#include "kadmin_locl.h"
#include <gssapi.h>
+#include <gssapi_krb5.h>
+#include <gssapi_spnego.h>
#define CHECK(x) \
do { \
int __r; \
if ((__r = (x))) { \
krb5_errx(dcontext, 1, "Failed (%d) on %s:%d", \
- __r, __FUNCTION__, __LINE__); \
+ __r, __FILE__, __LINE__); \
} \
} while(0)
return 0;
}
+static krb5_error_code
+store_data_xdr(krb5_storage *sp, krb5_data data)
+{
+ krb5_error_code ret;
+ size_t res;
+
+ ret = krb5_store_data(sp, data);
+ if (ret)
+ return ret;
+ res = 4 - (data.length % 4);
+ if (res != 4) {
+ static const char zero[4] = { 0, 0, 0, 0 };
+
+ ret = krb5_storage_write(sp, zero, res);
+ if(ret != res)
+ return (ret < 0)? errno : krb5_storage_get_eof_code(sp);
+ }
+ return 0;
+}
+
+static krb5_error_code
+ret_data_xdr(krb5_storage *sp, krb5_data *data)
+{
+ krb5_error_code ret;
+ ret = krb5_ret_data(sp, data);
+ if (ret)
+ return ret;
+
+ if ((data->length % 4) != 0) {
+ char buf[4];
+ size_t res;
+
+ res = 4 - (data->length % 4);
+ if (res != 4) {
+ ret = krb5_storage_read(sp, buf, res);
+ if(ret != res)
+ return (ret < 0)? errno : krb5_storage_get_eof_code(sp);
+ }
+ }
+ return 0;
+}
+
static krb5_error_code
ret_auth_opaque(krb5_storage *msg, struct opaque_auth *ao)
{
krb5_error_code ret;
ret = krb5_ret_uint32(msg, &ao->flavor);
if (ret) return ret;
- ret = krb5_ret_data_xdr(msg, &ao->data);
+ ret = ret_data_xdr(msg, &ao->data);
return ret;
}
CHECK(krb5_ret_uint32(sp, &gcred->proc));
CHECK(krb5_ret_uint32(sp, &gcred->seq_num));
CHECK(krb5_ret_uint32(sp, &gcred->service));
- CHECK(krb5_ret_data_xdr(sp, &gcred->handle));
+ CHECK(ret_data_xdr(sp, &gcred->handle));
krb5_storage_free(sp);
out.data = gout->value;
out.length = gout->length;
- ret = krb5_store_data_xdr(sp, handle);
+ ret = store_data_xdr(sp, handle);
if (ret) return ret;
ret = krb5_store_uint32(sp, maj_stat);
if (ret) return ret;
ret = krb5_store_uint32(sp, min_stat);
if (ret) return ret;
- ret = krb5_store_data_xdr(sp, out);
+ ret = store_data_xdr(sp, out);
return ret;
}
} else
krb5_data_zero(&c);
- return krb5_store_data_xdr(sp, c);
+ return store_data_xdr(sp, c);
}
static int
{
krb5_data c;
*str = NULL;
- CHECK(krb5_ret_data_xdr(sp, &c));
+ CHECK(ret_data_xdr(sp, &c));
if (c.length) {
*str = malloc(c.length + 1);
INSIST(*str != NULL);
CHECK(krb5_store_int32(sp, 0)); /* last item */
CHECK(krb5_store_int32(sp, tp->tl_data_type));
- CHECK(krb5_store_data_xdr(sp, c));
+ CHECK(store_data_xdr(sp, c));
}
CHECK(krb5_store_int32(sp, 1)); /* last item */
}
INSIST(*tp != NULL);
CHECK(krb5_ret_uint32(sp, &flag));
(*tp)->tl_data_type = flag;
- CHECK(krb5_ret_data_xdr(sp, &c));
+ CHECK(ret_data_xdr(sp, &c));
(*tp)->tl_data_length = c.length;
(*tp)->tl_data_contents = c.data;
tp = &(*tp)->tl_data_next;
for(i = 0; i < n_keys; i++){
CHECK(krb5_store_uint32(out, new_keys[i].keytype));
- CHECK(krb5_store_data_xdr(out, new_keys[i].keyvalue));
+ CHECK(store_data_xdr(out, new_keys[i].keyvalue));
krb5_free_keyblock_contents(context->context, &new_keys[i]);
}
free(new_keys);
CHECK(krb5_store_uint32(out, 0)); /* code */
}
-struct proc {
+struct krb5_proc {
char *name;
void (*func)(kadm5_server_context *, krb5_storage *, krb5_storage *);
} procs[] = {
INSIST(krb5_data_cmp(&gcred.handle, &gctx.handle) == 0);
- CHECK(krb5_ret_data_xdr(msg, &data));
+ CHECK(ret_data_xdr(msg, &data));
gin.value = data.data;
gin.length = data.length;
*/
CHECK(krb5_store_uint32(dreply, gctx.seq_num));
- if (chdr.proc < sizeof(procs[0])/sizeof(procs)) {
+ if (chdr.proc >= sizeof(procs)/sizeof(procs[0])) {
krb5_warnx(context, "proc number out of array");
} else if (procs[chdr.proc].func == NULL) {
krb5_warnx(context, "proc '%s' never implemented",
INSIST(gctx.inprogress);
- CHECK(krb5_ret_data_xdr(msg, &in));
+ CHECK(ret_data_xdr(msg, &in));
gin.value = in.data;
gin.length = in.length;
krb5_warnx(context, "%s connected", client);
- ret = kadm5_init_with_password_ctx(context,
- client,
- NULL,
- KADM5_ADMIN_SERVICE,
- &realm_params,
- 0, 0,
- &server_handle);
+ ret = kadm5_s_init_with_password_ctx(context,
+ client,
+ NULL,
+ KADM5_ADMIN_SERVICE,
+ &realm_params,
+ 0, 0,
+ &server_handle);
INSIST(ret == 0);
}
data.length = gout.length;
CHECK(krb5_store_uint32(reply, FLAVOR_GSS));
- CHECK(krb5_store_data_xdr(reply, data));
+ CHECK(store_data_xdr(reply, data));
gss_release_buffer(&min_stat, &gout);
CHECK(krb5_store_uint32(reply, 0)); /* SUCCESS */
data.data = gout.value;
data.length = gout.length;
- krb5_store_data_xdr(reply, data);
+ store_data_xdr(reply, data);
gss_release_buffer(&min_stat, &gout);
}
}
int
-handle_mit(krb5_context context, void *buf, size_t len, int fd)
+handle_mit(krb5_context context, void *buf, size_t len, krb5_socket_t sock)
{
krb5_storage *sp;
dcontext = context;
- sp = krb5_storage_from_fd(fd);
+ sp = krb5_storage_from_fd(sock);
INSIST(sp != NULL);
process_stream(context, buf, len, sp);
-
+
return 0;
}