2 * Copyright (c) 1997-2008 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "krb5_locl.h"
35 #include "store-int.h"
37 #define BYTEORDER_IS(SP, V) (((SP)->flags & KRB5_STORAGE_BYTEORDER_MASK) == (V))
38 #define BYTEORDER_IS_LE(SP) BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_LE)
39 #define BYTEORDER_IS_BE(SP) BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_BE)
40 #define BYTEORDER_IS_HOST(SP) (BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_HOST) || \
41 krb5_storage_is_flags((SP), KRB5_STORAGE_HOST_BYTEORDER))
44 * Add the flags on a storage buffer by or-ing in the flags to the buffer.
46 * @param sp the storage buffer to set the flags on
47 * @param flags the flags to set
49 * @ingroup krb5_storage
52 KRB5_LIB_FUNCTION void KRB5_LIB_CALL
53 krb5_storage_set_flags(krb5_storage *sp, krb5_flags flags)
59 * Clear the flags on a storage buffer
61 * @param sp the storage buffer to clear the flags on
62 * @param flags the flags to clear
64 * @ingroup krb5_storage
67 KRB5_LIB_FUNCTION void KRB5_LIB_CALL
68 krb5_storage_clear_flags(krb5_storage *sp, krb5_flags flags)
74 * Return true or false depending on if the storage flags is set or
75 * not. NB testing for the flag 0 always return true.
77 * @param sp the storage buffer to check flags on
78 * @param flags The flags to test for
80 * @return true if all the flags are set, false if not.
82 * @ingroup krb5_storage
85 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
86 krb5_storage_is_flags(krb5_storage *sp, krb5_flags flags)
88 return (sp->flags & flags) == flags;
92 * Set the new byte order of the storage buffer.
94 * @param sp the storage buffer to set the byte order for.
95 * @param byteorder the new byte order.
97 * The byte order are: KRB5_STORAGE_BYTEORDER_BE,
98 * KRB5_STORAGE_BYTEORDER_LE and KRB5_STORAGE_BYTEORDER_HOST.
100 * @ingroup krb5_storage
103 KRB5_LIB_FUNCTION void KRB5_LIB_CALL
104 krb5_storage_set_byteorder(krb5_storage *sp, krb5_flags byteorder)
106 sp->flags &= ~KRB5_STORAGE_BYTEORDER_MASK;
107 sp->flags |= byteorder;
111 * Return the current byteorder for the buffer. See krb5_storage_set_byteorder() for the list or byte order contants.
113 * @ingroup krb5_storage
116 KRB5_LIB_FUNCTION krb5_flags KRB5_LIB_CALL
117 krb5_storage_get_byteorder(krb5_storage *sp)
119 return sp->flags & KRB5_STORAGE_BYTEORDER_MASK;
123 * Set the max alloc value
125 * @param sp the storage buffer set the max allow for
126 * @param size maximum size to allocate, use 0 to remove limit
128 * @ingroup krb5_storage
131 KRB5_LIB_FUNCTION void KRB5_LIB_CALL
132 krb5_storage_set_max_alloc(krb5_storage *sp, size_t size)
134 sp->max_alloc = size;
137 /* don't allocate unresonable amount of memory */
138 static krb5_error_code
139 size_too_large(krb5_storage *sp, size_t size)
141 if (sp->max_alloc && sp->max_alloc < size)
142 return HEIM_ERR_TOO_BIG;
146 static krb5_error_code
147 size_too_large_num(krb5_storage *sp, size_t count, size_t size)
149 if (sp->max_alloc == 0 || size == 0)
151 size = sp->max_alloc / size;
153 return HEIM_ERR_TOO_BIG;
158 * Seek to a new offset.
160 * @param sp the storage buffer to seek in.
161 * @param offset the offset to seek
162 * @param whence relateive searching, SEEK_CUR from the current
163 * position, SEEK_END from the end, SEEK_SET absolute from the start.
165 * @return The new current offset
167 * @ingroup krb5_storage
170 KRB5_LIB_FUNCTION off_t KRB5_LIB_CALL
171 krb5_storage_seek(krb5_storage *sp, off_t offset, int whence)
173 return (*sp->seek)(sp, offset, whence);
177 * Truncate the storage buffer in sp to offset.
179 * @param sp the storage buffer to truncate.
180 * @param offset the offset to truncate too.
182 * @return An Kerberos 5 error code.
184 * @ingroup krb5_storage
187 KRB5_LIB_FUNCTION int KRB5_LIB_CALL
188 krb5_storage_truncate(krb5_storage *sp, off_t offset)
190 return (*sp->trunc)(sp, offset);
194 * Read to the storage buffer.
196 * @param sp the storage buffer to read from
197 * @param buf the buffer to store the data in
198 * @param len the length to read
200 * @return The length of data read (can be shorter then len), or negative on error.
202 * @ingroup krb5_storage
205 KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL
206 krb5_storage_read(krb5_storage *sp, void *buf, size_t len)
208 return sp->fetch(sp, buf, len);
212 * Write to the storage buffer.
214 * @param sp the storage buffer to write to
215 * @param buf the buffer to write to the storage buffer
216 * @param len the length to write
218 * @return The length of data written (can be shorter then len), or negative on error.
220 * @ingroup krb5_storage
223 KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL
224 krb5_storage_write(krb5_storage *sp, const void *buf, size_t len)
226 return sp->store(sp, buf, len);
230 * Set the return code that will be used when end of storage is reached.
232 * @param sp the storage
233 * @param code the error code to return on end of storage
235 * @ingroup krb5_storage
238 KRB5_LIB_FUNCTION void KRB5_LIB_CALL
239 krb5_storage_set_eof_code(krb5_storage *sp, int code)
245 * Get the return code that will be used when end of storage is reached.
247 * @param sp the storage
249 * @return storage error code
251 * @ingroup krb5_storage
254 KRB5_LIB_FUNCTION int KRB5_LIB_CALL
255 krb5_storage_get_eof_code(krb5_storage *sp)
261 * Free a krb5 storage.
263 * @param sp the storage to free.
265 * @return An Kerberos 5 error code.
267 * @ingroup krb5_storage
270 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
271 krb5_storage_free(krb5_storage *sp)
281 * Copy the contnent of storage
283 * @param sp the storage to copy to a data
284 * @param data the copied data, free with krb5_data_free()
286 * @return 0 for success, or a Kerberos 5 error code on failure.
288 * @ingroup krb5_storage
291 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
292 krb5_storage_to_data(krb5_storage *sp, krb5_data *data)
297 pos = sp->seek(sp, 0, SEEK_CUR);
299 return HEIM_ERR_NOT_SEEKABLE;
300 size = sp->seek(sp, 0, SEEK_END);
301 ret = size_too_large(sp, size);
304 ret = krb5_data_alloc(data, size);
306 sp->seek(sp, pos, SEEK_SET);
310 sp->seek(sp, 0, SEEK_SET);
311 sp->fetch(sp, data->data, data->length);
312 sp->seek(sp, pos, SEEK_SET);
317 static krb5_error_code
318 krb5_store_int(krb5_storage *sp,
327 _krb5_put_int(v, value, len);
328 ret = sp->store(sp, v, len);
331 if ((size_t)ret != len)
337 * Store a int32 to storage, byte order is controlled by the settings
338 * on the storage, see krb5_storage_set_byteorder().
340 * @param sp the storage to write too
341 * @param value the value to store
343 * @return 0 for success, or a Kerberos 5 error code on failure.
345 * @ingroup krb5_storage
348 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
349 krb5_store_int32(krb5_storage *sp,
352 if(BYTEORDER_IS_HOST(sp))
353 value = htonl(value);
354 else if(BYTEORDER_IS_LE(sp))
355 value = bswap32(value);
356 return krb5_store_int(sp, value, 4);
360 * Store a uint32 to storage, byte order is controlled by the settings
361 * on the storage, see krb5_storage_set_byteorder().
363 * @param sp the storage to write too
364 * @param value the value to store
366 * @return 0 for success, or a Kerberos 5 error code on failure.
368 * @ingroup krb5_storage
371 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
372 krb5_store_uint32(krb5_storage *sp,
375 return krb5_store_int32(sp, (int32_t)value);
378 static krb5_error_code
379 krb5_ret_int(krb5_storage *sp,
386 ret = sp->fetch(sp, v, len);
389 if ((size_t)ret != len)
391 _krb5_get_int(v, &w, len);
397 * Read a int32 from storage, byte order is controlled by the settings
398 * on the storage, see krb5_storage_set_byteorder().
400 * @param sp the storage to write too
401 * @param value the value read from the buffer
403 * @return 0 for success, or a Kerberos 5 error code on failure.
405 * @ingroup krb5_storage
408 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
409 krb5_ret_int32(krb5_storage *sp,
412 krb5_error_code ret = krb5_ret_int(sp, value, 4);
415 if(BYTEORDER_IS_HOST(sp))
416 *value = htonl(*value);
417 else if(BYTEORDER_IS_LE(sp))
418 *value = bswap32(*value);
423 * Read a uint32 from storage, byte order is controlled by the settings
424 * on the storage, see krb5_storage_set_byteorder().
426 * @param sp the storage to write too
427 * @param value the value read from the buffer
429 * @return 0 for success, or a Kerberos 5 error code on failure.
431 * @ingroup krb5_storage
434 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
435 krb5_ret_uint32(krb5_storage *sp,
441 ret = krb5_ret_int32(sp, &v);
443 *value = (uint32_t)v;
449 * Store a int16 to storage, byte order is controlled by the settings
450 * on the storage, see krb5_storage_set_byteorder().
452 * @param sp the storage to write too
453 * @param value the value to store
455 * @return 0 for success, or a Kerberos 5 error code on failure.
457 * @ingroup krb5_storage
460 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
461 krb5_store_int16(krb5_storage *sp,
464 if(BYTEORDER_IS_HOST(sp))
465 value = htons(value);
466 else if(BYTEORDER_IS_LE(sp))
467 value = bswap16(value);
468 return krb5_store_int(sp, value, 2);
472 * Store a uint16 to storage, byte order is controlled by the settings
473 * on the storage, see krb5_storage_set_byteorder().
475 * @param sp the storage to write too
476 * @param value the value to store
478 * @return 0 for success, or a Kerberos 5 error code on failure.
480 * @ingroup krb5_storage
483 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
484 krb5_store_uint16(krb5_storage *sp,
487 return krb5_store_int16(sp, (int16_t)value);
491 * Read a int16 from storage, byte order is controlled by the settings
492 * on the storage, see krb5_storage_set_byteorder().
494 * @param sp the storage to write too
495 * @param value the value read from the buffer
497 * @return 0 for success, or a Kerberos 5 error code on failure.
499 * @ingroup krb5_storage
502 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
503 krb5_ret_int16(krb5_storage *sp,
508 ret = krb5_ret_int(sp, &v, 2);
512 if(BYTEORDER_IS_HOST(sp))
513 *value = htons(*value);
514 else if(BYTEORDER_IS_LE(sp))
515 *value = bswap16(*value);
520 * Read a int16 from storage, byte order is controlled by the settings
521 * on the storage, see krb5_storage_set_byteorder().
523 * @param sp the storage to write too
524 * @param value the value read from the buffer
526 * @return 0 for success, or a Kerberos 5 error code on failure.
528 * @ingroup krb5_storage
531 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
532 krb5_ret_uint16(krb5_storage *sp,
538 ret = krb5_ret_int16(sp, &v);
540 *value = (uint16_t)v;
546 * Store a int8 to storage.
548 * @param sp the storage to write too
549 * @param value the value to store
551 * @return 0 for success, or a Kerberos 5 error code on failure.
553 * @ingroup krb5_storage
556 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
557 krb5_store_int8(krb5_storage *sp,
562 ret = sp->store(sp, &value, sizeof(value));
563 if (ret != sizeof(value))
564 return (ret<0)?errno:sp->eof_code;
569 * Store a uint8 to storage.
571 * @param sp the storage to write too
572 * @param value the value to store
574 * @return 0 for success, or a Kerberos 5 error code on failure.
576 * @ingroup krb5_storage
579 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
580 krb5_store_uint8(krb5_storage *sp,
583 return krb5_store_int8(sp, (int8_t)value);
587 * Read a int8 from storage
589 * @param sp the storage to write too
590 * @param value the value read from the buffer
592 * @return 0 for success, or a Kerberos 5 error code on failure.
594 * @ingroup krb5_storage
597 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
598 krb5_ret_int8(krb5_storage *sp,
603 ret = sp->fetch(sp, value, sizeof(*value));
604 if (ret != sizeof(*value))
605 return (ret<0)?errno:sp->eof_code;
610 * Read a uint8 from storage
612 * @param sp the storage to write too
613 * @param value the value read from the buffer
615 * @return 0 for success, or a Kerberos 5 error code on failure.
617 * @ingroup krb5_storage
620 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
621 krb5_ret_uint8(krb5_storage *sp,
627 ret = krb5_ret_int8(sp, &v);
635 * Store a data to the storage. The data is stored with an int32 as
636 * lenght plus the data (not padded).
638 * @param sp the storage buffer to write to
639 * @param data the buffer to store.
641 * @return 0 on success, a Kerberos 5 error code on failure.
643 * @ingroup krb5_storage
646 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
647 krb5_store_data(krb5_storage *sp,
651 ret = krb5_store_int32(sp, data.length);
654 ret = sp->store(sp, data.data, data.length);
657 if((size_t)ret != data.length)
663 * Parse a data from the storage.
665 * @param sp the storage buffer to read from
666 * @param data the parsed data
668 * @return 0 on success, a Kerberos 5 error code on failure.
670 * @ingroup krb5_storage
673 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
674 krb5_ret_data(krb5_storage *sp,
680 ret = krb5_ret_int32(sp, &size);
683 ret = size_too_large(sp, size);
686 ret = krb5_data_alloc (data, size);
690 ret = sp->fetch(sp, data->data, size);
692 return (ret < 0)? errno : sp->eof_code;
698 * Store a string to the buffer. The data is formated as an len:uint32
699 * plus the string itself (not padded).
701 * @param sp the storage buffer to write to
702 * @param s the string to store.
704 * @return 0 on success, a Kerberos 5 error code on failure.
706 * @ingroup krb5_storage
709 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
710 krb5_store_string(krb5_storage *sp, const char *s)
713 data.length = strlen(s);
714 data.data = rk_UNCONST(s);
715 return krb5_store_data(sp, data);
719 * Parse a string from the storage.
721 * @param sp the storage buffer to read from
722 * @param string the parsed string
724 * @return 0 on success, a Kerberos 5 error code on failure.
726 * @ingroup krb5_storage
730 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
731 krb5_ret_string(krb5_storage *sp,
736 ret = krb5_ret_data(sp, &data);
739 *string = realloc(data.data, data.length + 1);
744 (*string)[data.length] = 0;
749 * Store a zero terminated string to the buffer. The data is stored
750 * one character at a time until a NUL is stored.
752 * @param sp the storage buffer to write to
753 * @param s the string to store.
755 * @return 0 on success, a Kerberos 5 error code on failure.
757 * @ingroup krb5_storage
760 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
761 krb5_store_stringz(krb5_storage *sp, const char *s)
763 size_t len = strlen(s) + 1;
766 ret = sp->store(sp, s, len);
769 if((size_t)ret != len)
775 * Parse zero terminated string from the storage.
777 * @param sp the storage buffer to read from
778 * @param string the parsed string
780 * @return 0 on success, a Kerberos 5 error code on failure.
782 * @ingroup krb5_storage
785 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
786 krb5_ret_stringz(krb5_storage *sp,
794 while((ret = sp->fetch(sp, &c, 1)) == 1){
798 ret = size_too_large(sp, len);
801 tmp = realloc (s, len);
821 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
822 krb5_store_stringnl(krb5_storage *sp, const char *s)
824 size_t len = strlen(s);
827 ret = sp->store(sp, s, len);
830 if((size_t)ret != len)
832 ret = sp->store(sp, "\n", 1);
844 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
845 krb5_ret_stringnl(krb5_storage *sp,
854 while((ret = sp->fetch(sp, &c, 1)) == 1){
861 if (expect_nl && c != '\n') {
863 return KRB5_BADMSGTYPE;
867 ret = size_too_large(sp, len);
870 tmp = realloc (s, len);
893 * Write a principal block to storage.
895 * @param sp the storage buffer to write to
896 * @param p the principal block to write.
898 * @return 0 on success, a Kerberos 5 error code on failure.
900 * @ingroup krb5_storage
903 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
904 krb5_store_principal(krb5_storage *sp,
905 krb5_const_principal p)
910 if(!krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE)) {
911 ret = krb5_store_int32(sp, p->name.name_type);
914 if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS))
915 ret = krb5_store_int32(sp, p->name.name_string.len + 1);
917 ret = krb5_store_int32(sp, p->name.name_string.len);
920 ret = krb5_store_string(sp, p->realm);
922 for(i = 0; i < p->name.name_string.len; i++){
923 ret = krb5_store_string(sp, p->name.name_string.val[i]);
930 * Parse principal from the storage.
932 * @param sp the storage buffer to read from
933 * @param princ the parsed principal
935 * @return 0 on success, a Kerberos 5 error code on failure.
937 * @ingroup krb5_storage
940 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
941 krb5_ret_principal(krb5_storage *sp,
942 krb5_principal *princ)
950 p = calloc(1, sizeof(*p));
954 if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE))
955 type = KRB5_NT_UNKNOWN;
956 else if((ret = krb5_ret_int32(sp, &type))){
960 if((ret = krb5_ret_int32(sp, &ncomp))){
964 if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS))
970 ret = size_too_large_num(sp, ncomp, sizeof(p->name.name_string.val[0]));
975 p->name.name_type = type;
976 p->name.name_string.len = ncomp;
977 ret = krb5_ret_string(sp, &p->realm);
982 p->name.name_string.val = calloc(ncomp, sizeof(p->name.name_string.val[0]));
983 if(p->name.name_string.val == NULL && ncomp != 0){
988 for(i = 0; i < ncomp; i++){
989 ret = krb5_ret_string(sp, &p->name.name_string.val[i]);
992 free(p->name.name_string.val[i--]);
1003 * Store a keyblock to the storage.
1005 * @param sp the storage buffer to write to
1006 * @param p the keyblock to write
1008 * @return 0 on success, a Kerberos 5 error code on failure.
1010 * @ingroup krb5_storage
1013 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1014 krb5_store_keyblock(krb5_storage *sp, krb5_keyblock p)
1017 ret = krb5_store_int16(sp, p.keytype);
1020 if(krb5_storage_is_flags(sp, KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE)){
1021 /* this should really be enctype, but it is the same as
1023 ret = krb5_store_int16(sp, p.keytype);
1027 ret = krb5_store_data(sp, p.keyvalue);
1032 * Read a keyblock from the storage.
1034 * @param sp the storage buffer to write to
1035 * @param p the keyblock read from storage, free using krb5_free_keyblock()
1037 * @return 0 on success, a Kerberos 5 error code on failure.
1039 * @ingroup krb5_storage
1042 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1043 krb5_ret_keyblock(krb5_storage *sp, krb5_keyblock *p)
1048 ret = krb5_ret_int16(sp, &tmp);
1052 if(krb5_storage_is_flags(sp, KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE)){
1053 ret = krb5_ret_int16(sp, &tmp);
1057 ret = krb5_ret_data(sp, &p->keyvalue);
1062 * Write a times block to storage.
1064 * @param sp the storage buffer to write to
1065 * @param times the times block to write.
1067 * @return 0 on success, a Kerberos 5 error code on failure.
1069 * @ingroup krb5_storage
1072 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1073 krb5_store_times(krb5_storage *sp, krb5_times times)
1076 ret = krb5_store_int32(sp, times.authtime);
1078 ret = krb5_store_int32(sp, times.starttime);
1080 ret = krb5_store_int32(sp, times.endtime);
1082 ret = krb5_store_int32(sp, times.renew_till);
1087 * Read a times block from the storage.
1089 * @param sp the storage buffer to write to
1090 * @param times the times block read from storage
1092 * @return 0 on success, a Kerberos 5 error code on failure.
1094 * @ingroup krb5_storage
1097 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1098 krb5_ret_times(krb5_storage *sp, krb5_times *times)
1102 ret = krb5_ret_int32(sp, &tmp);
1103 times->authtime = tmp;
1105 ret = krb5_ret_int32(sp, &tmp);
1106 times->starttime = tmp;
1108 ret = krb5_ret_int32(sp, &tmp);
1109 times->endtime = tmp;
1111 ret = krb5_ret_int32(sp, &tmp);
1112 times->renew_till = tmp;
1117 * Write a address block to storage.
1119 * @param sp the storage buffer to write to
1120 * @param p the address block to write.
1122 * @return 0 on success, a Kerberos 5 error code on failure.
1124 * @ingroup krb5_storage
1127 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1128 krb5_store_address(krb5_storage *sp, krb5_address p)
1131 ret = krb5_store_int16(sp, p.addr_type);
1133 ret = krb5_store_data(sp, p.address);
1138 * Read a address block from the storage.
1140 * @param sp the storage buffer to write to
1141 * @param adr the address block read from storage
1143 * @return 0 on success, a Kerberos 5 error code on failure.
1145 * @ingroup krb5_storage
1148 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1149 krb5_ret_address(krb5_storage *sp, krb5_address *adr)
1153 ret = krb5_ret_int16(sp, &t);
1156 ret = krb5_ret_data(sp, &adr->address);
1161 * Write a addresses block to storage.
1163 * @param sp the storage buffer to write to
1164 * @param p the addresses block to write.
1166 * @return 0 on success, a Kerberos 5 error code on failure.
1168 * @ingroup krb5_storage
1171 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1172 krb5_store_addrs(krb5_storage *sp, krb5_addresses p)
1176 ret = krb5_store_int32(sp, p.len);
1178 for(i = 0; i<p.len; i++){
1179 ret = krb5_store_address(sp, p.val[i]);
1186 * Read a addresses block from the storage.
1188 * @param sp the storage buffer to write to
1189 * @param adr the addresses block read from storage
1191 * @return 0 on success, a Kerberos 5 error code on failure.
1193 * @ingroup krb5_storage
1196 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1197 krb5_ret_addrs(krb5_storage *sp, krb5_addresses *adr)
1203 ret = krb5_ret_int32(sp, &tmp);
1205 ret = size_too_large_num(sp, tmp, sizeof(adr->val[0]));
1206 if (ret) return ret;
1208 ALLOC(adr->val, adr->len);
1209 if (adr->val == NULL && adr->len != 0)
1211 for(i = 0; i < adr->len; i++){
1212 ret = krb5_ret_address(sp, &adr->val[i]);
1219 * Write a auth data block to storage.
1221 * @param sp the storage buffer to write to
1222 * @param auth the auth data block to write.
1224 * @return 0 on success, a Kerberos 5 error code on failure.
1226 * @ingroup krb5_storage
1229 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1230 krb5_store_authdata(krb5_storage *sp, krb5_authdata auth)
1232 krb5_error_code ret;
1234 ret = krb5_store_int32(sp, auth.len);
1236 for(i = 0; i < auth.len; i++){
1237 ret = krb5_store_int16(sp, auth.val[i].ad_type);
1239 ret = krb5_store_data(sp, auth.val[i].ad_data);
1246 * Read a auth data from the storage.
1248 * @param sp the storage buffer to write to
1249 * @param auth the auth data block read from storage
1251 * @return 0 on success, a Kerberos 5 error code on failure.
1253 * @ingroup krb5_storage
1256 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1257 krb5_ret_authdata(krb5_storage *sp, krb5_authdata *auth)
1259 krb5_error_code ret;
1263 ret = krb5_ret_int32(sp, &tmp);
1265 ret = size_too_large_num(sp, tmp, sizeof(auth->val[0]));
1266 if (ret) return ret;
1267 ALLOC_SEQ(auth, tmp);
1268 if (auth->val == NULL && tmp != 0)
1270 for(i = 0; i < tmp; i++){
1271 ret = krb5_ret_int16(sp, &tmp2);
1273 auth->val[i].ad_type = tmp2;
1274 ret = krb5_ret_data(sp, &auth->val[i].ad_data);
1281 bitswap32(int32_t b)
1285 for (i = 0; i < 32; i++) {
1286 r = r << 1 | (b & 1);
1293 * Write a credentials block to storage.
1295 * @param sp the storage buffer to write to
1296 * @param creds the creds block to write.
1298 * @return 0 on success, a Kerberos 5 error code on failure.
1300 * @ingroup krb5_storage
1303 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1304 krb5_store_creds(krb5_storage *sp, krb5_creds *creds)
1308 ret = krb5_store_principal(sp, creds->client);
1311 ret = krb5_store_principal(sp, creds->server);
1314 ret = krb5_store_keyblock(sp, creds->session);
1317 ret = krb5_store_times(sp, creds->times);
1320 ret = krb5_store_int8(sp, creds->second_ticket.length != 0); /* is_skey */
1324 if(krb5_storage_is_flags(sp, KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER))
1325 ret = krb5_store_int32(sp, creds->flags.i);
1327 ret = krb5_store_int32(sp, bitswap32(TicketFlags2int(creds->flags.b)));
1331 ret = krb5_store_addrs(sp, creds->addresses);
1334 ret = krb5_store_authdata(sp, creds->authdata);
1337 ret = krb5_store_data(sp, creds->ticket);
1340 ret = krb5_store_data(sp, creds->second_ticket);
1345 * Read a credentials block from the storage.
1347 * @param sp the storage buffer to write to
1348 * @param creds the credentials block read from storage
1350 * @return 0 on success, a Kerberos 5 error code on failure.
1352 * @ingroup krb5_storage
1355 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1356 krb5_ret_creds(krb5_storage *sp, krb5_creds *creds)
1358 krb5_error_code ret;
1362 memset(creds, 0, sizeof(*creds));
1363 ret = krb5_ret_principal (sp, &creds->client);
1364 if(ret) goto cleanup;
1365 ret = krb5_ret_principal (sp, &creds->server);
1366 if(ret) goto cleanup;
1367 ret = krb5_ret_keyblock (sp, &creds->session);
1368 if(ret) goto cleanup;
1369 ret = krb5_ret_times (sp, &creds->times);
1370 if(ret) goto cleanup;
1371 ret = krb5_ret_int8 (sp, &dummy8);
1372 if(ret) goto cleanup;
1373 ret = krb5_ret_int32 (sp, &dummy32);
1374 if(ret) goto cleanup;
1376 * Runtime detect the what is the higher bits of the bitfield. If
1377 * any of the higher bits are set in the input data, it's either a
1378 * new ticket flag (and this code need to be removed), or it's a
1379 * MIT cache (or new Heimdal cache), lets change it to our current
1383 uint32_t mask = 0xffff0000;
1385 creds->flags.b.anonymous = 1;
1386 if (creds->flags.i & mask)
1389 dummy32 = bitswap32(dummy32);
1391 creds->flags.i = dummy32;
1392 ret = krb5_ret_addrs (sp, &creds->addresses);
1393 if(ret) goto cleanup;
1394 ret = krb5_ret_authdata (sp, &creds->authdata);
1395 if(ret) goto cleanup;
1396 ret = krb5_ret_data (sp, &creds->ticket);
1397 if(ret) goto cleanup;
1398 ret = krb5_ret_data (sp, &creds->second_ticket);
1402 krb5_free_cred_contents(context, creds); /* XXX */
1408 #define SC_CLIENT_PRINCIPAL 0x0001
1409 #define SC_SERVER_PRINCIPAL 0x0002
1410 #define SC_SESSION_KEY 0x0004
1411 #define SC_TICKET 0x0008
1412 #define SC_SECOND_TICKET 0x0010
1413 #define SC_AUTHDATA 0x0020
1414 #define SC_ADDRESSES 0x0040
1417 * Write a tagged credentials block to storage.
1419 * @param sp the storage buffer to write to
1420 * @param creds the creds block to write.
1422 * @return 0 on success, a Kerberos 5 error code on failure.
1424 * @ingroup krb5_storage
1427 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1428 krb5_store_creds_tag(krb5_storage *sp, krb5_creds *creds)
1434 header |= SC_CLIENT_PRINCIPAL;
1436 header |= SC_SERVER_PRINCIPAL;
1437 if (creds->session.keytype != ETYPE_NULL)
1438 header |= SC_SESSION_KEY;
1439 if (creds->ticket.data)
1440 header |= SC_TICKET;
1441 if (creds->second_ticket.length)
1442 header |= SC_SECOND_TICKET;
1443 if (creds->authdata.len)
1444 header |= SC_AUTHDATA;
1445 if (creds->addresses.len)
1446 header |= SC_ADDRESSES;
1448 ret = krb5_store_int32(sp, header);
1452 if (creds->client) {
1453 ret = krb5_store_principal(sp, creds->client);
1458 if (creds->server) {
1459 ret = krb5_store_principal(sp, creds->server);
1464 if (creds->session.keytype != ETYPE_NULL) {
1465 ret = krb5_store_keyblock(sp, creds->session);
1470 ret = krb5_store_times(sp, creds->times);
1473 ret = krb5_store_int8(sp, creds->second_ticket.length != 0); /* is_skey */
1477 ret = krb5_store_int32(sp, bitswap32(TicketFlags2int(creds->flags.b)));
1481 if (creds->addresses.len) {
1482 ret = krb5_store_addrs(sp, creds->addresses);
1487 if (creds->authdata.len) {
1488 ret = krb5_store_authdata(sp, creds->authdata);
1493 if (creds->ticket.data) {
1494 ret = krb5_store_data(sp, creds->ticket);
1499 if (creds->second_ticket.data) {
1500 ret = krb5_store_data(sp, creds->second_ticket);
1509 * Read a tagged credentials block from the storage.
1511 * @param sp the storage buffer to write to
1512 * @param creds the credentials block read from storage
1514 * @return 0 on success, a Kerberos 5 error code on failure.
1516 * @ingroup krb5_storage
1519 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1520 krb5_ret_creds_tag(krb5_storage *sp,
1523 krb5_error_code ret;
1525 int32_t dummy32, header;
1527 memset(creds, 0, sizeof(*creds));
1529 ret = krb5_ret_int32 (sp, &header);
1530 if (ret) goto cleanup;
1532 if (header & SC_CLIENT_PRINCIPAL) {
1533 ret = krb5_ret_principal (sp, &creds->client);
1534 if(ret) goto cleanup;
1536 if (header & SC_SERVER_PRINCIPAL) {
1537 ret = krb5_ret_principal (sp, &creds->server);
1538 if(ret) goto cleanup;
1540 if (header & SC_SESSION_KEY) {
1541 ret = krb5_ret_keyblock (sp, &creds->session);
1542 if(ret) goto cleanup;
1544 ret = krb5_ret_times (sp, &creds->times);
1545 if(ret) goto cleanup;
1546 ret = krb5_ret_int8 (sp, &dummy8);
1547 if(ret) goto cleanup;
1548 ret = krb5_ret_int32 (sp, &dummy32);
1549 if(ret) goto cleanup;
1551 * Runtime detect the what is the higher bits of the bitfield. If
1552 * any of the higher bits are set in the input data, it's either a
1553 * new ticket flag (and this code need to be removed), or it's a
1554 * MIT cache (or new Heimdal cache), lets change it to our current
1558 uint32_t mask = 0xffff0000;
1560 creds->flags.b.anonymous = 1;
1561 if (creds->flags.i & mask)
1564 dummy32 = bitswap32(dummy32);
1566 creds->flags.i = dummy32;
1567 if (header & SC_ADDRESSES) {
1568 ret = krb5_ret_addrs (sp, &creds->addresses);
1569 if(ret) goto cleanup;
1571 if (header & SC_AUTHDATA) {
1572 ret = krb5_ret_authdata (sp, &creds->authdata);
1573 if(ret) goto cleanup;
1575 if (header & SC_TICKET) {
1576 ret = krb5_ret_data (sp, &creds->ticket);
1577 if(ret) goto cleanup;
1579 if (header & SC_SECOND_TICKET) {
1580 ret = krb5_ret_data (sp, &creds->second_ticket);
1581 if(ret) goto cleanup;
1587 krb5_free_cred_contents(context, creds); /* XXX */
projects / FreeBSD / releng / 10.0.git / blob