/*
* Copyright 2008 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
/*
*
* Copyright 1990,1991,2000,2004 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. Furthermore if you modify this software you must label
* your software as modified software and not distribute it in such a
* fashion that it might be confused with the original M.I.T. software.
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*
*
* implementation of memory-based credentials cache
*/
#include "k5-int.h"
#include <errno.h>
static const char * KRB5_CALLCONV krb5_mcc_get_name
krb5_creds *creds );
krb5_creds *mcreds ,
krb5_creds *creds );
krb5_cc_ptcursor *);
krb5_ccache *);
krb5_cc_ptcursor *);
extern const krb5_cc_ops krb5_mcc_ops;
extern krb5_error_code krb5_change_cache (void);
#define KRB5_OK 0
typedef struct _krb5_mcc_link {
typedef struct _krb5_mcc_data {
char *name;
typedef struct krb5_mcc_list_node {
struct krb5_mcc_ptcursor_data {
};
/*
* Modifies:
* id
*
* Effects:
* contents are destroyed.
*
* Errors:
* system errors
* permission errors
*/
{
return ret;
}
/*
* Modifies:
* id
*
* Effects:
* Closes the file cache, invalidates the id, and frees any resources
* associated with the cache.
*/
{
krb5_xfree(id);
return KRB5_OK;
}
void
{
krb5_mcc_data *d;
}
}
/*
* Effects:
* Destroys the contents of id.
*
* Errors:
* none
*/
{
krb5_mcc_data *d;
if (err)
return err;
break;
}
}
krb5_xfree(d->name);
k5_mutex_destroy(&d->lock);
krb5_xfree(d);
krb5_xfree(id);
return KRB5_OK;
}
/*
* Requires:
* residual is a legal path name, and a null-terminated string
*
* Modifies:
* id
*
* Effects:
* creates a file-based cred cache that will reside in the file
* residual. The cache is not opened, but the filename is reserved.
*
* Returns:
* A filled in krb5_ccache structure "id".
*
* Errors:
* KRB5_CC_NOMEM - there was insufficient memory to allocate the
* krb5_ccache. id is undefined.
* permission errors
*/
{
krb5_mcc_data *d;
return KRB5_CC_NOMEM;
if (err) {
/* Solaris Kerberos - fix mem leak */
return err;
}
break;
if (ptr)
else {
if (err) {
return err;
}
}
return KRB5_OK;
}
/*
* Effects:
* Prepares for a sequential search of the credentials cache.
* Returns a krb5_cc_cursor to be used with krb5_mcc_next_cred and
* krb5_mcc_end_seq_get.
*
* If the cache is modified between the time of this call and the time
* of the final krb5_mcc_end_seq_get, the results are undefined.
*
* Errors:
* KRB5_CC_NOMEM
* system errors
*/
{
krb5_mcc_data *d;
if (err)
return err;
k5_mutex_unlock(&d->lock);
return KRB5_OK;
}
/*
* Requires:
* cursor is a krb5_cc_cursor originally obtained from
* krb5_mcc_start_seq_get.
*
* Modifes:
* cursor, creds
*
* Effects:
* Fills in creds with the "next" credentals structure from the cache
* id. The actual order the creds are returned in is arbitrary.
* Space is allocated for the variable length fields in the
* credentials structure, so the object returned must be passed to
* krb5_destroy_credential.
*
* The cursor is updated for the next call to krb5_mcc_next_cred.
*
* Errors:
* system errors
*/
{
/* Once the node in the linked list is created, it's never
modified, so we don't need to worry about locking here. (Note
that we don't support _remove_cred.) */
return KRB5_CC_END;
if (retval)
return retval;
if (retval)
goto cleanclient;
if (retval)
goto cleanserver;
if (retval)
goto cleanblock;
if (retval)
goto cleanaddrs;
if (retval)
goto cleanticket;
if (retval)
goto clearticket;
}
return KRB5_OK;
return retval;
}
/*
* Requires:
* cursor is a krb5_cc_cursor originally obtained from
* krb5_mcc_start_seq_get.
*
* Modifies:
* id, cursor
*
* Effects:
* Finishes sequential processing of the file credentials ccache id,
* and invalidates the cursor (it must never be used after this call).
*/
/* ARGSUSED */
{
*cursor = 0L;
return KRB5_OK;
}
/* Utility routine: Creates the back-end data for a memory cache, and
threads it into the global linked list.
Call with the global list lock held. */
static krb5_error_code
{
krb5_mcc_data *d;
d = malloc(sizeof(krb5_mcc_data));
if (d == NULL)
return KRB5_CC_NOMEM;
if (err) {
krb5_xfree(d);
return err;
}
k5_mutex_destroy(&d->lock);
krb5_xfree(d);
return KRB5_CC_NOMEM;
}
/* Set up the filename */
n = malloc(sizeof(krb5_mcc_list_node));
if (n == NULL) {
k5_mutex_destroy(&d->lock);
free(d);
return KRB5_CC_NOMEM;
}
n->cache = d;
mcc_head = n;
*dataptr = d;
return 0;
}
/*
* Effects:
* Creates a new file cred cache whose name is guaranteed to be
* unique. The name begins with the string TKT_ROOT (from mcc.h).
* The cache is not opened, but the new filename is reserved.
*
* Returns:
* The filled in krb5_ccache id.
*
* Errors:
* KRB5_CC_NOMEM - there was insufficient memory to allocate the
* krb5_ccache. id is undefined.
* system errors (from open)
*/
{
krb5_mcc_data *d;
/* Allocate memory */
return KRB5_CC_NOMEM;
if (err) {
return err;
}
/* Check for uniqueness with mutex locked to avoid race conditions */
while (1) {
break; /* got a match, loop again */
}
}
if (!ptr) break; /* got to the end without finding a match */
}
if (err) {
return err;
}
return KRB5_OK;
}
/* Utility routine: Creates a random memory ccache name.
* This algorithm was selected because it creates readable
* random ccache names in a fixed size buffer. */
static krb5_error_code
{
static const unsigned char charlist[] =
"0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
if (!err) {
}
if (!err) {
}
if (!err) {
unsigned int i;
for (i = 0; i < bytecount; i++) {
}
}
return err;
}
/*
* Requires:
* id is a file credential cache
*
* Returns:
* The name of the file cred cache id.
*/
const char * KRB5_CALLCONV
{
}
/*
* Modifies:
* id, princ
*
* Effects:
* Retrieves the primary principal from id, as set with
* krb5_mcc_initialize. The principal is returned is allocated
* storage that must be freed by the caller via krb5_free_principal.
*
* Errors:
* system errors
* KRB5_CC_NOMEM
*/
{
*princ = 0L;
return KRB5_FCC_NOFILE;
}
}
{
}
/*
* Non-functional stub implementation for krb5_mcc_remove
*
* Errors:
* KRB5_CC_NOSUPP - not implemented
*/
static krb5_error_code KRB5_CALLCONV
{
return KRB5_CC_NOSUPP;
}
/*
* Requires:
* id is a cred cache returned by krb5_mcc_resolve or
* krb5_mcc_generate_new, but has not been opened by krb5_mcc_initialize.
*
* Modifies:
* id
*
* Effects:
* Sets the operational flags of id to flags.
*/
{
return KRB5_OK;
}
static krb5_error_code KRB5_CALLCONV
{
*flags = 0;
return KRB5_OK;
}
/* store: Save away creds in the ccache. */
{
return errno;
if (err) {
return err;
}
if (err) {
/* Solaris Kerberos - fix mem leaks */
return err;
}
return 0;
}
static krb5_error_code KRB5_CALLCONV
{
krb5_cc_ptcursor n = NULL;
n = malloc(sizeof(*n));
if (n == NULL)
return ENOMEM;
n->ops = &krb5_mcc_ops;
goto errout;
}
if (ret)
goto errout;
if (ret)
goto errout;
if (ret) {
}
*cursor = n;
return ret;
}
static krb5_error_code KRB5_CALLCONV
{
return 0;
return ENOMEM;
if (ret)
goto errout;
if (ret)
goto errout;
}
return ret;
}
static krb5_error_code KRB5_CALLCONV
{
return 0;
return 0;
}
0,
"MEMORY",
NULL,
NULL,
NULL,
};