summaryrefslogtreecommitdiffstats
path: root/third_party/heimdal/lib/krb5/mk_cred.c
diff options
context:
space:
mode:
Diffstat (limited to 'third_party/heimdal/lib/krb5/mk_cred.c')
-rw-r--r--third_party/heimdal/lib/krb5/mk_cred.c324
1 files changed, 324 insertions, 0 deletions
diff --git a/third_party/heimdal/lib/krb5/mk_cred.c b/third_party/heimdal/lib/krb5/mk_cred.c
new file mode 100644
index 0000000..41e858f
--- /dev/null
+++ b/third_party/heimdal/lib/krb5/mk_cred.c
@@ -0,0 +1,324 @@
+/*
+ * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "krb5_locl.h"
+
+#define CHECKED_ALLOC(dst) do { \
+ if ((ALLOC(dst, 1)) == NULL) { \
+ ret = krb5_enomem(context); \
+ goto out; \
+ } \
+ } while (0)
+
+#define CHECKED_COPY(cp_func, dst, src) do { \
+ if (cp_func(src, dst)) { \
+ ret = krb5_enomem(context); \
+ goto out; \
+ } \
+ } while (0)
+#define CHECKED_COPY_PPC2KCI(cp_func, dst, src) \
+ CHECKED_COPY(cp_func, krb_cred_info->dst, &ppcreds[i]->src)
+
+#define CHECKED_ALLOC_ASSIGN(dst, src) do { \
+ if ((ALLOC(dst, 1)) == NULL) { \
+ ret = krb5_enomem(context); \
+ goto out; \
+ } else \
+ *dst = src; \
+ } while (0)
+#define CHECKED_ALLOC_ASSIGN_PPC2KCI(dst, src) \
+ CHECKED_ALLOC_ASSIGN(krb_cred_info->dst, ppcreds[i]->src)
+
+#define CHECKED_ALLOC_COPY(cp_func, dst, src) do { \
+ if ((ALLOC(dst, 1)) == NULL || cp_func(src, dst)) { \
+ ret = krb5_enomem(context); \
+ goto out; \
+ } \
+ } while (0)
+#define CHECKED_ALLOC_COPY_PPC2KCI(cp_func, dst, src) \
+ CHECKED_ALLOC_COPY(cp_func, krb_cred_info->dst, &ppcreds[i]->src)
+
+/**
+ * Make a KRB-CRED PDU with N credentials.
+ *
+ * @param context A kerberos 5 context.
+ * @param auth_context The auth context with the key to encrypt the out_data.
+ * @param ppcreds A null-terminated array of credentials to forward.
+ * @param ppdata The output KRB-CRED (to be freed by caller).
+ * @param replay_data (unused).
+ *
+ * @return Return an error code or 0.
+ *
+ * @ingroup krb5_credential
+ */
+
+/* ARGSUSED */
+KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
+krb5_mk_ncred(krb5_context context, krb5_auth_context auth_context,
+ krb5_creds **ppcreds, krb5_data **ppdata,
+ krb5_replay_data *replay_data)
+{
+ krb5_error_code ret;
+ krb5_data out_data;
+
+ ret = _krb5_mk_ncred(context, auth_context, ppcreds, &out_data,
+ replay_data);
+ if (ret == 0) {
+ /*
+ * MIT allocates the return structure for no good reason. We do
+ * likewise as, in this case, incompatibility is the greater evil.
+ */
+ *ppdata = calloc(1, sizeof(**ppdata));
+ if (*ppdata) {
+ **ppdata = out_data;
+ } else {
+ krb5_data_free(&out_data);
+ ret = krb5_enomem(context);
+ }
+ }
+
+ return ret;
+}
+
+/* ARGSUSED */
+KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
+_krb5_mk_ncred(krb5_context context,
+ krb5_auth_context auth_context,
+ krb5_creds **ppcreds,
+ krb5_data *out_data,
+ krb5_replay_data *replay_data)
+{
+ krb5_error_code ret;
+ EncKrbCredPart enc_krb_cred_part;
+ KrbCredInfo *krb_cred_info;
+ krb5_crypto crypto;
+ KRB_CRED cred;
+ unsigned char *buf = NULL;
+ size_t ncreds, i;
+ size_t buf_size;
+ size_t len;
+
+ /*
+ * The ownership of 'buf' is re-assigned to a containing structure
+ * multiple times. We enforce an invariant, either buf is non-zero
+ * and we own it, or buf is zero and it is freed or some structure
+ * owns any storage previously allocated as 'buf'.
+ */
+#define CHOWN_BUF(x, buf) do { (x) = (buf); (buf) = 0; } while (0)
+#define DISOWN_BUF(buf) do { free(buf); (buf) = 0; } while (0)
+
+ for (ncreds = 0; ppcreds[ncreds]; ncreds++)
+ ;
+
+ memset (&cred, 0, sizeof(cred));
+ memset (&enc_krb_cred_part, 0, sizeof(enc_krb_cred_part));
+ cred.pvno = 5;
+ cred.msg_type = krb_cred;
+ ALLOC_SEQ(&cred.tickets, ncreds);
+ if (cred.tickets.val == NULL) {
+ ret = krb5_enomem(context);
+ goto out;
+ }
+ ALLOC_SEQ(&enc_krb_cred_part.ticket_info, ncreds);
+ if (enc_krb_cred_part.ticket_info.val == NULL) {
+ ret = krb5_enomem(context);
+ goto out;
+ }
+
+ for (i = 0; i < ncreds; i++) {
+ ret = decode_Ticket(ppcreds[i]->ticket.data,
+ ppcreds[i]->ticket.length,
+ &cred.tickets.val[i],
+ &len);/* don't care about len */
+ if (ret)
+ goto out;
+
+ /* fill ticket_info.val[i] */
+ krb_cred_info = &enc_krb_cred_part.ticket_info.val[i];
+
+ CHECKED_COPY(copy_EncryptionKey,
+ &krb_cred_info->key, &ppcreds[i]->session);
+ CHECKED_ALLOC_COPY_PPC2KCI(copy_Realm, prealm, client->realm);
+ CHECKED_ALLOC_COPY_PPC2KCI(copy_PrincipalName, pname, client->name);
+ CHECKED_ALLOC_ASSIGN_PPC2KCI(flags, flags.b);
+ CHECKED_ALLOC_ASSIGN_PPC2KCI(authtime, times.authtime);
+ CHECKED_ALLOC_ASSIGN_PPC2KCI(starttime, times.starttime);
+ CHECKED_ALLOC_ASSIGN_PPC2KCI(endtime, times.endtime);
+ CHECKED_ALLOC_ASSIGN_PPC2KCI(renew_till, times.renew_till);
+ CHECKED_ALLOC_COPY_PPC2KCI(copy_Realm, srealm, server->realm);
+ CHECKED_ALLOC_COPY_PPC2KCI(copy_PrincipalName, sname, server->name);
+ CHECKED_ALLOC_COPY_PPC2KCI(copy_HostAddresses, caddr, addresses);
+ }
+
+ if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_TIME) {
+ krb5_timestamp sec;
+ int32_t usec;
+
+ krb5_us_timeofday (context, &sec, &usec);
+
+ CHECKED_ALLOC_ASSIGN(enc_krb_cred_part.timestamp, sec);
+ CHECKED_ALLOC_ASSIGN(enc_krb_cred_part.usec, usec);
+ } else {
+ enc_krb_cred_part.timestamp = NULL;
+ enc_krb_cred_part.usec = NULL;
+ /* XXX Er, shouldn't we set the seq nums?? */
+ }
+
+ /* XXX: Is this needed? */
+ if (auth_context->local_address && auth_context->local_port) {
+ ret = krb5_make_addrport(context,
+ &enc_krb_cred_part.s_address,
+ auth_context->local_address,
+ auth_context->local_port);
+ if (ret)
+ goto out;
+ }
+
+ /* XXX: Is this needed? */
+ if (auth_context->remote_address) {
+ if (auth_context->remote_port) {
+ /*
+ * XXX: Should we be checking "no-addresses" for
+ * the receiving realm?
+ */
+ ret = krb5_make_addrport(context,
+ &enc_krb_cred_part.r_address,
+ auth_context->remote_address,
+ auth_context->remote_port);
+ if (ret)
+ goto out;
+ } else {
+ /*
+ * XXX Ugly, make krb5_make_addrport() handle missing port
+ * number (i.e., port == 0), then remove this else.
+ */
+ CHECKED_ALLOC(enc_krb_cred_part.r_address);
+ ret = krb5_copy_address(context, auth_context->remote_address,
+ enc_krb_cred_part.r_address);
+ if (ret)
+ goto out;
+ }
+ }
+
+ /* encode EncKrbCredPart */
+ ASN1_MALLOC_ENCODE(EncKrbCredPart, buf, buf_size,
+ &enc_krb_cred_part, &len, ret);
+ if (ret)
+ goto out;
+
+ /**
+ * Some older of the MIT gssapi library used clear-text tickets
+ * (warped inside AP-REQ encryption), use the krb5_auth_context
+ * flag KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED to support those
+ * tickets. The session key is used otherwise to encrypt the
+ * forwarded ticket.
+ */
+
+ if (auth_context->flags & KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED) {
+ cred.enc_part.etype = KRB5_ENCTYPE_NULL;
+ cred.enc_part.kvno = NULL;
+ CHOWN_BUF(cred.enc_part.cipher.data, buf);
+ cred.enc_part.cipher.length = buf_size;
+ } else {
+ /*
+ * Here older versions then 0.7.2 of Heimdal used the local or
+ * remote subkey. That is wrong, the session key should be
+ * used. Heimdal 0.7.2 and newer have code to try both in the
+ * receiving end.
+ */
+
+ ret = krb5_crypto_init(context, auth_context->keyblock, 0, &crypto);
+ if (ret == 0)
+ ret = krb5_encrypt_EncryptedData(context,
+ crypto,
+ KRB5_KU_KRB_CRED,
+ buf,
+ len,
+ 0,
+ &cred.enc_part);
+ if (ret)
+ goto out;
+ DISOWN_BUF(buf);
+ krb5_crypto_destroy(context, crypto);
+ }
+
+ ASN1_MALLOC_ENCODE(KRB_CRED, buf, buf_size, &cred, &len, ret);
+ if (ret)
+ goto out;
+
+ CHOWN_BUF(out_data->data, buf);
+ out_data->length = len;
+ ret = 0;
+
+ out:
+ free_EncKrbCredPart(&enc_krb_cred_part);
+ free_KRB_CRED(&cred);
+ free(buf);
+ return ret;
+}
+
+/**
+ * Make a KRB-CRED PDU with 1 credential.
+ *
+ * @param context A kerberos 5 context.
+ * @param auth_context The auth context with the key to encrypt the out_data.
+ * @param ppcred A credential to forward.
+ * @param ppdata The output KRB-CRED (to be freed by caller).
+ * @param replay_data (unused).
+ *
+ * @return Return an error code or 0.
+ *
+ * @ingroup krb5_credential
+ */
+
+/* ARGSUSED */
+KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
+krb5_mk_1cred(krb5_context context, krb5_auth_context auth_context,
+ krb5_creds *ppcred, krb5_data **ppdata,
+ krb5_replay_data *replay_data)
+{
+ krb5_creds *ppcreds[2] = { ppcred, NULL };
+
+ return krb5_mk_ncred(context, auth_context, ppcreds, ppdata, replay_data);
+}
+
+/* ARGSUSED */
+KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
+_krb5_mk_1cred(krb5_context context, krb5_auth_context auth_context,
+ krb5_creds *ppcred, krb5_data *ppdata,
+ krb5_replay_data *replay_data)
+{
+ krb5_creds *ppcreds[2] = { ppcred, NULL };
+
+ return _krb5_mk_ncred(context, auth_context, ppcreds, ppdata, replay_data);
+}