1 /* -*- mode: c; c-file-style: "bsd"; indent-tabs-mode: t -*- */ 2 /* 3 * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved 4 */ 5 6 #include <gssrpc/rpc.h> 7 #include <krb5.h> 8 #include <errno.h> 9 #include <kadm5/admin.h> 10 #include <kadm5/kadm_rpc.h> 11 #include <kadm5/admin_xdr.h> 12 #include <stdlib.h> 13 #include <string.h> 14 15 static bool_t 16 _xdr_kadm5_principal_ent_rec(XDR *xdrs, kadm5_principal_ent_rec *objp, 17 int v); 18 static bool_t 19 _xdr_kadm5_policy_ent_rec(XDR *xdrs, kadm5_policy_ent_rec *objp, int vers); 20 21 /* 22 * Function: xdr_ui_4 23 * 24 * Purpose: XDR function which serves as a wrapper for xdr_u_int32, 25 * to prevent compiler warnings about type clashes between u_int32 26 * and krb5_ui_4. 27 */ 28 bool_t xdr_ui_4(XDR *xdrs, krb5_ui_4 *objp) 29 { 30 /* Assumes that krb5_ui_4 and u_int32 are both four bytes long. 31 This should not be a harmful assumption. */ 32 return xdr_u_int32(xdrs, (uint32_t *) objp); 33 } 34 35 36 /* 37 * Function: xdr_nullstring 38 * 39 * Purpose: XDR function for "strings" that are either NULL-terminated 40 * or NULL. 41 */ 42 bool_t xdr_nullstring(XDR *xdrs, char **objp) 43 { 44 u_int size; 45 46 if (xdrs->x_op == XDR_ENCODE) { 47 if (*objp == NULL) 48 size = 0; 49 else 50 size = strlen(*objp) + 1; 51 } 52 if (! xdr_u_int(xdrs, &size)) { 53 return FALSE; 54 } 55 switch (xdrs->x_op) { 56 case XDR_DECODE: 57 if (size == 0) { 58 *objp = NULL; 59 return TRUE; 60 } else if (*objp == NULL) { 61 *objp = (char *) mem_alloc(size); 62 if (*objp == NULL) { 63 errno = ENOMEM; 64 return FALSE; 65 } 66 } 67 if (!xdr_opaque(xdrs, *objp, size)) 68 return FALSE; 69 /* Check that the unmarshalled bytes are a C string. */ 70 if ((*objp)[size - 1] != '\0') 71 return FALSE; 72 if (memchr(*objp, '\0', size - 1) != NULL) 73 return FALSE; 74 return TRUE; 75 76 case XDR_ENCODE: 77 if (size != 0) 78 return (xdr_opaque(xdrs, *objp, size)); 79 return TRUE; 80 81 case XDR_FREE: 82 if (*objp != NULL) 83 mem_free(*objp, size); 84 *objp = NULL; 85 return TRUE; 86 } 87 88 return FALSE; 89 } 90 91 /* 92 * Function: xdr_nulltype 93 * 94 * Purpose: XDR function for arbitrary pointer types that are either 95 * NULL or contain data. 96 */ 97 bool_t xdr_nulltype(XDR *xdrs, void **objp, xdrproc_t proc) 98 { 99 bool_t null; 100 101 switch (xdrs->x_op) { 102 case XDR_DECODE: 103 if (!xdr_bool(xdrs, &null)) 104 return FALSE; 105 if (null) { 106 *objp = NULL; 107 return TRUE; 108 } 109 return (*proc)(xdrs, objp); 110 111 case XDR_ENCODE: 112 if (*objp == NULL) 113 null = TRUE; 114 else 115 null = FALSE; 116 if (!xdr_bool(xdrs, &null)) 117 return FALSE; 118 if (null == FALSE) 119 return (*proc)(xdrs, objp); 120 return TRUE; 121 122 case XDR_FREE: 123 if (*objp) 124 return (*proc)(xdrs, objp); 125 return TRUE; 126 } 127 128 return FALSE; 129 } 130 131 bool_t 132 xdr_krb5_timestamp(XDR *xdrs, krb5_timestamp *objp) 133 { 134 /* This assumes that int32 and krb5_timestamp are the same size. 135 This shouldn't be a problem, since we've got a unit test which 136 checks for this. */ 137 if (!xdr_int32(xdrs, (int32_t *) objp)) { 138 return (FALSE); 139 } 140 return (TRUE); 141 } 142 143 bool_t 144 xdr_krb5_kvno(XDR *xdrs, krb5_kvno *objp) 145 { 146 return xdr_u_int(xdrs, objp); 147 } 148 149 bool_t 150 xdr_krb5_deltat(XDR *xdrs, krb5_deltat *objp) 151 { 152 /* This assumes that int32 and krb5_deltat are the same size. 153 This shouldn't be a problem, since we've got a unit test which 154 checks for this. */ 155 if (!xdr_int32(xdrs, (int32_t *) objp)) { 156 return (FALSE); 157 } 158 return (TRUE); 159 } 160 161 bool_t 162 xdr_krb5_flags(XDR *xdrs, krb5_flags *objp) 163 { 164 /* This assumes that int32 and krb5_flags are the same size. 165 This shouldn't be a problem, since we've got a unit test which 166 checks for this. */ 167 if (!xdr_int32(xdrs, (int32_t *) objp)) { 168 return (FALSE); 169 } 170 return (TRUE); 171 } 172 173 bool_t 174 xdr_krb5_ui_4(XDR *xdrs, krb5_ui_4 *objp) 175 { 176 if (!xdr_u_int32(xdrs, (uint32_t *) objp)) { 177 return (FALSE); 178 } 179 return (TRUE); 180 } 181 182 bool_t 183 xdr_krb5_int16(XDR *xdrs, krb5_int16 *objp) 184 { 185 int tmp; 186 187 tmp = (int) *objp; 188 189 if (!xdr_int(xdrs, &tmp)) 190 return(FALSE); 191 192 *objp = (krb5_int16) tmp; 193 194 return(TRUE); 195 } 196 197 /* 198 * Function: xdr_krb5_ui_2 199 * 200 * Purpose: XDR function which serves as a wrapper for xdr_u_int, 201 * to prevent compiler warnings about type clashes between u_int 202 * and krb5_ui_2. 203 */ 204 bool_t 205 xdr_krb5_ui_2(XDR *xdrs, krb5_ui_2 *objp) 206 { 207 unsigned int tmp; 208 209 tmp = (unsigned int) *objp; 210 211 if (!xdr_u_int(xdrs, &tmp)) 212 return(FALSE); 213 214 *objp = (krb5_ui_2) tmp; 215 216 return(TRUE); 217 } 218 219 220 221 static bool_t xdr_krb5_boolean(XDR *xdrs, krb5_boolean *kbool) 222 { 223 bool_t val; 224 225 switch (xdrs->x_op) { 226 case XDR_DECODE: 227 if (!xdr_bool(xdrs, &val)) 228 return FALSE; 229 230 *kbool = (val == FALSE) ? FALSE : TRUE; 231 return TRUE; 232 233 case XDR_ENCODE: 234 val = *kbool ? TRUE : FALSE; 235 return xdr_bool(xdrs, &val); 236 237 case XDR_FREE: 238 return TRUE; 239 } 240 241 return FALSE; 242 } 243 244 bool_t xdr_krb5_key_data_nocontents(XDR *xdrs, krb5_key_data *objp) 245 { 246 /* 247 * Note that this function intentionally DOES NOT transfer key 248 * length or contents! xdr_krb5_key_data in adb_xdr.c does, but 249 * that is only for use within the server-side library. 250 */ 251 unsigned int tmp; 252 253 if (xdrs->x_op == XDR_DECODE) 254 memset(objp, 0, sizeof(krb5_key_data)); 255 256 if (!xdr_krb5_int16(xdrs, &objp->key_data_ver)) { 257 return (FALSE); 258 } 259 if (!xdr_krb5_ui_2(xdrs, &objp->key_data_kvno)) { 260 return (FALSE); 261 } 262 if (!xdr_krb5_int16(xdrs, &objp->key_data_type[0])) { 263 return (FALSE); 264 } 265 if (objp->key_data_ver > 1) { 266 if (!xdr_krb5_int16(xdrs, &objp->key_data_type[1])) { 267 return (FALSE); 268 } 269 } 270 /* 271 * kadm5_get_principal on the server side allocates and returns 272 * key contents when asked. Even though this function refuses to 273 * transmit that data, it still has to *free* the data at the 274 * appropriate time to avoid a memory leak. 275 */ 276 if (xdrs->x_op == XDR_FREE) { 277 tmp = (unsigned int) objp->key_data_length[0]; 278 if (!xdr_bytes(xdrs, (char **) &objp->key_data_contents[0], 279 &tmp, ~0)) 280 return FALSE; 281 282 tmp = (unsigned int) objp->key_data_length[1]; 283 if (!xdr_bytes(xdrs, (char **) &objp->key_data_contents[1], 284 &tmp, ~0)) 285 return FALSE; 286 } 287 288 return (TRUE); 289 } 290 291 292 bool_t 293 xdr_krb5_key_salt_tuple(XDR *xdrs, krb5_key_salt_tuple *objp) 294 { 295 if (!xdr_krb5_enctype(xdrs, &objp->ks_enctype)) 296 return FALSE; 297 if (!xdr_krb5_salttype(xdrs, &objp->ks_salttype)) 298 return FALSE; 299 return TRUE; 300 } 301 302 bool_t xdr_krb5_tl_data(XDR *xdrs, krb5_tl_data **tl_data_head) 303 { 304 krb5_tl_data *tl, *tl2; 305 bool_t more; 306 unsigned int len; 307 308 switch (xdrs->x_op) { 309 case XDR_FREE: 310 tl = tl2 = *tl_data_head; 311 while (tl) { 312 tl2 = tl->tl_data_next; 313 free(tl->tl_data_contents); 314 free(tl); 315 tl = tl2; 316 } 317 *tl_data_head = NULL; 318 break; 319 320 case XDR_ENCODE: 321 tl = *tl_data_head; 322 while (1) { 323 more = (tl != NULL); 324 if (!xdr_bool(xdrs, &more)) 325 return FALSE; 326 if (tl == NULL) 327 break; 328 if (!xdr_krb5_int16(xdrs, &tl->tl_data_type)) 329 return FALSE; 330 len = tl->tl_data_length; 331 if (!xdr_bytes(xdrs, (char **) &tl->tl_data_contents, &len, ~0)) 332 return FALSE; 333 tl = tl->tl_data_next; 334 } 335 break; 336 337 case XDR_DECODE: 338 tl = NULL; 339 while (1) { 340 if (!xdr_bool(xdrs, &more)) 341 return FALSE; 342 if (more == FALSE) 343 break; 344 tl2 = (krb5_tl_data *) malloc(sizeof(krb5_tl_data)); 345 if (tl2 == NULL) 346 return FALSE; 347 memset(tl2, 0, sizeof(krb5_tl_data)); 348 if (!xdr_krb5_int16(xdrs, &tl2->tl_data_type)) 349 return FALSE; 350 if (!xdr_bytes(xdrs, (char **)&tl2->tl_data_contents, &len, ~0)) 351 return FALSE; 352 tl2->tl_data_length = len; 353 354 tl2->tl_data_next = tl; 355 tl = tl2; 356 } 357 358 *tl_data_head = tl; 359 break; 360 } 361 362 return TRUE; 363 } 364 365 bool_t 366 xdr_kadm5_ret_t(XDR *xdrs, kadm5_ret_t *objp) 367 { 368 uint32_t tmp; 369 370 if (xdrs->x_op == XDR_ENCODE) 371 tmp = (uint32_t) *objp; 372 373 if (!xdr_u_int32(xdrs, &tmp)) 374 return (FALSE); 375 376 if (xdrs->x_op == XDR_DECODE) 377 *objp = (kadm5_ret_t) tmp; 378 379 return (TRUE); 380 } 381 382 bool_t xdr_kadm5_principal_ent_rec(XDR *xdrs, 383 kadm5_principal_ent_rec *objp) 384 { 385 return _xdr_kadm5_principal_ent_rec(xdrs, objp, KADM5_API_VERSION_3); 386 } 387 388 static bool_t 389 _xdr_kadm5_principal_ent_rec(XDR *xdrs, kadm5_principal_ent_rec *objp, 390 int v) 391 { 392 unsigned int n; 393 bool_t r; 394 395 if (!xdr_krb5_principal(xdrs, &objp->principal)) { 396 return (FALSE); 397 } 398 if (!xdr_krb5_timestamp(xdrs, &objp->princ_expire_time)) { 399 return (FALSE); 400 } 401 if (!xdr_krb5_timestamp(xdrs, &objp->last_pwd_change)) { 402 return (FALSE); 403 } 404 if (!xdr_krb5_timestamp(xdrs, &objp->pw_expiration)) { 405 return (FALSE); 406 } 407 if (!xdr_krb5_deltat(xdrs, &objp->max_life)) { 408 return (FALSE); 409 } 410 if (!xdr_nulltype(xdrs, (void **) &objp->mod_name, 411 (xdrproc_t)xdr_krb5_principal)) { 412 return (FALSE); 413 } 414 if (!xdr_krb5_timestamp(xdrs, &objp->mod_date)) { 415 return (FALSE); 416 } 417 if (!xdr_krb5_flags(xdrs, &objp->attributes)) { 418 return (FALSE); 419 } 420 if (!xdr_krb5_kvno(xdrs, &objp->kvno)) { 421 return (FALSE); 422 } 423 if (!xdr_krb5_kvno(xdrs, &objp->mkvno)) { 424 return (FALSE); 425 } 426 if (!xdr_nullstring(xdrs, &objp->policy)) { 427 return (FALSE); 428 } 429 if (!xdr_long(xdrs, &objp->aux_attributes)) { 430 return (FALSE); 431 } 432 if (!xdr_krb5_deltat(xdrs, &objp->max_renewable_life)) { 433 return (FALSE); 434 } 435 if (!xdr_krb5_timestamp(xdrs, &objp->last_success)) { 436 return (FALSE); 437 } 438 if (!xdr_krb5_timestamp(xdrs, &objp->last_failed)) { 439 return (FALSE); 440 } 441 if (!xdr_krb5_kvno(xdrs, &objp->fail_auth_count)) { 442 return (FALSE); 443 } 444 if (!xdr_krb5_int16(xdrs, &objp->n_key_data)) { 445 return (FALSE); 446 } 447 if (xdrs->x_op == XDR_DECODE && objp->n_key_data < 0) { 448 return (FALSE); 449 } 450 if (!xdr_krb5_int16(xdrs, &objp->n_tl_data)) { 451 return (FALSE); 452 } 453 if (!xdr_nulltype(xdrs, (void **) &objp->tl_data, 454 (xdrproc_t)xdr_krb5_tl_data)) { 455 return FALSE; 456 } 457 n = objp->n_key_data; 458 r = xdr_array(xdrs, (caddr_t *) &objp->key_data, &n, objp->n_key_data, 459 sizeof(krb5_key_data), 460 (xdrproc_t)xdr_krb5_key_data_nocontents); 461 objp->n_key_data = n; 462 if (!r) { 463 return (FALSE); 464 } 465 466 return (TRUE); 467 } 468 469 static bool_t 470 _xdr_kadm5_policy_ent_rec(XDR *xdrs, kadm5_policy_ent_rec *objp, int vers) 471 { 472 if (!xdr_nullstring(xdrs, &objp->policy)) { 473 return (FALSE); 474 } 475 /* these all used to be u_int32, but it's stupid for sized types 476 to be exposed at the api, and they're the same as longs on the 477 wire. */ 478 if (!xdr_long(xdrs, &objp->pw_min_life)) { 479 return (FALSE); 480 } 481 if (!xdr_long(xdrs, &objp->pw_max_life)) { 482 return (FALSE); 483 } 484 if (!xdr_long(xdrs, &objp->pw_min_length)) { 485 return (FALSE); 486 } 487 if (!xdr_long(xdrs, &objp->pw_min_classes)) { 488 return (FALSE); 489 } 490 if (!xdr_long(xdrs, &objp->pw_history_num)) { 491 return (FALSE); 492 } 493 if (!xdr_long(xdrs, &objp->policy_refcnt)) { 494 return (FALSE); 495 } 496 if (xdrs->x_op == XDR_DECODE) { 497 objp->pw_max_fail = 0; 498 objp->pw_failcnt_interval = 0; 499 objp->pw_lockout_duration = 0; 500 objp->attributes = 0; 501 objp->max_life = 0; 502 objp->max_renewable_life = 0; 503 objp->allowed_keysalts = NULL; 504 objp->n_tl_data = 0; 505 objp->tl_data = NULL; 506 } 507 if (vers >= KADM5_API_VERSION_3) { 508 if (!xdr_krb5_kvno(xdrs, &objp->pw_max_fail)) 509 return (FALSE); 510 if (!xdr_krb5_deltat(xdrs, &objp->pw_failcnt_interval)) 511 return (FALSE); 512 if (!xdr_krb5_deltat(xdrs, &objp->pw_lockout_duration)) 513 return (FALSE); 514 } 515 if (vers >= KADM5_API_VERSION_4) { 516 if (!xdr_krb5_flags(xdrs, &objp->attributes)) { 517 return (FALSE); 518 } 519 if (!xdr_krb5_deltat(xdrs, &objp->max_life)) { 520 return (FALSE); 521 } 522 if (!xdr_krb5_deltat(xdrs, &objp->max_renewable_life)) { 523 return (FALSE); 524 } 525 if (!xdr_nullstring(xdrs, &objp->allowed_keysalts)) { 526 return (FALSE); 527 } 528 if (!xdr_krb5_int16(xdrs, &objp->n_tl_data)) { 529 return (FALSE); 530 } 531 if (!xdr_nulltype(xdrs, (void **) &objp->tl_data, 532 (xdrproc_t)xdr_krb5_tl_data)) { 533 return FALSE; 534 } 535 } 536 return (TRUE); 537 } 538 539 bool_t 540 xdr_kadm5_policy_ent_rec(XDR *xdrs, kadm5_policy_ent_rec *objp) 541 { 542 return _xdr_kadm5_policy_ent_rec(xdrs, objp, KADM5_API_VERSION_4); 543 } 544 545 bool_t 546 xdr_cprinc_arg(XDR *xdrs, cprinc_arg *objp) 547 { 548 if (!xdr_ui_4(xdrs, &objp->api_version)) { 549 return (FALSE); 550 } 551 if (!_xdr_kadm5_principal_ent_rec(xdrs, &objp->rec, 552 objp->api_version)) { 553 return (FALSE); 554 } 555 if (!xdr_long(xdrs, &objp->mask)) { 556 return (FALSE); 557 } 558 if (!xdr_nullstring(xdrs, &objp->passwd)) { 559 return (FALSE); 560 } 561 return (TRUE); 562 } 563 564 bool_t 565 xdr_cprinc3_arg(XDR *xdrs, cprinc3_arg *objp) 566 { 567 if (!xdr_ui_4(xdrs, &objp->api_version)) { 568 return (FALSE); 569 } 570 if (!_xdr_kadm5_principal_ent_rec(xdrs, &objp->rec, 571 objp->api_version)) { 572 return (FALSE); 573 } 574 if (!xdr_long(xdrs, &objp->mask)) { 575 return (FALSE); 576 } 577 if (!xdr_array(xdrs, (caddr_t *)&objp->ks_tuple, 578 (unsigned int *)&objp->n_ks_tuple, ~0, 579 sizeof(krb5_key_salt_tuple), 580 (xdrproc_t)xdr_krb5_key_salt_tuple)) { 581 return (FALSE); 582 } 583 if (!xdr_nullstring(xdrs, &objp->passwd)) { 584 return (FALSE); 585 } 586 return (TRUE); 587 } 588 589 bool_t 590 xdr_generic_ret(XDR *xdrs, generic_ret *objp) 591 { 592 if (!xdr_ui_4(xdrs, &objp->api_version)) { 593 return (FALSE); 594 } 595 if (!xdr_kadm5_ret_t(xdrs, &objp->code)) { 596 return (FALSE); 597 } 598 599 return(TRUE); 600 } 601 602 bool_t 603 xdr_dprinc_arg(XDR *xdrs, dprinc_arg *objp) 604 { 605 if (!xdr_ui_4(xdrs, &objp->api_version)) { 606 return (FALSE); 607 } 608 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 609 return (FALSE); 610 } 611 return (TRUE); 612 } 613 614 bool_t 615 xdr_mprinc_arg(XDR *xdrs, mprinc_arg *objp) 616 { 617 if (!xdr_ui_4(xdrs, &objp->api_version)) { 618 return (FALSE); 619 } 620 if (!_xdr_kadm5_principal_ent_rec(xdrs, &objp->rec, 621 objp->api_version)) { 622 return (FALSE); 623 } 624 if (!xdr_long(xdrs, &objp->mask)) { 625 return (FALSE); 626 } 627 return (TRUE); 628 } 629 630 bool_t 631 xdr_rprinc_arg(XDR *xdrs, rprinc_arg *objp) 632 { 633 if (!xdr_ui_4(xdrs, &objp->api_version)) { 634 return (FALSE); 635 } 636 if (!xdr_krb5_principal(xdrs, &objp->src)) { 637 return (FALSE); 638 } 639 if (!xdr_krb5_principal(xdrs, &objp->dest)) { 640 return (FALSE); 641 } 642 return (TRUE); 643 } 644 645 bool_t 646 xdr_gprincs_arg(XDR *xdrs, gprincs_arg *objp) 647 { 648 if (!xdr_ui_4(xdrs, &objp->api_version)) { 649 return (FALSE); 650 } 651 if (!xdr_nullstring(xdrs, &objp->exp)) { 652 return (FALSE); 653 } 654 return (TRUE); 655 } 656 657 bool_t 658 xdr_gprincs_ret(XDR *xdrs, gprincs_ret *objp) 659 { 660 if (!xdr_ui_4(xdrs, &objp->api_version)) { 661 return (FALSE); 662 } 663 if (!xdr_kadm5_ret_t(xdrs, &objp->code)) { 664 return (FALSE); 665 } 666 if (objp->code == KADM5_OK) { 667 if (!xdr_int(xdrs, &objp->count)) { 668 return (FALSE); 669 } 670 if (!xdr_array(xdrs, (caddr_t *) &objp->princs, 671 (unsigned int *) &objp->count, ~0, 672 sizeof(char *), (xdrproc_t)xdr_nullstring)) { 673 return (FALSE); 674 } 675 } 676 677 return (TRUE); 678 } 679 680 bool_t 681 xdr_chpass_arg(XDR *xdrs, chpass_arg *objp) 682 { 683 if (!xdr_ui_4(xdrs, &objp->api_version)) { 684 return (FALSE); 685 } 686 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 687 return (FALSE); 688 } 689 if (!xdr_nullstring(xdrs, &objp->pass)) { 690 return (FALSE); 691 } 692 return (TRUE); 693 } 694 695 bool_t 696 xdr_chpass3_arg(XDR *xdrs, chpass3_arg *objp) 697 { 698 if (!xdr_ui_4(xdrs, &objp->api_version)) { 699 return (FALSE); 700 } 701 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 702 return (FALSE); 703 } 704 if (!xdr_krb5_boolean(xdrs, &objp->keepold)) { 705 return (FALSE); 706 } 707 if (!xdr_array(xdrs, (caddr_t *)&objp->ks_tuple, 708 (unsigned int*)&objp->n_ks_tuple, ~0, 709 sizeof(krb5_key_salt_tuple), 710 (xdrproc_t)xdr_krb5_key_salt_tuple)) { 711 return (FALSE); 712 } 713 if (!xdr_nullstring(xdrs, &objp->pass)) { 714 return (FALSE); 715 } 716 return (TRUE); 717 } 718 719 bool_t 720 xdr_setkey_arg(XDR *xdrs, setkey_arg *objp) 721 { 722 if (!xdr_ui_4(xdrs, &objp->api_version)) { 723 return (FALSE); 724 } 725 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 726 return (FALSE); 727 } 728 if (!xdr_array(xdrs, (caddr_t *) &objp->keyblocks, 729 (unsigned int *) &objp->n_keys, ~0, 730 sizeof(krb5_keyblock), (xdrproc_t)xdr_krb5_keyblock)) { 731 return (FALSE); 732 } 733 return (TRUE); 734 } 735 736 bool_t 737 xdr_setkey3_arg(XDR *xdrs, setkey3_arg *objp) 738 { 739 if (!xdr_ui_4(xdrs, &objp->api_version)) { 740 return (FALSE); 741 } 742 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 743 return (FALSE); 744 } 745 if (!xdr_krb5_boolean(xdrs, &objp->keepold)) { 746 return (FALSE); 747 } 748 if (!xdr_array(xdrs, (caddr_t *) &objp->ks_tuple, 749 (unsigned int *) &objp->n_ks_tuple, ~0, 750 sizeof(krb5_key_salt_tuple), 751 (xdrproc_t)xdr_krb5_key_salt_tuple)) { 752 return (FALSE); 753 } 754 if (!xdr_array(xdrs, (caddr_t *) &objp->keyblocks, 755 (unsigned int *) &objp->n_keys, ~0, 756 sizeof(krb5_keyblock), (xdrproc_t)xdr_krb5_keyblock)) { 757 return (FALSE); 758 } 759 return (TRUE); 760 } 761 762 bool_t 763 xdr_setkey4_arg(XDR *xdrs, setkey4_arg *objp) 764 { 765 if (!xdr_ui_4(xdrs, &objp->api_version)) { 766 return FALSE; 767 } 768 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 769 return FALSE; 770 } 771 if (!xdr_krb5_boolean(xdrs, &objp->keepold)) { 772 return FALSE; 773 } 774 if (!xdr_array(xdrs, (caddr_t *) &objp->key_data, 775 (unsigned int *) &objp->n_key_data, ~0, 776 sizeof(kadm5_key_data), 777 (xdrproc_t)xdr_kadm5_key_data)) { 778 return FALSE; 779 } 780 return TRUE; 781 } 782 783 bool_t 784 xdr_chrand_arg(XDR *xdrs, chrand_arg *objp) 785 { 786 if (!xdr_ui_4(xdrs, &objp->api_version)) { 787 return (FALSE); 788 } 789 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 790 return (FALSE); 791 } 792 return (TRUE); 793 } 794 795 bool_t 796 xdr_chrand3_arg(XDR *xdrs, chrand3_arg *objp) 797 { 798 if (!xdr_ui_4(xdrs, &objp->api_version)) { 799 return (FALSE); 800 } 801 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 802 return (FALSE); 803 } 804 if (!xdr_krb5_boolean(xdrs, &objp->keepold)) { 805 return (FALSE); 806 } 807 if (!xdr_array(xdrs, (caddr_t *)&objp->ks_tuple, 808 (unsigned int*)&objp->n_ks_tuple, ~0, 809 sizeof(krb5_key_salt_tuple), 810 (xdrproc_t)xdr_krb5_key_salt_tuple)) { 811 return (FALSE); 812 } 813 return (TRUE); 814 } 815 816 bool_t 817 xdr_chrand_ret(XDR *xdrs, chrand_ret *objp) 818 { 819 if (!xdr_ui_4(xdrs, &objp->api_version)) { 820 return (FALSE); 821 } 822 if (!xdr_kadm5_ret_t(xdrs, &objp->code)) { 823 return (FALSE); 824 } 825 if (objp->code == KADM5_OK) { 826 if (!xdr_array(xdrs, (char **)&objp->keys, 827 (unsigned int *)&objp->n_keys, ~0, 828 sizeof(krb5_keyblock), 829 (xdrproc_t)xdr_krb5_keyblock)) 830 return FALSE; 831 } 832 833 return (TRUE); 834 } 835 836 bool_t 837 xdr_gprinc_arg(XDR *xdrs, gprinc_arg *objp) 838 { 839 if (!xdr_ui_4(xdrs, &objp->api_version)) { 840 return (FALSE); 841 } 842 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 843 return (FALSE); 844 } 845 if (!xdr_long(xdrs, &objp->mask)) { 846 return FALSE; 847 } 848 849 return (TRUE); 850 } 851 852 bool_t 853 xdr_gprinc_ret(XDR *xdrs, gprinc_ret *objp) 854 { 855 if (!xdr_ui_4(xdrs, &objp->api_version)) { 856 return (FALSE); 857 } 858 if (!xdr_kadm5_ret_t(xdrs, &objp->code)) { 859 return (FALSE); 860 } 861 if(objp->code == KADM5_OK) { 862 if (!_xdr_kadm5_principal_ent_rec(xdrs, &objp->rec, 863 objp->api_version)) { 864 return (FALSE); 865 } 866 } 867 868 return (TRUE); 869 } 870 871 bool_t 872 xdr_cpol_arg(XDR *xdrs, cpol_arg *objp) 873 { 874 if (!xdr_ui_4(xdrs, &objp->api_version)) { 875 return (FALSE); 876 } 877 if (!_xdr_kadm5_policy_ent_rec(xdrs, &objp->rec, 878 objp->api_version)) { 879 return (FALSE); 880 } 881 if (!xdr_long(xdrs, &objp->mask)) { 882 return (FALSE); 883 } 884 return (TRUE); 885 } 886 887 bool_t 888 xdr_dpol_arg(XDR *xdrs, dpol_arg *objp) 889 { 890 if (!xdr_ui_4(xdrs, &objp->api_version)) { 891 return (FALSE); 892 } 893 if (!xdr_nullstring(xdrs, &objp->name)) { 894 return (FALSE); 895 } 896 return (TRUE); 897 } 898 899 bool_t 900 xdr_mpol_arg(XDR *xdrs, mpol_arg *objp) 901 { 902 if (!xdr_ui_4(xdrs, &objp->api_version)) { 903 return (FALSE); 904 } 905 if (!_xdr_kadm5_policy_ent_rec(xdrs, &objp->rec, 906 objp->api_version)) { 907 return (FALSE); 908 } 909 if (!xdr_long(xdrs, &objp->mask)) { 910 return (FALSE); 911 } 912 return (TRUE); 913 } 914 915 bool_t 916 xdr_gpol_arg(XDR *xdrs, gpol_arg *objp) 917 { 918 if (!xdr_ui_4(xdrs, &objp->api_version)) { 919 return (FALSE); 920 } 921 if (!xdr_nullstring(xdrs, &objp->name)) { 922 return (FALSE); 923 } 924 return (TRUE); 925 } 926 927 bool_t 928 xdr_gpol_ret(XDR *xdrs, gpol_ret *objp) 929 { 930 if (!xdr_ui_4(xdrs, &objp->api_version)) { 931 return (FALSE); 932 } 933 if (!xdr_kadm5_ret_t(xdrs, &objp->code)) { 934 return (FALSE); 935 } 936 if(objp->code == KADM5_OK) { 937 if (!_xdr_kadm5_policy_ent_rec(xdrs, &objp->rec, 938 objp->api_version)) 939 return (FALSE); 940 } 941 942 return (TRUE); 943 } 944 945 bool_t 946 xdr_gpols_arg(XDR *xdrs, gpols_arg *objp) 947 { 948 if (!xdr_ui_4(xdrs, &objp->api_version)) { 949 return (FALSE); 950 } 951 if (!xdr_nullstring(xdrs, &objp->exp)) { 952 return (FALSE); 953 } 954 return (TRUE); 955 } 956 957 bool_t 958 xdr_gpols_ret(XDR *xdrs, gpols_ret *objp) 959 { 960 if (!xdr_ui_4(xdrs, &objp->api_version)) { 961 return (FALSE); 962 } 963 if (!xdr_kadm5_ret_t(xdrs, &objp->code)) { 964 return (FALSE); 965 } 966 if (objp->code == KADM5_OK) { 967 if (!xdr_int(xdrs, &objp->count)) { 968 return (FALSE); 969 } 970 if (!xdr_array(xdrs, (caddr_t *) &objp->pols, 971 (unsigned int *) &objp->count, ~0, 972 sizeof(char *), (xdrproc_t)xdr_nullstring)) { 973 return (FALSE); 974 } 975 } 976 977 return (TRUE); 978 } 979 980 bool_t xdr_getprivs_ret(XDR *xdrs, getprivs_ret *objp) 981 { 982 if (!xdr_ui_4(xdrs, &objp->api_version)) { 983 return (FALSE); 984 } 985 if (! xdr_kadm5_ret_t(xdrs, &objp->code) || 986 ! xdr_long(xdrs, &objp->privs)) 987 return FALSE; 988 989 return TRUE; 990 } 991 992 bool_t 993 xdr_purgekeys_arg(XDR *xdrs, purgekeys_arg *objp) 994 { 995 if (!xdr_ui_4(xdrs, &objp->api_version)) { 996 return (FALSE); 997 } 998 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 999 return (FALSE); 1000 } 1001 if (!xdr_int(xdrs, &objp->keepkvno)) { 1002 return FALSE; 1003 } 1004 1005 return (TRUE); 1006 } 1007 1008 bool_t 1009 xdr_gstrings_arg(XDR *xdrs, gstrings_arg *objp) 1010 { 1011 if (!xdr_ui_4(xdrs, &objp->api_version)) { 1012 return (FALSE); 1013 } 1014 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 1015 return (FALSE); 1016 } 1017 1018 return (TRUE); 1019 } 1020 1021 bool_t 1022 xdr_gstrings_ret(XDR *xdrs, gstrings_ret *objp) 1023 { 1024 if (!xdr_ui_4(xdrs, &objp->api_version)) { 1025 return (FALSE); 1026 } 1027 if (!xdr_kadm5_ret_t(xdrs, &objp->code)) { 1028 return (FALSE); 1029 } 1030 if (objp->code == KADM5_OK) { 1031 if (!xdr_int(xdrs, &objp->count)) { 1032 return (FALSE); 1033 } 1034 if (!xdr_array(xdrs, (caddr_t *) &objp->strings, 1035 (unsigned int *) &objp->count, ~0, 1036 sizeof(krb5_string_attr), 1037 (xdrproc_t)xdr_krb5_string_attr)) { 1038 return (FALSE); 1039 } 1040 } 1041 1042 return (TRUE); 1043 } 1044 1045 bool_t 1046 xdr_sstring_arg(XDR *xdrs, sstring_arg *objp) 1047 { 1048 if (!xdr_ui_4(xdrs, &objp->api_version)) { 1049 return (FALSE); 1050 } 1051 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 1052 return (FALSE); 1053 } 1054 if (!xdr_nullstring(xdrs, &objp->key)) { 1055 return (FALSE); 1056 } 1057 if (!xdr_nullstring(xdrs, &objp->value)) { 1058 return (FALSE); 1059 } 1060 1061 return (TRUE); 1062 } 1063 1064 bool_t 1065 xdr_krb5_principal(XDR *xdrs, krb5_principal *objp) 1066 { 1067 int ret; 1068 char *p = NULL; 1069 krb5_principal pr = NULL; 1070 static krb5_context context = NULL; 1071 1072 /* using a static context here is ugly, but should work 1073 ok, and the other solutions are even uglier */ 1074 1075 if (!context && 1076 kadm5_init_krb5_context(&context)) 1077 return(FALSE); 1078 1079 switch(xdrs->x_op) { 1080 case XDR_ENCODE: 1081 if (*objp) { 1082 if((ret = krb5_unparse_name(context, *objp, &p)) != 0) 1083 return FALSE; 1084 } 1085 if(!xdr_nullstring(xdrs, &p)) 1086 return FALSE; 1087 if (p) free(p); 1088 break; 1089 case XDR_DECODE: 1090 if(!xdr_nullstring(xdrs, &p)) 1091 return FALSE; 1092 if (p) { 1093 ret = krb5_parse_name(context, p, &pr); 1094 if(ret != 0) 1095 return FALSE; 1096 *objp = pr; 1097 free(p); 1098 } else 1099 *objp = NULL; 1100 break; 1101 case XDR_FREE: 1102 if(*objp != NULL) 1103 krb5_free_principal(context, *objp); 1104 *objp = NULL; 1105 break; 1106 } 1107 return TRUE; 1108 } 1109 1110 bool_t 1111 xdr_krb5_octet(XDR *xdrs, krb5_octet *objp) 1112 { 1113 if (!xdr_u_char(xdrs, objp)) 1114 return (FALSE); 1115 return (TRUE); 1116 } 1117 1118 bool_t 1119 xdr_krb5_enctype(XDR *xdrs, krb5_enctype *objp) 1120 { 1121 if (!xdr_int32(xdrs, (int32_t *) objp)) 1122 return (FALSE); 1123 return (TRUE); 1124 } 1125 1126 bool_t 1127 xdr_krb5_salttype(XDR *xdrs, krb5_int32 *objp) 1128 { 1129 if (!xdr_int32(xdrs, (int32_t *) objp)) 1130 return FALSE; 1131 return TRUE; 1132 } 1133 1134 bool_t 1135 xdr_krb5_keyblock(XDR *xdrs, krb5_keyblock *objp) 1136 { 1137 char *cp; 1138 1139 /* XXX This only works because free_keyblock assumes ->contents 1140 is allocated by malloc() */ 1141 if(!xdr_krb5_enctype(xdrs, &objp->enctype)) 1142 return FALSE; 1143 cp = (char *)objp->contents; 1144 if(!xdr_bytes(xdrs, &cp, &objp->length, ~0)) 1145 return FALSE; 1146 objp->contents = (uint8_t *)cp; 1147 return TRUE; 1148 } 1149 1150 bool_t 1151 xdr_krb5_string_attr(XDR *xdrs, krb5_string_attr *objp) 1152 { 1153 if (!xdr_nullstring(xdrs, &objp->key)) 1154 return FALSE; 1155 if (!xdr_nullstring(xdrs, &objp->value)) 1156 return FALSE; 1157 if (xdrs->x_op == XDR_DECODE && 1158 (objp->key == NULL || objp->value == NULL)) 1159 return FALSE; 1160 return TRUE; 1161 } 1162 1163 bool_t 1164 xdr_kadm5_key_data(XDR *xdrs, kadm5_key_data *objp) 1165 { 1166 if (!xdr_krb5_kvno(xdrs, &objp->kvno)) 1167 return FALSE; 1168 if (!xdr_krb5_keyblock(xdrs, &objp->key)) 1169 return FALSE; 1170 if (!xdr_krb5_int16(xdrs, &objp->salt.type)) 1171 return FALSE; 1172 if (!xdr_bytes(xdrs, &objp->salt.data.data, 1173 &objp->salt.data.length, ~0)) 1174 return FALSE; 1175 return TRUE; 1176 } 1177 1178 bool_t 1179 xdr_getpkeys_arg(XDR *xdrs, getpkeys_arg *objp) 1180 { 1181 if (!xdr_ui_4(xdrs, &objp->api_version)) { 1182 return FALSE; 1183 } 1184 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 1185 return FALSE; 1186 } 1187 if (!xdr_krb5_kvno(xdrs, &objp->kvno)) { 1188 return FALSE; 1189 } 1190 return TRUE; 1191 } 1192 1193 bool_t 1194 xdr_getpkeys_ret(XDR *xdrs, getpkeys_ret *objp) 1195 { 1196 if (!xdr_ui_4(xdrs, &objp->api_version)) { 1197 return FALSE; 1198 } 1199 if (!xdr_kadm5_ret_t(xdrs, &objp->code)) { 1200 return FALSE; 1201 } 1202 if (objp->code == KADM5_OK) { 1203 if (!xdr_array(xdrs, (caddr_t *) &objp->key_data, 1204 (unsigned int *) &objp->n_key_data, ~0, 1205 sizeof(kadm5_key_data), 1206 (xdrproc_t)xdr_kadm5_key_data)) { 1207 return FALSE; 1208 } 1209 } 1210 return TRUE; 1211 } 1212 1213 bool_t 1214 xdr_calias_arg(XDR *xdrs, calias_arg *objp) 1215 { 1216 if (!xdr_ui_4(xdrs, &objp->api_version)) { 1217 return (FALSE); 1218 } 1219 if (!xdr_krb5_principal(xdrs, &objp->alias)) { 1220 return (FALSE); 1221 } 1222 if (!xdr_krb5_principal(xdrs, &objp->target)) { 1223 return (FALSE); 1224 } 1225 return (TRUE); 1226 } 1227