123 lines
3.6 KiB
C
123 lines
3.6 KiB
C
/*
|
|
* Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
|
|
* (Royal Institute of Technology, Stockholm, Sweden).
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
*
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
*
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
*
|
|
* 3. Neither the name of the Institute nor the names of its contributors
|
|
* may be used to endorse or promote products derived from this software
|
|
* without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*/
|
|
|
|
#include "kdc_locl.h"
|
|
|
|
RCSID("$Id: misc.c 21106 2007-06-18 10:18:11Z lha $");
|
|
|
|
struct timeval _kdc_now;
|
|
|
|
krb5_error_code
|
|
_kdc_db_fetch(krb5_context context,
|
|
krb5_kdc_configuration *config,
|
|
krb5_const_principal principal,
|
|
unsigned flags,
|
|
HDB **db,
|
|
hdb_entry_ex **h)
|
|
{
|
|
hdb_entry_ex *ent;
|
|
krb5_error_code ret;
|
|
int i;
|
|
|
|
ent = calloc (1, sizeof (*ent));
|
|
if (ent == NULL) {
|
|
krb5_set_error_string(context, "out of memory");
|
|
return ENOMEM;
|
|
}
|
|
|
|
for(i = 0; i < config->num_db; i++) {
|
|
ret = config->db[i]->hdb_open(context, config->db[i], O_RDONLY, 0);
|
|
if (ret) {
|
|
kdc_log(context, config, 0, "Failed to open database: %s",
|
|
krb5_get_err_text(context, ret));
|
|
continue;
|
|
}
|
|
ret = config->db[i]->hdb_fetch(context,
|
|
config->db[i],
|
|
principal,
|
|
flags | HDB_F_DECRYPT,
|
|
ent);
|
|
config->db[i]->hdb_close(context, config->db[i]);
|
|
if(ret == 0) {
|
|
if (db)
|
|
*db = config->db[i];
|
|
*h = ent;
|
|
return 0;
|
|
}
|
|
}
|
|
free(ent);
|
|
krb5_set_error_string(context, "no such entry found in hdb");
|
|
return HDB_ERR_NOENTRY;
|
|
}
|
|
|
|
void
|
|
_kdc_free_ent(krb5_context context, hdb_entry_ex *ent)
|
|
{
|
|
hdb_free_entry (context, ent);
|
|
free (ent);
|
|
}
|
|
|
|
/*
|
|
* Use the order list of preferred encryption types and sort the
|
|
* available keys and return the most preferred key.
|
|
*/
|
|
|
|
krb5_error_code
|
|
_kdc_get_preferred_key(krb5_context context,
|
|
krb5_kdc_configuration *config,
|
|
hdb_entry_ex *h,
|
|
const char *name,
|
|
krb5_enctype *enctype,
|
|
Key **key)
|
|
{
|
|
const krb5_enctype *p;
|
|
krb5_error_code ret;
|
|
int i;
|
|
|
|
p = krb5_kerberos_enctypes(context);
|
|
|
|
for (i = 0; p[i] != ETYPE_NULL; i++) {
|
|
if (krb5_enctype_valid(context, p[i]) != 0)
|
|
continue;
|
|
ret = hdb_enctype2key(context, &h->entry, p[i], key);
|
|
if (ret == 0) {
|
|
*enctype = p[i];
|
|
return 0;
|
|
}
|
|
}
|
|
|
|
krb5_set_error_string(context, "No valid kerberos key found for %s", name);
|
|
return EINVAL;
|
|
}
|
|
|