From ecf87aec8e5fde32f8f3e72849b434308900917d Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Mon, 22 May 2006 17:12:49 +0000 Subject: [PATCH] Source files containing common routines used by both the client and the server. git-svn-id: svn://anonsvn.mit.edu/krb5/branches/ccapi@18027 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/ccapi/common/NTMakefile | 15 + src/lib/ccapi/common/generic_lists.c | 402 +++++++++++++++++ src/lib/ccapi/common/marshall.c | 440 +++++++++++++++++++ src/lib/ccapi/common/msg.c | 628 +++++++++++++++++++++++++++ 4 files changed, 1485 insertions(+) create mode 100644 src/lib/ccapi/common/NTMakefile create mode 100644 src/lib/ccapi/common/generic_lists.c create mode 100644 src/lib/ccapi/common/marshall.c create mode 100644 src/lib/ccapi/common/msg.c diff --git a/src/lib/ccapi/common/NTMakefile b/src/lib/ccapi/common/NTMakefile new file mode 100644 index 000000000..d0d92fcbd --- /dev/null +++ b/src/lib/ccapi/common/NTMakefile @@ -0,0 +1,15 @@ +!INCLUDE + +CFLAGS = -I../include $(cdebug) $(cflags) $(cvarsdll) + +CC_COMMON_OBJS = marshall.obj msg.obj generic_lists.obj + +CC_COMMON_LIB = cc_common.lib + +$(CC_COMMON_LIB): $(CC_COMMON_OBJS) + $(implib) /NOLOGO /OUT:$@ $** + +all: $(CC_COMMON_LIB) + +clean: + del *.obj *.lib diff --git a/src/lib/ccapi/common/generic_lists.c b/src/lib/ccapi/common/generic_lists.c new file mode 100644 index 000000000..a48c528f9 --- /dev/null +++ b/src/lib/ccapi/common/generic_lists.c @@ -0,0 +1,402 @@ +/* $Copyright: +* +* Copyright 2004-2006 by the Massachusetts Institute of Technology. +* +* All rights reserved. +* +* Export of this software from the United States of America may require a +* specific license from the United States Government. It is the +* responsibility of any person or organization contemplating export to +* obtain such a license before exporting. +* +* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and distribute +* this software and its documentation for any purpose and without fee is +* hereby granted, provided that the above copyright notice appear in all +* copies and that both that copyright notice and this permission notice +* appear in supporting documentation, and that the name of M.I.T. not be +* used in advertising or publicity pertaining to distribution of the +* software without specific, written prior permission. Furthermore if you +* modify this software you must label your software as modified software +* and not distribute it in such a fashion that it might be confused with +* the original MIT software. M.I.T. makes no representations about the +* suitability of this software for any purpose. It is provided "as is" +* without express or implied warranty. +* +* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED +* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF +* MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. +* +* Individual source code files are copyright MIT, Cygnus Support, +* OpenVision, Oracle, Sun Soft, FundsXpress, and others. +* +* Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira, +* and Zephyr are trademarks of the Massachusetts Institute of Technology +* (MIT). No commercial use of these trademarks may be made without prior +* written permission of MIT. +* +* "Commercial use" means use of a name in a product or other for-profit +* manner. It does NOT prevent a commercial firm from referring to the MIT +* trademarks in order to convey information (although in doing so, +* recognition of their trademark status should be given). +* $ +*/ + + +/* + * Lists implementation. + * + */ + +#include +#include +#include + +#include "CredentialsCache.h" +#include "generic_lists.h" + +/* this is an incomplete enumeration just including the generic type */ +enum cc_list_type { + generic = 0 +}; + +/** + * cci_generic_iterate_has_next() + * + * Purpose: Determine if an iterator has a next element + * + * Return: 1 if another element exists + * 0 if no additional elements exist + * + * Errors: None + * + */ +cc_int32 +cci_generic_iterate_has_next(cc_generic_iterate_t *iterate) +{ + return ((iterate == NULL || iterate->next == NULL) ? 0 : 1); +} + +/** + * cci_generic_iterate_next() + * + * Purpose: Retrieve the next element from an iterator and advance + * the iterator + * + * Return: non-NULL, the next element in the iterator + * NULL, the iterator list is empty or iterator is invalid + * + * Errors: ccErrBadParam + * + */ +cc_int32 +cci_generic_iterate_next(cc_generic_iterate_t *iterator, cc_generic_list_node_t** nodepp) +{ + cc_generic_list_node_t* ret; + + if (iterator == NULL || nodepp == NULL) + return ccErrBadParam; + + ret = iterator->next; + if (iterator->next != NULL) + iterator->next = iterator->next->next; + + *nodepp = ret; + return ccNoError; +} + +/** + * cci_generic_list_new() + * + * Purpose: Allocate new generic list + * + * Return: non-NULL, an empty list + * NULL, failure + * + * Errors: ccErrNoMem + * + */ +cc_int32 +cci_generic_list_new(cc_generic_list_head_t ** listpp) +{ + cc_generic_list_head_t* ret = (cc_generic_list_head_t *)malloc(sizeof(cc_generic_list_head_t)); + if (ret == NULL) + return ccErrNoMem; + + ret->type = generic; + ret->head = ret->tail = NULL; + *listpp = ret; + + return ccNoError; +} + +/** + * cci_generic_list_append() + * + * Purpose: Appends a new node containing a copy of 'len' bytes of 'data' + * + * Return: non-NULL, a pointer to the newly allocated node + * NULL, failure + * + * Errors: ccErrNoMem,ccErrBadParam + * + */ +cc_int32 +cci_generic_list_append(cc_generic_list_head_t *head, void *data, cc_uint32 len, cc_generic_list_node_t** nodepp) +{ + cc_generic_list_node_t* new_node; + + if ( data == NULL || len == 0 ) + return ccErrBadParam; + + new_node = (cc_generic_list_node_t *)malloc(sizeof(cc_generic_list_node_t)); + if (new_node == NULL) + return ccErrNoMem; + + new_node->data = malloc(len); + if ( new_node->data == NULL ) { + free(new_node); + return ccErrNoMem; + } + + memcpy(new_node->data,data,len); + new_node->len = len; + + if (head->head == NULL) { /*empty list*/ + head->head = new_node; + head->tail = new_node; + new_node->next = new_node->prev = NULL; + } else { + new_node->prev = head->tail; + head->tail->next = new_node; + head->tail = new_node; + new_node->next = NULL; + } + if (nodepp != NULL) + *nodepp = new_node; + return ccNoError; +} + +/** + * cci_generic_list_prepend() + * + * Purpose: Prepends a new node containing a copy of 'len' bytes of 'data' + * + * Return: non-NULL, a pointer to the newly allocated node + * NULL, failure + * + * Errors: ccErrNoMem, ccErrBadParam + * + */ +cc_int32 +cci_generic_list_prepend(cc_generic_list_head_t *head, void *data, cc_uint32 len, cc_generic_list_node_t** nodepp) +{ + cc_generic_list_node_t* new_node; + + if ( data == NULL || len == 0 ) + return ccErrBadParam; + + new_node = (cc_generic_list_node_t *)malloc(sizeof(cc_generic_list_node_t)); + if (new_node == NULL) + return ccErrNoMem; + + new_node->data = malloc(len); + if ( new_node->data == NULL ) { + free(new_node); + return ccErrNoMem; + } + + memcpy(new_node->data,data,len); + new_node->len = len; + + if (head->head == NULL) { /*empty list*/ + head->head = new_node; + head->tail = new_node; + new_node->prev = new_node->next = NULL; + } else { + new_node->next = head->head; + head->head->prev = new_node; + new_node->prev = NULL; + head->head = new_node; + } + + if (nodepp != NULL) + *nodepp = new_node; + + return ccNoError; +} + +/** + * cci_generic_list_remove_element() + * + * Purpose: Remove a node from the list + * + * Return: 0, success + * -1, failure + * + * Errors: ccErrBadParam + * + */ +cc_int32 +cci_generic_list_remove_element(cc_generic_list_head_t* head, cc_generic_list_node_t* rem) +{ + if (head->head == NULL || rem == NULL) + return ccErrBadParam; + + if (head->head == rem && head->tail == rem) { /*removing only element of list*/ + head->head = head->tail = NULL; + } else if (head->head == rem) { /*removing head*/ + head->head = head->head->next; + } else if (head->tail == rem) { /*removing tail*/ + head->tail = head->tail->prev; + head->tail->next = NULL; + } else { + rem->prev->next = rem->next; + rem->next->prev = rem->prev; + } + free(rem); + return ccNoError; +} + +/** + * cci_generic_free_element() + * + * Purpose: Free the memory associated with a node + * + * Return: 0, success + * -1, failure + * + * Errors: ccErrBadParam + * + */ +cc_int32 +cci_generic_free_element(cc_generic_list_node_t* node) +{ + if ( node == NULL ) + return ccErrBadParam; + + if ( node->data ) { + free(node->data); + node->data = NULL; + } + node->len = 0; + node->next = node->prev = NULL; + free(node); + return ccNoError; +} + + +/** + * cci_generic_list_destroy() + * + * Purpose: Deallocate a list and all of its contents + * + * Return: 0, success + * -1, failure + * + * Errors: ccErrBadParam + */ +cc_int32 +cci_generic_list_destroy(cc_generic_list_head_t* head) +{ + cc_generic_list_node_t *cur, *next; + cc_int32 ret = ccNoError; + + if ( head == NULL ) + return ccErrBadParam; + + for (cur = head->head; ret == ccNoError && cur != NULL; cur = next) { + next = cur->next; + ret = cci_generic_free_element(cur); + } + free(head); + return(ret); +} + +/** + * cci_generic_list_copy() + * + * Purpose: Copy a list + * + * Return: non-NULL, a new list + * NULL, failure + * + * Errors: ccErrBadParam, ccErrNoMem + * + */ +cc_int32 +cci_generic_list_copy(cc_generic_list_head_t* head, cc_generic_list_head_t** headpp) +{ + cc_generic_list_head_t* copy; + cc_generic_list_node_t *src_node, *dst_node; + cc_int32 code; + + if (head == NULL || headpp == NULL) + return ccErrBadParam; + + code = cci_generic_list_new(©); + if (code != ccNoError) + return code; + + for (src_node = head->head; src_node != NULL; src_node = src_node->next) { + code = cci_generic_list_append(copy, src_node->data, src_node->len, &dst_node); + if (code != ccNoError) { + cci_generic_list_destroy(copy); + return code; + } + } + *headpp = copy; + return ccNoError; +} + +/** + * cci_generic_list_iterator() + * + * Purpose: Allocate an iterator for the specified list + * + * Return: non-NULL, an iterator + * NULL, failure + * + * Errors: ccErrNoMem + * + */ +cc_int32 +cci_generic_list_iterator(cc_generic_list_head_t *head, cc_generic_iterate_t** headpp) +{ + cc_generic_iterate_t* iterator; + + if ( head == NULL || headpp == NULL ) + return ccErrBadParam; + + iterator = (cc_generic_iterate_t*)malloc(sizeof(cc_generic_iterate_t)); + if (iterator == NULL) + return ccErrNoMem; + + iterator->next = head->head; + *headpp = iterator; + return ccNoError; +} + +/** + * cci_generic_free_iterator() + * + * Purpose: Deallocate memory associated with an iterator + * + * Return: 0, success + * -1, failure + * + * Errors: ccErrBadParam + * + */ +cc_int32 +cci_generic_free_iterator(cc_generic_iterate_t* iterator) +{ + if ( iterator == NULL ) + return ccErrBadParam; + + iterator->next = NULL; + free(iterator); + return ccNoError; +} + + + diff --git a/src/lib/ccapi/common/marshall.c b/src/lib/ccapi/common/marshall.c new file mode 100644 index 000000000..960019cb0 --- /dev/null +++ b/src/lib/ccapi/common/marshall.c @@ -0,0 +1,440 @@ +/* $Copyright: + * + * Copyright 2004-2006 by the Massachusetts Institute of Technology. + * + * All rights reserved. + * + * Export of this software from the United States of America may require a + * specific license from the United States Government. It is the + * responsibility of any person or organization contemplating export to + * obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and distribute + * this software and its documentation for any purpose and without fee is + * hereby granted, provided that the above copyright notice appear in all + * copies and that both that copyright notice and this permission notice + * appear in supporting documentation, and that the name of M.I.T. not be + * used in advertising or publicity pertaining to distribution of the + * software without specific, written prior permission. Furthermore if you + * modify this software you must label your software as modified software + * and not distribute it in such a fashion that it might be confused with + * the original MIT software. M.I.T. makes no representations about the + * suitability of this software for any purpose. It is provided "as is" + * without express or implied warranty. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF + * MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + * + * Individual source code files are copyright MIT, Cygnus Support, + * OpenVision, Oracle, Sun Soft, FundsXpress, and others. + * + * Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira, + * and Zephyr are trademarks of the Massachusetts Institute of Technology + * (MIT). No commercial use of these trademarks may be made without prior + * written permission of MIT. + * + * "Commercial use" means use of a name in a product or other for-profit + * manner. It does NOT prevent a commercial firm from referring to the MIT + * trademarks in order to convey information (although in doing so, + * recognition of their trademark status should be given). + * $ + */ + +/* marshall.c */ + +#include +#include +#include +#include "msg.h" +#include "msg_headers.h" +#include "marshall.h" + +cc_int32 +cci_creds_v4_marshall( cc_credentials_v4_t * creds, + char ** pflat, + cc_uint32 * plen) +{ + cc_uint32 len; + char * flat; + cci_flat_creds_v4_t * header; + cc_time64 t64; + + if ( creds == NULL || pflat == NULL || plen == NULL ) + return ccErrBadParam; + + len = sizeof(cci_flat_creds_v4_t); + flat = (char *)malloc(len); + if ( flat == NULL ) + return ccErrNoMem; + memset(flat, 0, len); + + header = (cci_flat_creds_v4_t *)flat; + header->version = htonl(creds->version); + memcpy(header->principal, creds->principal, cc_v4_name_size); + memcpy(header->principal_instance, creds->principal_instance, cc_v4_instance_size); + memcpy(header->service, creds->service, cc_v4_name_size); + memcpy(header->service_instance, creds->service_instance, cc_v4_instance_size); + memcpy(header->realm, creds->realm, cc_v4_realm_size); + memcpy(header->session_key, creds->session_key, cc_v4_key_size); + header->kvno = htonl(creds->kvno); + header->string_to_key_type = htonl(creds->string_to_key_type); + t64 = creds->issue_date; + header->issue_date = htonll(t64); + header->lifetime = htonl(creds->lifetime); + /* TODO: verify that address is stored in host order */ + header->address = htonl(creds->address); + header->ticket_size = htonl(creds->ticket_size); + memcpy(header->ticket, creds->ticket, cc_v4_ticket_size); + + *pflat = flat; + *plen = len; + + return ccNoError; +} + +cc_int32 +cci_creds_v4_unmarshall( char * flat, + cc_uint32 len, + cc_credentials_union * creds_union) +{ + struct cci_flat_creds_v4 * header; + cc_credentials_v4_t * creds; + cc_time64 t64; + + if ( flat == NULL || len == 0 || creds_union == NULL ) + return ccErrBadParam; + + creds_union->version = cc_credentials_v4; + + header = (cci_flat_creds_v4_t *)flat; + + creds = (cc_credentials_v4_t *)malloc(sizeof(cc_credentials_v4_t)); + if ( creds == NULL ) + return ccErrNoMem; + + creds->version = ntohl(header->version); + memcpy(creds->principal, header->principal, cc_v4_name_size); + memcpy(creds->principal_instance, header->principal_instance, cc_v4_instance_size); + memcpy(creds->service, header->service, cc_v4_name_size); + memcpy(creds->service_instance, header->service_instance, cc_v4_instance_size); + memcpy(creds->realm, header->realm, cc_v4_realm_size); + memcpy(creds->session_key, header->session_key, cc_v4_key_size); + creds->kvno = htonl(header->kvno); + creds->string_to_key_type = htonl(header->string_to_key_type); + t64 = header->issue_date; + creds->issue_date = (cc_time64)ntohll(t64); + creds->lifetime = (cc_int32)ntohl(header->lifetime); + /* TODO: verify that address is stored in host order */ + creds->address = ntohl(header->address); + creds->ticket_size = ntohl(header->ticket_size); + memcpy(creds->ticket, header->ticket, cc_v4_ticket_size); + + creds_union->credentials.credentials_v4 = creds; + + return ccNoError; +} + + +cc_int32 +cci_creds_cc_data_array_count_entries( cc_data ** array, cc_uint32 * pcount) +{ + cc_uint32 count; + + if (array == NULL) { + *pcount = 0; + return ccNoError; + } + + for ( count=0; array[count] != NULL ; count++) ; + + *pcount = count; + return ccNoError; +} + +cc_int32 +cci_creds_v5_compute_flat_size( cc_credentials_v5_t * creds, cc_uint32 * plen) +{ + cc_uint32 len; + cc_uint32 i, count; + + len = sizeof(struct cci_flat_creds_v5); + + if (creds->client) + len += strlen(creds->client) + 1; + + if (creds->server) + len += strlen(creds->server) + 1; + + len += creds->keyblock.length; + + cci_creds_cc_data_array_count_entries( creds->addresses, &count ); + len += count * sizeof(cc_flat_data); + for ( i=0; iaddresses[i]->length; + } + + len += creds->ticket.length; + len += creds->second_ticket.length; + + cci_creds_cc_data_array_count_entries( creds->authdata, &count ); + len += count * sizeof(cc_flat_data); + for ( i=0; iauthdata[i]->length; + } + + *plen = len; + return ccNoError; +} + +cc_int32 +cci_creds_v5_marshall( cc_credentials_v5_t * creds, + char ** pflat, + cc_uint32 * plen) +{ + cc_uint32 len; + char * flat; + struct cci_flat_creds_v5 * header; + cc_uint32 length; + cc_uint32 offset; + cc_time64 t64; + cc_uint32 count; + cc_uint32 i; + + if ( creds == NULL || pflat == NULL || plen == NULL ) + return ccErrBadParam; + + cci_creds_v5_compute_flat_size(creds, &len); + + flat = (char *)malloc(len); + if ( flat == NULL ) + return ccErrNoMem; + memset(flat, 0, len); + + offset = sizeof(struct cci_flat_creds_v5); + header = (struct cci_flat_creds_v5 *)flat; + header->version = htonl(FLAT_CREDS_V5_VERSION); + if (creds->client) { + length = strlen(creds->client) + 1; + header->client.length = htonl(length); + header->client.data = htonl(offset); + memcpy(flat + offset, creds->client, length); + offset += length; + } + + if (creds->server) { + length = strlen(creds->server) + 1; + header->server.length = htonl(length); + header->server.data = htonl(offset); + memcpy(flat + offset, creds->server, length); + offset += length; + } + + header->keyblock.type = htonl(creds->keyblock.type); + if (creds->keyblock.length) { + length = creds->keyblock.length; + header->keyblock.length = htonl(length); + header->keyblock.data = htonl(offset); + memcpy(flat + offset, creds->keyblock.data, length); + offset += length; + } + + t64 = creds->authtime; + header->authtime = htonll(t64); + t64 = creds->starttime; + header->starttime = htonll(t64); + t64 = creds->endtime; + header->endtime = htonll(t64); + t64 = creds->renew_till; + header->renew_till = htonll(t64); + + header->is_skey = htonl(creds->is_skey); + header->ticket_flags = htonl(creds->ticket_flags); + + cci_creds_cc_data_array_count_entries( creds->addresses, &count ); + if ( count ) { + cc_flat_data * addresses = (cc_flat_data *)flat + offset; + header->address_count = htonl(count); + header->addresses = htonl(offset); + offset += count * sizeof(cc_flat_data); + + for ( i=0; i < count; i++ ) { + addresses[i].type = htonl(creds->addresses[i]->type); + if (creds->addresses[i]->length) { + length = creds->addresses[i]->length; + addresses[i].length = htonl(length); + addresses[i].data = htonl(offset); + /* TODO: verify that addresses are stored in network order */ + memcpy(flat + offset, creds->addresses[i]->data, length); + offset += length; + } + } + } + + header->ticket.type = htonl(creds->ticket.type); + if (creds->ticket.length) { + length = creds->ticket.length; + header->ticket.length = htonl(length); + header->ticket.data = htonl(offset); + memcpy(flat + offset, creds->ticket.data, length); + offset += length; + } + + header->second_ticket.type = htonl(creds->second_ticket.type); + if (creds->second_ticket.length) { + length = creds->second_ticket.length; + header->second_ticket.length = htonl(length); + header->second_ticket.data = htonl(offset); + memcpy(flat + offset, creds->second_ticket.data, length); + offset += length; + } + + cci_creds_cc_data_array_count_entries( creds->authdata, &count ); + if ( count ) { + cc_flat_data * authdata = (cc_flat_data *)flat + offset; + + header->authdata_count = htonl(count); + header->authdata = (offset); + offset += count * sizeof(cc_flat_data); + + for ( i=0; i < count; i++ ) { + authdata[i].type = htonl(creds->authdata[i]->type); + if (creds->authdata[i]->length) { + length = creds->authdata[i]->length; + authdata[i].length = htonl(length); + authdata[i].data = htonl(offset); + memcpy(flat + offset, creds->authdata[i]->data, length); + offset += length; + } + } + } + + *pflat = flat; + *plen = len; + return ccNoError; +} + + +// TODO: a much better job of checking for out of memory errors +// and validating that we do not read beyond the flat input +// data buffer + +cc_int32 +cci_creds_v5_unmarshall( char * flat, + cc_uint32 len, + cc_credentials_union * creds_union) +{ + struct cci_flat_creds_v5 * header; + cc_credentials_v5_t * creds; + cc_flat_data * flat_data; + cc_time64 t64; + cc_uint32 length; + cc_uint32 count; + cc_uint32 i; + + if ( flat == NULL || len == 0 || creds_union == NULL ) + return ccErrBadParam; + + creds_union->version = cc_credentials_v5; + + header = (struct cci_flat_creds_v5 *)flat; + + if ( ntohl(header->version) != FLAT_CREDS_V5_VERSION ) + return ccErrBadParam; + + creds = (cc_credentials_v5_t *)malloc(sizeof(cc_credentials_v5_t)); + if ( creds == NULL ) + return ccErrNoMem; + memset(creds, 0, sizeof(cc_credentials_v5_t)); + + if ( header->client.length ) { + length = ntohl(header->client.length); + creds->client = (char *)malloc(length); + memcpy(creds->client, flat + header->client.data, length); + } + + if ( header->server.length ) { + length = ntohl(header->server.length); + creds->server = (char *)malloc(length); + memcpy(creds->server, flat + header->server.data, length); + } + + creds->keyblock.type = ntohl(header->keyblock.type); + if ( header->keyblock.length ) { + length = ntohl(header->keyblock.length); + creds->keyblock.length = length; + creds->keyblock.data = malloc(length); + memcpy(creds->keyblock.data, flat + header->keyblock.data, length); + } + + /* TODO: need to perform overflow validation checks to ensure + * that we do not attempt to store too large a value into cc_time_t + * when it is a 32-bit field. + */ + t64 = ntohll(header->authtime); + creds->authtime = (cc_time)t64; + t64 = ntohll(header->starttime); + creds->starttime = (cc_time)t64; + t64 = ntohll(header->endtime); + creds->endtime = (cc_time)t64; + t64 = ntohll(header->renew_till); + creds->renew_till = (cc_time)t64; + + creds->is_skey = ntohl(header->is_skey); + creds->ticket_flags = ntohl(header->ticket_flags); + + count = ntohl(header->address_count); + creds->addresses = (cc_data **) malloc((count + 1) * sizeof(cc_data *)); + flat_data = (cc_flat_data *)flat + header->addresses; + for ( i=0 ; i < count ; i++ ) { + creds->addresses[i] = (cc_data *)malloc(sizeof(cc_data)); + creds->addresses[i]->type = ntohl(flat_data[i].type); + length = ntohl(flat_data[i].length); + creds->addresses[i]->length = length; + if ( length ) { + creds->addresses[i]->data = malloc(length); + /* TODO: verify that addresses are stored in network order */ + memcpy(creds->addresses[i]->data, flat + flat_data[i].data, length); + } else { + creds->addresses[i]->data = NULL; + } + } + creds->addresses[i] = NULL; + + creds->ticket.type = ntohl(header->ticket.type); + length = ntohl(header->ticket.length); + if ( length ) { + creds->ticket.length = length; + creds->ticket.data = malloc(length); + memcpy(creds->ticket.data, flat + header->ticket.data, length); + } + + creds->second_ticket.type = header->second_ticket.type; + if ( header->second_ticket.length ) { + creds->second_ticket.length = header->second_ticket.length; + creds->second_ticket.data = malloc(creds->second_ticket.length); + memcpy(creds->second_ticket.data, flat + header->second_ticket.data, creds->second_ticket.length); + } + + count = ntohl(header->authdata_count); + creds->authdata = (cc_data **) malloc((count + 1) * sizeof(cc_data *)); + flat_data = (cc_flat_data *)flat + header->authdata; + for ( i=0 ; i < count ; i++ ) { + creds->authdata[i] = (cc_data *)malloc(sizeof(cc_data)); + creds->authdata[i]->type = ntohl(flat_data[i].type); + length = ntohl(flat_data[i].length); + creds->authdata[i]->length = length; + if ( length ) { + creds->authdata[i]->data = malloc(length); + memcpy(creds->authdata[i]->data, flat + flat_data[i].data, length); + } else { + creds->authdata[i]->data = NULL; + } + } + creds->authdata[i] = NULL; + + creds_union->credentials.credentials_v5 = creds; + + return ccNoError; +} + diff --git a/src/lib/ccapi/common/msg.c b/src/lib/ccapi/common/msg.c new file mode 100644 index 000000000..b7f60dd07 --- /dev/null +++ b/src/lib/ccapi/common/msg.c @@ -0,0 +1,628 @@ +/* $Copyright: + * + * Copyright 2004-2006 by the Massachusetts Institute of Technology. + * + * All rights reserved. + * + * Export of this software from the United States of America may require a + * specific license from the United States Government. It is the + * responsibility of any person or organization contemplating export to + * obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and distribute + * this software and its documentation for any purpose and without fee is + * hereby granted, provided that the above copyright notice appear in all + * copies and that both that copyright notice and this permission notice + * appear in supporting documentation, and that the name of M.I.T. not be + * used in advertising or publicity pertaining to distribution of the + * software without specific, written prior permission. Furthermore if you + * modify this software you must label your software as modified software + * and not distribute it in such a fashion that it might be confused with + * the original MIT software. M.I.T. makes no representations about the + * suitability of this software for any purpose. It is provided "as is" + * without express or implied warranty. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF + * MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + * + * Individual source code files are copyright MIT, Cygnus Support, + * OpenVision, Oracle, Sun Soft, FundsXpress, and others. + * + * Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira, + * and Zephyr are trademarks of the Massachusetts Institute of Technology + * (MIT). No commercial use of these trademarks may be made without prior + * written permission of MIT. + * + * "Commercial use" means use of a name in a product or other for-profit + * manner. It does NOT prevent a commercial firm from referring to the MIT + * trademarks in order to convey information (although in doing so, + * recognition of their trademark status should be given). + * $ + */ + +/* + * Verifiable, extensible message format. + * + * Format: + * + * + * + * + * + * + * + * + * + * ... + * + * + * If the header has variable length data it is included in the data blobs. + * The header field has the offset from the beginning of the message of the 1st + * byte of the data and the length of the data. + */ + +#include "CredentialsCache.h" +#include "msg.h" +#include "generic_lists.h" + +#include +#include +#include +#include + +/** + * cci_msg_new() + * + * Purpose: Allocate and initialize a new cc_msg_t structure + * + * Input parameter (type) in host order + * + * Return: non-NULL, the msg + * NULL, failure + * + * Errors: ccErrNoMem + * + */ +cc_int32 +cci_msg_new(cc_uint32 type, cc_msg_t** msgpp) +{ + // type should be validated. If invalid set error to ccErrBadParam + cc_msg_t* msg; + + if ( type > CC_MSG_MAX_TYPE || msgpp == NULL ) + return ccErrBadParam; + + msg = (cc_msg_t*)malloc(sizeof(cc_msg_t)); + if (msg == NULL) + return ccErrNoMem; + + msg->type = htonl(type); + msg->flat = NULL; + msg->header = NULL; + msg->flat_len = 0; + msg->header_len = 0; + msg->magic = 0; + cci_generic_list_new(&msg->data_blobs); + if (msg->data_blobs == NULL) { + // pass on error from previous call + free(msg); + return ccErrNoMem; + } + + *msgpp = msg; + return ccNoError; +} + +/** + * cci_msg_calc_header_size() + * + * Purpose: Calculates the size of the header + * + * Return: the size in bytes + * + * Errors: ccErrBadParam + * + */ +cc_int32 +cci_msg_calc_header_size(cc_msg_t* msg, cc_uint32 * lenp) +{ + int header_len = 12; /* header size, entire size, type */ + + if ( msg == NULL || lenp == NULL ) + return ccErrBadParam; + + header_len += msg->header_len; + *lenp = header_len; + return ccNoError; +} + +/** + * cci_msg_calc_size() + * + * Purpose: Calculates the size of the message + * (does not include the magic bytes) + * + * Return: the size in bytes + * + * Errors: ccErrBadParam + * + */ +cc_int32 +cci_msg_calc_size(cc_msg_t* msg, cc_uint32 * lenp) +{ + cc_uint32 flat_len; + cc_generic_list_node_t* gen_node; + cc_generic_iterate_t* gen_iterator; + cc_int32 code; + + if ( msg == NULL || lenp == NULL ) + return ccErrBadParam; + + code = cci_msg_calc_header_size(msg, &flat_len); + if (code != ccNoError) + goto bad; + + code = cci_generic_list_iterator(msg->data_blobs, &gen_iterator); + if ( code != ccNoError ) + goto bad; + + while (cci_generic_iterate_has_next(gen_iterator)) { + code = cci_generic_iterate_next(gen_iterator, &gen_node); + if (code != ccNoError) + break; + flat_len += gen_node->len + BLOB_LEN; + } + cci_generic_free_iterator(gen_iterator); + if (code != ccNoError) + goto bad; + + flat_len += MAGIC_HEAD_LEN + MAGIC_DATA_LEN; + *lenp = flat_len; + + bad: + return code; +} + +/** + * cci_msg_add_data_blob() + * + * Purpose: Adds 'len' bytes of data to the msg + * + * Return: + * + * Errors: + * + */ +cc_int32 +cci_msg_add_data_blob(cc_msg_t* msg, void *data, cc_uint32 len, cc_uint32 *lenp) +{ + cc_int32 code; + + if (msg == NULL || data == NULL || len <= 0 || lenp == NULL) + return ccErrBadParam; + + code = cci_generic_list_append(msg->data_blobs, data, len, NULL); + if ( code != ccNoError ) + return code; + return cci_msg_calc_blob_pos(msg, data, len, lenp); +} + +/** + * cc_msg_ + * + * Purpose: + * + * Return: + * + * Errors: + * + */ +cc_int32 +cci_msg_calc_blob_pos(cc_msg_t* msg, void *data, cc_uint32 len, cc_uint32 * posp) +{ + cc_uint32 pos; + cc_generic_list_node_t* gen_node; + cc_generic_iterate_t* gen_iterator; + cc_int32 code; + + code = cci_msg_calc_header_size(msg, &pos); + pos += sizeof(cc_uint32); /*+ sizeof(cc_uint32) for magic*/ + + code = cci_generic_list_iterator(msg->data_blobs, &gen_iterator); + while (cci_generic_iterate_has_next(gen_iterator)) { + code = cci_generic_iterate_next(gen_iterator, &gen_node); + if (gen_node->len != len && gen_node->data != data) { + pos += gen_node->len + sizeof(cc_uint32); + } else { + cci_generic_free_iterator(gen_iterator); + *posp = pos + sizeof(cc_uint32); + return ccNoError; + } + } + + cci_generic_free_iterator(gen_iterator); + return ccIteratorEnd; +} + +/** + * cc_msg_ + * + * Purpose: + * + * Return: + * + * Errors: + * + */ +cc_int32 +cci_msg_add_header(cc_msg_t* msg, void *header, cc_uint32 header_len) +{ + if ( msg == NULL || header == NULL ) + return ccErrBadParam; + + msg->header = header; + msg->header_len = header_len; + return ccNoError; +} + + +/** + * cc_msg_ + * + * Purpose: + * + * Return: + * + * Errors: + * + */ +cc_int32 +cci_msg_flatten(cc_msg_t* msg, void **flatpp) +{ + cc_generic_list_node_t* gen_node; + cc_generic_iterate_t* gen_iterator; + char *cur_pos; + cc_uint32 zero = 0; + cc_uint32 magic = 0; + cc_uint32 msg_len; + cc_uint32 u32; + cc_int32 code; + + if (msg == NULL || flatpp == NULL) + return ccErrBadParam; + + code = cci_msg_calc_size(msg,&msg->flat_len); + if ( code != ccNoError ) + return code; + + if (msg->flat_len > CC_MSG_MAX_SIZE) + return ccErrBadParam; + + msg->flat = (void *)malloc(msg->flat_len); + if (msg->flat == NULL) + return ccErrNoMem; + + cur_pos = msg->flat; + + u32 = msg->header_len; + htonl(u32); + memcpy(cur_pos,&u32,sizeof(cc_uint32)); + cur_pos+=sizeof(cc_uint32); + + u32 = msg->flat_len; + htonl(u32); + memcpy(cur_pos,&u32,sizeof(cc_uint32)); + cur_pos+=sizeof(cc_uint32); + + u32 = msg->type; + htonl(u32); + memcpy(cur_pos,&u32,sizeof(cc_uint32)); + cur_pos+=sizeof(cc_uint32); + + /* header data is already in network order */ + memcpy(cur_pos, msg->header, msg->header_len); + cur_pos += msg->header_len; + + u32 = zero; + htonl(zero); + memcpy(cur_pos, &u32, sizeof(cc_uint32)); /*will be magic number later*/ + cur_pos += sizeof(cc_uint32); + + code = cci_generic_list_iterator(msg->data_blobs, &gen_iterator); + if ( code != ccNoError ) { + free(msg->flat); + return code; + } + + while (cci_generic_iterate_has_next(gen_iterator)) { + code = cci_generic_iterate_next(gen_iterator, &gen_node); + if (code != ccNoError) { + free(gen_iterator); + free(msg->flat); + return code; + } + u32 = gen_node->len; + htonl(u32); + memcpy(cur_pos, &u32, sizeof(cc_uint32)); + cur_pos+=sizeof(cc_uint32); + + /* data already in network order */ + memcpy(cur_pos, gen_node->data, gen_node->len); + cur_pos += gen_node->len; + } + free(gen_iterator); + + u32 = zero; + htonl(zero); + memcpy(cur_pos, &u32, sizeof(cc_uint32)); /*magic number will go here later*/ + cur_pos += sizeof(cc_uint32); + + if (cur_pos - (char *)msg->flat != msg->flat_len) { + fprintf(stderr, "ERROR cur_pos - msg->flat = %d\n",msg->flat_len); + } + + cci_msg_calc_magic(msg->flat, msg->flat_len, &magic); + printf("magic = %d\n",magic); + + cci_msg_calc_header_size(msg, &msg_len); + memcpy((char *)msg->flat + msg_len, &magic, sizeof(cc_uint32)); + memcpy((char *)msg->flat + msg->flat_len - sizeof(cc_uint32), &magic, sizeof(cc_uint32)); + + if ( flatpp != NULL ) + *flatpp = msg->flat; + + return ccNoError; +} + +/** + * cc_msg_ + * + * Purpose: + * + * Return: + * + * Errors: + * + */ +cc_int32 +cci_msg_calc_magic(void *flat, int flat_len, cc_uint32 * magicp) +{ + cc_uint32 magic = 0; + int i; + + for (i = 0; i < flat_len; i += sizeof(cc_uint32)) { + magic = magic ^ *(int *)((char *)flat + i); + } + *magicp = htonl(magic); + return ccNoError; +} + +/** + * cc_msg_ + * + * Purpose: + * + * Return: + * + * Errors: + * + */ +cc_int32 +cci_msg_verify(void *flat, int flat_len, cc_uint32 * validp) +{ + cc_uint32 *magic1, *magic2; + cc_uint32 *pheader_len; + cc_uint32 header_len; + cc_uint32 *ptotal_len; + cc_uint32 total_len; + cc_uint32 *pblob_len; + cc_uint32 blob_len; + cc_uint32 *ptype; + cc_uint32 type; + cc_uint32 num_blobs = 0; + cc_uint32 zero = 0; + cc_uint32 msg_magic, msg_magic2; + + if (flat == NULL || flat_len <= 0 || validp == NULL) + return ccErrBadParam; + + pheader_len = flat; + ptotal_len = (cc_uint32 *)((char *)pheader_len + sizeof(cc_uint32)); + ptype = (cc_uint32 *)((char *)ptotal_len + sizeof(cc_uint32)); + + header_len = ntohl(*pheader_len); + total_len = ntohl(*ptotal_len); + type = ntohl(*ptype); + + if (total_len != flat_len) { + *validp = 0; + return ccNoError; + } + + if (header_len > flat_len) { + /*too weak. We could verify header_len against type spec header.*/ + *validp = 0; + return ccNoError; + } + if (type > CC_MSG_MAX_TYPE) { + *validp = 0; + return ccNoError; + } + + magic1 = (cc_uint32 *)((char *)ptype + sizeof(cc_uint32) + header_len); + if ((char *)magic1 - (char *)flat == (flat_len - 8)) { + /*There are no data blobs*/ + magic2 = (cc_uint32 *)((char *)magic1 + sizeof(cc_uint32)); + num_blobs = 0; + } else { + pblob_len = (cc_uint32 *)((char *)magic1 + sizeof(cc_uint32)); + num_blobs = 1; + blob_len = ntohl(*pblob_len); + + while (blob_len + sizeof(cc_uint32) + ((char *)pblob_len - (char *)flat) < (flat_len - sizeof(cc_uint32))) { + pblob_len = (cc_uint32 *)((char *)pblob_len + blob_len + sizeof(cc_uint32)); + num_blobs++; + blob_len = ntohl(*pblob_len); + } + + if (blob_len + sizeof(cc_uint32) + ((char *)pblob_len - (char *)flat) != (flat_len - sizeof(cc_uint32))) { + /*blobs didn't line up*/ + *validp = 0; + return ccNoError; + } + magic2 = (cc_uint32 *)((char *)pblob_len + blob_len + sizeof(cc_uint32)); /*2nd magic should be directly after the last blob*/ + } + + if (*magic1 != *magic2) { + *validp = 0; + return ccNoError; + } + msg_magic = *magic1; + + printf("%d %d\n", (char *)magic1 - (char *)flat, (char *)magic2 - (char *)flat); + + memcpy(magic1, &zero, sizeof(cc_uint32)); + memcpy(magic2, &zero, sizeof(cc_uint32)); + cci_msg_calc_magic(flat, flat_len, &msg_magic2); + /* both msg_magic and msg_magic2 are in network order */ + if (msg_magic != msg_magic2) { + *validp = 0; + return ccNoError; + } + memcpy(magic1, &msg_magic, sizeof(cc_uint32)); + memcpy(magic2, &msg_magic, sizeof(cc_uint32)); + + *validp = 1; + return ccNoError; +} + +/** + * cc_msg_ + * + * Purpose: + * + * Return: + * + * Errors: + * + */ +cc_int32 +cci_msg_unflatten(void *flat, int flat_len, cc_msg_t** msgpp) +{ + cc_msg_t* msg; + char *cur_pos; + cc_uint32 blob_len; + char *blob; + cc_uint32 valid; + cc_int32 code; + + if ( flat == NULL || flat_len <= 0 || msgpp == NULL ) + return ccErrBadParam; + + code = cci_msg_new(0, &msg); + if (code) + return code; + + cci_msg_verify(flat, flat_len, &valid); + if (valid != 1) { + cci_msg_destroy(msg); + return ccErrBadParam; + } + + cur_pos = flat; + msg->flat = flat; + + msg->header_len = ntohl(*(cc_uint32 *)cur_pos); + cur_pos += sizeof(cc_uint32); + + msg->flat_len = ntohl(*(cc_uint32 *)cur_pos); + cur_pos += sizeof(cc_uint32); + + msg->type = ntohl(*(cc_uint32 *)cur_pos); + cur_pos += sizeof(cc_uint32); + + msg->header = (void *)malloc(msg->header_len); + if (msg->header == NULL) { + cci_msg_destroy(msg); + return ccErrNoMem; + } + memcpy(msg->header, cur_pos, msg->header_len); + cur_pos += msg->header_len; + + msg->magic = ntohl(*(cc_uint32 *)cur_pos); + cur_pos += sizeof(cc_uint32); + + if (cur_pos - (char *)flat != flat_len - 8) { /*at least 1 blob*/ + blob_len = ntohl(*(cc_uint32 *)cur_pos); + while (blob_len + (cur_pos - (char *)flat) + sizeof(cc_uint32) <= flat_len - sizeof(cc_uint32)) { + blob = (void *)malloc(blob_len); + if (blob == NULL) { + cci_msg_destroy(msg); + return ccErrNoMem; + } + memcpy(blob, cur_pos + sizeof(cc_uint32), blob_len); + cci_generic_list_append(msg->data_blobs, blob, blob_len, NULL); + + cur_pos += sizeof(cc_uint32) + blob_len; + blob_len = ntohl(*(int *)cur_pos); + } + } + *msgpp = msg; + return ccNoError; +} + +cc_int32 +cci_msg_retrieve_blob(cc_msg_t* msg, cc_uint32 blob_offset, cc_uint32 blob_len, void **blobp) +{ + cc_generic_iterate_t* gen_iterator; + cc_generic_list_node_t* gen_node; + void *ret; + cc_uint32 blob_pos; + cc_int32 code; + + /*Ensure that the message has been unflattened*/ + if ( msg == NULL || msg->flat == NULL || blob_offset > msg->flat_len || + blob_len > msg->flat_len - blob_offset || blobp == NULL) + return ccErrBadParam; + + code = cci_generic_list_iterator(msg->data_blobs, &gen_iterator); + while (cci_generic_iterate_has_next(gen_iterator)) { + code = cci_generic_iterate_next(gen_iterator, &gen_node); + code = cci_msg_calc_blob_pos(msg, gen_node->data, gen_node->len, &blob_pos); + if (blob_pos == blob_offset && gen_node->len == blob_len) { + free(gen_iterator); + ret = (void *)malloc(blob_len); + if (ret == NULL) + return ccErrNoMem; + memcpy(ret,(char *)msg->flat + blob_offset, blob_len); + *blobp = ret; + return ccNoError; + } + } + free(gen_iterator); + return ccIteratorEnd; +} + +/** + * cc_msg_ + * + * Purpose: + * + * Return: + * + * Errors: + * + */ +cc_int32 +cci_msg_destroy(cc_msg_t* msg) +{ + if (msg->flat != NULL) + free(msg->flat); + if (msg->header != NULL) + free(msg->flat); + cci_generic_list_destroy(msg->data_blobs); + free(msg); + return ccNoError; +} + -- 2.26.2