2 * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "krb5_locl.h"
37 struct krb5_rcache_data {
41 krb5_error_code KRB5_LIB_FUNCTION
42 krb5_rc_resolve(krb5_context context,
46 id->name = strdup(name);
47 if(id->name == NULL) {
48 krb5_set_error_message(context, KRB5_RC_MALLOC,
49 N_("malloc: out of memory", ""));
50 return KRB5_RC_MALLOC;
55 krb5_error_code KRB5_LIB_FUNCTION
56 krb5_rc_resolve_type(krb5_context context,
61 if(strcmp(type, "FILE")) {
62 krb5_set_error_message (context, KRB5_RC_TYPE_NOTFOUND,
63 N_("replay cache type %s not supported", ""),
65 return KRB5_RC_TYPE_NOTFOUND;
67 *id = calloc(1, sizeof(**id));
69 krb5_set_error_message(context, KRB5_RC_MALLOC,
70 N_("malloc: out of memory", ""));
71 return KRB5_RC_MALLOC;
76 krb5_error_code KRB5_LIB_FUNCTION
77 krb5_rc_resolve_full(krb5_context context,
79 const char *string_name)
85 if(strncmp(string_name, "FILE:", 5)) {
86 krb5_set_error_message(context, KRB5_RC_TYPE_NOTFOUND,
87 N_("replay cache type %s not supported", ""),
89 return KRB5_RC_TYPE_NOTFOUND;
91 ret = krb5_rc_resolve_type(context, id, "FILE");
94 ret = krb5_rc_resolve(context, *id, string_name + 5);
96 krb5_rc_close(context, *id);
102 const char* KRB5_LIB_FUNCTION
103 krb5_rc_default_name(krb5_context context)
105 return "FILE:/var/run/default_rcache";
108 const char* KRB5_LIB_FUNCTION
109 krb5_rc_default_type(krb5_context context)
114 krb5_error_code KRB5_LIB_FUNCTION
115 krb5_rc_default(krb5_context context,
118 return krb5_rc_resolve_full(context, id, krb5_rc_default_name(context));
123 unsigned char data[16];
126 krb5_error_code KRB5_LIB_FUNCTION
127 krb5_rc_initialize(krb5_context context,
129 krb5_deltat auth_lifespan)
131 FILE *f = fopen(id->name, "w");
137 krb5_set_error_message(context, ret, "open(%s): %s", id->name,
141 tmp.stamp = auth_lifespan;
142 fwrite(&tmp, 1, sizeof(tmp), f);
147 krb5_error_code KRB5_LIB_FUNCTION
148 krb5_rc_recover(krb5_context context,
154 krb5_error_code KRB5_LIB_FUNCTION
155 krb5_rc_destroy(krb5_context context,
160 if(remove(id->name) < 0) {
162 krb5_set_error_message(context, ret, "remove(%s): %s", id->name,
166 return krb5_rc_close(context, id);
169 krb5_error_code KRB5_LIB_FUNCTION
170 krb5_rc_close(krb5_context context,
179 checksum_authenticator(Authenticator *auth, void *data)
185 MD5_Update (&md5, auth->crealm, strlen(auth->crealm));
186 for(i = 0; i < auth->cname.name_string.len; i++)
187 MD5_Update(&md5, auth->cname.name_string.val[i],
188 strlen(auth->cname.name_string.val[i]));
189 MD5_Update (&md5, &auth->ctime, sizeof(auth->ctime));
190 MD5_Update (&md5, &auth->cusec, sizeof(auth->cusec));
191 MD5_Final (data, &md5);
194 krb5_error_code KRB5_LIB_FUNCTION
195 krb5_rc_store(krb5_context context,
197 krb5_donot_replay *rep)
199 struct rc_entry ent, tmp;
204 ent.stamp = time(NULL);
205 checksum_authenticator(rep, ent.data);
206 f = fopen(id->name, "r");
209 krb5_set_error_message(context, ret, "open(%s): %s", id->name,
214 fread(&tmp, sizeof(ent), 1, f);
215 t = ent.stamp - tmp.stamp;
216 while(fread(&tmp, sizeof(ent), 1, f)){
219 if(memcmp(tmp.data, ent.data, sizeof(ent.data)) == 0){
221 krb5_clear_error_message (context);
222 return KRB5_RC_REPLAY;
228 krb5_set_error_message(context, ret, "%s: %s",
229 id->name, strerror(ret));
233 f = fopen(id->name, "a");
235 krb5_set_error_message(context, KRB5_RC_IO_UNKNOWN,
236 "open(%s): %s", id->name,
238 return KRB5_RC_IO_UNKNOWN;
240 fwrite(&ent, 1, sizeof(ent), f);
245 krb5_error_code KRB5_LIB_FUNCTION
246 krb5_rc_expunge(krb5_context context,
252 krb5_error_code KRB5_LIB_FUNCTION
253 krb5_rc_get_lifespan(krb5_context context,
255 krb5_deltat *auth_lifespan)
257 FILE *f = fopen(id->name, "r");
260 r = fread(&ent, sizeof(ent), 1, f);
263 *auth_lifespan = ent.stamp;
266 krb5_clear_error_message (context);
267 return KRB5_RC_IO_UNKNOWN;
270 const char* KRB5_LIB_FUNCTION
271 krb5_rc_get_name(krb5_context context,
277 const char* KRB5_LIB_FUNCTION
278 krb5_rc_get_type(krb5_context context,
284 krb5_error_code KRB5_LIB_FUNCTION
285 krb5_get_server_rcache(krb5_context context,
286 const krb5_data *piece,
292 char *tmp = malloc(4 * piece->length + 1);
296 krb5_set_error_message(context, ENOMEM,
297 N_("malloc: out of memory", ""));
300 strvisx(tmp, piece->data, piece->length, VIS_WHITE | VIS_OCTAL);
302 asprintf(&name, "FILE:rc_%s_%u", tmp, (unsigned)geteuid());
304 asprintf(&name, "FILE:rc_%s", tmp);
308 krb5_set_error_message(context, ENOMEM,
309 N_("malloc: out of memory", ""));
313 ret = krb5_rc_resolve_full(context, &rcache, name);