2
* Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
3
* (Royal Institute of Technology, Stockholm, Sweden).
6
* Redistribution and use in source and binary forms, with or without
7
* modification, are permitted provided that the following conditions
10
* 1. Redistributions of source code must retain the above copyright
11
* notice, this list of conditions and the following disclaimer.
13
* 2. Redistributions in binary form must reproduce the above copyright
14
* notice, this list of conditions and the following disclaimer in the
15
* documentation and/or other materials provided with the distribution.
17
* 3. Neither the name of the Institute nor the names of its contributors
18
* may be used to endorse or promote products derived from this software
19
* without specific prior written permission.
21
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34
#include "krb5_locl.h"
38
krb5_error_code KRB5_LIB_FUNCTION
39
krb5_auth_con_init(krb5_context context,
40
krb5_auth_context *auth_context)
46
krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
49
memset(p, 0, sizeof(*p));
50
ALLOC(p->authenticator, 1);
51
if (!p->authenticator) {
52
krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
56
memset (p->authenticator, 0, sizeof(*p->authenticator));
57
p->flags = KRB5_AUTH_CONTEXT_DO_TIME;
59
p->local_address = NULL;
60
p->remote_address = NULL;
63
p->keytype = KEYTYPE_NULL;
64
p->cksumtype = CKSUMTYPE_NONE;
69
krb5_error_code KRB5_LIB_FUNCTION
70
krb5_auth_con_free(krb5_context context,
71
krb5_auth_context auth_context)
73
if (auth_context != NULL) {
74
krb5_free_authenticator(context, &auth_context->authenticator);
75
if(auth_context->local_address){
76
free_HostAddress(auth_context->local_address);
77
free(auth_context->local_address);
79
if(auth_context->remote_address){
80
free_HostAddress(auth_context->remote_address);
81
free(auth_context->remote_address);
83
krb5_free_keyblock(context, auth_context->keyblock);
84
krb5_free_keyblock(context, auth_context->remote_subkey);
85
krb5_free_keyblock(context, auth_context->local_subkey);
91
krb5_error_code KRB5_LIB_FUNCTION
92
krb5_auth_con_setflags(krb5_context context,
93
krb5_auth_context auth_context,
96
auth_context->flags = flags;
101
krb5_error_code KRB5_LIB_FUNCTION
102
krb5_auth_con_getflags(krb5_context context,
103
krb5_auth_context auth_context,
106
*flags = auth_context->flags;
110
krb5_error_code KRB5_LIB_FUNCTION
111
krb5_auth_con_addflags(krb5_context context,
112
krb5_auth_context auth_context,
117
*flags = auth_context->flags;
118
auth_context->flags |= addflags;
122
krb5_error_code KRB5_LIB_FUNCTION
123
krb5_auth_con_removeflags(krb5_context context,
124
krb5_auth_context auth_context,
129
*flags = auth_context->flags;
130
auth_context->flags &= ~removeflags;
134
krb5_error_code KRB5_LIB_FUNCTION
135
krb5_auth_con_setaddrs(krb5_context context,
136
krb5_auth_context auth_context,
137
krb5_address *local_addr,
138
krb5_address *remote_addr)
141
if (auth_context->local_address)
142
krb5_free_address (context, auth_context->local_address);
144
if ((auth_context->local_address = malloc(sizeof(krb5_address))) == NULL)
146
krb5_copy_address(context, local_addr, auth_context->local_address);
149
if (auth_context->remote_address)
150
krb5_free_address (context, auth_context->remote_address);
152
if ((auth_context->remote_address = malloc(sizeof(krb5_address))) == NULL)
154
krb5_copy_address(context, remote_addr, auth_context->remote_address);
159
krb5_error_code KRB5_LIB_FUNCTION
160
krb5_auth_con_genaddrs(krb5_context context,
161
krb5_auth_context auth_context,
165
krb5_address local_k_address, remote_k_address;
166
krb5_address *lptr = NULL, *rptr = NULL;
167
struct sockaddr_storage ss_local, ss_remote;
168
struct sockaddr *local = (struct sockaddr *)&ss_local;
169
struct sockaddr *remote = (struct sockaddr *)&ss_remote;
172
if(flags & KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR) {
173
if (auth_context->local_address == NULL) {
174
len = sizeof(ss_local);
175
if(getsockname(fd, local, &len) < 0) {
177
krb5_set_error_message(context, ret,
182
ret = krb5_sockaddr2address (context, local, &local_k_address);
184
if(flags & KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR) {
185
krb5_sockaddr2port (context, local, &auth_context->local_port);
187
auth_context->local_port = 0;
188
lptr = &local_k_address;
191
if(flags & KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR) {
192
len = sizeof(ss_remote);
193
if(getpeername(fd, remote, &len) < 0) {
195
krb5_set_error_message(context, ret,
196
"getpeername: %s", strerror(ret));
199
ret = krb5_sockaddr2address (context, remote, &remote_k_address);
201
if(flags & KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR) {
202
krb5_sockaddr2port (context, remote, &auth_context->remote_port);
204
auth_context->remote_port = 0;
205
rptr = &remote_k_address;
207
ret = krb5_auth_con_setaddrs (context,
213
krb5_free_address (context, lptr);
215
krb5_free_address (context, rptr);
220
krb5_error_code KRB5_LIB_FUNCTION
221
krb5_auth_con_setaddrs_from_fd (krb5_context context,
222
krb5_auth_context auth_context,
225
int fd = *(int*)p_fd;
227
if(auth_context->local_address == NULL)
228
flags |= KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR;
229
if(auth_context->remote_address == NULL)
230
flags |= KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR;
231
return krb5_auth_con_genaddrs(context, auth_context, fd, flags);
234
krb5_error_code KRB5_LIB_FUNCTION
235
krb5_auth_con_getaddrs(krb5_context context,
236
krb5_auth_context auth_context,
237
krb5_address **local_addr,
238
krb5_address **remote_addr)
241
krb5_free_address (context, *local_addr);
242
*local_addr = malloc (sizeof(**local_addr));
243
if (*local_addr == NULL) {
244
krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
247
krb5_copy_address(context,
248
auth_context->local_address,
252
krb5_free_address (context, *remote_addr);
253
*remote_addr = malloc (sizeof(**remote_addr));
254
if (*remote_addr == NULL) {
255
krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
256
krb5_free_address (context, *local_addr);
260
krb5_copy_address(context,
261
auth_context->remote_address,
266
static krb5_error_code
267
copy_key(krb5_context context,
272
return krb5_copy_keyblock(context, in, out);
273
*out = NULL; /* is this right? */
277
krb5_error_code KRB5_LIB_FUNCTION
278
krb5_auth_con_getkey(krb5_context context,
279
krb5_auth_context auth_context,
280
krb5_keyblock **keyblock)
282
return copy_key(context, auth_context->keyblock, keyblock);
285
krb5_error_code KRB5_LIB_FUNCTION
286
krb5_auth_con_getlocalsubkey(krb5_context context,
287
krb5_auth_context auth_context,
288
krb5_keyblock **keyblock)
290
return copy_key(context, auth_context->local_subkey, keyblock);
293
krb5_error_code KRB5_LIB_FUNCTION
294
krb5_auth_con_getremotesubkey(krb5_context context,
295
krb5_auth_context auth_context,
296
krb5_keyblock **keyblock)
298
return copy_key(context, auth_context->remote_subkey, keyblock);
301
krb5_error_code KRB5_LIB_FUNCTION
302
krb5_auth_con_setkey(krb5_context context,
303
krb5_auth_context auth_context,
304
krb5_keyblock *keyblock)
306
if(auth_context->keyblock)
307
krb5_free_keyblock(context, auth_context->keyblock);
308
return copy_key(context, keyblock, &auth_context->keyblock);
311
krb5_error_code KRB5_LIB_FUNCTION
312
krb5_auth_con_setlocalsubkey(krb5_context context,
313
krb5_auth_context auth_context,
314
krb5_keyblock *keyblock)
316
if(auth_context->local_subkey)
317
krb5_free_keyblock(context, auth_context->local_subkey);
318
return copy_key(context, keyblock, &auth_context->local_subkey);
321
krb5_error_code KRB5_LIB_FUNCTION
322
krb5_auth_con_generatelocalsubkey(krb5_context context,
323
krb5_auth_context auth_context,
327
krb5_keyblock *subkey;
329
ret = krb5_generate_subkey_extended (context, key,
330
auth_context->keytype,
334
if(auth_context->local_subkey)
335
krb5_free_keyblock(context, auth_context->local_subkey);
336
auth_context->local_subkey = subkey;
341
krb5_error_code KRB5_LIB_FUNCTION
342
krb5_auth_con_setremotesubkey(krb5_context context,
343
krb5_auth_context auth_context,
344
krb5_keyblock *keyblock)
346
if(auth_context->remote_subkey)
347
krb5_free_keyblock(context, auth_context->remote_subkey);
348
return copy_key(context, keyblock, &auth_context->remote_subkey);
351
krb5_error_code KRB5_LIB_FUNCTION
352
krb5_auth_con_setcksumtype(krb5_context context,
353
krb5_auth_context auth_context,
354
krb5_cksumtype cksumtype)
356
auth_context->cksumtype = cksumtype;
360
krb5_error_code KRB5_LIB_FUNCTION
361
krb5_auth_con_getcksumtype(krb5_context context,
362
krb5_auth_context auth_context,
363
krb5_cksumtype *cksumtype)
365
*cksumtype = auth_context->cksumtype;
369
krb5_error_code KRB5_LIB_FUNCTION
370
krb5_auth_con_setkeytype (krb5_context context,
371
krb5_auth_context auth_context,
372
krb5_keytype keytype)
374
auth_context->keytype = keytype;
378
krb5_error_code KRB5_LIB_FUNCTION
379
krb5_auth_con_getkeytype (krb5_context context,
380
krb5_auth_context auth_context,
381
krb5_keytype *keytype)
383
*keytype = auth_context->keytype;
388
krb5_error_code KRB5_LIB_FUNCTION
389
krb5_auth_con_setenctype(krb5_context context,
390
krb5_auth_context auth_context,
393
if(auth_context->keyblock)
394
krb5_free_keyblock(context, auth_context->keyblock);
395
ALLOC(auth_context->keyblock, 1);
396
if(auth_context->keyblock == NULL)
398
auth_context->keyblock->keytype = etype;
402
krb5_error_code KRB5_LIB_FUNCTION
403
krb5_auth_con_getenctype(krb5_context context,
404
krb5_auth_context auth_context,
407
krb5_abortx(context, "unimplemented krb5_auth_getenctype called");
411
krb5_error_code KRB5_LIB_FUNCTION
412
krb5_auth_con_getlocalseqnumber(krb5_context context,
413
krb5_auth_context auth_context,
416
*seqnumber = auth_context->local_seqnumber;
420
krb5_error_code KRB5_LIB_FUNCTION
421
krb5_auth_con_setlocalseqnumber (krb5_context context,
422
krb5_auth_context auth_context,
425
auth_context->local_seqnumber = seqnumber;
429
krb5_error_code KRB5_LIB_FUNCTION
430
krb5_auth_getremoteseqnumber(krb5_context context,
431
krb5_auth_context auth_context,
434
*seqnumber = auth_context->remote_seqnumber;
438
krb5_error_code KRB5_LIB_FUNCTION
439
krb5_auth_con_setremoteseqnumber (krb5_context context,
440
krb5_auth_context auth_context,
443
auth_context->remote_seqnumber = seqnumber;
448
krb5_error_code KRB5_LIB_FUNCTION
449
krb5_auth_con_getauthenticator(krb5_context context,
450
krb5_auth_context auth_context,
451
krb5_authenticator *authenticator)
453
*authenticator = malloc(sizeof(**authenticator));
454
if (*authenticator == NULL) {
455
krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
459
copy_Authenticator(auth_context->authenticator,
465
void KRB5_LIB_FUNCTION
466
krb5_free_authenticator(krb5_context context,
467
krb5_authenticator *authenticator)
469
free_Authenticator (*authenticator);
470
free (*authenticator);
471
*authenticator = NULL;
475
krb5_error_code KRB5_LIB_FUNCTION
476
krb5_auth_con_setuserkey(krb5_context context,
477
krb5_auth_context auth_context,
478
krb5_keyblock *keyblock)
480
if(auth_context->keyblock)
481
krb5_free_keyblock(context, auth_context->keyblock);
482
return krb5_copy_keyblock(context, keyblock, &auth_context->keyblock);
485
krb5_error_code KRB5_LIB_FUNCTION
486
krb5_auth_con_getrcache(krb5_context context,
487
krb5_auth_context auth_context,
490
*rcache = auth_context->rcache;
494
krb5_error_code KRB5_LIB_FUNCTION
495
krb5_auth_con_setrcache(krb5_context context,
496
krb5_auth_context auth_context,
499
auth_context->rcache = rcache;
503
#if 0 /* not implemented */
505
krb5_error_code KRB5_LIB_FUNCTION
506
krb5_auth_con_initivector(krb5_context context,
507
krb5_auth_context auth_context)
509
krb5_abortx(context, "unimplemented krb5_auth_con_initivector called");
513
krb5_error_code KRB5_LIB_FUNCTION
514
krb5_auth_con_setivector(krb5_context context,
515
krb5_auth_context auth_context,
516
krb5_pointer ivector)
518
krb5_abortx(context, "unimplemented krb5_auth_con_setivector called");
521
#endif /* not implemented */