static void test_kdc_remove_lookaside_multiple(void **state) { struct entry *e1; krb5_context context = *state; krb5_data req1 = string2data("I'm a test request"); krb5_data rep1 = string2data("I'm a test response"); krb5_data req2 = string2data("I'm a different test request"); e1 = insert_entry(context, &req1, &rep1, 0); insert_entry(context, &req2, NULL, 0); kdc_remove_lookaside(context, &req2); assert_null(k5_hashtab_get(hash_table, req2.data, req2.length)); assert_ptr_equal(k5_hashtab_get(hash_table, req1.data, req1.length), e1); assert_int_equal(num_entries, 1); assert_int_equal(total_size, entry_size(&req1, &rep1)); kdc_remove_lookaside(context, &req1); assert_null(k5_hashtab_get(hash_table, req1.data, req1.length)); assert_int_equal(num_entries, 0); assert_int_equal(total_size, 0); }
static void test_kdc_check_lookaside_hit_multiple(void **state) { struct entry *e1, *e2; krb5_boolean result; krb5_data *result_data; krb5_context context = *state; krb5_data req1 = string2data("I'm a test request"); krb5_data rep1 = string2data("I'm a test response"); krb5_data req2 = string2data("I'm a different test request"); e1 = insert_entry(context, &req1, &rep1, 0); e2 = insert_entry(context, &req2, NULL, 0); result = kdc_check_lookaside(context, &req1, &result_data); assert_true(result); assert_true(data_eq(rep1, *result_data)); assert_int_equal(hits, 1); assert_int_equal(e1->num_hits, 1); assert_int_equal(e2->num_hits, 0); krb5_free_data(context, result_data); /* Set result_data so we can verify that it is reset to NULL. */ result_data = &req1; result = kdc_check_lookaside(context, &req2, &result_data); assert_true(result); assert_null(result_data); assert_int_equal(hits, 2); assert_int_equal(e1->num_hits, 1); assert_int_equal(e2->num_hits, 1); }
static void test_insert_entry_multiple(void **state) { struct entry *e1, *e2; krb5_context context = *state; krb5_data req1 = string2data("I'm a test request"); krb5_data rep1 = string2data("I'm a test response"); krb5_data req2 = string2data("I'm a different test request"); e1 = insert_entry(context, &req1, &rep1, 20); assert_ptr_equal(k5_hashtab_get(hash_table, req1.data, req1.length), e1); assert_ptr_equal(K5_TAILQ_FIRST(&expiration_queue), e1); assert_true(data_eq(e1->req_packet, req1)); assert_true(data_eq(e1->reply_packet, rep1)); assert_int_equal(e1->timein, 20); e2 = insert_entry(context, &req2, NULL, 30); assert_ptr_equal(k5_hashtab_get(hash_table, req2.data, req2.length), e2); assert_ptr_equal(K5_TAILQ_LAST(&expiration_queue,entry_queue), e2); assert_true(data_eq(e2->req_packet, req2)); assert_int_equal(e2->reply_packet.length, 0); assert_int_equal(e2->timein, 30); }
static void test_entry_size_w_response(void **state) { size_t result; const krb5_data req = string2data("I'm a test request"); const krb5_data rep = string2data("I'm a test response"); result = entry_size(&req, &rep); assert_int_equal(result, sizeof(struct entry) + 18 + 19); }
static void test_kdc_remove_lookaside(void **state) { krb5_context context = *state; krb5_data req = string2data("I'm a test request"); krb5_data rep = string2data("I'm a test response"); insert_entry(context, &req, &rep, 0); kdc_remove_lookaside(context, &req); assert_null(k5_hashtab_get(hash_table, req.data, req.length)); assert_int_equal(num_entries, 0); assert_int_equal(total_size, 0); }
static void test_discard_entry(void **state) { struct entry *e; krb5_context context = *state; krb5_data req = string2data("I'm a test request"); krb5_data rep = string2data("I'm a test response"); e = insert_entry(context, &req, &rep, 0); discard_entry(context, e); assert_null(k5_hashtab_get(hash_table, req.data, req.length)); assert_int_equal(num_entries, 0); assert_int_equal(total_size, 0); }
static void test_insert_entry(void **state) { struct entry *e; krb5_context context = *state; krb5_data req = string2data("I'm a test request"); krb5_data rep = string2data("I'm a test response"); e = insert_entry(context, &req, &rep, 15); assert_ptr_equal(k5_hashtab_get(hash_table, req.data, req.length), e); assert_ptr_equal(K5_TAILQ_FIRST(&expiration_queue), e); assert_true(data_eq(e->req_packet, req)); assert_true(data_eq(e->reply_packet, rep)); assert_int_equal(e->timein, 15); }
/* * Set up cred to be an S4U2Proxy credential by copying in the impersonator's * creds, setting a cache config variable with the impersonator principal name, * and saving the impersonator principal name in the cred structure. */ static krb5_error_code make_proxy_cred(krb5_context context, krb5_gss_cred_id_t cred, krb5_gss_cred_id_t impersonator_cred) { krb5_error_code code; krb5_data data; char *str; code = krb5_cc_copy_creds(context, impersonator_cred->ccache, cred->ccache); if (code) return code; code = krb5_unparse_name(context, impersonator_cred->name->princ, &str); if (code) return code; data = string2data(str); code = krb5_cc_set_config(context, cred->ccache, NULL, KRB5_CONF_PROXY_IMPERSONATOR, &data); krb5_free_unparsed_name(context, str); if (code) return code; return krb5_copy_principal(context, impersonator_cred->name->princ, &cred->impersonator); }
static krb5_error_code prepare_error_as (struct kdc_request_state *rstate, krb5_kdc_req *request, int error, krb5_pa_data **e_data, krb5_boolean typed_e_data, krb5_principal canon_client, krb5_data **response, const char *status) { krb5_error errpkt; krb5_error_code retval; krb5_data *scratch = NULL, *e_data_asn1 = NULL, *fast_edata = NULL; kdc_realm_t *kdc_active_realm = rstate->realm_data; errpkt.ctime = request->nonce; errpkt.cusec = 0; retval = krb5_us_timeofday(kdc_context, &errpkt.stime, &errpkt.susec); if (retval) return retval; errpkt.error = error; errpkt.server = request->server; errpkt.client = (error == KRB5KDC_ERR_WRONG_REALM) ? canon_client : request->client; errpkt.text = string2data((char *)status); if (e_data != NULL) { if (typed_e_data) retval = encode_krb5_typed_data(e_data, &e_data_asn1); else retval = encode_krb5_padata_sequence(e_data, &e_data_asn1); if (retval) goto cleanup; errpkt.e_data = *e_data_asn1; } else errpkt.e_data = empty_data(); retval = kdc_fast_handle_error(kdc_context, rstate, request, e_data, &errpkt, &fast_edata); if (retval) goto cleanup; if (fast_edata != NULL) errpkt.e_data = *fast_edata; scratch = k5alloc(sizeof(*scratch), &retval); if (scratch == NULL) goto cleanup; if (kdc_fast_hide_client(rstate) && errpkt.client != NULL) errpkt.client = (krb5_principal)krb5_anonymous_principal(); retval = krb5_mk_error(kdc_context, &errpkt, scratch); if (retval) goto cleanup; *response = scratch; scratch = NULL; cleanup: krb5_free_data(kdc_context, fast_edata); krb5_free_data(kdc_context, e_data_asn1); free(scratch); return retval; }
krb5_error_code KRB5_CALLCONV krb5_parse_name_flags(krb5_context context, const char *name, int flags, krb5_principal *principal_out) { krb5_error_code ret; krb5_principal princ = NULL; char *default_realm; krb5_boolean has_realm; krb5_boolean enterprise = (flags & KRB5_PRINCIPAL_PARSE_ENTERPRISE); krb5_boolean require_realm = (flags & KRB5_PRINCIPAL_PARSE_REQUIRE_REALM); krb5_boolean no_realm = (flags & KRB5_PRINCIPAL_PARSE_NO_REALM); krb5_boolean ignore_realm = (flags & KRB5_PRINCIPAL_PARSE_IGNORE_REALM); *principal_out = NULL; ret = allocate_princ(context, name, enterprise, &princ, &has_realm); if (ret) goto cleanup; parse_name_into_princ(name, enterprise, princ); /* * If a realm was not found, then use the default realm, unless * KRB5_PRINCIPAL_PARSE_NO_REALM was specified in which case the * realm will be empty. */ if (!has_realm) { if (require_realm) { ret = KRB5_PARSE_MALFORMED; krb5_set_error_message(context, ret, _("Principal %s is missing required realm"), name); goto cleanup; } if (!no_realm && !ignore_realm) { ret = krb5_get_default_realm(context, &default_realm); if (ret) goto cleanup; princ->realm = string2data(default_realm); } } else if (no_realm) { ret = KRB5_PARSE_MALFORMED; krb5_set_error_message(context, ret, _("Principal %s has realm present"), name); goto cleanup; } else if (ignore_realm) { krb5_free_data_contents(context, &princ->realm); princ->realm = empty_data(); } princ->type = (enterprise) ? KRB5_NT_ENTERPRISE_PRINCIPAL : KRB5_NT_PRINCIPAL; princ->magic = KV5M_PRINCIPAL; *principal_out = princ; princ = NULL; cleanup: krb5_free_principal(context, princ); return ret; }
static void test_kdc_insert_lookaside_cache_expire(void **state) { struct entry *e; krb5_context context = *state; krb5_data req1 = string2data("I'm a test request"); krb5_data rep1 = string2data("I'm a test response"); size_t e1_size = entry_size(&req1, &rep1); krb5_data req2 = string2data("I'm a different test request"); size_t e2_size = entry_size(&req2, NULL); struct entry *hash1_ent, *hash2_ent, *exp_ent; time_return(0, 0); kdc_insert_lookaside(context, &req1, &rep1); hash1_ent = k5_hashtab_get(hash_table, req1.data, req1.length); assert_non_null(hash1_ent); assert_true(data_eq(hash1_ent->req_packet, req1)); assert_true(data_eq(hash1_ent->reply_packet, rep1)); exp_ent = K5_TAILQ_FIRST(&expiration_queue); assert_true(data_eq(exp_ent->req_packet, req1)); assert_true(data_eq(exp_ent->reply_packet, rep1)); assert_int_equal(num_entries, 1); assert_int_equal(total_size, e1_size); /* Increase hits on entry */ e = k5_hashtab_get(hash_table, req1.data, req1.length); assert_non_null(e); e->num_hits = 5; time_return(STALE_TIME + 1, 0); kdc_insert_lookaside(context, &req2, NULL); assert_null(k5_hashtab_get(hash_table, req1.data, req1.length)); assert_int_equal(max_hits_per_entry, 5); hash2_ent = k5_hashtab_get(hash_table, req2.data, req2.length); assert_non_null(hash2_ent); assert_true(data_eq(hash2_ent->req_packet, req2)); assert_int_equal(hash2_ent-> reply_packet.length, 0); exp_ent = K5_TAILQ_FIRST(&expiration_queue); assert_true(data_eq(exp_ent->req_packet, req2)); assert_int_equal(exp_ent->reply_packet.length, 0); assert_int_equal(num_entries, 1); assert_int_equal(total_size, e2_size); }
krb5_error_code krb5int_aes2_string_to_key(const struct krb5_keytypes *ktp, const krb5_data *string, const krb5_data *salt, const krb5_data *params, krb5_keyblock *key) { krb5_data pepper = string2data(ktp->name); return pbkdf2_string_to_key(ktp, string, salt, &pepper, params, key, DERIVE_SP800_108_HMAC, 32768); }
static void test_kdc_remove_lookaside_empty_cache(void **state) { krb5_context context = *state; krb5_data req = string2data("I'm a test request"); assert_int_equal(num_entries, 0); kdc_remove_lookaside(context, &req); assert_int_equal(num_entries, 0); assert_int_equal(total_size, 0); }
static void test_kdc_check_lookaside_hit(void **state) { struct entry *e; krb5_boolean result; krb5_data *result_data; krb5_context context = *state; krb5_data req = string2data("I'm a test request"); krb5_data rep = string2data("I'm a test response"); e = insert_entry(context, &req, &rep, 0); result = kdc_check_lookaside(context, &req, &result_data); assert_true(result); assert_true(data_eq(rep, *result_data)); assert_int_equal(hits, 1); assert_int_equal(e->num_hits, 1); krb5_free_data(context, result_data); }
static void test_kdc_insert_lookaside_single(void **state) { krb5_context context = *state; krb5_data req = string2data("I'm a test request"); krb5_data rep = string2data("I'm a test response"); struct entry *hash_ent, *exp_ent; time_return(0, 0); kdc_insert_lookaside(context, &req, &rep); hash_ent = k5_hashtab_get(hash_table, req.data, req.length); assert_non_null(hash_ent); assert_true(data_eq(hash_ent->req_packet, req)); assert_true(data_eq(hash_ent->reply_packet, rep)); exp_ent = K5_TAILQ_FIRST(&expiration_queue); assert_true(data_eq(exp_ent->req_packet, req)); assert_true(data_eq(exp_ent->reply_packet, rep)); assert_int_equal(num_entries, 1); assert_int_equal(total_size, entry_size(&req, &rep)); }
/* Converts a property of a json object into a krb5_data struct. */ static krb5_error_code codec_value_to_data(k5_json_object obj, const char *key, krb5_data *data) { krb5_error_code retval; char *tmp; retval = codec_value_to_string(obj, key, &tmp); if (retval != 0) return retval; *data = string2data(tmp); return 0; }
int main(int argc, char **argv) { krb5_context context; krb5_principal server; krb5_ccache ccache; krb5_data data; krb5_error_code ret; char *perr; int c; unsigned int i; bail_on_err(NULL, "Error initializing Kerberos library", krb5_init_context(&context)); bail_on_err(context, "Error getting location of default ccache", krb5_cc_default(context, &ccache)); server = NULL; while ((c = getopt(argc, argv, "p:")) != -1) { switch (c) { case 'p': if (asprintf(&perr, "Error parsing principal name \"%s\"", optarg) < 0) perr = "Error parsing principal name"; bail_on_err(context, perr, krb5_parse_name(context, optarg, &server)); break; } } if (argc - optind < 1 || argc - optind > 2) { fprintf(stderr, "Usage: %s [-p principal] key [value]\n", argv[0]); return 1; } memset(&data, 0, sizeof(data)); if (argc - optind == 2) { unset_config(context, ccache, server, argv[optind]); data = string2data(argv[optind + 1]); bail_on_err(context, "Error adding configuration data to ccache", krb5_cc_set_config(context, ccache, server, argv[optind], &data)); } else { ret = krb5_cc_get_config(context, ccache, server, argv[optind], &data); if (ret == 0) { for (i = 0; i < data.length; i++) putc((unsigned int)data.data[i], stdout); } } krb5_free_principal(context, server); krb5_cc_close(context, ccache); krb5_free_context(context); return 0; }
static void test_kdc_check_lookaside_no_hit(void **state) { krb5_boolean result; krb5_data *result_data; krb5_context context = *state; krb5_data req = string2data("I'm a test request"); result = kdc_check_lookaside(context, &req, &result_data); assert_false(result); assert_null(result_data); assert_int_equal(hits, 0); }
static void test_kdc_insert_lookaside_multiple(void **state) { krb5_context context = *state; krb5_data req1 = string2data("I'm a test request"); krb5_data rep1 = string2data("I'm a test response"); size_t e1_size = entry_size(&req1, &rep1); krb5_data req2 = string2data("I'm a different test request"); size_t e2_size = entry_size(&req2, NULL); struct entry *hash1_ent, *hash2_ent, *exp_first, *exp_last; time_return(0, 0); kdc_insert_lookaside(context, &req1, &rep1); hash1_ent = k5_hashtab_get(hash_table, req1.data, req1.length); assert_non_null(hash1_ent); assert_true(data_eq(hash1_ent->req_packet, req1)); assert_true(data_eq(hash1_ent->reply_packet, rep1)); exp_first = K5_TAILQ_FIRST(&expiration_queue); assert_true(data_eq(exp_first->req_packet, req1)); assert_true(data_eq(exp_first->reply_packet, rep1)); assert_int_equal(num_entries, 1); assert_int_equal(total_size, e1_size); time_return(0, 0); kdc_insert_lookaside(context, &req2, NULL); hash2_ent = k5_hashtab_get(hash_table, req2.data, req2.length); assert_non_null(hash2_ent); assert_true(data_eq(hash2_ent->req_packet, req2)); assert_int_equal(hash2_ent->reply_packet.length, 0); exp_last = K5_TAILQ_LAST(&expiration_queue, entry_queue); assert_true(data_eq(exp_last->req_packet, req2)); assert_int_equal(exp_last->reply_packet.length, 0); assert_int_equal(num_entries, 2); assert_int_equal(total_size, e1_size + e2_size); }
int main() { unsigned char outbuf[MAX_ATTRSETSIZE]; const char *decoded = "accept"; const char *secret = "foo"; krb5_error_code retval; krb5_context ctx; const char *tmp; krb5_data in; size_t len; noerror(krb5_init_context(&ctx)); /* Make sure User-Name is 1. */ insist(krad_attr_name2num("User-Name") == 1); /* Make sure 2 is User-Password. */ tmp = krad_attr_num2name(2); insist(tmp != NULL); insist(strcmp(tmp, "User-Password") == 0); /* Test decoding. */ in = make_data((void *)encoded, sizeof(encoded)); noerror(kr_attr_decode(ctx, secret, auth, krad_attr_name2num("User-Password"), &in, outbuf, &len)); insist(len == strlen(decoded)); insist(memcmp(outbuf, decoded, len) == 0); /* Test encoding. */ in = string2data((char *)decoded); retval = kr_attr_encode(ctx, secret, auth, krad_attr_name2num("User-Password"), &in, outbuf, &len); insist(retval == 0); insist(len == sizeof(encoded)); insist(memcmp(outbuf, encoded, len) == 0); /* Test constraint. */ in.length = 100; insist(kr_attr_valid(krad_attr_name2num("User-Password"), &in) == 0); in.length = 200; insist(kr_attr_valid(krad_attr_name2num("User-Password"), &in) != 0); krb5_free_context(ctx); return 0; }
static void test_kdc_check_lookaside_empty(void **state) { krb5_boolean result; krb5_data *result_data; krb5_context context = *state; krb5_data req = string2data("I'm a test request"); /* Set result_data so we can verify that it is reset to NULL. */ result_data = &req; result = kdc_check_lookaside(context, &req, &result_data); assert_false(result); assert_null(result_data); assert_int_equal(hits, 0); }
/* * Construct the secure cookie encryption key for the given local-realm TGT * entry, kvno, and client principal. The cookie key is derived from the first * TGT key for the given kvno, using the concatenation of "COOKIE" and the * unparsed client principal name as input. If kvno is 0, the highest current * kvno of the TGT is used. If kvno_out is not null, *kvno_out is set to the * kvno used. */ static krb5_error_code get_cookie_key(krb5_context context, krb5_db_entry *tgt, krb5_kvno kvno, krb5_const_principal client_princ, krb5_keyblock **key_out, krb5_kvno *kvno_out) { krb5_error_code ret; krb5_key_data *kd; krb5_keyblock kb; krb5_data d; krb5_int32 start = 0; char *princstr = NULL, *derive_input = NULL; *key_out = NULL; memset(&kb, 0, sizeof(kb)); /* Find the first krbtgt key with the specified kvno. */ ret = krb5_dbe_search_enctype(context, tgt, &start, -1, -1, kvno, &kd); if (ret) goto cleanup; /* Decrypt the key. */ ret = krb5_dbe_decrypt_key_data(context, NULL, kd, &kb, NULL); if (ret) goto cleanup; /* Construct the input string and derive the cookie key. */ ret = krb5_unparse_name(context, client_princ, &princstr); if (ret) goto cleanup; if (asprintf(&derive_input, "COOKIE%s", princstr) < 0) { ret = ENOMEM; goto cleanup; } d = string2data(derive_input); ret = krb5_c_derive_prfplus(context, &kb, &d, ENCTYPE_NULL, key_out); if (kvno_out != NULL) *kvno_out = kd->key_data_kvno; cleanup: krb5_free_keyblock_contents(context, &kb); krb5_free_unparsed_name(context, princstr); free(derive_input); return ret; }
/* Possibly try a non-referral request after a referral request failure. * Expects ctx->reply_code to be set to the error from a referral request. */ static krb5_error_code try_fallback(krb5_context context, krb5_tkt_creds_context ctx) { krb5_error_code code; char **hrealms; /* Only fall back if our error was from the first referral request. */ if (ctx->referral_count > 1) return ctx->reply_code; /* If the request used a specified realm, make a non-referral request to * that realm (in case it's a KDC which rejects KDC_OPT_CANONICALIZE). */ if (!krb5_is_referral_realm(&ctx->req_server->realm)) return begin_non_referral(context, ctx); if (ctx->server->length < 2) { /* We need a type/host format principal to find a fallback realm. */ return KRB5_ERR_HOST_REALM_UNKNOWN; } /* We expect this to give exactly one answer (XXX clean up interface). */ code = krb5_get_fallback_host_realm(context, &ctx->server->data[1], &hrealms); if (code != 0) return code; /* If the fallback realm isn't any different, use the existing TGT. */ if (data_eq_string(ctx->server->realm, hrealms[0])) { krb5_free_host_realm(context, hrealms); return begin_non_referral(context, ctx); } /* Rewrite server->realm to be the fallback realm. */ krb5_free_data_contents(context, &ctx->server->realm); ctx->server->realm = string2data(hrealms[0]); free(hrealms); TRACE_TKT_CREDS_FALLBACK(context, &ctx->server->realm); /* Obtain a TGT for the new service realm. */ ctx->getting_tgt_for = STATE_NON_REFERRAL; return begin_get_tgt(context, ctx); }
static void test_kdc_check_lookaside_no_response(void **state) { struct entry *e; krb5_boolean result; krb5_data *result_data; krb5_context context = *state; krb5_data req = string2data("I'm a test request"); e = insert_entry(context, &req, NULL, 0); /* Set result_data so we can verify that it is reset to NULL. */ result_data = &req; result = kdc_check_lookaside(context, &req, &result_data); assert_true(result); assert_null(result_data); assert_int_equal(hits, 1); assert_int_equal(e->num_hits, 1); }
/* Create a fake error reply. */ static krb5_error_code test_send_error(krb5_context context, void *data, const krb5_data *realm, const krb5_data *message, krb5_data **new_message_out, krb5_data **reply_out) { krb5_error_code ret; krb5_error err; krb5_principal client, server; char *realm_str, *princ_str; int r; realm_str = k5memdup0(realm->data, realm->length, &ret); check(ret); r = asprintf(&princ_str, "invalid@%s", realm_str); assert(r > 0); check(krb5_parse_name(ctx, princ_str, &client)); free(princ_str); r = asprintf(&princ_str, "krbtgt@%s", realm_str); assert(r > 0); check(krb5_parse_name(ctx, princ_str, &server)); free(princ_str); free(realm_str); err.magic = KV5M_ERROR; err.ctime = 1971196337; err.cusec = 0; err.susec = 97008; err.stime = 1458219390; err.error = 6; err.client = client; err.server = server; err.text = string2data("CLIENT_NOT_FOUND"); err.e_data = empty_data(); check(encode_krb5_error(&err, reply_out)); krb5_free_principal(ctx, client); krb5_free_principal(ctx, server); return 0; }
int ril_request_get_sim_status(void *data, size_t size, RIL_Token token) { void *card_status_data; size_t card_status_size; #if RIL_VERSION >= 6 RIL_CardStatus_v6 *card_status; #else RIL_CardStatus *card_status; #endif struct ril_request *request; int rc; rc = ril_radio_state_check(RADIO_STATE_SIM_NOT_READY); if (rc < 0) return RIL_REQUEST_UNHANDLED; request = ril_request_find_request_status(RIL_REQUEST_GET_SIM_STATUS, RIL_REQUEST_HANDLED); if (request != NULL) return RIL_REQUEST_UNHANDLED; card_status_size = ril_request_data_size_get(RIL_REQUEST_GET_SIM_STATUS); card_status_data = ril_request_data_get(RIL_REQUEST_GET_SIM_STATUS); #if RIL_VERSION >= 6 if (card_status_data != NULL && card_status_size >= sizeof(RIL_CardStatus_v6)) { card_status = (RIL_CardStatus_v6 *) ril_request_data_get(RIL_REQUEST_GET_SIM_STATUS); #else if (card_status_data != NULL && card_status_size >= sizeof(RIL_CardStatus)) { card_status = (RIL_CardStatus *) ril_request_data_get(RIL_REQUEST_GET_SIM_STATUS); #endif ril_request_complete(token, RIL_E_SUCCESS, card_status_data, card_status_size); free(card_status_data); return RIL_REQUEST_COMPLETED; } else { rc = ipc_fmt_send(ipc_fmt_request_seq(token), IPC_SEC_PIN_STATUS, IPC_TYPE_GET, NULL, 0); if (rc < 0) { ril_request_complete(token, RIL_E_GENERIC_FAILURE, NULL, 0); return RIL_REQUEST_COMPLETED; } return RIL_REQUEST_HANDLED; } } int ipc_sec_phone_lock(struct ipc_message *message) { struct ipc_sec_phone_lock_response_data *data; int active; if (message == NULL || message->data == NULL || message->size < sizeof(struct ipc_sec_phone_lock_response_data)) return -1; if (message->type != IPC_TYPE_RESP || !ipc_seq_valid(message->aseq)) return 0; data = (struct ipc_sec_phone_lock_response_data *) message->data; active = !!data->active; ril_request_complete(ipc_fmt_request_token(message->aseq), RIL_E_SUCCESS, &active, sizeof(active)); return 0; } int ril_request_query_facility_lock(void *data, size_t size, RIL_Token token) { struct ipc_sec_phone_lock_request_get_data request_data; char **values = NULL; int rc; if (data == NULL || size < 4 * sizeof(char *)) goto error; rc = ril_radio_state_check(RADIO_STATE_SIM_READY); if (rc < 0) return RIL_REQUEST_UNHANDLED; values = (char **) data; request_data.facility_type = ril2ipc_sec_facility_type(values[0]); if (request_data.facility_type == 0) goto error; strings_array_free(values, size); values = NULL; rc = ipc_fmt_send(ipc_fmt_request_seq(token), IPC_SEC_PHONE_LOCK, IPC_TYPE_GET, (void *) &request_data, sizeof(request_data)); if (rc < 0) goto error; rc = RIL_REQUEST_HANDLED; goto complete; error: if (values != NULL) strings_array_free(values, size); ril_request_complete(token, RIL_E_GENERIC_FAILURE, NULL, 0); rc = RIL_REQUEST_COMPLETED; complete: return rc; } int ipc_sec_callback(struct ipc_message *message) { struct ipc_sec_lock_infomation_request_data request_data; struct ipc_gen_phone_res_data *data; struct ril_request *request = NULL; void *request_complete_data; size_t request_complete_size; unsigned char facility_type; char **values; int retry_count; int rc; if (message == NULL || message->data == NULL || message->size < sizeof(struct ipc_gen_phone_res_data)) return -1; data = (struct ipc_gen_phone_res_data *) message->data; request = ril_request_find_token(ipc_fmt_request_token(message->aseq)); if (request == NULL) goto error; if (request->request == RIL_REQUEST_ENTER_SIM_PIN || request->request == RIL_REQUEST_CHANGE_SIM_PIN) { // Grab the count of remaining tries before completing the request ril_request_data_set_uniq(request->request, (void *) data, sizeof(struct ipc_gen_phone_res_data)); rc = ipc_sec_lock_infomation_setup(&request_data, IPC_SEC_PIN_TYPE_PIN1); if (rc < 0) { ril_request_data_free(request->request); goto error; } rc = ipc_fmt_send(message->aseq, IPC_SEC_LOCK_INFOMATION, IPC_TYPE_GET, (void *) &request_data, sizeof(request_data)); if (rc < 0) { ril_request_data_free(request->request); goto error; } } else if (request->request == RIL_REQUEST_ENTER_SIM_PIN2 || request->request == RIL_REQUEST_CHANGE_SIM_PIN2) { // Grab the count of remaining tries before completing the request ril_request_data_set_uniq(request->request, (void *) data, sizeof(struct ipc_gen_phone_res_data)); rc = ipc_sec_lock_infomation_setup(&request_data, IPC_SEC_PIN_TYPE_PIN2); if (rc < 0) { ril_request_data_free(request->request); goto error; } rc = ipc_fmt_send(message->aseq, IPC_SEC_LOCK_INFOMATION, IPC_TYPE_GET, (void *) &request_data, sizeof(request_data)); if (rc < 0) { ril_request_data_free(request->request); goto error; } } else if (request->request == RIL_REQUEST_SET_FACILITY_LOCK) { values = (char **) request->data; request_complete_size = ril_request_data_size_get(RIL_REQUEST_SET_FACILITY_LOCK); request_complete_data = ril_request_data_get(RIL_REQUEST_SET_FACILITY_LOCK); rc = ipc_gen_phone_res_check(data); if (request_complete_data != NULL && request_complete_size > 0 && rc >= 0) { rc = ipc_gen_phone_res_expect_callback(message->aseq, IPC_SEC_PHONE_LOCK, ipc_sec_callback); if (rc < 0) { strings_array_free(values, request->size); goto error; } rc = ipc_fmt_send(message->aseq, IPC_SEC_PHONE_LOCK, IPC_TYPE_SET, request_complete_data, request_complete_size); if (rc < 0) { strings_array_free(values, request->size); goto error; } } else { // When FD facility PIN2 unlock failed, ask the count of remaining tries directly facility_type = ril2ipc_sec_facility_type(values[0]); strings_array_free(values, request->size); // Grab the count of remaining tries before completing the request ril_request_data_set_uniq(RIL_REQUEST_SET_FACILITY_LOCK, (void *) data, sizeof(struct ipc_gen_phone_res_data)); if (facility_type == IPC_SEC_FACILITY_TYPE_FD) { rc = ipc_sec_lock_infomation_setup(&request_data, IPC_SEC_PIN_TYPE_PIN2); if (rc < 0) { ril_request_data_free(request->request); goto error; } } else { rc = ipc_sec_lock_infomation_setup(&request_data, IPC_SEC_PIN_TYPE_PIN1); if (rc < 0) { ril_request_data_free(request->request); goto error; } } rc = ipc_fmt_send(message->aseq, IPC_SEC_LOCK_INFOMATION, IPC_TYPE_GET, (void *) &request_data, sizeof(request_data)); if (rc < 0) { ril_request_data_free(request->request); goto error; } } } else if (request->request == RIL_REQUEST_SIM_IO) { request_complete_size = ril_request_data_size_get(RIL_REQUEST_SIM_IO); request_complete_data = ril_request_data_get(RIL_REQUEST_SIM_IO); rc = ipc_gen_phone_res_check(data); if (rc < 0) { ril_request_complete(request->token, RIL_E_SIM_PIN2, NULL, 0); goto complete; } if (request_complete_data != NULL && request_complete_size > 0) { rc = ipc_fmt_send(message->aseq, IPC_SEC_RSIM_ACCESS, IPC_TYPE_GET, request_complete_data, request_complete_size); if (rc < 0) goto error; } else { goto error; } } else { retry_count = -1; rc = ipc_gen_phone_res_check(data); if (rc < 0) { if ((data->code & 0xff) == 0x10) { RIL_LOGE("%s: Wrong password", __func__); ril_request_complete(ipc_fmt_request_token(message->aseq), RIL_E_PASSWORD_INCORRECT, &retry_count, sizeof(retry_count)); } else if ((data->code & 0xff) == 0x0c) { RIL_LOGE("%s: Wrong password and no attempts left", __func__); retry_count = 0; ril_request_complete(ipc_fmt_request_token(message->aseq), RIL_E_PASSWORD_INCORRECT, &retry_count, sizeof(retry_count)); } else { ril_request_complete(ipc_fmt_request_token(message->aseq), RIL_E_GENERIC_FAILURE, &retry_count, sizeof(retry_count)); } } else { ril_request_complete(ipc_fmt_request_token(message->aseq), RIL_E_SUCCESS, &retry_count, sizeof(retry_count)); } } if (request->request == RIL_REQUEST_ENTER_SIM_PUK || request->request == RIL_REQUEST_ENTER_SIM_PUK2) ril_request_unsolicited(RIL_UNSOL_RESPONSE_SIM_STATUS_CHANGED, NULL, 0); goto complete; error: if (request != NULL) ril_request_complete(request->token, RIL_E_GENERIC_FAILURE, NULL, 0); complete: return 0; } int ril_request_set_facility_lock(void *data, size_t size, RIL_Token token) { struct ipc_sec_phone_lock_request_set_data request_data; struct ipc_sec_pin_status_request_data pin_request_data; struct ril_request *request; unsigned char facility_type; unsigned char active; char **values = NULL; int rc; if (data == NULL || size < 4 * sizeof(char *)) goto error; rc = ril_radio_state_check(RADIO_STATE_SIM_READY); if (rc < 0) return RIL_REQUEST_UNHANDLED; request = ril_request_find_request_status(RIL_REQUEST_SET_FACILITY_LOCK, RIL_REQUEST_HANDLED); if (request != NULL) return RIL_REQUEST_UNHANDLED; values = (char **) data; facility_type = ril2ipc_sec_facility_type(values[0]); if (facility_type == 0) goto error; active = values[1][0] == '1'; rc = ipc_sec_phone_lock_request_set_setup(&request_data, facility_type, active, values[2]); if (rc < 0) goto error; if (facility_type == IPC_SEC_FACILITY_TYPE_FD) { // FD facility requires PIN2 unlock first rc = ipc_sec_pin_status_setup(&pin_request_data, IPC_SEC_PIN_TYPE_PIN2, values[2], NULL); if (rc < 0) goto error; ril_request_data_set_uniq(RIL_REQUEST_SET_FACILITY_LOCK, &request_data, sizeof(request_data)); rc = ipc_gen_phone_res_expect_callback(ipc_fmt_request_seq(token), IPC_SEC_PIN_STATUS, ipc_sec_callback); if (rc < 0) { ril_request_data_free(RIL_REQUEST_SET_FACILITY_LOCK); goto error; } rc = ipc_fmt_send(ipc_fmt_request_seq(token), IPC_SEC_PIN_STATUS, IPC_TYPE_SET, (void *) &pin_request_data, sizeof(pin_request_data)); if (rc < 0) { ril_request_data_free(RIL_REQUEST_SET_FACILITY_LOCK); goto error; } rc = RIL_REQUEST_HANDLED; goto complete; } rc = ipc_gen_phone_res_expect_callback(ipc_fmt_request_seq(token), IPC_SEC_PHONE_LOCK, ipc_sec_callback); if (rc < 0) goto error; rc = ipc_fmt_send(ipc_fmt_request_seq(token), IPC_SEC_PHONE_LOCK, IPC_TYPE_SET, (void *) &request_data, sizeof(request_data)); if (rc < 0) goto error; rc = RIL_REQUEST_HANDLED; goto complete; error: if (values != NULL) strings_array_free(values, size); ril_request_complete(token, RIL_E_GENERIC_FAILURE, NULL, 0); rc = RIL_REQUEST_COMPLETED; complete: return rc; } int ril_request_enter_sim_pin(void *data, size_t size, RIL_Token token) { struct ipc_sec_pin_status_request_data request_data; struct ril_request *request; char **values = NULL; int rc; if (data == NULL || size < 2 * sizeof(char *) || ril_data == NULL) goto error; rc = ril_radio_state_check(RADIO_STATE_SIM_NOT_READY); if (rc < 0) return RIL_REQUEST_UNHANDLED; request = ril_request_find_request_status(RIL_REQUEST_ENTER_SIM_PIN, RIL_REQUEST_HANDLED); if (request != NULL) return RIL_REQUEST_UNHANDLED; values = (char **) data; if (values[0] == NULL) goto error; if (ril_data->sim_pin != NULL) free(ril_data->sim_pin); ril_data->sim_pin = strdup(values[0]); rc = ipc_sec_pin_status_setup(&request_data, IPC_SEC_PIN_TYPE_PIN1, values[0], NULL); if (rc < 0) goto error; strings_array_free(values, size); values = NULL; rc = ipc_gen_phone_res_expect_callback(ipc_fmt_request_seq(token), IPC_SEC_PIN_STATUS, ipc_sec_callback); if (rc < 0) goto error; rc = ipc_fmt_send(ipc_fmt_request_seq(token), IPC_SEC_PIN_STATUS, IPC_TYPE_SET, (void *) &request_data, sizeof(request_data)); if (rc < 0) goto error; rc = RIL_REQUEST_HANDLED; goto complete; error: if (values != NULL) strings_array_free(values, size); ril_request_complete(token, RIL_E_GENERIC_FAILURE, NULL, 0); rc = RIL_REQUEST_COMPLETED; complete: return rc; } int ril_request_enter_sim_puk(void *data, size_t size, RIL_Token token) { struct ipc_sec_pin_status_request_data request_data; struct ril_request *request; char **values = NULL; int rc; if (data == NULL || size < 2 * sizeof(char *)) goto error; rc = ril_radio_state_check(RADIO_STATE_SIM_NOT_READY); if (rc < 0) return RIL_REQUEST_UNHANDLED; request = ril_request_find_request_status(RIL_REQUEST_ENTER_SIM_PUK, RIL_REQUEST_HANDLED); if (request != NULL) return RIL_REQUEST_UNHANDLED; values = (char **) data; rc = ipc_sec_pin_status_setup(&request_data, IPC_SEC_PIN_TYPE_PIN1, values[1], values[0]); if (rc < 0) goto error; strings_array_free(values, size); values = NULL; rc = ipc_gen_phone_res_expect_callback(ipc_fmt_request_seq(token), IPC_SEC_PIN_STATUS, ipc_sec_callback); if (rc < 0) goto error; rc = ipc_fmt_send(ipc_fmt_request_seq(token), IPC_SEC_PIN_STATUS, IPC_TYPE_SET, (void *) &request_data, sizeof(request_data)); if (rc < 0) goto error; rc = RIL_REQUEST_HANDLED; goto complete; error: if (values != NULL) strings_array_free(values, size); ril_request_complete(token, RIL_E_GENERIC_FAILURE, NULL, 0); rc = RIL_REQUEST_COMPLETED; complete: return rc; } int ril_request_enter_sim_pin2(void *data, size_t size, RIL_Token token) { struct ipc_sec_pin_status_request_data request_data; struct ril_request *request; char **values = NULL; int rc; if (data == NULL || size < 2 * sizeof(char *)) goto error; rc = ril_radio_state_check(RADIO_STATE_SIM_NOT_READY); if (rc < 0) return RIL_REQUEST_UNHANDLED; request = ril_request_find_request_status(RIL_REQUEST_ENTER_SIM_PIN2, RIL_REQUEST_HANDLED); if (request != NULL) return RIL_REQUEST_UNHANDLED; values = (char **) data; rc = ipc_sec_pin_status_setup(&request_data, IPC_SEC_PIN_TYPE_PIN2, values[0], NULL); if (rc < 0) goto error; strings_array_free(values, size); values = NULL; rc = ipc_gen_phone_res_expect_callback(ipc_fmt_request_seq(token), IPC_SEC_PIN_STATUS, ipc_sec_callback); if (rc < 0) goto error; rc = ipc_fmt_send(ipc_fmt_request_seq(token), IPC_SEC_PIN_STATUS, IPC_TYPE_SET, (void *) &request_data, sizeof(request_data)); if (rc < 0) goto error; rc = RIL_REQUEST_HANDLED; goto complete; error: if (values != NULL) strings_array_free(values, size); ril_request_complete(token, RIL_E_GENERIC_FAILURE, NULL, 0); rc = RIL_REQUEST_COMPLETED; complete: return rc; } int ril_request_enter_sim_puk2(void *data, size_t size, RIL_Token token) { struct ipc_sec_pin_status_request_data request_data; struct ril_request *request; char **values = NULL; int rc; if (data == NULL || size < 2 * sizeof(char *)) goto error; rc = ril_radio_state_check(RADIO_STATE_SIM_NOT_READY); if (rc < 0) return RIL_REQUEST_UNHANDLED; request = ril_request_find_request_status(RIL_REQUEST_ENTER_SIM_PUK2, RIL_REQUEST_HANDLED); if (request != NULL) return RIL_REQUEST_UNHANDLED; values = (char **) data; rc = ipc_sec_pin_status_setup(&request_data, IPC_SEC_PIN_TYPE_PIN2, values[1], values[0]); if (rc < 0) goto error; strings_array_free(values, size); values = NULL; rc = ipc_gen_phone_res_expect_callback(ipc_fmt_request_seq(token), IPC_SEC_PIN_STATUS, ipc_sec_callback); if (rc < 0) goto error; rc = ipc_fmt_send(ipc_fmt_request_seq(token), IPC_SEC_PIN_STATUS, IPC_TYPE_SET, (void *) &request_data, sizeof(request_data)); if (rc < 0) goto error; rc = RIL_REQUEST_HANDLED; goto complete; error: if (values != NULL) strings_array_free(values, size); ril_request_complete(token, RIL_E_GENERIC_FAILURE, NULL, 0); rc = RIL_REQUEST_COMPLETED; complete: return rc; } int ril_request_change_sim_pin(void *data, size_t size, RIL_Token token) { struct ipc_sec_change_locking_pw_data request_data; struct ril_request *request; char **values = NULL; int rc; if (data == NULL || size < 3 * sizeof(char *)) goto error; request = ril_request_find_request_status(RIL_REQUEST_CHANGE_SIM_PIN, RIL_REQUEST_HANDLED); if (request != NULL) return RIL_REQUEST_UNHANDLED; rc = ril_radio_state_check(RADIO_STATE_SIM_READY); if (rc < 0) return RIL_REQUEST_UNHANDLED; values = (char **) data; rc = ipc_sec_change_locking_pw_setup(&request_data, IPC_SEC_FACILITY_TYPE_SC, values[0], values[1]); if (rc < 0) goto error; strings_array_free(values, size); values = NULL; rc = ipc_gen_phone_res_expect_callback(ipc_fmt_request_seq(token), IPC_SEC_CHANGE_LOCKING_PW, ipc_sec_callback); if (rc < 0) goto error; rc = ipc_fmt_send(ipc_fmt_request_seq(token), IPC_SEC_CHANGE_LOCKING_PW, IPC_TYPE_SET, (void *) &request_data, sizeof(request_data)); if (rc < 0) goto error; rc = RIL_REQUEST_HANDLED; goto complete; error: if (values != NULL) strings_array_free(values, size); ril_request_complete(token, RIL_E_GENERIC_FAILURE, NULL, 0); rc = RIL_REQUEST_COMPLETED; complete: return rc; } int ril_request_change_sim_pin2(void *data, size_t size, RIL_Token token) { struct ipc_sec_change_locking_pw_data request_data; struct ril_request *request; char **values = NULL; int rc; if (data == NULL || size < 3 * sizeof(char *)) goto error; request = ril_request_find_request_status(RIL_REQUEST_CHANGE_SIM_PIN, RIL_REQUEST_HANDLED); if (request != NULL) return RIL_REQUEST_UNHANDLED; rc = ril_radio_state_check(RADIO_STATE_SIM_READY); if (rc < 0) return RIL_REQUEST_UNHANDLED; values = (char **) data; rc = ipc_sec_change_locking_pw_setup(&request_data, IPC_SEC_FACILITY_TYPE_FD, values[0], values[1]); if (rc < 0) goto error; strings_array_free(values, size); values = NULL; rc = ipc_gen_phone_res_expect_callback(ipc_fmt_request_seq(token), IPC_SEC_CHANGE_LOCKING_PW, ipc_sec_callback); if (rc < 0) goto error; rc = ipc_fmt_send(ipc_fmt_request_seq(token), IPC_SEC_CHANGE_LOCKING_PW, IPC_TYPE_SET, (void *) &request_data, sizeof(request_data)); if (rc < 0) goto error; rc = RIL_REQUEST_HANDLED; goto complete; error: if (values != NULL) strings_array_free(values, size); ril_request_complete(token, RIL_E_GENERIC_FAILURE, NULL, 0); rc = RIL_REQUEST_COMPLETED; complete: return rc; } int ipc_sec_rsim_access(struct ipc_message *message) { struct ipc_sec_rsim_access_response_header *header; struct ipc_sec_rsim_access_usim_response_header *usim_header; struct sim_file_response sim_file_response; struct ril_request *request; struct ril_client *client; struct ipc_fmt_data *ipc_fmt_data; RIL_SIM_IO_Response response; #if RIL_VERSION >= 6 RIL_SIM_IO_v6 *sim_io; #else RIL_SIM_IO *sim_io; #endif unsigned char *p; unsigned int offset; unsigned int i; void *data; size_t size; if (message == NULL || message->data == NULL || message->size < sizeof(struct ipc_sec_rsim_access_response_header)) return -1; client = ril_client_find_id(RIL_CLIENT_IPC_FMT); if (client == NULL || client->data == NULL) return 0; if (message->type != IPC_TYPE_RESP || !ipc_seq_valid(message->aseq)) return 0; ipc_fmt_data = (struct ipc_fmt_data *) client->data; header = (struct ipc_sec_rsim_access_response_header *) message->data; size = ipc_sec_rsim_access_size_extract(message->data, message->size); data = ipc_sec_rsim_access_extract(message->data, message->size); request = ril_request_find_token(ipc_fmt_request_token(message->aseq)); #if RIL_VERSION >= 6 if (request == NULL || request->data == NULL || request->size < sizeof(RIL_SIM_IO_v6)) #else if (request == NULL || request->data == NULL || request->size < sizeof(RIL_SIM_IO)) #endif return 0; #if RIL_VERSION >= 6 sim_io = (RIL_SIM_IO_v6 *) request->data; #else sim_io = (RIL_SIM_IO *) request->data; #endif memset(&response, 0, sizeof(response)); response.sw1 = header->sw1; response.sw2 = header->sw2; switch (sim_io->command) { case SIM_COMMAND_READ_BINARY: case SIM_COMMAND_READ_RECORD: if (header->length == 0) break; response.simResponse = data2string(data, header->length); break; case SIM_COMMAND_GET_RESPONSE: if (header->length == 0) break; if (ipc_fmt_data->sim_icc_type_data.type == 0x01) { response.simResponse = data2string(data, header->length); break; } if (header->length < sizeof(struct ipc_sec_rsim_access_usim_response_header)) break; usim_header = (struct ipc_sec_rsim_access_usim_response_header *) data; memset(&sim_file_response, 0, sizeof(sim_file_response)); offset = sizeof(struct ipc_sec_rsim_access_usim_response_header) + usim_header->offset; if (offset > header->length) break; offset = usim_header->offset - 2; p = (unsigned char *) usim_header + offset; sim_file_response.file_id[0] = p[0]; sim_file_response.file_id[1] = p[1]; offset = header->length - 2; p = (unsigned char *) usim_header; while (offset > 2) { if (p[offset] == 0x88) { offset -= 2; break; } offset--; } if (offset <= 2) break; p = (unsigned char *) usim_header + offset; sim_file_response.file_size[0] = p[0]; sim_file_response.file_size[1] = p[1]; // Fallback to EF sim_file_response.file_type = SIM_FILE_TYPE_EF; for (i = 0; i < sim_file_ids_count; i++) { if (sim_io->fileid == sim_file_ids[i].file_id) { sim_file_response.file_type = sim_file_ids[i].type; break; } } sim_file_response.access_condition[0] = 0x00; sim_file_response.access_condition[1] = 0xff; sim_file_response.access_condition[2] = 0xff; sim_file_response.file_status = 0x01; sim_file_response.file_length = 0x02; switch (usim_header->file_structure) { case IPC_SEC_RSIM_FILE_STRUCTURE_TRANSPARENT: sim_file_response.file_structure = SIM_FILE_STRUCTURE_TRANSPARENT; break; case IPC_SEC_RSIM_FILE_STRUCTURE_LINEAR_FIXED: default: sim_file_response.file_structure = SIM_FILE_STRUCTURE_LINEAR_FIXED; break; } sim_file_response.record_length = usim_header->length; response.simResponse = data2string((void *) &sim_file_response, sizeof(sim_file_response)); break; case SIM_COMMAND_UPDATE_BINARY: case SIM_COMMAND_UPDATE_RECORD: case SIM_COMMAND_SEEK: default: response.simResponse = NULL; break; } ril_request_complete(ipc_fmt_request_token(message->aseq), RIL_E_SUCCESS, (void *) &response, sizeof(response)); if (response.simResponse != NULL) free(response.simResponse); return 0; } int ril_request_sim_io(void *data, size_t size, RIL_Token token) { struct ipc_sec_rsim_access_request_header request_header; struct ipc_sec_pin_status_request_data pin_request_data; struct ril_request *request; #if RIL_VERSION >= 6 RIL_SIM_IO_v6 *sim_io = NULL; #else RIL_SIM_IO *sim_io = NULL; #endif void *sim_io_data = NULL; size_t sim_io_size = 0; void *request_data = NULL; size_t request_size = 0; int pin_request = 0; int rc; #if RIL_VERSION >= 6 if (data == NULL || size < sizeof(RIL_SIM_IO_v6)) #else if (data == NULL || size < sizeof(RIL_SIM_IO)) #endif goto error; rc = ril_radio_state_check(RADIO_STATE_SIM_READY); if (rc < 0) return RIL_REQUEST_UNHANDLED; request = ril_request_find_request_status(RIL_REQUEST_SIM_IO, RIL_REQUEST_HANDLED); if (request != NULL) return RIL_REQUEST_UNHANDLED; #if RIL_VERSION >= 6 sim_io = (RIL_SIM_IO_v6 *) data; #else sim_io = (RIL_SIM_IO *) data; #endif if (sim_io->data != NULL) { sim_io_size = string2data_size(sim_io->data); if (sim_io_size == 0) goto error; sim_io_data = string2data(sim_io->data); if (sim_io_data == NULL) goto error; } if (sim_io->pin2 != NULL) { // PIN2 unlock first pin_request = 1; rc = ipc_sec_pin_status_setup(&pin_request_data, IPC_SEC_PIN_TYPE_PIN2, sim_io->pin2, NULL); if (rc < 0) goto error; } if (sim_io->path != NULL) free(sim_io->path); if (sim_io->data != NULL) free(sim_io->data); if (sim_io->pin2 != NULL) free(sim_io->pin2); #if RIL_VERSION >= 6 if (sim_io->aidPtr != NULL) free(sim_io->aidPtr); #endif memset(&request_header, 0, sizeof(request_header)); request_header.command = sim_io->command; request_header.file_id = sim_io->fileid; request_header.p1 = sim_io->p1; request_header.p2 = sim_io->p2; request_header.p3 = sim_io->p3; sim_io = NULL; request_size = ipc_sec_rsim_access_size_setup(&request_header, sim_io_data, sim_io_size); if (request_size == 0) goto error; request_data = ipc_sec_rsim_access_setup(&request_header, sim_io_data, sim_io_size); if (request_data == NULL) goto error; if (pin_request) { // PIN2 unlock first ril_request_data_set_uniq(RIL_REQUEST_SIM_IO, request_data, request_size); rc = ipc_gen_phone_res_expect_callback(ipc_fmt_request_seq(token), IPC_SEC_PIN_STATUS, ipc_sec_callback); if (rc < 0) { ril_request_data_free(RIL_REQUEST_SIM_IO); goto error; } rc = ipc_fmt_send(ipc_fmt_request_seq(token), IPC_SEC_PIN_STATUS, IPC_TYPE_SET, (void *) &pin_request_data, sizeof(pin_request_data)); if (rc < 0) { ril_request_data_free(RIL_REQUEST_SIM_IO); goto error; } rc = RIL_REQUEST_HANDLED; goto complete; } rc = ipc_fmt_send(ipc_fmt_request_seq(token), IPC_SEC_RSIM_ACCESS, IPC_TYPE_GET, request_data, request_size); if (rc < 0) goto error; rc = RIL_REQUEST_HANDLED; goto complete; error: if (sim_io != NULL) { if (sim_io->path != NULL) free(sim_io->path); if (sim_io->data != NULL) free(sim_io->data); if (sim_io->pin2 != NULL) free(sim_io->pin2); #if RIL_VERSION >= 6 if (sim_io->aidPtr != NULL) free(sim_io->aidPtr); #endif } ril_request_complete(token, RIL_E_GENERIC_FAILURE, NULL, 0); rc = RIL_REQUEST_COMPLETED; complete: if (sim_io_data != NULL && sim_io_size > 0) free(sim_io_data); if (request_data != NULL && request_size > 0) free(request_data); return rc; } int ipc_sec_sim_icc_type(struct ipc_message *message) { struct ipc_sec_sim_icc_type_data *data; struct ril_client *client; struct ipc_fmt_data *ipc_fmt_data; if (message == NULL || message->data == NULL || message->size < sizeof(struct ipc_sec_sim_icc_type_data)) return -1; client = ril_client_find_id(RIL_CLIENT_IPC_FMT); if (client == NULL || client->data == NULL) return 0; ipc_fmt_data = (struct ipc_fmt_data *) client->data; data = (struct ipc_sec_sim_icc_type_data *) message->data; if (ipc_fmt_data->sim_icc_type_data.type != data->type) ipc_fmt_data->sim_icc_type_data.type = data->type; return 0; } int ipc_sec_lock_infomation(struct ipc_message *message) { struct ipc_sec_lock_infomation_response_data *data; struct ipc_gen_phone_res_data *gen_phone_res; int requests[] = { RIL_REQUEST_ENTER_SIM_PIN, RIL_REQUEST_CHANGE_SIM_PIN, RIL_REQUEST_ENTER_SIM_PIN2, RIL_REQUEST_CHANGE_SIM_PIN2, RIL_REQUEST_SET_FACILITY_LOCK }; void *gen_phone_res_data = NULL; size_t gen_phone_res_size = 0; int retry_count; unsigned int count; unsigned int i; int rc; if (message == NULL || message->data == NULL || message->size < sizeof(struct ipc_sec_lock_infomation_response_data)) return -1; rc = ril_radio_state_check(RADIO_STATE_SIM_NOT_READY); if (rc < 0) return 0; if (message->type != IPC_TYPE_RESP || !ipc_seq_valid(message->aseq)) return 0; data = (struct ipc_sec_lock_infomation_response_data *) message->data; if (data->type != IPC_SEC_PIN_TYPE_PIN1 && data->type != IPC_SEC_PIN_TYPE_PIN2) return 0; count = sizeof(requests) / sizeof(int); for (i = 0; i < count; i++) { gen_phone_res_size = ril_request_data_size_get(requests[i]); if (gen_phone_res_size < sizeof(struct ipc_gen_phone_res_data)) continue; gen_phone_res_data = ril_request_data_get(requests[i]); if (gen_phone_res_data == NULL) continue; break; } if (gen_phone_res_data == NULL || gen_phone_res_size < sizeof(struct ipc_gen_phone_res_data)) return 0; gen_phone_res = (struct ipc_gen_phone_res_data *) gen_phone_res_data; retry_count = data->retry_count; rc = ipc_gen_phone_res_check(gen_phone_res); if (rc < 0) { if ((gen_phone_res->code & 0xff) == 0x10) { RIL_LOGE("%s: Wrong password and %d attempts left", __func__, retry_count); ril_request_complete(ipc_fmt_request_token(message->aseq), RIL_E_PASSWORD_INCORRECT, &retry_count, sizeof(retry_count)); } else if ((gen_phone_res->code & 0xff) == 0x0c) { RIL_LOGE("%s: Wrong password and no attempts left", __func__); retry_count = 0; ril_request_complete(ipc_fmt_request_token(message->aseq), RIL_E_PASSWORD_INCORRECT, &retry_count, sizeof(retry_count)); } else { ril_request_complete(ipc_fmt_request_token(message->aseq), RIL_E_GENERIC_FAILURE, &retry_count, sizeof(retry_count)); } } else { ril_request_complete(ipc_fmt_request_token(message->aseq), RIL_E_SUCCESS, &retry_count, sizeof(retry_count)); } free(gen_phone_res_data); return 0; }
krb5_error_code krb5int_mk_setpw_req(krb5_context context, krb5_auth_context auth_context, krb5_data *ap_req, krb5_principal targprinc, const char *passwd, krb5_data *packet) { krb5_error_code ret; krb5_data cipherpw; krb5_data *encoded_setpw; struct krb5_setpw_req req; char *ptr; cipherpw.data = NULL; cipherpw.length = 0; if ((ret = krb5_auth_con_setflags(context, auth_context, KRB5_AUTH_CONTEXT_DO_SEQUENCE))) return(ret); req.target = targprinc; req.password = string2data((char *)passwd); ret = encode_krb5_setpw_req(&req, &encoded_setpw); if (ret) { return ret; } if ((ret = krb5_mk_priv(context, auth_context, encoded_setpw, &cipherpw, NULL)) != 0) { krb5_free_data(context, encoded_setpw); return(ret); } krb5_free_data(context, encoded_setpw); packet->length = 6 + ap_req->length + cipherpw.length; packet->data = (char *) malloc(packet->length); if (packet->data == NULL) { ret = ENOMEM; goto cleanup; } ptr = packet->data; /* ** build the packet - */ /* put in the length */ store_16_be(packet->length, ptr); ptr += 2; /* put in the version */ *ptr++ = (char)0xff; *ptr++ = (char)0x80; /* the ap_req length is big endian */ store_16_be(ap_req->length, ptr); ptr += 2; /* put in the request data */ memcpy(ptr, ap_req->data, ap_req->length); ptr += ap_req->length; /* ** put in the "private" password data - */ memcpy(ptr, cipherpw.data, cipherpw.length); ret = 0; cleanup: if (cipherpw.data) krb5_free_data_contents(context, &cipherpw); if ((ret != 0) && packet->data) { free(packet->data); packet->data = NULL; } return ret; }
static krb5_error_code prepare_error_as(struct kdc_request_state *rstate, krb5_kdc_req *request, krb5_db_entry *local_tgt, int error, krb5_pa_data **e_data_in, krb5_boolean typed_e_data, krb5_principal canon_client, krb5_data **response, const char *status) { krb5_error errpkt; krb5_error_code retval; krb5_data *scratch = NULL, *e_data_asn1 = NULL, *fast_edata = NULL; krb5_pa_data **e_data = NULL, *cookie = NULL; kdc_realm_t *kdc_active_realm = rstate->realm_data; size_t count; if (e_data_in != NULL) { /* Add a PA-FX-COOKIE to e_data_in. e_data is a shallow copy * containing aliases. */ for (count = 0; e_data_in[count] != NULL; count++); e_data = calloc(count + 2, sizeof(*e_data)); if (e_data == NULL) return ENOMEM; memcpy(e_data, e_data_in, count * sizeof(*e_data)); retval = kdc_fast_make_cookie(kdc_context, rstate, local_tgt, request->client, &cookie); e_data[count] = cookie; } errpkt.ctime = request->nonce; errpkt.cusec = 0; retval = krb5_us_timeofday(kdc_context, &errpkt.stime, &errpkt.susec); if (retval) goto cleanup; errpkt.error = error; errpkt.server = request->server; errpkt.client = (error == KDC_ERR_WRONG_REALM) ? canon_client : request->client; errpkt.text = string2data((char *)status); if (e_data != NULL) { if (typed_e_data) retval = encode_krb5_typed_data(e_data, &e_data_asn1); else retval = encode_krb5_padata_sequence(e_data, &e_data_asn1); if (retval) goto cleanup; errpkt.e_data = *e_data_asn1; } else errpkt.e_data = empty_data(); retval = kdc_fast_handle_error(kdc_context, rstate, request, e_data, &errpkt, &fast_edata); if (retval) goto cleanup; if (fast_edata != NULL) errpkt.e_data = *fast_edata; scratch = k5alloc(sizeof(*scratch), &retval); if (scratch == NULL) goto cleanup; if (kdc_fast_hide_client(rstate) && errpkt.client != NULL) errpkt.client = (krb5_principal)krb5_anonymous_principal(); retval = krb5_mk_error(kdc_context, &errpkt, scratch); if (retval) goto cleanup; *response = scratch; scratch = NULL; cleanup: krb5_free_data(kdc_context, fast_edata); krb5_free_data(kdc_context, e_data_asn1); free(scratch); free(e_data); if (cookie != NULL) free(cookie->contents); free(cookie); return retval; }
krb5_error_code krb5int_mk_chpw_req(krb5_context context, krb5_auth_context auth_context, krb5_data *ap_req, const char *passwd, krb5_data *packet) { krb5_error_code ret = 0; krb5_data clearpw; krb5_data cipherpw; krb5_replay_data replay; char *ptr; cipherpw.data = NULL; if ((ret = krb5_auth_con_setflags(context, auth_context, KRB5_AUTH_CONTEXT_DO_SEQUENCE))) goto cleanup; clearpw = string2data((char *)passwd); if ((ret = krb5_mk_priv(context, auth_context, &clearpw, &cipherpw, &replay))) goto cleanup; packet->length = 6 + ap_req->length + cipherpw.length; packet->data = (char *) malloc(packet->length); if (packet->data == NULL) { ret = ENOMEM; goto cleanup; } ptr = packet->data; /* length */ store_16_be(packet->length, ptr); ptr += 2; /* version == 0x0001 big-endian */ *ptr++ = 0; *ptr++ = 1; /* ap_req length, big-endian */ store_16_be(ap_req->length, ptr); ptr += 2; /* ap-req data */ memcpy(ptr, ap_req->data, ap_req->length); ptr += ap_req->length; /* krb-priv of password */ memcpy(ptr, cipherpw.data, cipherpw.length); cleanup: if (cipherpw.data != NULL) /* allocated by krb5_mk_priv */ free(cipherpw.data); return(ret); }