LCOV - code coverage report
Current view: top level - third_party/heimdal/kdc - kdc-plugin.c (source / functions) Hit Total Coverage
Test: coverage report for master 70ed9daf Lines: 128 239 53.6 %
Date: 2024-01-11 09:59:51 Functions: 22 49 44.9 %

          Line data    Source code
       1             : /*
       2             :  * Copyright (c) 2007 Kungliga Tekniska Högskolan
       3             :  * (Royal Institute of Technology, Stockholm, Sweden).
       4             :  * All rights reserved.
       5             :  *
       6             :  * Portions (c) 2021, 2022 PADL Software Pty Ltd.
       7             :  *
       8             :  * Redistribution and use in source and binary forms, with or without
       9             :  * modification, are permitted provided that the following conditions
      10             :  * are met:
      11             :  *
      12             :  * 1. Redistributions of source code must retain the above copyright
      13             :  *    notice, this list of conditions and the following disclaimer.
      14             :  *
      15             :  * 2. Redistributions in binary form must reproduce the above copyright
      16             :  *    notice, this list of conditions and the following disclaimer in the
      17             :  *    documentation and/or other materials provided with the distribution.
      18             :  *
      19             :  * 3. Neither the name of the Institute nor the names of its contributors
      20             :  *    may be used to endorse or promote products derived from this software
      21             :  *    without specific prior written permission.
      22             :  *
      23             :  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
      24             :  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
      25             :  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
      26             :  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
      27             :  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
      28             :  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
      29             :  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
      30             :  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
      31             :  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
      32             :  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
      33             :  * SUCH DAMAGE.
      34             :  */
      35             : 
      36             : #include "kdc_locl.h"
      37             : 
      38             : static int have_plugin = 0;
      39             : 
      40             : /*
      41             :  * Pick the first KDC plugin module that we find.
      42             :  */
      43             : 
      44             : static const char *kdc_plugin_deps[] = {
      45             :     "kdc",
      46             :     "krb5",
      47             :     "hdb",
      48             :     NULL
      49             : };
      50             : 
      51             : static struct heim_plugin_data kdc_plugin_data = {
      52             :     "krb5",
      53             :     "kdc",
      54             :     KRB5_PLUGIN_KDC_VERSION_11,
      55             :     kdc_plugin_deps,
      56             :     kdc_get_instance
      57             : };
      58             : 
      59             : static krb5_error_code KRB5_LIB_CALL
      60          93 : load(krb5_context context, const void *plug, void *plugctx, void *userctx)
      61             : {
      62          93 :     have_plugin = 1;
      63          93 :     return KRB5_PLUGIN_NO_HANDLE;
      64             : }
      65             : 
      66             : KDC_LIB_FUNCTION krb5_error_code KDC_LIB_CALL
      67          93 : krb5_kdc_plugin_init(krb5_context context)
      68             : {
      69          93 :     (void)_krb5_plugin_run_f(context, &kdc_plugin_data, 0, NULL, load);
      70             : 
      71          93 :     return 0;
      72             : }
      73             : 
      74             : struct generate_uc {
      75             :     astgs_request_t r;
      76             :     hdb_entry *client;
      77             :     hdb_entry *server;
      78             :     const krb5_keyblock *reply_key;
      79             :     uint64_t pac_attributes;
      80             :     krb5_pac *pac;
      81             : };
      82             : 
      83             : static krb5_error_code KRB5_LIB_CALL
      84       30377 : generate(krb5_context context, const void *plug, void *plugctx, void *userctx)
      85             : {
      86       30377 :     const krb5plugin_kdc_ftable *ft = (const krb5plugin_kdc_ftable *)plug;
      87       30377 :     struct generate_uc *uc = (struct generate_uc *)userctx;    
      88             : 
      89       30377 :     if (ft->pac_generate == NULL)
      90           0 :         return KRB5_PLUGIN_NO_HANDLE;
      91             : 
      92       30377 :     return ft->pac_generate((void *)plug,
      93             :                             uc->r,
      94             :                             uc->client,
      95             :                             uc->server,
      96             :                             uc->reply_key,
      97             :                             uc->pac_attributes,
      98             :                             uc->pac);
      99             : }
     100             : 
     101             : 
     102             : krb5_error_code
     103       30377 : _kdc_pac_generate(astgs_request_t r,
     104             :                   hdb_entry *client,
     105             :                   hdb_entry *server,
     106             :                   const krb5_keyblock *reply_key,
     107             :                   uint64_t pac_attributes,
     108             :                   krb5_pac *pac)
     109             : {
     110       30377 :     krb5_error_code ret = 0;
     111        1170 :     struct generate_uc uc;
     112             : 
     113       30377 :     *pac = NULL;
     114             : 
     115       30377 :     if (krb5_config_get_bool_default(r->context, NULL, FALSE, "realms",
     116       30377 :                                      client->principal->realm,
     117             :                                      "disable_pac", NULL))
     118           0 :         return 0;
     119             : 
     120       30377 :     if (have_plugin) {
     121       30377 :         uc.r = r;
     122       30377 :         uc.client = client;
     123       30377 :         uc.server = server;
     124       30377 :         uc.reply_key = reply_key;
     125       30377 :         uc.pac = pac;
     126       30377 :         uc.pac_attributes = pac_attributes;
     127             : 
     128       30377 :         ret = _krb5_plugin_run_f(r->context, &kdc_plugin_data,
     129             :                                  0, &uc, generate);
     130       30377 :         if (ret != KRB5_PLUGIN_NO_HANDLE)
     131       29207 :             return ret;
     132           0 :         ret = 0;
     133             :     }
     134             : 
     135           0 :     if (*pac == NULL)
     136           0 :         ret = krb5_pac_init(r->context, pac);
     137             : 
     138           0 :     return ret;
     139             : }
     140             : 
     141             : struct verify_uc {
     142             :     astgs_request_t r;
     143             :     krb5_const_principal client_principal;
     144             :     hdb_entry *delegated_proxy;
     145             :     hdb_entry *client;
     146             :     hdb_entry *server;
     147             :     hdb_entry *krbtgt;
     148             :     EncTicketPart *ticket;
     149             :     krb5_pac pac;
     150             : };
     151             : 
     152             : static krb5_error_code KRB5_LIB_CALL
     153       49430 : verify(krb5_context context, const void *plug, void *plugctx, void *userctx)
     154             : {
     155       49430 :     const krb5plugin_kdc_ftable *ft = (const krb5plugin_kdc_ftable *)plug;
     156       49430 :     struct verify_uc *uc = (struct verify_uc *)userctx;
     157        1658 :     krb5_error_code ret;
     158             : 
     159       49430 :     if (ft->pac_verify == NULL)
     160           0 :         return KRB5_PLUGIN_NO_HANDLE;
     161             : 
     162       49430 :     ret = ft->pac_verify((void *)plug,
     163             :                          uc->r,
     164             :                          uc->client_principal,
     165             :                          uc->delegated_proxy,
     166             :                          uc->client, uc->server, uc->krbtgt,
     167             :                          uc->ticket, uc->pac);
     168       49430 :     return ret;
     169             : }
     170             : 
     171             : krb5_error_code
     172       49430 : _kdc_pac_verify(astgs_request_t r,
     173             :                 krb5_const_principal client_principal,
     174             :                 hdb_entry *delegated_proxy,
     175             :                 hdb_entry *client,
     176             :                 hdb_entry *server,
     177             :                 hdb_entry *krbtgt,
     178             :                 EncTicketPart *ticket,
     179             :                 krb5_pac pac)
     180             : {
     181        1658 :     struct verify_uc uc;
     182             : 
     183       49430 :     if (!have_plugin)
     184           0 :         return KRB5_PLUGIN_NO_HANDLE;
     185             : 
     186       49430 :     uc.r = r;
     187       49430 :     uc.client_principal = client_principal;
     188       49430 :     uc.delegated_proxy = delegated_proxy;
     189       49430 :     uc.client = client;
     190       49430 :     uc.server = server;
     191       49430 :     uc.krbtgt = krbtgt;
     192       49430 :     uc.ticket = ticket,
     193       49430 :     uc.pac = pac;
     194             : 
     195       49430 :     return _krb5_plugin_run_f(r->context, &kdc_plugin_data,
     196             :                              0, &uc, verify);
     197             : }
     198             : 
     199             : struct update_uc {
     200             :     astgs_request_t r;
     201             :     krb5_const_principal client_principal;
     202             :     hdb_entry *delegated_proxy;
     203             :     krb5_const_pac delegated_proxy_pac;
     204             :     hdb_entry *client;
     205             :     hdb_entry *server;
     206             :     hdb_entry *krbtgt;
     207             :     krb5_pac *pac;
     208             : };
     209             : 
     210             : static krb5_error_code KRB5_LIB_CALL
     211       47587 : update(krb5_context context, const void *plug, void *plugctx, void *userctx)
     212             : {
     213       47587 :     const krb5plugin_kdc_ftable *ft = (const krb5plugin_kdc_ftable *)plug;
     214       47587 :     struct update_uc *uc = (struct update_uc *)userctx;
     215        1658 :     krb5_error_code ret;
     216             : 
     217       47587 :     if (ft->pac_update == NULL)
     218           0 :         return KRB5_PLUGIN_NO_HANDLE;
     219             : 
     220       47587 :     ret = ft->pac_update((void *)plug,
     221             :                          uc->r,
     222             :                          uc->client_principal,
     223             :                          uc->delegated_proxy,
     224             :                          uc->delegated_proxy_pac,
     225             :                          uc->client, uc->server, uc->krbtgt, uc->pac);
     226       47587 :     return ret;
     227             : }
     228             : 
     229             : krb5_error_code
     230       47587 : _kdc_pac_update(astgs_request_t r,
     231             :                 krb5_const_principal client_principal,
     232             :                 hdb_entry *delegated_proxy,
     233             :                 krb5_const_pac delegated_proxy_pac,
     234             :                 hdb_entry *client,
     235             :                 hdb_entry *server,
     236             :                 hdb_entry *krbtgt,
     237             :                 krb5_pac *pac)
     238             : {
     239        1658 :     struct update_uc uc;
     240             : 
     241       47587 :     if (!have_plugin)
     242           0 :         return KRB5_PLUGIN_NO_HANDLE;
     243             : 
     244       47587 :     uc.r = r;
     245       47587 :     uc.client_principal = client_principal;
     246       47587 :     uc.delegated_proxy = delegated_proxy;
     247       47587 :     uc.delegated_proxy_pac = delegated_proxy_pac;
     248       47587 :     uc.client = client;
     249       47587 :     uc.server = server;
     250       47587 :     uc.krbtgt = krbtgt;
     251       47587 :     uc.pac = pac;
     252             : 
     253       47587 :     return _krb5_plugin_run_f(r->context, &kdc_plugin_data,
     254             :                              0, &uc, update);
     255             : }
     256             : 
     257             : static krb5_error_code KRB5_LIB_CALL
     258       48457 : check(krb5_context context, const void *plug, void *plugctx, void *userctx)
     259             : {
     260       48457 :     const krb5plugin_kdc_ftable *ft = (const krb5plugin_kdc_ftable *)plug;
     261             : 
     262       48457 :     if (ft->client_access == NULL)
     263           0 :         return KRB5_PLUGIN_NO_HANDLE;
     264       48457 :     return ft->client_access((void *)plug, userctx);
     265             : }
     266             : 
     267             : krb5_error_code
     268       48457 : _kdc_check_access(astgs_request_t r)
     269             : {
     270       48457 :     krb5_error_code ret = KRB5_PLUGIN_NO_HANDLE;
     271             : 
     272       48457 :     if (have_plugin) {
     273       48457 :         ret = _krb5_plugin_run_f(r->context, &kdc_plugin_data,
     274             :                                  0, r, check);
     275             :     }
     276             : 
     277       48457 :     if (ret == KRB5_PLUGIN_NO_HANDLE)
     278       48155 :         return kdc_check_flags(r, r->req.msg_type == krb_as_req,
     279             :                                r->client, r->server);
     280         302 :     return ret;
     281             : }
     282             : 
     283             : static krb5_error_code KRB5_LIB_CALL
     284        1104 : referral_policy(krb5_context context, const void *plug, void *plugctx, void *userctx)
     285             : {
     286        1104 :     const krb5plugin_kdc_ftable *ft = (const krb5plugin_kdc_ftable *)plug;
     287             : 
     288        1104 :     if (ft->referral_policy == NULL)
     289           0 :         return KRB5_PLUGIN_NO_HANDLE;
     290        1104 :     return ft->referral_policy((void *)plug, userctx);
     291             : }
     292             : 
     293             : krb5_error_code
     294        1104 : _kdc_referral_policy(astgs_request_t r)
     295             : {
     296        1104 :     krb5_error_code ret = KRB5_PLUGIN_NO_HANDLE;
     297             : 
     298        1104 :     if (have_plugin)
     299        1104 :         ret = _krb5_plugin_run_f(r->context, &kdc_plugin_data, 0, r, referral_policy);
     300             : 
     301        1104 :     return ret;
     302             : }
     303             : 
     304             : static krb5_error_code KRB5_LIB_CALL
     305       77898 : finalize_reply(krb5_context context, const void *plug, void *plugctx, void *userctx)
     306             : {
     307       77898 :     const krb5plugin_kdc_ftable *ft = (const krb5plugin_kdc_ftable *)plug;
     308             : 
     309       77898 :     if (ft->finalize_reply == NULL)
     310           0 :         return KRB5_PLUGIN_NO_HANDLE;
     311       77898 :     return ft->finalize_reply((void *)plug, userctx);
     312             : }
     313             : 
     314             : krb5_error_code
     315       77898 : _kdc_finalize_reply(astgs_request_t r)
     316             : {
     317       77898 :     krb5_error_code ret = KRB5_PLUGIN_NO_HANDLE;
     318             : 
     319       77898 :     if (have_plugin)
     320       77898 :         ret = _krb5_plugin_run_f(r->context, &kdc_plugin_data, 0, r, finalize_reply);
     321             : 
     322       77898 :     if (ret == KRB5_PLUGIN_NO_HANDLE)
     323           0 :         ret = 0;
     324             : 
     325       77898 :     return ret;
     326             : }
     327             : 
     328             : static krb5_error_code KRB5_LIB_CALL
     329      102098 : audit(krb5_context context, const void *plug, void *plugctx, void *userctx)
     330             : {
     331      102098 :     const krb5plugin_kdc_ftable *ft = (const krb5plugin_kdc_ftable *)plug;
     332             : 
     333      102098 :     if (ft->audit == NULL)
     334       98685 :         return KRB5_PLUGIN_NO_HANDLE;
     335           0 :     return ft->audit((void *)plug, userctx);
     336             : }
     337             : 
     338             : krb5_error_code
     339      102098 : _kdc_plugin_audit(astgs_request_t r)
     340             : {
     341      102098 :     krb5_error_code ret = KRB5_PLUGIN_NO_HANDLE;
     342             : 
     343      102098 :     if (have_plugin)
     344      102098 :         ret = _krb5_plugin_run_f(r->context, &kdc_plugin_data, 0, r, audit);
     345             : 
     346      102098 :     if (ret == KRB5_PLUGIN_NO_HANDLE)
     347       98685 :         ret = 0;
     348             : 
     349      102098 :     return ret;
     350             : }
     351             : 
     352             : KDC_LIB_FUNCTION uintptr_t KDC_LIB_CALL
     353           0 : kdc_get_instance(const char *libname)
     354             : {
     355           0 :     static const char *instance = "libkdc";
     356             : 
     357           0 :     if (strcmp(libname, "kdc") == 0)
     358           0 :         return (uintptr_t)instance;
     359           0 :     else if (strcmp(libname, "hdb") == 0)
     360           0 :         return hdb_get_instance(libname);
     361           0 :     else if (strcmp(libname, "krb5") == 0)
     362           0 :         return krb5_get_instance(libname);
     363             : 
     364           0 :     return 0;
     365             : }
     366             : 
     367             : /*
     368             :  * Minimum API surface wrapper for libheimbase object types so it
     369             :  * may remain a private interface, yet plugins can interact with
     370             :  * objects.
     371             :  */
     372             : 
     373             : KDC_LIB_FUNCTION kdc_object_t KDC_LIB_CALL
     374         664 : kdc_object_alloc(size_t size, const char *name, kdc_type_dealloc dealloc)
     375             : {
     376         664 :     return heim_alloc(size, name, dealloc);
     377             : }
     378             : 
     379             : KDC_LIB_FUNCTION kdc_object_t KDC_LIB_CALL
     380           0 : kdc_object_retain(kdc_object_t o)
     381             : {
     382           0 :     return heim_retain(o);
     383             : }
     384             : 
     385             : KDC_LIB_FUNCTION void KDC_LIB_CALL
     386           0 : kdc_object_release(kdc_object_t o)
     387             : {
     388           0 :     heim_release(o);
     389           0 : }
     390             : 
     391             : KDC_LIB_FUNCTION kdc_object_t KDC_LIB_CALL
     392           0 : kdc_bool_create(krb5_boolean v)
     393             : {
     394           0 :     return heim_bool_create(v);
     395             : }
     396             : 
     397             : KDC_LIB_FUNCTION krb5_boolean KDC_LIB_CALL
     398           0 : kdc_bool_get_value(kdc_object_t o)
     399             : {
     400           0 :     return heim_bool_val(o);
     401             : }
     402             : 
     403             : struct kdc_array_iterator_trampoline_data {
     404             :     kdc_array_iterator_t iter;
     405             :     void *data;
     406             : };
     407             : 
     408             : /*
     409             :  * Calling convention shim to avoid needing to update all internal
     410             :  * consumers of heim_array_iterate_f()
     411             :  */
     412             : static void
     413           0 : _kdc_array_iterator_trampoline(kdc_object_t o, void *data, int *stop)
     414             : {
     415           0 :     struct kdc_array_iterator_trampoline_data *t = data;
     416             : 
     417           0 :     t->iter(o, t->data, stop);
     418           0 : }
     419             : 
     420             : KDC_LIB_FUNCTION void KDC_LIB_CALL
     421           0 : kdc_array_iterate(kdc_array_t a, void *d, kdc_array_iterator_t iter)
     422             : {
     423           0 :     struct kdc_array_iterator_trampoline_data t;
     424             : 
     425           0 :     t.iter = iter;
     426           0 :     t.data = d;
     427             : 
     428           0 :     heim_array_iterate_f((heim_array_t)a, &t, _kdc_array_iterator_trampoline);
     429           0 : }
     430             : 
     431             : KDC_LIB_FUNCTION size_t KDC_LIB_CALL
     432           0 : kdc_array_get_length(kdc_array_t a)
     433             : {
     434           0 :     return heim_array_get_length((heim_array_t)a);
     435             : }
     436             : 
     437             : KDC_LIB_FUNCTION kdc_object_t KDC_LIB_CALL
     438           0 : kdc_array_get_value(heim_array_t a, size_t i)
     439             : {
     440           0 :     return heim_array_get_value((heim_array_t)a, i);
     441             : }
     442             : 
     443             : KDC_LIB_FUNCTION kdc_object_t KDC_LIB_CALL
     444           0 : kdc_array_copy_value(heim_array_t a, size_t i)
     445             : {
     446           0 :     return heim_array_copy_value((heim_array_t)a, i);
     447             : }
     448             : 
     449             : KDC_LIB_FUNCTION kdc_string_t KDC_LIB_CALL
     450           0 : kdc_string_create(const char *s)
     451             : {
     452           0 :     return (kdc_string_t)heim_string_create(s);
     453             : }
     454             : 
     455             : KDC_LIB_FUNCTION const char * KDC_LIB_CALL
     456           0 : kdc_string_get_utf8(kdc_string_t s)
     457             : {
     458           0 :     return heim_string_get_utf8((heim_string_t)s);
     459             : }
     460             : 
     461             : KDC_LIB_FUNCTION kdc_data_t
     462           0 : kdc_data_create(const void *d, size_t len)
     463             : {
     464           0 :     return (kdc_data_t)heim_data_create(d, len);
     465             : }
     466             : 
     467             : KDC_LIB_FUNCTION const krb5_data * KDC_LIB_CALL
     468           0 : kdc_data_get_data(kdc_data_t d)
     469             : {
     470           0 :     return heim_data_get_data((heim_data_t)d);
     471             : }
     472             : 
     473             : KDC_LIB_FUNCTION kdc_number_t KDC_LIB_CALL
     474           0 : kdc_number_create(int64_t v)
     475             : {
     476           0 :     return (kdc_number_t)heim_number_create(v);
     477             : }
     478             : 
     479             : KDC_LIB_FUNCTION int64_t KDC_LIB_CALL
     480           0 : kdc_number_get_value(kdc_number_t n)
     481             : {
     482           0 :     return heim_number_get_long((heim_number_t)n);
     483             : }
     484             : 
     485             : /*
     486             :  * Plugin accessors
     487             :  */
     488             : 
     489             : KDC_LIB_FUNCTION krb5_error_code KDC_LIB_CALL
     490           0 : kdc_request_add_reply_padata(astgs_request_t r, PA_DATA *md)
     491             : {
     492           0 :     heim_assert(r->rep.padata != NULL, "reply padata not allocated");
     493           0 :     return add_METHOD_DATA(r->rep.padata, md);
     494             : }
     495             : 
     496             : KDC_LIB_FUNCTION krb5_error_code KDC_LIB_CALL
     497       35437 : kdc_request_add_encrypted_padata(astgs_request_t r, PA_DATA *md)
     498             : {
     499       35437 :     if (r->ek.encrypted_pa_data == NULL) {
     500       10027 :         r->ek.encrypted_pa_data = calloc(1, sizeof *(r->ek.encrypted_pa_data));
     501       10027 :         if (r->ek.encrypted_pa_data == NULL) {
     502           0 :             return ENOMEM;
     503             :         }
     504             :     }
     505             : 
     506       35437 :     return add_METHOD_DATA(r->ek.encrypted_pa_data, md);
     507             : }
     508             : 
     509             : KDC_LIB_FUNCTION krb5_error_code KDC_LIB_CALL
     510           0 : kdc_request_add_pac_buffer(astgs_request_t r,
     511             :                            uint32_t pactype,
     512             :                            const krb5_data *d)
     513             : {
     514           0 :     krb5_error_code ret;
     515           0 :     krb5_pac pac;
     516             : 
     517           0 :     if (r->pac == NULL) {
     518           0 :         ret = krb5_pac_init(r->context, &pac);
     519           0 :         if (ret)
     520           0 :             return ret;
     521             :     } else
     522           0 :         pac = heim_retain(r->pac);
     523             : 
     524           0 :     ret = krb5_pac_add_buffer(r->context, pac, pactype, d);
     525           0 :     if (ret == 0 && r->pac == NULL)
     526           0 :         r->pac = pac;
     527             :     else
     528           0 :         heim_release(pac);
     529             : 
     530           0 :     return ret;
     531             : }
     532             : 
     533             : /*
     534             :  * Override the e-data field to be returned in an error reply. The data will be
     535             :  * owned by the KDC and eventually will be freed with krb5_data_free().
     536             :  */
     537             : KDC_LIB_FUNCTION krb5_error_code KDC_LIB_CALL
     538         107 : kdc_request_set_e_data(astgs_request_t r, heim_octet_string e_data)
     539             : {
     540         107 :     krb5_data_free(&r->e_data);
     541         107 :     r->e_data = e_data;
     542             : 
     543         107 :     return 0;
     544             : }
     545             : 
     546             : #undef _KDC_REQUEST_GET_ACCESSOR
     547             : #define _KDC_REQUEST_GET_ACCESSOR(R, T, f)                  \
     548             :     KDC_LIB_FUNCTION T KDC_LIB_CALL                         \
     549             :     kdc_request_get_ ## f(R r)                              \
     550             :     {                                                       \
     551             :         return r->f;                                     \
     552             :     }
     553             : 
     554             : #undef _KDC_REQUEST_SET_ACCESSOR
     555             : #define _KDC_REQUEST_SET_ACCESSOR(R, T, f)                  \
     556             :     KDC_LIB_FUNCTION void KDC_LIB_CALL                      \
     557             :     kdc_request_set_ ## f(R r, T v)                         \
     558             :     {                                                       \
     559             :         r->f = v;                                        \
     560             :     }
     561             : 
     562             : #undef _KDC_REQUEST_GET_ACCESSOR_PTR
     563             : #define _KDC_REQUEST_GET_ACCESSOR_PTR(R, T,  f)             \
     564             :     KDC_LIB_FUNCTION const T KDC_LIB_CALL                   \
     565             :     kdc_request_get_ ## f(R r)                              \
     566             :     {                                                       \
     567             :         return r->f;                                     \
     568             :     }
     569             : 
     570             : #undef _KDC_REQUEST_SET_ACCESSOR_PTR
     571             : #define _KDC_REQUEST_SET_ACCESSOR_PTR(R, T, t, f)           \
     572             :     KDC_LIB_FUNCTION krb5_error_code KDC_LIB_CALL           \
     573             :     kdc_request_set_ ## f(R r, const T v)                   \
     574             :     {                                                       \
     575             :         krb5_error_code ret;                                \
     576             :         T tmp;                                              \
     577             :                                                             \
     578             :         if (v == r->f)                                           \
     579             :             return 0;                                       \
     580             :         else if (v) {                                       \
     581             :             ret = copy_##t(v, &tmp);                            \
     582             :             if (ret)                                        \
     583             :                 return ret;                                 \
     584             :         } else                                              \
     585             :             tmp = NULL;                                     \
     586             :                                                             \
     587             :         free_##t(r->f);                                          \
     588             :         r->f = tmp;                                      \
     589             :                                                             \
     590             :         return 0;                                           \
     591             :     }
     592             : 
     593             : #undef _KDC_REQUEST_GET_ACCESSOR_STRUCT
     594             : #define _KDC_REQUEST_GET_ACCESSOR_STRUCT(R, T, f)           \
     595             :     KDC_LIB_FUNCTION const T * KDC_LIB_CALL                 \
     596             :     kdc_request_get_ ## f(R r)                              \
     597             :     {                                                       \
     598             :         return &r->f;                                        \
     599             :     }
     600             : 
     601             : #undef _KDC_REQUEST_SET_ACCESSOR_STRUCT
     602             : #define _KDC_REQUEST_SET_ACCESSOR_STRUCT(R, T, t, f)        \
     603             :     KDC_LIB_FUNCTION krb5_error_code KDC_LIB_CALL           \
     604             :     kdc_request_set_ ## f(R r, const T *v)                  \
     605             :     {                                                       \
     606             :         krb5_error_code ret;                                \
     607             :         T tmp;                                              \
     608             :                                                             \
     609             :         if (v == NULL)                                      \
     610             :             return EINVAL;                                  \
     611             :         else if (v == &r->f)                                 \
     612             :             return 0;                                       \
     613             :                                                             \
     614             :         ret = copy_##t(v, &tmp);                        \
     615             :         if (ret)                                            \
     616             :             return ret;                                     \
     617             :                                                             \
     618             :         free_##t(&r->f);                             \
     619             :         r->f = tmp;                                      \
     620             :                                                             \
     621             :         return 0;                                           \
     622             :     }
     623             : 
     624             : static krb5_error_code
     625           0 : copy_string_ptr(const char *src, char **dst)
     626             : {
     627           0 :     *dst = strdup(src);
     628           0 :     if (*dst == NULL)
     629           0 :         return ENOMEM;
     630             : 
     631           0 :     return 0;
     632             : }
     633             : 
     634             : static void
     635         790 : free_string_ptr(char *s)
     636             : {
     637         790 :     free(s);
     638         790 : }
     639             : 
     640             : static krb5_error_code
     641           0 : copy_Principal_ptr(krb5_const_principal src, krb5_principal *dst)
     642             : {
     643           0 :     krb5_error_code ret;
     644           0 :     krb5_principal p;
     645             : 
     646           0 :     *dst = NULL;
     647             : 
     648           0 :     p = calloc(1, sizeof(*p));
     649           0 :     if (p == NULL)
     650           0 :         return ENOMEM;
     651             : 
     652           0 :     ret = copy_Principal(src, p);
     653           0 :     if (ret == 0)
     654           0 :         *dst = p;
     655             :     else
     656           0 :         free(p);
     657             : 
     658           0 :     return ret;
     659             : }
     660             : 
     661             : static void
     662        1580 : free_Principal_ptr(krb5_principal p)
     663             : {
     664        1580 :     if (p) {
     665        1580 :         free_Principal(p);
     666        1580 :         free(p);
     667             :     }
     668        1580 : }
     669             : 
     670             : static krb5_error_code
     671           0 : copy_pac(const struct krb5_pac_data *src, struct krb5_pac_data **dst)
     672             : {
     673             :     /* FIXME use heim_copy() when it exists */
     674           0 :     *dst = (krb5_pac)heim_retain((heim_object_t)src);
     675           0 :     return 0;
     676             : }
     677             : 
     678             : static void
     679         790 : free_pac(struct krb5_pac_data *o)
     680             : {
     681         790 :     heim_release(o);
     682         790 : }
     683             : 
     684             : static krb5_error_code
     685           0 : copy_keyblock(const EncryptionKey *src, EncryptionKey *dst)
     686             : {
     687           0 :     return copy_EncryptionKey(src, dst);
     688             : }
     689             : 
     690             : static void
     691           0 : free_keyblock(EncryptionKey *key)
     692             : {
     693           0 :     krb5_free_keyblock_contents(NULL, key);
     694           0 : }
     695             : 
     696             : #undef HEIMDAL_KDC_KDC_ACCESSORS_H
     697             : #include "kdc-accessors.h"
     698             : 
     699             : #undef _KDC_REQUEST_GET_ACCESSOR
     700             : #undef _KDC_REQUEST_SET_ACCESSOR
     701             : 
     702             : #undef _KDC_REQUEST_GET_ACCESSOR_PTR
     703             : #undef _KDC_REQUEST_SET_ACCESSOR_PTR
     704             : #define _KDC_REQUEST_SET_ACCESSOR_PTR(R, T, t, f)           \
     705             :     void                                                    \
     706             :     _kdc_request_set_ ## f ## _nocopy(R r, T *v)            \
     707             :     {                                                       \
     708             :         if (*v != r->f) {                                \
     709             :             free_##t(r->f);                              \
     710             :             r->f = *v;                                           \
     711             :         }                                                   \
     712             :         *v = NULL;                                          \
     713             :     }
     714             : 
     715             : #undef _KDC_REQUEST_GET_ACCESSOR_STRUCT
     716             : #undef _KDC_REQUEST_SET_ACCESSOR_STRUCT
     717             : #define _KDC_REQUEST_SET_ACCESSOR_STRUCT(R, T, t, f)        \
     718             :     void                                                    \
     719             :     _kdc_request_set_ ## f ## _nocopy(R r, T *v)            \
     720             :     {                                                       \
     721             :         if (v != &r->f) {                                    \
     722             :             free_##t(&r->f);                                 \
     723             :             r->f = *v;                                           \
     724             :         }                                                   \
     725             :         memset(v, 0, sizeof(*v));                           \
     726             :     }
     727             : 
     728             : #undef HEIMDAL_KDC_KDC_ACCESSORS_H
     729             : #include "kdc-accessors.h"
     730             : 
     731             : KDC_LIB_FUNCTION const HDB * KDC_LIB_CALL
     732           0 : kdc_request_get_explicit_armor_clientdb(astgs_request_t r)
     733             : {
     734           0 :     return r->explicit_armor_present ? r->armor_clientdb : NULL;
     735             : }
     736             : 
     737             : KDC_LIB_FUNCTION const hdb_entry * KDC_LIB_CALL
     738           0 : kdc_request_get_explicit_armor_client(astgs_request_t r)
     739             : {
     740           0 :     return r->explicit_armor_present ? r->armor_client : NULL;
     741             : }
     742             : 
     743             : KDC_LIB_FUNCTION const hdb_entry * KDC_LIB_CALL
     744           0 : kdc_request_get_explicit_armor_server(astgs_request_t r)
     745             : {
     746           0 :     return r->explicit_armor_present ? r->armor_server : NULL;
     747             : }
     748             : 
     749             : KDC_LIB_FUNCTION krb5_const_pac KDC_LIB_CALL
     750           0 : kdc_request_get_explicit_armor_pac(astgs_request_t r)
     751             : {
     752           0 :     return r->explicit_armor_present ? r->armor_pac : NULL;
     753             : }

Generated by: LCOV version 1.14