2 * Copyright (c) 1997-2008 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "krb5_locl.h"
35 #include "store-int.h"
37 #define BYTEORDER_IS(SP, V) (((SP)->flags & KRB5_STORAGE_BYTEORDER_MASK) == (V))
38 #define BYTEORDER_IS_LE(SP) BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_LE)
39 #define BYTEORDER_IS_BE(SP) BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_BE)
40 #define BYTEORDER_IS_HOST(SP) (BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_HOST) || \
41 krb5_storage_is_flags((SP), KRB5_STORAGE_HOST_BYTEORDER))
44 * Add the flags on a storage buffer by or-ing in the flags to the buffer.
46 * @param sp the storage buffer to set the flags on
47 * @param flags the flags to set
49 * @ingroup krb5_storage
52 void KRB5_LIB_FUNCTION
53 krb5_storage_set_flags(krb5_storage
*sp
, krb5_flags flags
)
59 * Clear the flags on a storage buffer
61 * @param sp the storage buffer to clear the flags on
62 * @param flags the flags to clear
64 * @ingroup krb5_storage
67 void KRB5_LIB_FUNCTION
68 krb5_storage_clear_flags(krb5_storage
*sp
, krb5_flags flags
)
74 * Return true or false depending on if the storage flags is set or
75 * not. NB testing for the flag 0 always return true.
77 * @param sp the storage buffer to check flags on
78 * @param flags The flags to test for
80 * @return true if all the flags are set, false if not.
82 * @ingroup krb5_storage
85 krb5_boolean KRB5_LIB_FUNCTION
86 krb5_storage_is_flags(krb5_storage
*sp
, krb5_flags flags
)
88 return (sp
->flags
& flags
) == flags
;
92 * Set the new byte order of the storage buffer.
94 * @param sp the storage buffer to set the byte order for.
95 * @param byteorder the new byte order.
97 * The byte order are: KRB5_STORAGE_BYTEORDER_BE,
98 * KRB5_STORAGE_BYTEORDER_LE and KRB5_STORAGE_BYTEORDER_HOST.
100 * @ingroup krb5_storage
103 void KRB5_LIB_FUNCTION
104 krb5_storage_set_byteorder(krb5_storage
*sp
, krb5_flags byteorder
)
106 sp
->flags
&= ~KRB5_STORAGE_BYTEORDER_MASK
;
107 sp
->flags
|= byteorder
;
111 * Return the current byteorder for the buffer. See krb5_storage_set_byteorder() for the list or byte order contants.
113 * @ingroup krb5_storage
116 krb5_flags KRB5_LIB_FUNCTION
117 krb5_storage_get_byteorder(krb5_storage
*sp
)
119 return sp
->flags
& KRB5_STORAGE_BYTEORDER_MASK
;
123 * Seek to a new offset.
125 * @param sp the storage buffer to seek in.
126 * @param offset the offset to seek
127 * @param whence relateive searching, SEEK_CUR from the current
128 * position, SEEK_END from the end, SEEK_SET absolute from the start.
130 * @return The new current offset
132 * @ingroup krb5_storage
135 off_t KRB5_LIB_FUNCTION
136 krb5_storage_seek(krb5_storage
*sp
, off_t offset
, int whence
)
138 return (*sp
->seek
)(sp
, offset
, whence
);
142 * Truncate the storage buffer in sp to offset.
144 * @param sp the storage buffer to truncate.
145 * @param offset the offset to truncate too.
147 * @return An Kerberos 5 error code.
149 * @ingroup krb5_storage
152 int KRB5_LIB_FUNCTION
153 krb5_storage_truncate(krb5_storage
*sp
, off_t offset
)
155 return (*sp
->trunc
)(sp
, offset
);
159 * Read to the storage buffer.
161 * @param sp the storage buffer to read from
162 * @param buf the buffer to store the data in
163 * @param len the length to read
165 * @return The length of data read (can be shorter then len), or negative on error.
167 * @ingroup krb5_storage
170 krb5_ssize_t KRB5_LIB_FUNCTION
171 krb5_storage_read(krb5_storage
*sp
, void *buf
, size_t len
)
173 return sp
->fetch(sp
, buf
, len
);
177 * Write to the storage buffer.
179 * @param sp the storage buffer to write to
180 * @param buf the buffer to write to the storage buffer
181 * @param len the length to write
183 * @return The length of data written (can be shorter then len), or negative on error.
185 * @ingroup krb5_storage
188 krb5_ssize_t KRB5_LIB_FUNCTION
189 krb5_storage_write(krb5_storage
*sp
, const void *buf
, size_t len
)
191 return sp
->store(sp
, buf
, len
);
195 * Set the return code that will be used when end of storage is reached.
197 * @param sp the storage
198 * @param code the error code to return on end of storage
200 * @ingroup krb5_storage
203 void KRB5_LIB_FUNCTION
204 krb5_storage_set_eof_code(krb5_storage
*sp
, int code
)
210 * Get the return code that will be used when end of storage is reached.
212 * @param sp the storage
214 * @return storage error code
216 * @ingroup krb5_storage
219 int KRB5_LIB_FUNCTION
220 krb5_storage_get_eof_code(krb5_storage
*sp
)
225 krb5_ssize_t KRB5_LIB_FUNCTION
226 _krb5_put_int(void *buffer
, unsigned long value
, size_t size
)
228 unsigned char *p
= buffer
;
230 for (i
= size
- 1; i
>= 0; i
--) {
237 krb5_ssize_t KRB5_LIB_FUNCTION
238 _krb5_get_int(void *buffer
, unsigned long *value
, size_t size
)
240 unsigned char *p
= buffer
;
243 for (i
= 0; i
< size
; i
++)
250 * Free a krb5 storage.
252 * @param sp the storage to free.
254 * @return An Kerberos 5 error code.
256 * @ingroup krb5_storage
259 krb5_error_code KRB5_LIB_FUNCTION
260 krb5_storage_free(krb5_storage
*sp
)
270 * Copy the contnent of storage
272 * @param sp the storage to copy to a data
273 * @param data the copied data, free with krb5_data_free()
275 * @return 0 for success, or a Kerberos 5 error code on failure.
277 * @ingroup krb5_storage
280 krb5_error_code KRB5_LIB_FUNCTION
281 krb5_storage_to_data(krb5_storage
*sp
, krb5_data
*data
)
286 pos
= sp
->seek(sp
, 0, SEEK_CUR
);
288 return HEIM_ERR_NOT_SEEKABLE
;
289 size
= (size_t)sp
->seek(sp
, 0, SEEK_END
);
290 if (size
> (size_t)-1)
291 return HEIM_ERR_TOO_BIG
;
292 ret
= krb5_data_alloc (data
, size
);
294 sp
->seek(sp
, pos
, SEEK_SET
);
298 sp
->seek(sp
, 0, SEEK_SET
);
299 sp
->fetch(sp
, data
->data
, data
->length
);
300 sp
->seek(sp
, pos
, SEEK_SET
);
305 static krb5_error_code
306 krb5_store_int(krb5_storage
*sp
,
315 _krb5_put_int(v
, value
, len
);
316 ret
= sp
->store(sp
, v
, len
);
318 return (ret
<0)?errno
:sp
->eof_code
;
323 * Store a int32 to storage, byte order is controlled by the settings
324 * on the storage, see krb5_storage_set_byteorder().
326 * @param sp the storage to write too
327 * @param value the value to store
329 * @return 0 for success, or a Kerberos 5 error code on failure.
331 * @ingroup krb5_storage
334 krb5_error_code KRB5_LIB_FUNCTION
335 krb5_store_int32(krb5_storage
*sp
,
338 if(BYTEORDER_IS_HOST(sp
))
339 value
= htonl(value
);
340 else if(BYTEORDER_IS_LE(sp
))
341 value
= bswap32(value
);
342 return krb5_store_int(sp
, value
, 4);
346 * Store a uint32 to storage, byte order is controlled by the settings
347 * on the storage, see krb5_storage_set_byteorder().
349 * @param sp the storage to write too
350 * @param value the value to store
352 * @return 0 for success, or a Kerberos 5 error code on failure.
354 * @ingroup krb5_storage
357 krb5_error_code KRB5_LIB_FUNCTION
358 krb5_store_uint32(krb5_storage
*sp
,
361 return krb5_store_int32(sp
, (int32_t)value
);
364 static krb5_error_code
365 krb5_ret_int(krb5_storage
*sp
,
372 ret
= sp
->fetch(sp
, v
, len
);
374 return (ret
<0)?errno
:sp
->eof_code
;
375 _krb5_get_int(v
, &w
, len
);
381 * Read a int32 from storage, byte order is controlled by the settings
382 * on the storage, see krb5_storage_set_byteorder().
384 * @param sp the storage to write too
385 * @param value the value read from the buffer
387 * @return 0 for success, or a Kerberos 5 error code on failure.
389 * @ingroup krb5_storage
392 krb5_error_code KRB5_LIB_FUNCTION
393 krb5_ret_int32(krb5_storage
*sp
,
396 krb5_error_code ret
= krb5_ret_int(sp
, value
, 4);
399 if(BYTEORDER_IS_HOST(sp
))
400 *value
= htonl(*value
);
401 else if(BYTEORDER_IS_LE(sp
))
402 *value
= bswap32(*value
);
407 * Read a uint32 from storage, byte order is controlled by the settings
408 * on the storage, see krb5_storage_set_byteorder().
410 * @param sp the storage to write too
411 * @param value the value read from the buffer
413 * @return 0 for success, or a Kerberos 5 error code on failure.
415 * @ingroup krb5_storage
418 krb5_error_code KRB5_LIB_FUNCTION
419 krb5_ret_uint32(krb5_storage
*sp
,
425 ret
= krb5_ret_int32(sp
, &v
);
427 *value
= (uint32_t)v
;
433 * Store a int16 to storage, byte order is controlled by the settings
434 * on the storage, see krb5_storage_set_byteorder().
436 * @param sp the storage to write too
437 * @param value the value to store
439 * @return 0 for success, or a Kerberos 5 error code on failure.
441 * @ingroup krb5_storage
444 krb5_error_code KRB5_LIB_FUNCTION
445 krb5_store_int16(krb5_storage
*sp
,
448 if(BYTEORDER_IS_HOST(sp
))
449 value
= htons(value
);
450 else if(BYTEORDER_IS_LE(sp
))
451 value
= bswap16(value
);
452 return krb5_store_int(sp
, value
, 2);
456 * Store a uint16 to storage, byte order is controlled by the settings
457 * on the storage, see krb5_storage_set_byteorder().
459 * @param sp the storage to write too
460 * @param value the value to store
462 * @return 0 for success, or a Kerberos 5 error code on failure.
464 * @ingroup krb5_storage
467 krb5_error_code KRB5_LIB_FUNCTION
468 krb5_store_uint16(krb5_storage
*sp
,
471 return krb5_store_int16(sp
, (int16_t)value
);
475 * Read a int16 from storage, byte order is controlled by the settings
476 * on the storage, see krb5_storage_set_byteorder().
478 * @param sp the storage to write too
479 * @param value the value read from the buffer
481 * @return 0 for success, or a Kerberos 5 error code on failure.
483 * @ingroup krb5_storage
485 krb5_error_code KRB5_LIB_FUNCTION
486 krb5_ret_int16(krb5_storage
*sp
,
491 ret
= krb5_ret_int(sp
, &v
, 2);
495 if(BYTEORDER_IS_HOST(sp
))
496 *value
= htons(*value
);
497 else if(BYTEORDER_IS_LE(sp
))
498 *value
= bswap16(*value
);
503 * Read a int16 from storage, byte order is controlled by the settings
504 * on the storage, see krb5_storage_set_byteorder().
506 * @param sp the storage to write too
507 * @param value the value read from the buffer
509 * @return 0 for success, or a Kerberos 5 error code on failure.
511 * @ingroup krb5_storage
514 krb5_error_code KRB5_LIB_FUNCTION
515 krb5_ret_uint16(krb5_storage
*sp
,
521 ret
= krb5_ret_int16(sp
, &v
);
523 *value
= (uint16_t)v
;
529 * Store a int8 to storage.
531 * @param sp the storage to write too
532 * @param value the value to store
534 * @return 0 for success, or a Kerberos 5 error code on failure.
536 * @ingroup krb5_storage
539 krb5_error_code KRB5_LIB_FUNCTION
540 krb5_store_int8(krb5_storage
*sp
,
545 ret
= sp
->store(sp
, &value
, sizeof(value
));
546 if (ret
!= sizeof(value
))
547 return (ret
<0)?errno
:sp
->eof_code
;
552 * Store a uint8 to storage.
554 * @param sp the storage to write too
555 * @param value the value to store
557 * @return 0 for success, or a Kerberos 5 error code on failure.
559 * @ingroup krb5_storage
562 krb5_error_code KRB5_LIB_FUNCTION
563 krb5_store_uint8(krb5_storage
*sp
,
566 return krb5_store_int8(sp
, (int8_t)value
);
570 * Read a int8 from storage
572 * @param sp the storage to write too
573 * @param value the value read from the buffer
575 * @return 0 for success, or a Kerberos 5 error code on failure.
577 * @ingroup krb5_storage
580 krb5_error_code KRB5_LIB_FUNCTION
581 krb5_ret_int8(krb5_storage
*sp
,
586 ret
= sp
->fetch(sp
, value
, sizeof(*value
));
587 if (ret
!= sizeof(*value
))
588 return (ret
<0)?errno
:sp
->eof_code
;
593 * Read a uint8 from storage
595 * @param sp the storage to write too
596 * @param value the value read from the buffer
598 * @return 0 for success, or a Kerberos 5 error code on failure.
600 * @ingroup krb5_storage
603 krb5_error_code KRB5_LIB_FUNCTION
604 krb5_ret_uint8(krb5_storage
*sp
,
610 ret
= krb5_ret_int8(sp
, &v
);
618 * Store a data to the storage. The data is stored with an int32 as
619 * lenght plus the data (not padded).
621 * @param sp the storage buffer to write to
622 * @param data the buffer to store.
624 * @return 0 on success, a Kerberos 5 error code on failure.
626 * @ingroup krb5_storage
629 krb5_error_code KRB5_LIB_FUNCTION
630 krb5_store_data(krb5_storage
*sp
,
634 ret
= krb5_store_int32(sp
, data
.length
);
637 ret
= sp
->store(sp
, data
.data
, data
.length
);
638 if(ret
!= data
.length
){
647 * Parse a data from the storage.
649 * @param sp the storage buffer to read from
650 * @param data the parsed data
652 * @return 0 on success, a Kerberos 5 error code on failure.
654 * @ingroup krb5_storage
657 krb5_error_code KRB5_LIB_FUNCTION
658 krb5_ret_data(krb5_storage
*sp
,
664 ret
= krb5_ret_int32(sp
, &size
);
667 ret
= krb5_data_alloc (data
, size
);
671 ret
= sp
->fetch(sp
, data
->data
, size
);
673 return (ret
< 0)? errno
: sp
->eof_code
;
679 * Store a string to the buffer. The data is formated as an len:uint32
680 * plus the string itself (not padded).
682 * @param sp the storage buffer to write to
683 * @param s the string to store.
685 * @return 0 on success, a Kerberos 5 error code on failure.
687 * @ingroup krb5_storage
690 krb5_error_code KRB5_LIB_FUNCTION
691 krb5_store_string(krb5_storage
*sp
, const char *s
)
694 data
.length
= strlen(s
);
695 data
.data
= rk_UNCONST(s
);
696 return krb5_store_data(sp
, data
);
700 * Parse a string from the storage.
702 * @param sp the storage buffer to read from
703 * @param string the parsed string
705 * @return 0 on success, a Kerberos 5 error code on failure.
707 * @ingroup krb5_storage
711 krb5_error_code KRB5_LIB_FUNCTION
712 krb5_ret_string(krb5_storage
*sp
,
717 ret
= krb5_ret_data(sp
, &data
);
720 *string
= realloc(data
.data
, data
.length
+ 1);
725 (*string
)[data
.length
] = 0;
730 * Store a zero terminated string to the buffer. The data is stored
731 * one character at a time until a NUL is stored.
733 * @param sp the storage buffer to write to
734 * @param s the string to store.
736 * @return 0 on success, a Kerberos 5 error code on failure.
738 * @ingroup krb5_storage
741 krb5_error_code KRB5_LIB_FUNCTION
742 krb5_store_stringz(krb5_storage
*sp
, const char *s
)
744 size_t len
= strlen(s
) + 1;
747 ret
= sp
->store(sp
, s
, len
);
758 * Parse zero terminated string from the storage.
760 * @param sp the storage buffer to read from
761 * @param string the parsed string
763 * @return 0 on success, a Kerberos 5 error code on failure.
765 * @ingroup krb5_storage
768 krb5_error_code KRB5_LIB_FUNCTION
769 krb5_ret_stringz(krb5_storage
*sp
,
777 while((ret
= sp
->fetch(sp
, &c
, 1)) == 1){
781 tmp
= realloc (s
, len
);
801 krb5_error_code KRB5_LIB_FUNCTION
802 krb5_store_stringnl(krb5_storage
*sp
, const char *s
)
804 size_t len
= strlen(s
);
807 ret
= sp
->store(sp
, s
, len
);
814 ret
= sp
->store(sp
, "\n", 1);
826 krb5_error_code KRB5_LIB_FUNCTION
827 krb5_ret_stringnl(krb5_storage
*sp
,
836 while((ret
= sp
->fetch(sp
, &c
, 1)) == 1){
843 if (expect_nl
&& c
!= '\n') {
845 return KRB5_BADMSGTYPE
;
849 tmp
= realloc (s
, len
);
872 * Write a principal block to storage.
874 * @param sp the storage buffer to write to
875 * @param p the principal block to write.
877 * @return 0 on success, a Kerberos 5 error code on failure.
879 * @ingroup krb5_storage
882 krb5_error_code KRB5_LIB_FUNCTION
883 krb5_store_principal(krb5_storage
*sp
,
884 krb5_const_principal p
)
889 if(!krb5_storage_is_flags(sp
, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE
)) {
890 ret
= krb5_store_int32(sp
, p
->name
.name_type
);
893 if(krb5_storage_is_flags(sp
, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS
))
894 ret
= krb5_store_int32(sp
, p
->name
.name_string
.len
+ 1);
896 ret
= krb5_store_int32(sp
, p
->name
.name_string
.len
);
899 ret
= krb5_store_string(sp
, p
->realm
);
901 for(i
= 0; i
< p
->name
.name_string
.len
; i
++){
902 ret
= krb5_store_string(sp
, p
->name
.name_string
.val
[i
]);
909 * Parse principal from the storage.
911 * @param sp the storage buffer to read from
912 * @param princ the parsed principal
914 * @return 0 on success, a Kerberos 5 error code on failure.
916 * @ingroup krb5_storage
919 krb5_error_code KRB5_LIB_FUNCTION
920 krb5_ret_principal(krb5_storage
*sp
,
921 krb5_principal
*princ
)
929 p
= calloc(1, sizeof(*p
));
933 if(krb5_storage_is_flags(sp
, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE
))
934 type
= KRB5_NT_UNKNOWN
;
935 else if((ret
= krb5_ret_int32(sp
, &type
))){
939 if((ret
= krb5_ret_int32(sp
, &ncomp
))){
943 if(krb5_storage_is_flags(sp
, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS
))
949 p
->name
.name_type
= type
;
950 p
->name
.name_string
.len
= ncomp
;
951 ret
= krb5_ret_string(sp
, &p
->realm
);
956 p
->name
.name_string
.val
= calloc(ncomp
, sizeof(*p
->name
.name_string
.val
));
957 if(p
->name
.name_string
.val
== NULL
&& ncomp
!= 0){
962 for(i
= 0; i
< ncomp
; i
++){
963 ret
= krb5_ret_string(sp
, &p
->name
.name_string
.val
[i
]);
966 free(p
->name
.name_string
.val
[i
--]);
977 * Store a keyblock to the storage.
979 * @param sp the storage buffer to write to
980 * @param p the keyblock to write
982 * @return 0 on success, a Kerberos 5 error code on failure.
984 * @ingroup krb5_storage
987 krb5_error_code KRB5_LIB_FUNCTION
988 krb5_store_keyblock(krb5_storage
*sp
, krb5_keyblock p
)
991 ret
= krb5_store_int16(sp
, p
.keytype
);
994 if(krb5_storage_is_flags(sp
, KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE
)){
995 /* this should really be enctype, but it is the same as
997 ret
= krb5_store_int16(sp
, p
.keytype
);
1001 ret
= krb5_store_data(sp
, p
.keyvalue
);
1006 * Read a keyblock from the storage.
1008 * @param sp the storage buffer to write to
1009 * @param p the keyblock read from storage, free using krb5_free_keyblock()
1011 * @return 0 on success, a Kerberos 5 error code on failure.
1013 * @ingroup krb5_storage
1016 krb5_error_code KRB5_LIB_FUNCTION
1017 krb5_ret_keyblock(krb5_storage
*sp
, krb5_keyblock
*p
)
1022 ret
= krb5_ret_int16(sp
, &tmp
);
1026 if(krb5_storage_is_flags(sp
, KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE
)){
1027 ret
= krb5_ret_int16(sp
, &tmp
);
1031 ret
= krb5_ret_data(sp
, &p
->keyvalue
);
1036 * Write a times block to storage.
1038 * @param sp the storage buffer to write to
1039 * @param times the times block to write.
1041 * @return 0 on success, a Kerberos 5 error code on failure.
1043 * @ingroup krb5_storage
1046 krb5_error_code KRB5_LIB_FUNCTION
1047 krb5_store_times(krb5_storage
*sp
, krb5_times times
)
1050 ret
= krb5_store_int32(sp
, times
.authtime
);
1052 ret
= krb5_store_int32(sp
, times
.starttime
);
1054 ret
= krb5_store_int32(sp
, times
.endtime
);
1056 ret
= krb5_store_int32(sp
, times
.renew_till
);
1061 * Read a times block from the storage.
1063 * @param sp the storage buffer to write to
1064 * @param times the times block read from storage
1066 * @return 0 on success, a Kerberos 5 error code on failure.
1068 * @ingroup krb5_storage
1071 krb5_error_code KRB5_LIB_FUNCTION
1072 krb5_ret_times(krb5_storage
*sp
, krb5_times
*times
)
1076 ret
= krb5_ret_int32(sp
, &tmp
);
1077 times
->authtime
= tmp
;
1079 ret
= krb5_ret_int32(sp
, &tmp
);
1080 times
->starttime
= tmp
;
1082 ret
= krb5_ret_int32(sp
, &tmp
);
1083 times
->endtime
= tmp
;
1085 ret
= krb5_ret_int32(sp
, &tmp
);
1086 times
->renew_till
= tmp
;
1091 * Write a address block to storage.
1093 * @param sp the storage buffer to write to
1094 * @param p the address block to write.
1096 * @return 0 on success, a Kerberos 5 error code on failure.
1098 * @ingroup krb5_storage
1101 krb5_error_code KRB5_LIB_FUNCTION
1102 krb5_store_address(krb5_storage
*sp
, krb5_address p
)
1105 ret
= krb5_store_int16(sp
, p
.addr_type
);
1107 ret
= krb5_store_data(sp
, p
.address
);
1112 * Read a address block from the storage.
1114 * @param sp the storage buffer to write to
1115 * @param adr the address block read from storage
1117 * @return 0 on success, a Kerberos 5 error code on failure.
1119 * @ingroup krb5_storage
1122 krb5_error_code KRB5_LIB_FUNCTION
1123 krb5_ret_address(krb5_storage
*sp
, krb5_address
*adr
)
1127 ret
= krb5_ret_int16(sp
, &t
);
1130 ret
= krb5_ret_data(sp
, &adr
->address
);
1135 * Write a addresses block to storage.
1137 * @param sp the storage buffer to write to
1138 * @param p the addresses block to write.
1140 * @return 0 on success, a Kerberos 5 error code on failure.
1142 * @ingroup krb5_storage
1145 krb5_error_code KRB5_LIB_FUNCTION
1146 krb5_store_addrs(krb5_storage
*sp
, krb5_addresses p
)
1150 ret
= krb5_store_int32(sp
, p
.len
);
1152 for(i
= 0; i
<p
.len
; i
++){
1153 ret
= krb5_store_address(sp
, p
.val
[i
]);
1160 * Read a addresses block from the storage.
1162 * @param sp the storage buffer to write to
1163 * @param adr the addresses block read from storage
1165 * @return 0 on success, a Kerberos 5 error code on failure.
1167 * @ingroup krb5_storage
1170 krb5_error_code KRB5_LIB_FUNCTION
1171 krb5_ret_addrs(krb5_storage
*sp
, krb5_addresses
*adr
)
1177 ret
= krb5_ret_int32(sp
, &tmp
);
1180 ALLOC(adr
->val
, adr
->len
);
1181 if (adr
->val
== NULL
&& adr
->len
!= 0)
1183 for(i
= 0; i
< adr
->len
; i
++){
1184 ret
= krb5_ret_address(sp
, &adr
->val
[i
]);
1191 * Write a auth data block to storage.
1193 * @param sp the storage buffer to write to
1194 * @param auth the auth data block to write.
1196 * @return 0 on success, a Kerberos 5 error code on failure.
1198 * @ingroup krb5_storage
1201 krb5_error_code KRB5_LIB_FUNCTION
1202 krb5_store_authdata(krb5_storage
*sp
, krb5_authdata auth
)
1204 krb5_error_code ret
;
1206 ret
= krb5_store_int32(sp
, auth
.len
);
1208 for(i
= 0; i
< auth
.len
; i
++){
1209 ret
= krb5_store_int16(sp
, auth
.val
[i
].ad_type
);
1211 ret
= krb5_store_data(sp
, auth
.val
[i
].ad_data
);
1218 * Read a auth data from the storage.
1220 * @param sp the storage buffer to write to
1221 * @param auth the auth data block read from storage
1223 * @return 0 on success, a Kerberos 5 error code on failure.
1225 * @ingroup krb5_storage
1228 krb5_error_code KRB5_LIB_FUNCTION
1229 krb5_ret_authdata(krb5_storage
*sp
, krb5_authdata
*auth
)
1231 krb5_error_code ret
;
1235 ret
= krb5_ret_int32(sp
, &tmp
);
1237 ALLOC_SEQ(auth
, tmp
);
1238 if (auth
->val
== NULL
&& tmp
!= 0)
1240 for(i
= 0; i
< tmp
; i
++){
1241 ret
= krb5_ret_int16(sp
, &tmp2
);
1243 auth
->val
[i
].ad_type
= tmp2
;
1244 ret
= krb5_ret_data(sp
, &auth
->val
[i
].ad_data
);
1251 bitswap32(int32_t b
)
1255 for (i
= 0; i
< 32; i
++) {
1256 r
= r
<< 1 | (b
& 1);
1263 * Write a credentials block to storage.
1265 * @param sp the storage buffer to write to
1266 * @param creds the creds block to write.
1268 * @return 0 on success, a Kerberos 5 error code on failure.
1270 * @ingroup krb5_storage
1273 krb5_error_code KRB5_LIB_FUNCTION
1274 krb5_store_creds(krb5_storage
*sp
, krb5_creds
*creds
)
1278 ret
= krb5_store_principal(sp
, creds
->client
);
1281 ret
= krb5_store_principal(sp
, creds
->server
);
1284 ret
= krb5_store_keyblock(sp
, creds
->session
);
1287 ret
= krb5_store_times(sp
, creds
->times
);
1290 ret
= krb5_store_int8(sp
, creds
->second_ticket
.length
!= 0); /* is_skey */
1294 if(krb5_storage_is_flags(sp
, KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER
))
1295 ret
= krb5_store_int32(sp
, creds
->flags
.i
);
1297 ret
= krb5_store_int32(sp
, bitswap32(TicketFlags2int(creds
->flags
.b
)));
1301 ret
= krb5_store_addrs(sp
, creds
->addresses
);
1304 ret
= krb5_store_authdata(sp
, creds
->authdata
);
1307 ret
= krb5_store_data(sp
, creds
->ticket
);
1310 ret
= krb5_store_data(sp
, creds
->second_ticket
);
1315 * Read a credentials block from the storage.
1317 * @param sp the storage buffer to write to
1318 * @param creds the credentials block read from storage
1320 * @return 0 on success, a Kerberos 5 error code on failure.
1322 * @ingroup krb5_storage
1325 krb5_error_code KRB5_LIB_FUNCTION
1326 krb5_ret_creds(krb5_storage
*sp
, krb5_creds
*creds
)
1328 krb5_error_code ret
;
1332 memset(creds
, 0, sizeof(*creds
));
1333 ret
= krb5_ret_principal (sp
, &creds
->client
);
1334 if(ret
) goto cleanup
;
1335 ret
= krb5_ret_principal (sp
, &creds
->server
);
1336 if(ret
) goto cleanup
;
1337 ret
= krb5_ret_keyblock (sp
, &creds
->session
);
1338 if(ret
) goto cleanup
;
1339 ret
= krb5_ret_times (sp
, &creds
->times
);
1340 if(ret
) goto cleanup
;
1341 ret
= krb5_ret_int8 (sp
, &dummy8
);
1342 if(ret
) goto cleanup
;
1343 ret
= krb5_ret_int32 (sp
, &dummy32
);
1344 if(ret
) goto cleanup
;
1346 * Runtime detect the what is the higher bits of the bitfield. If
1347 * any of the higher bits are set in the input data, it's either a
1348 * new ticket flag (and this code need to be removed), or it's a
1349 * MIT cache (or new Heimdal cache), lets change it to our current
1353 uint32_t mask
= 0xffff0000;
1355 creds
->flags
.b
.anonymous
= 1;
1356 if (creds
->flags
.i
& mask
)
1359 dummy32
= bitswap32(dummy32
);
1361 creds
->flags
.i
= dummy32
;
1362 ret
= krb5_ret_addrs (sp
, &creds
->addresses
);
1363 if(ret
) goto cleanup
;
1364 ret
= krb5_ret_authdata (sp
, &creds
->authdata
);
1365 if(ret
) goto cleanup
;
1366 ret
= krb5_ret_data (sp
, &creds
->ticket
);
1367 if(ret
) goto cleanup
;
1368 ret
= krb5_ret_data (sp
, &creds
->second_ticket
);
1372 krb5_free_cred_contents(context
, creds
); /* XXX */
1378 #define SC_CLIENT_PRINCIPAL 0x0001
1379 #define SC_SERVER_PRINCIPAL 0x0002
1380 #define SC_SESSION_KEY 0x0004
1381 #define SC_TICKET 0x0008
1382 #define SC_SECOND_TICKET 0x0010
1383 #define SC_AUTHDATA 0x0020
1384 #define SC_ADDRESSES 0x0040
1387 * Write a tagged credentials block to storage.
1389 * @param sp the storage buffer to write to
1390 * @param creds the creds block to write.
1392 * @return 0 on success, a Kerberos 5 error code on failure.
1394 * @ingroup krb5_storage
1397 krb5_error_code KRB5_LIB_FUNCTION
1398 krb5_store_creds_tag(krb5_storage
*sp
, krb5_creds
*creds
)
1404 header
|= SC_CLIENT_PRINCIPAL
;
1406 header
|= SC_SERVER_PRINCIPAL
;
1407 if (creds
->session
.keytype
!= ETYPE_NULL
)
1408 header
|= SC_SESSION_KEY
;
1409 if (creds
->ticket
.data
)
1410 header
|= SC_TICKET
;
1411 if (creds
->second_ticket
.length
)
1412 header
|= SC_SECOND_TICKET
;
1413 if (creds
->authdata
.len
)
1414 header
|= SC_AUTHDATA
;
1415 if (creds
->addresses
.len
)
1416 header
|= SC_ADDRESSES
;
1418 ret
= krb5_store_int32(sp
, header
);
1422 if (creds
->client
) {
1423 ret
= krb5_store_principal(sp
, creds
->client
);
1428 if (creds
->server
) {
1429 ret
= krb5_store_principal(sp
, creds
->server
);
1434 if (creds
->session
.keytype
!= ETYPE_NULL
) {
1435 ret
= krb5_store_keyblock(sp
, creds
->session
);
1440 ret
= krb5_store_times(sp
, creds
->times
);
1443 ret
= krb5_store_int8(sp
, creds
->second_ticket
.length
!= 0); /* is_skey */
1447 ret
= krb5_store_int32(sp
, bitswap32(TicketFlags2int(creds
->flags
.b
)));
1451 if (creds
->addresses
.len
) {
1452 ret
= krb5_store_addrs(sp
, creds
->addresses
);
1457 if (creds
->authdata
.len
) {
1458 ret
= krb5_store_authdata(sp
, creds
->authdata
);
1463 if (creds
->ticket
.data
) {
1464 ret
= krb5_store_data(sp
, creds
->ticket
);
1469 if (creds
->second_ticket
.data
) {
1470 ret
= krb5_store_data(sp
, creds
->second_ticket
);
1479 * Read a tagged credentials block from the storage.
1481 * @param sp the storage buffer to write to
1482 * @param creds the credentials block read from storage
1484 * @return 0 on success, a Kerberos 5 error code on failure.
1486 * @ingroup krb5_storage
1489 krb5_error_code KRB5_LIB_FUNCTION
1490 krb5_ret_creds_tag(krb5_storage
*sp
,
1493 krb5_error_code ret
;
1495 int32_t dummy32
, header
;
1497 memset(creds
, 0, sizeof(*creds
));
1499 ret
= krb5_ret_int32 (sp
, &header
);
1500 if (ret
) goto cleanup
;
1502 if (header
& SC_CLIENT_PRINCIPAL
) {
1503 ret
= krb5_ret_principal (sp
, &creds
->client
);
1504 if(ret
) goto cleanup
;
1506 if (header
& SC_SERVER_PRINCIPAL
) {
1507 ret
= krb5_ret_principal (sp
, &creds
->server
);
1508 if(ret
) goto cleanup
;
1510 if (header
& SC_SESSION_KEY
) {
1511 ret
= krb5_ret_keyblock (sp
, &creds
->session
);
1512 if(ret
) goto cleanup
;
1514 ret
= krb5_ret_times (sp
, &creds
->times
);
1515 if(ret
) goto cleanup
;
1516 ret
= krb5_ret_int8 (sp
, &dummy8
);
1517 if(ret
) goto cleanup
;
1518 ret
= krb5_ret_int32 (sp
, &dummy32
);
1519 if(ret
) goto cleanup
;
1521 * Runtime detect the what is the higher bits of the bitfield. If
1522 * any of the higher bits are set in the input data, it's either a
1523 * new ticket flag (and this code need to be removed), or it's a
1524 * MIT cache (or new Heimdal cache), lets change it to our current
1528 uint32_t mask
= 0xffff0000;
1530 creds
->flags
.b
.anonymous
= 1;
1531 if (creds
->flags
.i
& mask
)
1534 dummy32
= bitswap32(dummy32
);
1536 creds
->flags
.i
= dummy32
;
1537 if (header
& SC_ADDRESSES
) {
1538 ret
= krb5_ret_addrs (sp
, &creds
->addresses
);
1539 if(ret
) goto cleanup
;
1541 if (header
& SC_AUTHDATA
) {
1542 ret
= krb5_ret_authdata (sp
, &creds
->authdata
);
1543 if(ret
) goto cleanup
;
1545 if (header
& SC_TICKET
) {
1546 ret
= krb5_ret_data (sp
, &creds
->ticket
);
1547 if(ret
) goto cleanup
;
1549 if (header
& SC_SECOND_TICKET
) {
1550 ret
= krb5_ret_data (sp
, &creds
->second_ticket
);
1551 if(ret
) goto cleanup
;
1557 krb5_free_cred_contents(context
, creds
); /* XXX */