1 /* 2 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6 7 /* 8 * lib/krb5/keytab/ktbase.c 9 * 10 * Copyright 1990 by the Massachusetts Institute of Technology. 11 * All Rights Reserved. 12 * 13 * Export of this software from the United States of America may 14 * require a specific license from the United States Government. 15 * It is the responsibility of any person or organization contemplating 16 * export to obtain such a license before exporting. 17 * 18 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 19 * distribute this software and its documentation for any purpose and 20 * without fee is hereby granted, provided that the above copyright 21 * notice appear in all copies and that both that copyright notice and 22 * this permission notice appear in supporting documentation, and that 23 * the name of M.I.T. not be used in advertising or publicity pertaining 24 * to distribution of the software without specific, written prior 25 * permission. Furthermore if you modify this software you must label 26 * your software as modified software and not distribute it in such a 27 * fashion that it might be confused with the original M.I.T. software. 28 * M.I.T. makes no representations about the suitability of 29 * this software for any purpose. It is provided "as is" without express 30 * or implied warranty. 31 * 32 * 33 * Registration functions for keytab. 34 */ 35 36 #include "k5-int.h" 37 #include "k5-thread.h" 38 #include "kt-int.h" 39 40 extern const krb5_kt_ops krb5_ktf_ops; 41 extern const krb5_kt_ops krb5_ktf_writable_ops; 42 extern const krb5_kt_ops krb5_kts_ops; 43 44 struct krb5_kt_typelist { 45 const krb5_kt_ops *ops; 46 const struct krb5_kt_typelist *next; 47 }; 48 /* Solaris Kerberos */ 49 static const struct krb5_kt_typelist krb5_kt_typelist_wrfile = { 50 &krb5_ktf_writable_ops, 51 0 52 }; 53 /* Solaris Kerberos */ 54 static const struct krb5_kt_typelist krb5_kt_typelist_file = { 55 &krb5_ktf_ops, 56 &krb5_kt_typelist_wrfile 57 }; 58 /* Solaris Kerberos */ 59 static const struct krb5_kt_typelist krb5_kt_typelist_srvtab = { 60 &krb5_kts_ops, 61 &krb5_kt_typelist_file 62 }; 63 static const struct krb5_kt_typelist *kt_typehead = &krb5_kt_typelist_srvtab; 64 /* Lock for protecting the type list. */ 65 static k5_mutex_t kt_typehead_lock = K5_MUTEX_PARTIAL_INITIALIZER; 66 67 int krb5int_kt_initialize(void) 68 { 69 return k5_mutex_finish_init(&kt_typehead_lock); 70 } 71 72 void 73 krb5int_kt_finalize(void) 74 { 75 struct krb5_kt_typelist *t, *t_next; 76 k5_mutex_destroy(&kt_typehead_lock); 77 /* Solaris Kerberos */ 78 for (t = (struct krb5_kt_typelist *)kt_typehead; t != &krb5_kt_typelist_srvtab; 79 t = t_next) { 80 t_next = (struct krb5_kt_typelist *)t->next; 81 free(t); 82 } 83 } 84 85 86 /* 87 * Register a new key table type 88 * don't replace if it already exists; return an error instead. 89 */ 90 /*ARGSUSED*/ 91 krb5_error_code KRB5_CALLCONV 92 krb5_kt_register(krb5_context context, const krb5_kt_ops *ops) 93 { 94 const struct krb5_kt_typelist *t; 95 struct krb5_kt_typelist *newt; 96 krb5_error_code err; 97 98 err = k5_mutex_lock(&kt_typehead_lock); 99 if (err) 100 return err; 101 for (t = kt_typehead; t && strcmp(t->ops->prefix,ops->prefix);t = t->next) 102 ; 103 if (t) { 104 k5_mutex_unlock(&kt_typehead_lock); 105 return KRB5_KT_TYPE_EXISTS; 106 } 107 if (!(newt = (struct krb5_kt_typelist *) malloc(sizeof(*t)))) { 108 k5_mutex_unlock(&kt_typehead_lock); 109 return ENOMEM; 110 } 111 newt->next = kt_typehead; 112 newt->ops = ops; 113 kt_typehead = newt; 114 k5_mutex_unlock(&kt_typehead_lock); 115 return 0; 116 } 117 118 /* 119 * Resolve a key table name into a keytab object. 120 * 121 * The name is currently constrained to be of the form "type:residual"; 122 * 123 * The "type" portion corresponds to one of the registered key table 124 * types, while the "residual" portion is specific to the 125 * particular keytab type. 126 */ 127 128 #include <ctype.h> 129 krb5_error_code KRB5_CALLCONV 130 krb5_kt_resolve (krb5_context context, const char *name, krb5_keytab *ktid) 131 { 132 const struct krb5_kt_typelist *tlist; 133 char *pfx; 134 unsigned int pfxlen; 135 const char *cp, *resid; 136 krb5_error_code err; 137 138 cp = strchr (name, ':'); 139 if (!cp) { 140 return (*krb5_kt_dfl_ops.resolve)(context, name, ktid); 141 } 142 143 pfxlen = cp - name; 144 145 if ( pfxlen == 1 && isalpha((unsigned char) name[0]) ) { 146 /* We found a drive letter not a prefix - use FILE */ 147 pfx = strdup("FILE"); 148 if (!pfx) 149 return ENOMEM; 150 151 resid = name; 152 } else { 153 resid = name + pfxlen + 1; 154 155 pfx = malloc (pfxlen+1); 156 if (!pfx) 157 return ENOMEM; 158 159 memcpy (pfx, name, pfxlen); 160 pfx[pfxlen] = '\0'; 161 } 162 163 *ktid = (krb5_keytab) 0; 164 165 err = k5_mutex_lock(&kt_typehead_lock); 166 if (err) 167 return err; 168 tlist = kt_typehead; 169 /* Don't need to hold the lock, since entries are never modified 170 or removed once they're in the list. Just need to protect 171 access to the list head variable itself. */ 172 k5_mutex_unlock(&kt_typehead_lock); 173 for (; tlist; tlist = tlist->next) { 174 if (strcmp (tlist->ops->prefix, pfx) == 0) { 175 free(pfx); 176 return (*tlist->ops->resolve)(context, resid, ktid); 177 } 178 } 179 free(pfx); 180 return KRB5_KT_UNKNOWN_TYPE; 181 } 182 183 /* 184 * Routines to deal with externalizingt krb5_keytab. 185 * krb5_keytab_size(); 186 * krb5_keytab_externalize(); 187 * krb5_keytab_internalize(); 188 */ 189 static krb5_error_code krb5_keytab_size 190 (krb5_context, krb5_pointer, size_t *); 191 static krb5_error_code krb5_keytab_externalize 192 (krb5_context, krb5_pointer, krb5_octet **, size_t *); 193 static krb5_error_code krb5_keytab_internalize 194 (krb5_context,krb5_pointer *, krb5_octet **, size_t *); 195 196 /* 197 * Serialization entry for this type. 198 */ 199 static const krb5_ser_entry krb5_keytab_ser_entry = { 200 KV5M_KEYTAB, /* Type */ 201 krb5_keytab_size, /* Sizer routine */ 202 krb5_keytab_externalize, /* Externalize routine */ 203 krb5_keytab_internalize /* Internalize routine */ 204 }; 205 206 static krb5_error_code 207 krb5_keytab_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) 208 { 209 krb5_error_code kret; 210 krb5_keytab keytab; 211 krb5_ser_handle shandle; 212 213 kret = EINVAL; 214 /* Solaris Kerberos */ 215 keytab = (krb5_keytab) arg; 216 shandle = (krb5_ser_handle) keytab->ops->serializer; 217 if ((keytab != NULL) && (keytab->ops) && 218 (shandle != NULL) && (shandle->sizer)) 219 kret = (*shandle->sizer)(kcontext, arg, sizep); 220 return(kret); 221 } 222 223 static krb5_error_code 224 krb5_keytab_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain) 225 { 226 krb5_error_code kret; 227 krb5_keytab keytab; 228 krb5_ser_handle shandle; 229 230 kret = EINVAL; 231 /* Solaris Kerberos */ 232 keytab = (krb5_keytab) arg; 233 shandle = (krb5_ser_handle) keytab->ops->serializer; 234 if ((keytab != NULL) && (keytab->ops) && 235 (shandle != NULL) && (shandle->externalizer)) 236 kret = (*shandle->externalizer)(kcontext, arg, buffer, lenremain); 237 return(kret); 238 } 239 240 static krb5_error_code 241 krb5_keytab_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet **buffer, size_t *lenremain) 242 { 243 krb5_error_code kret; 244 krb5_ser_handle shandle; 245 246 kret = EINVAL; 247 /* Solaris Kerberos */ 248 shandle = (krb5_ser_handle) krb5_kt_dfl_ops.serializer; 249 if ((shandle != NULL) && (shandle->internalizer)) 250 kret = (*shandle->internalizer)(kcontext, argp, buffer, lenremain); 251 return(kret); 252 } 253 254 krb5_error_code KRB5_CALLCONV 255 krb5_ser_keytab_init(krb5_context kcontext) 256 { 257 return(krb5_register_serializer(kcontext, &krb5_keytab_ser_entry)); 258 } 259