|
Packit |
fd8b60 |
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
Packit |
fd8b60 |
/* lib/krad/internal.h - Internal declarations for libkrad */
|
|
Packit |
fd8b60 |
/*
|
|
Packit |
fd8b60 |
* Copyright 2013 Red Hat, Inc. All rights reserved.
|
|
Packit |
fd8b60 |
*
|
|
Packit |
fd8b60 |
* Redistribution and use in source and binary forms, with or without
|
|
Packit |
fd8b60 |
* modification, are permitted provided that the following conditions are met:
|
|
Packit |
fd8b60 |
*
|
|
Packit |
fd8b60 |
* 1. Redistributions of source code must retain the above copyright
|
|
Packit |
fd8b60 |
* notice, this list of conditions and the following disclaimer.
|
|
Packit |
fd8b60 |
*
|
|
Packit |
fd8b60 |
* 2. Redistributions in binary form must reproduce the above copyright
|
|
Packit |
fd8b60 |
* notice, this list of conditions and the following disclaimer in
|
|
Packit |
fd8b60 |
* the documentation and/or other materials provided with the
|
|
Packit |
fd8b60 |
* distribution.
|
|
Packit |
fd8b60 |
*
|
|
Packit |
fd8b60 |
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
|
|
Packit |
fd8b60 |
* IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
|
|
Packit |
fd8b60 |
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
Packit |
fd8b60 |
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
|
|
Packit |
fd8b60 |
* OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
|
|
Packit |
fd8b60 |
* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
|
Packit |
fd8b60 |
* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
|
|
Packit |
fd8b60 |
* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
|
Packit |
fd8b60 |
* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
|
|
Packit |
fd8b60 |
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
|
Packit |
fd8b60 |
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
Packit |
fd8b60 |
*/
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
#ifndef INTERNAL_H_
|
|
Packit |
fd8b60 |
#define INTERNAL_H_
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
#include <k5-int.h>
|
|
Packit |
fd8b60 |
#include "krad.h"
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
#include <errno.h>
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
#include <sys/types.h>
|
|
Packit |
fd8b60 |
#include <sys/socket.h>
|
|
Packit |
fd8b60 |
#include <netdb.h>
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
#ifndef UCHAR_MAX
|
|
Packit |
fd8b60 |
#define UCHAR_MAX 255
|
|
Packit |
fd8b60 |
#endif
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
/* RFC 2865 */
|
|
Packit |
fd8b60 |
#define MAX_ATTRSIZE (UCHAR_MAX - 2)
|
|
Packit |
fd8b60 |
#define MAX_ATTRSETSIZE (KRAD_PACKET_SIZE_MAX - 20)
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
typedef struct krad_remote_st krad_remote;
|
|
Packit |
fd8b60 |
|
|
rpm-build |
3d32d0 |
struct krad_packet_st {
|
|
rpm-build |
3d32d0 |
char buffer[KRAD_PACKET_SIZE_MAX];
|
|
rpm-build |
3d32d0 |
krad_attrset *attrset;
|
|
rpm-build |
3d32d0 |
krb5_data pkt;
|
|
rpm-build |
3d32d0 |
krb5_boolean is_fips;
|
|
rpm-build |
3d32d0 |
};
|
|
rpm-build |
3d32d0 |
|
|
Packit |
fd8b60 |
/* Validate constraints of an attribute. */
|
|
Packit |
fd8b60 |
krb5_error_code
|
|
Packit |
fd8b60 |
kr_attr_valid(krad_attr type, const krb5_data *data);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
/* Encode an attribute. */
|
|
Packit |
fd8b60 |
krb5_error_code
|
|
Packit |
fd8b60 |
kr_attr_encode(krb5_context ctx, const char *secret, const unsigned char *auth,
|
|
Packit |
fd8b60 |
krad_attr type, const krb5_data *in,
|
|
rpm-build |
3d32d0 |
unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen,
|
|
rpm-build |
3d32d0 |
krb5_boolean *is_fips);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
/* Decode an attribute. */
|
|
Packit |
fd8b60 |
krb5_error_code
|
|
Packit |
fd8b60 |
kr_attr_decode(krb5_context ctx, const char *secret, const unsigned char *auth,
|
|
Packit |
fd8b60 |
krad_attr type, const krb5_data *in,
|
|
Packit |
fd8b60 |
unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
/* Encode the attributes into the buffer. */
|
|
Packit |
fd8b60 |
krb5_error_code
|
|
Packit |
fd8b60 |
kr_attrset_encode(const krad_attrset *set, const char *secret,
|
|
Packit |
fd8b60 |
const unsigned char *auth,
|
|
rpm-build |
3d32d0 |
unsigned char outbuf[MAX_ATTRSETSIZE], size_t *outlen,
|
|
rpm-build |
3d32d0 |
krb5_boolean *is_fips);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
/* Decode attributes from a buffer. */
|
|
Packit |
fd8b60 |
krb5_error_code
|
|
Packit |
fd8b60 |
kr_attrset_decode(krb5_context ctx, const krb5_data *in, const char *secret,
|
|
Packit |
fd8b60 |
const unsigned char *auth, krad_attrset **set);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
/* Create a new remote object which manages a socket and the state of
|
|
Packit |
fd8b60 |
* outstanding requests. */
|
|
Packit |
fd8b60 |
krb5_error_code
|
|
Packit |
fd8b60 |
kr_remote_new(krb5_context kctx, verto_ctx *vctx, const struct addrinfo *info,
|
|
Packit |
fd8b60 |
const char *secret, krad_remote **rr);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
/* Free a remote object. */
|
|
Packit |
fd8b60 |
void
|
|
Packit |
fd8b60 |
kr_remote_free(krad_remote *rr);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
/*
|
|
Packit |
fd8b60 |
* Send the packet to the remote. The cb will be called when a response is
|
|
Packit |
fd8b60 |
* received, the request times out, the request is canceled or an error occurs.
|
|
Packit |
fd8b60 |
*
|
|
Packit |
fd8b60 |
* The timeout parameter is the total timeout across all retries in
|
|
Packit |
fd8b60 |
* milliseconds.
|
|
Packit |
fd8b60 |
*
|
|
Packit |
fd8b60 |
* If the cb is called with a retval of ETIMEDOUT it indicates that the alloted
|
|
Packit |
fd8b60 |
* time has elapsed. However, in the case of a timeout, we continue to listen
|
|
Packit |
fd8b60 |
* for the packet until krad_remote_cancel() is called or a response is
|
|
Packit |
fd8b60 |
* received. This means that cb will always be called twice in the event of a
|
|
Packit |
fd8b60 |
* timeout. This permits you to pursue other remotes while still listening for
|
|
Packit |
fd8b60 |
* a response from the first one.
|
|
Packit |
fd8b60 |
*/
|
|
Packit |
fd8b60 |
krb5_error_code
|
|
Packit |
fd8b60 |
kr_remote_send(krad_remote *rr, krad_code code, krad_attrset *attrs,
|
|
Packit |
fd8b60 |
krad_cb cb, void *data, int timeout, size_t retries,
|
|
Packit |
fd8b60 |
const krad_packet **pkt);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
/* Remove packet from the queue of requests awaiting responses. */
|
|
Packit |
fd8b60 |
void
|
|
Packit |
fd8b60 |
kr_remote_cancel(krad_remote *rr, const krad_packet *pkt);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
/* Determine if this remote object refers to the remote resource identified
|
|
Packit |
fd8b60 |
* by the addrinfo struct and the secret. */
|
|
Packit |
fd8b60 |
krb5_boolean
|
|
Packit |
fd8b60 |
kr_remote_equals(const krad_remote *rr, const struct addrinfo *info,
|
|
Packit |
fd8b60 |
const char *secret);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
/* Adapted from lib/krb5/os/sendto_kdc.c. */
|
|
Packit |
fd8b60 |
static inline krb5_error_code
|
|
Packit |
fd8b60 |
gai_error_code(int err)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
switch (err) {
|
|
Packit |
fd8b60 |
case 0:
|
|
Packit |
fd8b60 |
return 0;
|
|
Packit |
fd8b60 |
case EAI_BADFLAGS:
|
|
Packit |
fd8b60 |
case EAI_FAMILY:
|
|
Packit |
fd8b60 |
case EAI_SOCKTYPE:
|
|
Packit |
fd8b60 |
case EAI_SERVICE:
|
|
Packit |
fd8b60 |
#ifdef EAI_ADDRFAMILY
|
|
Packit |
fd8b60 |
case EAI_ADDRFAMILY:
|
|
Packit |
fd8b60 |
#endif
|
|
Packit |
fd8b60 |
return EINVAL;
|
|
Packit |
fd8b60 |
case EAI_AGAIN:
|
|
Packit |
fd8b60 |
return EAGAIN;
|
|
Packit |
fd8b60 |
case EAI_MEMORY:
|
|
Packit |
fd8b60 |
return ENOMEM;
|
|
Packit |
fd8b60 |
#if defined(EAI_NODATA) && EAI_NODATA != EAI_NONAME
|
|
Packit |
fd8b60 |
case EAI_NODATA:
|
|
Packit |
fd8b60 |
#endif
|
|
Packit |
fd8b60 |
case EAI_NONAME:
|
|
Packit |
fd8b60 |
return EADDRNOTAVAIL;
|
|
Packit |
fd8b60 |
#ifdef EAI_OVERFLOW
|
|
Packit |
fd8b60 |
case EAI_OVERFLOW:
|
|
Packit |
fd8b60 |
return EOVERFLOW;
|
|
Packit |
fd8b60 |
#endif
|
|
Packit |
fd8b60 |
#ifdef EAI_SYSTEM
|
|
Packit |
fd8b60 |
case EAI_SYSTEM:
|
|
Packit |
fd8b60 |
return errno;
|
|
Packit |
fd8b60 |
#endif
|
|
Packit |
fd8b60 |
default:
|
|
Packit |
fd8b60 |
return EINVAL;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
#endif /* INTERNAL_H_ */
|