Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/krb5/src/kdc/authind.c
34869 views
1
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */

2
/* kdc/authind.c - Functions for manipulating authentication indicator lists */

3
/*

4
 * Copyright (C) 2015 by the Massachusetts Institute of Technology.

5
 * All rights reserved.

6
 *

7
 * Redistribution and use in source and binary forms, with or without

8
 * modification, are permitted provided that the following conditions

9
 * are met:

10
 *

11
 * * Redistributions of source code must retain the above copyright

12
 *   notice, this list of conditions and the following disclaimer.

13
 *

14
 * * Redistributions in binary form must reproduce the above copyright

15
 *   notice, this list of conditions and the following disclaimer in

16
 *   the documentation and/or other materials provided with the

17
 *   distribution.

18
 *

19
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS

20
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT

21
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS

22
 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE

23
 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,

24
 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES

25
 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR

26
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

27
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

28
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

29
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

30
 * OF THE POSSIBILITY OF SUCH DAMAGE.

31
 */

32


33
#include "k5-int.h"

34
#include "kdc_util.h"

35


36
/* Return true if ind matches an entry in indicators. */

37
krb5_boolean

38
authind_contains(krb5_data *const *indicators, const char *ind)

39
{

40
    for (; indicators != NULL && *indicators != NULL; indicators++) {

41
        if (data_eq_string(**indicators, ind))

42
            return TRUE;

43
    }

44
    return FALSE;

45
}

46


47
/* Add ind to *indicators, reallocating as necessary. */

48
krb5_error_code

49
authind_add(krb5_context context, const char *ind, krb5_data ***indicators)

50
{

51
    size_t count;

52
    krb5_data **list = *indicators, *dptr, d;

53


54
    /* Count the number of existing indicators and check for duplicates. */

55
    for (count = 0; list != NULL && list[count] != NULL; count++) {

56
        if (data_eq_string(*list[count], ind))

57
            return 0;

58
    }

59


60
    /* Allocate space for a new entry. */

61
    list = realloc(list, (count + 2) * sizeof(*list));

62
    if (list == NULL)

63
        return ENOMEM;

64
    *indicators = list;

65


66
    /* Add a copy of ind (as a krb5_data object) to the list. */

67
    d = string2data((char *)ind);

68
    if (krb5_copy_data(context, &d, &dptr) != 0)

69
        return ENOMEM;

70
    list[count++] = dptr;

71
    list[count] = NULL;

72
    return 0;

73
}

74


75
/* Add all auth indicators from authdata to *indicators, reallocating as

76
 * necessary.  (Currently does not compress duplicates.) */

77
krb5_error_code

78
authind_extract(krb5_context context, krb5_authdata **authdata,

79
                krb5_data ***indicators)

80
{

81
    krb5_error_code ret;

82
    size_t count, scount;

83
    krb5_authdata **ind_authdata = NULL, **adp;

84
    krb5_data der_indicators, **strings = NULL, **list = *indicators;

85


86
    for (count = 0; list != NULL && list[count] != NULL; count++);

87


88
    ret = krb5_find_authdata(context, authdata, NULL,

89
                             KRB5_AUTHDATA_AUTH_INDICATOR, &ind_authdata);

90
    if (ret)

91
        goto cleanup;

92


93
    for (adp = ind_authdata; adp != NULL && *adp != NULL; adp++) {

94
        /* Decode this authdata element into an auth indicator list. */

95
        der_indicators = make_data((*adp)->contents, (*adp)->length);

96
        ret = decode_utf8_strings(&der_indicators, &strings);

97
        if (ret == ENOMEM)

98
            goto cleanup;

99
        if (ret)

100
            continue;

101


102
        /* Count the entries in strings and allocate space in list. */

103
        for (scount = 0; strings != NULL && strings[scount] != NULL; scount++);

104
        list = realloc(list, (count + scount + 1) * sizeof(*list));

105
        if (list == NULL) {

106
            ret = ENOMEM;

107
            goto cleanup;

108
        }

109
        *indicators = list;

110


111
        /* Steal the krb5_data pointers from strings and free the array. */

112
        memcpy(list + count, strings, scount * sizeof(*strings));

113
        count += scount;

114
        list[count] = NULL;

115
        free(strings);

116
        strings = NULL;

117
    }

118


119
cleanup:

120
    krb5_free_authdata(context, ind_authdata);

121
    k5_free_data_ptr_list(strings);

122
    return ret;

123
}

124


125