diff options
| author | Tom Yu <tlyu@mit.edu> | 2009-11-05 03:26:25 +0000 |
|---|---|---|
| committer | Tom Yu <tlyu@mit.edu> | 2009-11-05 03:26:25 +0000 |
| commit | 3a3b891e31384fe818c089b91412fda0226f023c (patch) | |
| tree | 59654d038c05573b3fecd0cb2034b307ee457278 | |
| parent | b2538c840ce5d05dd382c88538b152bf781cde72 (diff) | |
| download | krb5-3a3b891e31384fe818c089b91412fda0226f023c.zip krb5-3a3b891e31384fe818c089b91412fda0226f023c.tar.gz krb5-3a3b891e31384fe818c089b91412fda0226f023c.tar.bz2 | |
Deal with some open paren formatting issues, and reindent. Make
preauth.c use the function pointer typdefs in the prototypes as well.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23131 dc483132-0cff-0310-8789-dd5450dbe970
| -rw-r--r-- | src/Makefile.in | 2 | ||||
| -rw-r--r-- | src/lib/krb5/krb/preauth.c | 536 | ||||
| -rw-r--r-- | src/lib/krb5/krb/ser_ctx.c | 601 |
3 files changed, 567 insertions, 572 deletions
diff --git a/src/Makefile.in b/src/Makefile.in index 7bb6f63..52043e5 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -675,8 +675,6 @@ BSDFILES = \ OTHEREXCLUDES = \ lib/krb5/asn.1 \ lib/krb5/krb/deltat.c \ - lib/krb5/krb/preauth.c \ - lib/krb5/krb/ser_ctx.c \ lib/krb5/unicode EXCLUDES = `for i in $(BSDFILES) $(OTHEREXCLUDES); do echo $$i; done | $(AWK) '{ print "-path", $$1, "-o" }'` -path /dev/null diff --git a/src/lib/krb5/krb/preauth.c b/src/lib/krb5/krb/preauth.c index 3c62f60..51c9417 100644 --- a/src/lib/krb5/krb/preauth.c +++ b/src/lib/krb5/krb/preauth.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1995 by the Massachusetts Institute of Technology. All * Rights Reserved. @@ -33,81 +34,81 @@ #include <stdio.h> #include <time.h> -static krb5_error_code obtain_enc_ts_padata - (krb5_context, - krb5_pa_data *, - krb5_etype_info, - krb5_keyblock *, - krb5_error_code ( * )(krb5_context, - const krb5_enctype, - krb5_data *, - krb5_const_pointer, - krb5_keyblock **), - krb5_const_pointer, - krb5_creds *, - krb5_kdc_req *, - krb5_pa_data **); - -static krb5_error_code process_pw_salt - (krb5_context, - krb5_pa_data *, - krb5_kdc_req *, - krb5_kdc_rep *, - krb5_error_code ( * )(krb5_context, - const krb5_enctype, - krb5_data *, - krb5_const_pointer, - krb5_keyblock **), - krb5_const_pointer, - krb5_error_code ( * )(krb5_context, - const krb5_keyblock *, - krb5_const_pointer, - krb5_kdc_rep * ), - krb5_keyblock **, - krb5_creds *, - krb5_int32 *, - krb5_int32 *); - -static krb5_error_code obtain_sam_padata - (krb5_context, - krb5_pa_data *, - krb5_etype_info, - krb5_keyblock *, - krb5_error_code ( * )(krb5_context, - const krb5_enctype, - krb5_data *, - krb5_const_pointer, - krb5_keyblock **), - krb5_const_pointer, - krb5_creds *, - krb5_kdc_req *, - krb5_pa_data **); +/* some typedefs for the function args to make things look a bit cleaner */ + +typedef krb5_error_code (*git_key_proc)( + krb5_context, + const krb5_enctype, + krb5_data *, + krb5_const_pointer, + krb5_keyblock **); + +typedef krb5_error_code (*git_decrypt_proc)( + krb5_context, + const krb5_keyblock *, + krb5_const_pointer, + krb5_kdc_rep *); + +static krb5_error_code obtain_enc_ts_padata( + krb5_context, + krb5_pa_data *, + krb5_etype_info, + krb5_keyblock *, + git_key_proc, + krb5_const_pointer, + krb5_creds *, + krb5_kdc_req *, + krb5_pa_data **); + +static krb5_error_code process_pw_salt( + krb5_context, + krb5_pa_data *, + krb5_kdc_req *, + krb5_kdc_rep *, + git_key_proc, + krb5_const_pointer, + git_decrypt_proc, + krb5_keyblock **, + krb5_creds *, + krb5_int32 *, + krb5_int32 *); + +static krb5_error_code obtain_sam_padata( + krb5_context, + krb5_pa_data *, + krb5_etype_info, + krb5_keyblock *, + git_key_proc, + krb5_const_pointer, + krb5_creds *, + krb5_kdc_req *, + krb5_pa_data **); static const krb5_preauth_ops preauth_systems[] = { { - KV5M_PREAUTH_OPS, - KRB5_PADATA_ENC_TIMESTAMP, + KV5M_PREAUTH_OPS, + KRB5_PADATA_ENC_TIMESTAMP, 0, obtain_enc_ts_padata, 0, }, { - KV5M_PREAUTH_OPS, - KRB5_PADATA_PW_SALT, + KV5M_PREAUTH_OPS, + KRB5_PADATA_PW_SALT, 0, 0, process_pw_salt, }, { - KV5M_PREAUTH_OPS, - KRB5_PADATA_AFS3_SALT, + KV5M_PREAUTH_OPS, + KRB5_PADATA_AFS3_SALT, 0, 0, process_pw_salt, }, { - KV5M_PREAUTH_OPS, - KRB5_PADATA_SAM_CHALLENGE, + KV5M_PREAUTH_OPS, + KRB5_PADATA_SAM_CHALLENGE, 0, obtain_sam_padata, 0, @@ -115,60 +116,47 @@ static const krb5_preauth_ops preauth_systems[] = { { KV5M_PREAUTH_OPS, -1 } }; -static krb5_error_code find_pa_system - (krb5_preauthtype type, const krb5_preauth_ops **Preauth_proc); - -/* some typedef's for the function args to make things look a bit cleaner */ - -typedef krb5_error_code (*git_key_proc) (krb5_context, - const krb5_enctype, - krb5_data *, - krb5_const_pointer, - krb5_keyblock **); - -typedef krb5_error_code (*git_decrypt_proc) (krb5_context, - const krb5_keyblock *, - krb5_const_pointer, - krb5_kdc_rep *); +static krb5_error_code +find_pa_system(krb5_preauthtype type, const krb5_preauth_ops **Preauth_proc); krb5_error_code krb5_obtain_padata(krb5_context context, krb5_pa_data **preauth_to_use, git_key_proc key_proc, krb5_const_pointer key_seed, krb5_creds *creds, krb5_kdc_req *request) { - krb5_error_code retval; - krb5_etype_info etype_info = 0; - krb5_pa_data ** pa; - krb5_pa_data ** send_pa_list; - krb5_pa_data ** send_pa; - const krb5_preauth_ops *ops; - krb5_keyblock * def_enc_key = 0; - krb5_enctype enctype; - krb5_data salt; - krb5_data scratch; - int size; - int f_salt = 0; + krb5_error_code retval; + krb5_etype_info etype_info = 0; + krb5_pa_data ** pa; + krb5_pa_data ** send_pa_list; + krb5_pa_data ** send_pa; + const krb5_preauth_ops *ops; + krb5_keyblock * def_enc_key = 0; + krb5_enctype enctype; + krb5_data salt; + krb5_data scratch; + int size; + int f_salt = 0; if (preauth_to_use == NULL) - return 0; + return 0; for (pa = preauth_to_use, size=0; *pa; pa++, size++) { - if ((*pa)->pa_type == KRB5_PADATA_ETYPE_INFO) { - /* XXX use the first one. Is there another way to disambiguate? */ - if (etype_info) - continue; - - scratch.length = (*pa)->length; - scratch.data = (char *) (*pa)->contents; - retval = decode_krb5_etype_info(&scratch, &etype_info); - if (retval) - return retval; - if (etype_info[0] == NULL) { - krb5_free_etype_info(context, etype_info); - etype_info = NULL; - } - } + if ((*pa)->pa_type == KRB5_PADATA_ETYPE_INFO) { + /* XXX use the first one. Is there another way to disambiguate? */ + if (etype_info) + continue; + + scratch.length = (*pa)->length; + scratch.data = (char *) (*pa)->contents; + retval = decode_krb5_etype_info(&scratch, &etype_info); + if (retval) + return retval; + if (etype_info[0] == NULL) { + krb5_free_etype_info(context, etype_info); + etype_info = NULL; + } + } } if ((send_pa_list = malloc((size+1) * sizeof(krb5_pa_data *))) == NULL) - return ENOMEM; + return ENOMEM; send_pa = send_pa_list; *send_pa = 0; @@ -177,61 +165,61 @@ krb5_error_code krb5_obtain_padata(krb5_context context, krb5_pa_data **preauth_ salt.data = 0; salt.length = SALT_TYPE_NO_LENGTH; if (etype_info) { - enctype = etype_info[0]->etype; - salt.data = (char *) etype_info[0]->salt; - if(etype_info[0]->length == KRB5_ETYPE_NO_SALT) - salt.length = SALT_TYPE_NO_LENGTH; /* XXX */ - else - salt.length = etype_info[0]->length; + enctype = etype_info[0]->etype; + salt.data = (char *) etype_info[0]->salt; + if(etype_info[0]->length == KRB5_ETYPE_NO_SALT) + salt.length = SALT_TYPE_NO_LENGTH; /* XXX */ + else + salt.length = etype_info[0]->length; } if (salt.length == SALT_TYPE_NO_LENGTH) { /* - * This will set the salt length - */ - if ((retval = krb5_principal2salt(context, request->client, &salt))) - goto cleanup; - f_salt = 1; + * This will set the salt length + */ + if ((retval = krb5_principal2salt(context, request->client, &salt))) + goto cleanup; + f_salt = 1; } if ((retval = (*key_proc)(context, enctype, &salt, key_seed, - &def_enc_key))) - goto cleanup; + &def_enc_key))) + goto cleanup; for (pa = preauth_to_use; *pa; pa++) { - if (find_pa_system((*pa)->pa_type, &ops)) - continue; + if (find_pa_system((*pa)->pa_type, &ops)) + continue; - if (ops->obtain == 0) - continue; + if (ops->obtain == 0) + continue; - retval = ((ops)->obtain)(context, *pa, etype_info, def_enc_key, - key_proc, key_seed, creds, - request, send_pa); - if (retval) - goto cleanup; + retval = ((ops)->obtain)(context, *pa, etype_info, def_enc_key, + key_proc, key_seed, creds, + request, send_pa); + if (retval) + goto cleanup; - if (*send_pa) - send_pa++; - *send_pa = 0; + if (*send_pa) + send_pa++; + *send_pa = 0; } retval = 0; if (send_pa_list[0]) { - request->padata = send_pa_list; - send_pa_list = 0; + request->padata = send_pa_list; + send_pa_list = 0; } cleanup: if (etype_info) - krb5_free_etype_info(context, etype_info); + krb5_free_etype_info(context, etype_info); if (f_salt) - free(salt.data); + free(salt.data); if (send_pa_list) - krb5_free_pa_data(context, send_pa_list); + krb5_free_pa_data(context, send_pa_list); if (def_enc_key) - krb5_free_keyblock(context, def_enc_key); + krb5_free_keyblock(context, def_enc_key); return retval; } @@ -239,29 +227,29 @@ cleanup: krb5_error_code krb5_process_padata(krb5_context context, krb5_kdc_req *request, krb5_kdc_rep *as_reply, git_key_proc key_proc, krb5_const_pointer keyseed, git_decrypt_proc decrypt_proc, krb5_keyblock **decrypt_key, krb5_creds *creds, krb5_int32 *do_more) { - krb5_error_code retval = 0; - const krb5_preauth_ops * ops; - krb5_pa_data ** pa; - krb5_int32 done = 0; + krb5_error_code retval = 0; + const krb5_preauth_ops * ops; + krb5_pa_data ** pa; + krb5_int32 done = 0; - *do_more = 0; /* By default, we don't need to repeat... */ + *do_more = 0; /* By default, we don't need to repeat... */ if (as_reply->padata == 0) - return 0; + return 0; for (pa = as_reply->padata; *pa; pa++) { - if (find_pa_system((*pa)->pa_type, &ops)) - continue; - - if (ops->process == 0) - continue; - - retval = ((ops)->process)(context, *pa, request, as_reply, - key_proc, keyseed, decrypt_proc, - decrypt_key, creds, do_more, &done); - if (retval) - goto cleanup; - if (done) - break; + if (find_pa_system((*pa)->pa_type, &ops)) + continue; + + if (ops->process == 0) + continue; + + retval = ((ops)->process)(context, *pa, request, as_reply, + key_proc, keyseed, decrypt_proc, + decrypt_key, creds, do_more, &done); + if (retval) + goto cleanup; + if (done) + break; } cleanup: @@ -276,35 +264,35 @@ cleanup: static krb5_error_code obtain_enc_ts_padata(krb5_context context, krb5_pa_data *in_padata, krb5_etype_info etype_info, krb5_keyblock *def_enc_key, git_key_proc key_proc, krb5_const_pointer key_seed, krb5_creds *creds, krb5_kdc_req *request, krb5_pa_data **out_padata) { - krb5_pa_enc_ts pa_enc; - krb5_error_code retval; - krb5_data * scratch; - krb5_enc_data enc_data; - krb5_pa_data * pa; + krb5_pa_enc_ts pa_enc; + krb5_error_code retval; + krb5_data * scratch; + krb5_enc_data enc_data; + krb5_pa_data * pa; retval = krb5_us_timeofday(context, &pa_enc.patimestamp, &pa_enc.pausec); if (retval) - return retval; + return retval; if ((retval = encode_krb5_pa_enc_ts(&pa_enc, &scratch)) != 0) - return retval; + return retval; enc_data.ciphertext.data = 0; if ((retval = krb5_encrypt_helper(context, def_enc_key, - KRB5_KEYUSAGE_AS_REQ_PA_ENC_TS, - scratch, &enc_data))) - goto cleanup; + KRB5_KEYUSAGE_AS_REQ_PA_ENC_TS, + scratch, &enc_data))) + goto cleanup; krb5_free_data(context, scratch); scratch = 0; if ((retval = encode_krb5_enc_data(&enc_data, &scratch)) != 0) - goto cleanup; + goto cleanup; if ((pa = malloc(sizeof(krb5_pa_data))) == NULL) { - retval = ENOMEM; - goto cleanup; + retval = ENOMEM; + goto cleanup; } pa->magic = KV5M_PA_DATA; @@ -321,29 +309,29 @@ obtain_enc_ts_padata(krb5_context context, krb5_pa_data *in_padata, krb5_etype_i cleanup: if (scratch) - krb5_free_data(context, scratch); + krb5_free_data(context, scratch); if (enc_data.ciphertext.data) - free(enc_data.ciphertext.data); + free(enc_data.ciphertext.data); return retval; } static krb5_error_code process_pw_salt(krb5_context context, krb5_pa_data *padata, krb5_kdc_req *request, krb5_kdc_rep *as_reply, git_key_proc key_proc, krb5_const_pointer keyseed, git_decrypt_proc decrypt_proc, krb5_keyblock **decrypt_key, krb5_creds *creds, krb5_int32 *do_more, krb5_int32 *done) { - krb5_error_code retval; - krb5_data salt; + krb5_error_code retval; + krb5_data salt; if (*decrypt_key != 0) - return 0; + return 0; salt.data = (char *) padata->contents; salt.length = - (padata->pa_type == KRB5_PADATA_AFS3_SALT)?(SALT_TYPE_AFS_LENGTH):(padata->length); + (padata->pa_type == KRB5_PADATA_AFS3_SALT)?(SALT_TYPE_AFS_LENGTH):(padata->length); if ((retval = (*key_proc)(context, as_reply->enc_part.enctype, - &salt, keyseed, decrypt_key))) { - *decrypt_key = 0; - return retval; + &salt, keyseed, decrypt_key))) { + *decrypt_key = 0; + return retval; } return 0; @@ -355,9 +343,9 @@ find_pa_system(krb5_preauthtype type, const krb5_preauth_ops **preauth) const krb5_preauth_ops *ap = preauth_systems; while ((ap->type != -1) && (ap->type != type)) - ap++; + ap++; if (ap->type == -1) - return(KRB5_PREAUTH_BAD_TYPE); + return(KRB5_PREAUTH_BAD_TYPE); *preauth = ap; return 0; } @@ -368,8 +356,8 @@ extern const char *krb5_default_pwd_prompt1; static krb5_error_code sam_get_pass_from_user(krb5_context context, krb5_etype_info etype_info, git_key_proc key_proc, krb5_const_pointer key_seed, krb5_kdc_req *request, krb5_keyblock **new_enc_key, const char *prompt) { - krb5_enctype enctype; - krb5_error_code retval; + krb5_enctype enctype; + krb5_error_code retval; const char *oldprompt; /* enctype = request->ktype[0]; */ @@ -378,12 +366,12 @@ sam_get_pass_from_user(krb5_context context, krb5_etype_info etype_info, git_key oldprompt = krb5_default_pwd_prompt1; krb5_default_pwd_prompt1 = prompt; { - krb5_data newpw; - newpw.data = 0; newpw.length = 0; - /* we don't keep the new password, just the key... */ - retval = (*key_proc)(context, enctype, 0, - (krb5_const_pointer)&newpw, new_enc_key); - free(newpw.data); + krb5_data newpw; + newpw.data = 0; newpw.length = 0; + /* we don't keep the new password, just the key... */ + retval = (*key_proc)(context, enctype, 0, + (krb5_const_pointer)&newpw, new_enc_key); + free(newpw.data); } krb5_default_pwd_prompt1 = oldprompt; return retval; @@ -400,47 +388,47 @@ char *handle_sam_labels(krb5_sam_challenge *sc) struct k5buf buf; if (sc->sam_cksum.length == 0) { - /* or invalid -- but lets just handle presence now XXX */ - switch (sc->sam_type) { - case PA_SAM_TYPE_ENIGMA: /* Enigma Logic */ - label = "Challenge for Enigma Logic mechanism"; - break; - case PA_SAM_TYPE_DIGI_PATH: /* Digital Pathways */ - case PA_SAM_TYPE_DIGI_PATH_HEX: /* Digital Pathways */ - label = "Challenge for Digital Pathways mechanism"; - break; - case PA_SAM_TYPE_ACTIVCARD_DEC: /* Digital Pathways */ - case PA_SAM_TYPE_ACTIVCARD_HEX: /* Digital Pathways */ - label = "Challenge for Activcard mechanism"; - break; - case PA_SAM_TYPE_SKEY_K0: /* S/key where KDC has key 0 */ - label = "Challenge for Enhanced S/Key mechanism"; - break; - case PA_SAM_TYPE_SKEY: /* Traditional S/Key */ - label = "Challenge for Traditional S/Key mechanism"; - break; - case PA_SAM_TYPE_SECURID: /* Security Dynamics */ - label = "Challenge for Security Dynamics mechanism"; - break; - case PA_SAM_TYPE_SECURID_PREDICT: /* predictive Security Dynamics */ - label = "Challenge for Security Dynamics mechanism"; - break; - } - prompt = "Passcode"; - label_len = strlen(label); - prompt_len = strlen(prompt); + /* or invalid -- but lets just handle presence now XXX */ + switch (sc->sam_type) { + case PA_SAM_TYPE_ENIGMA: /* Enigma Logic */ + label = "Challenge for Enigma Logic mechanism"; + break; + case PA_SAM_TYPE_DIGI_PATH: /* Digital Pathways */ + case PA_SAM_TYPE_DIGI_PATH_HEX: /* Digital Pathways */ + label = "Challenge for Digital Pathways mechanism"; + break; + case PA_SAM_TYPE_ACTIVCARD_DEC: /* Digital Pathways */ + case PA_SAM_TYPE_ACTIVCARD_HEX: /* Digital Pathways */ + label = "Challenge for Activcard mechanism"; + break; + case PA_SAM_TYPE_SKEY_K0: /* S/key where KDC has key 0 */ + label = "Challenge for Enhanced S/Key mechanism"; + break; + case PA_SAM_TYPE_SKEY: /* Traditional S/Key */ + label = "Challenge for Traditional S/Key mechanism"; + break; + case PA_SAM_TYPE_SECURID: /* Security Dynamics */ + label = "Challenge for Security Dynamics mechanism"; + break; + case PA_SAM_TYPE_SECURID_PREDICT: /* predictive Security Dynamics */ + label = "Challenge for Security Dynamics mechanism"; + break; + } + prompt = "Passcode"; + label_len = strlen(label); + prompt_len = strlen(prompt); } /* example: Challenge for Digital Pathways mechanism: [134591] Passcode: - */ + */ krb5int_buf_init_dynamic(&buf); if (challenge_len) { - krb5int_buf_add_len(&buf, label, label_len); - krb5int_buf_add(&buf, ": ["); - krb5int_buf_add_len(&buf, challenge, challenge_len); - krb5int_buf_add(&buf, "]\n"); + krb5int_buf_add_len(&buf, label, label_len); + krb5int_buf_add(&buf, ": ["); + krb5int_buf_add_len(&buf, challenge, challenge_len); + krb5int_buf_add(&buf, "]\n"); } krb5int_buf_add_len(&buf, prompt, prompt_len); krb5int_buf_add(&buf, ": "); @@ -454,15 +442,15 @@ char *handle_sam_labels(krb5_sam_challenge *sc) static krb5_error_code obtain_sam_padata(krb5_context context, krb5_pa_data *in_padata, krb5_etype_info etype_info, krb5_keyblock *def_enc_key, git_key_proc key_proc, krb5_const_pointer key_seed, krb5_creds *creds, krb5_kdc_req *request, krb5_pa_data **out_padata) { - krb5_error_code retval; - krb5_data * scratch = 0; - krb5_data tmpsam; - krb5_pa_data * pa; - krb5_sam_challenge *sam_challenge = 0; - krb5_sam_response sam_response; + krb5_error_code retval; + krb5_data * scratch = 0; + krb5_data tmpsam; + krb5_pa_data * pa; + krb5_sam_challenge *sam_challenge = 0; + krb5_sam_response sam_response; /* these two get encrypted and stuffed in to sam_response */ - krb5_enc_sam_response_enc enc_sam_response_enc; - krb5_keyblock * sam_use_key = 0; + krb5_enc_sam_response_enc enc_sam_response_enc; + krb5_keyblock * sam_use_key = 0; char *prompt = 0, *passcode = 0; sam_response.sam_enc_nonce_or_ts.ciphertext.data = 0; @@ -471,56 +459,56 @@ obtain_sam_padata(krb5_context context, krb5_pa_data *in_padata, krb5_etype_info tmpsam.data = (char *) in_padata->contents; retval = decode_krb5_sam_challenge(&tmpsam, &sam_challenge); if (retval) - return retval; + return retval; if (sam_challenge->sam_flags & KRB5_SAM_MUST_PK_ENCRYPT_SAD) { - retval = KRB5_SAM_UNSUPPORTED; - goto cleanup; + retval = KRB5_SAM_UNSUPPORTED; + goto cleanup; } enc_sam_response_enc.sam_nonce = sam_challenge->sam_nonce; if (!sam_challenge->sam_nonce) { - retval = krb5_us_timeofday(context, - &enc_sam_response_enc.sam_timestamp, - &enc_sam_response_enc.sam_usec); - if (retval) - goto cleanup; - sam_response.sam_patimestamp = enc_sam_response_enc.sam_timestamp; + retval = krb5_us_timeofday(context, + &enc_sam_response_enc.sam_timestamp, + &enc_sam_response_enc.sam_usec); + if (retval) + goto cleanup; + sam_response.sam_patimestamp = enc_sam_response_enc.sam_timestamp; } if (sam_challenge->sam_flags & KRB5_SAM_SEND_ENCRYPTED_SAD) { - /* encrypt passcode in key by stuffing it here */ - unsigned int pcsize = 256; - passcode = malloc(pcsize + 1); - if (passcode == NULL) { - retval = ENOMEM; - goto cleanup; - } - prompt = handle_sam_labels(sam_challenge); - if (prompt == NULL) { - retval = ENOMEM; - goto cleanup; - } - retval = krb5_read_password(context, prompt, 0, passcode, &pcsize); - if (retval) - goto cleanup; - enc_sam_response_enc.sam_sad.data = passcode; - enc_sam_response_enc.sam_sad.length = pcsize; + /* encrypt passcode in key by stuffing it here */ + unsigned int pcsize = 256; + passcode = malloc(pcsize + 1); + if (passcode == NULL) { + retval = ENOMEM; + goto cleanup; + } + prompt = handle_sam_labels(sam_challenge); + if (prompt == NULL) { + retval = ENOMEM; + goto cleanup; + } + retval = krb5_read_password(context, prompt, 0, passcode, &pcsize); + if (retval) + goto cleanup; + enc_sam_response_enc.sam_sad.data = passcode; + enc_sam_response_enc.sam_sad.length = pcsize; } else if (sam_challenge->sam_flags & KRB5_SAM_USE_SAD_AS_KEY) { - prompt = handle_sam_labels(sam_challenge); - if (prompt == NULL) { - retval = ENOMEM; - goto cleanup; - } - retval = sam_get_pass_from_user(context, etype_info, key_proc, - key_seed, request, &sam_use_key, - prompt); - if (retval) - goto cleanup; - enc_sam_response_enc.sam_sad.length = 0; + prompt = handle_sam_labels(sam_challenge); + if (prompt == NULL) { + retval = ENOMEM; + goto cleanup; + } + retval = sam_get_pass_from_user(context, etype_info, key_proc, + key_seed, request, &sam_use_key, + prompt); + if (retval) + goto cleanup; + enc_sam_response_enc.sam_sad.length = 0; } else { - /* what *was* it? */ - retval = KRB5_SAM_UNSUPPORTED; - goto cleanup; + /* what *was* it? */ + retval = KRB5_SAM_UNSUPPORTED; + goto cleanup; } /* so at this point, either sam_use_key is generated from the passcode @@ -528,14 +516,14 @@ obtain_sam_padata(krb5_context context, krb5_pa_data *in_padata, krb5_etype_info * def_enc_key instead. */ /* encode the encoded part of the response */ if ((retval = encode_krb5_enc_sam_response_enc(&enc_sam_response_enc, - &scratch)) != 0) - goto cleanup; + &scratch)) != 0) + goto cleanup; if ((retval = krb5_encrypt_helper(context, - sam_use_key?sam_use_key:def_enc_key, - 0, scratch, - &sam_response.sam_enc_nonce_or_ts))) - goto cleanup; + sam_use_key?sam_use_key:def_enc_key, + 0, scratch, + &sam_response.sam_enc_nonce_or_ts))) + goto cleanup; krb5_free_data(context, scratch); scratch = 0; @@ -551,11 +539,11 @@ obtain_sam_padata(krb5_context context, krb5_pa_data *in_padata, krb5_etype_info sam_response.magic = KV5M_SAM_RESPONSE; if ((retval = encode_krb5_sam_response(&sam_response, &scratch)) != 0) - goto cleanup; + goto cleanup; if ((pa = malloc(sizeof(krb5_pa_data))) == NULL) { - retval = ENOMEM; - goto cleanup; + retval = ENOMEM; + goto cleanup; } pa->magic = KV5M_PA_DATA; diff --git a/src/lib/krb5/krb/ser_ctx.c b/src/lib/krb5/krb/ser_ctx.c index b632ff0..1dc836f 100644 --- a/src/lib/krb5/krb/ser_ctx.c +++ b/src/lib/krb5/krb/ser_ctx.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/krb5/krb/ser_ctx.c * @@ -26,70 +27,78 @@ */ /* - * ser_ctx.c - Routines to deal with serializing the krb5_context and - * krb5_os_context structures. + * ser_ctx.c - Routines to deal with serializing the krb5_context and + * krb5_os_context structures. */ #include "k5-int.h" /* * Routines to deal with externalizing the krb5_context: - * krb5_context_size(); - * krb5_context_externalize(); - * krb5_context_internalize(); + * krb5_context_size(); + * krb5_context_externalize(); + * krb5_context_internalize(); * * Routines to deal with externalizing the krb5_os_context: - * krb5_oscontext_size(); - * krb5_oscontext_externalize(); - * krb5_oscontext_internalize(); + * krb5_oscontext_size(); + * krb5_oscontext_externalize(); + * krb5_oscontext_internalize(); * * Routines to deal with externalizing the profile. - * profile_ser_size(); - * profile_ser_externalize(); - * profile_ser_internalize(); + * profile_ser_size(); + * profile_ser_externalize(); + * profile_ser_internalize(); * * Interface to initialize serializing of krb5_context and krb5_os_context: - * krb5_ser_context_init(); + * krb5_ser_context_init(); */ -static krb5_error_code krb5_context_size - (krb5_context, krb5_pointer, size_t *); -static krb5_error_code krb5_context_externalize - (krb5_context, krb5_pointer, krb5_octet **, size_t *); -static krb5_error_code krb5_context_internalize - (krb5_context,krb5_pointer *, krb5_octet **, size_t *); -static krb5_error_code krb5_oscontext_size - (krb5_context, krb5_pointer, size_t *); -static krb5_error_code krb5_oscontext_externalize - (krb5_context, krb5_pointer, krb5_octet **, size_t *); -static krb5_error_code krb5_oscontext_internalize - (krb5_context,krb5_pointer *, krb5_octet **, size_t *); +static krb5_error_code +krb5_context_size(krb5_context, krb5_pointer, size_t *); + +static krb5_error_code +krb5_context_externalize(krb5_context, krb5_pointer, krb5_octet **, size_t *); + +static krb5_error_code +krb5_context_internalize(krb5_context, krb5_pointer *, krb5_octet **, size_t *); + +static krb5_error_code +krb5_oscontext_size(krb5_context, krb5_pointer, size_t *); + +static krb5_error_code +krb5_oscontext_externalize(krb5_context, krb5_pointer, krb5_octet **, size_t *); + +static krb5_error_code +krb5_oscontext_internalize(krb5_context, krb5_pointer *, + krb5_octet **, size_t *); + #ifndef LEAN_CLIENT -krb5_error_code profile_ser_size - (krb5_context, krb5_pointer, size_t *); -krb5_error_code profile_ser_externalize - (krb5_context, krb5_pointer, krb5_octet **, size_t *); -krb5_error_code profile_ser_internalize - (krb5_context,krb5_pointer *, krb5_octet **, size_t *); +krb5_error_code profile_ser_size(krb5_context, krb5_pointer, size_t *); + +krb5_error_code profile_ser_externalize(krb5_context, krb5_pointer, + krb5_octet **, size_t *); + +krb5_error_code profile_ser_internalize(krb5_context, krb5_pointer *, + krb5_octet **, size_t *); #endif /* LEAN_CLIENT */ /* Local data */ static const krb5_ser_entry krb5_context_ser_entry = { - KV5M_CONTEXT, /* Type */ - krb5_context_size, /* Sizer routine */ - krb5_context_externalize, /* Externalize routine */ - krb5_context_internalize /* Internalize routine */ + KV5M_CONTEXT, /* Type */ + krb5_context_size, /* Sizer routine */ + krb5_context_externalize, /* Externalize routine */ + krb5_context_internalize /* Internalize routine */ }; static const krb5_ser_entry krb5_oscontext_ser_entry = { - KV5M_OS_CONTEXT, /* Type */ - krb5_oscontext_size, /* Sizer routine */ - krb5_oscontext_externalize, /* Externalize routine */ - krb5_oscontext_internalize /* Internalize routine */ + KV5M_OS_CONTEXT, /* Type */ + krb5_oscontext_size, /* Sizer routine */ + krb5_oscontext_externalize, /* Externalize routine */ + krb5_oscontext_internalize /* Internalize routine */ }; #ifndef LEAN_CLIENT static const krb5_ser_entry krb5_profile_ser_entry = { - PROF_MAGIC_PROFILE, /* Type */ - profile_ser_size, /* Sizer routine */ - profile_ser_externalize, /* Externalize routine */ - profile_ser_internalize /* Internalize routine */ + PROF_MAGIC_PROFILE, /* Type */ + profile_ser_size, /* Sizer routine */ + profile_ser_externalize, /* Externalize routine */ + profile_ser_internalize /* Internalize routine */ }; #endif /* LEAN_CLIENT */ @@ -99,227 +108,227 @@ etypes_len(krb5_enctype *list) unsigned int i; if (list == NULL) - return 0; + return 0; for (i = 0; list[i]; i++); return i; } /* - * krb5_context_size() - Determine the size required to externalize the - * krb5_context. + * krb5_context_size() - Determine the size required to externalize the + * krb5_context. */ static krb5_error_code krb5_context_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) { - krb5_error_code kret; - size_t required; - krb5_context context; + krb5_error_code kret; + size_t required; + krb5_context context; /* * The KRB5 context itself requires: - * krb5_int32 for KV5M_CONTEXT - * krb5_int32 for sizeof(default_realm) - * strlen(default_realm) for default_realm. - * krb5_int32 for n_in_tkt_etypes*sizeof(krb5_int32) - * nktypes*sizeof(krb5_int32) for in_tkt_etypes. - * krb5_int32 for n_tgs_etypes*sizeof(krb5_int32) - * nktypes*sizeof(krb5_int32) for tgs_etypes. - * krb5_int32 for clockskew - * krb5_int32 for kdc_req_sumtype - * krb5_int32 for ap_req_sumtype - * krb5_int32 for safe_sumtype - * krb5_int32 for kdc_default_options - * krb5_int32 for library_options - * krb5_int32 for profile_secure - * krb5_int32 for fcc_default_format - * <> for os_context - * <> for db_context - * <> for profile - * krb5_int32 for trailer. + * krb5_int32 for KV5M_CONTEXT + * krb5_int32 for sizeof(default_realm) + * strlen(default_realm) for default_realm. + * krb5_int32 for n_in_tkt_etypes*sizeof(krb5_int32) + * nktypes*sizeof(krb5_int32) for in_tkt_etypes. + * krb5_int32 for n_tgs_etypes*sizeof(krb5_int32) + * nktypes*sizeof(krb5_int32) for tgs_etypes. + * krb5_int32 for clockskew + * krb5_int32 for kdc_req_sumtype + * krb5_int32 for ap_req_sumtype + * krb5_int32 for safe_sumtype + * krb5_int32 for kdc_default_options + * krb5_int32 for library_options + * krb5_int32 for profile_secure + * krb5_int32 for fcc_default_format + * <> for os_context + * <> for db_context + * <> for profile + * krb5_int32 for trailer. */ kret = EINVAL; if ((context = (krb5_context) arg)) { - /* Calculate base length */ - required = (14 * sizeof(krb5_int32) + - (etypes_len(context->in_tkt_etypes) * sizeof(krb5_int32)) + - (etypes_len(context->tgs_etypes) * sizeof(krb5_int32))); - - if (context->default_realm) - required += strlen(context->default_realm); - /* Calculate size required by os_context, if appropriate */ - kret = krb5_size_opaque(kcontext, - KV5M_OS_CONTEXT, - (krb5_pointer) &context->os_context, - &required); - - /* Calculate size required by db_context, if appropriate */ - if (!kret && context->dal_handle) - kret = krb5_size_opaque(kcontext, - KV5M_DB_CONTEXT, - (krb5_pointer) context->dal_handle, - &required); - - /* Finally, calculate size required by profile, if appropriate */ - if (!kret && context->profile) - kret = krb5_size_opaque(kcontext, - PROF_MAGIC_PROFILE, - (krb5_pointer) context->profile, - &required); + /* Calculate base length */ + required = (14 * sizeof(krb5_int32) + + (etypes_len(context->in_tkt_etypes) * sizeof(krb5_int32)) + + (etypes_len(context->tgs_etypes) * sizeof(krb5_int32))); + + if (context->default_realm) + required += strlen(context->default_realm); + /* Calculate size required by os_context, if appropriate */ + kret = krb5_size_opaque(kcontext, + KV5M_OS_CONTEXT, + (krb5_pointer) &context->os_context, + &required); + + /* Calculate size required by db_context, if appropriate */ + if (!kret && context->dal_handle) + kret = krb5_size_opaque(kcontext, + KV5M_DB_CONTEXT, + (krb5_pointer) context->dal_handle, + &required); + + /* Finally, calculate size required by profile, if appropriate */ + if (!kret && context->profile) + kret = krb5_size_opaque(kcontext, + PROF_MAGIC_PROFILE, + (krb5_pointer) context->profile, + &required); } if (!kret) - *sizep += required; + *sizep += required; return(kret); } /* - * krb5_context_externalize() - Externalize the krb5_context. + * krb5_context_externalize() - Externalize the krb5_context. */ static krb5_error_code krb5_context_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain) { - krb5_error_code kret; - krb5_context context; - size_t required; - krb5_octet *bp; - size_t remain; - unsigned int i; + krb5_error_code kret; + krb5_context context; + size_t required; + krb5_octet *bp; + size_t remain; + unsigned int i; required = 0; bp = *buffer; remain = *lenremain; context = (krb5_context) arg; if (!context) - return (EINVAL); + return (EINVAL); KRB5_VERIFY_MAGIC(context, KV5M_CONTEXT); if ((kret = krb5_context_size(kcontext, arg, &required))) - return (kret); + return (kret); if (required > remain) - return (ENOMEM); + return (ENOMEM); /* First write our magic number */ kret = krb5_ser_pack_int32(KV5M_CONTEXT, &bp, &remain); if (kret) - return (kret); + return (kret); /* Now sizeof default realm */ kret = krb5_ser_pack_int32((context->default_realm) ? - (krb5_int32) strlen(context->default_realm) : 0, - &bp, &remain); + (krb5_int32) strlen(context->default_realm) : 0, + &bp, &remain); if (kret) - return (kret); + return (kret); /* Now default_realm bytes */ if (context->default_realm) { - kret = krb5_ser_pack_bytes((krb5_octet *) context->default_realm, - strlen(context->default_realm), - &bp, &remain); - if (kret) - return (kret); + kret = krb5_ser_pack_bytes((krb5_octet *) context->default_realm, + strlen(context->default_realm), + &bp, &remain); + if (kret) + return (kret); } /* Now number of initial ticket ktypes */ kret = krb5_ser_pack_int32(etypes_len(context->in_tkt_etypes), - &bp, &remain); + &bp, &remain); if (kret) - return (kret); + return (kret); /* Now serialize ktypes */ if (context->in_tkt_etypes) { - for (i = 0; context->in_tkt_etypes[i]; i++) { - kret = krb5_ser_pack_int32(context->in_tkt_etypes[i], - &bp, &remain); - if (kret) - return (kret); - } + for (i = 0; context->in_tkt_etypes[i]; i++) { + kret = krb5_ser_pack_int32(context->in_tkt_etypes[i], + &bp, &remain); + if (kret) + return (kret); + } } /* Now number of default ktypes */ kret = krb5_ser_pack_int32(etypes_len(context->tgs_etypes), &bp, &remain); if (kret) - return (kret); + return (kret); /* Now serialize ktypes */ if (context->tgs_etypes) { - for (i = 0; context->tgs_etypes[i]; i++) { - kret = krb5_ser_pack_int32(context->tgs_etypes[i], &bp, &remain); - if (kret) - return (kret); - } + for (i = 0; context->tgs_etypes[i]; i++) { + kret = krb5_ser_pack_int32(context->tgs_etypes[i], &bp, &remain); + if (kret) + return (kret); + } } /* Now allowable clockskew */ kret = krb5_ser_pack_int32((krb5_int32) context->clockskew, - &bp, &remain); + &bp, &remain); if (kret) - return (kret); + return (kret); /* Now kdc_req_sumtype */ kret = krb5_ser_pack_int32((krb5_int32) context->kdc_req_sumtype, - &bp, &remain); + &bp, &remain); if (kret) - return (kret); + return (kret); /* Now default ap_req_sumtype */ kret = krb5_ser_pack_int32((krb5_int32) context->default_ap_req_sumtype, - &bp, &remain); + &bp, &remain); if (kret) - return (kret); + return (kret); /* Now default safe_sumtype */ kret = krb5_ser_pack_int32((krb5_int32) context->default_safe_sumtype, - &bp, &remain); + &bp, &remain); if (kret) - return (kret); + return (kret); /* Now kdc_default_options */ kret = krb5_ser_pack_int32((krb5_int32) context->kdc_default_options, - &bp, &remain); + &bp, &remain); if (kret) - return (kret); + return (kret); /* Now library_options */ kret = krb5_ser_pack_int32((krb5_int32) context->library_options, - &bp, &remain); + &bp, &remain); if (kret) - return (kret); + return (kret); /* Now profile_secure */ kret = krb5_ser_pack_int32((krb5_int32) context->profile_secure, - &bp, &remain); + &bp, &remain); if (kret) - return (kret); + return (kret); /* Now fcc_default_format */ kret = krb5_ser_pack_int32((krb5_int32) context->fcc_default_format, - &bp, &remain); + &bp, &remain); if (kret) - return (kret); + return (kret); /* Now handle os_context, if appropriate */ kret = krb5_externalize_opaque(kcontext, KV5M_OS_CONTEXT, - (krb5_pointer) &context->os_context, - &bp, &remain); + (krb5_pointer) &context->os_context, + &bp, &remain); if (kret) - return (kret); + return (kret); /* Now handle database context, if appropriate */ if (context->dal_handle) { - kret = krb5_externalize_opaque(kcontext, KV5M_DB_CONTEXT, - (krb5_pointer) context->dal_handle, - &bp, &remain); - if (kret) - return (kret); + kret = krb5_externalize_opaque(kcontext, KV5M_DB_CONTEXT, + (krb5_pointer) context->dal_handle, + &bp, &remain); + if (kret) + return (kret); } /* Finally, handle profile, if appropriate */ if (context->profile) { - kret = krb5_externalize_opaque(kcontext, PROF_MAGIC_PROFILE, - (krb5_pointer) context->profile, - &bp, &remain); - if (kret) - return (kret); + kret = krb5_externalize_opaque(kcontext, PROF_MAGIC_PROFILE, + (krb5_pointer) context->profile, + &bp, &remain); + if (kret) + return (kret); } /* @@ -328,7 +337,7 @@ krb5_context_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **b */ kret = krb5_ser_pack_int32(KV5M_CONTEXT, &bp, &remain); if (kret) - return (kret); + return (kret); *buffer = bp; *lenremain = remain; @@ -337,168 +346,168 @@ krb5_context_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **b } /* - * krb5_context_internalize() - Internalize the krb5_context. + * krb5_context_internalize() - Internalize the krb5_context. */ static krb5_error_code krb5_context_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet **buffer, size_t *lenremain) { - krb5_error_code kret; - krb5_context context; - krb5_int32 ibuf; - krb5_octet *bp; - size_t remain; - unsigned int i, count; + krb5_error_code kret; + krb5_context context; + krb5_int32 ibuf; + krb5_octet *bp; + size_t remain; + unsigned int i, count; bp = *buffer; remain = *lenremain; /* Read our magic number */ if ((kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain))) - return (EINVAL); + return (EINVAL); if (ibuf != KV5M_CONTEXT) - return (EINVAL); + return (EINVAL); /* Get memory for the context */ context = (krb5_context) calloc(1, sizeof(struct _krb5_context)); if (!context) - return (ENOMEM); + return (ENOMEM); /* Get the size of the default realm */ if ((kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain))) - goto cleanup; + goto cleanup; if (ibuf) { - context->default_realm = (char *) malloc((size_t) ibuf+1); - if (!context->default_realm) { - kret = ENOMEM; - goto cleanup; - } - - kret = krb5_ser_unpack_bytes((krb5_octet *) context->default_realm, - (size_t) ibuf, &bp, &remain); - if (kret) - goto cleanup; - - context->default_realm[ibuf] = '\0'; + context->default_realm = (char *) malloc((size_t) ibuf+1); + if (!context->default_realm) { + kret = ENOMEM; + goto cleanup; + } + + kret = krb5_ser_unpack_bytes((krb5_octet *) context->default_realm, + (size_t) ibuf, &bp, &remain); + if (kret) + goto cleanup; + + context->default_realm[ibuf] = '\0'; } /* Get the in_tkt_etypes */ if ((kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain))) - goto cleanup; + goto cleanup; count = ibuf; if (count > 0) { - context->in_tkt_etypes = calloc(count + 1, sizeof(krb5_enctype)); - if (!context->in_tkt_etypes) { - kret = ENOMEM; - goto cleanup; - } - for (i = 0; i < count; i++) { - if ((kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain))) - goto cleanup; - context->in_tkt_etypes[i] = ibuf; - } - context->in_tkt_etypes[count] = 0; + context->in_tkt_etypes = calloc(count + 1, sizeof(krb5_enctype)); + if (!context->in_tkt_etypes) { + kret = ENOMEM; + goto cleanup; + } + for (i = 0; i < count; i++) { + if ((kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain))) + goto cleanup; + context->in_tkt_etypes[i] = ibuf; + } + context->in_tkt_etypes[count] = 0; } else - context->in_tkt_etypes = NULL; + context->in_tkt_etypes = NULL; /* Get the tgs_etypes */ if ((kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain))) - goto cleanup; + goto cleanup; count = ibuf; if (count > 0) { - context->tgs_etypes = calloc(count + 1, sizeof(krb5_enctype)); - if (!context->tgs_etypes) { - kret = ENOMEM; - goto cleanup; - } - for (i = 0; i < count; i++) { - if ((kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain))) - goto cleanup; - context->tgs_etypes[i] = ibuf; - } - context->tgs_etypes[count] = 0; + context->tgs_etypes = calloc(count + 1, sizeof(krb5_enctype)); + if (!context->tgs_etypes) { + kret = ENOMEM; + goto cleanup; + } + for (i = 0; i < count; i++) { + if ((kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain))) + goto cleanup; + context->tgs_etypes[i] = ibuf; + } + context->tgs_etypes[count] = 0; } else - context->tgs_etypes = NULL; + context->tgs_etypes = NULL; /* Allowable checksum */ if ((kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain))) - goto cleanup; + goto cleanup; context->clockskew = (krb5_deltat) ibuf; /* kdc_req_sumtype */ if ((kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain))) - goto cleanup; + goto cleanup; context->kdc_req_sumtype = (krb5_cksumtype) ibuf; /* default ap_req_sumtype */ if ((kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain))) - goto cleanup; + goto cleanup; context->default_ap_req_sumtype = (krb5_cksumtype) ibuf; /* default_safe_sumtype */ if ((kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain))) - goto cleanup; + goto cleanup; context->default_safe_sumtype = (krb5_cksumtype) ibuf; /* kdc_default_options */ if ((kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain))) - goto cleanup; + goto cleanup; context->kdc_default_options = (krb5_flags) ibuf; /* library_options */ if ((kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain))) - goto cleanup; + goto cleanup; context->library_options = (krb5_flags) ibuf; /* profile_secure */ if ((kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain))) - goto cleanup; + goto cleanup; context->profile_secure = (krb5_boolean) ibuf; /* fcc_default_format */ if ((kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain))) - goto cleanup; + goto cleanup; context->fcc_default_format = (int) ibuf; /* Attempt to read in the os_context. It's an array now, but we still treat it in most places as a separate object with a pointer. */ { - krb5_os_context osp = 0; - kret = krb5_internalize_opaque(kcontext, KV5M_OS_CONTEXT, - (krb5_pointer *) &osp, - &bp, &remain); - if (kret && (kret != EINVAL) && (kret != ENOENT)) - goto cleanup; - /* Put the newly allocated data into the krb5_context - structure where we're really keeping it these days. */ - if (osp) - context->os_context = *osp; - free(osp); + krb5_os_context osp = 0; + kret = krb5_internalize_opaque(kcontext, KV5M_OS_CONTEXT, + (krb5_pointer *) &osp, + &bp, &remain); + if (kret && (kret != EINVAL) && (kret != ENOENT)) + goto cleanup; + /* Put the newly allocated data into the krb5_context + structure where we're really keeping it these days. */ + if (osp) + context->os_context = *osp; + free(osp); } /* Attempt to read in the db_context */ kret = krb5_internalize_opaque(kcontext, KV5M_DB_CONTEXT, - (krb5_pointer *) &context->dal_handle, - &bp, &remain); + (krb5_pointer *) &context->dal_handle, + &bp, &remain); if (kret && (kret != EINVAL) && (kret != ENOENT)) - goto cleanup; + goto cleanup; /* Attempt to read in the profile */ kret = krb5_internalize_opaque(kcontext, PROF_MAGIC_PROFILE, - (krb5_pointer *) &context->profile, - &bp, &remain); + (krb5_pointer *) &context->profile, + &bp, &remain); if (kret && (kret != EINVAL) && (kret != ENOENT)) - goto cleanup; + goto cleanup; /* Finally, find the trailer */ if ((kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain))) - goto cleanup; + goto cleanup; if (ibuf != KV5M_CONTEXT) { - kret = EINVAL; - goto cleanup; + kret = EINVAL; + goto cleanup; } context->magic = KV5M_CONTEXT; @@ -510,74 +519,74 @@ krb5_context_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet * cleanup: if (context) - krb5_free_context(context); + krb5_free_context(context); return(kret); } /* - * krb5_oscontext_size() - Determine the size required to externalize - * the krb5_os_context. + * krb5_oscontext_size() - Determine the size required to externalize + * the krb5_os_context. */ static krb5_error_code krb5_oscontext_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) { /* * We need five 32-bit integers: - * two for header and trailer - * one each for time_offset, usec_offset and os_flags + * two for header and trailer + * one each for time_offset, usec_offset and os_flags */ *sizep += (5*sizeof(krb5_int32)); return(0); } /* - * krb5_oscontext_externalize() - Externalize the krb5_os_context. + * krb5_oscontext_externalize() - Externalize the krb5_os_context. */ static krb5_error_code krb5_oscontext_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain) { - krb5_error_code kret; - krb5_os_context os_ctx; - size_t required; - krb5_octet *bp; - size_t remain; + krb5_error_code kret; + krb5_os_context os_ctx; + size_t required; + krb5_octet *bp; + size_t remain; required = 0; bp = *buffer; remain = *lenremain; kret = EINVAL; if ((os_ctx = (krb5_os_context) arg)) { - kret = ENOMEM; - if (!krb5_oscontext_size(kcontext, arg, &required) && - (required <= remain)) { - (void) krb5_ser_pack_int32(KV5M_OS_CONTEXT, &bp, &remain); - (void) krb5_ser_pack_int32(os_ctx->time_offset, &bp, &remain); - (void) krb5_ser_pack_int32(os_ctx->usec_offset, &bp, &remain); - (void) krb5_ser_pack_int32(os_ctx->os_flags, &bp, &remain); - (void) krb5_ser_pack_int32(KV5M_OS_CONTEXT, &bp, &remain); - - /* Handle any other OS context here */ - kret = 0; - if (!kret) { - *buffer = bp; - *lenremain = remain; - } - } + kret = ENOMEM; + if (!krb5_oscontext_size(kcontext, arg, &required) && + (required <= remain)) { + (void) krb5_ser_pack_int32(KV5M_OS_CONTEXT, &bp, &remain); + (void) krb5_ser_pack_int32(os_ctx->time_offset, &bp, &remain); + (void) krb5_ser_pack_int32(os_ctx->usec_offset, &bp, &remain); + (void) krb5_ser_pack_int32(os_ctx->os_flags, &bp, &remain); + (void) krb5_ser_pack_int32(KV5M_OS_CONTEXT, &bp, &remain); + + /* Handle any other OS context here */ + kret = 0; + if (!kret) { + *buffer = bp; + *lenremain = remain; + } + } } return(kret); } /* - * krb5_oscontext_internalize() - Internalize the krb5_os_context. + * krb5_oscontext_internalize() - Internalize the krb5_os_context. */ static krb5_error_code krb5_oscontext_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet **buffer, size_t *lenremain) { - krb5_error_code kret; - krb5_os_context os_ctx; - krb5_int32 ibuf; - krb5_octet *bp; - size_t remain; + krb5_error_code kret; + krb5_os_context os_ctx; + krb5_int32 ibuf; + krb5_octet *bp; + size_t remain; bp = *buffer; remain = *lenremain; @@ -585,37 +594,37 @@ krb5_oscontext_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet os_ctx = (krb5_os_context) NULL; /* Read our magic number */ if (krb5_ser_unpack_int32(&ibuf, &bp, &remain)) - ibuf = 0; + ibuf = 0; if (ibuf == KV5M_OS_CONTEXT) { - kret = ENOMEM; - - /* Get memory for the context */ - if ((os_ctx = (krb5_os_context) - calloc(1, sizeof(struct _krb5_os_context))) && - (remain >= 4*sizeof(krb5_int32))) { - os_ctx->magic = KV5M_OS_CONTEXT; - - /* Read out our context */ - (void) krb5_ser_unpack_int32(&os_ctx->time_offset, &bp, &remain); - (void) krb5_ser_unpack_int32(&os_ctx->usec_offset, &bp, &remain); - (void) krb5_ser_unpack_int32(&os_ctx->os_flags, &bp, &remain); - (void) krb5_ser_unpack_int32(&ibuf, &bp, &remain); - - if (ibuf == KV5M_OS_CONTEXT) { - os_ctx->magic = KV5M_OS_CONTEXT; - kret = 0; - *buffer = bp; - *lenremain = remain; - } else - kret = EINVAL; - } + kret = ENOMEM; + + /* Get memory for the context */ + if ((os_ctx = (krb5_os_context) + calloc(1, sizeof(struct _krb5_os_context))) && + (remain >= 4*sizeof(krb5_int32))) { + os_ctx->magic = KV5M_OS_CONTEXT; + + /* Read out our context */ + (void) krb5_ser_unpack_int32(&os_ctx->time_offset, &bp, &remain); + (void) krb5_ser_unpack_int32(&os_ctx->usec_offset, &bp, &remain); + (void) krb5_ser_unpack_int32(&os_ctx->os_flags, &bp, &remain); + (void) krb5_ser_unpack_int32(&ibuf, &bp, &remain); + + if (ibuf == KV5M_OS_CONTEXT) { + os_ctx->magic = KV5M_OS_CONTEXT; + kret = 0; + *buffer = bp; + *lenremain = remain; + } else + kret = EINVAL; + } } if (!kret) { - *argp = (krb5_pointer) os_ctx; + *argp = (krb5_pointer) os_ctx; } else { - if (os_ctx) - free(os_ctx); + if (os_ctx) + free(os_ctx); } return(kret); } @@ -626,13 +635,13 @@ krb5_oscontext_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet krb5_error_code KRB5_CALLCONV krb5_ser_context_init(krb5_context kcontext) { - krb5_error_code kret; + krb5_error_code kret; kret = krb5_register_serializer(kcontext, &krb5_context_ser_entry); if (!kret) - kret = krb5_register_serializer(kcontext, &krb5_oscontext_ser_entry); + kret = krb5_register_serializer(kcontext, &krb5_oscontext_ser_entry); #ifndef LEAN_CLIENT if (!kret) - kret = krb5_register_serializer(kcontext, &krb5_profile_ser_entry); + kret = krb5_register_serializer(kcontext, &krb5_profile_ser_entry); #endif /* LEAN_CLIENT */ return(kret); } |