From: Greg Hudson Date: Tue, 3 Dec 2019 20:32:29 +0000 (-0500) Subject: Improve type safety of serialization code X-Git-Tag: krb5-1.18-beta1~25 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F1011%2Fhead;p=thirdparty%2Fkrb5.git Improve type safety of serialization code Remove the serialization table from krb5_context, the functions to find and register serializers, and the polymorphic serialization functions. Instead, directly call per-type serialization functions for the type of object we need to serialize. Remove the krb5_context parameter from most serialization functions as the interfaces are not public and the context is not needed. Remove the ccache, keytab, and rcache serialization handlers as they were not used. In t_ser.c, repeat the externalize-internalize-reexternalize logic for each type, but simplify the code by aborting on failure and removing the verbose flag. The krb5_context and krb5_keyblock sizing functions both reported an extra four bytes. The new test program does not tolerate that inconsistency, so fix them. --- diff --git a/src/include/k5-int.h b/src/include/k5-int.h index da714667f3..1d78c0297b 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -1212,8 +1212,6 @@ struct _krb5_context { char *default_realm; profile_t profile; kdb5_dal_handle *dal_handle; - int ser_ctx_count; - void *ser_ctx; /* allowable clock skew */ krb5_deltat clockskew; krb5_flags kdc_default_options; @@ -1780,64 +1778,110 @@ krb5_error_code k5_parse_host_string(const char *address, int default_port, char **host_out, int *port_out); -/* - * [De]Serialization Handle and operations. - */ -struct __krb5_serializer { - krb5_magic odtype; - krb5_error_code (*sizer) (krb5_context, - krb5_pointer, - size_t *); - krb5_error_code (*externalizer) (krb5_context, - krb5_pointer, - krb5_octet **, - size_t *); - krb5_error_code (*internalizer) (krb5_context, - krb5_pointer *, - krb5_octet **, - size_t *); -}; -typedef const struct __krb5_serializer * krb5_ser_handle; -typedef struct __krb5_serializer krb5_ser_entry; +krb5_error_code +k5_size_authdata_context(krb5_context kcontext, krb5_authdata_context context, + size_t *sizep); -krb5_ser_handle krb5_find_serializer(krb5_context, krb5_magic); -krb5_error_code krb5_register_serializer(krb5_context, const krb5_ser_entry *); +krb5_error_code +k5_externalize_authdata_context(krb5_context kcontext, + krb5_authdata_context context, + krb5_octet **buffer, size_t *lenremain); -/* Determine the external size of a particular opaque structure */ -krb5_error_code KRB5_CALLCONV -krb5_size_opaque(krb5_context, krb5_magic, krb5_pointer, size_t *); +krb5_error_code +k5_internalize_authdata_context(krb5_context kcontext, + krb5_authdata_context *ptr, + krb5_octet **buffer, size_t *lenremain); -/* Serialize the structure into a buffer */ -krb5_error_code KRB5_CALLCONV -krb5_externalize_opaque(krb5_context, krb5_magic, krb5_pointer, krb5_octet **, - size_t *); +krb5_error_code +k5_size_auth_context(krb5_auth_context auth_context, size_t *sizep); -/* Deserialize the structure from a buffer */ -krb5_error_code KRB5_CALLCONV -krb5_internalize_opaque(krb5_context, krb5_magic, krb5_pointer *, - krb5_octet **, size_t *); +krb5_error_code +k5_externalize_auth_context(krb5_auth_context auth_context, + krb5_octet **buffer, size_t *lenremain); +krb5_error_code +k5_internalize_auth_context(krb5_auth_context *argp, + krb5_octet **buffer, size_t *lenremain); -/* Serialize data into a buffer */ krb5_error_code -krb5_externalize_data(krb5_context, krb5_pointer, krb5_octet **, size_t *); -/* - * Initialization routines. - */ +k5_size_authdata(krb5_authdata *authdata, size_t *sizep); + +krb5_error_code +k5_externalize_authdata(krb5_authdata *authdata, + krb5_octet **buffer, size_t *lenremain); + +krb5_error_code +k5_internalize_authdata(krb5_authdata **authdata, + krb5_octet **buffer, size_t *lenremain); + +krb5_error_code +k5_size_address(krb5_address *address, size_t *sizep); + +krb5_error_code +k5_externalize_address(krb5_address *address, + krb5_octet **buffer, size_t *lenremain); + +krb5_error_code +k5_internalize_address(krb5_address **argp, + krb5_octet **buffer, size_t *lenremain); + +krb5_error_code +k5_size_authenticator(krb5_authenticator *authenticator, size_t *sizep); -/* Initialize serialization for krb5_[os_]context */ -krb5_error_code KRB5_CALLCONV krb5_ser_context_init(krb5_context); +krb5_error_code +k5_externalize_authenticator(krb5_authenticator *authenticator, + krb5_octet **buffer, size_t *lenremain); + +krb5_error_code +k5_internalize_authenticator(krb5_authenticator **argp, + krb5_octet **buffer, size_t *lenremain); + +krb5_error_code +k5_size_checksum(krb5_checksum *checksum, size_t *sizep); + +krb5_error_code +k5_externalize_checksum(krb5_checksum *checksum, + krb5_octet **buffer, size_t *lenremain); + +krb5_error_code +k5_internalize_checksum(krb5_checksum **argp, + krb5_octet **buffer, size_t *lenremain); + +krb5_error_code +k5_size_context(krb5_context context, size_t *sizep); + +krb5_error_code +k5_externalize_context(krb5_context context, + krb5_octet **buffer, size_t *lenremain); + +krb5_error_code +k5_internalize_context(krb5_context *argp, + krb5_octet **buffer, size_t *lenremain); + +krb5_error_code +k5_size_keyblock(krb5_keyblock *keyblock, size_t *sizep); + +krb5_error_code +k5_externalize_keyblock(krb5_keyblock *keyblock, + krb5_octet **buffer, size_t *lenremain); + +krb5_error_code +k5_internalize_keyblock(krb5_keyblock **argp, + krb5_octet **buffer, size_t *lenremain); -/* Initialize serialization for krb5_auth_context */ -krb5_error_code KRB5_CALLCONV krb5_ser_auth_context_init(krb5_context); +krb5_error_code +k5_size_principal(krb5_principal principal, size_t *sizep); -/* Initialize serialization for krb5_keytab */ -krb5_error_code KRB5_CALLCONV krb5_ser_keytab_init(krb5_context); +krb5_error_code +k5_externalize_principal(krb5_principal principal, + krb5_octet **buffer, size_t *lenremain); -/* Initialize serialization for krb5_ccache */ -krb5_error_code KRB5_CALLCONV krb5_ser_ccache_init(krb5_context); +krb5_error_code +k5_internalize_principal(krb5_principal *argp, + krb5_octet **buffer, size_t *lenremain); -/* Initialize serialization for krb5_rcache */ -krb5_error_code KRB5_CALLCONV krb5_ser_rcache_init(krb5_context); +/* + * Initialization routines. + */ /* [De]serialize 4-byte integer */ krb5_error_code KRB5_CALLCONV @@ -2017,9 +2061,6 @@ typedef struct _krb5_kt_ops { krb5_keytab_entry *); krb5_error_code (KRB5_CALLCONV *remove)(krb5_context, krb5_keytab, krb5_keytab_entry *); - - /* Handle for serializer */ - const krb5_ser_entry *serializer; } krb5_kt_ops; /* Not sure it's ready for exposure just yet. */ diff --git a/src/lib/gssapi/krb5/export_sec_context.c b/src/lib/gssapi/krb5/export_sec_context.c index 49bd76d2bc..44e50080ab 100644 --- a/src/lib/gssapi/krb5/export_sec_context.c +++ b/src/lib/gssapi/krb5/export_sec_context.c @@ -51,14 +51,10 @@ krb5_gss_export_sec_context(minor_status, context_handle, interprocess_token) } context = ctx->k5_context; - kret = krb5_gss_ser_init(context); - if (kret) - goto error_out; /* Determine size needed for externalization of context */ bufsize = 0; - if ((kret = kg_ctx_size(context, (krb5_pointer) ctx, - &bufsize))) + if ((kret = kg_ctx_size(context, ctx, &bufsize))) goto error_out; /* Allocate the buffer */ @@ -70,8 +66,7 @@ krb5_gss_export_sec_context(minor_status, context_handle, interprocess_token) obp = obuffer; blen = bufsize; /* Externalize the context */ - if ((kret = kg_ctx_externalize(context, - (krb5_pointer) ctx, &obp, &blen))) + if ((kret = kg_ctx_externalize(context, ctx, &obp, &blen))) goto error_out; /* Success! Return the buffer */ diff --git a/src/lib/gssapi/krb5/gssapiP_krb5.h b/src/lib/gssapi/krb5/gssapiP_krb5.h index 2647434bad..2e2c775d63 100644 --- a/src/lib/gssapi/krb5/gssapiP_krb5.h +++ b/src/lib/gssapi/krb5/gssapiP_krb5.h @@ -360,16 +360,16 @@ OM_uint32 kg_seal_size (OM_uint32 *minor_status, OM_uint32 *input_size); krb5_error_code kg_ctx_size (krb5_context kcontext, - krb5_pointer arg, + krb5_gss_ctx_id_t ctx, size_t *sizep); krb5_error_code kg_ctx_externalize (krb5_context kcontext, - krb5_pointer arg, + krb5_gss_ctx_id_t ctx, krb5_octet **buffer, size_t *lenremain); krb5_error_code kg_ctx_internalize (krb5_context kcontext, - krb5_pointer *argp, + krb5_gss_ctx_id_t *argp, krb5_octet **buffer, size_t *lenremain); @@ -851,8 +851,6 @@ OM_uint32 KRB5_CALLCONV krb5_gss_import_sec_context ); #endif /* LEAN_CLIENT */ -krb5_error_code krb5_gss_ser_init(krb5_context); - OM_uint32 krb5_gss_release_oid (OM_uint32 *, /* minor_status */ gss_OID * /* oid */ diff --git a/src/lib/gssapi/krb5/gssapi_krb5.c b/src/lib/gssapi/krb5/gssapi_krb5.c index f09cda007c..128ffffa18 100644 --- a/src/lib/gssapi/krb5/gssapi_krb5.c +++ b/src/lib/gssapi/krb5/gssapi_krb5.c @@ -79,8 +79,6 @@ */ -/* For declaration of krb5_ser_context_init */ -#include "k5-int.h" #include "gssapiP_krb5.h" #include "mglueP.h" diff --git a/src/lib/gssapi/krb5/import_sec_context.c b/src/lib/gssapi/krb5/import_sec_context.c index 4190adf35c..7d26f4df87 100644 --- a/src/lib/gssapi/krb5/import_sec_context.c +++ b/src/lib/gssapi/krb5/import_sec_context.c @@ -48,22 +48,6 @@ gss_OID krb5_gss_convert_static_mech_oid(oid) return oid; } -krb5_error_code -krb5_gss_ser_init (krb5_context context) -{ - krb5_error_code code; - static krb5_error_code (KRB5_CALLCONV *const fns[])(krb5_context) = { - krb5_ser_context_init, krb5_ser_auth_context_init, - krb5_ser_ccache_init, krb5_ser_rcache_init, krb5_ser_keytab_init, - }; - unsigned int i; - - for (i = 0; i < sizeof(fns)/sizeof(fns[0]); i++) - if ((code = (fns[i])(context)) != 0) - return code; - return 0; -} - OM_uint32 KRB5_CALLCONV krb5_gss_import_sec_context(minor_status, interprocess_token, context_handle) OM_uint32 *minor_status; @@ -85,13 +69,6 @@ krb5_gss_import_sec_context(minor_status, interprocess_token, context_handle) *minor_status = kret; return GSS_S_FAILURE; } - kret = krb5_gss_ser_init(context); - if (kret) { - *minor_status = kret; - save_error_info(*minor_status, context); - krb5_free_context(context); - return GSS_S_FAILURE; - } /* Assume a tragic failure */ ctx = (krb5_gss_ctx_id_t) NULL; @@ -100,7 +77,7 @@ krb5_gss_import_sec_context(minor_status, interprocess_token, context_handle) /* Internalize the context */ ibp = (krb5_octet *) interprocess_token->value; blen = (size_t) interprocess_token->length; - kret = kg_ctx_internalize(context, (krb5_pointer *) &ctx, &ibp, &blen); + kret = kg_ctx_internalize(context, &ctx, &ibp, &blen); if (kret) { *minor_status = (OM_uint32) kret; save_error_info(*minor_status, context); diff --git a/src/lib/gssapi/krb5/ser_sctx.c b/src/lib/gssapi/krb5/ser_sctx.c index 79c4c710e6..9e2d32e98d 100644 --- a/src/lib/gssapi/krb5/ser_sctx.c +++ b/src/lib/gssapi/krb5/ser_sctx.c @@ -40,13 +40,8 @@ */ static krb5_error_code -kg_oid_externalize(kcontext, arg, buffer, lenremain) - krb5_context kcontext; - krb5_pointer arg; - krb5_octet **buffer; - size_t *lenremain; +kg_oid_externalize(gss_OID oid, krb5_octet **buffer, size_t *lenremain) { - gss_OID oid = (gss_OID) arg; krb5_error_code err; err = krb5_ser_pack_int32(KV5M_GSS_OID, buffer, lenremain); @@ -65,11 +60,7 @@ kg_oid_externalize(kcontext, arg, buffer, lenremain) } static krb5_error_code -kg_oid_internalize(kcontext, argp, buffer, lenremain) - krb5_context kcontext; - krb5_pointer *argp; - krb5_octet **buffer; - size_t *lenremain; +kg_oid_internalize(gss_OID *argp, krb5_octet **buffer, size_t *lenremain) { gss_OID oid; krb5_int32 ibuf; @@ -121,22 +112,18 @@ kg_oid_internalize(kcontext, argp, buffer, lenremain) *buffer = bp; *lenremain = remain; - *argp = (krb5_pointer) oid; + *argp = oid; return 0; } static krb5_error_code -kg_oid_size(kcontext, arg, sizep) - krb5_context kcontext; - krb5_pointer arg; - size_t *sizep; +kg_oid_size(gss_OID oid, size_t *sizep) { krb5_error_code kret; - gss_OID oid; size_t required; kret = EINVAL; - if ((oid = (gss_OID) arg)) { + if (oid != NULL) { required = 2*sizeof(krb5_int32); /* For the header and trailer */ required += sizeof(krb5_int32); required += oid->length; @@ -150,8 +137,7 @@ kg_oid_size(kcontext, arg, sizep) } static krb5_error_code -kg_seqstate_externalize(kcontext, arg, buffer, lenremain) - krb5_context kcontext; +kg_seqstate_externalize(arg, buffer, lenremain) g_seqnum_state arg; krb5_octet **buffer; size_t *lenremain; @@ -166,8 +152,7 @@ kg_seqstate_externalize(kcontext, arg, buffer, lenremain) } static krb5_error_code -kg_seqstate_internalize(kcontext, argp, buffer, lenremain) - krb5_context kcontext; +kg_seqstate_internalize(argp, buffer, lenremain) g_seqnum_state *argp; krb5_octet **buffer; size_t *lenremain; @@ -208,8 +193,7 @@ kg_seqstate_internalize(kcontext, argp, buffer, lenremain) } static krb5_error_code -kg_seqstate_size(kcontext, arg, sizep) - krb5_context kcontext; +kg_seqstate_size(arg, sizep) g_seqnum_state arg; size_t *sizep; { @@ -231,13 +215,9 @@ kg_seqstate_size(kcontext, arg, sizep) * Determine the size required for this krb5_gss_ctx_id_rec. */ krb5_error_code -kg_ctx_size(kcontext, arg, sizep) - krb5_context kcontext; - krb5_pointer arg; - size_t *sizep; +kg_ctx_size(krb5_context kcontext, krb5_gss_ctx_id_t ctx, size_t *sizep) { krb5_error_code kret; - krb5_gss_ctx_id_rec *ctx; size_t required; /* @@ -277,74 +257,45 @@ kg_ctx_size(kcontext, arg, sizep) * krb5_int32 for trailer. */ kret = EINVAL; - if ((ctx = (krb5_gss_ctx_id_rec *) arg)) { + if (ctx != NULL) { required = 21*sizeof(krb5_int32); required += 2*sizeof(int64_t); required += sizeof(ctx->seed); kret = 0; if (!kret && ctx->here) - kret = krb5_size_opaque(kcontext, - KV5M_PRINCIPAL, - (krb5_pointer) ctx->here->princ, - &required); + kret = k5_size_principal(ctx->here->princ, &required); if (!kret && ctx->there) - kret = krb5_size_opaque(kcontext, - KV5M_PRINCIPAL, - (krb5_pointer) ctx->there->princ, - &required); + kret = k5_size_principal(ctx->there->princ, &required); if (!kret && ctx->subkey) - kret = krb5_size_opaque(kcontext, - KV5M_KEYBLOCK, - (krb5_pointer) &ctx->subkey->keyblock, - &required); + kret = k5_size_keyblock(&ctx->subkey->keyblock, &required); if (!kret && ctx->enc) - kret = krb5_size_opaque(kcontext, - KV5M_KEYBLOCK, - (krb5_pointer) &ctx->enc->keyblock, - &required); + kret = k5_size_keyblock(&ctx->enc->keyblock, &required); if (!kret && ctx->seq) - kret = krb5_size_opaque(kcontext, - KV5M_KEYBLOCK, - (krb5_pointer) &ctx->seq->keyblock, - &required); + kret = k5_size_keyblock(&ctx->seq->keyblock, &required); if (!kret) - kret = kg_oid_size(kcontext, - (krb5_pointer) ctx->mech_used, - &required); + kret = kg_oid_size(ctx->mech_used, &required); if (!kret && ctx->seqstate) - kret = kg_seqstate_size(kcontext, ctx->seqstate, &required); + kret = kg_seqstate_size(ctx->seqstate, &required); if (!kret) - kret = krb5_size_opaque(kcontext, - KV5M_CONTEXT, - (krb5_pointer) ctx->k5_context, - &required); + kret = k5_size_context(ctx->k5_context, &required); if (!kret) - kret = krb5_size_opaque(kcontext, - KV5M_AUTH_CONTEXT, - (krb5_pointer) ctx->auth_context, - &required); + kret = k5_size_auth_context(ctx->auth_context, &required); if (!kret && ctx->acceptor_subkey) - kret = krb5_size_opaque(kcontext, - KV5M_KEYBLOCK, (krb5_pointer) - &ctx->acceptor_subkey->keyblock, + kret = k5_size_keyblock(&ctx->acceptor_subkey->keyblock, &required); if (!kret && ctx->authdata) { krb5_int32 i; - for (i = 0; !kret && ctx->authdata[i]; i++) { - kret = krb5_size_opaque(kcontext, - KV5M_AUTHDATA, - (krb5_pointer)ctx->authdata[i], - &required); - } + for (i = 0; !kret && ctx->authdata[i]; i++) + kret = k5_size_authdata(ctx->authdata[i], &required); } if (!kret) { krb5_gss_name_t initiator_name; @@ -352,10 +303,9 @@ kg_ctx_size(kcontext, arg, sizep) initiator_name = ctx->initiate ? ctx->here : ctx->there; if (initiator_name && initiator_name->ad_context) { - kret = krb5_size_opaque(kcontext, - KV5M_AUTHDATA_CONTEXT, - initiator_name->ad_context, - &required); + kret = k5_size_authdata_context(kcontext, + initiator_name->ad_context, + &required); } } *sizep += required; @@ -367,14 +317,10 @@ kg_ctx_size(kcontext, arg, sizep) * Externalize this krb5_gss_ctx_id_ret. */ krb5_error_code -kg_ctx_externalize(kcontext, arg, buffer, lenremain) - krb5_context kcontext; - krb5_pointer arg; - krb5_octet **buffer; - size_t *lenremain; +kg_ctx_externalize(krb5_context kcontext, krb5_gss_ctx_id_t ctx, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code kret; - krb5_gss_ctx_id_rec *ctx; size_t required; krb5_octet *bp; size_t remain; @@ -388,9 +334,9 @@ kg_ctx_externalize(kcontext, arg, buffer, lenremain) bp = *buffer; remain = *lenremain; kret = EINVAL; - if ((ctx = (krb5_gss_ctx_id_rec *) arg)) { + if (ctx != NULL) { kret = ENOMEM; - if (!kg_ctx_size(kcontext, arg, &required) && + if (!kg_ctx_size(kcontext, ctx, &required) && (required <= remain)) { /* Our identifier */ (void) krb5_ser_pack_int32(KG_CONTEXT, &bp, &remain); @@ -434,54 +380,37 @@ kg_ctx_externalize(kcontext, arg, buffer, lenremain) kret = 0; if (!kret && ctx->mech_used) - kret = kg_oid_externalize(kcontext, ctx->mech_used, - &bp, &remain); + kret = kg_oid_externalize(ctx->mech_used, &bp, &remain); if (!kret && ctx->here) - kret = krb5_externalize_opaque(kcontext, - KV5M_PRINCIPAL, - (krb5_pointer) ctx->here->princ, - &bp, &remain); + kret = k5_externalize_principal(ctx->here->princ, + &bp, &remain); if (!kret && ctx->there) - kret = krb5_externalize_opaque(kcontext, - KV5M_PRINCIPAL, - (krb5_pointer) ctx->there->princ, - &bp, &remain); + kret = k5_externalize_principal(ctx->there->princ, + &bp, &remain); if (!kret && ctx->subkey) - kret = krb5_externalize_opaque(kcontext, - KV5M_KEYBLOCK, (krb5_pointer) - &ctx->subkey->keyblock, + kret = k5_externalize_keyblock(&ctx->subkey->keyblock, &bp, &remain); if (!kret && ctx->enc) - kret = krb5_externalize_opaque(kcontext, - KV5M_KEYBLOCK, (krb5_pointer) - &ctx->enc->keyblock, + kret = k5_externalize_keyblock(&ctx->enc->keyblock, &bp, &remain); if (!kret && ctx->seq) - kret = krb5_externalize_opaque(kcontext, - KV5M_KEYBLOCK, (krb5_pointer) - &ctx->seq->keyblock, + kret = k5_externalize_keyblock(&ctx->seq->keyblock, &bp, &remain); if (!kret && ctx->seqstate) - kret = kg_seqstate_externalize(kcontext, - ctx->seqstate, &bp, &remain); + kret = kg_seqstate_externalize(ctx->seqstate, &bp, &remain); if (!kret) - kret = krb5_externalize_opaque(kcontext, - KV5M_CONTEXT, - (krb5_pointer) ctx->k5_context, - &bp, &remain); + kret = k5_externalize_context(ctx->k5_context, &bp, &remain); if (!kret) - kret = krb5_externalize_opaque(kcontext, - KV5M_AUTH_CONTEXT, - (krb5_pointer) ctx->auth_context, - &bp, &remain); + kret = k5_externalize_auth_context(ctx->auth_context, + &bp, &remain); if (!kret) kret = krb5_ser_pack_int32((krb5_int32) ctx->proto, @@ -490,9 +419,7 @@ kg_ctx_externalize(kcontext, arg, buffer, lenremain) kret = krb5_ser_pack_int32((krb5_int32) ctx->cksumtype, &bp, &remain); if (!kret && ctx->acceptor_subkey) - kret = krb5_externalize_opaque(kcontext, - KV5M_KEYBLOCK, (krb5_pointer) - &ctx->acceptor_subkey->keyblock, + kret = k5_externalize_keyblock(&ctx->acceptor_subkey->keyblock, &bp, &remain); if (!kret) kret = krb5_ser_pack_int32((krb5_int32) ctx->acceptor_subkey_cksumtype, @@ -513,11 +440,8 @@ kg_ctx_externalize(kcontext, arg, buffer, lenremain) if (!kret && ctx->authdata) { /* authdata */ for (i = 0; !kret && ctx->authdata[i]; i++) - kret = krb5_externalize_opaque(kcontext, - KV5M_AUTHDATA, - ctx->authdata[i], - &bp, - &remain); + kret = k5_externalize_authdata(ctx->authdata[i], + &bp, &remain); } } /* authdata context */ @@ -527,11 +451,10 @@ kg_ctx_externalize(kcontext, arg, buffer, lenremain) initiator_name = ctx->initiate ? ctx->here : ctx->there; if (initiator_name && initiator_name->ad_context) { - kret = krb5_externalize_opaque(kcontext, - KV5M_AUTHDATA_CONTEXT, - initiator_name->ad_context, - &bp, - &remain); + kret = k5_externalize_authdata_context(kcontext, + initiator_name-> + ad_context, + &bp, &remain); } } /* trailer */ @@ -548,17 +471,16 @@ kg_ctx_externalize(kcontext, arg, buffer, lenremain) /* Internalize a keyblock and convert it to a key. */ static krb5_error_code -intern_key(krb5_context ctx, krb5_key *key, krb5_octet **bp, size_t *sp) +intern_key(krb5_key *key, krb5_octet **bp, size_t *sp) { krb5_keyblock *keyblock; krb5_error_code ret; - ret = krb5_internalize_opaque(ctx, KV5M_KEYBLOCK, - (krb5_pointer *) &keyblock, bp, sp); + ret = k5_internalize_keyblock(&keyblock, bp, sp); if (ret != 0) return ret; - ret = krb5_k_create_key(ctx, keyblock, key); - krb5_free_keyblock(ctx, keyblock); + ret = krb5_k_create_key(NULL, keyblock, key); + krb5_free_keyblock(NULL, keyblock); return ret; } @@ -566,11 +488,8 @@ intern_key(krb5_context ctx, krb5_key *key, krb5_octet **bp, size_t *sp) * Internalize this krb5_gss_ctx_id_t. */ krb5_error_code -kg_ctx_internalize(kcontext, argp, buffer, lenremain) - krb5_context kcontext; - krb5_pointer *argp; - krb5_octet **buffer; - size_t *lenremain; +kg_ctx_internalize(krb5_context kcontext, krb5_gss_ctx_id_t *argp, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code kret; krb5_gss_ctx_id_rec *ctx; @@ -603,7 +522,6 @@ kg_ctx_internalize(kcontext, argp, buffer, lenremain) memset(ctx, 0, sizeof(krb5_gss_ctx_id_rec)); ctx->magic = ibuf; - ctx->k5_context = kcontext; /* Get static data */ (void) krb5_ser_unpack_int32(&ibuf, &bp, &remain); @@ -645,19 +563,15 @@ kg_ctx_internalize(kcontext, argp, buffer, lenremain) } { - krb5_pointer tmp; - kret = kg_oid_internalize(kcontext, &tmp, &bp, - &remain); + gss_OID tmp; + kret = kg_oid_internalize(&tmp, &bp, &remain); if (kret == 0) ctx->mech_used = tmp; else if (kret == EINVAL) kret = 0; } /* Now get substructure data */ - kret = krb5_internalize_opaque(kcontext, - KV5M_PRINCIPAL, - (krb5_pointer *) &princ, - &bp, &remain); + kret = k5_internalize_principal(&princ, &bp, &remain); if (kret == 0) { kret = kg_init_name(kcontext, princ, NULL, NULL, NULL, KG_INIT_NAME_NO_COPY, &ctx->here); @@ -666,10 +580,7 @@ kg_ctx_internalize(kcontext, argp, buffer, lenremain) } else if (kret == EINVAL) kret = 0; if (!kret) { - kret = krb5_internalize_opaque(kcontext, - KV5M_PRINCIPAL, - (krb5_pointer *) &princ, - &bp, &remain); + kret = k5_internalize_principal(&princ, &bp, &remain); if (kret == 0) { kret = kg_init_name(kcontext, princ, NULL, NULL, NULL, KG_INIT_NAME_NO_COPY, &ctx->there); @@ -679,39 +590,33 @@ kg_ctx_internalize(kcontext, argp, buffer, lenremain) kret = 0; } if (!kret && - (kret = intern_key(kcontext, &ctx->subkey, &bp, &remain))) { + (kret = intern_key(&ctx->subkey, &bp, &remain))) { if (kret == EINVAL) kret = 0; } if (!kret && - (kret = intern_key(kcontext, &ctx->enc, &bp, &remain))) { + (kret = intern_key(&ctx->enc, &bp, &remain))) { if (kret == EINVAL) kret = 0; } if (!kret && - (kret = intern_key(kcontext, &ctx->seq, &bp, &remain))) { + (kret = intern_key(&ctx->seq, &bp, &remain))) { if (kret == EINVAL) kret = 0; } if (!kret) { - kret = kg_seqstate_internalize(kcontext, &ctx->seqstate, - &bp, &remain); + kret = kg_seqstate_internalize(&ctx->seqstate, &bp, &remain); if (kret == EINVAL) kret = 0; } if (!kret) - kret = krb5_internalize_opaque(kcontext, - KV5M_CONTEXT, - (krb5_pointer *) &ctx->k5_context, - &bp, &remain); + kret = k5_internalize_context(&ctx->k5_context, &bp, &remain); if (!kret) - kret = krb5_internalize_opaque(kcontext, - KV5M_AUTH_CONTEXT, - (krb5_pointer *) &ctx->auth_context, - &bp, &remain); + kret = k5_internalize_auth_context(&ctx->auth_context, + &bp, &remain); if (!kret) kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain); @@ -720,8 +625,7 @@ kg_ctx_internalize(kcontext, argp, buffer, lenremain) kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain); ctx->cksumtype = ibuf; if (!kret && - (kret = intern_key(kcontext, &ctx->acceptor_subkey, - &bp, &remain))) { + (kret = intern_key(&ctx->acceptor_subkey, &bp, &remain))) { if (kret == EINVAL) kret = 0; } @@ -744,11 +648,8 @@ kg_ctx_internalize(kcontext, argp, buffer, lenremain) kret = ENOMEM; } else { for (i = 0; !kret && i < nadata; i++) - kret = krb5_internalize_opaque(kcontext, - KV5M_AUTHDATA, - (krb5_pointer *)&ctx->authdata[i], - &bp, - &remain); + kret = k5_internalize_authdata(&ctx->authdata[i], + &bp, &remain); } } } @@ -760,11 +661,10 @@ kg_ctx_internalize(kcontext, argp, buffer, lenremain) if (initiator_name == NULL) { kret = EINVAL; } else { - kret = krb5_internalize_opaque(kcontext, - KV5M_AUTHDATA_CONTEXT, - (krb5_pointer *)&initiator_name->ad_context, - &bp, - &remain); + kret = k5_internalize_authdata_context(kcontext, + &initiator_name-> + ad_context, + &bp, &remain); if (kret == EINVAL) kret = 0; } @@ -778,7 +678,7 @@ kg_ctx_internalize(kcontext, argp, buffer, lenremain) if (!kret) { *buffer = bp; *lenremain = remain; - *argp = (krb5_pointer) ctx; + *argp = ctx; } else { if (ctx->seq) krb5_k_free_key(kcontext, ctx->seq); diff --git a/src/lib/kdb/keytab.c b/src/lib/kdb/keytab.c index c6aa100daf..a623e001ec 100644 --- a/src/lib/kdb/keytab.c +++ b/src/lib/kdb/keytab.c @@ -58,7 +58,6 @@ krb5_kt_ops krb5_kt_kdb_ops = { NULL, /* end_get */ NULL, /* add (extended) */ NULL, /* remove (extended) */ - NULL, /* (void *) &krb5_ktfile_ser_entry */ }; typedef struct krb5_ktkdb_data { diff --git a/src/lib/krb5/ccache/Makefile.in b/src/lib/krb5/ccache/Makefile.in index f84cf793e0..73468547e7 100644 --- a/src/lib/krb5/ccache/Makefile.in +++ b/src/lib/krb5/ccache/Makefile.in @@ -44,7 +44,7 @@ STLIBOBJS= \ cc_memory.o \ cc_keyring.o \ ccfns.o \ - ser_cc.o $(KCMRPC_OBJ) + $(KCMRPC_OBJ) OBJS= $(OUTPRE)ccbase.$(OBJEXT) \ $(OUTPRE)cccopy.$(OBJEXT) \ @@ -63,7 +63,7 @@ OBJS= $(OUTPRE)ccbase.$(OBJEXT) \ $(OUTPRE)cc_memory.$(OBJEXT) \ $(OUTPRE)cc_keyring.$(OBJEXT) \ $(OUTPRE)ccfns.$(OBJEXT) \ - $(OUTPRE)ser_cc.$(OBJEXT) $(MSLSA_OBJ) + $(MSLSA_OBJ) SRCS= $(srcdir)/ccbase.c \ $(srcdir)/cccopy.c \ @@ -82,7 +82,7 @@ SRCS= $(srcdir)/ccbase.c \ $(srcdir)/cc_memory.c \ $(srcdir)/cc_keyring.c \ $(srcdir)/ccfns.c \ - $(srcdir)/ser_cc.c $(MSLSA_SRC) + $(MSLSA_SRC) EXTRADEPSRCS= \ $(srcdir)/t_cc.c \ diff --git a/src/lib/krb5/ccache/deps b/src/lib/krb5/ccache/deps index d05a3c1f45..e6c1fce616 100644 --- a/src/lib/krb5/ccache/deps +++ b/src/lib/krb5/ccache/deps @@ -188,16 +188,6 @@ ccfns.so ccfns.po $(OUTPRE)ccfns.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ cc-int.h ccfns.c -ser_cc.so ser_cc.po $(OUTPRE)ser_cc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h cc-int.h ser_cc.c t_cc.so t_cc.po $(OUTPRE)t_cc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ diff --git a/src/lib/krb5/ccache/ser_cc.c b/src/lib/krb5/ccache/ser_cc.c deleted file mode 100644 index fd6aed50d7..0000000000 --- a/src/lib/krb5/ccache/ser_cc.c +++ /dev/null @@ -1,215 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* lib/krb5/ccache/ser_cc.c - Serialize credential cache context */ -/* - * Copyright 1995 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "k5-int.h" -#include "cc-int.h" - -/* - * Routines to deal with externalizing krb5_ccache. - * krb5_ccache_size(); - * krb5_ccache_externalize(); - * krb5_ccache_internalize(); - */ -static krb5_error_code krb5_ccache_size -(krb5_context, krb5_pointer, size_t *); -static krb5_error_code krb5_ccache_externalize -(krb5_context, krb5_pointer, krb5_octet **, size_t *); -static krb5_error_code krb5_ccache_internalize -(krb5_context,krb5_pointer *, krb5_octet **, size_t *); - -/* - * Serialization entry for this type. - */ -static const krb5_ser_entry krb5_ccache_ser_entry = { - KV5M_CCACHE, /* Type */ - krb5_ccache_size, /* Sizer routine */ - krb5_ccache_externalize, /* Externalize routine */ - krb5_ccache_internalize /* Internalize routine */ -}; - -/* - * krb5_ccache_size() - Determine the size required to externalize - * this krb5_ccache variant. - */ -static krb5_error_code -krb5_ccache_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) -{ - krb5_error_code kret; - krb5_ccache ccache; - size_t required; - - kret = EINVAL; - if ((ccache = (krb5_ccache) arg)) { - /* - * Saving FILE: variants of krb5_ccache requires at minimum: - * krb5_int32 for KV5M_CCACHE - * krb5_int32 for length of ccache name. - * krb5_int32 for KV5M_CCACHE - */ - required = sizeof(krb5_int32) * 3; - if (ccache->ops->prefix) - required += (strlen(ccache->ops->prefix)+1); - - /* - * The ccache name is formed as follows: - * : - */ - required += strlen(krb5_cc_get_name(kcontext, ccache)); - - kret = 0; - *sizep += required; - } - return(kret); -} - -/* - * krb5_ccache_externalize() - Externalize the krb5_ccache. - */ -static krb5_error_code -krb5_ccache_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain) -{ - krb5_error_code kret; - krb5_ccache ccache; - size_t required; - krb5_octet *bp; - size_t remain; - char *ccname; - const char *fnamep; - - required = 0; - bp = *buffer; - remain = *lenremain; - kret = EINVAL; - if ((ccache = (krb5_ccache) arg)) { - kret = ENOMEM; - if (!krb5_ccache_size(kcontext, arg, &required) && - (required <= remain)) { - /* Our identifier */ - (void) krb5_ser_pack_int32(KV5M_CCACHE, &bp, &remain); - - fnamep = krb5_cc_get_name(kcontext, ccache); - - if (ccache->ops->prefix) { - if (asprintf(&ccname, "%s:%s", ccache->ops->prefix, fnamep) < 0) - ccname = NULL; - } else - ccname = strdup(fnamep); - - if (ccname) { - /* Put the length of the file name */ - (void) krb5_ser_pack_int32((krb5_int32) strlen(ccname), - &bp, &remain); - - /* Put the name */ - (void) krb5_ser_pack_bytes((krb5_octet *) ccname, - strlen(ccname), - &bp, &remain); - - /* Put the trailer */ - (void) krb5_ser_pack_int32(KV5M_CCACHE, &bp, &remain); - kret = 0; - *buffer = bp; - *lenremain = remain; - free(ccname); - } - } - } - return(kret); -} - -/* - * krb5_ccache_internalize() - Internalize the krb5_ccache. - */ -static krb5_error_code -krb5_ccache_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet **buffer, size_t *lenremain) -{ - krb5_error_code kret; - krb5_ccache ccache; - krb5_int32 ibuf; - krb5_octet *bp; - size_t remain; - char *ccname = NULL; - - *argp = NULL; - - bp = *buffer; - remain = *lenremain; - - /* Read our magic number. */ - kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain); - if (kret) - return kret; - if (ibuf != KV5M_CCACHE) - return EINVAL; - - /* Unpack and validate the length of the ccache name. */ - kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain); - if (kret) - return kret; - if (ibuf < 0 || (krb5_ui_4) ibuf > remain) - return EINVAL; - - /* Allocate and unpack the name. */ - ccname = malloc(ibuf + 1); - if (!ccname) - return ENOMEM; - kret = krb5_ser_unpack_bytes((krb5_octet *) ccname, (size_t) ibuf, - &bp, &remain); - if (kret) - goto cleanup; - ccname[ibuf] = '\0'; - - /* Read the second magic number. */ - kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain); - if (kret) - goto cleanup; - if (ibuf != KV5M_CCACHE) { - kret = EINVAL; - goto cleanup; - } - - /* Resolve the named credential cache. */ - kret = krb5_cc_resolve(kcontext, ccname, &ccache); - if (kret) - goto cleanup; - - *buffer = bp; - *lenremain = remain; - *argp = ccache; - -cleanup: - free(ccname); - return(kret); -} - -/* - * Register the ccache serializer. - */ -krb5_error_code KRB5_CALLCONV -krb5_ser_ccache_init(krb5_context kcontext) -{ - return(krb5_register_serializer(kcontext, &krb5_ccache_ser_entry)); -} diff --git a/src/lib/krb5/keytab/kt_file.c b/src/lib/krb5/keytab/kt_file.c index 458bb2cb42..021c94398a 100644 --- a/src/lib/krb5/keytab/kt_file.c +++ b/src/lib/krb5/keytab/kt_file.c @@ -520,275 +520,6 @@ krb5_ktfile_end_get(krb5_context context, krb5_keytab id, krb5_kt_cursor *cursor return kerror; } -/* - * ser_ktf.c - Serialize keytab file context for subsequent reopen. - */ - -static const char ktfile_def_name[] = "."; - -/* - * Routines to deal with externalizing krb5_keytab for [WR]FILE: variants. - * krb5_ktf_keytab_size(); - * krb5_ktf_keytab_externalize(); - * krb5_ktf_keytab_internalize(); - */ -static krb5_error_code -krb5_ktf_keytab_size(krb5_context, krb5_pointer, size_t *); - -static krb5_error_code -krb5_ktf_keytab_externalize(krb5_context, krb5_pointer, krb5_octet **, - size_t *); - -static krb5_error_code -krb5_ktf_keytab_internalize(krb5_context,krb5_pointer *, krb5_octet **, - size_t *); - -/* - * Serialization entry for this type. - */ -const krb5_ser_entry krb5_ktfile_ser_entry = { - KV5M_KEYTAB, /* Type */ - krb5_ktf_keytab_size, /* Sizer routine */ - krb5_ktf_keytab_externalize, /* Externalize routine */ - krb5_ktf_keytab_internalize /* Internalize routine */ -}; - -/* - * krb5_ktf_keytab_size() - Determine the size required to externalize - * this krb5_keytab variant. - */ -static krb5_error_code -krb5_ktf_keytab_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) -{ - krb5_error_code kret; - krb5_keytab keytab; - size_t required; - krb5_ktfile_data *ktdata; - - kret = EINVAL; - if ((keytab = (krb5_keytab) arg)) { - /* - * Saving FILE: variants of krb5_keytab requires at minimum: - * krb5_int32 for KV5M_KEYTAB - * krb5_int32 for length of keytab name. - * krb5_int32 for file status. - * krb5_int32 for file position. - * krb5_int32 for file position. - * krb5_int32 for version. - * krb5_int32 for KV5M_KEYTAB - */ - required = sizeof(krb5_int32) * 7; - if (keytab->ops && keytab->ops->prefix) - required += (strlen(keytab->ops->prefix)+1); - - /* - * The keytab name is formed as follows: - * : - * If there's no name, we use a default name so that we have something - * to call krb5_keytab_resolve with. - */ - ktdata = (krb5_ktfile_data *) keytab->data; - required += strlen((ktdata && ktdata->name) ? - ktdata->name : ktfile_def_name); - kret = 0; - - if (!kret) - *sizep += required; - } - return(kret); -} - -/* - * krb5_ktf_keytab_externalize() - Externalize the krb5_keytab. - */ -static krb5_error_code -krb5_ktf_keytab_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain) -{ - krb5_error_code kret; - krb5_keytab keytab; - size_t required; - krb5_octet *bp; - size_t remain; - krb5_ktfile_data *ktdata; - krb5_int32 file_is_open; - int64_t file_pos; - char *ktname; - const char *fnamep; - - required = 0; - bp = *buffer; - remain = *lenremain; - kret = EINVAL; - if ((keytab = (krb5_keytab) arg)) { - kret = ENOMEM; - if (!krb5_ktf_keytab_size(kcontext, arg, &required) && - (required <= remain)) { - /* Our identifier */ - (void) krb5_ser_pack_int32(KV5M_KEYTAB, &bp, &remain); - - ktdata = (krb5_ktfile_data *) keytab->data; - file_is_open = 0; - file_pos = 0; - - /* Calculate the length of the name */ - if (ktdata && ktdata->name) - fnamep = ktdata->name; - else - fnamep = ktfile_def_name; - - if (keytab->ops && keytab->ops->prefix) { - if (asprintf(&ktname, "%s:%s", keytab->ops->prefix, fnamep) < 0) - ktname = NULL; - } else - ktname = strdup(fnamep); - - if (ktname) { - /* Fill in the file-specific keytab information. */ - if (ktdata) { - if (ktdata->openf) { - long fpos; - int fflags = 0; - - file_is_open = 1; -#if !defined(_WIN32) - fflags = fcntl(fileno(ktdata->openf), F_GETFL, 0); - if (fflags > 0) - file_is_open |= ((fflags & O_ACCMODE) << 1); -#else - file_is_open = 0; -#endif - fpos = ftell(ktdata->openf); - file_pos = fpos; /* XX range check? */ - } - } - - /* Put the length of the file name */ - (void) krb5_ser_pack_int32((krb5_int32) strlen(ktname), - &bp, &remain); - - /* Put the name */ - (void) krb5_ser_pack_bytes((krb5_octet *) ktname, - strlen(ktname), - &bp, &remain); - - /* Put the file open flag */ - (void) krb5_ser_pack_int32(file_is_open, &bp, &remain); - - /* Put the file position */ - (void) krb5_ser_pack_int64(file_pos, &bp, &remain); - - /* Put the version */ - (void) krb5_ser_pack_int32((krb5_int32) ((ktdata) ? - ktdata->version : 0), - &bp, &remain); - - /* Put the trailer */ - (void) krb5_ser_pack_int32(KV5M_KEYTAB, &bp, &remain); - kret = 0; - *buffer = bp; - *lenremain = remain; - free(ktname); - } - } - } - return(kret); -} - -/* - * krb5_ktf_keytab_internalize() - Internalize the krb5_ktf_keytab. - */ -static krb5_error_code -krb5_ktf_keytab_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet **buffer, size_t *lenremain) -{ - krb5_error_code kret; - krb5_keytab keytab = NULL; - krb5_int32 ibuf; - krb5_octet *bp; - size_t remain; - char *ktname = NULL; - krb5_ktfile_data *ktdata; - krb5_int32 file_is_open; - int64_t foff; - - *argp = NULL; - bp = *buffer; - remain = *lenremain; - - /* Read our magic number */ - if (krb5_ser_unpack_int32(&ibuf, &bp, &remain) || ibuf != KV5M_KEYTAB) - return EINVAL; - - /* Read the keytab name */ - kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain); - if (kret) - return kret; - ktname = malloc(ibuf + 1); - if (!ktname) - return ENOMEM; - kret = krb5_ser_unpack_bytes((krb5_octet *) ktname, (size_t) ibuf, - &bp, &remain); - if (kret) - goto cleanup; - ktname[ibuf] = '\0'; - - /* Resolve the keytab. */ - kret = krb5_kt_resolve(kcontext, ktname, &keytab); - if (kret) - goto cleanup; - - if (keytab->ops != &krb5_ktf_ops) { - kret = EINVAL; - goto cleanup; - } - ktdata = (krb5_ktfile_data *) keytab->data; - - if (remain < (sizeof(krb5_int32)*5)) { - kret = EINVAL; - goto cleanup; - } - (void) krb5_ser_unpack_int32(&file_is_open, &bp, &remain); - (void) krb5_ser_unpack_int64(&foff, &bp, &remain); - (void) krb5_ser_unpack_int32(&ibuf, &bp, &remain); - ktdata->version = (int) ibuf; - (void) krb5_ser_unpack_int32(&ibuf, &bp, &remain); - if (ibuf != KV5M_KEYTAB) { - kret = EINVAL; - goto cleanup; - } - - if (file_is_open) { - int fmode; - long fpos; - -#if !defined(_WIN32) - fmode = (file_is_open >> 1) & O_ACCMODE; -#else - fmode = 0; -#endif - if (fmode) - kret = krb5_ktfileint_openw(kcontext, keytab); - else - kret = krb5_ktfileint_openr(kcontext, keytab); - if (kret) - goto cleanup; - fpos = foff; /* XX range check? */ - if (fseek(KTFILEP(keytab), fpos, SEEK_SET) == -1) { - kret = errno; - goto cleanup; - } - } - - *buffer = bp; - *lenremain = remain; - *argp = (krb5_pointer) keytab; -cleanup: - if (kret != 0 && keytab) - krb5_kt_close(kcontext, keytab); - free(ktname); - return kret; -} - - /* * krb5_ktfile_add() */ @@ -900,8 +631,7 @@ const struct _krb5_kt_ops krb5_ktf_ops = { krb5_ktfile_get_next, krb5_ktfile_end_get, krb5_ktfile_add, - krb5_ktfile_remove, - &krb5_ktfile_ser_entry + krb5_ktfile_remove }; /* @@ -921,8 +651,7 @@ const struct _krb5_kt_ops krb5_ktf_writable_ops = { krb5_ktfile_get_next, krb5_ktfile_end_get, krb5_ktfile_add, - krb5_ktfile_remove, - &krb5_ktfile_ser_entry + krb5_ktfile_remove }; /* @@ -940,8 +669,7 @@ const krb5_kt_ops krb5_kt_dfl_ops = { krb5_ktfile_get_next, krb5_ktfile_end_get, 0, - 0, - &krb5_ktfile_ser_entry + 0 }; /* Formerly lib/krb5/keytab/file/ktf_util.c */ diff --git a/src/lib/krb5/keytab/kt_memory.c b/src/lib/krb5/keytab/kt_memory.c index 8824adf508..c0eb6e5d0d 100644 --- a/src/lib/krb5/keytab/kt_memory.c +++ b/src/lib/krb5/keytab/kt_memory.c @@ -631,8 +631,7 @@ const struct _krb5_kt_ops krb5_mkt_ops = { krb5_mkt_get_next, krb5_mkt_end_get, krb5_mkt_add, - krb5_mkt_remove, - NULL + krb5_mkt_remove }; #endif /* LEAN_CLIENT */ diff --git a/src/lib/krb5/keytab/ktbase.c b/src/lib/krb5/keytab/ktbase.c index 25752245ac..9010b6e63b 100644 --- a/src/lib/krb5/keytab/ktbase.c +++ b/src/lib/krb5/keytab/ktbase.c @@ -218,79 +218,4 @@ krb5_kt_dup(krb5_context context, krb5_keytab in, krb5_keytab *out) return err ? err : krb5_kt_resolve(context, name, out); } -/* - * Routines to deal with externalizingt krb5_keytab. - * keytab_size(); - * keytab_externalize(); - * keytab_internalize(); - */ -static krb5_error_code keytab_size -(krb5_context, krb5_pointer, size_t *); -static krb5_error_code keytab_externalize -(krb5_context, krb5_pointer, krb5_octet **, size_t *); -static krb5_error_code keytab_internalize -(krb5_context,krb5_pointer *, krb5_octet **, size_t *); - -/* - * Serialization entry for this type. - */ -static const krb5_ser_entry krb5_keytab_ser_entry = { - KV5M_KEYTAB, /* Type */ - keytab_size, /* Sizer routine */ - keytab_externalize, /* Externalize routine */ - keytab_internalize /* Internalize routine */ -}; - -static krb5_error_code -keytab_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) -{ - krb5_error_code kret; - krb5_keytab keytab; - krb5_ser_handle shandle; - - kret = EINVAL; - if ((keytab = (krb5_keytab) arg) && - keytab->ops && - (shandle = (krb5_ser_handle) keytab->ops->serializer) && - shandle->sizer) - kret = (*shandle->sizer)(kcontext, arg, sizep); - return(kret); -} - -static krb5_error_code -keytab_externalize(krb5_context kcontext, krb5_pointer arg, - krb5_octet **buffer, size_t *lenremain) -{ - krb5_error_code kret; - krb5_keytab keytab; - krb5_ser_handle shandle; - - kret = EINVAL; - if ((keytab = (krb5_keytab) arg) && - keytab->ops && - (shandle = (krb5_ser_handle) keytab->ops->serializer) && - shandle->externalizer) - kret = (*shandle->externalizer)(kcontext, arg, buffer, lenremain); - return(kret); -} - -static krb5_error_code -keytab_internalize(krb5_context kcontext, krb5_pointer *argp, - krb5_octet **buffer, size_t *lenremain) -{ - krb5_error_code kret; - krb5_ser_handle shandle; - - kret = EINVAL; - if ((shandle = (krb5_ser_handle) krb5_kt_dfl_ops.serializer) && - shandle->internalizer) - kret = (*shandle->internalizer)(kcontext, argp, buffer, lenremain); - return(kret); -} - -krb5_error_code KRB5_CALLCONV -krb5_ser_keytab_init(krb5_context kcontext) -{ - return(krb5_register_serializer(kcontext, &krb5_keytab_ser_entry)); -} #endif /* LEAN_CLIENT */ diff --git a/src/lib/krb5/krb/authdata.c b/src/lib/krb5/krb/authdata.c index 3e7dfbe494..3685fcd916 100644 --- a/src/lib/krb5/krb/authdata.c +++ b/src/lib/krb5/krb/authdata.c @@ -1149,13 +1149,11 @@ krb5_authdata_context_copy(krb5_context kcontext, /* * Calculate size of to-be-externalized authdata context. */ -static krb5_error_code -krb5_authdata_context_size(krb5_context kcontext, - krb5_pointer ptr, - size_t *sizep) +krb5_error_code +k5_size_authdata_context(krb5_context kcontext, krb5_authdata_context context, + size_t *sizep) { krb5_error_code code; - krb5_authdata_context context = (krb5_authdata_context)ptr; code = k5_ad_size(kcontext, context, AD_USAGE_MASK, sizep); if (code != 0) @@ -1169,14 +1167,12 @@ krb5_authdata_context_size(krb5_context kcontext, /* * Externalize an authdata context. */ -static krb5_error_code -krb5_authdata_context_externalize(krb5_context kcontext, - krb5_pointer ptr, - krb5_octet **buffer, - size_t *lenremain) +krb5_error_code +k5_externalize_authdata_context(krb5_context kcontext, + krb5_authdata_context context, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code code; - krb5_authdata_context context = (krb5_authdata_context)ptr; krb5_octet *bp; size_t remain; @@ -1208,11 +1204,10 @@ krb5_authdata_context_externalize(krb5_context kcontext, /* * Internalize an authdata context. */ -static krb5_error_code -krb5_authdata_context_internalize(krb5_context kcontext, - krb5_pointer *ptr, - krb5_octet **buffer, - size_t *lenremain) +krb5_error_code +k5_internalize_authdata_context(krb5_context kcontext, + krb5_authdata_context *ptr, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code code; krb5_authdata_context context; @@ -1257,23 +1252,6 @@ krb5_authdata_context_internalize(krb5_context kcontext, return 0; } -static const krb5_ser_entry krb5_authdata_context_ser_entry = { - KV5M_AUTHDATA_CONTEXT, - krb5_authdata_context_size, - krb5_authdata_context_externalize, - krb5_authdata_context_internalize -}; - -/* - * Register the authdata context serializer. - */ -krb5_error_code -krb5_ser_authdata_context_init(krb5_context kcontext) -{ - return krb5_register_serializer(kcontext, - &krb5_authdata_context_ser_entry); -} - krb5_error_code krb5int_copy_authdatum(krb5_context context, const krb5_authdata *inad, krb5_authdata **outad) diff --git a/src/lib/krb5/krb/copy_ctx.c b/src/lib/krb5/krb/copy_ctx.c index c09965ebf1..105eaf0cff 100644 --- a/src/lib/krb5/krb/copy_ctx.c +++ b/src/lib/krb5/krb/copy_ctx.c @@ -74,8 +74,6 @@ krb5_copy_context(krb5_context ctx, krb5_context *nctx_out) nctx->default_realm = NULL; nctx->profile = NULL; nctx->dal_handle = NULL; - nctx->ser_ctx_count = 0; - nctx->ser_ctx = NULL; nctx->prompt_types = NULL; nctx->preauth_context = NULL; nctx->ccselect_handles = NULL; diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c index 2f9df4e56d..0fad90389a 100644 --- a/src/lib/krb5/krb/init_ctx.c +++ b/src/lib/krb5/krb/init_ctx.c @@ -316,10 +316,6 @@ krb5_free_context(krb5_context ctx) ctx->tgs_etypes = NULL; free(ctx->default_realm); ctx->default_realm = 0; - if (ctx->ser_ctx_count && ctx->ser_ctx) { - free(ctx->ser_ctx); - ctx->ser_ctx = 0; - } krb5_clear_error_message(ctx); free(ctx->err_fmt); diff --git a/src/lib/krb5/krb/s4u_authdata.c b/src/lib/krb5/krb/s4u_authdata.c index 36ca82d719..a2300def8e 100644 --- a/src/lib/krb5/krb/s4u_authdata.c +++ b/src/lib/krb5/krb/s4u_authdata.c @@ -418,8 +418,7 @@ s4u2proxy_size(krb5_context kcontext, *sizep += sizeof(krb5_int32); /* princ count */ for (i = 0; i < s4uctx->count; i++) { - code = krb5_size_opaque(kcontext, KV5M_PRINCIPAL, - (krb5_pointer)s4uctx->delegated[i], sizep); + code = k5_size_principal(s4uctx->delegated[i], sizep); if (code != 0) return code; } @@ -457,9 +456,7 @@ s4u2proxy_externalize(krb5_context kcontext, krb5_ser_pack_int32(s4uctx->count, &bp, &remain); /* princ count */ for (i = 0; i < s4uctx->count; i++) { - code = krb5_externalize_opaque(kcontext, KV5M_PRINCIPAL, - (krb5_pointer)s4uctx->delegated[i], - &bp, &remain); + code = k5_externalize_principal(s4uctx->delegated[i], &bp, &remain); if (code != 0) return code; } @@ -516,9 +513,7 @@ s4u2proxy_internalize(krb5_context kcontext, goto cleanup; for (i = 0; i < count; i++) { - code = krb5_internalize_opaque(kcontext, KV5M_PRINCIPAL, - (krb5_pointer *)&delegated[i], - &bp, &remain); + code = k5_internalize_principal(&delegated[i], &bp, &remain); if (code != 0) goto cleanup; } diff --git a/src/lib/krb5/krb/ser_actx.c b/src/lib/krb5/krb/ser_actx.c index f16f8dbf25..6de35a146a 100644 --- a/src/lib/krb5/krb/ser_actx.c +++ b/src/lib/krb5/krb/ser_actx.c @@ -36,40 +36,10 @@ #define TOKEN_LSKBLOCK 950921 #define TOKEN_RSKBLOCK 950922 -/* - * Routines to deal with externalizing the krb5_auth_context: - * krb5_auth_context_size(); - * krb5_auth_context_externalize(); - * krb5_auth_context_internalize(); - */ -static krb5_error_code krb5_auth_context_size -(krb5_context, krb5_pointer, size_t *); -static krb5_error_code krb5_auth_context_externalize -(krb5_context, krb5_pointer, krb5_octet **, size_t *); -static krb5_error_code krb5_auth_context_internalize -(krb5_context,krb5_pointer *, krb5_octet **, size_t *); - -/* - * Other metadata serialization initializers. - */ - -/* Local data */ -static const krb5_ser_entry krb5_auth_context_ser_entry = { - KV5M_AUTH_CONTEXT, /* Type */ - krb5_auth_context_size, /* Sizer routine */ - krb5_auth_context_externalize, /* Externalize routine */ - krb5_auth_context_internalize /* Internalize routine */ -}; - -/* - * krb5_auth_context_size() - Determine the size required to externalize - * the krb5_auth_context. - */ -static krb5_error_code -krb5_auth_context_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) +krb5_error_code +k5_size_auth_context(krb5_auth_context auth_context, size_t *sizep) { krb5_error_code kret; - krb5_auth_context auth_context; size_t required; /* @@ -84,7 +54,7 @@ krb5_auth_context_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) * krb5_int32 for KV5M_AUTH_CONTEXT */ kret = EINVAL; - if ((auth_context = (krb5_auth_context) arg)) { + if (auth_context != NULL) { kret = 0; required = auth_context->cstate.length; @@ -92,59 +62,42 @@ krb5_auth_context_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) /* Calculate size required by remote_addr, if appropriate */ if (!kret && auth_context->remote_addr) { - kret = krb5_size_opaque(kcontext, - KV5M_ADDRESS, - (krb5_pointer) auth_context->remote_addr, - &required); + kret = k5_size_address(auth_context->remote_addr, &required); if (!kret) required += sizeof(krb5_int32); } /* Calculate size required by remote_port, if appropriate */ if (!kret && auth_context->remote_port) { - kret = krb5_size_opaque(kcontext, - KV5M_ADDRESS, - (krb5_pointer) auth_context->remote_port, - &required); + kret = k5_size_address(auth_context->remote_port, &required); if (!kret) required += sizeof(krb5_int32); } /* Calculate size required by local_addr, if appropriate */ if (!kret && auth_context->local_addr) { - kret = krb5_size_opaque(kcontext, - KV5M_ADDRESS, - (krb5_pointer) auth_context->local_addr, - &required); + kret = k5_size_address(auth_context->local_addr, &required); if (!kret) required += sizeof(krb5_int32); } /* Calculate size required by local_port, if appropriate */ if (!kret && auth_context->local_port) { - kret = krb5_size_opaque(kcontext, - KV5M_ADDRESS, - (krb5_pointer) auth_context->local_port, - &required); + kret = k5_size_address(auth_context->local_port, &required); if (!kret) required += sizeof(krb5_int32); } /* Calculate size required by key, if appropriate */ if (!kret && auth_context->key) { - kret = krb5_size_opaque(kcontext, - KV5M_KEYBLOCK, (krb5_pointer) - &auth_context->key->keyblock, - &required); + kret = k5_size_keyblock(&auth_context->key->keyblock, &required); if (!kret) required += sizeof(krb5_int32); } /* Calculate size required by send_subkey, if appropriate */ if (!kret && auth_context->send_subkey) { - kret = krb5_size_opaque(kcontext, - KV5M_KEYBLOCK, (krb5_pointer) - &auth_context->send_subkey->keyblock, + kret = k5_size_keyblock(&auth_context->send_subkey->keyblock, &required); if (!kret) required += sizeof(krb5_int32); @@ -152,9 +105,7 @@ krb5_auth_context_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) /* Calculate size required by recv_subkey, if appropriate */ if (!kret && auth_context->recv_subkey) { - kret = krb5_size_opaque(kcontext, - KV5M_KEYBLOCK, (krb5_pointer) - &auth_context->recv_subkey->keyblock, + kret = k5_size_keyblock(&auth_context->recv_subkey->keyblock, &required); if (!kret) required += sizeof(krb5_int32); @@ -162,10 +113,7 @@ krb5_auth_context_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) /* Calculate size required by authentp, if appropriate */ if (!kret && auth_context->authentp) - kret = krb5_size_opaque(kcontext, - KV5M_AUTHENTICATOR, - (krb5_pointer) auth_context->authentp, - &required); + kret = k5_size_authenticator(auth_context->authentp, &required); } if (!kret) @@ -173,14 +121,11 @@ krb5_auth_context_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) return(kret); } -/* - * krb5_auth_context_externalize() - Externalize the krb5_auth_context. - */ -static krb5_error_code -krb5_auth_context_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain) +krb5_error_code +k5_externalize_auth_context(krb5_auth_context auth_context, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code kret; - krb5_auth_context auth_context; size_t required; krb5_octet *bp; size_t remain; @@ -189,10 +134,10 @@ krb5_auth_context_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octe bp = *buffer; remain = *lenremain; kret = EINVAL; - if ((auth_context = (krb5_auth_context) arg)) { + if (auth_context != NULL) { kret = ENOMEM; - if (!krb5_auth_context_size(kcontext, arg, &required) && - (required <= remain)) { + if (!k5_size_auth_context(auth_context, &required) && + required <= remain) { /* Write fixed portion */ (void) krb5_ser_pack_int32(KV5M_AUTH_CONTEXT, &bp, &remain); @@ -219,88 +164,58 @@ krb5_auth_context_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octe /* Now handle remote_addr, if appropriate */ if (!kret && auth_context->remote_addr) { (void) krb5_ser_pack_int32(TOKEN_RADDR, &bp, &remain); - kret = krb5_externalize_opaque(kcontext, - KV5M_ADDRESS, - (krb5_pointer) - auth_context->remote_addr, - &bp, - &remain); + kret = k5_externalize_address(auth_context->remote_addr, + &bp, &remain); } /* Now handle remote_port, if appropriate */ if (!kret && auth_context->remote_port) { (void) krb5_ser_pack_int32(TOKEN_RPORT, &bp, &remain); - kret = krb5_externalize_opaque(kcontext, - KV5M_ADDRESS, - (krb5_pointer) - auth_context->remote_addr, - &bp, - &remain); + kret = k5_externalize_address(auth_context->remote_addr, + &bp, &remain); } /* Now handle local_addr, if appropriate */ if (!kret && auth_context->local_addr) { (void) krb5_ser_pack_int32(TOKEN_LADDR, &bp, &remain); - kret = krb5_externalize_opaque(kcontext, - KV5M_ADDRESS, - (krb5_pointer) - auth_context->local_addr, - &bp, - &remain); + kret = k5_externalize_address(auth_context->local_addr, + &bp, &remain); } /* Now handle local_port, if appropriate */ if (!kret && auth_context->local_port) { (void) krb5_ser_pack_int32(TOKEN_LPORT, &bp, &remain); - kret = krb5_externalize_opaque(kcontext, - KV5M_ADDRESS, - (krb5_pointer) - auth_context->local_addr, - &bp, - &remain); + kret = k5_externalize_address(auth_context->local_addr, + &bp, &remain); } /* Now handle keyblock, if appropriate */ if (!kret && auth_context->key) { (void) krb5_ser_pack_int32(TOKEN_KEYBLOCK, &bp, &remain); - kret = krb5_externalize_opaque(kcontext, - KV5M_KEYBLOCK, - (krb5_pointer) - &auth_context->key->keyblock, - &bp, - &remain); + kret = k5_externalize_keyblock(&auth_context->key->keyblock, + &bp, &remain); } /* Now handle subkey, if appropriate */ if (!kret && auth_context->send_subkey) { (void) krb5_ser_pack_int32(TOKEN_LSKBLOCK, &bp, &remain); - kret = krb5_externalize_opaque(kcontext, - KV5M_KEYBLOCK, - (krb5_pointer) &auth_context-> + kret = k5_externalize_keyblock(&auth_context-> send_subkey->keyblock, - &bp, - &remain); + &bp, &remain); } /* Now handle subkey, if appropriate */ if (!kret && auth_context->recv_subkey) { (void) krb5_ser_pack_int32(TOKEN_RSKBLOCK, &bp, &remain); - kret = krb5_externalize_opaque(kcontext, - KV5M_KEYBLOCK, - (krb5_pointer) &auth_context-> + kret = k5_externalize_keyblock(&auth_context-> recv_subkey->keyblock, - &bp, - &remain); + &bp, &remain); } /* Now handle authentp, if appropriate */ if (!kret && auth_context->authentp) - kret = krb5_externalize_opaque(kcontext, - KV5M_AUTHENTICATOR, - (krb5_pointer) - auth_context->authentp, - &bp, - &remain); + kret = k5_externalize_authenticator(auth_context->authentp, + &bp, &remain); /* * If we were successful, write trailer then update the pointer and @@ -319,25 +234,22 @@ krb5_auth_context_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octe /* Internalize a keyblock and convert it to a key. */ static krb5_error_code -intern_key(krb5_context ctx, krb5_key *key, krb5_octet **bp, size_t *sp) +intern_key(krb5_key *key, krb5_octet **bp, size_t *sp) { krb5_keyblock *keyblock; krb5_error_code ret; - ret = krb5_internalize_opaque(ctx, KV5M_KEYBLOCK, - (krb5_pointer *) &keyblock, bp, sp); + ret = k5_internalize_keyblock(&keyblock, bp, sp); if (ret != 0) return ret; - ret = krb5_k_create_key(ctx, keyblock, key); - krb5_free_keyblock(ctx, keyblock); + ret = krb5_k_create_key(NULL, keyblock, key); + krb5_free_keyblock(NULL, keyblock); return ret; } -/* - * krb5_auth_context_internalize() - Internalize the krb5_auth_context. - */ -static krb5_error_code -krb5_auth_context_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet **buffer, size_t *lenremain) +krb5_error_code +k5_internalize_auth_context(krb5_auth_context *argp, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code kret; krb5_auth_context auth_context; @@ -402,77 +314,50 @@ krb5_auth_context_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_oc /* This is the remote_addr */ if (!kret && (tag == TOKEN_RADDR)) { - if (!(kret = krb5_internalize_opaque(kcontext, - KV5M_ADDRESS, - (krb5_pointer *) - &auth_context-> - remote_addr, - &bp, - &remain))) + if (!(kret = k5_internalize_address(&auth_context->remote_addr, + &bp, &remain))) kret = krb5_ser_unpack_int32(&tag, &bp, &remain); } /* This is the remote_port */ if (!kret && (tag == TOKEN_RPORT)) { - if (!(kret = krb5_internalize_opaque(kcontext, - KV5M_ADDRESS, - (krb5_pointer *) - &auth_context-> - remote_port, - &bp, - &remain))) + if (!(kret = k5_internalize_address(&auth_context->remote_port, + &bp, &remain))) kret = krb5_ser_unpack_int32(&tag, &bp, &remain); } /* This is the local_addr */ if (!kret && (tag == TOKEN_LADDR)) { - if (!(kret = krb5_internalize_opaque(kcontext, - KV5M_ADDRESS, - (krb5_pointer *) - &auth_context-> - local_addr, - &bp, - &remain))) + if (!(kret = k5_internalize_address(&auth_context->local_addr, + &bp, &remain))) kret = krb5_ser_unpack_int32(&tag, &bp, &remain); } /* This is the local_port */ if (!kret && (tag == TOKEN_LPORT)) { - if (!(kret = krb5_internalize_opaque(kcontext, - KV5M_ADDRESS, - (krb5_pointer *) - &auth_context-> - local_port, - &bp, - &remain))) + if (!(kret = k5_internalize_address(&auth_context->local_port, + &bp, &remain))) kret = krb5_ser_unpack_int32(&tag, &bp, &remain); } /* This is the keyblock */ if (!kret && (tag == TOKEN_KEYBLOCK)) { - if (!(kret = intern_key(kcontext, - &auth_context->key, - &bp, - &remain))) + if (!(kret = intern_key(&auth_context->key, &bp, &remain))) kret = krb5_ser_unpack_int32(&tag, &bp, &remain); } /* This is the send_subkey */ if (!kret && (tag == TOKEN_LSKBLOCK)) { - if (!(kret = intern_key(kcontext, - &auth_context->send_subkey, - &bp, - &remain))) + if (!(kret = intern_key(&auth_context->send_subkey, + &bp, &remain))) kret = krb5_ser_unpack_int32(&tag, &bp, &remain); } /* This is the recv_subkey */ if (!kret) { if (tag == TOKEN_RSKBLOCK) { - kret = intern_key(kcontext, - &auth_context->recv_subkey, - &bp, - &remain); + kret = intern_key(&auth_context->recv_subkey, + &bp, &remain); } else { /* @@ -486,15 +371,10 @@ krb5_auth_context_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_oc /* Now find the authentp */ if (!kret) { - if ((kret = krb5_internalize_opaque(kcontext, - KV5M_AUTHENTICATOR, - (krb5_pointer *) - &auth_context->authentp, - &bp, - &remain))) { - if (kret == EINVAL) - kret = 0; - } + kret = k5_internalize_authenticator(&auth_context->authentp, + &bp, &remain); + if (kret == EINVAL) + kret = 0; } /* Finally, find the trailer */ @@ -507,38 +387,11 @@ krb5_auth_context_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_oc *buffer = bp; *lenremain = remain; auth_context->magic = KV5M_AUTH_CONTEXT; - *argp = (krb5_pointer) auth_context; + *argp = auth_context; } else - krb5_auth_con_free(kcontext, auth_context); + krb5_auth_con_free(NULL, auth_context); } } return(kret); } - -/* - * Register the auth_context serializer. - */ -krb5_error_code KRB5_CALLCONV -krb5_ser_auth_context_init(krb5_context kcontext) -{ - krb5_error_code kret; - kret = krb5_register_serializer(kcontext, &krb5_auth_context_ser_entry); - if (!kret) - kret = krb5_ser_authdata_init(kcontext); - if (!kret) - kret = krb5_ser_address_init(kcontext); -#ifndef LEAN_CLIENT - if (!kret) - kret = krb5_ser_authenticator_init(kcontext); -#endif - if (!kret) - kret = krb5_ser_checksum_init(kcontext); - if (!kret) - kret = krb5_ser_keyblock_init(kcontext); - if (!kret) - kret = krb5_ser_principal_init(kcontext); - if (!kret) - kret = krb5_ser_authdata_context_init(kcontext); - return(kret); -} diff --git a/src/lib/krb5/krb/ser_adata.c b/src/lib/krb5/krb/ser_adata.c index a86be890f7..2c0094df26 100644 --- a/src/lib/krb5/krb/ser_adata.c +++ b/src/lib/krb5/krb/ser_adata.c @@ -27,36 +27,10 @@ #include "k5-int.h" #include "int-proto.h" -/* - * Routines to deal with externalizing the krb5_authdata: - * krb5_authdata_size(); - * krb5_authdata_externalize(); - * krb5_authdata_internalize(); - */ -static krb5_error_code krb5_authdata_size -(krb5_context, krb5_pointer, size_t *); -static krb5_error_code krb5_authdata_externalize -(krb5_context, krb5_pointer, krb5_octet **, size_t *); -static krb5_error_code krb5_authdata_internalize -(krb5_context,krb5_pointer *, krb5_octet **, size_t *); - -/* Local data */ -static const krb5_ser_entry krb5_authdata_ser_entry = { - KV5M_AUTHDATA, /* Type */ - krb5_authdata_size, /* Sizer routine */ - krb5_authdata_externalize, /* Externalize routine */ - krb5_authdata_internalize /* Internalize routine */ -}; - -/* - * krb5_authdata_esize() - Determine the size required to externalize - * the krb5_authdata. - */ -static krb5_error_code -krb5_authdata_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) +krb5_error_code +k5_size_authdata(krb5_authdata *authdata, size_t *sizep) { krb5_error_code kret; - krb5_authdata *authdata; /* * krb5_authdata requires: @@ -67,7 +41,7 @@ krb5_authdata_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) * krb5_int32 for KV5M_AUTHDATA */ kret = EINVAL; - if ((authdata = (krb5_authdata *) arg)) { + if (authdata != NULL) { *sizep += (sizeof(krb5_int32) + sizeof(krb5_int32) + sizeof(krb5_int32) + @@ -78,14 +52,11 @@ krb5_authdata_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) return(kret); } -/* - * krb5_authdata_externalize() - Externalize the krb5_authdata. - */ -static krb5_error_code -krb5_authdata_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain) +krb5_error_code +k5_externalize_authdata(krb5_authdata *authdata, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code kret; - krb5_authdata *authdata; size_t required; krb5_octet *bp; size_t remain; @@ -94,10 +65,9 @@ krb5_authdata_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet ** bp = *buffer; remain = *lenremain; kret = EINVAL; - if ((authdata = (krb5_authdata *) arg)) { + if (authdata != NULL) { kret = ENOMEM; - if (!krb5_authdata_size(kcontext, arg, &required) && - (required <= remain)) { + if (!k5_size_authdata(authdata, &required) && required <= remain) { /* Our identifier */ (void) krb5_ser_pack_int32(KV5M_AUTHDATA, &bp, &remain); @@ -124,11 +94,9 @@ krb5_authdata_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet ** return(kret); } -/* - * krb5_authdata_internalize() - Internalize the krb5_authdata. - */ -static krb5_error_code -krb5_authdata_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet **buffer, size_t *lenremain) +krb5_error_code +k5_internalize_authdata(krb5_authdata **argp, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code kret; krb5_authdata *authdata; @@ -169,7 +137,7 @@ krb5_authdata_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet authdata->magic = KV5M_AUTHDATA; *buffer = bp; *lenremain = remain; - *argp = (krb5_pointer) authdata; + *argp = authdata; } else kret = EINVAL; @@ -183,12 +151,3 @@ krb5_authdata_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet } return(kret); } - -/* - * Register the authdata serializer. - */ -krb5_error_code -krb5_ser_authdata_init(krb5_context kcontext) -{ - return(krb5_register_serializer(kcontext, &krb5_authdata_ser_entry)); -} diff --git a/src/lib/krb5/krb/ser_addr.c b/src/lib/krb5/krb/ser_addr.c index a5e0b3f292..52aa6f2a8f 100644 --- a/src/lib/krb5/krb/ser_addr.c +++ b/src/lib/krb5/krb/ser_addr.c @@ -27,36 +27,10 @@ #include "k5-int.h" #include "int-proto.h" -/* - * Routines to deal with externalizing the krb5_address: - * krb5_address_size(); - * krb5_address_externalize(); - * krb5_address_internalize(); - */ -static krb5_error_code krb5_address_size -(krb5_context, krb5_pointer, size_t *); -static krb5_error_code krb5_address_externalize -(krb5_context, krb5_pointer, krb5_octet **, size_t *); -static krb5_error_code krb5_address_internalize -(krb5_context,krb5_pointer *, krb5_octet **, size_t *); - -/* Local data */ -static const krb5_ser_entry krb5_address_ser_entry = { - KV5M_ADDRESS, /* Type */ - krb5_address_size, /* Sizer routine */ - krb5_address_externalize, /* Externalize routine */ - krb5_address_internalize /* Internalize routine */ -}; - -/* - * krb5_address_size() - Determine the size required to externalize - * the krb5_address. - */ -static krb5_error_code -krb5_address_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) +krb5_error_code +k5_size_address(krb5_address *address, size_t *sizep) { krb5_error_code kret; - krb5_address *address; /* * krb5_address requires: @@ -67,7 +41,7 @@ krb5_address_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) * krb5_int32 for KV5M_ADDRESS */ kret = EINVAL; - if ((address = (krb5_address *) arg)) { + if (address != NULL) { *sizep += (sizeof(krb5_int32) + sizeof(krb5_int32) + sizeof(krb5_int32) + @@ -78,14 +52,11 @@ krb5_address_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) return(kret); } -/* - * krb5_address_externalize() - Externalize the krb5_address. - */ -static krb5_error_code -krb5_address_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain) +krb5_error_code +k5_externalize_address(krb5_address *address, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code kret; - krb5_address *address; size_t required; krb5_octet *bp; size_t remain; @@ -94,10 +65,9 @@ krb5_address_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **b bp = *buffer; remain = *lenremain; kret = EINVAL; - if ((address = (krb5_address *) arg)) { + if (address != NULL) { kret = ENOMEM; - if (!krb5_address_size(kcontext, arg, &required) && - (required <= remain)) { + if (!k5_size_address(address, &required) && required <= remain) { /* Our identifier */ (void) krb5_ser_pack_int32(KV5M_ADDRESS, &bp, &remain); @@ -125,11 +95,9 @@ krb5_address_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **b return(kret); } -/* - * krb5_address_internalize() - Internalize the krb5_address. - */ -static krb5_error_code -krb5_address_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet **buffer, size_t *lenremain) +krb5_error_code +k5_internalize_address(krb5_address **argp, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code kret; krb5_address *address; @@ -173,7 +141,7 @@ krb5_address_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet * address->magic = KV5M_ADDRESS; *buffer = bp; *lenremain = remain; - *argp = (krb5_pointer) address; + *argp = address; } else kret = EINVAL; @@ -187,12 +155,3 @@ krb5_address_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet * } return(kret); } - -/* - * Register the address serializer. - */ -krb5_error_code -krb5_ser_address_init(krb5_context kcontext) -{ - return(krb5_register_serializer(kcontext, &krb5_address_ser_entry)); -} diff --git a/src/lib/krb5/krb/ser_auth.c b/src/lib/krb5/krb/ser_auth.c index 599c64e98e..f835a793b7 100644 --- a/src/lib/krb5/krb/ser_auth.c +++ b/src/lib/krb5/krb/ser_auth.c @@ -29,36 +29,10 @@ #include "k5-int.h" #include "int-proto.h" -/* - * Routines to deal with externalizing the krb5_authenticator: - * krb5_authenticator_size(); - * krb5_authenticator_externalize(); - * krb5_authenticator_internalize(); - */ -static krb5_error_code krb5_authenticator_size -(krb5_context, krb5_pointer, size_t *); -static krb5_error_code krb5_authenticator_externalize -(krb5_context, krb5_pointer, krb5_octet **, size_t *); -static krb5_error_code krb5_authenticator_internalize -(krb5_context,krb5_pointer *, krb5_octet **, size_t *); - -/* Local data */ -static const krb5_ser_entry krb5_authenticator_ser_entry = { - KV5M_AUTHENTICATOR, /* Type */ - krb5_authenticator_size, /* Sizer routine */ - krb5_authenticator_externalize, /* Externalize routine */ - krb5_authenticator_internalize /* Internalize routine */ -}; - -/* - * krb5_authenticator_size() - Determine the size required to externalize - * the krb5_authenticator. - */ -static krb5_error_code -krb5_authenticator_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) +krb5_error_code +k5_size_authenticator(krb5_authenticator *authenticator, size_t *sizep) { krb5_error_code kret; - krb5_authenticator *authenticator; size_t required; /* @@ -71,41 +45,29 @@ krb5_authenticator_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) * krb5_int32 for KV5M_AUTHENTICATOR */ kret = EINVAL; - if ((authenticator = (krb5_authenticator *) arg)) { + if (authenticator != NULL) { required = sizeof(krb5_int32)*6; /* Calculate size required by client, if appropriate */ if (authenticator->client) - kret = krb5_size_opaque(kcontext, - KV5M_PRINCIPAL, - (krb5_pointer) authenticator->client, - &required); + kret = k5_size_principal(authenticator->client, &required); else kret = 0; /* Calculate size required by checksum, if appropriate */ if (!kret && authenticator->checksum) - kret = krb5_size_opaque(kcontext, - KV5M_CHECKSUM, - (krb5_pointer) authenticator->checksum, - &required); + kret = k5_size_checksum(authenticator->checksum, &required); /* Calculate size required by subkey, if appropriate */ if (!kret && authenticator->subkey) - kret = krb5_size_opaque(kcontext, - KV5M_KEYBLOCK, - (krb5_pointer) authenticator->subkey, - &required); + kret = k5_size_keyblock(authenticator->subkey, &required); /* Calculate size required by authorization_data, if appropriate */ if (!kret && authenticator->authorization_data) { int i; for (i=0; !kret && authenticator->authorization_data[i]; i++) { - kret = krb5_size_opaque(kcontext, - KV5M_AUTHDATA, - (krb5_pointer) authenticator-> - authorization_data[i], + kret = k5_size_authdata(authenticator->authorization_data[i], &required); } } @@ -115,14 +77,11 @@ krb5_authenticator_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) return(kret); } -/* - * krb5_authenticator_externalize() - Externalize the krb5_authenticator. - */ -static krb5_error_code -krb5_authenticator_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain) +krb5_error_code +k5_externalize_authenticator(krb5_authenticator *authenticator, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code kret; - krb5_authenticator *authenticator; size_t required; krb5_octet *bp; size_t remain; @@ -132,10 +91,10 @@ krb5_authenticator_externalize(krb5_context kcontext, krb5_pointer arg, krb5_oct bp = *buffer; remain = *lenremain; kret = EINVAL; - if ((authenticator = (krb5_authenticator *) arg)) { + if (authenticator != NULL) { kret = ENOMEM; - if (!krb5_authenticator_size(kcontext, arg, &required) && - (required <= remain)) { + if (!k5_size_authenticator(authenticator, &required) && + required <= remain) { /* First write our magic number */ (void) krb5_ser_pack_int32(KV5M_AUTHENTICATOR, &bp, &remain); @@ -153,32 +112,20 @@ krb5_authenticator_externalize(krb5_context kcontext, krb5_pointer arg, krb5_oct /* Now handle client, if appropriate */ if (authenticator->client) - kret = krb5_externalize_opaque(kcontext, - KV5M_PRINCIPAL, - (krb5_pointer) - authenticator->client, - &bp, - &remain); + kret = k5_externalize_principal(authenticator->client, + &bp, &remain); else kret = 0; /* Now handle checksum, if appropriate */ if (!kret && authenticator->checksum) - kret = krb5_externalize_opaque(kcontext, - KV5M_CHECKSUM, - (krb5_pointer) - authenticator->checksum, - &bp, - &remain); + kret = k5_externalize_checksum(authenticator->checksum, + &bp, &remain); /* Now handle subkey, if appropriate */ if (!kret && authenticator->subkey) - kret = krb5_externalize_opaque(kcontext, - KV5M_KEYBLOCK, - (krb5_pointer) - authenticator->subkey, - &bp, - &remain); + kret = k5_externalize_keyblock(authenticator->subkey, + &bp, &remain); /* Now handle authorization_data, if appropriate */ if (!kret) { @@ -192,13 +139,9 @@ krb5_authenticator_externalize(krb5_context kcontext, krb5_pointer arg, krb5_oct if (authenticator->authorization_data) { for (i=0; !kret && authenticator->authorization_data[i]; i++) - kret = krb5_externalize_opaque(kcontext, - KV5M_AUTHDATA, - (krb5_pointer) - authenticator-> + kret = k5_externalize_authdata(authenticator-> authorization_data[i], - &bp, - &remain); + &bp, &remain); } } @@ -217,11 +160,9 @@ krb5_authenticator_externalize(krb5_context kcontext, krb5_pointer arg, krb5_oct return(kret); } -/* - * krb5_authenticator_internalize() - Internalize the krb5_authenticator. - */ -static krb5_error_code -krb5_authenticator_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet **buffer, size_t *lenremain) +krb5_error_code +k5_internalize_authenticator(krb5_authenticator **argp, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code kret; krb5_authenticator *authenticator; @@ -261,35 +202,23 @@ krb5_authenticator_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_o kret = 0; /* Attempt to read in the client */ - kret = krb5_internalize_opaque(kcontext, - KV5M_PRINCIPAL, - (krb5_pointer *) - &authenticator->client, - &bp, - &remain); + kret = k5_internalize_principal(&authenticator->client, + &bp, &remain); if (kret == EINVAL) kret = 0; /* Attempt to read in the checksum */ if (!kret) { - kret = krb5_internalize_opaque(kcontext, - KV5M_CHECKSUM, - (krb5_pointer *) - &authenticator->checksum, - &bp, - &remain); + kret = k5_internalize_checksum(&authenticator->checksum, + &bp, &remain); if (kret == EINVAL) kret = 0; } /* Attempt to read in the subkey */ if (!kret) { - kret = krb5_internalize_opaque(kcontext, - KV5M_KEYBLOCK, - (krb5_pointer *) - &authenticator->subkey, - &bp, - &remain); + kret = k5_internalize_keyblock(&authenticator->subkey, + &bp, &remain); if (kret == EINVAL) kret = 0; } @@ -303,13 +232,9 @@ krb5_authenticator_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_o if ((authenticator->authorization_data = (krb5_authdata **) calloc(len, sizeof(krb5_authdata *)))) { for (i=0; !kret && (i + kret = k5_internalize_authdata(&authenticator-> authorization_data[i], - &bp, - &remain); + &bp, &remain); } /* Finally, find the trailer */ @@ -325,20 +250,13 @@ krb5_authenticator_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_o if (!kret) { *buffer = bp; *lenremain = remain; - *argp = (krb5_pointer) authenticator; + *argp = authenticator; } else - krb5_free_authenticator(kcontext, authenticator); + krb5_free_authenticator(NULL, authenticator); } } return(kret); } -/* - * Register the authenticator serializer. - */ -krb5_error_code -krb5_ser_authenticator_init(krb5_context kcontext) -{ - return(krb5_register_serializer(kcontext, &krb5_authenticator_ser_entry)); -} + #endif diff --git a/src/lib/krb5/krb/ser_cksum.c b/src/lib/krb5/krb/ser_cksum.c index 77293c081f..de8cb2b9e0 100644 --- a/src/lib/krb5/krb/ser_cksum.c +++ b/src/lib/krb5/krb/ser_cksum.c @@ -27,36 +27,10 @@ #include "k5-int.h" #include "int-proto.h" -/* - * Routines to deal with externalizing the krb5_checksum: - * krb5_checksum_esize(); - * krb5_checksum_externalize(); - * krb5_checksum_internalize(); - */ -static krb5_error_code krb5_checksum_esize -(krb5_context, krb5_pointer, size_t *); -static krb5_error_code krb5_checksum_externalize -(krb5_context, krb5_pointer, krb5_octet **, size_t *); -static krb5_error_code krb5_checksum_internalize -(krb5_context,krb5_pointer *, krb5_octet **, size_t *); - -/* Local data */ -static const krb5_ser_entry krb5_checksum_ser_entry = { - KV5M_CHECKSUM, /* Type */ - krb5_checksum_esize, /* Sizer routine */ - krb5_checksum_externalize, /* Externalize routine */ - krb5_checksum_internalize /* Internalize routine */ -}; - -/* - * krb5_checksum_esize() - Determine the size required to externalize - * the krb5_checksum. - */ -static krb5_error_code -krb5_checksum_esize(krb5_context kcontext, krb5_pointer arg, size_t *sizep) +krb5_error_code +k5_size_checksum(krb5_checksum *checksum, size_t *sizep) { krb5_error_code kret; - krb5_checksum *checksum; /* * krb5_checksum requires: @@ -67,7 +41,7 @@ krb5_checksum_esize(krb5_context kcontext, krb5_pointer arg, size_t *sizep) * checksum->length for contents */ kret = EINVAL; - if ((checksum = (krb5_checksum *) arg)) { + if (checksum != NULL) { *sizep += (sizeof(krb5_int32) + sizeof(krb5_int32) + sizeof(krb5_int32) + @@ -78,14 +52,11 @@ krb5_checksum_esize(krb5_context kcontext, krb5_pointer arg, size_t *sizep) return(kret); } -/* - * krb5_checksum_externalize() - Externalize the krb5_checksum. - */ -static krb5_error_code -krb5_checksum_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain) +krb5_error_code +k5_externalize_checksum(krb5_checksum *checksum, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code kret; - krb5_checksum *checksum; size_t required; krb5_octet *bp; size_t remain; @@ -94,10 +65,9 @@ krb5_checksum_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet ** bp = *buffer; remain = *lenremain; kret = EINVAL; - if ((checksum = (krb5_checksum *) arg)) { + if (checksum != NULL) { kret = ENOMEM; - if (!krb5_checksum_esize(kcontext, arg, &required) && - (required <= remain)) { + if (!k5_size_checksum(checksum, &required) && required <= remain) { /* Our identifier */ (void) krb5_ser_pack_int32(KV5M_CHECKSUM, &bp, &remain); @@ -125,11 +95,9 @@ krb5_checksum_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet ** return(kret); } -/* - * krb5_checksum_internalize() - Internalize the krb5_checksum. - */ -static krb5_error_code -krb5_checksum_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet **buffer, size_t *lenremain) +krb5_error_code +k5_internalize_checksum(krb5_checksum **argp, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code kret; krb5_checksum *checksum; @@ -171,7 +139,7 @@ krb5_checksum_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet checksum->magic = KV5M_CHECKSUM; *buffer = bp; *lenremain = remain; - *argp = (krb5_pointer) checksum; + *argp = checksum; } else kret = EINVAL; @@ -185,12 +153,3 @@ krb5_checksum_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet } return(kret); } - -/* - * Register the checksum serializer. - */ -krb5_error_code -krb5_ser_checksum_init(krb5_context kcontext) -{ - return(krb5_register_serializer(kcontext, &krb5_checksum_ser_entry)); -} diff --git a/src/lib/krb5/krb/ser_ctx.c b/src/lib/krb5/krb/ser_ctx.c index 55491428b0..80cd05640c 100644 --- a/src/lib/krb5/krb/ser_ctx.c +++ b/src/lib/krb5/krb/ser_ctx.c @@ -27,75 +27,19 @@ #include "k5-int.h" #include "int-proto.h" -/* - * Routines to deal with externalizing the krb5_context: - * krb5_context_size(); - * krb5_context_externalize(); - * krb5_context_internalize(); - * - * Routines to deal with externalizing the krb5_os_context: - * krb5_oscontext_size(); - * krb5_oscontext_externalize(); - * krb5_oscontext_internalize(); - * - * Routines to deal with externalizing the profile. - * profile_ser_size(); - * profile_ser_externalize(); - * profile_ser_internalize(); - * - * Interface to initialize serializing of krb5_context and krb5_os_context: - * krb5_ser_context_init(); - */ -static krb5_error_code -krb5_context_size(krb5_context, krb5_pointer, size_t *); - -static krb5_error_code -krb5_context_externalize(krb5_context, krb5_pointer, krb5_octet **, size_t *); - -static krb5_error_code -krb5_context_internalize(krb5_context, krb5_pointer *, krb5_octet **, size_t *); - -static krb5_error_code -krb5_oscontext_size(krb5_context, krb5_pointer, size_t *); - -static krb5_error_code -krb5_oscontext_externalize(krb5_context, krb5_pointer, krb5_octet **, size_t *); - -static krb5_error_code -krb5_oscontext_internalize(krb5_context, krb5_pointer *, - krb5_octet **, size_t *); - -#ifndef LEAN_CLIENT -krb5_error_code profile_ser_size(krb5_context, krb5_pointer, size_t *); - -krb5_error_code profile_ser_externalize(krb5_context, krb5_pointer, +krb5_error_code profile_ser_size(krb5_context, profile_t, size_t *); +krb5_error_code profile_ser_externalize(krb5_context, profile_t, krb5_octet **, size_t *); - -krb5_error_code profile_ser_internalize(krb5_context, krb5_pointer *, +krb5_error_code profile_ser_internalize(krb5_context, profile_t *, krb5_octet **, size_t *); -#endif /* LEAN_CLIENT */ - -/* Local data */ -static const krb5_ser_entry krb5_context_ser_entry = { - KV5M_CONTEXT, /* Type */ - krb5_context_size, /* Sizer routine */ - krb5_context_externalize, /* Externalize routine */ - krb5_context_internalize /* Internalize routine */ -}; -static const krb5_ser_entry krb5_oscontext_ser_entry = { - KV5M_OS_CONTEXT, /* Type */ - krb5_oscontext_size, /* Sizer routine */ - krb5_oscontext_externalize, /* Externalize routine */ - krb5_oscontext_internalize /* Internalize routine */ -}; -#ifndef LEAN_CLIENT -static const krb5_ser_entry krb5_profile_ser_entry = { - PROF_MAGIC_PROFILE, /* Type */ - profile_ser_size, /* Sizer routine */ - profile_ser_externalize, /* Externalize routine */ - profile_ser_internalize /* Internalize routine */ -}; -#endif /* LEAN_CLIENT */ + +static krb5_error_code size_oscontext(krb5_os_context os_ctx, size_t *sizep); +static krb5_error_code externalize_oscontext(krb5_os_context os_ctx, + krb5_octet **buffer, + size_t *lenremain); +static krb5_error_code internalize_oscontext(krb5_os_context *argp, + krb5_octet **buffer, + size_t *lenremain); static inline unsigned int etypes_len(krb5_enctype *list) @@ -103,16 +47,11 @@ etypes_len(krb5_enctype *list) return (list == NULL) ? 0 : k5_count_etypes(list); } -/* - * krb5_context_size() - Determine the size required to externalize the - * krb5_context. - */ -static krb5_error_code -krb5_context_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) +krb5_error_code +k5_size_context(krb5_context context, size_t *sizep) { krb5_error_code kret; size_t required; - krb5_context context; /* * The KRB5 context itself requires: @@ -129,52 +68,36 @@ krb5_context_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) * krb5_int32 for profile_secure * krb5_int32 for fcc_default_format * <> for os_context - * <> for db_context * <> for profile * krb5_int32 for trailer. */ kret = EINVAL; - if ((context = (krb5_context) arg)) { + if (context != NULL) { /* Calculate base length */ - required = (11 * sizeof(krb5_int32) + + required = (10 * sizeof(krb5_int32) + (etypes_len(context->in_tkt_etypes) * sizeof(krb5_int32)) + (etypes_len(context->tgs_etypes) * sizeof(krb5_int32))); if (context->default_realm) required += strlen(context->default_realm); + /* Calculate size required by os_context, if appropriate */ - kret = krb5_size_opaque(kcontext, - KV5M_OS_CONTEXT, - (krb5_pointer) &context->os_context, - &required); - - /* Calculate size required by db_context, if appropriate */ - if (!kret && context->dal_handle) - kret = krb5_size_opaque(kcontext, - KV5M_DB_CONTEXT, - (krb5_pointer) context->dal_handle, - &required); - - /* Finally, calculate size required by profile, if appropriate */ + kret = size_oscontext(&context->os_context, &required); + + /* Calculate size required by profile, if appropriate */ if (!kret && context->profile) - kret = krb5_size_opaque(kcontext, - PROF_MAGIC_PROFILE, - (krb5_pointer) context->profile, - &required); + kret = profile_ser_size(NULL, context->profile, &required); } if (!kret) *sizep += required; return(kret); } -/* - * krb5_context_externalize() - Externalize the krb5_context. - */ -static krb5_error_code -krb5_context_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain) +krb5_error_code +k5_externalize_context(krb5_context context, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code kret; - krb5_context context; size_t required; krb5_octet *bp; size_t remain; @@ -183,13 +106,12 @@ krb5_context_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **b required = 0; bp = *buffer; remain = *lenremain; - context = (krb5_context) arg; if (!context) return (EINVAL); if (context->magic != KV5M_CONTEXT) return (KV5M_CONTEXT); - if ((kret = krb5_context_size(kcontext, arg, &required))) + if ((kret = k5_size_context(context, &required))) return (kret); if (required > remain) @@ -277,29 +199,13 @@ krb5_context_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **b return (kret); /* Now handle os_context, if appropriate */ - kret = krb5_externalize_opaque(kcontext, KV5M_OS_CONTEXT, - (krb5_pointer) &context->os_context, - &bp, &remain); + kret = externalize_oscontext(&context->os_context, &bp, &remain); if (kret) return (kret); - /* Now handle database context, if appropriate */ - if (context->dal_handle) { - kret = krb5_externalize_opaque(kcontext, KV5M_DB_CONTEXT, - (krb5_pointer) context->dal_handle, - &bp, &remain); - if (kret) - return (kret); - } - /* Finally, handle profile, if appropriate */ - if (context->profile) { - kret = krb5_externalize_opaque(kcontext, PROF_MAGIC_PROFILE, - (krb5_pointer) context->profile, - &bp, &remain); - if (kret) - return (kret); - } + if (context->profile != NULL) + kret = profile_ser_externalize(NULL, context->profile, &bp, &remain); /* * If we were successful, write trailer then update the pointer and @@ -315,11 +221,9 @@ krb5_context_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **b return (0); } -/* - * krb5_context_internalize() - Internalize the krb5_context. - */ -static krb5_error_code -krb5_context_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet **buffer, size_t *lenremain) +krb5_error_code +k5_internalize_context(krb5_context *argp, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code kret; krb5_context context; @@ -430,9 +334,7 @@ krb5_context_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet * a pointer. */ { krb5_os_context osp = 0; - kret = krb5_internalize_opaque(kcontext, KV5M_OS_CONTEXT, - (krb5_pointer *) &osp, - &bp, &remain); + kret = internalize_oscontext(&osp, &bp, &remain); if (kret && (kret != EINVAL) && (kret != ENOENT)) goto cleanup; /* Put the newly allocated data into the krb5_context @@ -442,17 +344,8 @@ krb5_context_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet * free(osp); } - /* Attempt to read in the db_context */ - kret = krb5_internalize_opaque(kcontext, KV5M_DB_CONTEXT, - (krb5_pointer *) &context->dal_handle, - &bp, &remain); - if (kret && (kret != EINVAL) && (kret != ENOENT)) - goto cleanup; - /* Attempt to read in the profile */ - kret = krb5_internalize_opaque(kcontext, PROF_MAGIC_PROFILE, - (krb5_pointer *) &context->profile, - &bp, &remain); + kret = profile_ser_internalize(NULL, &context->profile, &bp, &remain); if (kret && (kret != EINVAL) && (kret != ENOENT)) goto cleanup; @@ -468,7 +361,7 @@ krb5_context_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet * context->magic = KV5M_CONTEXT; *buffer = bp; *lenremain = remain; - *argp = (krb5_pointer) context; + *argp = context; return 0; @@ -478,12 +371,8 @@ cleanup: return(kret); } -/* - * krb5_oscontext_size() - Determine the size required to externalize - * the krb5_os_context. - */ -static krb5_error_code -krb5_oscontext_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) +krb5_error_code +size_oscontext(krb5_os_context os_ctx, size_t *sizep) { /* * We need five 32-bit integers: @@ -494,14 +383,11 @@ krb5_oscontext_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) return(0); } -/* - * krb5_oscontext_externalize() - Externalize the krb5_os_context. - */ -static krb5_error_code -krb5_oscontext_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain) +krb5_error_code +externalize_oscontext(krb5_os_context os_ctx, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code kret; - krb5_os_context os_ctx; size_t required; krb5_octet *bp; size_t remain; @@ -510,10 +396,9 @@ krb5_oscontext_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet * bp = *buffer; remain = *lenremain; kret = EINVAL; - if ((os_ctx = (krb5_os_context) arg)) { + if (os_ctx != NULL) { kret = ENOMEM; - if (!krb5_oscontext_size(kcontext, arg, &required) && - (required <= remain)) { + if (!size_oscontext(os_ctx, &required) && required <= remain) { (void) krb5_ser_pack_int32(KV5M_OS_CONTEXT, &bp, &remain); (void) krb5_ser_pack_int32(os_ctx->time_offset, &bp, &remain); (void) krb5_ser_pack_int32(os_ctx->usec_offset, &bp, &remain); @@ -531,11 +416,9 @@ krb5_oscontext_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet * return(kret); } -/* - * krb5_oscontext_internalize() - Internalize the krb5_os_context. - */ static krb5_error_code -krb5_oscontext_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet **buffer, size_t *lenremain) +internalize_oscontext(krb5_os_context *argp, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code kret; krb5_os_context os_ctx; @@ -575,7 +458,7 @@ krb5_oscontext_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet } } if (!kret) { - *argp = (krb5_pointer) os_ctx; + *argp = os_ctx; } else { if (os_ctx) @@ -583,20 +466,3 @@ krb5_oscontext_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet } return(kret); } - -/* - * Register the context serializers. - */ -krb5_error_code KRB5_CALLCONV -krb5_ser_context_init(krb5_context kcontext) -{ - krb5_error_code kret; - kret = krb5_register_serializer(kcontext, &krb5_context_ser_entry); - if (!kret) - kret = krb5_register_serializer(kcontext, &krb5_oscontext_ser_entry); -#ifndef LEAN_CLIENT - if (!kret) - kret = krb5_register_serializer(kcontext, &krb5_profile_ser_entry); -#endif /* LEAN_CLIENT */ - return(kret); -} diff --git a/src/lib/krb5/krb/ser_key.c b/src/lib/krb5/krb/ser_key.c index d6ca8e3851..7a294d680f 100644 --- a/src/lib/krb5/krb/ser_key.c +++ b/src/lib/krb5/krb/ser_key.c @@ -27,36 +27,10 @@ #include "k5-int.h" #include "int-proto.h" -/* - * Routines to deal with externalizing the krb5_keyblock: - * krb5_keyblock_size(); - * krb5_keyblock_externalize(); - * krb5_keyblock_internalize(); - */ -static krb5_error_code krb5_keyblock_size -(krb5_context, krb5_pointer, size_t *); -static krb5_error_code krb5_keyblock_externalize -(krb5_context, krb5_pointer, krb5_octet **, size_t *); -static krb5_error_code krb5_keyblock_internalize -(krb5_context,krb5_pointer *, krb5_octet **, size_t *); - -/* Local data */ -static const krb5_ser_entry krb5_keyblock_ser_entry = { - KV5M_KEYBLOCK, /* Type */ - krb5_keyblock_size, /* Sizer routine */ - krb5_keyblock_externalize, /* Externalize routine */ - krb5_keyblock_internalize /* Internalize routine */ -}; - -/* - * krb5_keyblock_size() - Determine the size required to externalize - * the krb5_keyblock. - */ -static krb5_error_code -krb5_keyblock_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) +krb5_error_code +k5_size_keyblock(krb5_keyblock *keyblock, size_t *sizep) { krb5_error_code kret; - krb5_keyblock *keyblock; /* * krb5_keyblock requires: @@ -67,26 +41,18 @@ krb5_keyblock_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) * krb5_int32 for KV5M_KEYBLOCK */ kret = EINVAL; - if ((keyblock = (krb5_keyblock *) arg)) { - *sizep += (sizeof(krb5_int32) + - sizeof(krb5_int32) + - sizeof(krb5_int32) + - sizeof(krb5_int32) + - sizeof(krb5_int32) + - (size_t) keyblock->length); + if (keyblock != NULL) { + *sizep += 4 * sizeof(krb5_int32) + keyblock->length; kret = 0; } return(kret); } -/* - * krb5_keyblock_externalize() - Externalize the krb5_keyblock. - */ -static krb5_error_code -krb5_keyblock_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain) +krb5_error_code +k5_externalize_keyblock(krb5_keyblock *keyblock, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code kret; - krb5_keyblock *keyblock; size_t required; krb5_octet *bp; size_t remain; @@ -95,10 +61,9 @@ krb5_keyblock_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet ** bp = *buffer; remain = *lenremain; kret = EINVAL; - if ((keyblock = (krb5_keyblock *) arg)) { + if (keyblock != NULL) { kret = ENOMEM; - if (!krb5_keyblock_size(kcontext, arg, &required) && - (required <= remain)) { + if (!k5_size_keyblock(keyblock, &required) && required <= remain) { /* Our identifier */ (void) krb5_ser_pack_int32(KV5M_KEYBLOCK, &bp, &remain); @@ -126,11 +91,9 @@ krb5_keyblock_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet ** return(kret); } -/* - * krb5_keyblock_internalize() - Internalize the krb5_keyblock. - */ -static krb5_error_code -krb5_keyblock_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet **buffer, size_t *lenremain) +krb5_error_code +k5_internalize_keyblock(krb5_keyblock **argp, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code kret; krb5_keyblock *keyblock; @@ -169,7 +132,7 @@ krb5_keyblock_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet *buffer = bp; *lenremain = remain; keyblock->magic = KV5M_KEYBLOCK; - *argp = (krb5_pointer) keyblock; + *argp = keyblock; } else kret = EINVAL; @@ -183,12 +146,3 @@ krb5_keyblock_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet } return(kret); } - -/* - * Register the keyblock serializer. - */ -krb5_error_code -krb5_ser_keyblock_init(krb5_context kcontext) -{ - return(krb5_register_serializer(kcontext, &krb5_keyblock_ser_entry)); -} diff --git a/src/lib/krb5/krb/ser_princ.c b/src/lib/krb5/krb/ser_princ.c index 61d54446db..fc56499798 100644 --- a/src/lib/krb5/krb/ser_princ.c +++ b/src/lib/krb5/krb/ser_princ.c @@ -27,36 +27,10 @@ #include "k5-int.h" #include "int-proto.h" -/* - * Routines to deal with externalizing the krb5_principal: - * krb5_principal_size(); - * krb5_principal_externalize(); - * krb5_principal_internalize(); - */ -static krb5_error_code krb5_principal_size -(krb5_context, krb5_pointer, size_t *); -static krb5_error_code krb5_principal_externalize -(krb5_context, krb5_pointer, krb5_octet **, size_t *); -static krb5_error_code krb5_principal_internalize -(krb5_context,krb5_pointer *, krb5_octet **, size_t *); - -/* Local data */ -static const krb5_ser_entry krb5_principal_ser_entry = { - KV5M_PRINCIPAL, /* Type */ - krb5_principal_size, /* Sizer routine */ - krb5_principal_externalize, /* Externalize routine */ - krb5_principal_internalize /* Internalize routine */ -}; - -/* - * krb5_principal_size() - Determine the size required to externalize - * the krb5_principal. - */ -static krb5_error_code -krb5_principal_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) +krb5_error_code +k5_size_principal(krb5_principal principal, size_t *sizep) { krb5_error_code kret; - krb5_principal principal; char *fname; /* @@ -67,22 +41,19 @@ krb5_principal_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) * krb5_int32 for KV5M_PRINCIPAL */ kret = EINVAL; - if ((principal = (krb5_principal) arg) && - !(kret = krb5_unparse_name(kcontext, principal, &fname))) { + if (principal != NULL && + !(kret = krb5_unparse_name(NULL, principal, &fname))) { *sizep += (3*sizeof(krb5_int32)) + strlen(fname); free(fname); } return(kret); } -/* - * krb5_principal_externalize() - Externalize the krb5_principal. - */ -static krb5_error_code -krb5_principal_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain) +krb5_error_code +k5_externalize_principal(krb5_principal principal, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code kret; - krb5_principal principal; size_t required; krb5_octet *bp; size_t remain; @@ -92,11 +63,10 @@ krb5_principal_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet * bp = *buffer; remain = *lenremain; kret = EINVAL; - if ((principal = (krb5_principal) arg)) { + if (principal != NULL) { kret = ENOMEM; - if (!krb5_principal_size(kcontext, arg, &required) && - (required <= remain)) { - if (!(kret = krb5_unparse_name(kcontext, principal, &fname))) { + if (!k5_size_principal(principal, &required) && required <= remain) { + if (!(kret = krb5_unparse_name(NULL, principal, &fname))) { (void) krb5_ser_pack_int32(KV5M_PRINCIPAL, &bp, &remain); (void) krb5_ser_pack_int32((krb5_int32) strlen(fname), @@ -114,11 +84,9 @@ krb5_principal_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet * return(kret); } -/* - * krb5_principal_internalize() - Internalize the krb5_principal. - */ -static krb5_error_code -krb5_principal_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet **buffer, size_t *lenremain) +krb5_error_code +k5_internalize_principal(krb5_principal *argp, + krb5_octet **buffer, size_t *lenremain) { krb5_error_code kret; krb5_principal principal = NULL; @@ -147,7 +115,9 @@ krb5_principal_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet tmpname[ibuf] = '\0'; /* Parse the name to a principal structure */ - kret = krb5_parse_name(kcontext, tmpname, &principal); + kret = krb5_parse_name_flags(NULL, tmpname, + KRB5_PRINCIPAL_PARSE_REQUIRE_REALM, + &principal); if (kret) goto cleanup; @@ -162,16 +132,7 @@ krb5_principal_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet *argp = principal; cleanup: if (kret) - krb5_free_principal(kcontext, principal); + krb5_free_principal(NULL, principal); free(tmpname); return kret; } - -/* - * Register the context serializer. - */ -krb5_error_code -krb5_ser_principal_init(krb5_context kcontext) -{ - return(krb5_register_serializer(kcontext, &krb5_principal_ser_entry)); -} diff --git a/src/lib/krb5/krb/serialize.c b/src/lib/krb5/krb/serialize.c index 74bbaa6a6e..8934cf1548 100644 --- a/src/lib/krb5/krb/serialize.c +++ b/src/lib/krb5/krb/serialize.c @@ -26,150 +26,6 @@ #include "k5-int.h" -/* - * krb5_find_serializer() - See if a particular type is registered. - */ -krb5_ser_handle -krb5_find_serializer(krb5_context kcontext, krb5_magic odtype) -{ - krb5_ser_handle res; - krb5_ser_handle sctx; - int i; - - res = (krb5_ser_handle) NULL; - sctx = (krb5_ser_handle) kcontext->ser_ctx; - for (i=0; iser_ctx_count; i++) { - if (sctx[i].odtype == odtype) { - res = &sctx[i]; - break; - } - } - return(res); -} - -/* - * krb5_register_serializer() - Register a particular serializer. - */ -krb5_error_code -krb5_register_serializer(krb5_context kcontext, const krb5_ser_entry *entry) -{ - krb5_error_code kret; - krb5_ser_entry * stable; - - kret = 0; - /* See if it's already there, if so, we're good to go. */ - if (!(stable = (krb5_ser_entry *)krb5_find_serializer(kcontext, - entry->odtype))) { - /* - * Can't find our type. Create a new entry. - */ - if ((stable = (krb5_ser_entry *) malloc(sizeof(krb5_ser_entry) * - (kcontext->ser_ctx_count+1)))) { - /* Copy in old table */ - if (kcontext->ser_ctx_count) - memcpy(stable, kcontext->ser_ctx, - sizeof(krb5_ser_entry) * kcontext->ser_ctx_count); - /* Copy in new entry */ - memcpy(&stable[kcontext->ser_ctx_count], entry, - sizeof(krb5_ser_entry)); - if (kcontext->ser_ctx) free(kcontext->ser_ctx); - kcontext->ser_ctx = (void *) stable; - kcontext->ser_ctx_count++; - } - else - kret = ENOMEM; - } - else - *stable = *entry; - return(kret); -} - -/* - * krb5_size_opaque() - Determine the size necessary to serialize a given - * piece of opaque data. - */ -krb5_error_code KRB5_CALLCONV -krb5_size_opaque(krb5_context kcontext, krb5_magic odtype, krb5_pointer arg, size_t *sizep) -{ - krb5_error_code kret; - krb5_ser_handle shandle; - - kret = ENOENT; - /* See if the type is supported, if so, do it */ - if ((shandle = krb5_find_serializer(kcontext, odtype))) - kret = (shandle->sizer) ? (*shandle->sizer)(kcontext, arg, sizep) : 0; - return(kret); -} - -/* - * krb5_externalize_opaque() - Externalize a piece of opaque data. - */ -krb5_error_code KRB5_CALLCONV -krb5_externalize_opaque(krb5_context kcontext, krb5_magic odtype, krb5_pointer arg, krb5_octet **bufpp, size_t *sizep) -{ - krb5_error_code kret; - krb5_ser_handle shandle; - - kret = ENOENT; - /* See if the type is supported, if so, do it */ - if ((shandle = krb5_find_serializer(kcontext, odtype))) - kret = (shandle->externalizer) ? - (*shandle->externalizer)(kcontext, arg, bufpp, sizep) : 0; - return(kret); -} - -/* - * Externalize a piece of arbitrary data. - */ -krb5_error_code -krb5_externalize_data(krb5_context kcontext, krb5_pointer arg, krb5_octet **bufpp, size_t *sizep) -{ - krb5_error_code kret; - krb5_magic *mp; - krb5_octet *buffer, *bp; - size_t bufsize, bsize; - - mp = (krb5_magic *) arg; - bufsize = 0; - if (!(kret = krb5_size_opaque(kcontext, *mp, arg, &bufsize))) { - if ((buffer = (krb5_octet *) malloc(bufsize))) { - bp = buffer; - bsize = bufsize; - if (!(kret = krb5_externalize_opaque(kcontext, - *mp, - arg, - &bp, - &bsize))) { - if (bsize != 0) - bufsize -= bsize; - *bufpp = buffer; - *sizep = bufsize; - } - } - else - kret = ENOMEM; - } - return(kret); -} - -/* - * krb5_internalize_opaque() - Convert external representation into a data - * structure. - */ -krb5_error_code KRB5_CALLCONV -krb5_internalize_opaque(krb5_context kcontext, krb5_magic odtype, krb5_pointer *argp, krb5_octet **bufpp, size_t *sizep) -{ - krb5_error_code kret; - krb5_ser_handle shandle; - - kret = ENOENT; - /* See if the type is supported, if so, do it */ - if ((shandle = krb5_find_serializer(kcontext, odtype))) - kret = (shandle->internalizer) ? - (*shandle->internalizer)(kcontext, argp, bufpp, sizep) : 0; - return(kret); -} - /* * krb5_ser_pack_int32() - Pack a 4-byte integer if space is available. * Update buffer pointer and remaining space. diff --git a/src/lib/krb5/krb/t_copy_context.c b/src/lib/krb5/krb/t_copy_context.c index 72e70f417e..2970a8ceaf 100644 --- a/src/lib/krb5/krb/t_copy_context.c +++ b/src/lib/krb5/krb/t_copy_context.c @@ -91,8 +91,6 @@ check_context(krb5_context c, krb5_context r) /* Check fields which don't propagate. */ check(c->dal_handle == NULL); - check(c->ser_ctx_count == 0); - check(c->ser_ctx == NULL); check(c->prompt_types == NULL); check(c->libkrb5_plugins.files == NULL); check(c->preauth_context == NULL); diff --git a/src/lib/krb5/krb/t_ser.c b/src/lib/krb5/krb/t_ser.c index cf9cf99454..d6746b74bd 100644 --- a/src/lib/krb5/krb/t_ser.c +++ b/src/lib/krb5/krb/t_ser.c @@ -1,7 +1,7 @@ /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* lib/krb5/krb/t_ser.c - Test serialization */ /* - * Copyright 1995 by the Massachusetts Institute of Technology. + * Copyright 1995, 2019 by the Massachusetts Institute of Technology. * All Rights Reserved. * * Export of this software from the United States of America may @@ -35,189 +35,189 @@ it to a pointer to char; ANSI doesn't say it'll work, and in fact on the HPPA \ you can lose some bits of the function pointer, and get a pointer that you \ can't safely dereference. This test file used to make this mistake, often."; -/* - * Dump an external representation. - */ static void -print_erep(krb5_octet *erep, size_t elen) +check(krb5_error_code code) { - unsigned int i, j; - - for (i=0; ikey) - krb5_free_keyblock(ser_ctx, eblock->key); - free(eblock); - } - break; - case KV5M_PRINCIPAL: - krb5_free_principal(ser_ctx, (krb5_principal) nctx); - break; - case KV5M_CHECKSUM: - krb5_free_checksum(ser_ctx, (krb5_checksum *) nctx); - break; - default: - printf("don't know how to free %d\n", dtype); - break; - } - } - else - printf("%s: internalize returned %d\n", msg, kret); - free(outrep); - } - else - printf("%s: externalize_data returned %d\n", msg, kret); - krb5_free_context(ser_ctx); - return(kret); + void *ptr = calloc(1, size); + + if (ptr == NULL) + abort(); + return ptr; } -/* - * Serialize krb5_context. - */ -static krb5_error_code -ser_kcontext_test(krb5_context kcontext, int verbose) +static void +ser_context(krb5_context ctx) { - krb5_error_code kret; - profile_t sprofile; - char dbname[128]; - - snprintf(dbname, sizeof(dbname), "temp_%d", (int) getpid()); - sprofile = kcontext->profile; - kcontext->profile = (profile_t) NULL; - if (!(kret = ser_data(verbose, "> Context with no profile", - (krb5_pointer) kcontext, - KV5M_CONTEXT))) { - kcontext->profile = sprofile; - if (!(kret = ser_data(verbose, "> Context with no realm", - (krb5_pointer) kcontext, - KV5M_CONTEXT)) && - !(kret = krb5_set_default_realm(kcontext, "this.is.a.test"))) { - if (!(kret = ser_data(verbose, "> Context with default realm", - (krb5_pointer) kcontext, - KV5M_CONTEXT))) { - if (verbose) - printf("* krb5_context test succeeded\n"); - } - } - } - if (kret) - printf("* krb5_context test failed\n"); - return(kret); + uint8_t *erep, *erep2, *bp; + size_t elen = 0, elen2 = 0, blen; + krb5_context ctx2; + + check(k5_size_context(ctx, &elen)); + erep = ealloc(elen); + + bp = erep; + blen = elen; + check(k5_externalize_context(ctx, &bp, &blen)); + assert(bp == erep + elen && blen == 0); + + bp = erep; + blen = elen; + check(k5_internalize_context(&ctx2, &bp, &blen)); + assert(bp == erep + elen && blen == 0); + + check(k5_size_context(ctx2, &elen2)); + assert(elen2 == elen); + erep2 = ealloc(elen2); + + bp = erep2; + blen = elen2; + check(k5_externalize_context(ctx2, &bp, &blen)); + assert(bp == erep2 + elen2 && blen == 0); + assert(memcmp(erep, erep2, elen) == 0); + + free(erep); + free(erep2); + krb5_free_context(ctx2); } -/* - * Serialize krb5_auth_context. - */ -static krb5_error_code -ser_acontext_test(krb5_context kcontext, int verbose) +static void +ser_auth_context(krb5_auth_context actx) +{ + uint8_t *erep, *erep2, *bp; + size_t elen = 0, elen2 = 0, blen; + krb5_auth_context actx2; + + check(k5_size_auth_context(actx, &elen)); + erep = ealloc(elen); + + bp = erep; + blen = elen; + check(k5_externalize_auth_context(actx, &bp, &blen)); + assert(bp == erep + elen && blen == 0); + + bp = erep; + blen = elen; + check(k5_internalize_auth_context(&actx2, &bp, &blen)); + assert(bp == erep + elen && blen == 0); + + check(k5_size_auth_context(actx2, &elen2)); + assert(elen2 == elen); + erep2 = ealloc(elen2); + + bp = erep2; + blen = elen2; + check(k5_externalize_auth_context(actx2, &bp, &blen)); + assert(bp == erep2 + elen2 && blen == 0); + assert(memcmp(erep, erep2, elen) == 0); + + free(erep); + free(erep2); + krb5_auth_con_free(NULL, actx2); +} + +static void +ser_principal(krb5_principal princ) +{ + uint8_t *erep, *erep2, *bp; + size_t elen = 0, elen2 = 0, blen; + krb5_principal princ2; + + check(k5_size_principal(princ, &elen)); + erep = ealloc(elen); + + bp = erep; + blen = elen; + check(k5_externalize_principal(princ, &bp, &blen)); + assert(bp == erep + elen && blen == 0); + + bp = erep; + blen = elen; + check(k5_internalize_principal(&princ2, &bp, &blen)); + assert(bp == erep + elen && blen == 0); + + check(k5_size_principal(princ2, &elen2)); + assert(elen2 == elen); + erep2 = ealloc(elen2); + + bp = erep2; + blen = elen2; + check(k5_externalize_principal(princ2, &bp, &blen)); + assert(bp == erep2 + elen2 && blen == 0); + assert(memcmp(erep, erep2, elen) == 0); + + free(erep); + free(erep2); + krb5_free_principal(NULL, princ2); +} + +static void +ser_checksum(krb5_checksum *cksum) +{ + uint8_t *erep, *erep2, *bp; + size_t elen = 0, elen2 = 0, blen; + krb5_checksum *cksum2; + + check(k5_size_checksum(cksum, &elen)); + erep = ealloc(elen); + + bp = erep; + blen = elen; + check(k5_externalize_checksum(cksum, &bp, &blen)); + assert(bp == erep + elen && blen == 0); + + bp = erep; + blen = elen; + check(k5_internalize_checksum(&cksum2, &bp, &blen)); + assert(bp == erep + elen && blen == 0); + + check(k5_size_checksum(cksum2, &elen2)); + assert(elen2 == elen); + erep2 = ealloc(elen2); + + bp = erep2; + blen = elen2; + check(k5_externalize_checksum(cksum2, &bp, &blen)); + assert(bp == erep2 + elen2 && blen == 0); + assert(memcmp(erep, erep2, elen) == 0); + + free(erep); + free(erep2); + krb5_free_checksum(NULL, cksum2); +} + +static void +ser_context_test() +{ + krb5_context context; + profile_t sprofile; + + check(krb5_init_context(&context)); + + sprofile = context->profile; + context->profile = NULL; + ser_context(context); + + context->profile = sprofile; + ser_context(context); + + check(krb5_set_default_realm(context, "this.is.a.test")); + ser_context(context); + + krb5_free_context(context); +} + +static void +ser_acontext_test() { - krb5_error_code kret; krb5_auth_context actx; krb5_address local_address; krb5_address remote_address; @@ -230,410 +230,118 @@ ser_acontext_test(krb5_context kcontext, int verbose) krb5_authdata *adatalist[3]; krb5_authdata adataent; - actx = (krb5_auth_context) NULL; - if (!(kret = krb5_auth_con_init(kcontext, &actx)) && - !(kret = ser_data(verbose, "> Vanilla auth context", - (krb5_pointer) actx, - KV5M_AUTH_CONTEXT))) { - memset(&local_address, 0, sizeof(local_address)); - memset(&remote_address, 0, sizeof(remote_address)); - memset(laddr_bytes, 0, sizeof(laddr_bytes)); - memset(raddr_bytes, 0, sizeof(raddr_bytes)); - local_address.addrtype = ADDRTYPE_INET; - local_address.length = sizeof(laddr_bytes); - local_address.contents = laddr_bytes; - laddr_bytes[0] = 6; - laddr_bytes[1] = 2; - laddr_bytes[2] = 69; - laddr_bytes[3] = 16; - laddr_bytes[4] = 1; - laddr_bytes[5] = 0; - laddr_bytes[6] = 0; - laddr_bytes[7] = 127; - remote_address.addrtype = ADDRTYPE_INET; - remote_address.length = sizeof(raddr_bytes); - remote_address.contents = raddr_bytes; - raddr_bytes[0] = 6; - raddr_bytes[1] = 2; - raddr_bytes[2] = 70; - raddr_bytes[3] = 16; - raddr_bytes[4] = 1; - raddr_bytes[5] = 0; - raddr_bytes[6] = 0; - raddr_bytes[7] = 127; - if (!(kret = krb5_auth_con_setaddrs(kcontext, actx, - &local_address, - &remote_address)) && - !(kret = krb5_auth_con_setports(kcontext, actx, - &local_address, - &remote_address)) && - !(kret = ser_data(verbose, "> Auth context with addrs/ports", - (krb5_pointer) actx, - KV5M_AUTH_CONTEXT))) { - memset(&ukeyblock, 0, sizeof(ukeyblock)); - memset(keydata, 0, sizeof(keydata)); - ukeyblock.enctype = ENCTYPE_AES128_CTS_HMAC_SHA256_128; - ukeyblock.length = sizeof(keydata); - ukeyblock.contents = keydata; - keydata[0] = 0xde; - keydata[1] = 0xad; - keydata[2] = 0xbe; - keydata[3] = 0xef; - keydata[4] = 0xfe; - keydata[5] = 0xed; - keydata[6] = 0xf0; - keydata[7] = 0xd; - if (!(kret = krb5_auth_con_setuseruserkey(kcontext, actx, - &ukeyblock)) && - !(kret = ser_data(verbose, "> Auth context with user key", - (krb5_pointer) actx, - KV5M_AUTH_CONTEXT)) && - !(kret = krb5_auth_con_initivector(kcontext, actx)) && - !(kret = ser_data(verbose, "> Auth context with new vector", - (krb5_pointer) actx, - KV5M_AUTH_CONTEXT)) && - !(kret = ser_data(verbose, "> Auth context with set vector", - (krb5_pointer) actx, - KV5M_AUTH_CONTEXT))) { - /* - * Finally, add an authenticator. - */ - memset(&aent, 0, sizeof(aent)); - aent.magic = KV5M_AUTHENTICATOR; - snprintf(clname, sizeof(clname), - "help/me/%d@this.is.a.test", (int) getpid()); - actx->authentp = &aent; - if (!(kret = krb5_parse_name(kcontext, clname, - &aent.client)) && - !(kret = ser_data(verbose, - "> Auth context with authenticator", - (krb5_pointer) actx, - KV5M_AUTH_CONTEXT))) { - adataent.magic = KV5M_AUTHDATA; - adataent.ad_type = 123; - adataent.length = 128; - adataent.contents = (krb5_octet *) stuff; - adatalist[0] = &adataent; - adatalist[1] = &adataent; - adatalist[2] = (krb5_authdata *) NULL; - aent.authorization_data = adatalist; - if (!(kret = ser_data(verbose, - "> Auth context with full auth", - (krb5_pointer) actx, - KV5M_AUTH_CONTEXT))) { - if (verbose) - printf("* krb5_auth_context test succeeded\n"); - } - krb5_free_principal(kcontext, aent.client); - } - actx->authentp = (krb5_authenticator *) NULL; - } - } - } - if (actx) - krb5_auth_con_free(kcontext, actx); - if (kret) - printf("* krb5_auth_context test failed\n"); - return(kret); -} + check(krb5_auth_con_init(NULL, &actx)); + ser_auth_context(actx); -/* - * Serialize krb5_ccache - */ -static krb5_error_code -ser_ccache_test(krb5_context kcontext, int verbose) -{ - krb5_error_code kret; - char ccname[128]; - char princname[256]; - krb5_ccache ccache; - krb5_principal principal; - - snprintf(ccname, sizeof(ccname), "temp_cc_%d", (int) getpid()); - snprintf(princname, sizeof(princname), - "zowie%d/instance%d@this.is.a.test", - (int) getpid(), (int) getpid()); - if (!(kret = krb5_cc_resolve(kcontext, ccname, &ccache)) && - !(kret = ser_data(verbose, "> Resolved default ccache", - (krb5_pointer) ccache, KV5M_CCACHE)) && - !(kret = krb5_parse_name(kcontext, princname, &principal)) && - !(kret = krb5_cc_initialize(kcontext, ccache, principal)) && - !(kret = ser_data(verbose, "> Initialized default ccache", - (krb5_pointer) ccache, KV5M_CCACHE)) && - !(kret = krb5_cc_destroy(kcontext, ccache))) { - krb5_free_principal(kcontext, principal); - snprintf(ccname, sizeof(ccname), "FILE:temp_cc_%d", (int) getpid()); - snprintf(princname, sizeof(princname), "xxx%d/i%d@this.is.a.test", - (int) getpid(), (int) getpid()); - if (!(kret = krb5_cc_resolve(kcontext, ccname, &ccache)) && - !(kret = ser_data(verbose, "> Resolved FILE ccache", - (krb5_pointer) ccache, KV5M_CCACHE)) && - !(kret = krb5_parse_name(kcontext, princname, &principal)) && - !(kret = krb5_cc_initialize(kcontext, ccache, principal)) && - !(kret = ser_data(verbose, "> Initialized FILE ccache", - (krb5_pointer) ccache, KV5M_CCACHE)) && - !(kret = krb5_cc_destroy(kcontext, ccache))) { - krb5_free_principal(kcontext, principal); - - if (verbose) - printf("* ccache test succeeded\n"); - } - } - if (kret) - printf("* krb5_ccache test failed\n"); - return(kret); -} + memset(&local_address, 0, sizeof(local_address)); + memset(&remote_address, 0, sizeof(remote_address)); + memset(laddr_bytes, 0, sizeof(laddr_bytes)); + memset(raddr_bytes, 0, sizeof(raddr_bytes)); + local_address.addrtype = ADDRTYPE_INET; + local_address.length = sizeof(laddr_bytes); + local_address.contents = laddr_bytes; + laddr_bytes[0] = 6; + laddr_bytes[1] = 2; + laddr_bytes[2] = 69; + laddr_bytes[3] = 16; + laddr_bytes[4] = 1; + laddr_bytes[5] = 0; + laddr_bytes[6] = 0; + laddr_bytes[7] = 127; + remote_address.addrtype = ADDRTYPE_INET; + remote_address.length = sizeof(raddr_bytes); + remote_address.contents = raddr_bytes; + raddr_bytes[0] = 6; + raddr_bytes[1] = 2; + raddr_bytes[2] = 70; + raddr_bytes[3] = 16; + raddr_bytes[4] = 1; + raddr_bytes[5] = 0; + raddr_bytes[6] = 0; + raddr_bytes[7] = 127; + check(krb5_auth_con_setaddrs(NULL, actx, &local_address, &remote_address)); + check(krb5_auth_con_setports(NULL, actx, &local_address, &remote_address)); + ser_auth_context(actx); -/* - * Serialize krb5_keytab. - */ -static krb5_error_code -ser_keytab_test(krb5_context kcontext, int verbose) -{ - krb5_error_code kret; - char ccname[128]; - krb5_keytab keytab; - - snprintf(ccname, sizeof(ccname), "temp_kt_%d", (int) getpid()); - if (!(kret = krb5_kt_resolve(kcontext, ccname, &keytab)) && - !(kret = ser_data(verbose, "> Resolved default keytab", - (krb5_pointer) keytab, KV5M_KEYTAB)) && - !(kret = krb5_kt_close(kcontext, keytab))) { - snprintf(ccname, sizeof(ccname), "FILE:temp_kt_%d", (int) getpid()); - if (!(kret = krb5_kt_resolve(kcontext, ccname, &keytab)) && - !(kret = ser_data(verbose, "> Resolved FILE keytab", - (krb5_pointer) keytab, KV5M_KEYTAB)) && - !(kret = krb5_kt_close(kcontext, keytab))) { - snprintf(ccname, sizeof(ccname), - "WRFILE:temp_kt_%d", (int) getpid()); - if (!(kret = krb5_kt_resolve(kcontext, ccname, &keytab)) && - !(kret = ser_data(verbose, "> Resolved WRFILE keytab", - (krb5_pointer) keytab, KV5M_KEYTAB)) && - !(kret = krb5_kt_close(kcontext, keytab))) { - if (verbose) - printf("* keytab test succeeded\n"); - } - } - } - if (kret) - printf("* krb5_keytab test failed\n"); - return(kret); -} + memset(&ukeyblock, 0, sizeof(ukeyblock)); + memset(keydata, 0, sizeof(keydata)); + ukeyblock.enctype = ENCTYPE_AES128_CTS_HMAC_SHA256_128; + ukeyblock.length = sizeof(keydata); + ukeyblock.contents = keydata; + keydata[0] = 0xde; + keydata[1] = 0xad; + keydata[2] = 0xbe; + keydata[3] = 0xef; + keydata[4] = 0xfe; + keydata[5] = 0xed; + keydata[6] = 0xf0; + keydata[7] = 0xd; + check(krb5_auth_con_setuseruserkey(NULL, actx, &ukeyblock)); + ser_auth_context(actx); -/* - * Serialize krb5_rcache. - */ -static krb5_error_code -ser_rcache_test(krb5_context kcontext, int verbose) -{ - krb5_error_code kret; - char rcname[128]; - krb5_rcache rcache = NULL; - - snprintf(rcname, sizeof(rcname), "file2:temp_rc_%d", (int) getpid()); - if (!(kret = k5_rc_resolve(kcontext, rcname, &rcache)) && - !(kret = ser_data(verbose, "> Resolved file2 rcache", - (krb5_pointer) rcache, KV5M_RCACHE))) { - if (verbose) - printf("* rcache test succeeded\n"); - } - if (rcache != NULL) - k5_rc_close(kcontext, rcache); - if (kret) - printf("* krb5_rcache test failed\n"); - return(kret); + check(krb5_auth_con_initivector(NULL, actx)); + ser_auth_context(actx); + + memset(&aent, 0, sizeof(aent)); + aent.magic = KV5M_AUTHENTICATOR; + snprintf(clname, sizeof(clname), + "help/me/%d@this.is.a.test", (int)getpid()); + actx->authentp = &aent; + check(krb5_parse_name(NULL, clname, &aent.client)); + ser_auth_context(actx); + + adataent.magic = KV5M_AUTHDATA; + adataent.ad_type = 123; + adataent.length = 128; + adataent.contents = (uint8_t *)stuff; + adatalist[0] = &adataent; + adatalist[1] = &adataent; + adatalist[2] = NULL; + aent.authorization_data = adatalist; + ser_auth_context(actx); + + krb5_free_principal(NULL, aent.client); + actx->authentp = NULL; + krb5_auth_con_free(NULL, actx); } -/* - * Serialize krb5_principal - */ -static krb5_error_code -ser_princ_test(krb5_context kcontext, int verbose) +static void +ser_princ_test() { - krb5_error_code kret; krb5_principal princ; char pname[1024]; snprintf(pname, sizeof(pname), "the/quick/brown/fox/jumped/over/the/lazy/dog/%d@this.is.a.test", (int) getpid()); - if (!(kret = krb5_parse_name(kcontext, pname, &princ))) { - if (!(kret = ser_data(verbose, "> Principal", - (krb5_pointer) princ, KV5M_PRINCIPAL))) { - if (verbose) - printf("* principal test succeeded\n"); - } - krb5_free_principal(kcontext, princ); - } - if (kret) - printf("* principal test failed\n"); - return(kret); + check(krb5_parse_name(NULL, pname, &princ)); + ser_principal(princ); + krb5_free_principal(NULL, princ); } -/* - * Serialize krb5_checksum. - */ -static krb5_error_code -ser_cksum_test(krb5_context kcontext, int verbose) +static void +ser_cksum_test() { - krb5_error_code kret; krb5_checksum checksum; krb5_octet ckdata[24]; memset(&checksum, 0, sizeof(krb5_checksum)); checksum.magic = KV5M_CHECKSUM; - if (!(kret = ser_data(verbose, "> NULL checksum", - (krb5_pointer) &checksum, KV5M_CHECKSUM))) { - checksum.checksum_type = 123; - checksum.length = sizeof(ckdata); - checksum.contents = ckdata; - memcpy(ckdata, &stuff, sizeof(ckdata)); - if (!(kret = ser_data(verbose, "> checksum with data", - (krb5_pointer) &checksum, KV5M_CHECKSUM))) { - if (verbose) - printf("* checksum test succeeded\n"); - } - } - if (kret) - printf("* checksum test failed\n"); - return(kret); + ser_checksum(&checksum); + + checksum.checksum_type = 123; + checksum.length = sizeof(ckdata); + checksum.contents = ckdata; + memcpy(ckdata, &stuff, sizeof(ckdata)); + ser_checksum(&checksum); } -/* - * Main procedure. - */ int main(int argc, char **argv) { - krb5_error_code kret; - krb5_context kcontext; - int do_atest, do_ctest, do_ktest, do_rtest, do_xtest; - int do_etest, do_ptest, do_stest; - int verbose; - int option; - extern char *optarg; - char ch_err; - - kret = 0; - verbose = 0; - do_atest = 1; - do_xtest = 1; - do_ctest = 1; - do_etest = 1; - do_ktest = 1; - do_ptest = 1; - do_rtest = 1; - do_stest = 1; - while ((option = getopt(argc, argv, "acekprsxvACKPRSX")) != -1) { - switch (option) { - case 'a': - do_atest = 0; - break; - case 'c': - do_ctest = 0; - break; - case 'e': - do_etest = 0; - break; - case 'k': - do_ktest = 0; - break; - case 'p': - do_ptest = 0; - break; - case 'r': - do_rtest = 0; - break; - case 's': - do_stest = 0; - break; - case 'x': - do_xtest = 0; - break; - case 'v': - verbose = 1; - break; - case 'A': - do_atest = 1; - break; - case 'C': - do_ctest = 1; - break; - case 'K': - do_ktest = 1; - break; - case 'P': - do_ptest = 1; - break; - case 'R': - do_rtest = 1; - break; - case 'S': - do_stest = 1; - break; - case 'X': - do_xtest = 1; - break; - default: - fprintf(stderr, - "%s: usage is %s [-acekprsxvACKPRSX]\n", - argv[0], argv[0]); - exit(1); - break; - } - } - if ((kret = krb5_init_context(&kcontext))) { - com_err(argv[0], kret, "while initializing krb5"); - exit(1); - } - - if (do_xtest) { - ch_err = 'x'; - kret = ser_kcontext_test(kcontext, verbose); - if (kret) - goto fail; - } - if (do_atest) { - ch_err = 'a'; - kret = ser_acontext_test(kcontext, verbose); - if (kret) - goto fail; - } - if (do_ctest) { - ch_err = 'c'; - kret = ser_ccache_test(kcontext, verbose); - if (kret) - goto fail; - } - if (do_ktest) { - ch_err = 'k'; - kret = ser_keytab_test(kcontext, verbose); - if (kret) - goto fail; - } - if (do_rtest) { - ch_err = 'r'; - kret = ser_rcache_test(kcontext, verbose); - if (kret) - goto fail; - } - if (do_ptest) { - ch_err = 'p'; - kret = ser_princ_test(kcontext, verbose); - if (kret) - goto fail; - } - if (do_stest) { - ch_err = 's'; - kret = ser_cksum_test(kcontext, verbose); - if (kret) - goto fail; - } - krb5_free_context(kcontext); - - exit(0); -fail: - com_err(argv[0], kret, "--- test %cfailed", ch_err); - krb5_free_context(kcontext); - exit(1); + ser_context_test(); + ser_acontext_test(); + ser_princ_test(); + ser_cksum_test(); + return 0; } diff --git a/src/lib/krb5/libkrb5.exports b/src/lib/krb5/libkrb5.exports index 55e2635454..5b17d58dfb 100644 --- a/src/lib/krb5/libkrb5.exports +++ b/src/lib/krb5/libkrb5.exports @@ -130,6 +130,12 @@ k5_change_error_message_code k5_etypes_contains k5_expand_path_tokens k5_expand_path_tokens_extra +k5_externalize_auth_context +k5_externalize_authdata +k5_externalize_authdata_context +k5_externalize_context +k5_externalize_keyblock +k5_externalize_principal k5_free_algorithm_identifier k5_free_cammac k5_free_data_ptr_list @@ -144,6 +150,12 @@ k5_free_serverlist k5_free_spake_factor k5_hostrealm_free_context k5_init_trace +k5_internalize_auth_context +k5_internalize_authdata +k5_internalize_authdata_context +k5_internalize_context +k5_internalize_keyblock +k5_internalize_principal k5_is_string_numeric k5_kt_get_principal k5_localauth_free_context @@ -161,6 +173,12 @@ k5_plugin_register_dyn k5_rc_close k5_rc_get_name k5_rc_resolve +k5_size_auth_context +k5_size_authdata +k5_size_authdata_context +k5_size_context +k5_size_keyblock +k5_size_principal k5_unmarshal_cred k5_unmarshal_princ k5_unwrap_cammac_svc @@ -298,11 +316,8 @@ krb5_encode_kdc_rep krb5_encrypt_helper krb5_encrypt_tkt_part krb5_expand_hostname -krb5_externalize_data -krb5_externalize_opaque krb5_fcc_ops krb5_find_authdata -krb5_find_serializer krb5_free_ad_kdcissued krb5_free_ad_signedpath krb5_free_address @@ -441,7 +456,6 @@ krb5_init_creds_set_service krb5_init_creds_step krb5_init_keyblock krb5_init_secure_context -krb5_internalize_opaque krb5_is_config_principal krb5_is_permitted_enctype krb5_is_referral_realm @@ -522,7 +536,6 @@ krb5_read_password krb5_realm_compare krb5_recvauth krb5_recvauth_version -krb5_register_serializer krb5_responder_get_challenge krb5_responder_list_questions krb5_responder_set_answer @@ -535,20 +548,9 @@ krb5_responder_pkinit_challenge_free krb5_salttype_to_string krb5_sendauth krb5_sendto_kdc -krb5_ser_address_init -krb5_ser_auth_context_init -krb5_ser_authdata_init -krb5_ser_authenticator_init -krb5_ser_ccache_init -krb5_ser_checksum_init -krb5_ser_context_init -krb5_ser_keyblock_init -krb5_ser_keytab_init krb5_ser_pack_bytes krb5_ser_pack_int32 krb5_ser_pack_int64 -krb5_ser_principal_init -krb5_ser_rcache_init krb5_ser_unpack_bytes krb5_ser_unpack_int32 krb5_ser_unpack_int64 @@ -569,7 +571,6 @@ krb5_set_kdc_recv_hook krb5_set_time_offsets krb5_set_trace_callback krb5_set_trace_filename -krb5_size_opaque krb5_sname_match krb5_sname_to_principal krb5_string_to_deltat diff --git a/src/lib/krb5/rcache/Makefile.in b/src/lib/krb5/rcache/Makefile.in index c507f4472e..8874913849 100644 --- a/src/lib/krb5/rcache/Makefile.in +++ b/src/lib/krb5/rcache/Makefile.in @@ -10,16 +10,14 @@ STLIBOBJS = \ rc_base.o \ rc_dfl.o \ rc_file2.o \ - rc_none.o \ - ser_rc.o + rc_none.o OBJS= \ $(OUTPRE)memrcache.$(OBJEXT) \ $(OUTPRE)rc_base.$(OBJEXT) \ $(OUTPRE)rc_dfl.$(OBJEXT) \ $(OUTPRE)rc_file2.$(OBJEXT) \ - $(OUTPRE)rc_none.$(OBJEXT) \ - $(OUTPRE)ser_rc.$(OBJEXT) + $(OUTPRE)rc_none.$(OBJEXT) SRCS= \ $(srcdir)/memrcache.c \ @@ -27,7 +25,6 @@ SRCS= \ $(srcdir)/rc_dfl.c \ $(srcdir)/rc_file2.c \ $(srcdir)/rc_none.c \ - $(srcdir)/ser_rc.c \ $(srcdir)/t_memrcache.c \ $(srcdir)/t_rcfile2.c diff --git a/src/lib/krb5/rcache/deps b/src/lib/krb5/rcache/deps index bf27a8198d..b7646109b0 100644 --- a/src/lib/krb5/rcache/deps +++ b/src/lib/krb5/rcache/deps @@ -55,16 +55,6 @@ rc_none.so rc_none.po $(OUTPRE)rc_none.$(OBJEXT): $(BUILDTOP)/include/autoconf.h $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ $(top_srcdir)/include/socket-utils.h rc-int.h rc_none.c -ser_rc.so ser_rc.po $(OUTPRE)ser_rc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h rc-int.h ser_rc.c t_memrcache.so t_memrcache.po $(OUTPRE)t_memrcache.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ diff --git a/src/lib/krb5/rcache/ser_rc.c b/src/lib/krb5/rcache/ser_rc.c deleted file mode 100644 index ee6644c6b1..0000000000 --- a/src/lib/krb5/rcache/ser_rc.c +++ /dev/null @@ -1,184 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* lib/krb5/rcache/ser_rc.c - Serialize replay cache context */ -/* - * Copyright 1995 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "k5-int.h" -#include "rc-int.h" - -/* - * Routines to deal with externalizing krb5_rcache. - * krb5_rcache_size(); - * krb5_rcache_externalize(); - * krb5_rcache_internalize(); - */ -static krb5_error_code -krb5_rcache_size(krb5_context, krb5_pointer, size_t *); - -static krb5_error_code -krb5_rcache_externalize(krb5_context, krb5_pointer, krb5_octet **, size_t *); - -static krb5_error_code -krb5_rcache_internalize(krb5_context,krb5_pointer *, krb5_octet **, size_t *); - -/* - * Serialization entry for this type. - */ -static const krb5_ser_entry krb5_rcache_ser_entry = { - KV5M_RCACHE, /* Type */ - krb5_rcache_size, /* Sizer routine */ - krb5_rcache_externalize, /* Externalize routine */ - krb5_rcache_internalize /* Internalize routine */ -}; - -/* - * krb5_rcache_size() - Determine the size required to externalize - * this krb5_rcache variant. - */ -static krb5_error_code -krb5_rcache_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) -{ - krb5_error_code kret; - krb5_rcache rcache; - - kret = EINVAL; - if ((rcache = (krb5_rcache) arg)) { - /* - * Saving krb5_rcache requires at minimum: - * krb5_int32 for KV5M_RCACHE - * krb5_int32 for length of rcache name. - * krb5_int32 for KV5M_RCACHE - */ - *sizep += sizeof(krb5_int32) * 3 + strlen(rcache->name); - kret = 0; - } - return(kret); -} - -/* - * krb5_rcache_externalize() - Externalize the krb5_rcache. - */ -static krb5_error_code -krb5_rcache_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octet **buffer, size_t *lenremain) -{ - krb5_error_code kret; - krb5_rcache rcache; - size_t required; - krb5_octet *bp; - size_t remain; - - required = 0; - bp = *buffer; - remain = *lenremain; - kret = EINVAL; - if ((rcache = (krb5_rcache) arg)) { - kret = ENOMEM; - if (!krb5_rcache_size(kcontext, arg, &required) && - (required <= remain)) { - /* Put the header identifier. */ - (void)krb5_ser_pack_int32(KV5M_RCACHE, &bp, &remain); - - /* Put the replay cache name after its length. */ - (void)krb5_ser_pack_int32(strlen(rcache->name), &bp, &remain); - (void)krb5_ser_pack_bytes((uint8_t *)rcache->name, - strlen(rcache->name), &bp, &remain); - - /* Put the trailer. */ - (void)krb5_ser_pack_int32(KV5M_RCACHE, &bp, &remain); - - kret = 0; - *buffer = bp; - *lenremain = remain; - } - } - return(kret); -} - -/* - * krb5_rcache_internalize() - Internalize the krb5_rcache. - */ -static krb5_error_code -krb5_rcache_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet **buffer, size_t *lenremain) -{ - krb5_error_code kret; - krb5_rcache rcache = NULL; - krb5_int32 ibuf; - krb5_octet *bp; - size_t remain; - char *rcname = NULL; - - bp = *buffer; - remain = *lenremain; - - /* Read our magic number */ - if (krb5_ser_unpack_int32(&ibuf, &bp, &remain) || ibuf != KV5M_RCACHE) - return EINVAL; - - /* Get the length of the rcache name */ - kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain); - if (kret) - return kret; - - /* Get the rcache name. */ - rcname = malloc(ibuf + 1); - if (!rcname) - return ENOMEM; - kret = krb5_ser_unpack_bytes((krb5_octet*)rcname, (size_t) ibuf, - &bp, &remain); - if (kret) - goto cleanup; - rcname[ibuf] = '\0'; - - /* Resolve and recover the rcache. */ - kret = k5_rc_resolve(kcontext, rcname, &rcache); - if (kret) - goto cleanup; - - /* Read our magic number again. */ - kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain); - if (kret) - goto cleanup; - if (ibuf != KV5M_RCACHE) { - kret = EINVAL; - goto cleanup; - } - - *buffer = bp; - *lenremain = remain; - *argp = (krb5_pointer) rcache; -cleanup: - free(rcname); - if (kret != 0 && rcache) - k5_rc_close(kcontext, rcache); - return kret; -} - -/* - * Register the rcache serializer. - */ -krb5_error_code KRB5_CALLCONV -krb5_ser_rcache_init(krb5_context kcontext) -{ - return(krb5_register_serializer(kcontext, &krb5_rcache_ser_entry)); -} diff --git a/src/lib/krb5_32.def b/src/lib/krb5_32.def index c327ceb153..a0734c729c 100644 --- a/src/lib/krb5_32.def +++ b/src/lib/krb5_32.def @@ -259,18 +259,10 @@ EXPORTS ; DO NOT USE -- Currently required to implement gssapi32.dll decode_krb5_ap_req @2 ; PRIVATE GSSAPI k5-int.h KRB5_CALLCONV_WRONG - krb5_externalize_opaque @114 ; PRIVATE GSSAPI k5-int.h - krb5_internalize_opaque @184 ; PRIVATE GSSAPI k5-int.h - krb5_ser_auth_context_init @230 ; PRIVATE GSSAPI k5-int.h - krb5_ser_ccache_init @231 ; PRIVATE GSSAPI k5-int.h - krb5_ser_context_init @232 ; PRIVATE GSSAPI k5-int.h - krb5_ser_keytab_init @233 ; PRIVATE GSSAPI k5-int.h krb5_ser_pack_bytes @234 ; PRIVATE GSSAPI k5-int.h krb5_ser_pack_int32 @235 ; PRIVATE GSSAPI k5-int.h - krb5_ser_rcache_init @236 ; PRIVATE GSSAPI k5-int.h krb5_ser_unpack_bytes @237 ; PRIVATE GSSAPI k5-int.h krb5_ser_unpack_int32 @238 ; PRIVATE GSSAPI k5-int.h - krb5_size_opaque @247 ; PRIVATE GSSAPI k5-int.h krb5int_cc_default @268 ; PRIVATE GSSAPI k5-int.h krb5_free_ap_req @119 ; PRIVATE GSSAPI krb5.hin @@ -489,3 +481,21 @@ EXPORTS ; new in 1.18 krb5int_c_deprecated_enctype @450 ; PRIVATE krb5_pac_get_client_info @451 + k5_externalize_auth_context @452 ; PRIVATE GSSAPI + k5_externalize_authdata @453 ; PRIVATE GSSAPI + k5_externalize_authdata_context @454 ; PRIVATE GSSAPI + k5_externalize_context @455 ; PRIVATE GSSAPI + k5_externalize_keyblock @456 ; PRIVATE GSSAPI + k5_externalize_principal @457 ; PRIVATE GSSAPI + k5_internalize_auth_context @458 ; PRIVATE GSSAPI + k5_internalize_authdata @459 ; PRIVATE GSSAPI + k5_internalize_authdata_context @460 ; PRIVATE GSSAPI + k5_internalize_context @461 ; PRIVATE GSSAPI + k5_internalize_keyblock @462 ; PRIVATE GSSAPI + k5_internalize_principal @463 ; PRIVATE GSSAPI + k5_size_auth_context @464 ; PRIVATE GSSAPI + k5_size_authdata @465 ; PRIVATE GSSAPI + k5_size_authdata_context @466 ; PRIVATE GSSAPI + k5_size_context @467 ; PRIVATE GSSAPI + k5_size_keyblock @468 ; PRIVATE GSSAPI + k5_size_principal @469 ; PRIVATE GSSAPI