diff options
| author | Alexandra Ellwood <lxs@mit.edu> | 2008-02-06 20:22:32 +0000 |
|---|---|---|
| committer | Alexandra Ellwood <lxs@mit.edu> | 2008-02-06 20:22:32 +0000 |
| commit | 266fde72702c39317d6a82c2aaf3de460bee633c (patch) | |
| tree | 770029e09506e2cb93d0a9a967485cd0ba60b27f /src/ccapi/common | |
| parent | d0f3352470a2226dc3df7c36b41d0eedcb8e9a77 (diff) | |
| download | krb5-266fde72702c39317d6a82c2aaf3de460bee633c.tar.gz krb5-266fde72702c39317d6a82c2aaf3de460bee633c.tar.xz krb5-266fde72702c39317d6a82c2aaf3de460bee633c.zip | |
Need CCAPI v2 support for Windows
Added initial checkin of CCAPI v2 shim layer.
ticket: new
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20220 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/ccapi/common')
| -rw-r--r-- | src/ccapi/common/cci_cred_union.c | 442 | ||||
| -rw-r--r-- | src/ccapi/common/cci_cred_union.h | 22 |
2 files changed, 443 insertions, 21 deletions
diff --git a/src/ccapi/common/cci_cred_union.c b/src/ccapi/common/cci_cred_union.c index 55da1e264..902013dec 100644 --- a/src/ccapi/common/cci_cred_union.c +++ b/src/ccapi/common/cci_cred_union.c @@ -594,7 +594,7 @@ static cc_uint32 cci_credentials_v5_write (cc_credentials_v5_t *in_v5creds, /* ------------------------------------------------------------------------ */ -cc_uint32 cci_cred_union_release (cc_credentials_union *io_cred_union) +cc_uint32 cci_credentials_union_release (cc_credentials_union *io_cred_union) { cc_int32 err = ccNoError; @@ -614,31 +614,31 @@ cc_uint32 cci_cred_union_release (cc_credentials_union *io_cred_union) /* ------------------------------------------------------------------------ */ -cc_uint32 cci_cred_union_read (cc_credentials_union **out_credentials_union, - cci_stream_t io_stream) +cc_uint32 cci_credentials_union_read (cc_credentials_union **out_credentials_union, + cci_stream_t io_stream) { cc_int32 err = ccNoError; - cc_credentials_union *cred_union = NULL; + cc_credentials_union *credentials_union = NULL; if (!io_stream ) { err = cci_check_error (ccErrBadParam); } if (!out_credentials_union) { err = cci_check_error (ccErrBadParam); } if (!err) { - cred_union = malloc (sizeof (*cred_union)); - if (!cred_union) { err = cci_check_error (ccErrNoMem); } + credentials_union = calloc (1, sizeof (*credentials_union)); + if (!credentials_union) { err = cci_check_error (ccErrNoMem); } } if (!err) { - err = cci_stream_read_uint32 (io_stream, &cred_union->version); + err = cci_stream_read_uint32 (io_stream, &credentials_union->version); } if (!err) { - if (cred_union->version == cc_credentials_v4) { - err = cci_credentials_v4_read (&cred_union->credentials.credentials_v4, + if (credentials_union->version == cc_credentials_v4) { + err = cci_credentials_v4_read (&credentials_union->credentials.credentials_v4, io_stream); - } else if (cred_union->version == cc_credentials_v5) { - err = cci_credentials_v5_read (&cred_union->credentials.credentials_v5, + } else if (credentials_union->version == cc_credentials_v5) { + err = cci_credentials_v5_read (&credentials_union->credentials.credentials_v5, io_stream); @@ -648,19 +648,19 @@ cc_uint32 cci_cred_union_read (cc_credentials_union **out_credentials_union, } if (!err) { - *out_credentials_union = cred_union; - cred_union = NULL; + *out_credentials_union = credentials_union; + credentials_union = NULL; } - if (cred_union) { cci_cred_union_release (cred_union); } + if (credentials_union) { cci_credentials_union_release (credentials_union); } return cci_check_error (err); } /* ------------------------------------------------------------------------ */ -cc_uint32 cci_cred_union_write (const cc_credentials_union *in_credentials_union, - cci_stream_t io_stream) +cc_uint32 cci_credentials_union_write (const cc_credentials_union *in_credentials_union, + cci_stream_t io_stream) { cc_int32 err = ccNoError; @@ -687,3 +687,413 @@ cc_uint32 cci_cred_union_write (const cc_credentials_union *in_credentials_union return cci_check_error (err); } + +#ifdef TARGET_OS_MAC +#pragma mark - +#pragma mark -- CCAPI v2 Compat -- +#endif + +/* ------------------------------------------------------------------------ */ + +cc_credentials_v5_compat cci_credentials_v5_compat_initializer = { + NULL, + NULL, + { 0, 0, NULL }, + 0, 0, 0, 0, 0, 0, + NULL, + { 0, 0, NULL }, + { 0, 0, NULL }, + NULL +}; + +/* ------------------------------------------------------------------------ */ + +cc_uint32 cci_cred_union_release (cred_union *io_cred_union) +{ + cc_int32 err = ccNoError; + + if (!io_cred_union) { err = ccErrBadParam; } + + if (!err) { + if (io_cred_union->cred_type == CC_CRED_V4) { + memset (io_cred_union->cred.pV4Cred, 0, sizeof (cc_credentials_v4_compat)); + free (io_cred_union->cred.pV4Cred); + + } else if (io_cred_union->cred_type == CC_CRED_V5) { + free (io_cred_union->cred.pV5Cred->client); + free (io_cred_union->cred.pV5Cred->server); + cci_cc_data_contents_release (&io_cred_union->cred.pV5Cred->keyblock); + cci_cc_data_array_release (io_cred_union->cred.pV5Cred->addresses); + cci_cc_data_contents_release (&io_cred_union->cred.pV5Cred->ticket); + cci_cc_data_contents_release (&io_cred_union->cred.pV5Cred->second_ticket); + cci_cc_data_array_release (io_cred_union->cred.pV5Cred->authdata); + free (io_cred_union->cred.pV5Cred); + } + free (io_cred_union); + } + + return err; +} + +/* ------------------------------------------------------------------------ */ + +static cc_uint32 cci_cc_data_copy_contents (cc_data *io_ccdata, + cc_data *in_ccdata) +{ + cc_int32 err = ccNoError; + char *data = NULL; + + if (!io_ccdata) { err = cci_check_error (ccErrBadParam); } + if (!in_ccdata) { err = cci_check_error (ccErrBadParam); } + + if (!err && in_ccdata->length > 0) { + data = malloc (in_ccdata->length); + if (data) { + memcpy (data, in_ccdata->data, in_ccdata->length); + } else { + err = cci_check_error (ccErrNoMem); + } + } + + if (!err) { + io_ccdata->type = in_ccdata->type; + io_ccdata->length = in_ccdata->length; + io_ccdata->data = data; + data = NULL; + } + + free (data); + + return cci_check_error (err); +} + +/* ------------------------------------------------------------------------ */ + +static cc_uint32 cci_cc_data_array_copy (cc_data ***io_ccdata_array, + cc_data **in_ccdata_array) +{ + cc_int32 err = ccNoError; + cc_uint32 count = 0; + cc_data **array = NULL; + cc_uint32 i; + + if (!io_ccdata_array) { err = cci_check_error (ccErrBadParam); } + + if (!err) { + for (count = 0; in_ccdata_array && in_ccdata_array[count]; count++); + } + + if (!err && count > 0) { + array = malloc ((count + 1) * sizeof (*array)); + if (array) { + for (i = 0; i <= count; i++) { array[i] = NULL; } + } else { + err = cci_check_error (ccErrNoMem); + } + } + + if (!err) { + for (i = 0; !err && i < count; i++) { + array[i] = malloc (sizeof (cc_data)); + if (!array[i]) { err = cci_check_error (ccErrNoMem); } + + if (!err) { + err = cci_cc_data_copy_contents (array[i], in_ccdata_array[i]); + } + } + } + + if (!err) { + *io_ccdata_array = array; + array = NULL; + } + + cci_cc_data_array_release (array); + + return cci_check_error (err); +} + +/* ------------------------------------------------------------------------ */ + +cc_uint32 cci_credentials_union_to_cred_union (const cc_credentials_union *in_credentials_union, + cred_union **out_cred_union) +{ + cc_int32 err = ccNoError; + cred_union *compat_cred_union = NULL; + + if (!in_credentials_union) { err = cci_check_error (ccErrBadParam); } + if (!out_cred_union ) { err = cci_check_error (ccErrBadParam); } + + if (!err) { + compat_cred_union = calloc (1, sizeof (*compat_cred_union)); + if (!compat_cred_union) { err = cci_check_error (ccErrNoMem); } + } + + if (!err) { + if (in_credentials_union->version == cc_credentials_v4) { + cc_credentials_v4_compat *compat_v4creds = NULL; + + compat_v4creds = malloc (sizeof (*compat_v4creds)); + if (!compat_v4creds) { err = cci_check_error (ccErrNoMem); } + + if (!err) { + cc_credentials_v4_t *v4creds = in_credentials_union->credentials.credentials_v4; + + compat_cred_union->cred_type = CC_CRED_V4; + compat_cred_union->cred.pV4Cred = compat_v4creds; + + compat_v4creds->kversion = v4creds->version; + strncpy (compat_v4creds->principal, v4creds->principal, KRB_NAME_SZ+1); + strncpy (compat_v4creds->principal_instance, v4creds->principal_instance, KRB_INSTANCE_SZ+1); + strncpy (compat_v4creds->service, v4creds->service, KRB_NAME_SZ+1); + strncpy (compat_v4creds->service_instance, v4creds->service_instance, KRB_INSTANCE_SZ+1); + strncpy (compat_v4creds->realm, v4creds->realm, KRB_REALM_SZ+1); + memcpy (compat_v4creds->session_key, v4creds->session_key, 8); + compat_v4creds->kvno = v4creds->kvno; + compat_v4creds->str_to_key = v4creds->string_to_key_type; + compat_v4creds->issue_date = v4creds->issue_date; + compat_v4creds->lifetime = v4creds->lifetime; + compat_v4creds->address = v4creds->address; + compat_v4creds->ticket_sz = v4creds->ticket_size; + memcpy (compat_v4creds->ticket, v4creds->ticket, MAX_V4_CRED_LEN); + compat_v4creds->oops = 0; + } + + } else if (in_credentials_union->version == cc_credentials_v5) { + cc_credentials_v5_t *v5creds = in_credentials_union->credentials.credentials_v5; + cc_credentials_v5_compat *compat_v5creds = NULL; + + compat_v5creds = malloc (sizeof (*compat_v5creds)); + if (compat_v5creds) { + *compat_v5creds = cci_credentials_v5_compat_initializer; + } else { + err = cci_check_error (ccErrNoMem); + } + + if (!err) { + compat_v5creds->client = strdup (v5creds->client); + if (!compat_v5creds->client) { err = cci_check_error (ccErrNoMem); } + } + + if (!err) { + compat_v5creds->server = strdup (v5creds->server); + if (!compat_v5creds->server) { err = cci_check_error (ccErrNoMem); } + } + + if (!err) { + err = cci_cc_data_copy_contents (&compat_v5creds->keyblock, &v5creds->keyblock); + } + + if (!err) { + err = cci_cc_data_array_copy (&compat_v5creds->addresses, v5creds->addresses); + } + + if (!err) { + err = cci_cc_data_copy_contents (&compat_v5creds->ticket, &v5creds->ticket); + } + + if (!err) { + err = cci_cc_data_copy_contents (&compat_v5creds->second_ticket, &v5creds->second_ticket); + } + + if (!err) { + err = cci_cc_data_array_copy (&compat_v5creds->authdata, v5creds->authdata); + } + + if (!err) { + compat_cred_union->cred_type = CC_CRED_V5; + compat_cred_union->cred.pV5Cred = compat_v5creds; + + compat_v5creds->keyblock = v5creds->keyblock; + compat_v5creds->authtime = v5creds->authtime; + compat_v5creds->starttime = v5creds->starttime; + compat_v5creds->endtime = v5creds->endtime; + compat_v5creds->renew_till = v5creds->renew_till; + compat_v5creds->is_skey = v5creds->is_skey; + compat_v5creds->ticket_flags = v5creds->ticket_flags; + } + } else { + err = cci_check_error (ccErrBadCredentialsVersion); + } + } + + if (!err) { + *out_cred_union = compat_cred_union; + compat_cred_union = NULL; + } + + if (compat_cred_union) { cci_cred_union_release (compat_cred_union); } + + return cci_check_error (err); +} + +/* ------------------------------------------------------------------------ */ + +cc_uint32 cci_cred_union_to_credentials_union (const cred_union *in_cred_union, + cc_credentials_union **out_credentials_union) +{ + cc_int32 err = ccNoError; + cc_credentials_union *creds_union = NULL; + + if (!in_cred_union ) { err = cci_check_error (ccErrBadParam); } + if (!out_credentials_union) { err = cci_check_error (ccErrBadParam); } + + if (!err) { + creds_union = calloc (1, sizeof (*creds_union)); + if (!creds_union) { err = cci_check_error (ccErrNoMem); } + } + + if (!err) { + if (in_cred_union->cred_type == CC_CRED_V4) { + cc_credentials_v4_compat *compat_v4creds = in_cred_union->cred.pV4Cred; + cc_credentials_v4_t *v4creds = NULL; + + if (!err) { + v4creds = malloc (sizeof (*v4creds)); + if (!v4creds) { err = cci_check_error (ccErrNoMem); } + } + + if (!err) { + creds_union->version = cc_credentials_v4; + creds_union->credentials.credentials_v4 = v4creds; + + v4creds->version = compat_v4creds->kversion; + strncpy (v4creds->principal, compat_v4creds->principal, KRB_NAME_SZ); + strncpy (v4creds->principal_instance, compat_v4creds->principal_instance, KRB_INSTANCE_SZ); + strncpy (v4creds->service, compat_v4creds->service, KRB_NAME_SZ); + strncpy (v4creds->service_instance, compat_v4creds->service_instance, KRB_INSTANCE_SZ); + strncpy (v4creds->realm, compat_v4creds->realm, KRB_REALM_SZ); + memcpy (v4creds->session_key, compat_v4creds->session_key, 8); + v4creds->kvno = compat_v4creds->kvno; + v4creds->string_to_key_type = compat_v4creds->str_to_key; + v4creds->issue_date = compat_v4creds->issue_date; + v4creds->lifetime = compat_v4creds->lifetime; + v4creds->address = compat_v4creds->address; + v4creds->ticket_size = compat_v4creds->ticket_sz; + memcpy (v4creds->ticket, compat_v4creds->ticket, MAX_V4_CRED_LEN); + } + + } else if (in_cred_union->cred_type == CC_CRED_V5) { + cc_credentials_v5_compat *compat_v5creds = in_cred_union->cred.pV5Cred; + cc_credentials_v5_t *v5creds = NULL; + + if (!err) { + v5creds = malloc (sizeof (*v5creds)); + if (v5creds) { + *v5creds = cci_credentials_v5_initializer; + } else { + err = cci_check_error (ccErrNoMem); + } + } + + if (!err) { + v5creds->client = strdup (compat_v5creds->client); + if (!v5creds->client) { err = cci_check_error (ccErrNoMem); } + } + + if (!err) { + v5creds->server = strdup (compat_v5creds->server); + if (!v5creds->server) { err = cci_check_error (ccErrNoMem); } + } + + if (!err) { + err = cci_cc_data_copy_contents (&v5creds->keyblock, &compat_v5creds->keyblock); + } + + if (!err) { + err = cci_cc_data_array_copy (&v5creds->addresses, compat_v5creds->addresses); + } + + if (!err) { + err = cci_cc_data_copy_contents (&v5creds->ticket, &compat_v5creds->ticket); + } + + if (!err) { + err = cci_cc_data_copy_contents (&v5creds->second_ticket, &compat_v5creds->second_ticket); + } + + if (!err) { + err = cci_cc_data_array_copy (&v5creds->authdata, compat_v5creds->authdata); + } + + if (!err) { + creds_union->version = cc_credentials_v5; + creds_union->credentials.credentials_v5 = v5creds; + + v5creds->authtime = compat_v5creds->authtime; + v5creds->starttime = compat_v5creds->starttime; + v5creds->endtime = compat_v5creds->endtime; + v5creds->renew_till = compat_v5creds->renew_till; + v5creds->is_skey = compat_v5creds->is_skey; + v5creds->ticket_flags = compat_v5creds->ticket_flags; + } + + } else { + err = cci_check_error (ccErrBadCredentialsVersion); + } + } + + if (!err) { + *out_credentials_union = creds_union; + creds_union = NULL; + } + + if (creds_union) { cci_credentials_union_release (creds_union); } + + return cci_check_error (err); +} + +/* ------------------------------------------------------------------------ */ + +cc_uint32 cci_cred_union_compare_to_credentials_union (const cred_union *in_cred_union_compat, + const cc_credentials_union *in_credentials_union, + cc_uint32 *out_equal) +{ + cc_int32 err = ccNoError; + cc_uint32 equal = 0; + + if (!in_cred_union_compat) { err = cci_check_error (ccErrBadParam); } + if (!in_credentials_union) { err = cci_check_error (ccErrBadParam); } + if (!out_equal ) { err = cci_check_error (ccErrBadParam); } + + if (!err) { + if (in_cred_union_compat->cred_type == CC_CRED_V4 && + in_credentials_union->version == cc_credentials_v4) { + cc_credentials_v4_compat *old_creds_v4 = in_cred_union_compat->cred.pV4Cred; + cc_credentials_v4_t *new_creds_v4 = in_credentials_union->credentials.credentials_v4; + + if (old_creds_v4 && new_creds_v4 && + !strcmp (old_creds_v4->principal, + new_creds_v4->principal) && + !strcmp (old_creds_v4->principal_instance, + new_creds_v4->principal_instance) && + !strcmp (old_creds_v4->service, + new_creds_v4->service) && + !strcmp (old_creds_v4->service_instance, + new_creds_v4->service_instance) && + !strcmp (old_creds_v4->realm, new_creds_v4->realm) && + (old_creds_v4->issue_date == (long) new_creds_v4->issue_date)) { + equal = 1; + } + + } else if (in_cred_union_compat->cred_type == CC_CRED_V5 && + in_credentials_union->version == cc_credentials_v5) { + cc_credentials_v5_compat *old_creds_v5 = in_cred_union_compat->cred.pV5Cred; + cc_credentials_v5_t *new_creds_v5 = in_credentials_union->credentials.credentials_v5; + + /* Really should use krb5_parse_name and krb5_principal_compare */ + if (old_creds_v5 && new_creds_v5 && + !strcmp (old_creds_v5->client, new_creds_v5->client) && + !strcmp (old_creds_v5->server, new_creds_v5->server) && + (old_creds_v5->starttime == new_creds_v5->starttime)) { + return 1; + } + } + } + + if (!err) { + *out_equal = equal; + } + + return cci_check_error (err); +} diff --git a/src/ccapi/common/cci_cred_union.h b/src/ccapi/common/cci_cred_union.h index f734d6a35..3264d350a 100644 --- a/src/ccapi/common/cci_cred_union.h +++ b/src/ccapi/common/cci_cred_union.h @@ -28,14 +28,26 @@ #define CCI_CRED_UNION_H #include "cci_types.h" +#include <CredentialsCache2.h> -cc_uint32 cci_cred_union_release (cc_credentials_union *io_credentials); +cc_uint32 cci_credentials_union_release (cc_credentials_union *io_credentials); -cc_uint32 cci_cred_union_read (cc_credentials_union **out_credentials_union, - cci_stream_t io_stream); +cc_uint32 cci_credentials_union_read (cc_credentials_union **out_credentials_union, + cci_stream_t io_stream); -cc_uint32 cci_cred_union_write (const cc_credentials_union *in_credentials_union, - cci_stream_t io_stream); +cc_uint32 cci_credentials_union_write (const cc_credentials_union *in_credentials_union, + cci_stream_t io_stream); +cc_uint32 cci_cred_union_release (cred_union *io_cred_union); + +cc_uint32 cci_credentials_union_to_cred_union (const cc_credentials_union *in_credentials_union, + cred_union **out_cred_union); + +cc_uint32 cci_cred_union_to_credentials_union (const cred_union *in_cred_union, + cc_credentials_union **out_credentials_union); + +cc_uint32 cci_cred_union_compare_to_credentials_union (const cred_union *in_cred_union_compat, + const cc_credentials_union *in_credentials_union, + cc_uint32 *out_equal); #endif /* CCI_CRED_UNION_H */ |