search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
No empty .Rs/.Re
[netbsd-mini2440.git] / crypto / dist / heimdal / lib / krb5 / auth_context.c
blob9aa24ba26fc3c8a238c36872360e1af9a814559a
1 /*
2 * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #include "krb5_locl.h"
35
36 __RCSID("$Heimdal: auth_context.c 21745 2007-07-31 16:11:25Z lha $"
37 "$NetBSD: auth_context.c,v 1.2 2008/03/22 08:37:13 mlelstv Exp $");
38
39 krb5_error_code KRB5_LIB_FUNCTION
40 krb5_auth_con_init(krb5_context context,
41 krb5_auth_context *auth_context)
42 {
43 krb5_auth_context p;
44
45 ALLOC(p, 1);
46 if(!p) {
47 krb5_set_error_string(context, "malloc: out of memory");
48 return ENOMEM;
49 }
50 memset(p, 0, sizeof(*p));
51 ALLOC(p->authenticator, 1);
52 if (!p->authenticator) {
53 krb5_set_error_string(context, "malloc: out of memory");
54 free(p);
55 return ENOMEM;
56 }
57 memset (p->authenticator, 0, sizeof(*p->authenticator));
58 p->flags = KRB5_AUTH_CONTEXT_DO_TIME;
59
60 p->local_address = NULL;
61 p->remote_address = NULL;
62 p->local_port = 0;
63 p->remote_port = 0;
64 p->keytype = KEYTYPE_NULL;
65 p->cksumtype = CKSUMTYPE_NONE;
66 *auth_context = p;
67 return 0;
68 }
69
70 krb5_error_code KRB5_LIB_FUNCTION
71 krb5_auth_con_free(krb5_context context,
72 krb5_auth_context auth_context)
73 {
74 if (auth_context != NULL) {
75 krb5_free_authenticator(context, &auth_context->authenticator);
76 if(auth_context->local_address){
77 free_HostAddress(auth_context->local_address);
78 free(auth_context->local_address);
79 }
80 if(auth_context->remote_address){
81 free_HostAddress(auth_context->remote_address);
82 free(auth_context->remote_address);
83 }
84 krb5_free_keyblock(context, auth_context->keyblock);
85 krb5_free_keyblock(context, auth_context->remote_subkey);
86 krb5_free_keyblock(context, auth_context->local_subkey);
87 free (auth_context);
88 }
89 return 0;
90 }
91
92 krb5_error_code KRB5_LIB_FUNCTION
93 krb5_auth_con_setflags(krb5_context context,
94 krb5_auth_context auth_context,
95 int32_t flags)
96 {
97 auth_context->flags = flags;
98 return 0;
99 }
100
101
102 krb5_error_code KRB5_LIB_FUNCTION
103 krb5_auth_con_getflags(krb5_context context,
104 krb5_auth_context auth_context,
105 int32_t *flags)
106 {
107 *flags = auth_context->flags;
108 return 0;
109 }
110
111 krb5_error_code KRB5_LIB_FUNCTION
112 krb5_auth_con_addflags(krb5_context context,
113 krb5_auth_context auth_context,
114 int32_t addflags,
115 int32_t *flags)
116 {
117 if (flags)
118 *flags = auth_context->flags;
119 auth_context->flags |= addflags;
120 return 0;
121 }
122
123 krb5_error_code KRB5_LIB_FUNCTION
124 krb5_auth_con_removeflags(krb5_context context,
125 krb5_auth_context auth_context,
126 int32_t removeflags,
127 int32_t *flags)
128 {
129 if (flags)
130 *flags = auth_context->flags;
131 auth_context->flags &= ~removeflags;
132 return 0;
133 }
134
135 krb5_error_code KRB5_LIB_FUNCTION
136 krb5_auth_con_setaddrs(krb5_context context,
137 krb5_auth_context auth_context,
138 krb5_address *local_addr,
139 krb5_address *remote_addr)
140 {
141 if (local_addr) {
142 if (auth_context->local_address)
143 krb5_free_address (context, auth_context->local_address);
144 else
145 if ((auth_context->local_address = malloc(sizeof(krb5_address))) == NULL)
146 return ENOMEM;
147 krb5_copy_address(context, local_addr, auth_context->local_address);
148 }
149 if (remote_addr) {
150 if (auth_context->remote_address)
151 krb5_free_address (context, auth_context->remote_address);
152 else
153 if ((auth_context->remote_address = malloc(sizeof(krb5_address))) == NULL)
154 return ENOMEM;
155 krb5_copy_address(context, remote_addr, auth_context->remote_address);
156 }
157 return 0;
158 }
159
160 krb5_error_code KRB5_LIB_FUNCTION
161 krb5_auth_con_genaddrs(krb5_context context,
162 krb5_auth_context auth_context,
163 int fd, int flags)
164 {
165 krb5_error_code ret;
166 krb5_address local_k_address, remote_k_address;
167 krb5_address *lptr = NULL, *rptr = NULL;
168 struct sockaddr_storage ss_local, ss_remote;
169 struct sockaddr *local = (struct sockaddr *)&ss_local;
170 struct sockaddr *remote = (struct sockaddr *)&ss_remote;
171 socklen_t len;
172
173 if(flags & KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR) {
174 if (auth_context->local_address == NULL) {
175 len = sizeof(ss_local);
176 if(getsockname(fd, local, &len) < 0) {
177 ret = errno;
178 krb5_set_error_string (context, "getsockname: %s",
179 strerror(ret));
180 goto out;
181 }
182 ret = krb5_sockaddr2address (context, local, &local_k_address);
183 if(ret) goto out;
184 if(flags & KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR) {
185 krb5_sockaddr2port (context, local, &auth_context->local_port);
186 } else
187 auth_context->local_port = 0;
188 lptr = &local_k_address;
189 }
190 }
191 if(flags & KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR) {
192 len = sizeof(ss_remote);
193 if(getpeername(fd, remote, &len) < 0) {
194 ret = errno;
195 krb5_set_error_string (context, "getpeername: %s", strerror(ret));
196 goto out;
197 }
198 ret = krb5_sockaddr2address (context, remote, &remote_k_address);
199 if(ret) goto out;
200 if(flags & KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR) {
201 krb5_sockaddr2port (context, remote, &auth_context->remote_port);
202 } else
203 auth_context->remote_port = 0;
204 rptr = &remote_k_address;
205 }
206 ret = krb5_auth_con_setaddrs (context,
207 auth_context,
208 lptr,
209 rptr);
210 out:
211 if (lptr)
212 krb5_free_address (context, lptr);
213 if (rptr)
214 krb5_free_address (context, rptr);
215 return ret;
216
217 }
218
219 krb5_error_code KRB5_LIB_FUNCTION
220 krb5_auth_con_setaddrs_from_fd (krb5_context context,
221 krb5_auth_context auth_context,
222 void *p_fd)
223 {
224 int fd = *(int*)p_fd;
225 int flags = 0;
226 if(auth_context->local_address == NULL)
227 flags |= KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR;
228 if(auth_context->remote_address == NULL)
229 flags |= KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR;
230 return krb5_auth_con_genaddrs(context, auth_context, fd, flags);
231 }
232
233 krb5_error_code KRB5_LIB_FUNCTION
234 krb5_auth_con_getaddrs(krb5_context context,
235 krb5_auth_context auth_context,
236 krb5_address **local_addr,
237 krb5_address **remote_addr)
238 {
239 if(*local_addr)
240 krb5_free_address (context, *local_addr);
241 *local_addr = malloc (sizeof(**local_addr));
242 if (*local_addr == NULL) {
243 krb5_set_error_string(context, "malloc: out of memory");
244 return ENOMEM;
245 }
246 krb5_copy_address(context,
247 auth_context->local_address,
248 *local_addr);
249
250 if(*remote_addr)
251 krb5_free_address (context, *remote_addr);
252 *remote_addr = malloc (sizeof(**remote_addr));
253 if (*remote_addr == NULL) {
254 krb5_set_error_string(context, "malloc: out of memory");
255 krb5_free_address (context, *local_addr);
256 *local_addr = NULL;
257 return ENOMEM;
258 }
259 krb5_copy_address(context,
260 auth_context->remote_address,
261 *remote_addr);
262 return 0;
263 }
264
265 /* coverity[+alloc : arg-*2] */
266 static krb5_error_code
267 copy_key(krb5_context context,
268 krb5_keyblock *in,
269 krb5_keyblock **out)
270 {
271 if(in)
272 return krb5_copy_keyblock(context, in, out);
273 *out = NULL; /* is this right? */
274 return 0;
275 }
276
277 krb5_error_code KRB5_LIB_FUNCTION
278 krb5_auth_con_getkey(krb5_context context,
279 krb5_auth_context auth_context,
280 krb5_keyblock **keyblock)
281 {
282 return copy_key(context, auth_context->keyblock, keyblock);
283 }
284
285 krb5_error_code KRB5_LIB_FUNCTION
286 krb5_auth_con_getlocalsubkey(krb5_context context,
287 krb5_auth_context auth_context,
288 krb5_keyblock **keyblock)
289 {
290 return copy_key(context, auth_context->local_subkey, keyblock);
291 }
292
293
294 /* coverity[+alloc : arg-*2] */
295 krb5_error_code KRB5_LIB_FUNCTION
296 krb5_auth_con_getremotesubkey(krb5_context context,
297 krb5_auth_context auth_context,
298 krb5_keyblock **keyblock)
299 {
300 return copy_key(context, auth_context->remote_subkey, keyblock);
301 }
302
303 krb5_error_code KRB5_LIB_FUNCTION
304 krb5_auth_con_setkey(krb5_context context,
305 krb5_auth_context auth_context,
306 krb5_keyblock *keyblock)
307 {
308 if(auth_context->keyblock)
309 krb5_free_keyblock(context, auth_context->keyblock);
310 return copy_key(context, keyblock, &auth_context->keyblock);
311 }
312
313 krb5_error_code KRB5_LIB_FUNCTION
314 krb5_auth_con_setlocalsubkey(krb5_context context,
315 krb5_auth_context auth_context,
316 krb5_keyblock *keyblock)
317 {
318 if(auth_context->local_subkey)
319 krb5_free_keyblock(context, auth_context->local_subkey);
320 return copy_key(context, keyblock, &auth_context->local_subkey);
321 }
322
323 krb5_error_code KRB5_LIB_FUNCTION
324 krb5_auth_con_generatelocalsubkey(krb5_context context,
325 krb5_auth_context auth_context,
326 krb5_keyblock *key)
327 {
328 krb5_error_code ret;
329 krb5_keyblock *subkey;
330
331 ret = krb5_generate_subkey_extended (context, key,
332 auth_context->keytype,
333 &subkey);
334 if(ret)
335 return ret;
336 if(auth_context->local_subkey)
337 krb5_free_keyblock(context, auth_context->local_subkey);
338 auth_context->local_subkey = subkey;
339 return 0;
340 }
341
342
343 krb5_error_code KRB5_LIB_FUNCTION
344 krb5_auth_con_setremotesubkey(krb5_context context,
345 krb5_auth_context auth_context,
346 krb5_keyblock *keyblock)
347 {
348 if(auth_context->remote_subkey)
349 krb5_free_keyblock(context, auth_context->remote_subkey);
350 return copy_key(context, keyblock, &auth_context->remote_subkey);
351 }
352
353 krb5_error_code KRB5_LIB_FUNCTION
354 krb5_auth_con_setcksumtype(krb5_context context,
355 krb5_auth_context auth_context,
356 krb5_cksumtype cksumtype)
357 {
358 auth_context->cksumtype = cksumtype;
359 return 0;
360 }
361
362 krb5_error_code KRB5_LIB_FUNCTION
363 krb5_auth_con_getcksumtype(krb5_context context,
364 krb5_auth_context auth_context,
365 krb5_cksumtype *cksumtype)
366 {
367 *cksumtype = auth_context->cksumtype;
368 return 0;
369 }
370
371 krb5_error_code KRB5_LIB_FUNCTION
372 krb5_auth_con_setkeytype (krb5_context context,
373 krb5_auth_context auth_context,
374 krb5_keytype keytype)
375 {
376 auth_context->keytype = keytype;
377 return 0;
378 }
379
380 krb5_error_code KRB5_LIB_FUNCTION
381 krb5_auth_con_getkeytype (krb5_context context,
382 krb5_auth_context auth_context,
383 krb5_keytype *keytype)
384 {
385 *keytype = auth_context->keytype;
386 return 0;
387 }
388
389 #if 0
390 krb5_error_code KRB5_LIB_FUNCTION
391 krb5_auth_con_setenctype(krb5_context context,
392 krb5_auth_context auth_context,
393 krb5_enctype etype)
394 {
395 if(auth_context->keyblock)
396 krb5_free_keyblock(context, auth_context->keyblock);
397 ALLOC(auth_context->keyblock, 1);
398 if(auth_context->keyblock == NULL)
399 return ENOMEM;
400 auth_context->keyblock->keytype = etype;
401 return 0;
402 }
403
404 krb5_error_code KRB5_LIB_FUNCTION
405 krb5_auth_con_getenctype(krb5_context context,
406 krb5_auth_context auth_context,
407 krb5_enctype *etype)
408 {
409 krb5_abortx(context, "unimplemented krb5_auth_getenctype called");
410 }
411 #endif
412
413 krb5_error_code KRB5_LIB_FUNCTION
414 krb5_auth_con_getlocalseqnumber(krb5_context context,
415 krb5_auth_context auth_context,
416 int32_t *seqnumber)
417 {
418 *seqnumber = auth_context->local_seqnumber;
419 return 0;
420 }
421
422 krb5_error_code KRB5_LIB_FUNCTION
423 krb5_auth_con_setlocalseqnumber (krb5_context context,
424 krb5_auth_context auth_context,
425 int32_t seqnumber)
426 {
427 auth_context->local_seqnumber = seqnumber;
428 return 0;
429 }
430
431 krb5_error_code KRB5_LIB_FUNCTION
432 krb5_auth_getremoteseqnumber(krb5_context context,
433 krb5_auth_context auth_context,
434 int32_t *seqnumber)
435 {
436 *seqnumber = auth_context->remote_seqnumber;
437 return 0;
438 }
439
440 krb5_error_code KRB5_LIB_FUNCTION
441 krb5_auth_con_setremoteseqnumber (krb5_context context,
442 krb5_auth_context auth_context,
443 int32_t seqnumber)
444 {
445 auth_context->remote_seqnumber = seqnumber;
446 return 0;
447 }
448
449
450 krb5_error_code KRB5_LIB_FUNCTION
451 krb5_auth_con_getauthenticator(krb5_context context,
452 krb5_auth_context auth_context,
453 krb5_authenticator *authenticator)
454 {
455 *authenticator = malloc(sizeof(**authenticator));
456 if (*authenticator == NULL) {
457 krb5_set_error_string(context, "malloc: out of memory");
458 return ENOMEM;
459 }
460
461 copy_Authenticator(auth_context->authenticator,
462 *authenticator);
463 return 0;
464 }
465
466
467 void KRB5_LIB_FUNCTION
468 krb5_free_authenticator(krb5_context context,
469 krb5_authenticator *authenticator)
470 {
471 free_Authenticator (*authenticator);
472 free (*authenticator);
473 *authenticator = NULL;
474 }
475
476
477 krb5_error_code KRB5_LIB_FUNCTION
478 krb5_auth_con_setuserkey(krb5_context context,
479 krb5_auth_context auth_context,
480 krb5_keyblock *keyblock)
481 {
482 if(auth_context->keyblock)
483 krb5_free_keyblock(context, auth_context->keyblock);
484 return krb5_copy_keyblock(context, keyblock, &auth_context->keyblock);
485 }
486
487 krb5_error_code KRB5_LIB_FUNCTION
488 krb5_auth_con_getrcache(krb5_context context,
489 krb5_auth_context auth_context,
490 krb5_rcache *rcache)
491 {
492 *rcache = auth_context->rcache;
493 return 0;
494 }
495
496 krb5_error_code KRB5_LIB_FUNCTION
497 krb5_auth_con_setrcache(krb5_context context,
498 krb5_auth_context auth_context,
499 krb5_rcache rcache)
500 {
501 auth_context->rcache = rcache;
502 return 0;
503 }
504
505 #if 0 /* not implemented */
506
507 krb5_error_code KRB5_LIB_FUNCTION
508 krb5_auth_con_initivector(krb5_context context,
509 krb5_auth_context auth_context)
510 {
511 krb5_abortx(context, "unimplemented krb5_auth_con_initivector called");
512 }
513
514
515 krb5_error_code KRB5_LIB_FUNCTION
516 krb5_auth_con_setivector(krb5_context context,
517 krb5_auth_context auth_context,
518 krb5_pointer ivector)
519 {
520 krb5_abortx(context, "unimplemented krb5_auth_con_setivector called");
521 }
522
523 #endif /* not implemented */
NetBSD on the FriendlyARM MINI2440