1 /* 2 * Copyright 2002 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6 #pragma ident "%Z%%M% %I% %E% SMI" 7 8 /* 9 * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 10 * 11 * Openvision retains the copyright to derivative works of 12 * this source code. Do *NOT* create a derivative of this 13 * source code before consulting with your legal department. 14 * Do *NOT* integrate *ANY* of this source code into another 15 * product before consulting with your legal department. 16 * 17 * For further information, read the top-level Openvision 18 * copyright which is contained in the top-level MIT Kerberos 19 * copyright. 20 * 21 * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 22 * 23 */ 24 25 26 /* 27 * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved 28 */ 29 30 #include <rpc/rpc.h> 31 #include <krb5.h> 32 #include <k5-int.h> 33 #include <kadm5/admin.h> 34 #include <kadm5/kadm_rpc.h> 35 #include <stdlib.h> 36 #include <string.h> 37 38 static bool_t 39 _xdr_kadm5_principal_ent_rec(XDR *xdrs, kadm5_principal_ent_rec *objp, 40 int v); 41 42 bool_t 43 xdr_krb5_salttype(XDR *xdrs, krb5_int32 *objp); /* SUNWresync121 XXX */ 44 /* 45 * Function: xdr_ui_4 46 * 47 * Purpose: XDR function which serves as a wrapper for xdr_u_int, 48 * to prevent compiler warnings about type clashes between u_int32 49 * and krb5_ui_4. 50 */ 51 bool_t xdr_ui_4(XDR *xdrs, krb5_ui_4 *objp) 52 { 53 /* Assumes that krb5_ui_4 and u_int32 are both four bytes long. 54 This should not be a harmful assumption. */ 55 return xdr_u_int(xdrs, (rpc_u_int32 *) objp); 56 } 57 58 59 /* 60 * Function: xdr_nullstring 61 * 62 * Purpose: XDR function for "strings" that are either NULL-terminated 63 * or NULL. 64 */ 65 bool_t xdr_nullstring(XDR *xdrs, char **objp) 66 { 67 u_int size; 68 69 if (xdrs->x_op == XDR_ENCODE) { 70 if (*objp == NULL) 71 size = 0; 72 else 73 size = strlen(*objp) + 1; 74 } 75 if (! xdr_u_int(xdrs, &size)) { 76 return FALSE; 77 } 78 switch (xdrs->x_op) { 79 case XDR_DECODE: 80 if (size == 0) { 81 *objp = NULL; 82 return TRUE; 83 } else if (*objp == NULL) { 84 *objp = (char *) mem_alloc(size); 85 if (*objp == NULL) { 86 errno = ENOMEM; 87 return FALSE; 88 } 89 } 90 return (xdr_opaque(xdrs, *objp, size)); 91 92 case XDR_ENCODE: 93 if (size != 0) 94 return (xdr_opaque(xdrs, *objp, size)); 95 return TRUE; 96 97 case XDR_FREE: 98 if (*objp != NULL) 99 mem_free(*objp, size); 100 *objp = NULL; 101 return TRUE; 102 } 103 104 return FALSE; 105 } 106 107 /* 108 * Function: xdr_nulltype 109 * 110 * Purpose: XDR function for arbitrary pointer types that are either 111 * NULL or contain data. 112 */ 113 bool_t xdr_nulltype(XDR *xdrs, void **objp, xdrproc_t proc) 114 { 115 bool_t null; 116 117 switch (xdrs->x_op) { 118 case XDR_DECODE: 119 if (!xdr_bool(xdrs, &null)) 120 return FALSE; 121 if (null) { 122 *objp = NULL; 123 return TRUE; 124 } 125 return (*proc)(xdrs, objp); 126 127 case XDR_ENCODE: 128 if (*objp == NULL) 129 null = TRUE; 130 else 131 null = FALSE; 132 if (!xdr_bool(xdrs, &null)) 133 return FALSE; 134 if (null == FALSE) 135 return (*proc)(xdrs, objp); 136 return TRUE; 137 138 case XDR_FREE: 139 if (*objp) 140 return (*proc)(xdrs, objp); 141 return TRUE; 142 } 143 144 return FALSE; 145 } 146 147 bool_t 148 xdr_krb5_timestamp(XDR *xdrs, krb5_timestamp *objp) 149 { 150 /* This assumes that int32 and krb5_timestamp are the same size. 151 This shouldn't be a problem, since we've got a unit test which 152 checks for this. */ 153 if (!xdr_int(xdrs, (rpc_int32 *) objp)) { 154 return (FALSE); 155 } 156 return (TRUE); 157 } 158 159 bool_t 160 xdr_krb5_kvno(XDR *xdrs, krb5_kvno *objp) 161 { 162 unsigned char tmp; 163 164 tmp = '\0'; /* for purify, else xdr_u_char performs a umr */ 165 166 if (xdrs->x_op == XDR_ENCODE) 167 tmp = (unsigned char) *objp; 168 169 if (!xdr_u_char(xdrs, &tmp)) 170 return (FALSE); 171 172 if (xdrs->x_op == XDR_DECODE) 173 *objp = (krb5_kvno) tmp; 174 175 return (TRUE); 176 } 177 178 bool_t 179 xdr_krb5_deltat(XDR *xdrs, krb5_deltat *objp) 180 { 181 /* This assumes that int32 and krb5_deltat are the same size. 182 This shouldn't be a problem, since we've got a unit test which 183 checks for this. */ 184 if (!xdr_int(xdrs, (rpc_int32 *) objp)) { 185 return (FALSE); 186 } 187 return (TRUE); 188 } 189 190 bool_t 191 xdr_krb5_flags(XDR *xdrs, krb5_flags *objp) 192 { 193 /* This assumes that int32 and krb5_flags are the same size. 194 This shouldn't be a problem, since we've got a unit test which 195 checks for this. */ 196 if (!xdr_int(xdrs, (rpc_int32 *) objp)) { 197 return (FALSE); 198 } 199 return (TRUE); 200 } 201 202 bool_t 203 xdr_krb5_ui_4(XDR *xdrs, krb5_ui_4 *objp) 204 { 205 if (!xdr_u_int(xdrs, (rpc_u_int32 *) objp)) { 206 return (FALSE); 207 } 208 return (TRUE); 209 } 210 211 bool_t 212 xdr_krb5_int16(XDR *xdrs, krb5_int16 *objp) 213 { 214 int tmp; 215 216 tmp = (int) *objp; 217 218 if (!xdr_int(xdrs, &tmp)) 219 return(FALSE); 220 221 *objp = (krb5_int16) tmp; 222 223 return(TRUE); 224 } 225 226 bool_t xdr_krb5_key_data_nocontents(XDR *xdrs, krb5_key_data *objp) 227 { 228 /* 229 * Note that this function intentionally DOES NOT tranfer key 230 * length or contents! xdr_krb5_key_data in adb_xdr.c does, but 231 * that is only for use within the server-side library. 232 */ 233 unsigned int tmp; 234 235 if (xdrs->x_op == XDR_DECODE) 236 memset((char *) objp, 0, sizeof(krb5_key_data)); 237 238 if (!xdr_krb5_int16(xdrs, &objp->key_data_ver)) { 239 return (FALSE); 240 } 241 if (!xdr_krb5_int16(xdrs, &objp->key_data_kvno)) { 242 return (FALSE); 243 } 244 if (!xdr_krb5_int16(xdrs, &objp->key_data_type[0])) { 245 return (FALSE); 246 } 247 if (objp->key_data_ver > 1) { 248 if (!xdr_krb5_int16(xdrs, &objp->key_data_type[1])) { 249 return (FALSE); 250 } 251 } 252 /* 253 * kadm5_get_principal on the server side allocates and returns 254 * key contents when asked. Even though this function refuses to 255 * transmit that data, it still has to *free* the data at the 256 * appropriate time to avoid a memory leak. 257 */ 258 if (xdrs->x_op == XDR_FREE) { 259 tmp = (unsigned int) objp->key_data_length[0]; 260 if (!xdr_bytes(xdrs, (char **) &objp->key_data_contents[0], 261 &tmp, ~0)) 262 return FALSE; 263 264 tmp = (unsigned int) objp->key_data_length[1]; 265 if (!xdr_bytes(xdrs, (char **) &objp->key_data_contents[1], 266 &tmp, ~0)) 267 return FALSE; 268 } 269 270 return (TRUE); 271 } 272 273 274 bool_t 275 xdr_krb5_key_salt_tuple(XDR *xdrs, krb5_key_salt_tuple *objp) 276 { 277 if (!xdr_krb5_enctype(xdrs, &objp->ks_enctype)) 278 return FALSE; 279 if (!xdr_krb5_salttype(xdrs, &objp->ks_salttype)) 280 return FALSE; 281 return TRUE; 282 } 283 284 bool_t xdr_krb5_tl_data(XDR *xdrs, krb5_tl_data **tl_data_head) 285 { 286 krb5_tl_data *tl, *tl2; 287 bool_t more; 288 uint len; 289 290 switch (xdrs->x_op) { 291 case XDR_FREE: 292 tl = tl2 = *tl_data_head; 293 while (tl) { 294 tl2 = tl->tl_data_next; 295 free(tl->tl_data_contents); 296 free(tl); 297 tl = tl2; 298 } 299 break; 300 301 case XDR_ENCODE: 302 tl = *tl_data_head; 303 while (1) { 304 more = (tl != NULL); 305 if (!xdr_bool(xdrs, &more)) 306 return FALSE; 307 if (tl == NULL) 308 break; 309 if (!xdr_krb5_int16(xdrs, &tl->tl_data_type)) 310 return FALSE; 311 len = tl->tl_data_length; 312 if (!xdr_bytes(xdrs, (char **) &tl->tl_data_contents, &len, ~0)) 313 return FALSE; 314 tl = tl->tl_data_next; 315 } 316 break; 317 318 case XDR_DECODE: 319 tl = NULL; 320 while (1) { 321 if (!xdr_bool(xdrs, &more)) 322 return FALSE; 323 if (more == FALSE) 324 break; 325 tl2 = (krb5_tl_data *) malloc(sizeof(krb5_tl_data)); 326 if (tl2 == NULL) 327 return FALSE; 328 memset((char *) tl2, 0, sizeof(krb5_tl_data)); 329 if (!xdr_krb5_int16(xdrs, &tl2->tl_data_type)) 330 return FALSE; 331 if (!xdr_bytes(xdrs, (char **)&tl2->tl_data_contents, &len, ~0)) 332 return FALSE; 333 tl2->tl_data_length = len; 334 335 tl2->tl_data_next = tl; 336 tl = tl2; 337 } 338 339 *tl_data_head = tl; 340 break; 341 } 342 343 return TRUE; 344 } 345 346 bool_t 347 xdr_kadm5_ret_t(XDR *xdrs, kadm5_ret_t *objp) 348 { 349 rpc_u_int32 tmp; 350 351 if (xdrs->x_op == XDR_ENCODE) 352 tmp = (rpc_u_int32) *objp; 353 354 if (!xdr_u_int(xdrs, &tmp)) 355 return (FALSE); 356 357 if (xdrs->x_op == XDR_DECODE) 358 *objp = (kadm5_ret_t) tmp; 359 360 return (TRUE); 361 } 362 363 bool_t xdr_kadm5_principal_ent_rec_v1(XDR *xdrs, 364 kadm5_principal_ent_rec *objp) 365 { 366 return _xdr_kadm5_principal_ent_rec(xdrs, objp, KADM5_API_VERSION_1); 367 } 368 369 bool_t xdr_kadm5_principal_ent_rec(XDR *xdrs, 370 kadm5_principal_ent_rec *objp) 371 { 372 return _xdr_kadm5_principal_ent_rec(xdrs, objp, KADM5_API_VERSION_2); 373 } 374 375 static bool_t 376 _xdr_kadm5_principal_ent_rec(XDR *xdrs, kadm5_principal_ent_rec *objp, 377 int v) 378 { 379 unsigned int n; 380 381 if (!xdr_krb5_principal(xdrs, &objp->principal)) { 382 return (FALSE); 383 } 384 if (!xdr_krb5_timestamp(xdrs, &objp->princ_expire_time)) { 385 return (FALSE); 386 } 387 if (!xdr_krb5_timestamp(xdrs, &objp->last_pwd_change)) { 388 return (FALSE); 389 } 390 if (!xdr_krb5_timestamp(xdrs, &objp->pw_expiration)) { 391 return (FALSE); 392 } 393 if (!xdr_krb5_deltat(xdrs, &objp->max_life)) { 394 return (FALSE); 395 } 396 if (v == KADM5_API_VERSION_1) { 397 if (!xdr_krb5_principal(xdrs, &objp->mod_name)) { 398 return (FALSE); 399 } 400 } else { 401 if (!xdr_nulltype(xdrs, (void **) &objp->mod_name, 402 xdr_krb5_principal)) { 403 return (FALSE); 404 } 405 } 406 if (!xdr_krb5_timestamp(xdrs, &objp->mod_date)) { 407 return (FALSE); 408 } 409 if (!xdr_krb5_flags(xdrs, &objp->attributes)) { 410 return (FALSE); 411 } 412 if (!xdr_krb5_kvno(xdrs, &objp->kvno)) { 413 return (FALSE); 414 } 415 if (!xdr_krb5_kvno(xdrs, &objp->mkvno)) { 416 return (FALSE); 417 } 418 if (!xdr_nullstring(xdrs, &objp->policy)) { 419 return (FALSE); 420 } 421 if (!xdr_long(xdrs, &objp->aux_attributes)) { 422 return (FALSE); 423 } 424 if (v != KADM5_API_VERSION_1) { 425 if (!xdr_krb5_deltat(xdrs, &objp->max_renewable_life)) { 426 return (FALSE); 427 } 428 if (!xdr_krb5_timestamp(xdrs, &objp->last_success)) { 429 return (FALSE); 430 } 431 if (!xdr_krb5_timestamp(xdrs, &objp->last_failed)) { 432 return (FALSE); 433 } 434 if (!xdr_krb5_kvno(xdrs, &objp->fail_auth_count)) { 435 return (FALSE); 436 } 437 if (!xdr_krb5_int16(xdrs, &objp->n_key_data)) { 438 return (FALSE); 439 } 440 if (!xdr_krb5_int16(xdrs, &objp->n_tl_data)) { 441 return (FALSE); 442 } 443 if (!xdr_nulltype(xdrs, (void **) &objp->tl_data, 444 xdr_krb5_tl_data)) { 445 return FALSE; 446 } 447 n = objp->n_key_data; 448 if (!xdr_array(xdrs, (caddr_t *) &objp->key_data, 449 &n, ~0, sizeof(krb5_key_data), 450 xdr_krb5_key_data_nocontents)) { 451 return (FALSE); 452 } 453 } 454 return (TRUE); 455 } 456 457 bool_t 458 xdr_kadm5_policy_ent_rec(XDR *xdrs, kadm5_policy_ent_rec *objp) 459 { 460 if (!xdr_nullstring(xdrs, &objp->policy)) { 461 return (FALSE); 462 } 463 /* these all used to be u_int32, but it's stupid for sized types 464 to be exposed at the api, and they're the same as longs on the 465 wire. */ 466 if (!xdr_long(xdrs, &objp->pw_min_life)) { 467 return (FALSE); 468 } 469 if (!xdr_long(xdrs, &objp->pw_max_life)) { 470 return (FALSE); 471 } 472 if (!xdr_long(xdrs, &objp->pw_min_length)) { 473 return (FALSE); 474 } 475 if (!xdr_long(xdrs, &objp->pw_min_classes)) { 476 return (FALSE); 477 } 478 if (!xdr_long(xdrs, &objp->pw_history_num)) { 479 return (FALSE); 480 } 481 if (!xdr_long(xdrs, &objp->policy_refcnt)) { 482 return (FALSE); 483 } 484 return (TRUE); 485 } 486 487 bool_t 488 xdr_cprinc_arg(XDR *xdrs, cprinc_arg *objp) 489 { 490 if (!xdr_ui_4(xdrs, &objp->api_version)) { 491 return (FALSE); 492 } 493 if (objp->api_version == KADM5_API_VERSION_1) { 494 if (!xdr_kadm5_principal_ent_rec_v1(xdrs, &objp->rec)) { 495 return (FALSE); 496 } 497 } else { 498 if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) { 499 return (FALSE); 500 } 501 } 502 if (!xdr_long(xdrs, &objp->mask)) { 503 return (FALSE); 504 } 505 if (!xdr_nullstring(xdrs, &objp->passwd)) { 506 return (FALSE); 507 } 508 return (TRUE); 509 } 510 511 bool_t 512 xdr_cprinc3_arg(XDR *xdrs, cprinc3_arg *objp) 513 { 514 if (!xdr_ui_4(xdrs, &objp->api_version)) { 515 return (FALSE); 516 } 517 if (objp->api_version == KADM5_API_VERSION_1) { 518 if (!xdr_kadm5_principal_ent_rec_v1(xdrs, &objp->rec)) { 519 return (FALSE); 520 } 521 } else { 522 if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) { 523 return (FALSE); 524 } 525 } 526 if (!xdr_long(xdrs, &objp->mask)) { 527 return (FALSE); 528 } 529 if (!xdr_array(xdrs, (caddr_t *)&objp->ks_tuple, 530 (unsigned int *)&objp->n_ks_tuple, ~0, 531 sizeof(krb5_key_salt_tuple), 532 xdr_krb5_key_salt_tuple)) { 533 return (FALSE); 534 } 535 if (!xdr_nullstring(xdrs, &objp->passwd)) { 536 return (FALSE); 537 } 538 return (TRUE); 539 } 540 541 bool_t 542 xdr_generic_ret(XDR *xdrs, generic_ret *objp) 543 { 544 if (!xdr_ui_4(xdrs, &objp->api_version)) { 545 return (FALSE); 546 } 547 if (!xdr_kadm5_ret_t(xdrs, &objp->code)) { 548 return (FALSE); 549 } 550 return(TRUE); 551 } 552 553 bool_t 554 xdr_dprinc_arg(XDR *xdrs, dprinc_arg *objp) 555 { 556 if (!xdr_ui_4(xdrs, &objp->api_version)) { 557 return (FALSE); 558 } 559 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 560 return (FALSE); 561 } 562 return (TRUE); 563 } 564 565 bool_t 566 xdr_mprinc_arg(XDR *xdrs, mprinc_arg *objp) 567 { 568 if (!xdr_ui_4(xdrs, &objp->api_version)) { 569 return (FALSE); 570 } 571 if (objp->api_version == KADM5_API_VERSION_1) { 572 if (!xdr_kadm5_principal_ent_rec_v1(xdrs, &objp->rec)) { 573 return (FALSE); 574 } 575 } else { 576 if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) { 577 return (FALSE); 578 } 579 } 580 if (!xdr_long(xdrs, &objp->mask)) { 581 return (FALSE); 582 } 583 return (TRUE); 584 } 585 586 bool_t 587 xdr_rprinc_arg(XDR *xdrs, rprinc_arg *objp) 588 { 589 if (!xdr_ui_4(xdrs, &objp->api_version)) { 590 return (FALSE); 591 } 592 if (!xdr_krb5_principal(xdrs, &objp->src)) { 593 return (FALSE); 594 } 595 if (!xdr_krb5_principal(xdrs, &objp->dest)) { 596 return (FALSE); 597 } 598 return (TRUE); 599 } 600 601 bool_t 602 xdr_gprincs_arg(XDR *xdrs, gprincs_arg *objp) 603 { 604 if (!xdr_ui_4(xdrs, &objp->api_version)) { 605 return (FALSE); 606 } 607 if (!xdr_nullstring(xdrs, &objp->exp)) { 608 return (FALSE); 609 } 610 return (TRUE); 611 } 612 613 bool_t 614 xdr_gprincs_ret(XDR *xdrs, gprincs_ret *objp) 615 { 616 if (!xdr_ui_4(xdrs, &objp->api_version)) { 617 return (FALSE); 618 } 619 if (!xdr_kadm5_ret_t(xdrs, &objp->code)) { 620 return (FALSE); 621 } 622 if (objp->code == KADM5_OK) { 623 if (!xdr_int(xdrs, &objp->count)) { 624 return (FALSE); 625 } 626 if (!xdr_array(xdrs, (caddr_t *) &objp->princs, 627 (unsigned int *) &objp->count, ~0, 628 sizeof(char *), xdr_nullstring)) { 629 return (FALSE); 630 } 631 } 632 return (TRUE); 633 } 634 635 bool_t 636 xdr_chpass_arg(XDR *xdrs, chpass_arg *objp) 637 { 638 if (!xdr_ui_4(xdrs, &objp->api_version)) { 639 return (FALSE); 640 } 641 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 642 return (FALSE); 643 } 644 if (!xdr_nullstring(xdrs, &objp->pass)) { 645 return (FALSE); 646 } 647 return (TRUE); 648 } 649 650 bool_t 651 xdr_chpass3_arg(XDR *xdrs, chpass3_arg *objp) 652 { 653 if (!xdr_ui_4(xdrs, &objp->api_version)) { 654 return (FALSE); 655 } 656 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 657 return (FALSE); 658 } 659 if (!xdr_bool(xdrs, (bool_t *) &objp->keepold)) { /* SUNWresync121 XXX */ 660 return (FALSE); 661 } 662 if (!xdr_array(xdrs, (caddr_t *)&objp->ks_tuple, 663 (unsigned int*)&objp->n_ks_tuple, ~0, 664 sizeof(krb5_key_salt_tuple), 665 xdr_krb5_key_salt_tuple)) { 666 return (FALSE); 667 } 668 if (!xdr_nullstring(xdrs, &objp->pass)) { 669 return (FALSE); 670 } 671 return (TRUE); 672 } 673 674 bool_t 675 xdr_setv4key_arg(XDR *xdrs, setv4key_arg *objp) 676 { 677 unsigned int n_keys = 1; 678 679 if (!xdr_ui_4(xdrs, &objp->api_version)) { 680 return (FALSE); 681 } 682 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 683 return (FALSE); 684 } 685 if (!xdr_array(xdrs, (caddr_t *) &objp->keyblock, 686 &n_keys, ~0, 687 sizeof(krb5_keyblock), xdr_krb5_keyblock)) { 688 return (FALSE); 689 } 690 return (TRUE); 691 } 692 693 bool_t 694 xdr_setkey_arg(XDR *xdrs, setkey_arg *objp) 695 { 696 if (!xdr_ui_4(xdrs, &objp->api_version)) { 697 return (FALSE); 698 } 699 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 700 return (FALSE); 701 } 702 if (!xdr_array(xdrs, (caddr_t *) &objp->keyblocks, 703 (unsigned int *) &objp->n_keys, ~0, 704 sizeof(krb5_keyblock), xdr_krb5_keyblock)) { 705 return (FALSE); 706 } 707 return (TRUE); 708 } 709 710 bool_t 711 xdr_setkey3_arg(XDR *xdrs, setkey3_arg *objp) 712 { 713 if (!xdr_ui_4(xdrs, &objp->api_version)) { 714 return (FALSE); 715 } 716 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 717 return (FALSE); 718 } 719 if (!xdr_bool(xdrs, (bool_t *) &objp->keepold)) { /* SUNWresync121 XXX */ 720 return (FALSE); 721 } 722 if (!xdr_array(xdrs, (caddr_t *) &objp->ks_tuple, 723 (unsigned int *) &objp->n_ks_tuple, ~0, 724 sizeof(krb5_key_salt_tuple), xdr_krb5_key_salt_tuple)) { 725 return (FALSE); 726 } 727 if (!xdr_array(xdrs, (caddr_t *) &objp->keyblocks, 728 (unsigned int *) &objp->n_keys, ~0, 729 sizeof(krb5_keyblock), xdr_krb5_keyblock)) { 730 return (FALSE); 731 } 732 return (TRUE); 733 } 734 735 bool_t 736 xdr_chrand_arg(XDR *xdrs, chrand_arg *objp) 737 { 738 if (!xdr_ui_4(xdrs, &objp->api_version)) { 739 return (FALSE); 740 } 741 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 742 return (FALSE); 743 } 744 return (TRUE); 745 } 746 747 bool_t 748 xdr_chrand3_arg(XDR *xdrs, chrand3_arg *objp) 749 { 750 if (!xdr_ui_4(xdrs, &objp->api_version)) { 751 return (FALSE); 752 } 753 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 754 return (FALSE); 755 } 756 if (!xdr_bool(xdrs, (bool_t *) &objp->keepold)) { /* SUNWresync121 XXX */ 757 return (FALSE); 758 } 759 if (!xdr_array(xdrs, (caddr_t *)&objp->ks_tuple, 760 (unsigned int*)&objp->n_ks_tuple, ~0, 761 sizeof(krb5_key_salt_tuple), 762 xdr_krb5_key_salt_tuple)) { 763 return (FALSE); 764 } 765 return (TRUE); 766 } 767 768 bool_t 769 xdr_chrand_ret(XDR *xdrs, chrand_ret *objp) 770 { 771 if (!xdr_ui_4(xdrs, &objp->api_version)) { 772 return (FALSE); 773 } 774 if (!xdr_kadm5_ret_t(xdrs, &objp->code)) { 775 return (FALSE); 776 } 777 if (objp->api_version == KADM5_API_VERSION_1) { 778 if(objp->code == KADM5_OK) { 779 if (!xdr_krb5_keyblock(xdrs, &objp->key)) { 780 return (FALSE); 781 } 782 } 783 } else { 784 if (objp->code == KADM5_OK) { 785 if (!xdr_array(xdrs, (char **)&objp->keys, (unsigned int *)&objp->n_keys, ~0, 786 sizeof(krb5_keyblock), 787 xdr_krb5_keyblock)) 788 return FALSE; 789 } 790 } 791 792 return (TRUE); 793 } 794 795 bool_t 796 xdr_gprinc_arg(XDR *xdrs, gprinc_arg *objp) 797 { 798 if (!xdr_ui_4(xdrs, &objp->api_version)) { 799 return (FALSE); 800 } 801 if (!xdr_krb5_principal(xdrs, &objp->princ)) { 802 return (FALSE); 803 } 804 if ((objp->api_version > KADM5_API_VERSION_1) && 805 !xdr_long(xdrs, &objp->mask)) { 806 return FALSE; 807 } 808 809 return (TRUE); 810 } 811 812 bool_t 813 xdr_gprinc_ret(XDR *xdrs, gprinc_ret *objp) 814 { 815 if (!xdr_ui_4(xdrs, &objp->api_version)) { 816 return (FALSE); 817 } 818 if (!xdr_kadm5_ret_t(xdrs, &objp->code)) { 819 return (FALSE); 820 } 821 if(objp->code == KADM5_OK) { 822 if (objp->api_version == KADM5_API_VERSION_1) { 823 if (!xdr_kadm5_principal_ent_rec_v1(xdrs, &objp->rec)) { 824 return (FALSE); 825 } 826 } else { 827 if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) { 828 return (FALSE); 829 } 830 } 831 } 832 return (TRUE); 833 } 834 835 bool_t 836 xdr_cpol_arg(XDR *xdrs, cpol_arg *objp) 837 { 838 if (!xdr_ui_4(xdrs, &objp->api_version)) { 839 return (FALSE); 840 } 841 if (!xdr_kadm5_policy_ent_rec(xdrs, &objp->rec)) { 842 return (FALSE); 843 } 844 if (!xdr_long(xdrs, &objp->mask)) { 845 return (FALSE); 846 } 847 return (TRUE); 848 } 849 850 bool_t 851 xdr_dpol_arg(XDR *xdrs, dpol_arg *objp) 852 { 853 if (!xdr_ui_4(xdrs, &objp->api_version)) { 854 return (FALSE); 855 } 856 if (!xdr_nullstring(xdrs, &objp->name)) { 857 return (FALSE); 858 } 859 return (TRUE); 860 } 861 862 bool_t 863 xdr_mpol_arg(XDR *xdrs, mpol_arg *objp) 864 { 865 if (!xdr_ui_4(xdrs, &objp->api_version)) { 866 return (FALSE); 867 } 868 if (!xdr_kadm5_policy_ent_rec(xdrs, &objp->rec)) { 869 return (FALSE); 870 } 871 if (!xdr_long(xdrs, &objp->mask)) { 872 return (FALSE); 873 } 874 return (TRUE); 875 } 876 877 bool_t 878 xdr_gpol_arg(XDR *xdrs, gpol_arg *objp) 879 { 880 if (!xdr_ui_4(xdrs, &objp->api_version)) { 881 return (FALSE); 882 } 883 if (!xdr_nullstring(xdrs, &objp->name)) { 884 return (FALSE); 885 } 886 return (TRUE); 887 } 888 889 bool_t 890 xdr_gpol_ret(XDR *xdrs, gpol_ret *objp) 891 { 892 if (!xdr_ui_4(xdrs, &objp->api_version)) { 893 return (FALSE); 894 } 895 if (!xdr_kadm5_ret_t(xdrs, &objp->code)) { 896 return (FALSE); 897 } 898 if(objp->code == KADM5_OK) { 899 if (!xdr_kadm5_policy_ent_rec(xdrs, &objp->rec)) 900 return (FALSE); 901 } 902 return (TRUE); 903 } 904 905 bool_t 906 xdr_gpols_arg(XDR *xdrs, gpols_arg *objp) 907 { 908 if (!xdr_ui_4(xdrs, &objp->api_version)) { 909 return (FALSE); 910 } 911 if (!xdr_nullstring(xdrs, &objp->exp)) { 912 return (FALSE); 913 } 914 return (TRUE); 915 } 916 917 bool_t 918 xdr_gpols_ret(XDR *xdrs, gpols_ret *objp) 919 { 920 if (!xdr_ui_4(xdrs, &objp->api_version)) { 921 return (FALSE); 922 } 923 if (!xdr_kadm5_ret_t(xdrs, &objp->code)) { 924 return (FALSE); 925 } 926 if (objp->code == KADM5_OK) { 927 if (!xdr_int(xdrs, &objp->count)) { 928 return (FALSE); 929 } 930 if (!xdr_array(xdrs, (caddr_t *) &objp->pols, 931 (unsigned int *) &objp->count, ~0, 932 sizeof(char *), xdr_nullstring)) { 933 return (FALSE); 934 } 935 } 936 return (TRUE); 937 } 938 939 bool_t xdr_getprivs_ret(XDR *xdrs, getprivs_ret *objp) 940 { 941 if (!xdr_ui_4(xdrs, &objp->api_version)) { 942 return (FALSE); 943 } 944 if (! xdr_kadm5_ret_t(xdrs, &objp->code) || 945 ! xdr_long(xdrs, &objp->privs)) 946 return FALSE; 947 return TRUE; 948 } 949 950 bool_t 951 xdr_krb5_principal(XDR *xdrs, krb5_principal *objp) 952 { 953 int ret; 954 char *p = NULL; 955 krb5_principal pr = NULL; 956 static krb5_context context = NULL; 957 958 /* using a static context here is ugly, but should work 959 ok, and the other solutions are even uglier */ 960 961 if (!context && 962 krb5_init_context(&context)) 963 return(FALSE); 964 965 switch(xdrs->x_op) { 966 case XDR_ENCODE: 967 if (*objp) { 968 if((ret = krb5_unparse_name(context, *objp, &p)) != 0) 969 return FALSE; 970 } 971 if(!xdr_nullstring(xdrs, &p)) 972 return FALSE; 973 if (p) free(p); 974 break; 975 case XDR_DECODE: 976 if(!xdr_nullstring(xdrs, &p)) 977 return FALSE; 978 if (p) { 979 ret = krb5_parse_name(context, p, &pr); 980 if(ret != 0) 981 return FALSE; 982 *objp = pr; 983 free(p); 984 } else 985 *objp = NULL; 986 break; 987 case XDR_FREE: 988 if(*objp != NULL) 989 krb5_free_principal(context, *objp); 990 break; 991 } 992 return TRUE; 993 } 994 995 bool_t 996 xdr_krb5_octet(XDR *xdrs, krb5_octet *objp) 997 { 998 if (!xdr_u_char(xdrs, objp)) 999 return (FALSE); 1000 return (TRUE); 1001 } 1002 1003 bool_t 1004 xdr_krb5_enctype(XDR *xdrs, krb5_enctype *objp) 1005 { 1006 /* 1007 * This used to be xdr_krb5_keytype, but keytypes and enctypes have 1008 * been merged into only enctypes. However, randkey_principal 1009 * already ensures that only a key of ENCTYPE_DES_CBC_CRC will be 1010 * returned to v1 clients, and ENCTYPE_DES_CBC_CRC has the same 1011 * value as KEYTYPE_DES used too, which is what all v1 clients 1012 * expect. Therefore, IMHO, just encoding whatever enctype we get 1013 * is safe. 1014 */ 1015 1016 if (!xdr_u_int(xdrs, (unsigned int *) objp)) 1017 return (FALSE); 1018 return (TRUE); 1019 } 1020 1021 bool_t 1022 xdr_krb5_salttype(XDR *xdrs, krb5_int32 *objp) 1023 { 1024 if (!xdr_int(xdrs, (rpc_int32 *) objp)) /* SUNWresync121 XXX */ 1025 return FALSE; 1026 return TRUE; 1027 } 1028 1029 bool_t 1030 xdr_krb5_keyblock(XDR *xdrs, krb5_keyblock *objp) 1031 { 1032 /* XXX This only works because free_keyblock assumes ->contents 1033 is allocated by malloc() */ 1034 1035 if(!xdr_krb5_enctype(xdrs, &objp->enctype)) 1036 return FALSE; 1037 if(!xdr_bytes(xdrs, (char **) &objp->contents, (unsigned int *) 1038 &objp->length, ~0)) 1039 return FALSE; 1040 return TRUE; 1041 } 1042