search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
fix -Wshadow
[heimdal.git] / lib / krb5 / replay.c
blob747552fbd590aa0c9e3196c7c4de13192e833f1f
1 /*
2 * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #include "krb5_locl.h"
35 #include <vis.h>
36
37 struct krb5_rcache_data {
38 char *name;
39 };
40
41 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
42 krb5_rc_resolve(krb5_context context,
43 krb5_rcache id,
44 const char *name)
45 {
46 id->name = strdup(name);
47 if(id->name == NULL) {
48 krb5_set_error_message(context, KRB5_RC_MALLOC,
49 N_("malloc: out of memory", ""));
50 return KRB5_RC_MALLOC;
51 }
52 return 0;
53 }
54
55 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
56 krb5_rc_resolve_type(krb5_context context,
57 krb5_rcache *id,
58 const char *type)
59 {
60 *id = NULL;
61 if(strcmp(type, "FILE")) {
62 krb5_set_error_message (context, KRB5_RC_TYPE_NOTFOUND,
63 N_("replay cache type %s not supported", ""),
64 type);
65 return KRB5_RC_TYPE_NOTFOUND;
66 }
67 *id = calloc(1, sizeof(**id));
68 if(*id == NULL) {
69 krb5_set_error_message(context, KRB5_RC_MALLOC,
70 N_("malloc: out of memory", ""));
71 return KRB5_RC_MALLOC;
72 }
73 return 0;
74 }
75
76 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
77 krb5_rc_resolve_full(krb5_context context,
78 krb5_rcache *id,
79 const char *string_name)
80 {
81 krb5_error_code ret;
82
83 *id = NULL;
84
85 if(strncmp(string_name, "FILE:", 5)) {
86 krb5_set_error_message(context, KRB5_RC_TYPE_NOTFOUND,
87 N_("replay cache type %s not supported", ""),
88 string_name);
89 return KRB5_RC_TYPE_NOTFOUND;
90 }
91 ret = krb5_rc_resolve_type(context, id, "FILE");
92 if(ret)
93 return ret;
94 ret = krb5_rc_resolve(context, *id, string_name + 5);
95 if (ret) {
96 krb5_rc_close(context, *id);
97 *id = NULL;
98 }
99 return ret;
100 }
101
102 KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
103 krb5_rc_default_name(krb5_context context)
104 {
105 return "FILE:/var/run/default_rcache";
106 }
107
108 KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
109 krb5_rc_default_type(krb5_context context)
110 {
111 return "FILE";
112 }
113
114 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
115 krb5_rc_default(krb5_context context,
116 krb5_rcache *id)
117 {
118 return krb5_rc_resolve_full(context, id, krb5_rc_default_name(context));
119 }
120
121 struct rc_entry{
122 time_t stamp;
123 unsigned char data[16];
124 };
125
126 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
127 krb5_rc_initialize(krb5_context context,
128 krb5_rcache id,
129 krb5_deltat auth_lifespan)
130 {
131 FILE *f = fopen(id->name, "w");
132 struct rc_entry tmp;
133 int ret;
134
135 if(f == NULL) {
136 char buf[128];
137 ret = errno;
138 rk_strerror_r(ret, buf, sizeof(buf));
139 krb5_set_error_message(context, ret, "open(%s): %s", id->name, buf);
140 return ret;
141 }
142 tmp.stamp = auth_lifespan;
143 fwrite(&tmp, 1, sizeof(tmp), f);
144 fclose(f);
145 return 0;
146 }
147
148 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
149 krb5_rc_recover(krb5_context context,
150 krb5_rcache id)
151 {
152 return 0;
153 }
154
155 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
156 krb5_rc_destroy(krb5_context context,
157 krb5_rcache id)
158 {
159 int ret;
160
161 if(remove(id->name) < 0) {
162 char buf[128];
163 ret = errno;
164 rk_strerror_r(ret, buf, sizeof(buf));
165 krb5_set_error_message(context, ret, "remove(%s): %s", id->name, buf);
166 return ret;
167 }
168 return krb5_rc_close(context, id);
169 }
170
171 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
172 krb5_rc_close(krb5_context context,
173 krb5_rcache id)
174 {
175 free(id->name);
176 free(id);
177 return 0;
178 }
179
180 static void
181 checksum_authenticator(Authenticator *auth, void *data)
182 {
183 EVP_MD_CTX *m = EVP_MD_CTX_create();
184 unsigned i;
185
186 EVP_DigestInit_ex(m, EVP_md5(), NULL);
187
188 EVP_DigestUpdate(m, auth->crealm, strlen(auth->crealm));
189 for(i = 0; i < auth->cname.name_string.len; i++)
190 EVP_DigestUpdate(m, auth->cname.name_string.val[i],
191 strlen(auth->cname.name_string.val[i]));
192 EVP_DigestUpdate(m, &auth->ctime, sizeof(auth->ctime));
193 EVP_DigestUpdate(m, &auth->cusec, sizeof(auth->cusec));
194
195 EVP_DigestFinal_ex(m, data, NULL);
196 EVP_MD_CTX_destroy(m);
197 }
198
199 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
200 krb5_rc_store(krb5_context context,
201 krb5_rcache id,
202 krb5_donot_replay *rep)
203 {
204 struct rc_entry ent, tmp;
205 time_t t;
206 FILE *f;
207 int ret;
208 size_t count;
209
210 ent.stamp = time(NULL);
211 checksum_authenticator(rep, ent.data);
212 f = fopen(id->name, "r");
213 if(f == NULL) {
214 char buf[128];
215 ret = errno;
216 rk_strerror_r(ret, buf, sizeof(buf));
217 krb5_set_error_message(context, ret, "open(%s): %s", id->name, buf);
218 return ret;
219 }
220 rk_cloexec_file(f);
221 count = fread(&tmp, sizeof(ent), 1, f);
222 if(count != 1)
223 return KRB5_RC_IO_UNKNOWN;
224 t = ent.stamp - tmp.stamp;
225 while(fread(&tmp, sizeof(ent), 1, f)){
226 if(tmp.stamp < t)
227 continue;
228 if(memcmp(tmp.data, ent.data, sizeof(ent.data)) == 0){
229 fclose(f);
230 krb5_clear_error_message (context);
231 return KRB5_RC_REPLAY;
232 }
233 }
234 if(ferror(f)){
235 char buf[128];
236 ret = errno;
237 fclose(f);
238 rk_strerror_r(ret, buf, sizeof(buf));
239 krb5_set_error_message(context, ret, "%s: %s",
240 id->name, buf);
241 return ret;
242 }
243 fclose(f);
244 f = fopen(id->name, "a");
245 if(f == NULL) {
246 char buf[128];
247 rk_strerror_r(errno, buf, sizeof(buf));
248 krb5_set_error_message(context, KRB5_RC_IO_UNKNOWN,
249 "open(%s): %s", id->name, buf);
250 return KRB5_RC_IO_UNKNOWN;
251 }
252 fwrite(&ent, 1, sizeof(ent), f);
253 fclose(f);
254 return 0;
255 }
256
257 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
258 krb5_rc_expunge(krb5_context context,
259 krb5_rcache id)
260 {
261 return 0;
262 }
263
264 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
265 krb5_rc_get_lifespan(krb5_context context,
266 krb5_rcache id,
267 krb5_deltat *auth_lifespan)
268 {
269 FILE *f = fopen(id->name, "r");
270 int r;
271 struct rc_entry ent;
272 r = fread(&ent, sizeof(ent), 1, f);
273 fclose(f);
274 if(r){
275 *auth_lifespan = ent.stamp;
276 return 0;
277 }
278 krb5_clear_error_message (context);
279 return KRB5_RC_IO_UNKNOWN;
280 }
281
282 KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
283 krb5_rc_get_name(krb5_context context,
284 krb5_rcache id)
285 {
286 return id->name;
287 }
288
289 KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
290 krb5_rc_get_type(krb5_context context,
291 krb5_rcache id)
292 {
293 return "FILE";
294 }
295
296 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
297 krb5_get_server_rcache(krb5_context context,
298 const krb5_data *piece,
299 krb5_rcache *id)
300 {
301 krb5_rcache rcache;
302 krb5_error_code ret;
303
304 char *tmp = malloc(4 * piece->length + 1);
305 char *name;
306
307 if(tmp == NULL) {
308 krb5_set_error_message(context, ENOMEM,
309 N_("malloc: out of memory", ""));
310 return ENOMEM;
311 }
312 strvisx(tmp, piece->data, piece->length, VIS_WHITE | VIS_OCTAL);
313 #ifdef HAVE_GETEUID
314 ret = asprintf(&name, "FILE:rc_%s_%u", tmp, (unsigned)geteuid());
315 #else
316 ret = asprintf(&name, "FILE:rc_%s", tmp);
317 #endif
318 free(tmp);
319 if(ret < 0 || name == NULL) {
320 krb5_set_error_message(context, ENOMEM,
321 N_("malloc: out of memory", ""));
322 return ENOMEM;
323 }
324
325 ret = krb5_rc_resolve_full(context, &rcache, name);
326 free(name);
327 if(ret)
328 return ret;
329 *id = rcache;
330 return ret;
331 }
Heimdal