kaserver.c

samba最新软件

/*
 * Copyright (c) 1997 - 2005 Kungliga Tekniska H鰃skolan
 * (Royal Institute of Technology, Stockholm, Sweden). 
 * All rights reserved. 
 *
 * Redistribution and use in source and binary forms, with or without 
 * modification, are permitted provided that the following conditions 
 * are met: 
 *
 * 1. Redistributions of source code must retain the above copyright 
 *    notice, this list of conditions and the following disclaimer. 
 *
 * 2. Redistributions in binary form must reproduce the above copyright 
 *    notice, this list of conditions and the following disclaimer in the 
 *    documentation and/or other materials provided with the distribution. 
 *
 * 3. Neither the name of the Institute nor the names of its contributors 
 *    may be used to endorse or promote products derived from this software 
 *    without specific prior written permission. 
 *
 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
 * SUCH DAMAGE. 
 */

#include "kdc_locl.h"

RCSID("$Id: kaserver.c 21654 2007-07-21 17:30:18Z lha $");

#include <krb5-v4compat.h>
#include <rx.h>

#define KA_AUTHENTICATION_SERVICE 731
#define KA_TICKET_GRANTING_SERVICE 732
#define KA_MAINTENANCE_SERVICE 733

#define AUTHENTICATE_OLD	 1
#define CHANGEPASSWORD		 2
#define GETTICKET_OLD		 3
#define SETPASSWORD		 4
#define SETFIELDS		 5
#define CREATEUSER		 6
#define DELETEUSER		 7
#define GETENTRY		 8
#define LISTENTRY		 9
#define GETSTATS		10
#define DEBUG			11
#define GETPASSWORD		12
#define GETRANDOMKEY		13
#define AUTHENTICATE		21
#define AUTHENTICATE_V2		22
#define GETTICKET		23

/* XXX - Where do we get these? */

#define RXGEN_OPCODE (-455)

#define KADATABASEINCONSISTENT                   (180480L)
#define KAEXIST                                  (180481L)
#define KAIO                                     (180482L)
#define KACREATEFAIL                             (180483L)
#define KANOENT                                  (180484L)
#define KAEMPTY                                  (180485L)
#define KABADNAME                                (180486L)
#define KABADINDEX                               (180487L)
#define KANOAUTH                                 (180488L)
#define KAANSWERTOOLONG                          (180489L)
#define KABADREQUEST                             (180490L)
#define KAOLDINTERFACE                           (180491L)
#define KABADARGUMENT                            (180492L)
#define KABADCMD                                 (180493L)
#define KANOKEYS                                 (180494L)
#define KAREADPW                                 (180495L)
#define KABADKEY                                 (180496L)
#define KAUBIKINIT                               (180497L)
#define KAUBIKCALL                               (180498L)
#define KABADPROTOCOL                            (180499L)
#define KANOCELLS                                (180500L)
#define KANOCELL                                 (180501L)
#define KATOOMANYUBIKS                           (180502L)
#define KATOOMANYKEYS                            (180503L)
#define KABADTICKET                              (180504L)
#define KAUNKNOWNKEY                             (180505L)
#define KAKEYCACHEINVALID                        (180506L)
#define KABADSERVER                              (180507L)
#define KABADUSER                                (180508L)
#define KABADCPW                                 (180509L)
#define KABADCREATE                              (180510L)
#define KANOTICKET                               (180511L)
#define KAASSOCUSER                              (180512L)
#define KANOTSPECIAL                             (180513L)
#define KACLOCKSKEW                              (180514L)
#define KANORECURSE                              (180515L)
#define KARXFAIL                                 (180516L)
#define KANULLPASSWORD                           (180517L)
#define KAINTERNALERROR                          (180518L)
#define KAPWEXPIRED                              (180519L)
#define KAREUSED                                 (180520L)
#define KATOOSOON                                (180521L)
#define KALOCKED                                 (180522L)


static krb5_error_code
decode_rx_header (krb5_storage *sp,
		  struct rx_header *h)
{
    krb5_error_code ret;

    ret = krb5_ret_uint32(sp, &h->epoch);
    if (ret) return ret;
    ret = krb5_ret_uint32(sp, &h->connid);
    if (ret) return ret;
    ret = krb5_ret_uint32(sp, &h->callid);
    if (ret) return ret;
    ret = krb5_ret_uint32(sp, &h->seqno);
    if (ret) return ret;
    ret = krb5_ret_uint32(sp, &h->serialno);
    if (ret) return ret;
    ret = krb5_ret_uint8(sp,  &h->type);
    if (ret) return ret;
    ret = krb5_ret_uint8(sp,  &h->flags);
    if (ret) return ret;
    ret = krb5_ret_uint8(sp,  &h->status);
    if (ret) return ret;
    ret = krb5_ret_uint8(sp,  &h->secindex);
    if (ret) return ret;
    ret = krb5_ret_uint16(sp, &h->reserved);
    if (ret) return ret;
    ret = krb5_ret_uint16(sp, &h->serviceid);
    if (ret) return ret;

    return 0;
}

static krb5_error_code
encode_rx_header (struct rx_header *h,
		  krb5_storage *sp)
{
    krb5_error_code ret;

    ret = krb5_store_uint32(sp, h->epoch);
    if (ret) return ret;
    ret = krb5_store_uint32(sp, h->connid);
    if (ret) return ret;
    ret = krb5_store_uint32(sp, h->callid);
    if (ret) return ret;
    ret = krb5_store_uint32(sp, h->seqno);
    if (ret) return ret;
    ret = krb5_store_uint32(sp, h->serialno);
    if (ret) return ret;
    ret = krb5_store_uint8(sp,  h->type);
    if (ret) return ret;
    ret = krb5_store_uint8(sp,  h->flags);
    if (ret) return ret;
    ret = krb5_store_uint8(sp,  h->status);
    if (ret) return ret;
    ret = krb5_store_uint8(sp,  h->secindex);
    if (ret) return ret;
    ret = krb5_store_uint16(sp, h->reserved);
    if (ret) return ret;
    ret = krb5_store_uint16(sp, h->serviceid);
    if (ret) return ret;

    return 0;
}

static void
init_reply_header (struct rx_header *hdr,
		   struct rx_header *reply_hdr,
		   u_char type,
		   u_char flags)
{
    reply_hdr->epoch     = hdr->epoch;
    reply_hdr->connid    = hdr->connid;
    reply_hdr->callid    = hdr->callid;
    reply_hdr->seqno     = 1;
    reply_hdr->serialno  = 1;
    reply_hdr->type      = type;
    reply_hdr->flags     = flags;
    reply_hdr->status    = 0;
    reply_hdr->secindex  = 0;
    reply_hdr->reserved  = 0;
    reply_hdr->serviceid = hdr->serviceid;
}

/*
 * Create an error `reply