コード例 #1
0
ファイル: ser_ctx.c プロジェクト: andreiw/polaris
/*
 * krb5_oscontext_externalize()	- Externalize the krb5_os_context.
 */
static krb5_error_code
krb5_oscontext_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain)
{
    krb5_error_code	kret;
    krb5_os_context	os_ctx;
    size_t		required;
    krb5_octet		*bp;
    size_t		remain;

    required = 0;
    bp = *buffer;
    remain = *lenremain;
    kret = EINVAL;
    os_ctx = (krb5_os_context) arg;
    if (os_ctx) {
	kret = ENOMEM;
	if (!krb5_oscontext_size(kcontext, arg, &required) &&
	    (required <= remain)) {
	    (void) krb5_ser_pack_int32(KV5M_OS_CONTEXT, &bp, &remain);
	    (void) krb5_ser_pack_int32(os_ctx->time_offset, &bp, &remain);
	    (void) krb5_ser_pack_int32(os_ctx->usec_offset, &bp, &remain);
	    (void) krb5_ser_pack_int32(os_ctx->os_flags, &bp, &remain);
	    (void) krb5_ser_pack_int32(KV5M_OS_CONTEXT, &bp, &remain);

	    /* Handle any other OS context here */
	    kret = 0;
	    if (!kret) {
		*buffer = bp;
		*lenremain = remain;
	    }
	}
    }
    return(kret);
}
コード例 #2
0
ファイル: ser_princ.c プロジェクト: aosm/Kerberos
/*
 * krb5_principal_externalize()	- Externalize the krb5_principal.
 */
static krb5_error_code
krb5_principal_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain)
{
    krb5_error_code	kret;
    krb5_principal	principal;
    size_t		required;
    krb5_octet		*bp;
    size_t		remain;
    char		*fname;

    required = 0;
    bp = *buffer;
    remain = *lenremain;
    kret = EINVAL;
    if ((principal = (krb5_principal) arg)) {
	kret = ENOMEM;
	if (!krb5_principal_size(kcontext, arg, &required) &&
	    (required <= remain)) {
	    if (!(kret = krb5_unparse_name(kcontext, principal, &fname))) {

		(void) krb5_ser_pack_int32(KV5M_PRINCIPAL, &bp, &remain);
		(void) krb5_ser_pack_int32((krb5_int32) strlen(fname),
					   &bp, &remain);
		(void) krb5_ser_pack_bytes((krb5_octet *) fname,
					   strlen(fname), &bp, &remain);
		(void) krb5_ser_pack_int32(KV5M_PRINCIPAL, &bp, &remain);
		*buffer = bp;
		*lenremain = remain;

		krb5_xfree(fname);
	    }
	}
    }
    return(kret);
}
コード例 #3
0
ファイル: authdata.c プロジェクト: ln5/krb5-anonsvn
/*
 * Externalize an authdata context.
 */
static krb5_error_code
krb5_authdata_context_externalize(krb5_context kcontext,
                                  krb5_pointer ptr,
                                  krb5_octet **buffer,
                                  size_t *lenremain)
{
    krb5_error_code code;
    krb5_authdata_context context = (krb5_authdata_context)ptr;
    krb5_octet *bp;
    size_t remain;

    bp = *buffer;
    remain = *lenremain;

    /* Our identifier */
    code = krb5_ser_pack_int32(KV5M_AUTHDATA_CONTEXT, &bp, &remain);
    if (code != 0)
        return code;

    /* The actual context data */
    code = k5_ad_externalize(kcontext, context, AD_USAGE_MASK,
                             &bp, &remain);
    if (code != 0)
        return code;

    /* Our trailer */
    code = krb5_ser_pack_int32(KV5M_AUTHDATA_CONTEXT, &bp, &remain);
    if (code != 0)
        return code;

    *buffer = bp;
    *lenremain = remain;

    return 0;
}
コード例 #4
0
ファイル: ser_rc.c プロジェクト: andreiw/polaris
/*
 * krb5_rcache_externalize()	- Externalize the krb5_rcache.
 */
static krb5_error_code
krb5_rcache_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain)
{
    krb5_error_code	kret;
    krb5_rcache		rcache;
    size_t		required;
    krb5_octet		*bp;
    size_t		remain;
    char		*rcname;
    size_t		namelen;
    char		*fnamep;

    required = 0;
    bp = *buffer;
    remain = *lenremain;
    kret = EINVAL;
    if ((rcache = (krb5_rcache) arg) != NULL) {
	kret = ENOMEM;
	if (!krb5_rcache_size(kcontext, arg, &required) &&
	    (required <= remain)) {
	    /* Our identifier */
	    (void) krb5_ser_pack_int32(KV5M_RCACHE, &bp, &remain);

	    /* Calculate the length of the name */
	    namelen = (rcache->ops && rcache->ops->type) ?
		strlen(rcache->ops->type)+1 : 0;
	    fnamep = krb5_rc_get_name(kcontext, rcache);
	    namelen += (strlen(fnamep)+1);

	    if ((rcname = (char *) malloc(namelen))) {
		/* Format the rcache name. */
		if (rcache->ops && rcache->ops->type)
		    sprintf(rcname, "%s:%s", rcache->ops->type, fnamep);
		else
		    strcpy(rcname, fnamep);

		/* Put the length of the file name */
		(void) krb5_ser_pack_int32((krb5_int32) strlen(rcname),
					   &bp, &remain);
		
		/* Put the name */
		(void) krb5_ser_pack_bytes((krb5_octet *) rcname,
					   strlen(rcname),
					   &bp, &remain);

		/* Put the trailer */
		(void) krb5_ser_pack_int32(KV5M_RCACHE, &bp, &remain);
		kret = 0;
		*buffer = bp;
		*lenremain = remain;
		free(rcname);
	    }
	}
    }
    return(kret);
}
コード例 #5
0
ファイル: ser_rc.c プロジェクト: Akasurde/krb5
/*
 * krb5_rcache_externalize()    - Externalize the krb5_rcache.
 */
static krb5_error_code
krb5_rcache_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain)
{
    krb5_error_code     kret;
    krb5_rcache         rcache;
    size_t              required;
    krb5_octet          *bp;
    size_t              remain;
    char                *rcname;
    char                *fnamep;

    required = 0;
    bp = *buffer;
    remain = *lenremain;
    kret = EINVAL;
    if ((rcache = (krb5_rcache) arg)) {
        kret = ENOMEM;
        if (!krb5_rcache_size(kcontext, arg, &required) &&
            (required <= remain)) {
            /* Our identifier */
            (void) krb5_ser_pack_int32(KV5M_RCACHE, &bp, &remain);

            fnamep = krb5_rc_get_name(kcontext, rcache);

            if (rcache->ops->type) {
                if (asprintf(&rcname, "%s:%s", rcache->ops->type, fnamep) < 0)
                    rcname = NULL;
            } else
                rcname = strdup(fnamep);

            if (rcname) {
                /* Put the length of the file name */
                (void) krb5_ser_pack_int32((krb5_int32) strlen(rcname),
                                           &bp, &remain);

                /* Put the name */
                (void) krb5_ser_pack_bytes((krb5_octet *) rcname,
                                           strlen(rcname),
                                           &bp, &remain);

                /* Put the trailer */
                (void) krb5_ser_pack_int32(KV5M_RCACHE, &bp, &remain);
                kret = 0;
                *buffer = bp;
                *lenremain = remain;
                free(rcname);
            }
        }
    }
    return(kret);
}
コード例 #6
0
/*
 * krb5_address_externalize()	- Externalize the krb5_address.
 */
static krb5_error_code
krb5_address_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain)
{
    krb5_error_code	kret;
    krb5_address	*address;
    size_t		required;
    krb5_octet		*bp;
    size_t		remain;

    required = 0;
    bp = *buffer;
    remain = *lenremain;
    kret = EINVAL;
    /* Solaris Kerberos */
    address = (krb5_address *) arg;
    if (address) {
	kret = ENOMEM;
	if (!krb5_address_size(kcontext, arg, &required) &&
	    (required <= remain)) {
	    /* Our identifier */
	    (void) krb5_ser_pack_int32(KV5M_ADDRESS, &bp, &remain);
		
	    /* Our addrtype */
	    (void) krb5_ser_pack_int32((krb5_int32) address->addrtype,
				       &bp, &remain);

	    /* Our length */
	    (void) krb5_ser_pack_int32((krb5_int32) address->length,
				       &bp, &remain);

	    /* Our contents */
	    (void) krb5_ser_pack_bytes(address->contents,
				       (size_t) address->length,
				       &bp, &remain);

	    /* Finally, our trailer */
	    (void) krb5_ser_pack_int32(KV5M_ADDRESS, &bp, &remain);

	    kret = 0;
	    *buffer = bp;
	    *lenremain = remain;
	}
    }
    return(kret);
}
コード例 #7
0
/*
 * krb5_checksum_externalize()	- Externalize the krb5_checksum.
 */
static krb5_error_code
krb5_checksum_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain)
{
    krb5_error_code	kret;
    krb5_checksum	*checksum;
    size_t		required;
    krb5_octet		*bp;
    size_t		remain;

    required = 0;
    bp = *buffer;
    remain = *lenremain;
    kret = EINVAL;
    /* Solaris Kerberos */
    checksum = (krb5_checksum *) arg;
    if (checksum) {
	kret = ENOMEM;
	if (!krb5_checksum_esize(kcontext, arg, &required) &&
	    (required <= remain)) {
	    /* Our identifier */
	    (void) krb5_ser_pack_int32(KV5M_CHECKSUM, &bp, &remain);
		
	    /* Our checksum_type */
	    (void) krb5_ser_pack_int32((krb5_int32) checksum->checksum_type,
				       &bp, &remain);

	    /* Our length */
	    (void) krb5_ser_pack_int32((krb5_int32) checksum->length,
				       &bp, &remain);

	    /* Our contents */
	    (void) krb5_ser_pack_bytes(checksum->contents,
				       (size_t) checksum->length,
				       &bp, &remain);

	    /* Finally, our trailer */
	    (void) krb5_ser_pack_int32(KV5M_CHECKSUM, &bp, &remain);

	    kret = 0;
	    *buffer = bp;
	    *lenremain = remain;
	}
    }
    return(kret);
}
コード例 #8
0
ファイル: ser_key.c プロジェクト: Brainiarc7/pbis
/*
 * krb5_keyblock_externalize()  - Externalize the krb5_keyblock.
 */
static krb5_error_code
krb5_keyblock_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain)
{
    krb5_error_code     kret;
    krb5_keyblock       *keyblock;
    size_t              required;
    krb5_octet          *bp;
    size_t              remain;

    required = 0;
    bp = *buffer;
    remain = *lenremain;
    kret = EINVAL;
    if ((keyblock = (krb5_keyblock *) arg)) {
        kret = ENOMEM;
        if (!krb5_keyblock_size(kcontext, arg, &required) &&
            (required <= remain)) {
            /* Our identifier */
            (void) krb5_ser_pack_int32(KV5M_KEYBLOCK, &bp, &remain);

            /* Our enctype */
            (void) krb5_ser_pack_int32((krb5_int32) keyblock->enctype,
                                       &bp, &remain);

            /* Our length */
            (void) krb5_ser_pack_int32((krb5_int32) keyblock->length,
                                       &bp, &remain);

            /* Our contents */
            (void) krb5_ser_pack_bytes(keyblock->contents,
                                       (size_t) keyblock->length,
                                       &bp, &remain);

            /* Finally, our trailer */
            (void) krb5_ser_pack_int32(KV5M_KEYBLOCK, &bp, &remain);

            kret = 0;
            *buffer = bp;
            *lenremain = remain;
        }
    }
    return(kret);
}
コード例 #9
0
ファイル: s4u_authdata.c プロジェクト: Akasurde/krb5
static krb5_error_code
s4u2proxy_externalize(krb5_context kcontext,
                      krb5_authdata_context context,
                      void *plugin_context,
                      void *request_context,
                      krb5_octet **buffer,
                      size_t *lenremain)
{
    struct s4u2proxy_context *s4uctx = (struct s4u2proxy_context *)request_context;
    krb5_error_code code = 0;
    size_t required = 0;
    krb5_octet *bp;
    size_t remain;
    int i = 0;

    bp = *buffer;
    remain = *lenremain;

    s4u2proxy_size(kcontext, context, plugin_context,
                   request_context, &required);

    if (required > remain)
        return ENOMEM;

    krb5_ser_pack_int32(1, &bp, &remain); /* version */
    krb5_ser_pack_int32(s4uctx->count, &bp, &remain); /* princ count */

    for (i = 0; i < s4uctx->count; i++) {
        code = krb5_externalize_opaque(kcontext, KV5M_PRINCIPAL,
                                       (krb5_pointer)s4uctx->delegated[i],
                                       &bp, &remain);
        if (code != 0)
            return code;
    }

    krb5_ser_pack_int32(s4uctx->authenticated, &bp, &remain); /* authenticated */

    *buffer = bp;
    *lenremain = remain;

    return 0;
}
コード例 #10
0
ファイル: ser_adata.c プロジェクト: Brainiarc7/pbis
/*
 * krb5_authdata_externalize()  - Externalize the krb5_authdata.
 */
static krb5_error_code
krb5_authdata_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain)
{
    krb5_error_code     kret;
    krb5_authdata       *authdata;
    size_t              required;
    krb5_octet          *bp;
    size_t              remain;

    required = 0;
    bp = *buffer;
    remain = *lenremain;
    kret = EINVAL;
    if ((authdata = (krb5_authdata *) arg)) {
        kret = ENOMEM;
        if (!krb5_authdata_size(kcontext, arg, &required) &&
            (required <= remain)) {
            /* Our identifier */
            (void) krb5_ser_pack_int32(KV5M_AUTHDATA, &bp, &remain);

            /* Our ad_type */
            (void) krb5_ser_pack_int32((krb5_int32) authdata->ad_type,
                                       &bp, &remain);

            /* Our length */
            (void) krb5_ser_pack_int32((krb5_int32) authdata->length,
                                       &bp, &remain);

            /* Our contents */
            (void) krb5_ser_pack_bytes(authdata->contents,
                                       (size_t) authdata->length,
                                       &bp, &remain);

            /* Finally, our trailer */
            (void) krb5_ser_pack_int32(KV5M_AUTHDATA, &bp, &remain);
            kret = 0;
            *buffer = bp;
            *lenremain = remain;
        }
    }
    return(kret);
}
コード例 #11
0
ファイル: pac.c プロジェクト: secure-endpoints/mit-krb5
static krb5_error_code
mspac_externalize(krb5_context kcontext,
                  krb5_authdata_context context,
                  void *plugin_context,
                  void *request_context,
                  krb5_octet **buffer,
                  size_t *lenremain)
{
    krb5_error_code code = 0;
    struct mspac_context *pacctx = (struct mspac_context *)request_context;
    size_t required = 0;
    krb5_octet *bp;
    size_t remain;

    bp = *buffer;
    remain = *lenremain;

    if (pacctx->pac != NULL) {
        mspac_size(kcontext, context, plugin_context,
                   request_context, &required);

        if (required <= remain) {
            krb5_ser_pack_int32((krb5_int32)pacctx->pac->data.length,
                                &bp, &remain);
            krb5_ser_pack_bytes((krb5_octet *)pacctx->pac->data.data,
                                (size_t)pacctx->pac->data.length,
                                &bp, &remain);
            krb5_ser_pack_int32((krb5_int32)pacctx->pac->verified,
                                &bp, &remain);
        } else {
            code = ENOMEM;
        }
    } else {
        krb5_ser_pack_int32(0, &bp, &remain); /* length */
        krb5_ser_pack_int32(0, &bp, &remain); /* verified */
    }

    *buffer = bp;
    *lenremain = remain;

    return code;
}
コード例 #12
0
ファイル: ser_actx.c プロジェクト: OPSF/uClinux
/*
 * krb5_auth_context_externalize()	- Externalize the krb5_auth_context.
 */
static krb5_error_code
krb5_auth_context_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain)
{
    krb5_error_code	kret;
    krb5_auth_context	auth_context;
    size_t		required;
    krb5_octet		*bp;
    size_t		remain;
    size_t              obuf;
    krb5_int32		obuf32;

    required = 0;
    bp = *buffer;
    remain = *lenremain;
    kret = EINVAL;
    if ((auth_context = (krb5_auth_context) arg)) {
	kret = ENOMEM;
	if (!krb5_auth_context_size(kcontext, arg, &required) &&
	    (required <= remain)) {

	    /* Write fixed portion */
	    (void) krb5_ser_pack_int32(KV5M_AUTH_CONTEXT, &bp, &remain);
	    (void) krb5_ser_pack_int32(auth_context->auth_context_flags,
				       &bp, &remain);
	    (void) krb5_ser_pack_int32(auth_context->remote_seq_number,
				       &bp, &remain);
	    (void) krb5_ser_pack_int32(auth_context->local_seq_number,
				       &bp, &remain);
	    (void) krb5_ser_pack_int32((krb5_int32) auth_context->req_cksumtype,
				       &bp, &remain);
	    (void) krb5_ser_pack_int32((krb5_int32) auth_context->safe_cksumtype,
				       &bp, &remain);

	    kret = 0;

	    /* Now figure out the number of bytes for i_vector and write it */
	    if (auth_context->i_vector) {
		kret = krb5_c_block_size(kcontext,
					 auth_context->keyblock->enctype,
					 &obuf);
	    } else {
		obuf = 0;
	    }

	    /* Convert to signed 32 bit integer */
	    obuf32 = obuf;
	    if (kret == 0 && obuf != obuf32)
		kret = EINVAL;
	    if (!kret)
		(void) krb5_ser_pack_int32(obuf32, &bp, &remain);

	    /* Now copy i_vector */
	    if (!kret && auth_context->i_vector)
		(void) krb5_ser_pack_bytes(auth_context->i_vector,
					   obuf,
					   &bp, &remain);

	    /* Now handle remote_addr, if appropriate */
	    if (!kret && auth_context->remote_addr) {
		(void) krb5_ser_pack_int32(TOKEN_RADDR, &bp, &remain);
		kret = krb5_externalize_opaque(kcontext,
					       KV5M_ADDRESS,
					       (krb5_pointer)
					       auth_context->remote_addr,
					       &bp,
					       &remain);
	    }

	    /* Now handle remote_port, if appropriate */
	    if (!kret && auth_context->remote_port) {
		(void) krb5_ser_pack_int32(TOKEN_RPORT, &bp, &remain);
		kret = krb5_externalize_opaque(kcontext,
					       KV5M_ADDRESS,
					       (krb5_pointer)
					       auth_context->remote_addr,
					       &bp,
					       &remain);
	    }

	    /* Now handle local_addr, if appropriate */
	    if (!kret && auth_context->local_addr) {
		(void) krb5_ser_pack_int32(TOKEN_LADDR, &bp, &remain);
		kret = krb5_externalize_opaque(kcontext,
					       KV5M_ADDRESS,
					       (krb5_pointer)
					       auth_context->local_addr,
					       &bp,
					       &remain);
	    }

	    /* Now handle local_port, if appropriate */
	    if (!kret && auth_context->local_port) {
		(void) krb5_ser_pack_int32(TOKEN_LPORT, &bp, &remain);
		kret = krb5_externalize_opaque(kcontext,
					       KV5M_ADDRESS,
					       (krb5_pointer)
					       auth_context->local_addr,
					       &bp,
					       &remain);
	    }

	    /* Now handle keyblock, if appropriate */
	    if (!kret && auth_context->keyblock) {
		(void) krb5_ser_pack_int32(TOKEN_KEYBLOCK, &bp, &remain);
		kret = krb5_externalize_opaque(kcontext,
					       KV5M_KEYBLOCK,
					       (krb5_pointer)
					       auth_context->keyblock,
					       &bp,
					       &remain);
	    }

	    /* Now handle subkey, if appropriate */
	    if (!kret && auth_context->send_subkey) {
		(void) krb5_ser_pack_int32(TOKEN_LSKBLOCK, &bp, &remain);
		kret = krb5_externalize_opaque(kcontext,
					       KV5M_KEYBLOCK,
					       (krb5_pointer)
					       auth_context->send_subkey,
					       &bp,
					       &remain);
	    }

	    /* Now handle subkey, if appropriate */
	    if (!kret && auth_context->recv_subkey) {
		(void) krb5_ser_pack_int32(TOKEN_RSKBLOCK, &bp, &remain);
		kret = krb5_externalize_opaque(kcontext,
					       KV5M_KEYBLOCK,
					       (krb5_pointer)
					       auth_context->recv_subkey,
					       &bp,
					       &remain);
	    }

	    /* Now handle authentp, if appropriate */
	    if (!kret && auth_context->authentp)
		kret = krb5_externalize_opaque(kcontext,
					       KV5M_AUTHENTICATOR,
					       (krb5_pointer)
					       auth_context->authentp,
					       &bp,
					       &remain);

	    /*
	     * If we were successful, write trailer then update the pointer and
	     * remaining length;
	     */
	    if (!kret) {
		/* Write our trailer */
		(void) krb5_ser_pack_int32(KV5M_AUTH_CONTEXT, &bp, &remain);
		*buffer = bp;
		*lenremain = remain;
	    }
	}
    }
    return(kret);
}
コード例 #13
0
ファイル: ser_auth.c プロジェクト: FarazShaikh/LikewiseSMB2
/*
 * krb5_authenticator_externalize()	- Externalize the krb5_authenticator.
 */
static krb5_error_code
krb5_authenticator_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain)
{
    krb5_error_code	kret;
    krb5_authenticator	*authenticator;
    size_t		required;
    krb5_octet		*bp;
    size_t		remain;
    int			i;

    required = 0;
    bp = *buffer;
    remain = *lenremain;
    kret = EINVAL;
    if ((authenticator = (krb5_authenticator *) arg)) {
	kret = ENOMEM;
	if (!krb5_authenticator_size(kcontext, arg, &required) &&
	    (required <= remain)) {
	    /* First write our magic number */
	    (void) krb5_ser_pack_int32(KV5M_AUTHENTICATOR, &bp, &remain);
	    
	    /* Now ctime */
	    (void) krb5_ser_pack_int32((krb5_int32) authenticator->ctime,
				       &bp, &remain);

	    /* Now cusec */
	    (void) krb5_ser_pack_int32((krb5_int32) authenticator->cusec,
				       &bp, &remain);

	    /* Now seq_number */
	    (void) krb5_ser_pack_int32(authenticator->seq_number,
				       &bp, &remain);

	    /* Now handle client, if appropriate */
	    if (authenticator->client)
		kret = krb5_externalize_opaque(kcontext,
					       KV5M_PRINCIPAL,
					       (krb5_pointer)
					       authenticator->client,
					       &bp,
					       &remain);
	    else
		kret = 0;

	    /* Now handle checksum, if appropriate */
	    if (!kret && authenticator->checksum)
		kret = krb5_externalize_opaque(kcontext,
					       KV5M_CHECKSUM,
					       (krb5_pointer)
					       authenticator->checksum,
					       &bp,
					       &remain);

	    /* Now handle subkey, if appropriate */
	    if (!kret && authenticator->subkey)
		kret = krb5_externalize_opaque(kcontext,
					       KV5M_KEYBLOCK,
					       (krb5_pointer)
					       authenticator->subkey,
					       &bp,
					       &remain);

	    /* Now handle authorization_data, if appropriate */
	    if (!kret) {
		if (authenticator->authorization_data)
		    for (i=0; authenticator->authorization_data[i]; i++);
		else
		    i = 0;
		(void) krb5_ser_pack_int32((krb5_int32) i, &bp, &remain);

		/* Now pound out the authorization_data */
		if (authenticator->authorization_data) {
		    for (i=0; !kret && authenticator->authorization_data[i];
			 i++)
			kret = krb5_externalize_opaque(kcontext,
						       KV5M_AUTHDATA,
						       (krb5_pointer)
						       authenticator->
						       authorization_data[i],
						       &bp,
						       &remain);
		}
	    }

	    /*
	     * If we were successful, write trailer then update the pointer and
	     * remaining length;
	     */
	    if (!kret) {
		/* Write our trailer */
		(void) krb5_ser_pack_int32(KV5M_AUTHENTICATOR, &bp, &remain);
		*buffer = bp;
		*lenremain = remain;
	    }
	}
    }
    return(kret);
}
コード例 #14
0
ファイル: authdata.c プロジェクト: ln5/krb5-anonsvn
/*
 * Externalize authdata context, for modules that match given flags
 * mask. Note that the magic identifier/trailer is not included.
 */
static krb5_error_code
k5_ad_externalize(krb5_context kcontext,
                  krb5_authdata_context context,
                  krb5_flags flags,
                  krb5_octet **buffer,
                  size_t *lenremain)
{
    int i;
    krb5_error_code code;
    krb5_int32 ad_count = 0;
    krb5_octet *bp;
    size_t remain;

    bp = *buffer;
    remain = *lenremain;

    /* placeholder for count */
    code = krb5_ser_pack_int32(0, &bp, &remain);
    if (code != 0)
        return code;

    for (i = 0; i < context->n_modules; i++) {
        struct _krb5_authdata_context_module *module = &context->modules[i];
        size_t namelen;

        if ((module->flags & flags) == 0)
            continue;

        /* externalize request context for the first instance only */
        if (!IS_PRIMARY_INSTANCE(module))
            continue;

        if (module->ftable->externalize == NULL)
            continue;

        /*
         * We use the module name rather than the authdata type, because
         * there may be multiple modules for a particular authdata type.
         */
        namelen = strlen(module->name);

        code = krb5_ser_pack_int32((krb5_int32)namelen, &bp, &remain);
        if (code != 0)
            break;

        code = krb5_ser_pack_bytes((krb5_octet *)module->name,
                                   namelen, &bp, &remain);
        if (code != 0)
            break;

        code = (*module->ftable->externalize)(kcontext,
                                              context,
                                              module->plugin_context,
                                              *(module->request_context_pp),
                                              &bp,
                                              &remain);
        if (code != 0)
            break;

        ad_count++;
    }

    if (code == 0) {
        /* store actual count */
        krb5_ser_pack_int32(ad_count, buffer, lenremain);

        *buffer = bp;
        *lenremain = remain;
    }

    return code;
}
コード例 #15
0
ファイル: ser_ctx.c プロジェクト: andreiw/polaris
/*
 * krb5_context_externalize()	- Externalize the krb5_context.
 */
static krb5_error_code
krb5_context_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain)
{
    krb5_error_code	kret;
    krb5_context	context;
    size_t		required;
    krb5_octet		*bp;
    size_t		remain;
    int			i;

    required = 0;
    bp = *buffer;
    remain = *lenremain;
    context = (krb5_context) arg;
    if (!context)
	    return (EINVAL);
    KRB5_VERIFY_MAGIC(context, KV5M_CONTEXT);

    if ((kret = krb5_context_size(kcontext, arg, &required)))
	return (kret);

    if (required > remain)
	return (ENOMEM);
    
    /* First write our magic number */
    kret = krb5_ser_pack_int32(KV5M_CONTEXT, &bp, &remain);
    if (kret)
	return (kret);
    
    /* Now sizeof default realm */
    kret = krb5_ser_pack_int32((context->default_realm) ?
			       (krb5_int32) strlen(context->default_realm) : 0,
			       &bp, &remain);
    if (kret)
	return (kret);
    
    /* Now default_realm bytes */
    if (context->default_realm) {
	kret = krb5_ser_pack_bytes((krb5_octet *) context->default_realm,
				   strlen(context->default_realm), 
				   &bp, &remain);
	if (kret)
	    return (kret);
    }

    /* Now number of initial ticket ktypes */
    kret = krb5_ser_pack_int32((krb5_int32) context->in_tkt_ktype_count,
			       &bp, &remain);
    if (kret)
	return (kret);
    
    /* Now serialize ktypes */
    for (i=0; i<context->in_tkt_ktype_count; i++) {
	kret = krb5_ser_pack_int32((krb5_int32) context->in_tkt_ktypes[i],
				   &bp, &remain);
	if (kret)
	    return (kret);
    }
    
    /* Now number of default ktypes */
    kret = krb5_ser_pack_int32((krb5_int32) context->tgs_ktype_count,
			       &bp, &remain);
    if (kret)
	return (kret);
	
    /* Now serialize ktypes */
    for (i=0; i<context->tgs_ktype_count; i++) {
	kret = krb5_ser_pack_int32((krb5_int32) context->tgs_ktypes[i],
				   &bp, &remain);
	if (kret)
	    return (kret);
    }
	
    /* Now allowable clockskew */
    kret = krb5_ser_pack_int32((krb5_int32) context->clockskew,
			       &bp, &remain);
    if (kret)
	return (kret);
	
    /* Now kdc_req_sumtype */
    kret = krb5_ser_pack_int32((krb5_int32) context->kdc_req_sumtype,
			       &bp, &remain);
    if (kret)
	return (kret);
	
    /* Now default ap_req_sumtype */
    kret = krb5_ser_pack_int32((krb5_int32) context->default_ap_req_sumtype,
			       &bp, &remain);
    if (kret)
	return (kret);

    /* Now default safe_sumtype */
    kret = krb5_ser_pack_int32((krb5_int32) context->default_safe_sumtype,
			       &bp, &remain);
    if (kret)
	return (kret);

    /* Now kdc_default_options */
    kret = krb5_ser_pack_int32((krb5_int32) context->kdc_default_options,
			       &bp, &remain);
    if (kret)
	return (kret);

    /* Now library_options */
    kret = krb5_ser_pack_int32((krb5_int32) context->library_options,
			       &bp, &remain);
    if (kret)
	return (kret);
	
    /* Now profile_secure */
    kret = krb5_ser_pack_int32((krb5_int32) context->profile_secure,
			       &bp, &remain);
    if (kret)
	return (kret);

    /* Now fcc_default_format */
    kret = krb5_ser_pack_int32((krb5_int32) context->fcc_default_format,
			       &bp, &remain);
    if (kret)
	return (kret);

    /* Now scc_default_format */
    kret = krb5_ser_pack_int32((krb5_int32) context->scc_default_format,
			       &bp, &remain);
    if (kret)
	return (kret);

    /* Now handle os_context, if appropriate */
    if (context->os_context) {
	kret = krb5_externalize_opaque(kcontext, KV5M_OS_CONTEXT,
				       (krb5_pointer) context->os_context,
				       &bp, &remain);
	if (kret)
	    return (kret);
    }
	
    /* Now handle database context, if appropriate */
    if (context->db_context) {
	kret = krb5_externalize_opaque(kcontext, KV5M_DB_CONTEXT,
				       (krb5_pointer) context->db_context,
				       &bp, &remain);
	if (kret)
	    return (kret);
    }

    /* Finally, handle profile, if appropriate */
    if (context->profile) {
	kret = krb5_externalize_opaque(kcontext, PROF_MAGIC_PROFILE,
				       (krb5_pointer) context->profile,
				       &bp, &remain);
	if (kret)
	    return (kret);
    }
	
    /*
     * If we were successful, write trailer then update the pointer and
     * remaining length;
     */
    kret = krb5_ser_pack_int32(KV5M_CONTEXT, &bp, &remain);
    if (kret)
	return (kret);
    
    *buffer = bp;
    *lenremain = remain;

    return (0);
}
コード例 #16
0
ファイル: ser_actx.c プロジェクト: BeaverWorld/krb5
/*
 * krb5_auth_context_externalize()      - Externalize the krb5_auth_context.
 */
static krb5_error_code
krb5_auth_context_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain)
{
    krb5_error_code     kret;
    krb5_auth_context   auth_context;
    size_t              required;
    krb5_octet          *bp;
    size_t              remain;

    required = 0;
    bp = *buffer;
    remain = *lenremain;
    kret = EINVAL;
    if ((auth_context = (krb5_auth_context) arg)) {
        kret = ENOMEM;
        if (!krb5_auth_context_size(kcontext, arg, &required) &&
            (required <= remain)) {

            /* Write fixed portion */
            (void) krb5_ser_pack_int32(KV5M_AUTH_CONTEXT, &bp, &remain);
            (void) krb5_ser_pack_int32(auth_context->auth_context_flags,
                                       &bp, &remain);
            (void) krb5_ser_pack_int32(auth_context->remote_seq_number,
                                       &bp, &remain);
            (void) krb5_ser_pack_int32(auth_context->local_seq_number,
                                       &bp, &remain);
            (void) krb5_ser_pack_int32((krb5_int32) auth_context->req_cksumtype,
                                       &bp, &remain);
            (void) krb5_ser_pack_int32((krb5_int32) auth_context->safe_cksumtype,
                                       &bp, &remain);

            /* Write the cipher state */
            (void) krb5_ser_pack_int32(auth_context->cstate.length, &bp,
                                       &remain);
            (void) krb5_ser_pack_bytes((krb5_octet *)auth_context->cstate.data,
                                       auth_context->cstate.length,
                                       &bp, &remain);

            kret = 0;

            /* Now handle remote_addr, if appropriate */
            if (!kret && auth_context->remote_addr) {
                (void) krb5_ser_pack_int32(TOKEN_RADDR, &bp, &remain);
                kret = krb5_externalize_opaque(kcontext,
                                               KV5M_ADDRESS,
                                               (krb5_pointer)
                                               auth_context->remote_addr,
                                               &bp,
                                               &remain);
            }

            /* Now handle remote_port, if appropriate */
            if (!kret && auth_context->remote_port) {
                (void) krb5_ser_pack_int32(TOKEN_RPORT, &bp, &remain);
                kret = krb5_externalize_opaque(kcontext,
                                               KV5M_ADDRESS,
                                               (krb5_pointer)
                                               auth_context->remote_addr,
                                               &bp,
                                               &remain);
            }

            /* Now handle local_addr, if appropriate */
            if (!kret && auth_context->local_addr) {
                (void) krb5_ser_pack_int32(TOKEN_LADDR, &bp, &remain);
                kret = krb5_externalize_opaque(kcontext,
                                               KV5M_ADDRESS,
                                               (krb5_pointer)
                                               auth_context->local_addr,
                                               &bp,
                                               &remain);
            }

            /* Now handle local_port, if appropriate */
            if (!kret && auth_context->local_port) {
                (void) krb5_ser_pack_int32(TOKEN_LPORT, &bp, &remain);
                kret = krb5_externalize_opaque(kcontext,
                                               KV5M_ADDRESS,
                                               (krb5_pointer)
                                               auth_context->local_addr,
                                               &bp,
                                               &remain);
            }

            /* Now handle keyblock, if appropriate */
            if (!kret && auth_context->key) {
                (void) krb5_ser_pack_int32(TOKEN_KEYBLOCK, &bp, &remain);
                kret = krb5_externalize_opaque(kcontext,
                                               KV5M_KEYBLOCK,
                                               (krb5_pointer)
                                               &auth_context->key->keyblock,
                                               &bp,
                                               &remain);
            }

            /* Now handle subkey, if appropriate */
            if (!kret && auth_context->send_subkey) {
                (void) krb5_ser_pack_int32(TOKEN_LSKBLOCK, &bp, &remain);
                kret = krb5_externalize_opaque(kcontext,
                                               KV5M_KEYBLOCK,
                                               (krb5_pointer) &auth_context->
                                               send_subkey->keyblock,
                                               &bp,
                                               &remain);
            }

            /* Now handle subkey, if appropriate */
            if (!kret && auth_context->recv_subkey) {
                (void) krb5_ser_pack_int32(TOKEN_RSKBLOCK, &bp, &remain);
                kret = krb5_externalize_opaque(kcontext,
                                               KV5M_KEYBLOCK,
                                               (krb5_pointer) &auth_context->
                                               recv_subkey->keyblock,
                                               &bp,
                                               &remain);
            }

            /* Now handle authentp, if appropriate */
            if (!kret && auth_context->authentp)
                kret = krb5_externalize_opaque(kcontext,
                                               KV5M_AUTHENTICATOR,
                                               (krb5_pointer)
                                               auth_context->authentp,
                                               &bp,
                                               &remain);

            /*
             * If we were successful, write trailer then update the pointer and
             * remaining length;
             */
            if (!kret) {
                /* Write our trailer */
                (void) krb5_ser_pack_int32(KV5M_AUTH_CONTEXT, &bp, &remain);
                *buffer = bp;
                *lenremain = remain;
            }
        }
    }
    return(kret);
}