2int(creds->flags.b)));
1355 if(ret)
1356 return ret;
1357
1358 ret = krb5_store_addrs(sp, creds->addresses);
1359 if(ret)
1360 return ret;
1361 ret = krb5_store_authdata(sp, creds->authdata);
1362 if(ret)
1363 return ret;
1364 ret = krb5_store_data(sp, creds->ticket);
1365 if(ret)
1366 return ret;
1367 ret = krb5_store_data(sp, creds->second_ticket);
1368 return ret;
1369 }
1370
1371 /**
1372 * Read a credentials block from the storage.
1373 *
1374 * @param sp the storage buffer to write to
1375 * @param creds the credentials block read from storage
1376 *
1377 * @return 0 on success, a Kerberos 5 error code on failure.
1378 *
1379 * @ingroup krb5_storage
1380 */
1381
1382 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1383 krb5_ret_creds(krb5_storage *sp, krb5_creds *creds)
1384 {
1385 krb5_error_code ret;
1386 int8_t dummy8;
1387 int32_t dummy32;
1388
1389 memset(creds, 0, sizeof(*creds));
1390 ret = krb5_ret_principal (sp, &creds->client);
1391 if(ret) goto cleanup;
1392 ret = krb5_ret_principal (sp, &creds->server);
1393 if(ret) goto cleanup;
1394 ret = krb5_ret_keyblock (sp, &creds->session);
1395 if(ret) goto cleanup;
1396 ret = krb5_ret_times (sp, &creds->times);
1397 if(ret) goto cleanup;
1398 ret = krb5_ret_int8 (sp, &dummy8);
1399 if(ret) goto cleanup;
1400 ret = krb5_ret_int32 (sp, &dummy32);
1401 if(ret) goto cleanup;
1402 /*
1403 * Runtime detect the what is the higher bits of the bitfield. If
1404 * any of the higher bits are set in the input data, it's either a
1405 * new ticket flag (and this code need to be removed), or it's a
1406 * MIT cache (or new Heimdal cache), lets change it to our current
1407 * format.
1408 */
1409 {
1410 uint32_t mask = 0xffff0000;
1411 creds->flags.i = 0;
1412 creds->flags.b.anonymous = 1;
1413 if (creds->flags.i & mask)
1414 mask = ~mask;
1415 if (dummy32 & mask)
1416 dummy32 = bitswap32(dummy32);
1417 }
1418 creds->flags.i = dummy32;
1419 ret = krb5_ret_addrs (sp, &creds->addresses);
1420 if(ret) goto cleanup;
1421 ret = krb5_ret_authdata (sp, &creds->authdata);
1422 if(ret) goto cleanup;
1423 ret = krb5_ret_data (sp, &creds->ticket);
1424 if(ret) goto cleanup;
1425 ret = krb5_ret_data (sp, &creds->second_ticket);
1426 cleanup:
1427 if(ret) {
1428 #if 0
1429 krb5_free_cred_contents(context, creds); /* XXX */
1430 #endif
1431 }
1432 return ret;
1433 }
1434
1435 #define SC_CLIENT_PRINCIPAL 0x0001
1436 #define SC_SERVER_PRINCIPAL 0x0002
1437 #define SC_SESSION_KEY 0x0004
1438 #define SC_TICKET 0x0008
1439 #define SC_SECOND_TICKET 0x0010
1440 #define SC_AUTHDATA 0x0020
1441 #define SC_ADDRESSES 0x0040
1442
1443 /**
1444 * Write a tagged credentials block to storage.
1445 *
1446 * @param sp the storage buffer to write to
1447 * @param creds the creds block to write.
1448 *
1449 * @return 0 on success, a Kerberos 5 error code on failure.
1450 *
1451 * @ingroup krb5_storage
1452 */
1453
1454 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1455 krb5_store_creds_tag(krb5_storage *sp, krb5_creds *creds)
1456 {
1457 int ret;
1458 int32_t header = 0;
1459
1460 if (creds->client)
1461 header |= SC_CLIENT_PRINCIPAL;
1462 if (creds->server)
1463 header |= SC_SERVER_PRINCIPAL;
1464 if (creds->session.keytype != ETYPE_NULL)
1465 header |= SC_SESSION_KEY;
1466 if (creds->ticket.data)
1467 header |= SC_TICKET;
1468 if (creds->second_ticket.length)
1469 header |= SC_SECOND_TICKET;
1470 if (creds->authdata.len)
1471 header |= SC_AUTHDATA;
1472 if (creds->addresses.len)
1473 header |= SC_ADDRESSES;
1474
1475 ret = krb5_store_int32(sp, header);
1476 if (ret)
1477 return ret;
1478
1479 if (creds->client) {
1480 ret = krb5_store_principal(sp, creds->client);
1481 if(ret)
1482 return ret;
1483 }
1484
1485 if (creds->server) {
1486 ret = krb5_store_principal(sp, creds->server);
1487 if(ret)
1488 return ret;
1489 }
1490
1491 if (creds->session.keytype != ETYPE_NULL) {
1492 ret = krb5_store_keyblock(sp, creds->session);
1493 if(ret)
1494 return ret;
1495 }
1496
1497 ret = krb5_store_times(sp, creds->times);
1498 if(ret)
1499 return ret;
1500 ret = krb5_store_int8(sp, creds->second_ticket.length != 0); /* is_skey */
1501 if(ret)
1502 return ret;
1503
1504 ret = krb5_store_int32(sp, bitswap32(TicketFlags2int(creds->flags.b)));
1505 if(ret)
1506 return ret;
1507
1508 if (creds->addresses.len) {
1509 ret = krb5_store_addrs(sp, creds->addresses);
1510 if(ret)
1511 return ret;
1512 }
1513
1514 if (creds->authdata.len) {
1515 ret = krb5_store_authdata(sp, creds->authdata);
1516 if(ret)
1517 return ret;
1518 }
1519
1520 if (creds->ticket.data) {
1521 ret = krb5_store_data(sp, creds->ticket);
1522 if(ret)
1523 return ret;
1524 }
1525
1526 if (creds->second_ticket.data) {
1527 ret = krb5_store_data(sp, creds->second_ticket);
1528 if (ret)
1529 return ret;
1530 }
1531
1532 return ret;
1533 }
1534
1535 /**
1536 * Read a tagged credentials block from the storage.
1537 *
1538 * @param sp the storage buffer to write to
1539 * @param creds the credentials block read from storage
1540 *
1541 * @return 0 on success, a Kerberos 5 error code on failure.
1542 *
1543 * @ingroup krb5_storage
1544 */
1545
1546 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1547 krb5_ret_creds_tag(krb5_storage *sp,
1548 krb5_creds *creds)
1549 {
1550 krb5_error_code ret;
1551 int8_t dummy8;
1552 int32_t dummy32, header;
1553
1554 memset(creds, 0, sizeof(*creds));
1555
1556 ret = krb5_ret_int32 (sp, &header);
1557 if (ret) goto cleanup;
1558
1559 if (header & SC_CLIENT_PRINCIPAL) {
1560 ret = krb5_ret_principal (sp, &creds->client);
1561 if(ret) goto cleanup;
1562 }
1563 if (header & SC_SERVER_PRINCIPAL) {
1564 ret = krb5_ret_principal (sp, &creds->server);
1565 if(ret) goto cleanup;
1566 }
1567 if (header & SC_SESSION_KEY) {
1568 ret = krb5_ret_keyblock (sp, &creds->session);
1569 if(ret) goto cleanup;
1570 }
1571 ret = krb5_ret_times (sp, &creds->times);
1572 if(ret) goto cleanup;
1573 ret = krb5_ret_int8 (sp, &dummy8);
1574 if(ret) goto cleanup;
1575 ret = krb5_ret_int32 (sp, &dummy32);
1576 if(ret) goto cleanup;
1577 /*
1578 * Runtime detect the what is the higher bits of the bitfield. If
1579 * any of the higher bits are set in the input data, it's either a
1580 * new ticket flag (and this code need to be removed), or it's a
1581 * MIT cache (or new Heimdal cache), lets change it to our current
1582 * format.
1583 */
1584 {
1585 uint32_t mask = 0xffff0000;
1586 creds->flags.i = 0;
1587 creds->flags.b.anonymous = 1;
1588 if (creds->flags.i & mask)
1589 mask = ~mask;
1590 if (dummy32 & mask)
1591 dummy32 = bitswap32(dummy32);
1592 }
1593 creds->flags.i = dummy32;
1594 if (header & SC_ADDRESSES) {
1595 ret = krb5_ret_addrs (sp, &creds->addresses);
1596 if(ret) goto cleanup;
1597 }
1598 if (header & SC_AUTHDATA) {
1599 ret = krb5_ret_authdata (sp, &creds->authdata);
1600 if(ret) goto cleanup;
1601 }
1602 if (header & SC_TICKET) {
1603 ret = krb5_ret_data (sp, &creds->ticket);
1604 if(ret) goto cleanup;
1605 }
1606 if (header & SC_SECOND_TICKET) {
1607 ret = krb5_ret_data (sp, &creds->second_ticket);
1608 if(ret) goto cleanup;
1609 }
1610
1611 cleanup:
1612 if(ret) {
1613 #if 0
1614 krb5_free_cred_contents(context, creds); /* XXX */
1615 #endif
1616 }
1617 return ret;
1618 }
Heimdal