1b528cefcSMark Murray /* 2b528cefcSMark Murray * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska H�gskolan 3b528cefcSMark Murray * (Royal Institute of Technology, Stockholm, Sweden). 4b528cefcSMark Murray * All rights reserved. 5b528cefcSMark Murray * 6b528cefcSMark Murray * Redistribution and use in source and binary forms, with or without 7b528cefcSMark Murray * modification, are permitted provided that the following conditions 8b528cefcSMark Murray * are met: 9b528cefcSMark Murray * 10b528cefcSMark Murray * 1. Redistributions of source code must retain the above copyright 11b528cefcSMark Murray * notice, this list of conditions and the following disclaimer. 12b528cefcSMark Murray * 13b528cefcSMark Murray * 2. Redistributions in binary form must reproduce the above copyright 14b528cefcSMark Murray * notice, this list of conditions and the following disclaimer in the 15b528cefcSMark Murray * documentation and/or other materials provided with the distribution. 16b528cefcSMark Murray * 17b528cefcSMark Murray * 3. Neither the name of the Institute nor the names of its contributors 18b528cefcSMark Murray * may be used to endorse or promote products derived from this software 19b528cefcSMark Murray * without specific prior written permission. 20b528cefcSMark Murray * 21b528cefcSMark Murray * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22b528cefcSMark Murray * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23b528cefcSMark Murray * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24b528cefcSMark Murray * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25b528cefcSMark Murray * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26b528cefcSMark Murray * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27b528cefcSMark Murray * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28b528cefcSMark Murray * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29b528cefcSMark Murray * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30b528cefcSMark Murray * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31b528cefcSMark Murray * SUCH DAMAGE. 32b528cefcSMark Murray */ 33b528cefcSMark Murray 34b528cefcSMark Murray #include "krb5_locl.h" 35b528cefcSMark Murray 36b528cefcSMark Murray RCSID("$Id: auth_context.c,v 1.50 1999/12/02 17:05:07 joda Exp $"); 37b528cefcSMark Murray 38b528cefcSMark Murray krb5_error_code 39b528cefcSMark Murray krb5_auth_con_init(krb5_context context, 40b528cefcSMark Murray krb5_auth_context *auth_context) 41b528cefcSMark Murray { 42b528cefcSMark Murray krb5_auth_context p; 43b528cefcSMark Murray 44b528cefcSMark Murray ALLOC(p, 1); 45b528cefcSMark Murray if(!p) 46b528cefcSMark Murray return ENOMEM; 47b528cefcSMark Murray memset(p, 0, sizeof(*p)); 48b528cefcSMark Murray ALLOC(p->authenticator, 1); 49b528cefcSMark Murray if (!p->authenticator) { 50b528cefcSMark Murray free(p); 51b528cefcSMark Murray return ENOMEM; 52b528cefcSMark Murray } 53b528cefcSMark Murray memset (p->authenticator, 0, sizeof(*p->authenticator)); 54b528cefcSMark Murray p->flags = KRB5_AUTH_CONTEXT_DO_TIME; 55b528cefcSMark Murray 56b528cefcSMark Murray p->local_address = NULL; 57b528cefcSMark Murray p->remote_address = NULL; 58b528cefcSMark Murray p->local_port = 0; 59b528cefcSMark Murray p->remote_port = 0; 60b528cefcSMark Murray p->keytype = KEYTYPE_NULL; 61b528cefcSMark Murray p->cksumtype = CKSUMTYPE_NONE; 62b528cefcSMark Murray *auth_context = p; 63b528cefcSMark Murray return 0; 64b528cefcSMark Murray } 65b528cefcSMark Murray 66b528cefcSMark Murray krb5_error_code 67b528cefcSMark Murray krb5_auth_con_free(krb5_context context, 68b528cefcSMark Murray krb5_auth_context auth_context) 69b528cefcSMark Murray { 70b528cefcSMark Murray krb5_free_authenticator(context, &auth_context->authenticator); 71b528cefcSMark Murray if(auth_context->local_address){ 72b528cefcSMark Murray free_HostAddress(auth_context->local_address); 73b528cefcSMark Murray free(auth_context->local_address); 74b528cefcSMark Murray } 75b528cefcSMark Murray if(auth_context->remote_address){ 76b528cefcSMark Murray free_HostAddress(auth_context->remote_address); 77b528cefcSMark Murray free(auth_context->remote_address); 78b528cefcSMark Murray } 79b528cefcSMark Murray if(auth_context->keyblock) 80b528cefcSMark Murray krb5_free_keyblock(context, auth_context->keyblock); 81b528cefcSMark Murray krb5_free_keyblock(context, auth_context->remote_subkey); 82b528cefcSMark Murray krb5_free_keyblock(context, auth_context->local_subkey); 83b528cefcSMark Murray free (auth_context); 84b528cefcSMark Murray return 0; 85b528cefcSMark Murray } 86b528cefcSMark Murray 87b528cefcSMark Murray krb5_error_code 88b528cefcSMark Murray krb5_auth_con_setflags(krb5_context context, 89b528cefcSMark Murray krb5_auth_context auth_context, 90b528cefcSMark Murray int32_t flags) 91b528cefcSMark Murray { 92b528cefcSMark Murray auth_context->flags = flags; 93b528cefcSMark Murray return 0; 94b528cefcSMark Murray } 95b528cefcSMark Murray 96b528cefcSMark Murray 97b528cefcSMark Murray krb5_error_code 98b528cefcSMark Murray krb5_auth_con_getflags(krb5_context context, 99b528cefcSMark Murray krb5_auth_context auth_context, 100b528cefcSMark Murray int32_t *flags) 101b528cefcSMark Murray { 102b528cefcSMark Murray *flags = auth_context->flags; 103b528cefcSMark Murray return 0; 104b528cefcSMark Murray } 105b528cefcSMark Murray 106b528cefcSMark Murray 107b528cefcSMark Murray krb5_error_code 108b528cefcSMark Murray krb5_auth_con_setaddrs(krb5_context context, 109b528cefcSMark Murray krb5_auth_context auth_context, 110b528cefcSMark Murray krb5_address *local_addr, 111b528cefcSMark Murray krb5_address *remote_addr) 112b528cefcSMark Murray { 113b528cefcSMark Murray if (local_addr) { 114b528cefcSMark Murray if (auth_context->local_address) 115b528cefcSMark Murray krb5_free_address (context, auth_context->local_address); 116b528cefcSMark Murray else 117b528cefcSMark Murray auth_context->local_address = malloc(sizeof(krb5_address)); 118b528cefcSMark Murray krb5_copy_address(context, local_addr, auth_context->local_address); 119b528cefcSMark Murray } 120b528cefcSMark Murray if (remote_addr) { 121b528cefcSMark Murray if (auth_context->remote_address) 122b528cefcSMark Murray krb5_free_address (context, auth_context->remote_address); 123b528cefcSMark Murray else 124b528cefcSMark Murray auth_context->remote_address = malloc(sizeof(krb5_address)); 125b528cefcSMark Murray krb5_copy_address(context, remote_addr, auth_context->remote_address); 126b528cefcSMark Murray } 127b528cefcSMark Murray return 0; 128b528cefcSMark Murray } 129b528cefcSMark Murray 130b528cefcSMark Murray krb5_error_code 131b528cefcSMark Murray krb5_auth_con_setaddrs_from_fd (krb5_context context, 132b528cefcSMark Murray krb5_auth_context auth_context, 133b528cefcSMark Murray void *p_fd) 134b528cefcSMark Murray { 135b528cefcSMark Murray int fd = *((int *)p_fd); 136b528cefcSMark Murray krb5_error_code ret; 137b528cefcSMark Murray krb5_address local_k_address, remote_k_address; 138b528cefcSMark Murray krb5_address *lptr = NULL, *rptr = NULL; 139b528cefcSMark Murray struct sockaddr_storage ss_local, ss_remote; 140b528cefcSMark Murray struct sockaddr *local = (struct sockaddr *)&ss_local; 141b528cefcSMark Murray struct sockaddr *remote = (struct sockaddr *)&ss_remote; 142b528cefcSMark Murray int len; 143b528cefcSMark Murray 144b528cefcSMark Murray if (auth_context->local_address == NULL) { 145b528cefcSMark Murray len = sizeof(ss_local); 146b528cefcSMark Murray if(getsockname(fd, local, &len) < 0) { 147b528cefcSMark Murray ret = errno; 148b528cefcSMark Murray goto out; 149b528cefcSMark Murray } 150b528cefcSMark Murray krb5_sockaddr2address (local, &local_k_address); 151b528cefcSMark Murray krb5_sockaddr2port (local, &auth_context->local_port); 152b528cefcSMark Murray lptr = &local_k_address; 153b528cefcSMark Murray } 154b528cefcSMark Murray if (auth_context->remote_address == NULL) { 155b528cefcSMark Murray len = sizeof(ss_remote); 156b528cefcSMark Murray if(getpeername(fd, remote, &len) < 0) { 157b528cefcSMark Murray ret = errno; 158b528cefcSMark Murray goto out; 159b528cefcSMark Murray } 160b528cefcSMark Murray krb5_sockaddr2address (remote, &remote_k_address); 161b528cefcSMark Murray krb5_sockaddr2port (remote, &auth_context->remote_port); 162b528cefcSMark Murray rptr = &remote_k_address; 163b528cefcSMark Murray } 164b528cefcSMark Murray ret = krb5_auth_con_setaddrs (context, 165b528cefcSMark Murray auth_context, 166b528cefcSMark Murray lptr, 167b528cefcSMark Murray rptr); 168b528cefcSMark Murray out: 169b528cefcSMark Murray if (lptr) 170b528cefcSMark Murray krb5_free_address (context, lptr); 171b528cefcSMark Murray if (rptr) 172b528cefcSMark Murray krb5_free_address (context, rptr); 173b528cefcSMark Murray return ret; 174b528cefcSMark Murray } 175b528cefcSMark Murray 176b528cefcSMark Murray krb5_error_code 177b528cefcSMark Murray krb5_auth_con_getaddrs(krb5_context context, 178b528cefcSMark Murray krb5_auth_context auth_context, 179b528cefcSMark Murray krb5_address **local_addr, 180b528cefcSMark Murray krb5_address **remote_addr) 181b528cefcSMark Murray { 182b528cefcSMark Murray if(*local_addr) 183b528cefcSMark Murray krb5_free_address (context, *local_addr); 184b528cefcSMark Murray *local_addr = malloc (sizeof(**local_addr)); 185b528cefcSMark Murray if (*local_addr == NULL) 186b528cefcSMark Murray return ENOMEM; 187b528cefcSMark Murray krb5_copy_address(context, 188b528cefcSMark Murray auth_context->local_address, 189b528cefcSMark Murray *local_addr); 190b528cefcSMark Murray 191b528cefcSMark Murray if(*remote_addr) 192b528cefcSMark Murray krb5_free_address (context, *remote_addr); 193b528cefcSMark Murray *remote_addr = malloc (sizeof(**remote_addr)); 194b528cefcSMark Murray if (*remote_addr == NULL) 195b528cefcSMark Murray return ENOMEM; 196b528cefcSMark Murray krb5_copy_address(context, 197b528cefcSMark Murray auth_context->remote_address, 198b528cefcSMark Murray *remote_addr); 199b528cefcSMark Murray return 0; 200b528cefcSMark Murray } 201b528cefcSMark Murray 202b528cefcSMark Murray static krb5_error_code 203b528cefcSMark Murray copy_key(krb5_context context, 204b528cefcSMark Murray krb5_keyblock *in, 205b528cefcSMark Murray krb5_keyblock **out) 206b528cefcSMark Murray { 207b528cefcSMark Murray if(in) 208b528cefcSMark Murray return krb5_copy_keyblock(context, in, out); 209b528cefcSMark Murray *out = NULL; /* is this right? */ 210b528cefcSMark Murray return 0; 211b528cefcSMark Murray } 212b528cefcSMark Murray 213b528cefcSMark Murray krb5_error_code 214b528cefcSMark Murray krb5_auth_con_getkey(krb5_context context, 215b528cefcSMark Murray krb5_auth_context auth_context, 216b528cefcSMark Murray krb5_keyblock **keyblock) 217b528cefcSMark Murray { 218b528cefcSMark Murray return copy_key(context, auth_context->keyblock, keyblock); 219b528cefcSMark Murray } 220b528cefcSMark Murray 221b528cefcSMark Murray krb5_error_code 222b528cefcSMark Murray krb5_auth_con_getlocalsubkey(krb5_context context, 223b528cefcSMark Murray krb5_auth_context auth_context, 224b528cefcSMark Murray krb5_keyblock **keyblock) 225b528cefcSMark Murray { 226b528cefcSMark Murray return copy_key(context, auth_context->local_subkey, keyblock); 227b528cefcSMark Murray } 228b528cefcSMark Murray 229b528cefcSMark Murray krb5_error_code 230b528cefcSMark Murray krb5_auth_con_getremotesubkey(krb5_context context, 231b528cefcSMark Murray krb5_auth_context auth_context, 232b528cefcSMark Murray krb5_keyblock **keyblock) 233b528cefcSMark Murray { 234b528cefcSMark Murray return copy_key(context, auth_context->remote_subkey, keyblock); 235b528cefcSMark Murray } 236b528cefcSMark Murray 237b528cefcSMark Murray krb5_error_code 238b528cefcSMark Murray krb5_auth_con_setkey(krb5_context context, 239b528cefcSMark Murray krb5_auth_context auth_context, 240b528cefcSMark Murray krb5_keyblock *keyblock) 241b528cefcSMark Murray { 242b528cefcSMark Murray if(auth_context->keyblock) 243b528cefcSMark Murray krb5_free_keyblock(context, auth_context->keyblock); 244b528cefcSMark Murray return copy_key(context, keyblock, &auth_context->keyblock); 245b528cefcSMark Murray } 246b528cefcSMark Murray 247b528cefcSMark Murray krb5_error_code 248b528cefcSMark Murray krb5_auth_con_setlocalsubkey(krb5_context context, 249b528cefcSMark Murray krb5_auth_context auth_context, 250b528cefcSMark Murray krb5_keyblock *keyblock) 251b528cefcSMark Murray { 252b528cefcSMark Murray if(auth_context->local_subkey) 253b528cefcSMark Murray krb5_free_keyblock(context, auth_context->local_subkey); 254b528cefcSMark Murray return copy_key(context, keyblock, &auth_context->local_subkey); 255b528cefcSMark Murray } 256b528cefcSMark Murray 257b528cefcSMark Murray krb5_error_code 258b528cefcSMark Murray krb5_auth_con_setremotesubkey(krb5_context context, 259b528cefcSMark Murray krb5_auth_context auth_context, 260b528cefcSMark Murray krb5_keyblock *keyblock) 261b528cefcSMark Murray { 262b528cefcSMark Murray if(auth_context->remote_subkey) 263b528cefcSMark Murray krb5_free_keyblock(context, auth_context->remote_subkey); 264b528cefcSMark Murray return copy_key(context, keyblock, &auth_context->remote_subkey); 265b528cefcSMark Murray } 266b528cefcSMark Murray 267b528cefcSMark Murray krb5_error_code 268b528cefcSMark Murray krb5_auth_setcksumtype(krb5_context context, 269b528cefcSMark Murray krb5_auth_context auth_context, 270b528cefcSMark Murray krb5_cksumtype cksumtype) 271b528cefcSMark Murray { 272b528cefcSMark Murray auth_context->cksumtype = cksumtype; 273b528cefcSMark Murray return 0; 274b528cefcSMark Murray } 275b528cefcSMark Murray 276b528cefcSMark Murray krb5_error_code 277b528cefcSMark Murray krb5_auth_getcksumtype(krb5_context context, 278b528cefcSMark Murray krb5_auth_context auth_context, 279b528cefcSMark Murray krb5_cksumtype *cksumtype) 280b528cefcSMark Murray { 281b528cefcSMark Murray *cksumtype = auth_context->cksumtype; 282b528cefcSMark Murray return 0; 283b528cefcSMark Murray } 284b528cefcSMark Murray 285b528cefcSMark Murray krb5_error_code 286b528cefcSMark Murray krb5_auth_setkeytype (krb5_context context, 287b528cefcSMark Murray krb5_auth_context auth_context, 288b528cefcSMark Murray krb5_keytype keytype) 289b528cefcSMark Murray { 290b528cefcSMark Murray auth_context->keytype = keytype; 291b528cefcSMark Murray return 0; 292b528cefcSMark Murray } 293b528cefcSMark Murray 294b528cefcSMark Murray krb5_error_code 295b528cefcSMark Murray krb5_auth_getkeytype (krb5_context context, 296b528cefcSMark Murray krb5_auth_context auth_context, 297b528cefcSMark Murray krb5_keytype *keytype) 298b528cefcSMark Murray { 299b528cefcSMark Murray *keytype = auth_context->keytype; 300b528cefcSMark Murray return 0; 301b528cefcSMark Murray } 302b528cefcSMark Murray 303b528cefcSMark Murray #if 0 304b528cefcSMark Murray krb5_error_code 305b528cefcSMark Murray krb5_auth_setenctype(krb5_context context, 306b528cefcSMark Murray krb5_auth_context auth_context, 307b528cefcSMark Murray krb5_enctype etype) 308b528cefcSMark Murray { 309b528cefcSMark Murray if(auth_context->keyblock) 310b528cefcSMark Murray krb5_free_keyblock(context, auth_context->keyblock); 311b528cefcSMark Murray ALLOC(auth_context->keyblock, 1); 312b528cefcSMark Murray if(auth_context->keyblock == NULL) 313b528cefcSMark Murray return ENOMEM; 314b528cefcSMark Murray auth_context->keyblock->keytype = etype; 315b528cefcSMark Murray return 0; 316b528cefcSMark Murray } 317b528cefcSMark Murray 318b528cefcSMark Murray krb5_error_code 319b528cefcSMark Murray krb5_auth_getenctype(krb5_context context, 320b528cefcSMark Murray krb5_auth_context auth_context, 321b528cefcSMark Murray krb5_enctype *etype) 322b528cefcSMark Murray { 323b528cefcSMark Murray krb5_abortx(context, "unimplemented krb5_auth_getenctype called"); 324b528cefcSMark Murray } 325b528cefcSMark Murray #endif 326b528cefcSMark Murray 327b528cefcSMark Murray krb5_error_code 328b528cefcSMark Murray krb5_auth_getlocalseqnumber(krb5_context context, 329b528cefcSMark Murray krb5_auth_context auth_context, 330b528cefcSMark Murray int32_t *seqnumber) 331b528cefcSMark Murray { 332b528cefcSMark Murray *seqnumber = auth_context->local_seqnumber; 333b528cefcSMark Murray return 0; 334b528cefcSMark Murray } 335b528cefcSMark Murray 336b528cefcSMark Murray krb5_error_code 337b528cefcSMark Murray krb5_auth_setlocalseqnumber (krb5_context context, 338b528cefcSMark Murray krb5_auth_context auth_context, 339b528cefcSMark Murray int32_t seqnumber) 340b528cefcSMark Murray { 341b528cefcSMark Murray auth_context->local_seqnumber = seqnumber; 342b528cefcSMark Murray return 0; 343b528cefcSMark Murray } 344b528cefcSMark Murray 345b528cefcSMark Murray krb5_error_code 346b528cefcSMark Murray krb5_auth_getremoteseqnumber(krb5_context context, 347b528cefcSMark Murray krb5_auth_context auth_context, 348b528cefcSMark Murray int32_t *seqnumber) 349b528cefcSMark Murray { 350b528cefcSMark Murray *seqnumber = auth_context->remote_seqnumber; 351b528cefcSMark Murray return 0; 352b528cefcSMark Murray } 353b528cefcSMark Murray 354b528cefcSMark Murray krb5_error_code 355b528cefcSMark Murray krb5_auth_setremoteseqnumber (krb5_context context, 356b528cefcSMark Murray krb5_auth_context auth_context, 357b528cefcSMark Murray int32_t seqnumber) 358b528cefcSMark Murray { 359b528cefcSMark Murray auth_context->remote_seqnumber = seqnumber; 360b528cefcSMark Murray return 0; 361b528cefcSMark Murray } 362b528cefcSMark Murray 363b528cefcSMark Murray 364b528cefcSMark Murray krb5_error_code 365b528cefcSMark Murray krb5_auth_getauthenticator(krb5_context context, 366b528cefcSMark Murray krb5_auth_context auth_context, 367b528cefcSMark Murray krb5_authenticator *authenticator) 368b528cefcSMark Murray { 369b528cefcSMark Murray *authenticator = malloc(sizeof(**authenticator)); 370b528cefcSMark Murray if (*authenticator == NULL) 371b528cefcSMark Murray return ENOMEM; 372b528cefcSMark Murray 373b528cefcSMark Murray copy_Authenticator(auth_context->authenticator, 374b528cefcSMark Murray *authenticator); 375b528cefcSMark Murray return 0; 376b528cefcSMark Murray } 377b528cefcSMark Murray 378b528cefcSMark Murray 379b528cefcSMark Murray void 380b528cefcSMark Murray krb5_free_authenticator(krb5_context context, 381b528cefcSMark Murray krb5_authenticator *authenticator) 382b528cefcSMark Murray { 383b528cefcSMark Murray free_Authenticator (*authenticator); 384b528cefcSMark Murray free (*authenticator); 385b528cefcSMark Murray *authenticator = NULL; 386b528cefcSMark Murray } 387b528cefcSMark Murray 388b528cefcSMark Murray 389b528cefcSMark Murray krb5_error_code 390b528cefcSMark Murray krb5_auth_con_setuserkey(krb5_context context, 391b528cefcSMark Murray krb5_auth_context auth_context, 392b528cefcSMark Murray krb5_keyblock *keyblock) 393b528cefcSMark Murray { 394b528cefcSMark Murray if(auth_context->keyblock) 395b528cefcSMark Murray krb5_free_keyblock(context, auth_context->keyblock); 396b528cefcSMark Murray return krb5_copy_keyblock(context, keyblock, &auth_context->keyblock); 397b528cefcSMark Murray } 398b528cefcSMark Murray 399b528cefcSMark Murray #if 0 /* not implemented */ 400b528cefcSMark Murray 401b528cefcSMark Murray krb5_error_code 402b528cefcSMark Murray krb5_auth_con_initivector(krb5_context context, 403b528cefcSMark Murray krb5_auth_context auth_context) 404b528cefcSMark Murray { 405b528cefcSMark Murray krb5_abortx(context, "unimplemented krb5_auth_con_initivector called"); 406b528cefcSMark Murray } 407b528cefcSMark Murray 408b528cefcSMark Murray 409b528cefcSMark Murray krb5_error_code 410b528cefcSMark Murray krb5_auth_con_setivector(krb5_context context, 411b528cefcSMark Murray krb5_auth_context auth_context, 412b528cefcSMark Murray krb5_pointer ivector) 413b528cefcSMark Murray { 414b528cefcSMark Murray krb5_abortx(context, "unimplemented krb5_auth_con_setivector called"); 415b528cefcSMark Murray } 416b528cefcSMark Murray 417b528cefcSMark Murray 418b528cefcSMark Murray krb5_error_code 419b528cefcSMark Murray krb5_auth_con_setrcache(krb5_context context, 420b528cefcSMark Murray krb5_auth_context auth_context, 421b528cefcSMark Murray krb5_rcache rcache) 422b528cefcSMark Murray { 423b528cefcSMark Murray krb5_abortx(context, "unimplemented krb5_auth_con_setrcache called"); 424b528cefcSMark Murray } 425b528cefcSMark Murray 426b528cefcSMark Murray #endif /* not implemented */ 427