Beispiel #1
0
DWORD
LwGetCurrentDirectoryPath(
    PSTR* ppszPath
    )
{
    DWORD dwError = 0;
    CHAR szBuf[PATH_MAX+1];
    PSTR pszPath = NULL;

    if (getcwd(szBuf, PATH_MAX) == NULL) {
        dwError = LwMapErrnoToLwError(errno);
        BAIL_ON_LW_ERROR(dwError);
    }

    dwError = LwAllocateString(szBuf, &pszPath);
    BAIL_ON_LW_ERROR(dwError);

    *ppszPath = pszPath;

    return dwError;

error:

    if (pszPath) {
        LwFreeString(pszPath);
    }

    return dwError;
}
Beispiel #2
0
DWORD
LwLdapBindDirectory(
    HANDLE hDirectory,
    PCSTR pszServerName,
    BOOLEAN bSeal
    )
{
    DWORD dwError = LW_ERROR_SUCCESS;
    PLW_LDAP_DIRECTORY_CONTEXT pDirectory = (PLW_LDAP_DIRECTORY_CONTEXT)hDirectory;
    PSTR pszTargetPrinciaplName = NULL;
    BOOLEAN bNeedCredentials = FALSE;

    // Leave the realm empty so that kerberos referrals are turned on.
    dwError = LwAllocateStringPrintf(&pszTargetPrinciaplName, "ldap/%s@", pszServerName);
    BAIL_ON_LW_ERROR(dwError);

    dwError = LwKrb5CheckInitiatorCreds(pszTargetPrinciaplName, &bNeedCredentials);
    BAIL_ON_LW_ERROR(dwError);

    if (bNeedCredentials)
    {
        dwError = SEC_E_NO_CREDENTIALS;
        BAIL_ON_LW_ERROR(dwError);
    }

    dwError = LwLdapBindDirectorySasl(pDirectory->ld, pszServerName, bSeal);
    BAIL_ON_LW_ERROR(dwError);

error:
    LW_SAFE_FREE_STRING(pszTargetPrinciaplName);

    return dwError;
}
Beispiel #3
0
DWORD
LwStrndup(
    PCSTR pszInputString,
    size_t size,
    PSTR * ppszOutputString
)
{
    DWORD dwError = 0;
    size_t copylen = 0;
    PSTR pszOutputString = NULL;

    if (!pszInputString || !ppszOutputString){
        dwError = EINVAL;
        BAIL_ON_LW_ERROR(dwError);
    }

    for (copylen = 0; copylen < size && pszInputString[copylen]; copylen++);

    dwError = LwAllocateMemory(copylen+1, OUT_PPVOID(&pszOutputString));
    BAIL_ON_LW_ERROR(dwError);

    memcpy(pszOutputString, pszInputString, copylen);
    pszOutputString[copylen] = 0;

    *ppszOutputString = pszOutputString;

cleanup:
    return dwError;

error:
    LW_SAFE_FREE_STRING(pszOutputString);
    goto cleanup;
}
Beispiel #4
0
DWORD
LwKrb5InitializeCredentials(
    IN PCSTR pszUserPrincipalName,
    IN PCSTR pszPassword,
    IN PCSTR pszCachePath,
    OUT OPTIONAL PDWORD pdwGoodUntilTime
    )
{
    DWORD dwError = LW_ERROR_SUCCESS;
    DWORD dwGoodUntilTime = 0;
    PSTR pszTempCachePath = NULL;

    if (!pszCachePath)
    {
        dwError = ERROR_INVALID_PARAMETER;
        BAIL_ON_LW_ERROR(dwError);
    }

    if (!strncmp(pszCachePath, "FILE:", sizeof("FILE:") - 1))
    {
        dwError = LwAllocateStringPrintf(&pszTempCachePath, "%s.new",
                                         pszCachePath);
        BAIL_ON_LW_ERROR(dwError);
    }

    dwError = LwKrb5GetTgt(
                    pszUserPrincipalName,
                    pszPassword,
                    pszTempCachePath ? pszTempCachePath : pszCachePath,
                    &dwGoodUntilTime);
    BAIL_ON_LW_ERROR(dwError);

    if (pszTempCachePath)
    {
        dwError = LwMoveFile(pszTempCachePath + sizeof("FILE:") - 1,
                             pszCachePath + sizeof("FILE:") - 1);
        BAIL_ON_LW_ERROR(dwError);
    }

error:
    if (dwError)
    {
        dwGoodUntilTime = 0;
    }

    LW_SAFE_FREE_STRING(pszTempCachePath);

    if (pdwGoodUntilTime)
    {
        *pdwGoodUntilTime = dwGoodUntilTime;
    }

    return dwError;
}
Beispiel #5
0
DWORD
LwKrb5GetUserCachePath(
    uid_t         uid,
    Krb5CacheType cacheType,
    PSTR*         ppszCachePath
    )
{
    DWORD dwError = 0;
    PSTR  pszCachePath = NULL;
    
    switch (cacheType)
    {
        case KRB5_InMemory_Cache:
            
            dwError = LwAllocateStringPrintf(
                        &pszCachePath,
                        "MEMORY:krb5cc_%ld",
                        (long)uid);
            BAIL_ON_LW_ERROR(dwError);
            
            break;
            
        case KRB5_File_Cache:
            
            dwError = LwAllocateStringPrintf(
                        &pszCachePath,
                        "FILE:/tmp/krb5cc_%ld",
                        (long)uid);
            BAIL_ON_LW_ERROR(dwError);
            
            break;
            
        default:
            
            dwError = LW_ERROR_INVALID_PARAMETER;
            BAIL_ON_LW_ERROR(dwError);
            
            break;
    }
    
    *ppszCachePath = pszCachePath;
    
cleanup:

    return dwError;
    
error:

    *ppszCachePath = NULL;
    
    goto cleanup;
}
Beispiel #6
0
DWORD
LwDuplicateStringArray(
    PSTR** pppNewStringArray,
    PDWORD pdwNewCount,
    PSTR* ppStringArray,
    DWORD dwCount
    )
{
    DWORD dwError = 0;
    PSTR* ppNewStringArray = NULL;
    DWORD dwNewCount = 0;

    if (dwCount)
    {
        DWORD i = 0;

        dwError = LwAllocateMemory(
                        dwCount * sizeof(*ppNewStringArray),
                        OUT_PPVOID(&ppNewStringArray));
        BAIL_ON_LW_ERROR(dwError);

        dwNewCount = dwCount;

        for (i = 0; i < dwCount; i++)
        {
            dwError = LwAllocateString(
                            ppStringArray[i],
                            &ppNewStringArray[i]);
            BAIL_ON_LW_ERROR(dwError);
        }
    }

cleanup:

    *pppNewStringArray = ppNewStringArray;
    if (pdwNewCount)
    {
        *pdwNewCount = dwNewCount;
    }

    return dwError;

error:

    LwFreeStringArray(ppNewStringArray, dwNewCount);
    ppNewStringArray = NULL;
    dwNewCount = 0;

    goto cleanup;
}
Beispiel #7
0
DWORD
LwLdapGetString(
    HANDLE hDirectory,
    LDAPMessage* pMessage,
    PCSTR pszFieldName,
    PSTR* ppszValue
    )
{
    DWORD dwError = LW_ERROR_SUCCESS;
    PLW_LDAP_DIRECTORY_CONTEXT pDirectory = NULL;
    PSTR *ppszValues = NULL;
    PSTR pszValue = NULL;

    pDirectory = (PLW_LDAP_DIRECTORY_CONTEXT)hDirectory;

    ppszValues = (PSTR*)ldap_get_values(pDirectory->ld, pMessage, pszFieldName);
    if (ppszValues && ppszValues[0]) {
        dwError = LwAllocateString(ppszValues[0], &pszValue);
        BAIL_ON_LW_ERROR(dwError);
    }
    *ppszValue = pszValue;

cleanup:
    if (ppszValues) {
        ldap_value_free(ppszValues);
    }
    return dwError;

error:
    *ppszValue = NULL;

    LW_SAFE_FREE_STRING(pszValue);

    goto cleanup;
}
Beispiel #8
0
DWORD
LwByteArrayToHexStr(
    IN UCHAR* pucByteArray,
    IN DWORD dwByteArrayLength,
    OUT PSTR* ppszHexString
    )
{
    DWORD dwError = 0;
    DWORD i = 0;
    PSTR pszHexString = NULL;

    dwError = LwAllocateMemory(
                (dwByteArrayLength*2 + 1) * sizeof(CHAR),
                OUT_PPVOID(&pszHexString));
    BAIL_ON_LW_ERROR(dwError);

    for (i = 0; i < dwByteArrayLength; i++)
    {
        sprintf(pszHexString+(2*i), "%.2X", pucByteArray[i]);
    }

    *ppszHexString = pszHexString;

cleanup:

    return dwError;

error:
    LW_SAFE_FREE_STRING(pszHexString);

    *ppszHexString = NULL;
    goto cleanup;
}
Beispiel #9
0
DWORD
LwChangeOwner(
    PCSTR pszPath,
    uid_t uid,
    gid_t gid
    )
{
    DWORD dwError = 0;

    while (1)
    {

        if (lchown(pszPath, uid, gid) < 0) {
            if (errno == EINTR) {
                continue;
            }
            dwError = LwMapErrnoToLwError(errno);
            BAIL_ON_LW_ERROR(dwError);
        } else {
            break;
        }
    }

error:

    return dwError;
}
Beispiel #10
0
DWORD
LwGetOwnerAndPermissions(
    PCSTR pszSrcPath,
    uid_t * uid,
    gid_t * gid,
    mode_t * mode
    )
{
    DWORD dwError = 0;
    struct stat statbuf;

    memset(&statbuf, 0, sizeof(struct stat));

    if (stat(pszSrcPath, &statbuf) < 0) {
        dwError = LwMapErrnoToLwError(errno);
        BAIL_ON_LW_ERROR(dwError);
    }

    *uid = statbuf.st_uid;
    *gid = statbuf.st_gid;
    *mode = statbuf.st_mode;

error:

    return dwError;
}
Beispiel #11
0
DWORD
LwKrb5SetProcessDefaultCachePath(
    PCSTR pszCachePath
    )
{
    DWORD dwError = 0;
    PSTR pszEnvironmentEntry = NULL;
    static volatile PSTR pszSavedEnvironmentEntry = NULL;
    static pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER;
    BOOLEAN bLocked = FALSE;

    dwError = pthread_mutex_lock(&lock);
    if (dwError)
    {
        dwError = LwMapErrnoToLwError(dwError);
        BAIL_ON_LW_ERROR(dwError);
    }
    bLocked = TRUE;

    dwError = LwAllocateStringPrintf(&pszEnvironmentEntry,
                                      "KRB5CCNAME=%s",
                                      pszCachePath);
    BAIL_ON_LW_ERROR(dwError);

    /*
     * putenv requires that the buffer not be free'd.
     */
    if (putenv(pszEnvironmentEntry) < 0)
    {
        dwError = LwMapErrnoToLwError(errno);
        BAIL_ON_LW_ERROR(dwError);
    }

    LW_SAFE_FREE_STRING(pszSavedEnvironmentEntry);
    pszSavedEnvironmentEntry = pszEnvironmentEntry;
    pszEnvironmentEntry = NULL;

error:
    LW_SAFE_FREE_STRING(pszEnvironmentEntry);
    
    if (bLocked)
    {
        pthread_mutex_unlock(&lock);
    }
    
    return dwError;
}
Beispiel #12
0
DWORD
LwCLdapOpenDirectory(
    IN PCSTR pszServerName,
    OUT PHANDLE phDirectory
    )
{
    DWORD dwError = LW_ERROR_SUCCESS;
    LDAP * ld = NULL;
    PLW_LDAP_DIRECTORY_CONTEXT pDirectory = NULL;
    int rc = LDAP_VERSION3;
    PSTR pszURL = NULL;

    LW_BAIL_ON_INVALID_STRING(pszServerName);

    dwError = LwAllocateStringPrintf(&pszURL, "cldap://%s",
                                        pszServerName);
    BAIL_ON_LW_ERROR(dwError);

    dwError = ldap_initialize(&ld, pszURL);
    BAIL_ON_LDAP_ERROR(dwError);

    dwError = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &rc);
    BAIL_ON_LDAP_ERROR(dwError);

    dwError = ldap_set_option(ld, LDAP_OPT_REFERRALS, (void *)LDAP_OPT_OFF);
    BAIL_ON_LDAP_ERROR(dwError);

    dwError = LwAllocateMemory(sizeof(*pDirectory), OUT_PPVOID(&pDirectory));
    BAIL_ON_LW_ERROR(dwError);

    pDirectory->ld = ld;

error:
    LW_SAFE_FREE_STRING(pszURL);
    if (dwError)
    {
        if (pDirectory)
        {
            LwLdapCloseDirectory(pDirectory);
            pDirectory = NULL;
        }
    }

    *phDirectory = (HANDLE)pDirectory;

    return dwError;
}
Beispiel #13
0
DWORD
LwURLEncodeString(
    PCSTR pIn,
    PSTR *ppOut
    )
{
    DWORD dwError = 0;
    const char *pRequireEscape = "$&+,/:;=?@ \"'<>#%{}|\\^~[]`";
    size_t outputPos = 0;
    size_t i = 0;
    PSTR pOut = NULL;

    for (i = 0; pIn[i]; i++)
    {
        if (pIn[i] < 0x20 || pIn[i] >= 0x7F ||
                strchr(pRequireEscape, pIn[i]) != NULL)
        {
            outputPos+=3;
        }
        else
        {
            outputPos++;
        }
    }

    // Space for the NULL
    outputPos++;

    dwError = LwAllocateMemory(
                    outputPos,
                    OUT_PPVOID(&pOut));
    BAIL_ON_LW_ERROR(dwError);

    for (outputPos = 0, i = 0; pIn[i]; i++)
    {
        if (pIn[i] < 0x20 || pIn[i] >= 0x7F ||
                strchr(pRequireEscape, pIn[i]) != NULL)
        {
            sprintf(pOut + outputPos, "%%%.2X", (BYTE)pIn[i]);
            outputPos+=3;
        }
        else
        {
            pOut[outputPos] = pIn[i];
            outputPos++;
        }
    }

    *ppOut = pOut;

cleanup:
    return dwError;

error:
    *ppOut = NULL;
    LW_SAFE_FREE_STRING(pOut);
    goto cleanup;
}
Beispiel #14
0
DWORD
LwLdapGetInt64(
    IN HANDLE hDirectory,
    IN LDAPMessage* pMessage,
    IN PCSTR pszFieldName,
    OUT int64_t * pqwValue
    )
{
    DWORD dwError = 0;
    PSTR pszValue = NULL;
    PSTR pszEndPtr = NULL;

    dwError = LwLdapGetString(hDirectory, pMessage, pszFieldName, &pszValue);
    BAIL_ON_LW_ERROR(dwError);

    if (pszValue)
    {
#if SIZEOF_LONG == 8
        *pqwValue = strtol(pszValue, &pszEndPtr, 10);
#else
        *pqwValue = strtoll(pszValue, &pszEndPtr, 10);
#endif
        if (pszEndPtr == NULL || pszEndPtr == pszValue || *pszEndPtr != '\0')
        {
            dwError = LW_ERROR_DATA_ERROR;
            BAIL_ON_LW_ERROR(dwError);
        }
    }
    else
    {
        dwError = LW_ERROR_INVALID_LDAP_ATTR_VALUE;
        // This error occurs very frequently (every time an unenabled user
        // or group is queried in default schema mode). So in order to avoid
        // log noise, BAIL_ON_LW_ERROR is not used here.
        goto error;
    }

cleanup:
    LW_SAFE_FREE_STRING(pszValue);
    return dwError;

error:
    *pqwValue = 0;
    goto cleanup;
}
Beispiel #15
0
DWORD
LwKrb5MoveCCacheToUserPath(
    krb5_context ctx,
    PCSTR pszNewCacheName,
    uid_t uid,
    gid_t gid
    )
{
    DWORD dwError = LW_ERROR_SUCCESS;
    PSTR  pszCachePath = NULL;
    PCSTR  pszCachePathReal = NULL;

    dwError = LwKrb5GetUserCachePath(
                    uid,
                    KRB5_File_Cache,
                    &pszCachePath);
    BAIL_ON_LW_ERROR(dwError);
    
    if (strncasecmp(pszCachePath, "FILE:", sizeof("FILE:")-1)) {
        dwError = LW_ERROR_INTERNAL;
        BAIL_ON_LW_ERROR(dwError);
    } else {
        pszCachePathReal = pszCachePath + sizeof("FILE:") - 1;
    }

    dwError = LwMoveFile(pszNewCacheName,
                pszCachePathReal);
    BAIL_ON_LW_ERROR(dwError);

    /* Let the user read and write to their cache file (before this, only
     * root was allowed to read and write the file).
     */
    dwError = LwChangeOwner(pszCachePathReal, uid, gid);
    BAIL_ON_LW_ERROR(dwError);

cleanup:

    LW_SAFE_FREE_STRING(pszCachePath);
    return dwError;

error:
    goto cleanup;
}
Beispiel #16
0
DWORD
LwKrb5GetDefaultRealm(
    PSTR* ppszRealm
    )
{
    DWORD dwError = 0;
    krb5_context ctx = NULL;
    PSTR pszKrb5Realm = NULL;
    PSTR pszRealm = NULL;

    krb5_init_context(&ctx);
    krb5_get_default_realm(ctx, &pszKrb5Realm);

    if (LW_IS_NULL_OR_EMPTY_STR(pszKrb5Realm)) {
        dwError = LW_ERROR_NO_DEFAULT_REALM;
        BAIL_ON_LW_ERROR(dwError);
    }

    dwError = LwAllocateString(pszKrb5Realm, &pszRealm);
    BAIL_ON_LW_ERROR(dwError);

    *ppszRealm = pszRealm;
    
cleanup:

    if (pszKrb5Realm)
    {
        krb5_free_default_realm(ctx, pszKrb5Realm);
    }

    krb5_free_context(ctx);

    return(dwError);

error:

    *ppszRealm = NULL;
    
    LW_SAFE_FREE_STRING(pszRealm);

    goto cleanup;
}
Beispiel #17
0
DWORD
LwChangeOwnerAndPermissions(
    PCSTR pszPath,
    uid_t uid,
    gid_t gid,
    mode_t dwFileMode
    )
{
    DWORD dwError = 0;

    dwError = LwChangeOwner(pszPath, uid, gid);
    BAIL_ON_LW_ERROR(dwError);

    dwError = LwChangePermissions(pszPath, dwFileMode);
    BAIL_ON_LW_ERROR(dwError);

error:

    return dwError;
}
Beispiel #18
0
DWORD
LwGssGetErrorMessage(
    OUT PSTR* ppszErrorMessage,
    IN OPTIONAL PCSTR pszGssFunction,
    IN OM_uint32 MajorStatus,
    IN OM_uint32 MinorStatus
    )
{
    DWORD dwError = 0;
    PSTR pszErrorMessage = NULL;
    PSTR pszMajorMessage = NULL;
    PSTR pszMinorMessage = NULL;

    dwError = LwGssGetSingleErrorMessage(&pszMajorMessage, MajorStatus, TRUE);
    BAIL_ON_LW_ERROR(dwError);

    dwError = LwGssGetSingleErrorMessage(&pszMinorMessage, MinorStatus, FALSE);
    BAIL_ON_LW_ERROR(dwError);

    dwError = LwAllocateStringPrintf(&pszErrorMessage,
                                     "GSS API error calling %s(): "
                                     "majorStatus = 0x%08x (%s), "
                                     "minorStatus = 0x%08x (%s)",
                                     pszGssFunction,
                                     MajorStatus, pszMajorMessage,
                                     MinorStatus, pszMinorMessage);
    BAIL_ON_LW_ERROR(dwError);

error:
    if (dwError)
    {
        LW_SAFE_FREE_STRING(pszErrorMessage);
    }

    LW_SAFE_FREE_STRING(pszMajorMessage);
    LW_SAFE_FREE_STRING(pszMinorMessage);

    *ppszErrorMessage = pszErrorMessage;

    return dwError;
}
Beispiel #19
0
DWORD
LwLdapGetDN(
    HANDLE hDirectory,
    LDAPMessage* pMessage,
    PSTR* ppszValue
    )
{
    DWORD dwError = LW_ERROR_SUCCESS;
    PLW_LDAP_DIRECTORY_CONTEXT pDirectory = NULL;
    PSTR pszLdapValue = NULL;
    PSTR pszValue = NULL;

    pDirectory = (PLW_LDAP_DIRECTORY_CONTEXT)hDirectory;

    pszLdapValue = ldap_get_dn(pDirectory->ld, pMessage);
    if (LW_IS_NULL_OR_EMPTY_STR(pszLdapValue))
    {
        dwError = LW_ERROR_INVALID_LDAP_ATTR_VALUE;
        BAIL_ON_LW_ERROR(dwError);
    }

    dwError = LwAllocateString(pszLdapValue, &pszValue);
    BAIL_ON_LW_ERROR(dwError);

    *ppszValue = pszValue;

cleanup:
    if (pszLdapValue) {
        ldap_memfree(pszLdapValue);
    }
    return dwError;

error:
    *ppszValue = NULL;

    LW_SAFE_FREE_STRING(pszValue);

    goto cleanup;
}
Beispiel #20
0
DWORD
LwAllocateString(
    PCSTR  pszInputString,
    PSTR* ppszOutputString
    )
{
    DWORD dwError = 0;
    DWORD dwLen = 0;
    PSTR  pszOutputString = NULL;

    if (!pszInputString) {
        dwError = LW_ERROR_INVALID_PARAMETER;
        BAIL_ON_LW_ERROR(dwError);
    }

    dwLen = strlen(pszInputString);

    dwError = LwAllocateMemory(dwLen+1, OUT_PPVOID(&pszOutputString));
    BAIL_ON_LW_ERROR(dwError);

    if (dwLen) {
       memcpy(pszOutputString, pszInputString, dwLen);
    }

    *ppszOutputString = pszOutputString;

cleanup:

    return dwError;

error:

    LW_SAFE_FREE_STRING(pszOutputString);

    *ppszOutputString = NULL;

    goto cleanup;
}
Beispiel #21
0
DWORD
LwLdapGetBytes(
        HANDLE hDirectory,
        LDAPMessage* pMessage,
        PSTR pszFieldName,
        PBYTE* ppszByteValue,
        PDWORD pszByteLen
        )
{
    DWORD dwError = LW_ERROR_SUCCESS;
    PLW_LDAP_DIRECTORY_CONTEXT pDirectory = NULL;
    struct berval **ppszValues = NULL;
    PBYTE pszByteValue = NULL;
    DWORD szByteLen = 0;

    pDirectory = (PLW_LDAP_DIRECTORY_CONTEXT)hDirectory;

    ppszValues = ldap_get_values_len(pDirectory->ld, pMessage, pszFieldName);

    if (ppszValues && ppszValues[0]){
        if (ppszValues[0]->bv_len != 0){
            dwError = LwAllocateMemory(
                        sizeof(BYTE) * ppszValues[0]->bv_len,
                        OUT_PPVOID(&pszByteValue));
            BAIL_ON_LW_ERROR(dwError);
            memcpy (pszByteValue, ppszValues[0]->bv_val, ppszValues[0]->bv_len * sizeof (BYTE));
            szByteLen = ppszValues[0]->bv_len;
        }
    }

    *ppszByteValue = pszByteValue;
    *pszByteLen = szByteLen;

cleanup:

    if (ppszValues) {
        ldap_value_free_len(ppszValues);
    }

    return dwError;

error:
    *ppszByteValue = NULL;
    *pszByteLen = 0;

    LW_SAFE_FREE_MEMORY(pszByteValue);

    goto cleanup;
}
Beispiel #22
0
DWORD
LwLdapIsValidADEntry(
    HANDLE hDirectory,
    LDAPMessage* pMessage,
    PBOOLEAN pbValidADEntry
    )
{
    DWORD dwError = LW_ERROR_SUCCESS;
    PSTR pszValue = NULL;

    dwError = LwLdapGetDN(
                    hDirectory,
                    pMessage,
                    &pszValue);
    BAIL_ON_LW_ERROR(dwError);

    if (LW_IS_NULL_OR_EMPTY_STR(pszValue))
    {
        dwError = LW_ERROR_INVALID_LDAP_ATTR_VALUE;
        BAIL_ON_LW_ERROR(dwError);
    }

    *pbValidADEntry = TRUE;

cleanup:

    LW_SAFE_FREE_STRING(pszValue);

    return dwError;

error:

    *pbValidADEntry = FALSE;

    goto cleanup;
}
Beispiel #23
0
DWORD
LwLdapGetParentDN(
    PCSTR pszObjectDN,
    PSTR* ppszParentDN
    )
{
    DWORD dwError = LW_ERROR_SUCCESS;
    PSTR pszParentDN = NULL;
    PSTR pComma = NULL;

    if (!pszObjectDN || !*pszObjectDN) {
        dwError = LW_ERROR_INVALID_PARAMETER;
        BAIL_ON_LW_ERROR(dwError);
    }

    pComma = strchr(pszObjectDN,',');
    if (!pComma) {
        dwError = LW_ERROR_LDAP_NO_PARENT_DN;
        BAIL_ON_LW_ERROR(dwError);
    }

    pComma++;

    dwError= LwAllocateString(pComma, &pszParentDN);
    BAIL_ON_LW_ERROR(dwError);

    *ppszParentDN = pszParentDN;

    return(dwError);

error:

    *ppszParentDN = NULL;

    return(dwError);
}
Beispiel #24
0
DWORD
LwRemoveFile(
    PCSTR pszPath
    )
{
    DWORD dwError = 0;

    // POSIX says it will not return EINTR
    if (unlink(pszPath) < 0) {
        dwError = LwMapErrnoToLwError(errno);
        BAIL_ON_LW_ERROR(dwError);
    }

error:

    return dwError;
}
Beispiel #25
0
DWORD
LwChangePermissions(
    PCSTR pszPath,
    mode_t dwFileMode
    )
{
    DWORD dwError = 0;

    // POSIX says it will not return EINTR
    if (chmod(pszPath, dwFileMode) < 0) {
        dwError = LwMapErrnoToLwError(errno);
        BAIL_ON_LW_ERROR(dwError);
    }

error:

    return dwError;
}
Beispiel #26
0
DWORD
LwKrb5SetThreadDefaultCachePath(
    IN PCSTR pszCachePath,
    OUT PSTR* ppszPreviousCachePath
    )
{
    DWORD dwError       = 0;
    DWORD dwMajorStatus = 0;
    DWORD dwMinorStatus = 0;
    PSTR  pszOrigCachePath = NULL;

    // Set the default for gss
    dwMajorStatus = gss_krb5_ccache_name(
                            (OM_uint32 *)&dwMinorStatus,
                            pszCachePath,
                            (ppszPreviousCachePath) ? (const char**)&pszOrigCachePath : NULL);
    BAIL_ON_GSS_ERROR(dwError, dwMajorStatus, dwMinorStatus);

    LW_LOG_DEBUG("Switched gss krb5 credentials path from %s to %s",
            LW_SAFE_LOG_STRING(pszOrigCachePath),
            LW_SAFE_LOG_STRING(pszCachePath));
    
    if (ppszPreviousCachePath) {
        if (!LW_IS_NULL_OR_EMPTY_STR(pszOrigCachePath)) {
            dwError = LwAllocateString(pszOrigCachePath, ppszPreviousCachePath);
            BAIL_ON_LW_ERROR(dwError);
        } else {
            *ppszPreviousCachePath = NULL;
        }
    }
    
cleanup:

    return dwError;
    
error:

    if (ppszPreviousCachePath) {
        *ppszPreviousCachePath = NULL;
    }

    goto cleanup;
}
Beispiel #27
0
DWORD
LwHexCharToByte(
    CHAR cHexChar,
    UCHAR* pucByte
    )
{
    DWORD dwError = 0;
    UCHAR ucByte = 0;

    if (cHexChar >= '0' && cHexChar <= '9')
    {
       ucByte = (UCHAR)(cHexChar - '0');
    }
    else if (cHexChar >= 'a' && cHexChar <= 'f')
    {
       ucByte = 10 + (UCHAR)(cHexChar - 'a');
    }
    else if (cHexChar >= 'A' && cHexChar <= 'F')
    {
       ucByte = 10 + (UCHAR)(cHexChar - 'A');
    }
    else
    {
       dwError = LW_ERROR_INVALID_PARAMETER;
       BAIL_ON_LW_ERROR(dwError);
    }

    *pucByte = ucByte;

cleanup:

    return dwError;

error:

    *pucByte = 0;

    goto cleanup;
}
Beispiel #28
0
DWORD
LwKrb5GetDefaultCachePath(
    OUT PSTR* ppszCachePath
    )
{
    DWORD dwError = 0;
    PSTR  pszCachePath = NULL;
    krb5_context ctx = NULL;
    const char *pszKrbDefault = NULL;
    krb5_error_code ret = 0;
    
    ret = krb5_init_context(&ctx);
    BAIL_ON_KRB_ERROR(ctx, ret);

    pszKrbDefault = krb5_cc_default_name(ctx);

    dwError = LwAllocateString(
                pszKrbDefault,
                &pszCachePath);
    BAIL_ON_LW_ERROR(dwError);
    
    *ppszCachePath = pszCachePath;
    
cleanup:
    if (ctx)
    {
        krb5_free_context(ctx);
    }

    return dwError;
    
error:

    *ppszCachePath = NULL;
    
    goto cleanup;
}
Beispiel #29
0
DWORD
LwLdapGetUInt32(
    HANDLE       hDirectory,
    LDAPMessage* pMessage,
    PCSTR        pszFieldName,
    PDWORD       pdwValue
    )
{
    DWORD dwError = 0;
    PSTR pszValue = NULL;

    dwError = LwLdapGetString(hDirectory, pMessage, pszFieldName, &pszValue);
    BAIL_ON_LW_ERROR(dwError);

    if (pszValue) {
        *pdwValue = atoi(pszValue);
    } else {
        dwError = LW_ERROR_INVALID_LDAP_ATTR_VALUE;
        // This error occurs very frequently (every time an unenabled user
        // or group is queried in default schema mode). So in order to avoid
        // log noise, BAIL_ON_LW_ERROR is not used here.
        goto error;
    }

cleanup:

    LW_SAFE_FREE_STRING(pszValue);

    return dwError;

error:

    *pdwValue = 0;

    goto cleanup;
}
Beispiel #30
0
DWORD
LwRemoveDuplicateInodes(
    IN OUT PDWORD pdwFoundCount,
    IN OUT PSTR* ppszFoundPaths
    )
{
    DWORD dwError = 0;
    DWORD foundCount = *pdwFoundCount;
    DWORD outputIndex = 0;
    struct stat *pStats = NULL;
    DWORD index = 0;
    DWORD index2 = 0;

    dwError = LwAllocateMemory(
                    foundCount * sizeof(pStats[0]),
                    OUT_PPVOID(&pStats));
    BAIL_ON_LW_ERROR(dwError);

    for (index = 0; index < foundCount; index++)
    {
        if (stat(ppszFoundPaths[index], &pStats[index]) < 0)
        {
            switch (errno)
            {
                case ELOOP:
                case ENOENT:
                case ENOTDIR:
                    // These errors indicate a bad symlink. Treat the path as
                    // unique from all others.
                    pStats[index].st_dev = (dev_t)-1;
                    pStats[index].st_ino = (ino_t)-1;
                    break;
                default:
                    dwError = LwMapErrnoToLwError(errno);
                    BAIL_ON_LW_ERROR(dwError);
            }
        }
    }

    if (foundCount > 0)
    {
        // Even if the first index is a duplicate, we take that value over
        // another.
        outputIndex = 1;
    }
    for (index = 1; index < foundCount; index++)
    {
        // See if ppszFoundPaths[index] is a duplicate of any paths with a
        // lower index.
        if (pStats[index].st_ino != (ino_t)-1)
        {
            for (index2 = 0; index2 < index; index2++)
            {
                if (pStats[index].st_dev == pStats[index2].st_dev &&
                    pStats[index].st_ino == pStats[index2].st_ino)
                {
                    LW_SAFE_FREE_STRING(ppszFoundPaths[index]);
                    break;
                }
            }
        }
        if (ppszFoundPaths[index] != NULL)
        {
            ppszFoundPaths[outputIndex] = ppszFoundPaths[index];
            outputIndex++;
        }
    }

    *pdwFoundCount = outputIndex;

cleanup:
    LW_SAFE_FREE_MEMORY(pStats);
    return dwError;

error:
    goto cleanup;
}