/*
* An implementation for the default replay cache type.
*/
+#include "k5-int.h"
#include "rc_base.h"
#include "rc_dfl.h"
#include "rc_io.h"
-#include "k5-int.h"
#include "rc-int.h"
/*
krb5_rc_dfl_get_span(krb5_context context, krb5_rcache id,
krb5_deltat *lifespan)
{
- krb5_error_code err;
struct dfl_data *t;
- err = k5_mutex_lock(&id->lock);
- if (err)
- return err;
+ k5_mutex_lock(&id->lock);
t = (struct dfl_data *) id->data;
*lifespan = t->lifespan;
k5_mutex_unlock(&id->lock);
{
krb5_error_code retval;
- retval = k5_mutex_lock(&id->lock);
- if (retval)
- return retval;
+ k5_mutex_lock(&id->lock);
retval = krb5_rc_dfl_init_locked(context, id, lifespan);
k5_mutex_unlock(&id->lock);
return retval;
krb5_error_code KRB5_CALLCONV
krb5_rc_dfl_close(krb5_context context, krb5_rcache id)
{
- krb5_error_code retval;
- retval = k5_mutex_lock(&id->lock);
- if (retval)
- return retval;
+ k5_mutex_lock(&id->lock);
krb5_rc_dfl_close_no_free(context, id);
k5_mutex_unlock(&id->lock);
k5_mutex_destroy(&id->lock);
/*
* Hash extension records have the format:
* client = <empty string>
- * server = HASH:<msghash> <clientlen>:<client> <serverlen>:<server>
+ * server = SHA256:<msghash> <clientlen>:<client> <serverlen>:<server>
* Spaces in the client and server string are represented with
* with backslashes. Client and server lengths are represented in
* ASCII decimal (which is different from the 32-bit binary we use
/* Check if this appears to match the hash extension format. */
if (*rep->client)
return 0;
- if (strncmp(rep->server, "HASH:", 5) != 0)
+ if (strncmp(rep->server, "SHA256:", 7) != 0)
return 0;
/* Parse out the message hash. */
- str = rep->server + 5;
+ str = rep->server + 7;
end = strchr(str, ' ');
if (!end)
return 0;
- msghash = malloc(end - str + 1);
+ msghash = k5memdup0(str, end - str, &retval);
if (!msghash)
return KRB5_RC_MALLOC;
- memcpy(msghash, str, end - str);
- msghash[end - str] = '\0';
str = end + 1;
/* Parse out the client and server. */
krb5_rc_dfl_recover(krb5_context context, krb5_rcache id)
{
krb5_error_code ret;
- ret = k5_mutex_lock(&id->lock);
- if (ret)
- return ret;
+
+ k5_mutex_lock(&id->lock);
ret = krb5_rc_dfl_recover_locked(context, id);
k5_mutex_unlock(&id->lock);
return ret;
{
krb5_error_code retval;
- retval = k5_mutex_lock(&id->lock);
- if (retval)
- return retval;
+ k5_mutex_lock(&id->lock);
retval = krb5_rc_dfl_recover_locked(context, id);
if (retval)
retval = krb5_rc_dfl_init_locked(context, id, lifespan);
krb5_donot_replay *rep)
{
size_t clientlen, serverlen;
- ssize_t buflen;
unsigned int len;
krb5_error_code ret;
struct k5buf buf, extbuf;
- char *bufptr, *extstr;
+ char *extstr;
clientlen = strlen(rep->client);
serverlen = strlen(rep->server);
*/
/* Format the extension value so we know its length. */
- krb5int_buf_init_dynamic(&extbuf);
- krb5int_buf_add_fmt(&extbuf, "HASH:%s %lu:%s %lu:%s", rep->msghash,
- (unsigned long) clientlen, rep->client,
- (unsigned long) serverlen, rep->server);
- extstr = krb5int_buf_data(&extbuf);
- if (!extstr)
+ k5_buf_init_dynamic(&extbuf);
+ k5_buf_add_fmt(&extbuf, "SHA256:%s %lu:%s %lu:%s", rep->msghash,
+ (unsigned long)clientlen, rep->client,
+ (unsigned long)serverlen, rep->server);
+ if (k5_buf_status(&extbuf) != 0)
return KRB5_RC_MALLOC;
+ extstr = extbuf.data;
/*
* Put the extension value into the server field of a
* regular-format record, with an empty client field.
*/
- krb5int_buf_init_dynamic(&buf);
+ k5_buf_init_dynamic(&buf);
len = 1;
- krb5int_buf_add_len(&buf, (char *) &len, sizeof(len));
- krb5int_buf_add_len(&buf, "", 1);
+ k5_buf_add_len(&buf, (char *)&len, sizeof(len));
+ k5_buf_add_len(&buf, "", 1);
len = strlen(extstr) + 1;
- krb5int_buf_add_len(&buf, (char *) &len, sizeof(len));
- krb5int_buf_add_len(&buf, extstr, len);
- krb5int_buf_add_len(&buf, (char *) &rep->cusec, sizeof(rep->cusec));
- krb5int_buf_add_len(&buf, (char *) &rep->ctime, sizeof(rep->ctime));
+ k5_buf_add_len(&buf, (char *)&len, sizeof(len));
+ k5_buf_add_len(&buf, extstr, len);
+ k5_buf_add_len(&buf, (char *)&rep->cusec, sizeof(rep->cusec));
+ k5_buf_add_len(&buf, (char *)&rep->ctime, sizeof(rep->ctime));
free(extstr);
} else /* No extension record needed. */
- krb5int_buf_init_dynamic(&buf);
+ k5_buf_init_dynamic(&buf);
len = clientlen + 1;
- krb5int_buf_add_len(&buf, (char *) &len, sizeof(len));
- krb5int_buf_add_len(&buf, rep->client, len);
+ k5_buf_add_len(&buf, (char *)&len, sizeof(len));
+ k5_buf_add_len(&buf, rep->client, len);
len = serverlen + 1;
- krb5int_buf_add_len(&buf, (char *) &len, sizeof(len));
- krb5int_buf_add_len(&buf, rep->server, len);
- krb5int_buf_add_len(&buf, (char *) &rep->cusec, sizeof(rep->cusec));
- krb5int_buf_add_len(&buf, (char *) &rep->ctime, sizeof(rep->ctime));
-
- bufptr = krb5int_buf_data(&buf);
- buflen = krb5int_buf_len(&buf);
- if (bufptr == NULL || buflen < 0)
+ k5_buf_add_len(&buf, (char *)&len, sizeof(len));
+ k5_buf_add_len(&buf, rep->server, len);
+ k5_buf_add_len(&buf, (char *)&rep->cusec, sizeof(rep->cusec));
+ k5_buf_add_len(&buf, (char *)&rep->ctime, sizeof(rep->ctime));
+
+ if (k5_buf_status(&buf) != 0)
return KRB5_RC_MALLOC;
- ret = krb5_rc_io_write(context, &t->d, bufptr, buflen);
- krb5int_free_buf(&buf);
+ ret = krb5_rc_io_write(context, &t->d, buf.data, buf.len);
+ k5_buf_free(&buf);
return ret;
}
if (ret)
return ret;
- ret = k5_mutex_lock(&id->lock);
- if (ret)
- return ret;
+ k5_mutex_lock(&id->lock);
switch(rc_store(context, id, rep, now, FALSE)) {
case CMP_MALLOC:
krb5_rc_dfl_expunge(krb5_context context, krb5_rcache id)
{
krb5_error_code ret;
- ret = k5_mutex_lock(&id->lock);
- if (ret)
- return ret;
+
+ k5_mutex_lock(&id->lock);
ret = krb5_rc_dfl_expunge_locked(context, id);
k5_mutex_unlock(&id->lock);
return ret;