-: 0:Source:ser_auth.c -: 0:Graph:/var/tsitkova/Sources/v10/trunk/src/lib/krb5/krb/ser_auth.so.gcno -: 0:Data:/var/tsitkova/Sources/v10/trunk/src/lib/krb5/krb/ser_auth.so.gcda -: 0:Runs:1602 -: 0:Programs:1 -: 1:/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -: 2:/* lib/krb5/krb/ser_auth.c - Serialize krb5_authenticator structure */ -: 3:/* -: 4: * Copyright 1995, 2008 by the Massachusetts Institute of Technology. -: 5: * All Rights Reserved. -: 6: * -: 7: * Export of this software from the United States of America may -: 8: * require a specific license from the United States Government. -: 9: * It is the responsibility of any person or organization contemplating -: 10: * export to obtain such a license before exporting. -: 11: * -: 12: * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -: 13: * distribute this software and its documentation for any purpose and -: 14: * without fee is hereby granted, provided that the above copyright -: 15: * notice appear in all copies and that both that copyright notice and -: 16: * this permission notice appear in supporting documentation, and that -: 17: * the name of M.I.T. not be used in advertising or publicity pertaining -: 18: * to distribution of the software without specific, written prior -: 19: * permission. Furthermore if you modify this software you must label -: 20: * your software as modified software and not distribute it in such a -: 21: * fashion that it might be confused with the original M.I.T. software. -: 22: * M.I.T. makes no representations about the suitability of -: 23: * this software for any purpose. It is provided "as is" without express -: 24: * or implied warranty. -: 25: */ -: 26: -: 27:#ifndef LEAN_CLIENT -: 28: -: 29:#include "k5-int.h" -: 30:#include "int-proto.h" -: 31: -: 32:/* -: 33: * Routines to deal with externalizing the krb5_authenticator: -: 34: * krb5_authenticator_size(); -: 35: * krb5_authenticator_externalize(); -: 36: * krb5_authenticator_internalize(); -: 37: */ -: 38:static krb5_error_code krb5_authenticator_size -: 39:(krb5_context, krb5_pointer, size_t *); -: 40:static krb5_error_code krb5_authenticator_externalize -: 41:(krb5_context, krb5_pointer, krb5_octet **, size_t *); -: 42:static krb5_error_code krb5_authenticator_internalize -: 43:(krb5_context,krb5_pointer *, krb5_octet **, size_t *); -: 44: -: 45:/* Local data */ -: 46:static const krb5_ser_entry krb5_authenticator_ser_entry = { -: 47: KV5M_AUTHENTICATOR, /* Type */ -: 48: krb5_authenticator_size, /* Sizer routine */ -: 49: krb5_authenticator_externalize, /* Externalize routine */ -: 50: krb5_authenticator_internalize /* Internalize routine */ -: 51:}; -: 52: -: 53:/* -: 54: * krb5_authenticator_size() - Determine the size required to externalize -: 55: * the krb5_authenticator. -: 56: */ -: 57:static krb5_error_code #####: 58:krb5_authenticator_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) -: 59:{ -: 60: krb5_error_code kret; -: 61: krb5_authenticator *authenticator; -: 62: size_t required; -: 63: -: 64: /* -: 65: * krb5_authenticator requires at minimum: -: 66: * krb5_int32 for KV5M_AUTHENTICATOR -: 67: * krb5_int32 for seconds -: 68: * krb5_int32 for cusec -: 69: * krb5_int32 for seq_number -: 70: * krb5_int32 for number in authorization_data array. -: 71: * krb5_int32 for KV5M_AUTHENTICATOR -: 72: */ #####: 73: kret = EINVAL; #####: 74: if ((authenticator = (krb5_authenticator *) arg)) { #####: 75: required = sizeof(krb5_int32)*6; -: 76: -: 77: /* Calculate size required by client, if appropriate */ #####: 78: if (authenticator->client) #####: 79: kret = krb5_size_opaque(kcontext, -: 80: KV5M_PRINCIPAL, -: 81: (krb5_pointer) authenticator->client, -: 82: &required); -: 83: else #####: 84: kret = 0; -: 85: -: 86: /* Calculate size required by checksum, if appropriate */ #####: 87: if (!kret && authenticator->checksum) #####: 88: kret = krb5_size_opaque(kcontext, -: 89: KV5M_CHECKSUM, -: 90: (krb5_pointer) authenticator->checksum, -: 91: &required); -: 92: -: 93: /* Calculate size required by subkey, if appropriate */ #####: 94: if (!kret && authenticator->subkey) #####: 95: kret = krb5_size_opaque(kcontext, -: 96: KV5M_KEYBLOCK, -: 97: (krb5_pointer) authenticator->subkey, -: 98: &required); -: 99: -: 100: /* Calculate size required by authorization_data, if appropriate */ #####: 101: if (!kret && authenticator->authorization_data) { -: 102: int i; -: 103: #####: 104: for (i=0; !kret && authenticator->authorization_data[i]; i++) { #####: 105: kret = krb5_size_opaque(kcontext, -: 106: KV5M_AUTHDATA, -: 107: (krb5_pointer) authenticator-> #####: 108: authorization_data[i], -: 109: &required); -: 110: } -: 111: } -: 112: } #####: 113: if (!kret) #####: 114: *sizep += required; #####: 115: return(kret); -: 116:} -: 117: -: 118:/* -: 119: * krb5_authenticator_externalize() - Externalize the krb5_authenticator. -: 120: */ -: 121:static krb5_error_code #####: 122:krb5_authenticator_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain) -: 123:{ -: 124: krb5_error_code kret; -: 125: krb5_authenticator *authenticator; -: 126: size_t required; -: 127: krb5_octet *bp; -: 128: size_t remain; -: 129: int i; -: 130: #####: 131: required = 0; #####: 132: bp = *buffer; #####: 133: remain = *lenremain; #####: 134: kret = EINVAL; #####: 135: if ((authenticator = (krb5_authenticator *) arg)) { #####: 136: kret = ENOMEM; #####: 137: if (!krb5_authenticator_size(kcontext, arg, &required) && #####: 138: (required <= remain)) { -: 139: /* First write our magic number */ #####: 140: (void) krb5_ser_pack_int32(KV5M_AUTHENTICATOR, &bp, &remain); -: 141: -: 142: /* Now ctime */ #####: 143: (void) krb5_ser_pack_int32((krb5_int32) authenticator->ctime, -: 144: &bp, &remain); -: 145: -: 146: /* Now cusec */ #####: 147: (void) krb5_ser_pack_int32((krb5_int32) authenticator->cusec, -: 148: &bp, &remain); -: 149: -: 150: /* Now seq_number */ #####: 151: (void) krb5_ser_pack_int32(authenticator->seq_number, -: 152: &bp, &remain); -: 153: -: 154: /* Now handle client, if appropriate */ #####: 155: if (authenticator->client) #####: 156: kret = krb5_externalize_opaque(kcontext, -: 157: KV5M_PRINCIPAL, -: 158: (krb5_pointer) -: 159: authenticator->client, -: 160: &bp, -: 161: &remain); -: 162: else #####: 163: kret = 0; -: 164: -: 165: /* Now handle checksum, if appropriate */ #####: 166: if (!kret && authenticator->checksum) #####: 167: kret = krb5_externalize_opaque(kcontext, -: 168: KV5M_CHECKSUM, -: 169: (krb5_pointer) -: 170: authenticator->checksum, -: 171: &bp, -: 172: &remain); -: 173: -: 174: /* Now handle subkey, if appropriate */ #####: 175: if (!kret && authenticator->subkey) #####: 176: kret = krb5_externalize_opaque(kcontext, -: 177: KV5M_KEYBLOCK, -: 178: (krb5_pointer) -: 179: authenticator->subkey, -: 180: &bp, -: 181: &remain); -: 182: -: 183: /* Now handle authorization_data, if appropriate */ #####: 184: if (!kret) { #####: 185: if (authenticator->authorization_data) #####: 186: for (i=0; authenticator->authorization_data[i]; i++); -: 187: else #####: 188: i = 0; #####: 189: (void) krb5_ser_pack_int32((krb5_int32) i, &bp, &remain); -: 190: -: 191: /* Now pound out the authorization_data */ #####: 192: if (authenticator->authorization_data) { #####: 193: for (i=0; !kret && authenticator->authorization_data[i]; #####: 194: i++) #####: 195: kret = krb5_externalize_opaque(kcontext, -: 196: KV5M_AUTHDATA, -: 197: (krb5_pointer) -: 198: authenticator-> #####: 199: authorization_data[i], -: 200: &bp, -: 201: &remain); -: 202: } -: 203: } -: 204: -: 205: /* -: 206: * If we were successful, write trailer then update the pointer and -: 207: * remaining length; -: 208: */ #####: 209: if (!kret) { -: 210: /* Write our trailer */ #####: 211: (void) krb5_ser_pack_int32(KV5M_AUTHENTICATOR, &bp, &remain); #####: 212: *buffer = bp; #####: 213: *lenremain = remain; -: 214: } -: 215: } -: 216: } #####: 217: return(kret); -: 218:} -: 219: -: 220:/* -: 221: * krb5_authenticator_internalize() - Internalize the krb5_authenticator. -: 222: */ -: 223:static krb5_error_code #####: 224:krb5_authenticator_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet **buffer, size_t *lenremain) -: 225:{ -: 226: krb5_error_code kret; -: 227: krb5_authenticator *authenticator; -: 228: krb5_int32 ibuf; -: 229: krb5_octet *bp; -: 230: size_t remain; -: 231: int i; -: 232: krb5_int32 nadata; -: 233: size_t len; -: 234: #####: 235: bp = *buffer; #####: 236: remain = *lenremain; #####: 237: kret = EINVAL; -: 238: /* Read our magic number */ #####: 239: if (krb5_ser_unpack_int32(&ibuf, &bp, &remain)) #####: 240: ibuf = 0; #####: 241: if (ibuf == KV5M_AUTHENTICATOR) { #####: 242: kret = ENOMEM; -: 243: -: 244: /* Get memory for the authenticator */ #####: 245: if ((remain >= (3*sizeof(krb5_int32))) && #####: 246: (authenticator = (krb5_authenticator *) -: 247: calloc(1, sizeof(krb5_authenticator)))) { -: 248: -: 249: /* Get ctime */ #####: 250: (void) krb5_ser_unpack_int32(&ibuf, &bp, &remain); #####: 251: authenticator->ctime = (krb5_timestamp) ibuf; -: 252: -: 253: /* Get cusec */ #####: 254: (void) krb5_ser_unpack_int32(&ibuf, &bp, &remain); #####: 255: authenticator->cusec = ibuf; -: 256: -: 257: /* Get seq_number */ #####: 258: (void) krb5_ser_unpack_int32(&ibuf, &bp, &remain); #####: 259: authenticator->seq_number = ibuf; -: 260: #####: 261: kret = 0; -: 262: -: 263: /* Attempt to read in the client */ #####: 264: kret = krb5_internalize_opaque(kcontext, -: 265: KV5M_PRINCIPAL, -: 266: (krb5_pointer *) #####: 267: &authenticator->client, -: 268: &bp, -: 269: &remain); #####: 270: if (kret == EINVAL) #####: 271: kret = 0; -: 272: -: 273: /* Attempt to read in the checksum */ #####: 274: if (!kret) { #####: 275: kret = krb5_internalize_opaque(kcontext, -: 276: KV5M_CHECKSUM, -: 277: (krb5_pointer *) #####: 278: &authenticator->checksum, -: 279: &bp, -: 280: &remain); #####: 281: if (kret == EINVAL) #####: 282: kret = 0; -: 283: } -: 284: -: 285: /* Attempt to read in the subkey */ #####: 286: if (!kret) { #####: 287: kret = krb5_internalize_opaque(kcontext, -: 288: KV5M_KEYBLOCK, -: 289: (krb5_pointer *) #####: 290: &authenticator->subkey, -: 291: &bp, -: 292: &remain); #####: 293: if (kret == EINVAL) #####: 294: kret = 0; -: 295: } -: 296: -: 297: /* Attempt to read in the authorization data count */ #####: 298: if (!(kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain))) { #####: 299: nadata = ibuf; #####: 300: len = (size_t) (nadata + 1); -: 301: -: 302: /* Get memory for the authorization data pointers */ #####: 303: if ((authenticator->authorization_data = (krb5_authdata **) -: 304: calloc(len, sizeof(krb5_authdata *)))) { #####: 305: for (i=0; !kret && (i #####: 310: authorization_data[i], -: 311: &bp, -: 312: &remain); -: 313: } -: 314: -: 315: /* Finally, find the trailer */ #####: 316: if (!kret) { #####: 317: kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain); #####: 318: if (!kret && (ibuf == KV5M_AUTHENTICATOR)) #####: 319: authenticator->magic = KV5M_AUTHENTICATOR; -: 320: else #####: 321: kret = EINVAL; -: 322: } -: 323: } -: 324: } #####: 325: if (!kret) { #####: 326: *buffer = bp; #####: 327: *lenremain = remain; #####: 328: *argp = (krb5_pointer) authenticator; -: 329: } -: 330: else #####: 331: krb5_free_authenticator(kcontext, authenticator); -: 332: } -: 333: } #####: 334: return(kret); -: 335:} -: 336:/* -: 337: * Register the authenticator serializer. -: 338: */ -: 339:krb5_error_code #####: 340:krb5_ser_authenticator_init(krb5_context kcontext) -: 341:{ #####: 342: return(krb5_register_serializer(kcontext, &krb5_authenticator_ser_entry)); -: 343:} -: 344:#endif