search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Update NEWS for 1.6.22
[pkg-k5-afs_openafs.git] / src / kauth / kadatabase.c
blob3524688563deb1963a242c8ceb32d4a918d79100
1 /*
2 * Copyright 2000, International Business Machines Corporation and others.
3 * All Rights Reserved.
4 *
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
8 */
9
10 #include <afsconfig.h>
11 #include <afs/param.h>
12
13
14 #include <sys/types.h>
15 #ifdef AFS_NT40_ENV
16 #include <winsock2.h>
17 #else
18 #include <netinet/in.h>
19 #endif
20 #include <string.h>
21 #include <ubik.h>
22 #include <rx/xdr.h>
23 #include <rx/rx.h>
24 #include <afs/afsutil.h>
25 #include "kauth.h"
26 #include "kautils.h"
27 #include "kaserver.h"
28
29 #if !defined(offsetof)
30 #include <stddef.h> /* for definition of offsetof() */
31 #endif
32
33 extern Date cheaderReadTime; /* time cheader last read in */
34
35 #define set_header_word(tt,field,value) \
36 ( \
37 (cheader.field) = (value), \
38 kawrite((tt), ((char *)&(cheader.field) - (char *)&cheader), \
39 (char *)&(cheader.field), sizeof(afs_int32)) \
40 )
41
42 #define inc_header_word(tt,field) kawrite ((tt), (offsetof(struct kaheader, field)), ((cheader.field = (htonl(ntohl(cheader.field)+1))), (char *)&(cheader.field)), sizeof(afs_int32))
43
44 static int index_OK(afs_int32);
45
46 afs_int32
47 NameHash(char *aname, char *ainstance)
48 {
49 unsigned int hash;
50 int i;
51
52 /* stolen directly from the HashString function in the vol package */
53 hash = 0;
54 for (i = strlen(aname), aname += i - 1; i--; aname--)
55 hash = (hash * 31) + (*((unsigned char *)aname) - 31);
56 for (i = strlen(ainstance), ainstance += i - 1; i--; ainstance--)
57 hash = (hash * 31) + (*((unsigned char *)ainstance) - 31);
58 return (hash % HASHSIZE);
59 }
60
61 /* package up seek and write into one procedure for ease of use */
62
63 afs_int32
64 kawrite(struct ubik_trans *tt, afs_int32 pos, char *buff, afs_int32 len)
65 {
66 afs_int32 code;
67
68 code = ubik_Seek(tt, 0, pos);
69 if (code)
70 return code;
71 code = ubik_Write(tt, buff, len);
72 return code;
73 }
74
75 /* same thing for read */
76
77 afs_int32
78 karead(struct ubik_trans *tt, afs_int32 pos, char *buff, afs_int32 len)
79 {
80 afs_int32 code;
81
82 code = ubik_Seek(tt, 0, pos);
83 if (code)
84 return code;
85 code = ubik_Read(tt, buff, len);
86 return code;
87 }
88
89 static struct Lock keycache_lock;
90
91 static int maxCachedKeys;
92
93 static struct cachedKey {
94 Date used;
95 int superseded; /* NEVERDATE => this is current key */
96 afs_int32 kvno;
97 struct ktc_encryptionKey key;
98 char name[MAXKTCNAMELEN];
99 char inst[MAXKTCNAMELEN];
100 } *keyCache;
101 static afs_int32 keyCacheVersion = 0;
102
103 static afs_int32 maxKeyLifetime;
104 static int dbfixup = 0;
105
106 void
107 init_kadatabase(int initFlags)
108 {
109 Lock_Init(&keycache_lock);
110
111 maxCachedKeys = 10;
112 keyCache =
113 (struct cachedKey *)malloc(maxCachedKeys * sizeof(struct cachedKey));
114 keyCacheVersion = 0;
115 if (initFlags & 4) {
116 maxKeyLifetime = 90;
117 } else {
118 maxKeyLifetime = MAXKTCTICKETLIFETIME;
119 }
120 if (initFlags & 8)
121 dbfixup++;
122 }
123
124 /* check that the database has been initialized. Be careful to fail in a safe
125 manner, to avoid bogusly reinitializing the db. */
126 /**
127 * reads in db cache from ubik.
128 *
129 * @param[in] ut ubik transaction
130 * @param[in] rock opaque pointer to an int (*) (struct ubik_trans *), which
131 * will be called on rebuilding the database (or NULL to not
132 * rebuild the db)
133 *
134 * @return operation status
135 * @retval 0 success
136 */
137 static afs_int32
138 UpdateCache(struct ubik_trans *at, void *rock)
139 {
140 int (*db_init) (struct ubik_trans *) = rock;
141 afs_int32 code;
142 afs_int32 iversion;
143 afs_int32 tversion;
144
145 if ((code = karead(at, 0, (char *)&iversion, sizeof(iversion)))
146 || (code =
147 karead(at, sizeof(cheader) - sizeof(afs_int32), (char *)&tversion,
148 sizeof(afs_int32)))) {
149 if (code == UEOF)
150 printf("No data base\n");
151 else
152 printf("I/O Error\n");
153 } else {
154 iversion = ntohl(iversion); /* convert to host order */
155 tversion = ntohl(tversion);
156 if ((iversion == KADBVERSION) && (tversion == KADBVERSION)) {
157 code = karead(at, 0, (char *)&cheader, sizeof(cheader));
158 if (code) {
159 printf("SetupHeader failed\n");
160 code = KAIO;
161 } else {
162 cheaderReadTime = time(0);
163 }
164 } else {
165 printf("DB version should be %d; Initial = %d; Terminal = %d\n",
166 KADBVERSION, iversion, tversion);
167 code = KAIO;
168 }
169 }
170 if (code == 0)
171 return 0;
172
173 /* if here, we have no version number or the wrong version number in the
174 * file */
175 if ((code == UEOF) || ((iversion == 0) && (tversion == 0)))
176 code = KAEMPTY;
177 else
178 code = KAIO;
179
180 if ((db_init == 0) || (code == KAIO))
181 return code;
182
183 printf("Error discovered in header, rebuilding.\n");
184
185 /* try to write a good header */
186 memset(&cheader, 0, sizeof(cheader));
187 cheader.version = htonl(KADBVERSION);
188 cheader.checkVersion = htonl(KADBVERSION);
189 cheader.headerSize = htonl(sizeof(cheader));
190 cheader.freePtr = 0;
191 cheader.eofPtr = htonl(sizeof(cheader));
192 cheader.kvnoPtr = 0;
193 cheader.specialKeysVersion = htonl(time(0)); /* anything non-zero will do */
194 cheader.stats.cpws = cheader.stats.allocs = cheader.stats.frees = 0;
195 cheader.admin_accounts = 0;
196 cheader.hashsize = htonl(HASHSIZE);
197 code = kawrite(at, 0, (char *)&cheader, sizeof(cheader));
198 if (code)
199 return KAIO; /* return the error code */
200
201 return db_init(at); /* initialize the db */
202 }
203
204 afs_int32
205 CheckInit(struct ubik_trans *at,
206 int (*db_init) (struct ubik_trans *)) /* procedure to call if rebuilding DB */
207 {
208 return ubik_CheckCache(at, UpdateCache, db_init);
209 }
210
211 /* Allocate a free block of storage for entry, returning address of a new
212 zeroed entry. If zero is returned, a Ubik I/O error can be assumed. */
213
214 afs_int32
215 AllocBlock(struct ubik_trans *at, struct kaentry *tentry)
216 {
217 afs_int32 code;
218 afs_int32 temp;
219
220 if (cheader.freePtr) {
221 /* allocate this dude */
222 temp = ntohl(cheader.freePtr);
223 code = karead(at, temp, (char *)tentry, sizeof(kaentry));
224 if (code)
225 return 0; /* can't read block */
226 code = set_header_word(at, freePtr, tentry->next);
227 } else {
228 /* hosed, nothing on free list, grow file */
229 temp = ntohl(cheader.eofPtr); /* remember this guy */
230 code = set_header_word(at, eofPtr, htonl(temp + sizeof(kaentry)));
231 }
232 if (code)
233 return 0;
234
235 code = inc_header_word(at, stats.allocs);
236 if (code)
237 return 0;
238 memset(tentry, 0, sizeof(kaentry)); /* zero new entry */
239 return temp;
240 }
241
242 /* Free a block given its index. It must already have been unthreaded.
243 Returns zero for success or an error code on failure. */
244
245 afs_int32
246 FreeBlock(struct ubik_trans *at, afs_int32 index)
247 {
248 struct kaentry tentry;
249 int code;
250
251 /* check index just to be on the safe side */
252 if (!index_OK(index))
253 return KABADINDEX;
254
255 memset(&tentry, 0, sizeof(kaentry));
256 tentry.next = cheader.freePtr;
257 tentry.flags = htonl(KAFFREE);
258 code = set_header_word(at, freePtr, htonl(index));
259 if (code)
260 return KAIO;
261 code = kawrite(at, index, (char *)&tentry, sizeof(kaentry));
262 if (code)
263 return KAIO;
264
265 code = inc_header_word(at, stats.frees);
266 if (code)
267 return KAIO;
268 return 0;
269 }
270
271 /* Look for a block by name and instance. If found read the block's contents
272 into the area pointed to by tentry and return the block's index. If not
273 found offset is set to zero. If an error is encountered a non-zero code is
274 returned. */
275
276 afs_int32
277 FindBlock(struct ubik_trans *at, char *aname, char *ainstance, afs_int32 *toP,
278 struct kaentry *tentry)
279 {
280 afs_int32 i, code;
281 afs_int32 to;
282
283 *toP = 0;
284 i = NameHash(aname, ainstance);
285 for (to = ntohl(cheader.nameHash[i]); to != NULLO;
286 to = ntohl(tentry->next)) {
287 code = karead(at, to, (char *)tentry, sizeof(kaentry));
288 if (code)
289 return code;
290 /* see if the name matches */
291 if (!strcmp(aname, tentry->userID.name)
292 && (ainstance == (char *)0
293 || !strcmp(ainstance, tentry->userID.instance))) {
294 *toP = to; /* found it */
295 return 0;
296 }
297 }
298 *toP = 0; /* no such entry */
299 return 0;
300 }
301
302 /* Add a block to the hash table given a pointer to the block and its index.
303 The block is threaded onto the hash table and written to disk. The routine
304 returns zero if there were no errors. */
305
306 afs_int32
307 ThreadBlock(struct ubik_trans *at, afs_int32 index,
308 struct kaentry *tentry)
309 {
310 int code;
311 int hi; /* hash index */
312
313 if (!index_OK(index))
314 return KABADINDEX;
315 hi = NameHash(tentry->userID.name, tentry->userID.instance);
316 tentry->next = cheader.nameHash[hi];
317 code = set_header_word(at, nameHash[hi], htonl(index));
318 if (code)
319 return KAIO;
320 code = kawrite(at, index, (char *)tentry, sizeof(kaentry));
321 if (code)
322 return KAIO;
323 return 0;
324 }
325
326 /* Remove a block from the hash table. If success return 0, else return an
327 error code. */
328
329 afs_int32
330 UnthreadBlock(struct ubik_trans *at, struct kaentry *aentry)
331 {
332 afs_int32 i, code;
333 afs_int32 to;
334 afs_int32 lo;
335 struct kaentry tentry;
336
337 i = NameHash(aentry->userID.name, aentry->userID.instance);
338 lo = 0;
339 for (to = ntohl(cheader.nameHash[i]); to != NULLO;
340 to = ntohl(tentry.next)) {
341 code = karead(at, to, (char *)&tentry, sizeof(kaentry));
342 if (code)
343 return KAIO;
344 /* see if the name matches */
345 if (!strcmp(aentry->userID.name, tentry.userID.name)
346 && !strcmp(aentry->userID.instance, tentry.userID.instance)) {
347 /* found it */
348 if (lo) { /* unthread from last block */
349 code =
350 kawrite(at, lo, (char *)&tentry.next, sizeof(afs_int32));
351 if (code)
352 return KAIO;
353 } else { /* unthread from hash table */
354 code = set_header_word(at, nameHash[i], tentry.next);
355 if (code)
356 return KAIO;
357 }
358 aentry->next = 0; /* just to be sure */
359 return 0;
360 }
361 lo = DOFFSET(to, &tentry, &tentry.next);
362 }
363 return KANOENT;
364 }
365
366 /* Given an index to the last block (or zero the first time) read the contents
367 of the next block and return its index. The last argument is a pointer to
368 an estimate of the number of remaining blocks to read out. The remaining
369 count is an estimate because it may include free blocks that are not
370 returned. If there are no more blocks remaining is zero and the returned
371 index is zero. A non-zero index indicates that tentry has been filled with
372 valid data. If an error is encountered the returned index is zero and the
373 remaining count is negative. */
374
375 afs_int32
376 NextBlock(struct ubik_trans *at, afs_int32 index, struct kaentry *tentry,
377 afs_int32 *remaining)
378 {
379 int code;
380 afs_int32 last;
381
382 if (index == 0) /* get first one */
383 index = sizeof(cheader);
384 else {
385 if (!index_OK(index)) {
386 *remaining = -1; /* error */
387 return 0;
388 }
389 index += sizeof(kaentry);
390 }
391 /* now search for the first entry that isn't free */
392 for (last = ntohl(cheader.eofPtr); index < last; index += sizeof(kaentry)) {
393 code = karead(at, index, (char *)tentry, sizeof(kaentry));
394 if (code) {
395 *remaining = -1;
396 return 0;
397 }
398 if (!(ntohl(tentry->flags) & (KAFFREE | KAFOLDKEYS))) {
399 /* estimate remaining number of entries, not including this one */
400 *remaining = (last - index) / sizeof(kaentry) - 1;
401 return index;
402 }
403 }
404 *remaining = 0; /* no more entries */
405 return 0;
406 }
407
408 /* These are a collections of routines that deal with externally known keys.
409 They maintain a database of key version numbers and the corresponding key
410 and pointer to the user entry. */
411
412 afs_int32
413 ka_NewKey(struct ubik_trans *tt, afs_int32 tentryaddr,
414 struct kaentry *tentry, struct ktc_encryptionKey *key)
415 {
416 struct kaOldKeys okeys; /* old keys block */
417 afs_int32 okeysaddr, nextaddr; /* offset of old keys block */
418 afs_int32 prevptr, nextprevptr;
419 int code, i;
420 Date now = time(0);
421 afs_int32 newkeyver; /* new key version number */
422 afs_int32 newtotalkeyentries = 0, oldtotalkeyentries = 0, keyentries;
423 int addednewkey = 0, modified;
424 #ifdef AUTH_DBM_LOG
425 int foundcurrentkey = 0;
426 #endif
427
428
429 es_Report("Newkey for %s.%s\n", tentry->userID.name,
430 tentry->userID.instance);
431
432 newkeyver = ntohl(tentry->key_version) + 1;
433 if ((newkeyver < 1) || (newkeyver >= MAXKAKVNO))
434 newkeyver = 1;
435
436 /* An entry may have more than one oldkeys blocks. The entry
437 * points to the most current, but all the oldkeys blocks for an
438 * entry are not linked together. All oldkeys blocks for all
439 * entries are linked together off of the header. So we follow
440 * this link.
441 */
442 for (prevptr = 0, okeysaddr = ntohl(cheader.kvnoPtr); okeysaddr;
443 prevptr = nextprevptr, okeysaddr = nextaddr) {
444 /* foreacholdkeysblock */
445 /* Read the oldKeys block */
446 code = karead(tt, okeysaddr, (char *)&okeys, sizeof(okeys));
447 if (code)
448 return code;
449
450 nextaddr = ntohl(okeys.next);
451 nextprevptr = DOFFSET(okeysaddr, &okeys, &okeys.next);
452
453 /* We only want oldkey blocks that belong to this entry */
454 if (ntohl(okeys.entry) != tentryaddr)
455 continue;
456
457 modified = 0; /* This oldkeys block has not been modified */
458 keyentries = 0; /* Number of valid key entries in the block */
459 for (i = 0; i < NOLDKEYS; i++) {
460 /* foreachkey */
461 /* Keep count of number of entries found */
462 if (okeys.keys[i].superseded != 0) {
463 oldtotalkeyentries++;
464 }
465
466 /* If we find the entry that is not superseded, then supersede it */
467 if (ntohl(okeys.keys[i].superseded) == NEVERDATE) {
468 okeys.keys[i].superseded = htonl(now);
469 modified = 1;
470 #ifdef AUTH_DBM_LOG
471 if (foundcurrentkey) {
472 ViceLog(0,
473 ("Warning: Entry %s.%s contains more than one valid key: fixing\n",
474 tentry->userID.name, tentry->userID.instance));
475 }
476 foundcurrentkey = 1;
477 #endif
478 }
479
480 /* If we find an oldkey of the same version or
481 * an old key that has expired, then delete it.
482 */
483 if ((ntohl(okeys.keys[i].version) == newkeyver)
484 || ((now - ntohl(okeys.keys[i].superseded) > maxKeyLifetime))) {
485 okeys.keys[i].superseded = 0;
486 okeys.keys[i].version = htonl(-1);
487 memset(&okeys.keys[i].key, 0,
488 sizeof(struct ktc_encryptionKey));
489 modified = 1;
490
491 es_Report("Dropped oldkey %d seconds old with kvno %d\n",
492 now - ntohl(okeys.keys[i].superseded),
493 ntohl(okeys.keys[i].version));
494 }
495
496 /* Add our key here if its free */
497 if (!addednewkey && (okeys.keys[i].superseded == 0)) {
498 okeys.keys[i].version = htonl(newkeyver);
499 okeys.keys[i].superseded = htonl(NEVERDATE);
500 memcpy(&okeys.keys[i].key, key,
501 sizeof(struct ktc_encryptionKey));
502 modified = 1;
503 addednewkey = okeysaddr;
504 }
505
506 /* Keep count of number of entries found */
507 if (okeys.keys[i].superseded != 0) {
508 keyentries++;
509 newtotalkeyentries++;
510 }
511 } /* foreachkey */
512
513 /* If we modified the block, write it out */
514 if (modified && keyentries) {
515 code = kawrite(tt, okeysaddr, (char *)&okeys, sizeof(okeys));
516 if (code)
517 return code;
518 }
519
520 /* If there are no more entries in this oldkeys block, delete it */
521 if (keyentries == 0) {
522 if (!prevptr) {
523 code = set_header_word(tt, kvnoPtr, okeys.next);
524 } else {
525 code =
526 kawrite(tt, prevptr, (char *)&okeys.next,
527 sizeof(afs_int32));
528 }
529 if (code)
530 return code;
531 code = FreeBlock(tt, okeysaddr);
532 if (code)
533 return code;
534
535 nextprevptr = prevptr; /* won't bump prevptr */
536 }
537 } /* foreacholdkeysblock */
538
539 /* If we could not add the key, create a new oldkeys block */
540 if (!addednewkey) {
541 /* Allocate and fill in an oldkeys block */
542 addednewkey = AllocBlock(tt, (struct kaentry *)&okeys);
543 if (!addednewkey)
544 return KACREATEFAIL;
545 okeys.flags = htonl(KAFOLDKEYS);
546 okeys.entry = htonl(tentryaddr);
547 okeys.keys[0].version = htonl(newkeyver);
548 okeys.keys[0].superseded = htonl(NEVERDATE);
549 memcpy(&okeys.keys[0].key, key, sizeof(struct ktc_encryptionKey));
550 newtotalkeyentries++;
551
552 /* Thread onto the header's chain of oldkeys */
553 okeys.next = cheader.kvnoPtr;
554 code = set_header_word(tt, kvnoPtr, htonl(addednewkey));
555 if (code)
556 return code;
557
558 /* Write the oldkeys block out */
559 code = kawrite(tt, addednewkey, (char *)&okeys, sizeof(okeys));
560 if (code)
561 return code;
562
563 es_Report("New oldkey block allocated at %d\n", addednewkey);
564 }
565 #ifdef AUTH_DBM_LOG
566 if (oldtotalkeyentries != ntohl(tentry->misc.asServer.nOldKeys)) {
567 ViceLog(0,
568 ("Warning: Entry %s.%s reports %d oldkeys, found %d: fixing\n",
569 tentry->userID.name, tentry->userID.instance,
570 ntohl(tentry->misc.asServer.nOldKeys), oldtotalkeyentries));
571 }
572 #endif
573
574 /* Update the tentry. We rely on caller to write it out */
575 tentry->misc.asServer.oldKeys = htonl(addednewkey);
576 tentry->misc.asServer.nOldKeys = htonl(newtotalkeyentries);
577 tentry->key_version = htonl(newkeyver);
578 memcpy(&tentry->key, key, sizeof(tentry->key));
579
580 /* invalidate key caches everywhere */
581 code = inc_header_word(tt, specialKeysVersion);
582 if (code)
583 return code;
584
585 es_Report("New kvno is %d, now are %d oldkeys\n", newkeyver,
586 newtotalkeyentries);
587 return 0;
588 }
589
590 afs_int32
591 ka_DelKey(struct ubik_trans *tt, afs_int32 tentryaddr,
592 struct kaentry *tentry)
593 {
594 int code;
595 struct kaOldKeys okeys; /* old keys block */
596 afs_int32 okeysaddr, nextaddr; /* offset of old keys block */
597 afs_int32 prevptr = 0;
598
599 es_Report("DelKey for %s.%s\n", tentry->userID.name,
600 tentry->userID.instance);
601
602 /* An entry may have more than one oldkeys blocks. The entry
603 * points to the most current, but all the oldkeys blocks for an
604 * entry are not linked together. All oldkeys blocks for all
605 * entries are linked together off of the header. So we follow
606 * this link.
607 */
608 for (okeysaddr = ntohl(cheader.kvnoPtr); okeysaddr; okeysaddr = nextaddr) {
609 /* foreacholdkeysblock */
610 /* Read the oldKeys block */
611 code = karead(tt, okeysaddr, (char *)&okeys, sizeof(okeys));
612 if (code)
613 return code;
614 nextaddr = ntohl(okeys.next);
615
616 /* We only want oldkey blocks that belong to this entry */
617 if (ntohl(okeys.entry) != tentryaddr) {
618 prevptr = DOFFSET(okeysaddr, &okeys, &okeys.next);
619 continue;
620 }
621
622 /* Delete the oldkeys block */
623 if (prevptr) {
624 code =
625 kawrite(tt, prevptr, (char *)&okeys.next, sizeof(afs_int32));
626 } else {
627 code = set_header_word(tt, kvnoPtr, okeys.next);
628 }
629 if (code)
630 return code;
631 code = FreeBlock(tt, okeysaddr);
632 if (code)
633 return code;
634 } /* foreacholdkeysblock */
635
636 /* Update the tentry. We rely on caller to write it out */
637 tentry->misc.asServer.oldKeys = 0;
638 tentry->misc.asServer.nOldKeys = 0;
639
640 /* invalidate key caches everywhere */
641 code = inc_header_word(tt, specialKeysVersion);
642 if (code)
643 return code;
644
645 return 0;
646 }
647
648 void
649 ka_debugKeyCache(struct ka_debugInfo *info)
650 {
651 int i;
652
653 /* cheader_lock no longer exists */
654 memset(&info->cheader_lock, 0, sizeof(info->cheader_lock));
655 memcpy(&info->keycache_lock, &keycache_lock, sizeof(info->keycache_lock));
656
657 info->kcVersion = keyCacheVersion;
658 info->kcSize = maxCachedKeys;
659 info->kcUsed = 0;
660 for (i = 0; i < maxCachedKeys; i++) {
661 if (keyCache[i].used) {
662 if (info->kcUsed < KADEBUGKCINFOSIZE) {
663 int j = info->kcUsed;
664 char principal[sizeof(keyCache[0].name) +
665 sizeof(keyCache[0].inst)];
666
667 info->kcInfo[j].used = keyCache[i].superseded;
668 info->kcInfo[j].kvno = keyCache[i].kvno;
669 info->kcInfo[j].primary =
670 (keyCache[i].superseded == NEVERDATE);
671 info->kcInfo[j].keycksum = 0;
672 #if DEBUG_KEY_CACHE
673 {
674 int k;
675 for (k = 0; k < sizeof(struct ktc_encryptionKey); k++)
676 info->kcInfo[j].keycksum +=
677 ((char *)&keyCache[i].key)[k];
678 }
679 #endif
680 strcpy(principal, keyCache[i].name);
681 strcat(principal, ".");
682 strcat(principal, keyCache[i].inst);
683 strncpy(info->kcInfo[j].principal, principal,
684 sizeof(info->kcInfo[0].principal));
685 }
686 info->kcUsed++;
687 }
688 }
689 }
690
691 /* Add a key to the key cache, expanding it if necessary. */
692
693 void
694 ka_Encache(char *name, char *inst, afs_int32 kvno,
695 struct ktc_encryptionKey *key, Date superseded)
696 {
697 int i;
698
699 ObtainWriteLock(&keycache_lock);
700 if (keyCacheVersion != ntohl(cheader.specialKeysVersion)) {
701 for (i = 0; i < maxCachedKeys; i++)
702 keyCache[i].used = 0;
703 }
704
705 for (i = 0; i < maxCachedKeys; i++)
706 if (keyCache[i].used == 0) {
707 encache:
708 keyCache[i].kvno = kvno;
709 strncpy(keyCache[i].name, name, sizeof(keyCache[i].name));
710 strncpy(keyCache[i].inst, inst, sizeof(keyCache[i].inst));
711 keyCacheVersion = ntohl(cheader.specialKeysVersion);
712 memcpy(&keyCache[i].key, key, sizeof(*key));
713 keyCache[i].superseded = superseded;
714 keyCache[i].used = time(0);
715
716 ReleaseWriteLock(&keycache_lock);
717 return;
718 }
719 /* i == maxCachedKeys */
720 keyCache =
721 (struct cachedKey *)realloc(keyCache,
722 (maxCachedKeys *=
723 2) * sizeof(struct cachedKey));
724 if (keyCache == 0) {
725 es_Report("Can't realloc keyCache! out of memory?");
726 exit(123);
727 }
728
729 {
730 int j = i; /* initialize new storage */
731 while (j < maxCachedKeys)
732 keyCache[j++].used = 0;
733 }
734 goto encache;
735 }
736
737 /* Look up the key given a principal and a kvno. This is called by GetTicket
738 to get the decryption key for the authenticating ticket. It is also called
739 by the rxkad security module to decrypt admin tickets. The rxkad call is
740 with tt==0, since Rx can't call Ubik. */
741
742 afs_int32
743 ka_LookupKvno(struct ubik_trans *tt, char *name, char *inst, afs_int32 kvno,
744 struct ktc_encryptionKey *key)
745 {
746 int i;
747 int code = 0;
748 afs_int32 to;
749 struct kaentry tentry;
750 afs_int32 ko;
751 struct kaOldKeys okeys;
752
753 ObtainReadLock(&keycache_lock);
754 if (keyCacheVersion != ntohl(cheader.specialKeysVersion))
755 code = KAKEYCACHEINVALID;
756 else {
757 for (i = 0; i < maxCachedKeys; i++) {
758 if (keyCache[i].used) { /* zero used date means invalid */
759 if ((keyCache[i].kvno == kvno)
760 && (strcmp(keyCache[i].name, name) == 0)
761 && (strcmp(keyCache[i].inst, inst) == 0)) {
762 memcpy(key, &keyCache[i].key, sizeof(*key));
763 keyCache[i].used = time(0);
764 ReleaseReadLock(&keycache_lock);
765 return 0;
766 }
767 }
768 }
769 code = KAUNKNOWNKEY;
770 }
771 ReleaseReadLock(&keycache_lock);
772 if (!tt)
773 return code;
774
775 /* we missed in the cache so need to look in the Ubik database */
776 code = FindBlock(tt, name, inst, &to, &tentry);
777 if (code)
778 return code;
779 if (to == 0)
780 return KANOENT;
781
782 /* first check the current key */
783 if (tentry.key_version == htonl(kvno)) {
784 memcpy(key, &tentry.key, sizeof(*key));
785 ka_Encache(name, inst, kvno, key, NEVERDATE);
786 return 0;
787 }
788 for (ko = ntohl(cheader.kvnoPtr); ko; ko = ntohl(okeys.next)) {
789 code = karead(tt, ko, (char *)&okeys, sizeof(okeys));
790 if (code)
791 return KAIO;
792 if (ntohl(okeys.entry) == to)
793 for (i = 0; i < NOLDKEYS; i++)
794 if (okeys.keys[i].superseded
795 && (ntohl(okeys.keys[i].version) == kvno)) {
796 memcpy(key, &okeys.keys[i].key, sizeof(*key));
797 ka_Encache(name, inst, kvno, key,
798 ntohl(okeys.keys[i].superseded));
799 return 0;
800 }
801 }
802 return KAUNKNOWNKEY;
803 }
804
805 /* Look up the primary key and key version for a principal. */
806
807 afs_int32
808 ka_LookupKey(struct ubik_trans *tt,
809 char *name,
810 char *inst,
811 afs_int32 *kvno, /* returned */
812 struct ktc_encryptionKey *key) /* copied out */
813 {
814 int i;
815 afs_int32 to;
816 struct kaentry tentry;
817 afs_int32 code = 0;
818
819 ObtainReadLock(&keycache_lock);
820 if (keyCacheVersion != ntohl(cheader.specialKeysVersion))
821 code = KAKEYCACHEINVALID;
822 else {
823 for (i = 0; i < maxCachedKeys; i++) {
824 if (keyCache[i].used) { /* zero used date means invalid */
825 if ((keyCache[i].superseded == NEVERDATE)
826 && (strcmp(keyCache[i].name, name) == 0)
827 && (strcmp(keyCache[i].inst, inst) == 0)) {
828 memcpy(key, &keyCache[i].key, sizeof(*key));
829 *kvno = keyCache[i].kvno;
830 keyCache[i].used = time(0);
831 ReleaseReadLock(&keycache_lock);
832 return 0;
833 }
834 }
835 }
836 code = KAUNKNOWNKEY;
837 }
838 ReleaseReadLock(&keycache_lock);
839 if (!tt)
840 return code;
841
842 /* we missed in the cache so need to look in the Ubik database */
843 code = FindBlock(tt, name, inst, &to, &tentry);
844 if (code)
845 return code;
846 if (to == 0)
847 return KANOENT;
848 memcpy(key, &tentry.key, sizeof(*key));
849 *kvno = ntohl(tentry.key_version);
850 ka_Encache(name, inst, *kvno, key, NEVERDATE);
851 return 0;
852 }
853
854 /* This is, hopefully a temporary mechanism to fill the cache will all keys
855 since filling cache misses during rxkad challenge responses will deadlock if
856 Ubik needs to use Rx. */
857
858 afs_int32
859 ka_FillKeyCache(struct ubik_trans *tt)
860 {
861 int nfound;
862 afs_int32 ko;
863 int code;
864 int i;
865 struct ktc_encryptionKey k;
866 struct kaOldKeys okeys;
867 struct kaentry tentry;
868
869 /* this is a little marginal, but... */
870 if (keyCacheVersion == ntohl(cheader.specialKeysVersion))
871 return 0;
872
873 nfound = 0;
874 for (ko = ntohl(cheader.kvnoPtr); ko; ko = ntohl(okeys.next)) {
875 code = karead(tt, ko, (char *)&okeys, sizeof(okeys));
876 if (code)
877 return KAIO;
878 /* get name & instance */
879 code =
880 karead(tt, ntohl(okeys.entry), (char *)&tentry, sizeof(tentry));
881 if (code)
882 return KAIO;
883
884 /* get all the old keys in this block */
885 for (i = 0; i < NOLDKEYS; i++)
886 if (okeys.keys[i].superseded) {
887 code =
888 ka_LookupKvno(tt, tentry.userID.name,
889 tentry.userID.instance,
890 ntohl(okeys.keys[i].version), &k);
891 if (code)
892 return code;
893 }
894 }
895 if (++nfound > maxCachedKeys)
896 return KADATABASEINCONSISTENT;
897 return 0;
898 }
899
900 afs_int32
901 update_admin_count(struct ubik_trans *tt, int delta)
902 {
903 afs_int32 to;
904 afs_int32 code;
905
906 cheader.admin_accounts = htonl(ntohl(cheader.admin_accounts) + delta);
907 to = DOFFSET(0, &cheader, &cheader.admin_accounts);
908 code =
909 kawrite(tt, to, (char *)&cheader.admin_accounts, sizeof(afs_int32));
910 if (code)
911 return KAIO;
912 return 0;
913 }
914
915 static int
916 index_OK(afs_int32 index)
917 {
918 if ((index < sizeof(cheader)) || (index >= ntohl(cheader.eofPtr))
919 || ((index - sizeof(cheader)) % sizeof(kaentry) != 0))
920 return 0;
921 return 1;
922 }
923
924 #define LEGALCHARS ".ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"
925
926 int
927 name_instance_legal(char *name, char *instance)
928 {
929 int code;
930
931 /* No string checks apply anymore. The international people want to use full 8
932 bit ascii without problems. */
933 #if 1
934 code = (strlen(name) < MAXKTCNAMELEN)
935 && (strlen(instance) < MAXKTCNAMELEN);
936 #else
937 map = LEGALCHARS; /* permitted chars, instance allows <period> */
938 code = (strlen(name) > 0) && string_legal(instance, map)
939 && string_legal(name, map + 1);
940 #endif
941 if (!code)
942 dynamic_statistics.string_checks++;
943 return code;
944 }
945
946 #if 0
947 static int
948 string_legal(char *str, char *map)
949 {
950 int slen;
951
952 slen = strlen(str);
953 if (slen >= MAXKTCNAMELEN)
954 return 0; /* with trailing null must fit in data base */
955 return (slen == strspn(str, map)); /* strspn returns length(str) if all chars in map */
956 }
957 #endif
958
Mirror of pkg-k5-afs/openafs.git (OpenAFS Debian packaging)