2
* Copyright (c) 1997-2005 Kungliga Tekniska Högskolan
3
* (Royal Institute of Technology, Stockholm, Sweden).
7
* Redistribution and use in source and binary forms, with or without
8
* modification, are permitted provided that the following conditions
11
* 1. Redistributions of source code must retain the above copyright
12
* notice, this list of conditions and the following disclaimer.
14
* 2. Redistributions in binary form must reproduce the above copyright
15
* notice, this list of conditions and the following disclaimer in the
16
* documentation and/or other materials provided with the distribution.
18
* 3. Neither the name of the Institute nor the names of its contributors
19
* may be used to endorse or promote products derived from this software
20
* without specific prior written permission.
22
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
23
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
26
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
42
krb5_kdc_update_time(struct timeval *tv)
45
gettimeofday(&_kdc_now, NULL);
50
static krb5_error_code
51
kdc_as_req(krb5_context context,
52
krb5_kdc_configuration *config,
53
krb5_data *req_buffer,
56
struct sockaddr *addr,
60
struct kdc_request_desc r;
64
memset(&r, 0, sizeof(r));
66
ret = decode_AS_REQ(req_buffer->data, req_buffer->length, &r.req, &len);
72
r.request.data = req_buffer->data;
73
r.request.length = req_buffer->length;
77
ret = _kdc_as_rep(&r, reply, from, addr, datagram_reply);
83
static krb5_error_code
84
kdc_tgs_req(krb5_context context,
85
krb5_kdc_configuration *config,
86
krb5_data *req_buffer,
89
struct sockaddr *addr,
97
ret = decode_TGS_REQ(req_buffer->data, req_buffer->length, &req, &len);
103
ret = _kdc_tgs_rep(context, config, &req, reply,
104
from, addr, datagram_reply);
111
static krb5_error_code
112
kdc_digest(krb5_context context,
113
krb5_kdc_configuration *config,
114
krb5_data *req_buffer,
117
struct sockaddr *addr,
125
ret = decode_DigestREQ(req_buffer->data, req_buffer->length,
132
ret = _kdc_do_digest(context, config, &digestreq, reply, from, addr);
133
free_DigestREQ(&digestreq);
141
static krb5_error_code
142
kdc_kx509(krb5_context context,
143
krb5_kdc_configuration *config,
144
krb5_data *req_buffer,
147
struct sockaddr *addr,
151
Kx509Request kx509req;
155
ret = _kdc_try_kx509_request(req_buffer->data, req_buffer->length,
162
ret = _kdc_do_kx509(context, config, &kx509req, reply, from, addr);
163
free_Kx509Request(&kx509req);
170
static struct krb5_kdc_service services[] = {
171
{ KS_KRB5, kdc_as_req },
172
{ KS_KRB5, kdc_tgs_req },
183
* handle the request in `buf, len', from `addr' (or `from' as a string),
184
* sending a reply in `reply'.
188
krb5_kdc_process_request(krb5_context context,
189
krb5_kdc_configuration *config,
193
krb5_boolean *prependlength,
195
struct sockaddr *addr,
200
krb5_data req_buffer;
202
heim_auto_release_t pool = heim_auto_release_create();
204
req_buffer.data = buf;
205
req_buffer.length = len;
207
for (i = 0; services[i].process != NULL; i++) {
208
ret = (*services[i].process)(context, config, &req_buffer,
209
reply, from, addr, datagram_reply,
212
if (services[i].flags & KS_NO_LENGTH)
215
heim_auto_release_drain(pool);
220
heim_auto_release_drain(pool);
226
* handle the request in `buf, len', from `addr' (or `from' as a string),
227
* sending a reply in `reply'.
229
* This only processes krb5 requests
233
krb5_kdc_process_krb5_request(krb5_context context,
234
krb5_kdc_configuration *config,
239
struct sockaddr *addr,
244
krb5_data req_buffer;
247
req_buffer.data = buf;
248
req_buffer.length = len;
250
for (i = 0; services[i].process != NULL; i++) {
251
if ((services[i].flags & KS_KRB5) == 0)
253
ret = (*services[i].process)(context, config, &req_buffer,
254
reply, from, addr, datagram_reply,
268
krb5_kdc_save_request(krb5_context context,
270
const unsigned char *buf,
272
const krb5_data *reply,
273
const struct sockaddr *sa)
281
memset(&a, 0, sizeof(a));
283
d.data = rk_UNCONST(buf);
287
fd = open(fn, O_WRONLY|O_CREAT|O_APPEND, 0600);
289
int saved_errno = errno;
290
krb5_set_error_message(context, saved_errno, "Failed to open: %s", fn);
294
sp = krb5_storage_from_fd(fd);
297
krb5_set_error_message(context, ENOMEM, "Storage failed to open fd");
301
ret = krb5_sockaddr2address(context, sa, &a);
305
krb5_store_uint32(sp, 1);
306
krb5_store_uint32(sp, t);
307
krb5_store_address(sp, a);
308
krb5_store_data(sp, d);
313
ret = der_get_tag (reply->data, reply->length,
314
&cl, &ty, &tag, NULL);
316
krb5_store_uint32(sp, 0xffffffff);
317
krb5_store_uint32(sp, 0xffffffff);
319
krb5_store_uint32(sp, MAKE_TAG(cl, ty, 0));
320
krb5_store_uint32(sp, tag);
324
krb5_free_address(context, &a);
326
krb5_storage_free(sp);