aboutsummaryrefslogtreecommitdiff
path: root/lib/krb5/replay.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/krb5/replay.c')
-rw-r--r--lib/krb5/replay.c168
1 files changed, 92 insertions, 76 deletions
diff --git a/lib/krb5/replay.c b/lib/krb5/replay.c
index 12894d96a95e..965dd44437d9 100644
--- a/lib/krb5/replay.c
+++ b/lib/krb5/replay.c
@@ -1,78 +1,79 @@
/*
- * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
+ * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
*
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
*
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
*
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
*
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
*
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
*/
#include "krb5_locl.h"
#include <vis.h>
-RCSID("$Id: replay.c 17047 2006-04-10 17:13:49Z lha $");
-
struct krb5_rcache_data {
char *name;
};
-krb5_error_code KRB5_LIB_FUNCTION
+KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_rc_resolve(krb5_context context,
krb5_rcache id,
const char *name)
{
id->name = strdup(name);
if(id->name == NULL) {
- krb5_set_error_string (context, "malloc: out of memory");
+ krb5_set_error_message(context, KRB5_RC_MALLOC,
+ N_("malloc: out of memory", ""));
return KRB5_RC_MALLOC;
}
return 0;
}
-krb5_error_code KRB5_LIB_FUNCTION
+KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_rc_resolve_type(krb5_context context,
krb5_rcache *id,
const char *type)
{
*id = NULL;
if(strcmp(type, "FILE")) {
- krb5_set_error_string (context, "replay cache type %s not supported",
- type);
+ krb5_set_error_message (context, KRB5_RC_TYPE_NOTFOUND,
+ N_("replay cache type %s not supported", ""),
+ type);
return KRB5_RC_TYPE_NOTFOUND;
}
*id = calloc(1, sizeof(**id));
if(*id == NULL) {
- krb5_set_error_string (context, "malloc: out of memory");
+ krb5_set_error_message(context, KRB5_RC_MALLOC,
+ N_("malloc: out of memory", ""));
return KRB5_RC_MALLOC;
}
return 0;
}
-krb5_error_code KRB5_LIB_FUNCTION
+KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_rc_resolve_full(krb5_context context,
krb5_rcache *id,
const char *string_name)
@@ -82,7 +83,8 @@ krb5_rc_resolve_full(krb5_context context,
*id = NULL;
if(strncmp(string_name, "FILE:", 5)) {
- krb5_set_error_string (context, "replay cache type %s not supported",
+ krb5_set_error_message(context, KRB5_RC_TYPE_NOTFOUND,
+ N_("replay cache type %s not supported", ""),
string_name);
return KRB5_RC_TYPE_NOTFOUND;
}
@@ -97,19 +99,19 @@ krb5_rc_resolve_full(krb5_context context,
return ret;
}
-const char* KRB5_LIB_FUNCTION
+KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
krb5_rc_default_name(krb5_context context)
{
return "FILE:/var/run/default_rcache";
}
-const char* KRB5_LIB_FUNCTION
+KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
krb5_rc_default_type(krb5_context context)
{
return "FILE";
}
-krb5_error_code KRB5_LIB_FUNCTION
+KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_rc_default(krb5_context context,
krb5_rcache *id)
{
@@ -121,7 +123,7 @@ struct rc_entry{
unsigned char data[16];
};
-krb5_error_code KRB5_LIB_FUNCTION
+KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_rc_initialize(krb5_context context,
krb5_rcache id,
krb5_deltat auth_lifespan)
@@ -131,9 +133,10 @@ krb5_rc_initialize(krb5_context context,
int ret;
if(f == NULL) {
+ char buf[128];
ret = errno;
- krb5_set_error_string (context, "open(%s): %s", id->name,
- strerror(ret));
+ rk_strerror_r(ret, buf, sizeof(buf));
+ krb5_set_error_message(context, ret, "open(%s): %s", id->name, buf);
return ret;
}
tmp.stamp = auth_lifespan;
@@ -142,29 +145,30 @@ krb5_rc_initialize(krb5_context context,
return 0;
}
-krb5_error_code KRB5_LIB_FUNCTION
+KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_rc_recover(krb5_context context,
krb5_rcache id)
{
return 0;
}
-krb5_error_code KRB5_LIB_FUNCTION
+KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_rc_destroy(krb5_context context,
krb5_rcache id)
{
int ret;
if(remove(id->name) < 0) {
+ char buf[128];
ret = errno;
- krb5_set_error_string (context, "remove(%s): %s", id->name,
- strerror(ret));
+ rk_strerror_r(ret, buf, sizeof(buf));
+ krb5_set_error_message(context, ret, "remove(%s): %s", id->name, buf);
return ret;
}
return krb5_rc_close(context, id);
}
-krb5_error_code KRB5_LIB_FUNCTION
+KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_rc_close(krb5_context context,
krb5_rcache id)
{
@@ -176,20 +180,23 @@ krb5_rc_close(krb5_context context,
static void
checksum_authenticator(Authenticator *auth, void *data)
{
- MD5_CTX md5;
- int i;
+ EVP_MD_CTX *m = EVP_MD_CTX_create();
+ unsigned i;
+
+ EVP_DigestInit_ex(m, EVP_md5(), NULL);
- MD5_Init (&md5);
- MD5_Update (&md5, auth->crealm, strlen(auth->crealm));
+ EVP_DigestUpdate(m, auth->crealm, strlen(auth->crealm));
for(i = 0; i < auth->cname.name_string.len; i++)
- MD5_Update(&md5, auth->cname.name_string.val[i],
+ EVP_DigestUpdate(m, auth->cname.name_string.val[i],
strlen(auth->cname.name_string.val[i]));
- MD5_Update (&md5, &auth->ctime, sizeof(auth->ctime));
- MD5_Update (&md5, &auth->cusec, sizeof(auth->cusec));
- MD5_Final (data, &md5);
+ EVP_DigestUpdate(m, &auth->ctime, sizeof(auth->ctime));
+ EVP_DigestUpdate(m, &auth->cusec, sizeof(auth->cusec));
+
+ EVP_DigestFinal_ex(m, data, NULL);
+ EVP_MD_CTX_destroy(m);
}
-krb5_error_code KRB5_LIB_FUNCTION
+KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_rc_store(krb5_context context,
krb5_rcache id,
krb5_donot_replay *rep)
@@ -203,11 +210,13 @@ krb5_rc_store(krb5_context context,
checksum_authenticator(rep, ent.data);
f = fopen(id->name, "r");
if(f == NULL) {
+ char buf[128];
ret = errno;
- krb5_set_error_string (context, "open(%s): %s", id->name,
- strerror(ret));
+ rk_strerror_r(ret, buf, sizeof(buf));
+ krb5_set_error_message(context, ret, "open(%s): %s", id->name, buf);
return ret;
}
+ rk_cloexec_file(f);
fread(&tmp, sizeof(ent), 1, f);
t = ent.stamp - tmp.stamp;
while(fread(&tmp, sizeof(ent), 1, f)){
@@ -215,21 +224,26 @@ krb5_rc_store(krb5_context context,
continue;
if(memcmp(tmp.data, ent.data, sizeof(ent.data)) == 0){
fclose(f);
- krb5_clear_error_string (context);
+ krb5_clear_error_message (context);
return KRB5_RC_REPLAY;
}
}
if(ferror(f)){
+ char buf[128];
ret = errno;
fclose(f);
- krb5_set_error_string (context, "%s: %s", id->name, strerror(ret));
+ rk_strerror_r(ret, buf, sizeof(buf));
+ krb5_set_error_message(context, ret, "%s: %s",
+ id->name, buf);
return ret;
}
fclose(f);
f = fopen(id->name, "a");
if(f == NULL) {
- krb5_set_error_string (context, "open(%s): %s", id->name,
- strerror(errno));
+ char buf[128];
+ rk_strerror_r(errno, buf, sizeof(buf));
+ krb5_set_error_message(context, KRB5_RC_IO_UNKNOWN,
+ "open(%s): %s", id->name, buf);
return KRB5_RC_IO_UNKNOWN;
}
fwrite(&ent, 1, sizeof(ent), f);
@@ -237,14 +251,14 @@ krb5_rc_store(krb5_context context,
return 0;
}
-krb5_error_code KRB5_LIB_FUNCTION
+KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_rc_expunge(krb5_context context,
krb5_rcache id)
{
return 0;
}
-krb5_error_code KRB5_LIB_FUNCTION
+KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_rc_get_lifespan(krb5_context context,
krb5_rcache id,
krb5_deltat *auth_lifespan)
@@ -258,27 +272,27 @@ krb5_rc_get_lifespan(krb5_context context,
*auth_lifespan = ent.stamp;
return 0;
}
- krb5_clear_error_string (context);
+ krb5_clear_error_message (context);
return KRB5_RC_IO_UNKNOWN;
}
-const char* KRB5_LIB_FUNCTION
+KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
krb5_rc_get_name(krb5_context context,
krb5_rcache id)
{
return id->name;
}
-
-const char* KRB5_LIB_FUNCTION
+
+KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
krb5_rc_get_type(krb5_context context,
krb5_rcache id)
{
return "FILE";
}
-
-krb5_error_code KRB5_LIB_FUNCTION
-krb5_get_server_rcache(krb5_context context,
- const krb5_data *piece,
+
+KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
+krb5_get_server_rcache(krb5_context context,
+ const krb5_data *piece,
krb5_rcache *id)
{
krb5_rcache rcache;
@@ -288,18 +302,20 @@ krb5_get_server_rcache(krb5_context context,
char *name;
if(tmp == NULL) {
- krb5_set_error_string (context, "malloc: out of memory");
+ krb5_set_error_message(context, ENOMEM,
+ N_("malloc: out of memory", ""));
return ENOMEM;
}
strvisx(tmp, piece->data, piece->length, VIS_WHITE | VIS_OCTAL);
#ifdef HAVE_GETEUID
- asprintf(&name, "FILE:rc_%s_%u", tmp, (unsigned)geteuid());
+ ret = asprintf(&name, "FILE:rc_%s_%u", tmp, (unsigned)geteuid());
#else
- asprintf(&name, "FILE:rc_%s", tmp);
+ ret = asprintf(&name, "FILE:rc_%s", tmp);
#endif
free(tmp);
- if(name == NULL) {
- krb5_set_error_string (context, "malloc: out of memory");
+ if(ret < 0 || name == NULL) {
+ krb5_set_error_message(context, ENOMEM,
+ N_("malloc: out of memory", ""));
return ENOMEM;
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-30 16:38:57 +0000