/*
* krb5_authenticator_size() - Determine the size required to externalize
* the krb5_authenticator.
*/
static krb5_error_code
krb5_authenticator_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep)
{
krb5_error_code kret;
krb5_authenticator *authenticator;
size_t required;
/*
* krb5_authenticator requires at minimum:
* krb5_int32 for KV5M_AUTHENTICATOR
* krb5_int32 for seconds
* krb5_int32 for cusec
* krb5_int32 for seq_number
* krb5_int32 for number in authorization_data array.
* krb5_int32 for KV5M_AUTHENTICATOR
*/
kret = EINVAL;
if ((authenticator = (krb5_authenticator *) arg)) {
required = sizeof(krb5_int32)*6;
/* Calculate size required by client, if appropriate */
if (authenticator->client)
kret = krb5_size_opaque(kcontext,
KV5M_PRINCIPAL,
(krb5_pointer) authenticator->client,
&required);
else
kret = 0;
/* Calculate size required by checksum, if appropriate */
if (!kret && authenticator->checksum)
kret = krb5_size_opaque(kcontext,
KV5M_CHECKSUM,
(krb5_pointer) authenticator->checksum,
&required);
/* Calculate size required by subkey, if appropriate */
if (!kret && authenticator->subkey)
kret = krb5_size_opaque(kcontext,
KV5M_KEYBLOCK,
(krb5_pointer) authenticator->subkey,
&required);
/* Calculate size required by authorization_data, if appropriate */
if (!kret && authenticator->authorization_data) {
int i;
for (i=0; !kret && authenticator->authorization_data[i]; i++) {
kret = krb5_size_opaque(kcontext,
KV5M_AUTHDATA,
(krb5_pointer) authenticator->
authorization_data[i],
&required);
}
}
}
if (!kret)
*sizep += required;
return(kret);
}
/*
* Externalize a piece of arbitrary data.
*/
krb5_error_code
krb5_externalize_data(krb5_context kcontext, krb5_pointer arg, krb5_octet **bufpp, size_t *sizep)
{
krb5_error_code kret;
krb5_magic *mp;
krb5_octet *buffer, *bp;
size_t bufsize, bsize;
mp = (krb5_magic *) arg;
bufsize = 0;
if (!(kret = krb5_size_opaque(kcontext, *mp, arg, &bufsize))) {
if ((buffer = (krb5_octet *) malloc(bufsize))) {
bp = buffer;
bsize = bufsize;
if (!(kret = krb5_externalize_opaque(kcontext,
*mp,
arg,
&bp,
&bsize))) {
if (bsize != 0)
bufsize -= bsize;
*bufpp = buffer;
*sizep = bufsize;
}
}
else
kret = ENOMEM;
}
return(kret);
}
static krb5_error_code
s4u2proxy_size(krb5_context kcontext,
krb5_authdata_context context,
void *plugin_context,
void *request_context,
size_t *sizep)
{
struct s4u2proxy_context *s4uctx = (struct s4u2proxy_context *)request_context;
krb5_error_code code = 0;
int i;
*sizep += sizeof(krb5_int32); /* version */
*sizep += sizeof(krb5_int32); /* princ count */
for (i = 0; i < s4uctx->count; i++) {
code = krb5_size_opaque(kcontext, KV5M_PRINCIPAL,
(krb5_pointer)s4uctx->delegated[i], sizep);
if (code != 0)
return code;
}
*sizep += sizeof(krb5_int32); /* authenticated flag */
return code;
}
/*
* krb5_auth_context_size() - Determine the size required to externalize
* the krb5_auth_context.
*/
static krb5_error_code
krb5_auth_context_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep)
{
krb5_error_code kret;
krb5_auth_context auth_context;
size_t required;
/*
* krb5_auth_context requires at minimum:
* krb5_int32 for KV5M_AUTH_CONTEXT
* krb5_int32 for auth_context_flags
* krb5_int32 for remote_seq_number
* krb5_int32 for local_seq_number
* krb5_int32 for req_cksumtype
* krb5_int32 for safe_cksumtype
* krb5_int32 for size of i_vector
* krb5_int32 for KV5M_AUTH_CONTEXT
*/
kret = EINVAL;
if ((auth_context = (krb5_auth_context) arg)) {
kret = 0;
/* Calculate size required by i_vector - ptooey */
if (auth_context->i_vector && auth_context->keyblock) {
kret = krb5_c_block_size(kcontext, auth_context->keyblock->enctype,
&required);
} else {
required = 0;
}
required += sizeof(krb5_int32)*8;
/* Calculate size required by remote_addr, if appropriate */
if (!kret && auth_context->remote_addr) {
kret = krb5_size_opaque(kcontext,
KV5M_ADDRESS,
(krb5_pointer) auth_context->remote_addr,
&required);
if (!kret)
required += sizeof(krb5_int32);
}
/* Calculate size required by remote_port, if appropriate */
if (!kret && auth_context->remote_port) {
kret = krb5_size_opaque(kcontext,
KV5M_ADDRESS,
(krb5_pointer) auth_context->remote_port,
&required);
if (!kret)
required += sizeof(krb5_int32);
}
/* Calculate size required by local_addr, if appropriate */
if (!kret && auth_context->local_addr) {
kret = krb5_size_opaque(kcontext,
KV5M_ADDRESS,
(krb5_pointer) auth_context->local_addr,
&required);
if (!kret)
required += sizeof(krb5_int32);
}
/* Calculate size required by local_port, if appropriate */
if (!kret && auth_context->local_port) {
kret = krb5_size_opaque(kcontext,
KV5M_ADDRESS,
(krb5_pointer) auth_context->local_port,
&required);
if (!kret)
required += sizeof(krb5_int32);
}
/* Calculate size required by keyblock, if appropriate */
if (!kret && auth_context->keyblock) {
kret = krb5_size_opaque(kcontext,
KV5M_KEYBLOCK,
(krb5_pointer) auth_context->keyblock,
&required);
if (!kret)
required += sizeof(krb5_int32);
}
/* Calculate size required by send_subkey, if appropriate */
if (!kret && auth_context->send_subkey) {
kret = krb5_size_opaque(kcontext,
KV5M_KEYBLOCK,
(krb5_pointer) auth_context->send_subkey,
&required);
if (!kret)
required += sizeof(krb5_int32);
}
/* Calculate size required by recv_subkey, if appropriate */
if (!kret && auth_context->recv_subkey) {
kret = krb5_size_opaque(kcontext,
KV5M_KEYBLOCK,
(krb5_pointer) auth_context->recv_subkey,
&required);
if (!kret)
required += sizeof(krb5_int32);
}
/* Calculate size required by authentp, if appropriate */
if (!kret && auth_context->authentp)
kret = krb5_size_opaque(kcontext,
KV5M_AUTHENTICATOR,
(krb5_pointer) auth_context->authentp,
&required);
}
if (!kret)
*sizep += required;
return(kret);
}
/*
* krb5_context_size() - Determine the size required to externalize the
* krb5_context.
*/
static krb5_error_code
krb5_context_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep)
{
krb5_error_code kret;
size_t required;
krb5_context context;
/*
* The KRB5 context itself requires:
* krb5_int32 for KV5M_CONTEXT
* krb5_int32 for sizeof(default_realm)
* strlen(default_realm) for default_realm.
* krb5_int32 for n_in_tkt_ktypes*sizeof(krb5_int32)
* nktypes*sizeof(krb5_int32) for in_tkt_ktypes.
* krb5_int32 for n_tgs_ktypes*sizeof(krb5_int32)
* nktypes*sizeof(krb5_int32) for tgs_ktypes.
* krb5_int32 for clockskew
* krb5_int32 for kdc_req_sumtype
* krb5_int32 for ap_req_sumtype
* krb5_int32 for safe_sumtype
* krb5_int32 for kdc_default_options
* krb5_int32 for library_options
* krb5_int32 for profile_secure
* krb5_int32 for fcc_default_format
* krb5_int32 for scc_default_format
* <> for os_context
* <> for db_context
* <> for profile
* krb5_int32 for trailer.
*/
kret = EINVAL;
context = (krb5_context) arg;
if (context) {
/* Calculate base length */
required = (14 * sizeof(krb5_int32) +
(context->in_tkt_ktype_count * sizeof(krb5_int32)) +
(context->tgs_ktype_count * sizeof(krb5_int32)));
if (context->default_realm)
required += strlen(context->default_realm);
/* Calculate size required by os_context, if appropriate */
if (context->os_context)
kret = krb5_size_opaque(kcontext,
KV5M_OS_CONTEXT,
(krb5_pointer) context->os_context,
&required);
/* Calculate size required by db_context, if appropriate */
if (!kret && context->db_context)
kret = krb5_size_opaque(kcontext,
KV5M_DB_CONTEXT,
(krb5_pointer) context->db_context,
&required);
/* Finally, calculate size required by profile, if appropriate */
if (!kret && context->profile)
kret = krb5_size_opaque(kcontext,
PROF_MAGIC_PROFILE,
(krb5_pointer) context->profile,
&required);
}
if (!kret)
*sizep += required;
return(kret);
}
