add authdata stuff (from Bill Sommerfeld)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@1260 dc483132-0cff-0310-8789-dd5450dbe970

4 files changed, 153 insertions, 1 deletions

diff --git a/src/lib/krb5/ccache/file/fcc_nseq.c b/src/lib/krb5/ccache/file/fcc_nseq.c
index 4a22c4da9..ea96c34fe 100644
--- a/src/lib/krb5/ccache/file/fcc_nseq.c
+++ b/src/lib/krb5/ccache/file/fcc_nseq.c
@@ -86,6 +86,8 @@ krb5_fcc_next_cred(id, cursor, creds)
      TCHECK(kret);
      kret = krb5_fcc_read_addrs(id, &creds->addresses);
      TCHECK(kret);
+     kret = krb5_fcc_read_authdata(id, &creds->authdata);
+     TCHECK(kret);
      kret = krb5_fcc_read_data(id, &creds->ticket);
      TCHECK(kret);
      kret = krb5_fcc_read_data(id, &creds->second_ticket);
@@ -112,6 +114,8 @@ lose:
 	     xfree(creds->second_ticket.data);
 	 if (creds->addresses)
 	     krb5_free_address(creds->addresses);
+	 if (creds->authdata)
+	     krb5_free_authdata(creds->authdata);
      }
      return kret;
 }
diff --git a/src/lib/krb5/ccache/file/fcc_read.c b/src/lib/krb5/ccache/file/fcc_read.c
index fe31fc600..0ad749ecc 100644
--- a/src/lib/krb5/ccache/file/fcc_read.c
+++ b/src/lib/krb5/ccache/file/fcc_read.c
@@ -311,3 +311,81 @@ krb5_fcc_read_flags(id, f)
 {
      return krb5_fcc_read(id, (krb5_pointer) f, sizeof(krb5_flags));
 }
+
+krb5_error_code
+krb5_fcc_read_authdata(id, a)
+    krb5_ccache id;
+    krb5_authdata ***a;
+{
+     krb5_error_code kret;
+     krb5_int32 length;
+     int i;
+
+     *a = 0;
+
+     /* Read the number of components */
+     kret = krb5_fcc_read_int32(id, &length);
+     CHECK(kret);
+
+     if (length == 0)
+	 return KRB5_OK;
+
+     /* Make *a able to hold length pointers to krb5_authdata structs
+      * Add one extra for a null-terminated list
+      */
+     *a = (krb5_authdata **) calloc(length+1, sizeof(krb5_authdata *));
+     if (*a == NULL)
+	  return KRB5_CC_NOMEM;
+
+     for (i=0; i < length; i++) {
+	  (*a)[i] = (krb5_authdata *) malloc(sizeof(krb5_authdata));
+	  if ((*a)[i] == NULL) {
+	      krb5_free_authdata(*a);
+	      return KRB5_CC_NOMEM;
+	  }	  
+	  kret = krb5_fcc_read_authdatum(id, (*a)[i]);
+	  CHECK(kret);
+     }
+
+     return KRB5_OK;
+ errout:
+     if (*a)
+	 krb5_free_authdata(*a);
+     return kret;
+}
+
+krb5_error_code
+krb5_fcc_read_authdatum(id, a)
+    krb5_ccache id;
+    krb5_authdata *a;
+{
+    krb5_error_code kret;
+    int ret;
+    
+    a->contents = NULL;
+
+    kret = krb5_fcc_read_ui_2(id, &a->ad_type);
+    CHECK(kret);
+    kret = krb5_fcc_read_int(id, &a->length);
+    CHECK(kret);
+    
+    a->contents = (krb5_octet *) malloc(a->length);
+    if (a->contents == NULL)
+	return KRB5_CC_NOMEM;
+    ret = read(((krb5_fcc_data *) id->data)->fd, (char *)a->contents,
+		(a->length)*sizeof(krb5_octet));
+     if (ret == -1) {
+	  xfree(a->contents);
+	  return krb5_fcc_interpret(errno);
+     }
+     if (ret != (a->length)*sizeof(krb5_octet)) {
+	  xfree(a->contents);
+	  return KRB5_CC_END;
+     }
+     return KRB5_OK;
+ errout:
+     if (a->contents)
+	 xfree(a->contents);
+     return kret;
+    
+}
diff --git a/src/lib/krb5/ccache/file/fcc_retrv.c b/src/lib/krb5/ccache/file/fcc_retrv.c
index afc044d99..a7ffbc9c4 100644
--- a/src/lib/krb5/ccache/file/fcc_retrv.c
+++ b/src/lib/krb5/ccache/file/fcc_retrv.c
@@ -27,6 +27,10 @@ static krb5_boolean times_match PROTOTYPE((const krb5_ticket_times *,
 static krb5_boolean standard_fields_match
     PROTOTYPE((const krb5_creds *,
 	       const krb5_creds *));
+
+static krb5_boolean authdata_match
+    PROTOTYPE ((krb5_authdata * const *, krb5_authdata * const *));
+
 /*
  * Effects:
  * Searches the file cred cache is for a credential matching mcreds,
@@ -81,7 +85,10 @@ krb5_fcc_retrieve(id, whichfields, mcreds, creds)
 	       times_match_exact(&mcreds->times, &fetchcreds.times))
 	      &&
 	      (! set(KRB5_TC_MATCH_TIMES) ||
-	       times_match(&mcreds->times, &fetchcreds.times)))
+	       times_match(&mcreds->times, &fetchcreds.times))
+	      &&
+	      ( ! set(KRB5_TC_MATCH_AUTHDATA) ||
+	       authdata_match(mcreds->authdata, fetchcreds.authdata)))
 	  {
 	       krb5_fcc_end_seq_get(id, &cursor);
 	       *creds = fetchcreds;
@@ -121,3 +128,30 @@ register const krb5_creds *mcreds, *creds;
     return (krb5_principal_compare(mcreds->client,creds->client) &&
 	    krb5_principal_compare(mcreds->server,creds->server));
 }
+
+static krb5_boolean
+authdata_match(mdata, data)
+    register krb5_authdata * const *mdata, * const *data;
+{
+    register const krb5_authdata *mdatap, *datap;
+
+    if (mdata == data)
+      return TRUE;
+
+    if (mdata == NULL)
+	return *data == NULL;
+	
+    if (data == NULL)
+	return *mdata == NULL;
+    
+    while ((mdatap = *mdata) && (datap = *data)) {
+      if ((mdatap->ad_type != datap->ad_type) ||
+          (mdatap->length != datap->length) ||
+          (bcmp ((char *)mdatap->contents,
+		 (char *)datap->contents, mdatap->length) != 0))
+          return FALSE;
+      mdata++;
+      data++;
+    }
+    return (*mdata == NULL) && (*data == NULL);
+}
diff --git a/src/lib/krb5/ccache/file/fcc_write.c b/src/lib/krb5/ccache/file/fcc_write.c
index 6a05753d9..9256855b7 100644
--- a/src/lib/krb5/ccache/file/fcc_write.c
+++ b/src/lib/krb5/ccache/file/fcc_write.c
@@ -219,3 +219,39 @@ krb5_fcc_store_flags(id, f)
 {
      return krb5_fcc_write(id, (char *) f, sizeof(krb5_flags));
 }
+
+krb5_error_code
+krb5_fcc_store_authdata(id, a)
+    krb5_ccache id;
+    krb5_authdata **a;
+{
+    krb5_error_code ret;
+    krb5_authdata **temp;
+    krb5_int32 i, length=0;
+
+    if (a != NULL) {
+	for (temp=a; *temp; temp++)
+	    length++;
+    }
+
+    ret = krb5_fcc_store_int32(id, &length);
+    CHECK(ret);
+    for (i=0; i<length; i++) {
+	ret = krb5_fcc_store_authdatum (id, a[i]);
+	CHECK(ret);
+    }
+    return KRB5_OK;
+}
+
+krb5_error_code
+krb5_fcc_store_authdatum (id, a)
+    krb5_ccache id;
+    krb5_authdata *a;
+{
+    krb5_error_code ret;
+    ret = krb5_fcc_store_ui_2(id, &a->ad_type);
+    CHECK(ret);
+    ret = krb5_fcc_store_int32(id, &a->length);
+    CHECK(ret);
+    return krb5_fcc_write(id, a->contents, a->length);
+}