2 * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "kadm5_locl.h"
39 kadm5_store_key_data(krb5_storage
*sp
,
43 krb5_store_int32(sp
, key
->key_data_ver
);
44 krb5_store_int32(sp
, key
->key_data_kvno
);
45 krb5_store_int32(sp
, key
->key_data_type
[0]);
46 c
.length
= key
->key_data_length
[0];
47 c
.data
= key
->key_data_contents
[0];
48 krb5_store_data(sp
, c
);
49 krb5_store_int32(sp
, key
->key_data_type
[1]);
50 c
.length
= key
->key_data_length
[1];
51 c
.data
= key
->key_data_contents
[1];
52 krb5_store_data(sp
, c
);
57 kadm5_store_fake_key_data(krb5_storage
*sp
,
62 krb5_store_int32(sp
, key
->key_data_ver
);
63 krb5_store_int32(sp
, key
->key_data_kvno
);
64 krb5_store_int32(sp
, key
->key_data_type
[0]);
67 * This is the key contents. We want it to be obvious to the client
68 * (if it really did want the keys) that the key won't work.
69 * 32-bit keys are no good for any enctype, so that should do.
70 * Clients that didn't need keys will ignore this, and clients that
71 * did want keys will either fail or they'll, say, create bogus
72 * keytab entries that will subsequently fail to be useful.
74 c
.length
= sizeof (KADM5_BOGUS_KEY_DATA
) - 1;
75 c
.data
= KADM5_BOGUS_KEY_DATA
;
76 krb5_store_data(sp
, c
);
78 /* This is the salt -- no need to send garbage */
79 krb5_store_int32(sp
, key
->key_data_type
[1]);
80 c
.length
= key
->key_data_length
[1];
81 c
.data
= key
->key_data_contents
[1];
82 krb5_store_data(sp
, c
);
87 kadm5_ret_key_data(krb5_storage
*sp
,
92 krb5_ret_int32(sp
, &tmp
);
93 key
->key_data_ver
= tmp
;
94 krb5_ret_int32(sp
, &tmp
);
95 key
->key_data_kvno
= tmp
;
96 krb5_ret_int32(sp
, &tmp
);
97 key
->key_data_type
[0] = tmp
;
98 krb5_ret_data(sp
, &c
);
99 key
->key_data_length
[0] = c
.length
;
100 key
->key_data_contents
[0] = c
.data
;
101 krb5_ret_int32(sp
, &tmp
);
102 key
->key_data_type
[1] = tmp
;
103 krb5_ret_data(sp
, &c
);
104 key
->key_data_length
[1] = c
.length
;
105 key
->key_data_contents
[1] = c
.data
;
110 kadm5_store_tl_data(krb5_storage
*sp
,
114 krb5_store_int32(sp
, tl
->tl_data_type
);
115 c
.length
= tl
->tl_data_length
;
116 c
.data
= tl
->tl_data_contents
;
117 krb5_store_data(sp
, c
);
122 kadm5_ret_tl_data(krb5_storage
*sp
,
127 krb5_ret_int32(sp
, &tmp
);
128 tl
->tl_data_type
= tmp
;
129 krb5_ret_data(sp
, &c
);
130 tl
->tl_data_length
= c
.length
;
131 tl
->tl_data_contents
= c
.data
;
136 store_principal_ent(krb5_storage
*sp
,
137 kadm5_principal_ent_t princ
,
138 uint32_t mask
, int wkeys
)
142 if (mask
& KADM5_PRINCIPAL
)
143 krb5_store_principal(sp
, princ
->principal
);
144 if (mask
& KADM5_PRINC_EXPIRE_TIME
)
145 krb5_store_int32(sp
, princ
->princ_expire_time
);
146 if (mask
& KADM5_PW_EXPIRATION
)
147 krb5_store_int32(sp
, princ
->pw_expiration
);
148 if (mask
& KADM5_LAST_PWD_CHANGE
)
149 krb5_store_int32(sp
, princ
->last_pwd_change
);
150 if (mask
& KADM5_MAX_LIFE
)
151 krb5_store_int32(sp
, princ
->max_life
);
152 if (mask
& KADM5_MOD_NAME
) {
153 krb5_store_int32(sp
, princ
->mod_name
!= NULL
);
155 krb5_store_principal(sp
, princ
->mod_name
);
157 if (mask
& KADM5_MOD_TIME
)
158 krb5_store_int32(sp
, princ
->mod_date
);
159 if (mask
& KADM5_ATTRIBUTES
)
160 krb5_store_int32(sp
, princ
->attributes
);
161 if (mask
& KADM5_KVNO
)
162 krb5_store_int32(sp
, princ
->kvno
);
163 if (mask
& KADM5_MKVNO
)
164 krb5_store_int32(sp
, princ
->mkvno
);
165 if (mask
& KADM5_POLICY
) {
166 krb5_store_int32(sp
, princ
->policy
!= NULL
);
168 krb5_store_string(sp
, princ
->policy
);
170 if (mask
& KADM5_AUX_ATTRIBUTES
)
171 krb5_store_int32(sp
, princ
->aux_attributes
);
172 if (mask
& KADM5_MAX_RLIFE
)
173 krb5_store_int32(sp
, princ
->max_renewable_life
);
174 if (mask
& KADM5_LAST_SUCCESS
)
175 krb5_store_int32(sp
, princ
->last_success
);
176 if (mask
& KADM5_LAST_FAILED
)
177 krb5_store_int32(sp
, princ
->last_failed
);
178 if (mask
& KADM5_FAIL_AUTH_COUNT
)
179 krb5_store_int32(sp
, princ
->fail_auth_count
);
180 if (mask
& KADM5_KEY_DATA
) {
181 krb5_store_int32(sp
, princ
->n_key_data
);
182 for(i
= 0; i
< princ
->n_key_data
; i
++) {
184 kadm5_store_key_data(sp
, &princ
->key_data
[i
]);
186 kadm5_store_fake_key_data(sp
, &princ
->key_data
[i
]);
189 if (mask
& KADM5_TL_DATA
) {
192 krb5_store_int32(sp
, princ
->n_tl_data
);
193 for(tp
= princ
->tl_data
; tp
; tp
= tp
->tl_data_next
)
194 kadm5_store_tl_data(sp
, tp
);
201 kadm5_store_principal_ent(krb5_storage
*sp
,
202 kadm5_principal_ent_t princ
)
204 return store_principal_ent (sp
, princ
, ~0, 1);
208 kadm5_store_principal_ent_nokeys(krb5_storage
*sp
,
209 kadm5_principal_ent_t princ
)
211 return store_principal_ent (sp
, princ
, ~0, 0);
215 kadm5_store_principal_ent_mask(krb5_storage
*sp
,
216 kadm5_principal_ent_t princ
,
219 krb5_store_int32(sp
, mask
);
220 return store_principal_ent (sp
, princ
, mask
, 1);
224 ret_principal_ent(krb5_storage
*sp
,
225 kadm5_principal_ent_t princ
,
231 if (mask
& KADM5_PRINCIPAL
)
232 krb5_ret_principal(sp
, &princ
->principal
);
234 if (mask
& KADM5_PRINC_EXPIRE_TIME
) {
235 krb5_ret_int32(sp
, &tmp
);
236 princ
->princ_expire_time
= tmp
;
238 if (mask
& KADM5_PW_EXPIRATION
) {
239 krb5_ret_int32(sp
, &tmp
);
240 princ
->pw_expiration
= tmp
;
242 if (mask
& KADM5_LAST_PWD_CHANGE
) {
243 krb5_ret_int32(sp
, &tmp
);
244 princ
->last_pwd_change
= tmp
;
246 if (mask
& KADM5_MAX_LIFE
) {
247 krb5_ret_int32(sp
, &tmp
);
248 princ
->max_life
= tmp
;
250 if (mask
& KADM5_MOD_NAME
) {
251 krb5_ret_int32(sp
, &tmp
);
253 krb5_ret_principal(sp
, &princ
->mod_name
);
255 princ
->mod_name
= NULL
;
257 if (mask
& KADM5_MOD_TIME
) {
258 krb5_ret_int32(sp
, &tmp
);
259 princ
->mod_date
= tmp
;
261 if (mask
& KADM5_ATTRIBUTES
) {
262 krb5_ret_int32(sp
, &tmp
);
263 princ
->attributes
= tmp
;
265 if (mask
& KADM5_KVNO
) {
266 krb5_ret_int32(sp
, &tmp
);
269 if (mask
& KADM5_MKVNO
) {
270 krb5_ret_int32(sp
, &tmp
);
273 if (mask
& KADM5_POLICY
) {
274 krb5_ret_int32(sp
, &tmp
);
276 krb5_ret_string(sp
, &princ
->policy
);
278 princ
->policy
= NULL
;
280 if (mask
& KADM5_AUX_ATTRIBUTES
) {
281 krb5_ret_int32(sp
, &tmp
);
282 princ
->aux_attributes
= tmp
;
284 if (mask
& KADM5_MAX_RLIFE
) {
285 krb5_ret_int32(sp
, &tmp
);
286 princ
->max_renewable_life
= tmp
;
288 if (mask
& KADM5_LAST_SUCCESS
) {
289 krb5_ret_int32(sp
, &tmp
);
290 princ
->last_success
= tmp
;
292 if (mask
& KADM5_LAST_FAILED
) {
293 krb5_ret_int32(sp
, &tmp
);
294 princ
->last_failed
= tmp
;
296 if (mask
& KADM5_FAIL_AUTH_COUNT
) {
297 krb5_ret_int32(sp
, &tmp
);
298 princ
->fail_auth_count
= tmp
;
300 if (mask
& KADM5_KEY_DATA
) {
301 krb5_ret_int32(sp
, &tmp
);
302 princ
->n_key_data
= tmp
;
303 princ
->key_data
= malloc(princ
->n_key_data
* sizeof(*princ
->key_data
));
304 if (princ
->key_data
== NULL
&& princ
->n_key_data
!= 0)
306 for(i
= 0; i
< princ
->n_key_data
; i
++)
307 kadm5_ret_key_data(sp
, &princ
->key_data
[i
]);
309 if (mask
& KADM5_TL_DATA
) {
310 krb5_ret_int32(sp
, &tmp
);
311 princ
->n_tl_data
= tmp
;
312 princ
->tl_data
= NULL
;
313 for(i
= 0; i
< princ
->n_tl_data
; i
++){
314 krb5_tl_data
*tp
= malloc(sizeof(*tp
));
317 kadm5_ret_tl_data(sp
, tp
);
318 tp
->tl_data_next
= princ
->tl_data
;
326 kadm5_ret_principal_ent(krb5_storage
*sp
,
327 kadm5_principal_ent_t princ
)
329 return ret_principal_ent (sp
, princ
, ~0);
333 kadm5_ret_principal_ent_mask(krb5_storage
*sp
,
334 kadm5_principal_ent_t princ
,
339 krb5_ret_int32 (sp
, &tmp
);
341 return ret_principal_ent (sp
, princ
, *mask
);
345 _kadm5_marshal_params(krb5_context context
,
346 kadm5_config_params
*params
,
349 krb5_storage
*sp
= krb5_storage_emem();
351 krb5_store_int32(sp
, params
->mask
& (KADM5_CONFIG_REALM
));
353 if(params
->mask
& KADM5_CONFIG_REALM
)
354 krb5_store_string(sp
, params
->realm
);
355 krb5_storage_to_data(sp
, out
);
356 krb5_storage_free(sp
);
362 _kadm5_unmarshal_params(krb5_context context
,
364 kadm5_config_params
*params
)
370 sp
= krb5_storage_from_data(in
);
374 ret
= krb5_ret_int32(sp
, &mask
);
379 if(params
->mask
& KADM5_CONFIG_REALM
)
380 ret
= krb5_ret_string(sp
, ¶ms
->realm
);
382 krb5_storage_free(sp
);