1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2 /* lib/krb5/krb/kfree.c */
4 * Copyright 1990-1998, 2009 by the Massachusetts Institute of Technology.
6 * Export of this software from the United States of America may
7 * require a specific license from the United States Government.
8 * It is the responsibility of any person or organization contemplating
9 * export to obtain such a license before exporting.
11 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
12 * distribute this software and its documentation for any purpose and
13 * without fee is hereby granted, provided that the above copyright
14 * notice appear in all copies and that both that copyright notice and
15 * this permission notice appear in supporting documentation, and that
16 * the name of M.I.T. not be used in advertising or publicity pertaining
17 * to distribution of the software without specific, written prior
18 * permission. Furthermore if you modify this software you must label
19 * your software as modified software and not distribute it in such a
20 * fashion that it might be confused with the original M.I.T. software.
21 * M.I.T. makes no representations about the suitability of
22 * this software for any purpose. It is provided "as is" without express
23 * or implied warranty.
26 * Copyright (c) 2006-2008, Novell, Inc.
27 * All rights reserved.
29 * Redistribution and use in source and binary forms, with or without
30 * modification, are permitted provided that the following conditions are met:
32 * * Redistributions of source code must retain the above copyright notice,
33 * this list of conditions and the following disclaimer.
34 * * Redistributions in binary form must reproduce the above copyright
35 * notice, this list of conditions and the following disclaimer in the
36 * documentation and/or other materials provided with the distribution.
37 * * The copyright holder's name is not used to endorse or promote products
38 * derived from this software without specific prior written permission.
40 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
41 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
44 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
45 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
46 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
47 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
48 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
50 * POSSIBILITY OF SUCH DAMAGE.
58 krb5_free_address(krb5_context context, krb5_address *val)
67 krb5_free_addresses(krb5_context context, krb5_address **val)
73 for (temp = val; *temp; temp++) {
74 free((*temp)->contents);
81 krb5_free_ap_rep(krb5_context context, krb5_ap_rep *val)
85 free(val->enc_part.ciphertext.data);
90 krb5_free_ap_req(krb5_context context, krb5_ap_req *val)
94 krb5_free_ticket(context, val->ticket);
95 free(val->authenticator.ciphertext.data);
100 krb5_free_ap_rep_enc_part(krb5_context context, krb5_ap_rep_enc_part *val)
104 krb5_free_keyblock(context, val->subkey);
109 krb5_free_authenticator_contents(krb5_context context, krb5_authenticator *val)
113 krb5_free_checksum(context, val->checksum);
115 krb5_free_principal(context, val->client);
117 krb5_free_keyblock(context, val->subkey);
119 krb5_free_authdata(context, val->authorization_data);
120 val->authorization_data = 0;
124 krb5_free_authenticator(krb5_context context, krb5_authenticator *val)
128 krb5_free_authenticator_contents(context, val);
133 krb5_free_checksum(krb5_context context, krb5_checksum *val)
137 krb5_free_checksum_contents(context, val);
142 krb5_free_checksum_contents(krb5_context context, krb5_checksum *val)
147 val->contents = NULL;
152 krb5_free_cred(krb5_context context, krb5_cred *val)
156 krb5_free_tickets(context, val->tickets);
157 free(val->enc_part.ciphertext.data);
162 * krb5_free_cred_contents zeros out the session key, and then frees
163 * the credentials structures
167 krb5_free_cred_contents(krb5_context context, krb5_creds *val)
171 krb5_free_principal(context, val->client);
173 krb5_free_principal(context, val->server);
175 krb5_free_keyblock_contents(context, &val->keyblock);
176 free(val->ticket.data);
177 val->ticket.data = 0;
178 free(val->second_ticket.data);
179 val->second_ticket.data = 0;
180 krb5_free_addresses(context, val->addresses);
182 krb5_free_authdata(context, val->authdata);
187 krb5_free_cred_enc_part(krb5_context context, krb5_cred_enc_part *val)
189 krb5_cred_info **temp;
193 krb5_free_address(context, val->r_address);
195 krb5_free_address(context, val->s_address);
198 if (val->ticket_info) {
199 for (temp = val->ticket_info; *temp; temp++) {
200 krb5_free_keyblock(context, (*temp)->session);
201 krb5_free_principal(context, (*temp)->client);
202 krb5_free_principal(context, (*temp)->server);
203 krb5_free_addresses(context, (*temp)->caddrs);
206 free(val->ticket_info);
207 val->ticket_info = 0;
213 krb5_free_creds(krb5_context context, krb5_creds *val)
217 krb5_free_cred_contents(context, val);
223 krb5_free_data(krb5_context context, krb5_data *val)
233 krb5_free_octet_data(krb5_context context, krb5_octet_data *val)
242 krb5_free_data_contents(krb5_context context, krb5_data *val)
252 krb5_free_enc_data(krb5_context context, krb5_enc_data *val)
256 krb5_free_data_contents(context, &val->ciphertext);
260 void krb5_free_etype_info(krb5_context context, krb5_etype_info info)
266 for (i=0; info[i] != NULL; i++) {
268 krb5_free_data_contents(context, &info[i]->s2kparams);
276 krb5_free_enc_kdc_rep_part(krb5_context context, krb5_enc_kdc_rep_part *val)
280 krb5_free_keyblock(context, val->session);
281 krb5_free_last_req(context, val->last_req);
282 krb5_free_principal(context, val->server);
283 krb5_free_addresses(context, val->caddrs);
284 krb5_free_pa_data(context, val->enc_padata);
289 krb5_free_enc_tkt_part(krb5_context context, krb5_enc_tkt_part *val)
293 krb5_free_keyblock(context, val->session);
294 krb5_free_principal(context, val->client);
295 free(val->transited.tr_contents.data);
296 krb5_free_addresses(context, val->caddrs);
297 krb5_free_authdata(context, val->authorization_data);
303 krb5_free_error(krb5_context context, krb5_error *val)
307 krb5_free_principal(context, val->client);
308 krb5_free_principal(context, val->server);
309 free(val->text.data);
310 free(val->e_data.data);
315 krb5_free_kdc_rep(krb5_context context, krb5_kdc_rep *val)
319 krb5_free_pa_data(context, val->padata);
320 krb5_free_principal(context, val->client);
321 krb5_free_ticket(context, val->ticket);
322 free(val->enc_part.ciphertext.data);
323 krb5_free_enc_kdc_rep_part(context, val->enc_part2);
329 krb5_free_kdc_req(krb5_context context, krb5_kdc_req *val)
333 krb5_free_pa_data(context, val->padata);
334 krb5_free_principal(context, val->client);
335 krb5_free_principal(context, val->server);
337 krb5_free_addresses(context, val->addresses);
338 free(val->authorization_data.ciphertext.data);
339 krb5_free_authdata(context, val->unenc_authdata);
340 krb5_free_tickets(context, val->second_ticket);
345 krb5_free_keyblock_contents(krb5_context context, krb5_keyblock *key)
347 krb5int_c_free_keyblock_contents (context, key);
351 krb5_free_keyblock(krb5_context context, krb5_keyblock *val)
353 krb5int_c_free_keyblock (context, val);
359 krb5_free_last_req(krb5_context context, krb5_last_req_entry **val)
361 krb5_last_req_entry **temp;
365 for (temp = val; *temp; temp++)
371 k5_zapfree_pa_data(krb5_pa_data **val)
377 for (pa = val; *pa != NULL; pa++) {
378 zapfree((*pa)->contents, (*pa)->length);
379 zapfree(*pa, sizeof(**pa));
385 krb5_free_pa_data(krb5_context context, krb5_pa_data **val)
391 for (temp = val; *temp; temp++) {
392 free((*temp)->contents);
399 krb5_free_principal(krb5_context context, krb5_principal val)
409 free(val->data[i].data);
412 free(val->realm.data);
417 krb5_free_priv(krb5_context context, krb5_priv *val)
421 free(val->enc_part.ciphertext.data);
426 krb5_free_priv_enc_part(krb5_context context, krb5_priv_enc_part *val)
430 free(val->user_data.data);
431 krb5_free_address(context, val->r_address);
432 krb5_free_address(context, val->s_address);
437 krb5_free_safe(krb5_context context, krb5_safe *val)
441 free(val->user_data.data);
442 krb5_free_address(context, val->r_address);
443 krb5_free_address(context, val->s_address);
444 krb5_free_checksum(context, val->checksum);
450 krb5_free_ticket(krb5_context context, krb5_ticket *val)
454 krb5_free_principal(context, val->server);
455 free(val->enc_part.ciphertext.data);
456 krb5_free_enc_tkt_part(context, val->enc_part2);
461 krb5_free_tickets(krb5_context context, krb5_ticket **val)
467 for (temp = val; *temp; temp++)
468 krb5_free_ticket(context, *temp);
474 krb5_free_tgt_creds(krb5_context context, krb5_creds **tgts)
479 for (tgtpp = tgts; *tgtpp; tgtpp++)
480 krb5_free_creds(context, *tgtpp);
485 krb5_free_tkt_authent(krb5_context context, krb5_tkt_authent *val)
489 krb5_free_ticket(context, val->ticket);
490 krb5_free_authenticator(context, val->authenticator);
495 krb5_free_unparsed_name(krb5_context context, char *val)
502 krb5_free_string(krb5_context context, char *val)
508 krb5_free_sam_challenge_2(krb5_context ctx, krb5_sam_challenge_2 *sc2)
512 krb5_free_sam_challenge_2_contents(ctx, sc2);
517 krb5_free_sam_challenge_2_contents(krb5_context ctx,
518 krb5_sam_challenge_2 *sc2)
520 krb5_checksum **cksump;
524 if (sc2->sam_challenge_2_body.data)
525 krb5_free_data_contents(ctx, &sc2->sam_challenge_2_body);
526 if (sc2->sam_cksum) {
527 cksump = sc2->sam_cksum;
529 krb5_free_checksum(ctx, *cksump);
532 free(sc2->sam_cksum);
538 krb5_free_sam_challenge_2_body(krb5_context ctx,
539 krb5_sam_challenge_2_body *sc2)
543 krb5_free_sam_challenge_2_body_contents(ctx, sc2);
548 krb5_free_sam_challenge_2_body_contents(krb5_context ctx,
549 krb5_sam_challenge_2_body *sc2)
553 if (sc2->sam_type_name.data)
554 krb5_free_data_contents(ctx, &sc2->sam_type_name);
555 if (sc2->sam_track_id.data)
556 krb5_free_data_contents(ctx, &sc2->sam_track_id);
557 if (sc2->sam_challenge_label.data)
558 krb5_free_data_contents(ctx, &sc2->sam_challenge_label);
559 if (sc2->sam_challenge.data)
560 krb5_free_data_contents(ctx, &sc2->sam_challenge);
561 if (sc2->sam_response_prompt.data)
562 krb5_free_data_contents(ctx, &sc2->sam_response_prompt);
563 if (sc2->sam_pk_for_sad.data)
564 krb5_free_data_contents(ctx, &sc2->sam_pk_for_sad);
568 krb5_free_sam_response_2(krb5_context ctx, krb5_sam_response_2 *sr2)
572 krb5_free_sam_response_2_contents(ctx, sr2);
577 krb5_free_sam_response_2_contents(krb5_context ctx, krb5_sam_response_2 *sr2)
581 if (sr2->sam_track_id.data)
582 krb5_free_data_contents(ctx, &sr2->sam_track_id);
583 if (sr2->sam_enc_nonce_or_sad.ciphertext.data)
584 krb5_free_data_contents(ctx, &sr2->sam_enc_nonce_or_sad.ciphertext);
588 krb5_free_enc_sam_response_enc_2(krb5_context ctx,
589 krb5_enc_sam_response_enc_2 *esre2)
593 krb5_free_enc_sam_response_enc_2_contents(ctx, esre2);
598 krb5_free_enc_sam_response_enc_2_contents(krb5_context ctx,
599 krb5_enc_sam_response_enc_2 *esre2)
603 if (esre2->sam_sad.data)
604 krb5_free_data_contents(ctx, &esre2->sam_sad);
608 krb5_free_pa_enc_ts(krb5_context ctx, krb5_pa_enc_ts *pa_enc_ts)
616 krb5_free_pa_for_user(krb5_context context, krb5_pa_for_user *req)
620 krb5_free_principal(context, req->user);
622 krb5_free_checksum_contents(context, &req->cksum);
623 krb5_free_data_contents(context, &req->auth_package);
628 krb5_free_s4u_userid_contents(krb5_context context, krb5_s4u_userid *user_id)
633 krb5_free_principal(context, user_id->user);
634 user_id->user = NULL;
635 krb5_free_data_contents(context, &user_id->subject_cert);
636 user_id->subject_cert.length = 0;
637 user_id->subject_cert.data = NULL;
638 user_id->options = 0;
642 krb5_free_pa_s4u_x509_user(krb5_context context, krb5_pa_s4u_x509_user *req)
646 krb5_free_s4u_userid_contents(context, &req->user_id);
647 krb5_free_checksum_contents(context, &req->cksum);
652 krb5_free_pa_pac_req(krb5_context context,
653 krb5_pa_pac_req *req)
659 krb5_free_fast_req(krb5_context context, krb5_fast_req *val)
663 krb5_free_kdc_req(context, val->req_body);
668 krb5_free_fast_armor(krb5_context context, krb5_fast_armor *val)
672 krb5_free_data_contents(context, &val->armor_value);
677 krb5_free_fast_response(krb5_context context, krb5_fast_response *val)
681 krb5_free_pa_data(context, val->padata);
682 krb5_free_fast_finished(context, val->finished);
683 krb5_free_keyblock(context, val->strengthen_key);
688 krb5_free_fast_finished(krb5_context context, krb5_fast_finished *val)
692 krb5_free_principal(context, val->client);
693 krb5_free_checksum_contents(context, &val->ticket_checksum);
698 krb5_free_fast_armored_req(krb5_context context, krb5_fast_armored_req *val)
703 krb5_free_fast_armor(context, val->armor);
704 krb5_free_data_contents(context, &val->enc_part.ciphertext);
705 if (val->req_checksum.contents)
706 krb5_free_checksum_contents(context, &val->req_checksum);
711 k5_free_data_ptr_list(krb5_data **list)
715 for (i = 0; list != NULL && list[i] != NULL; i++)
716 krb5_free_data(NULL, list[i]);
721 krb5int_free_data_list(krb5_context context, krb5_data *data)
728 for (i = 0; data[i].data != NULL; i++)
735 krb5_free_ad_kdcissued(krb5_context context, krb5_ad_kdcissued *val)
740 krb5_free_checksum_contents(context, &val->ad_checksum);
741 krb5_free_principal(context, val->i_principal);
742 krb5_free_authdata(context, val->elements);
747 krb5_free_iakerb_header(krb5_context context, krb5_iakerb_header *val)
752 krb5_free_data_contents(context, &val->target_realm);
753 krb5_free_data(context, val->cookie);
758 krb5_free_iakerb_finished(krb5_context context, krb5_iakerb_finished *val)
763 krb5_free_checksum_contents(context, &val->checksum);
768 k5_free_algorithm_identifier(krb5_context context,
769 krb5_algorithm_identifier *val)
773 free(val->algorithm.data);
774 free(val->parameters.data);
779 k5_free_otp_tokeninfo(krb5_context context, krb5_otp_tokeninfo *val)
781 krb5_algorithm_identifier **alg;
785 free(val->vendor.data);
786 free(val->challenge.data);
787 free(val->token_id.data);
788 free(val->alg_id.data);
789 for (alg = val->supported_hash_alg; alg != NULL && *alg != NULL; alg++)
790 k5_free_algorithm_identifier(context, *alg);
791 free(val->supported_hash_alg);
796 k5_free_pa_otp_challenge(krb5_context context, krb5_pa_otp_challenge *val)
798 krb5_otp_tokeninfo **ti;
802 free(val->nonce.data);
803 free(val->service.data);
804 for (ti = val->tokeninfo; *ti != NULL; ti++)
805 k5_free_otp_tokeninfo(context, *ti);
806 free(val->tokeninfo);
807 free(val->salt.data);
808 free(val->s2kparams.data);
813 k5_free_pa_otp_req(krb5_context context, krb5_pa_otp_req *val)
818 free(val->nonce.data);
819 free(val->enc_data.ciphertext.data);
820 if (val->hash_alg != NULL)
821 k5_free_algorithm_identifier(context, val->hash_alg);
822 free(val->otp_value.data);
824 free(val->challenge.data);
825 free(val->counter.data);
826 free(val->token_id.data);
827 free(val->alg_id.data);
828 free(val->vendor.data);
833 k5_free_kkdcp_message(krb5_context context, krb5_kkdcp_message *val)
837 free(val->target_domain.data);
838 free(val->kerb_message.data);
843 free_vmac(krb5_context context, krb5_verifier_mac *val)
847 krb5_free_principal(context, val->princ);
848 krb5_free_checksum_contents(context, &val->checksum);
853 k5_free_cammac(krb5_context context, krb5_cammac *val)
855 krb5_verifier_mac **vp;
859 krb5_free_authdata(context, val->elements);
860 free_vmac(context, val->kdc_verifier);
861 free_vmac(context, val->svc_verifier);
862 for (vp = val->other_verifiers; vp != NULL && *vp != NULL; vp++)
863 free_vmac(context, *vp);
864 free(val->other_verifiers);
869 k5_free_secure_cookie(krb5_context context, krb5_secure_cookie *val)
873 k5_zapfree_pa_data(val->data);
878 k5_free_spake_factor(krb5_context context, krb5_spake_factor *val)
882 if (val->data != NULL)
883 zapfree(val->data->data, val->data->length);
889 k5_free_pa_spake(krb5_context context, krb5_pa_spake *val)
891 krb5_spake_factor **f;
895 switch (val->choice) {
896 case SPAKE_MSGTYPE_SUPPORT:
897 free(val->u.support.groups);
899 case SPAKE_MSGTYPE_CHALLENGE:
900 krb5_free_data_contents(context, &val->u.challenge.pubkey);
901 for (f = val->u.challenge.factors; f != NULL && *f != NULL; f++)
902 k5_free_spake_factor(context, *f);
903 free(val->u.challenge.factors);
905 case SPAKE_MSGTYPE_RESPONSE:
906 krb5_free_data_contents(context, &val->u.response.pubkey);
907 krb5_free_data_contents(context, &val->u.response.factor.ciphertext);
909 case SPAKE_MSGTYPE_ENCDATA:
910 krb5_free_data_contents(context, &val->u.encdata.ciphertext);