static krb5_error_code
krb5_kt_ret_principal(krb5_context context,
krb5_storage *sp,
krb5_principal *princ)
{
int i;
int ret;
krb5_principal p;
int16_t len;
ALLOC(p, 1);
if(p == NULL) {
krb5_set_error_string (context, "malloc: out of memory");
return ENOMEM;
}
ret = krb5_ret_int16(sp, &len);
if(ret) {
krb5_set_error_string(context,
"Failed decoding length of keytab principal");
goto out;
}
if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS))
len--;
if (len < 0) {
krb5_set_error_string(context,
"Keytab principal contains invalid length");
ret = KRB5_KT_END;
goto out;
}
ret = krb5_kt_ret_string(context, sp, &p->realm);
if(ret)
goto out;
p->name.name_string.val = calloc(len, sizeof(*p->name.name_string.val));
if(p->name.name_string.val == NULL) {
krb5_set_error_string (context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
p->name.name_string.len = len;
for(i = 0; i < p->name.name_string.len; i++){
ret = krb5_kt_ret_string(context, sp, p->name.name_string.val + i);
if(ret)
goto out;
}
if (krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE))
p->name.name_type = KRB5_NT_UNKNOWN;
else {
int32_t tmp32;
ret = krb5_ret_int32(sp, &tmp32);
p->name.name_type = tmp32;
if (ret)
goto out;
}
*princ = p;
return 0;
out:
krb5_free_principal(context, p);
return ret;
}
static krb5_error_code
krb5_kt_store_principal(krb5_context context,
krb5_storage *sp,
krb5_principal p)
{
size_t i;
int ret;
if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS))
ret = krb5_store_int16(sp, p->name.name_string.len + 1);
else
ret = krb5_store_int16(sp, p->name.name_string.len);
if(ret) return ret;
ret = krb5_kt_store_string(sp, p->realm);
if(ret) return ret;
for(i = 0; i < p->name.name_string.len; i++){
ret = krb5_kt_store_string(sp, p->name.name_string.val[i]);
if(ret)
return ret;
}
if(!krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE)) {
ret = krb5_store_int32(sp, p->name.name_type);
if(ret)
return ret;
}
return 0;
}
krb5_error_code KRB5_LIB_FUNCTION
krb5_ret_principal(krb5_storage *sp,
krb5_principal *princ)
{
int i;
int ret;
krb5_principal p;
int32_t type;
int32_t ncomp;
p = calloc(1, sizeof(*p));
if(p == NULL)
return ENOMEM;
if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE))
type = KRB5_NT_UNKNOWN;
else if((ret = krb5_ret_int32(sp, &type))){
free(p);
return ret;
}
if((ret = krb5_ret_int32(sp, &ncomp))){
free(p);
return ret;
}
if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS))
ncomp--;
if (ncomp < 0) {
free(p);
return EINVAL;
}
p->name.name_type = type;
p->name.name_string.len = ncomp;
ret = krb5_ret_string(sp, &p->realm);
if(ret) {
free(p);
return ret;
}
p->name.name_string.val = calloc(ncomp, sizeof(*p->name.name_string.val));
if(p->name.name_string.val == NULL && ncomp != 0){
free(p->realm);
free(p);
return ENOMEM;
}
for(i = 0; i < ncomp; i++){
ret = krb5_ret_string(sp, &p->name.name_string.val[i]);
if(ret) {
while (i >= 0)
free(p->name.name_string.val[i--]);
free(p->realm);
free(p);
return ret;
}
}
*princ = p;
return 0;
}
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_store_keyblock(krb5_storage *sp, krb5_keyblock p)
{
int ret;
ret = krb5_store_int16(sp, p.keytype);
if(ret) return ret;
if(krb5_storage_is_flags(sp, KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE)){
/* this should really be enctype, but it is the same as
keytype nowadays */
ret = krb5_store_int16(sp, p.keytype);
if(ret) return ret;
}
ret = krb5_store_data(sp, p.keyvalue);
return ret;
}
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_ret_keyblock(krb5_storage *sp, krb5_keyblock *p)
{
int ret;
int16_t tmp;
ret = krb5_ret_int16(sp, &tmp);
if(ret) return ret;
p->keytype = tmp;
if(krb5_storage_is_flags(sp, KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE)){
ret = krb5_ret_int16(sp, &tmp);
if(ret) return ret;
}
ret = krb5_ret_data(sp, &p->keyvalue);
return ret;
}
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_store_creds(krb5_storage *sp, krb5_creds *creds)
{
int ret;
ret = krb5_store_principal(sp, creds->client);
if(ret)
return ret;
ret = krb5_store_principal(sp, creds->server);
if(ret)
return ret;
ret = krb5_store_keyblock(sp, creds->session);
if(ret)
return ret;
ret = krb5_store_times(sp, creds->times);
if(ret)
return ret;
ret = krb5_store_int8(sp, creds->second_ticket.length != 0); /* is_skey */
if(ret)
return ret;
if(krb5_storage_is_flags(sp, KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER))
ret = krb5_store_int32(sp, creds->flags.i);
else
ret = krb5_store_int32(sp, bitswap32(TicketFlags2int(creds->flags.b)));
if(ret)
return ret;
ret = krb5_store_addrs(sp, creds->addresses);
if(ret)
return ret;
ret = krb5_store_authdata(sp, creds->authdata);
if(ret)
return ret;
ret = krb5_store_data(sp, creds->ticket);
if(ret)
return ret;
ret = krb5_store_data(sp, creds->second_ticket);
return ret;
}
static krb5_error_code
krb5_kt_ret_principal(krb5_context context,
struct fkt_data *fkt,
krb5_storage *sp,
krb5_principal *princ)
{
size_t i;
int ret;
krb5_principal p;
int16_t len;
ALLOC(p, 1);
if(p == NULL)
return krb5_enomem(context);
ret = krb5_ret_int16(sp, &len);
if(ret) {
krb5_set_error_message(context, ret,
N_("Failed decoding length of "
"keytab principal in keytab file %s", ""),
fkt->filename);
goto out;
}
if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS))
len--;
if (len < 0) {
ret = KRB5_KT_END;
krb5_set_error_message(context, ret,
N_("Keytab principal contains "
"invalid length in keytab %s", ""),
fkt->filename);
goto out;
}
ret = krb5_kt_ret_string(context, sp, &p->realm);
if(ret) {
krb5_set_error_message(context, ret,
N_("Can't read realm from keytab: %s", ""),
fkt->filename);
goto out;
}
p->name.name_string.val = calloc(len, sizeof(*p->name.name_string.val));
if(p->name.name_string.val == NULL) {
ret = krb5_enomem(context);
goto out;
}
p->name.name_string.len = len;
for(i = 0; i < p->name.name_string.len; i++){
ret = krb5_kt_ret_string(context, sp, p->name.name_string.val + i);
if(ret) {
krb5_set_error_message(context, ret,
N_("Can't read principal from "
"keytab: %s", ""),
fkt->filename);
goto out;
}
}
if (krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE))
p->name.name_type = KRB5_NT_UNKNOWN;
else {
int32_t tmp32;
ret = krb5_ret_int32(sp, &tmp32);
p->name.name_type = tmp32;
if (ret) {
krb5_set_error_message(context, ret,
N_("Can't read name-type from "
"keytab: %s", ""),
fkt->filename);
goto out;
}
}
*princ = p;
return 0;
out:
krb5_free_principal(context, p);
return ret;
}
