windc.c revision 1.1.1.1.4.1
1 1.1.1.1.4.1 yamt /* $NetBSD: windc.c,v 1.1.1.1.4.1 2014/05/22 13:21:25 yamt Exp $ */ 2 1.1 elric 3 1.1 elric /* 4 1.1 elric * Copyright (c) 2007 Kungliga Tekniska Hgskolan 5 1.1 elric * (Royal Institute of Technology, Stockholm, Sweden). 6 1.1 elric * All rights reserved. 7 1.1 elric * 8 1.1 elric * Redistribution and use in source and binary forms, with or without 9 1.1 elric * modification, are permitted provided that the following conditions 10 1.1 elric * are met: 11 1.1 elric * 12 1.1 elric * 1. Redistributions of source code must retain the above copyright 13 1.1 elric * notice, this list of conditions and the following disclaimer. 14 1.1 elric * 15 1.1 elric * 2. Redistributions in binary form must reproduce the above copyright 16 1.1 elric * notice, this list of conditions and the following disclaimer in the 17 1.1 elric * documentation and/or other materials provided with the distribution. 18 1.1 elric * 19 1.1 elric * 3. Neither the name of the Institute nor the names of its contributors 20 1.1 elric * may be used to endorse or promote products derived from this software 21 1.1 elric * without specific prior written permission. 22 1.1 elric * 23 1.1 elric * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 24 1.1 elric * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 1.1 elric * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 1.1 elric * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 27 1.1 elric * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 1.1 elric * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 1.1 elric * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 1.1 elric * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 1.1 elric * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 1.1 elric * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 1.1 elric * SUCH DAMAGE. 34 1.1 elric */ 35 1.1 elric 36 1.1 elric #include "kdc_locl.h" 37 1.1 elric 38 1.1 elric static krb5plugin_windc_ftable *windcft; 39 1.1 elric static void *windcctx; 40 1.1 elric 41 1.1 elric /* 42 1.1 elric * Pick the first WINDC module that we find. 43 1.1 elric */ 44 1.1 elric 45 1.1 elric krb5_error_code 46 1.1 elric krb5_kdc_windc_init(krb5_context context) 47 1.1 elric { 48 1.1 elric struct krb5_plugin *list = NULL, *e; 49 1.1 elric krb5_error_code ret; 50 1.1 elric 51 1.1 elric ret = _krb5_plugin_find(context, PLUGIN_TYPE_DATA, "windc", &list); 52 1.1 elric if(ret != 0 || list == NULL) 53 1.1 elric return 0; 54 1.1 elric 55 1.1 elric for (e = list; e != NULL; e = _krb5_plugin_get_next(e)) { 56 1.1 elric 57 1.1 elric windcft = _krb5_plugin_get_symbol(e); 58 1.1 elric if (windcft->minor_version < KRB5_WINDC_PLUGIN_MINOR) 59 1.1 elric continue; 60 1.1.1.1.4.1 yamt 61 1.1 elric (*windcft->init)(context, &windcctx); 62 1.1 elric break; 63 1.1 elric } 64 1.1 elric _krb5_plugin_free(list); 65 1.1 elric if (e == NULL) { 66 1.1 elric krb5_set_error_message(context, ENOENT, "Did not find any WINDC plugin"); 67 1.1 elric windcft = NULL; 68 1.1 elric return ENOENT; 69 1.1 elric } 70 1.1 elric 71 1.1 elric return 0; 72 1.1 elric } 73 1.1 elric 74 1.1 elric 75 1.1 elric krb5_error_code 76 1.1 elric _kdc_pac_generate(krb5_context context, 77 1.1 elric hdb_entry_ex *client, 78 1.1 elric krb5_pac *pac) 79 1.1 elric { 80 1.1 elric *pac = NULL; 81 1.1 elric if (windcft == NULL) 82 1.1 elric return 0; 83 1.1 elric return (windcft->pac_generate)(windcctx, context, client, pac); 84 1.1 elric } 85 1.1 elric 86 1.1 elric krb5_error_code 87 1.1 elric _kdc_pac_verify(krb5_context context, 88 1.1 elric const krb5_principal client_principal, 89 1.1.1.1.4.1 yamt const krb5_principal delegated_proxy_principal, 90 1.1 elric hdb_entry_ex *client, 91 1.1 elric hdb_entry_ex *server, 92 1.1 elric hdb_entry_ex *krbtgt, 93 1.1 elric krb5_pac *pac, 94 1.1 elric int *verified) 95 1.1 elric { 96 1.1 elric krb5_error_code ret; 97 1.1 elric 98 1.1 elric if (windcft == NULL) 99 1.1 elric return 0; 100 1.1 elric 101 1.1 elric ret = windcft->pac_verify(windcctx, context, 102 1.1.1.1.4.1 yamt client_principal, 103 1.1.1.1.4.1 yamt delegated_proxy_principal, 104 1.1.1.1.4.1 yamt client, server, krbtgt, pac); 105 1.1 elric if (ret == 0) 106 1.1 elric *verified = 1; 107 1.1 elric return ret; 108 1.1 elric } 109 1.1 elric 110 1.1 elric krb5_error_code 111 1.1 elric _kdc_check_access(krb5_context context, 112 1.1 elric krb5_kdc_configuration *config, 113 1.1 elric hdb_entry_ex *client_ex, const char *client_name, 114 1.1 elric hdb_entry_ex *server_ex, const char *server_name, 115 1.1 elric KDC_REQ *req, 116 1.1 elric krb5_data *e_data) 117 1.1 elric { 118 1.1 elric if (windcft == NULL) 119 1.1 elric return kdc_check_flags(context, config, 120 1.1 elric client_ex, client_name, 121 1.1 elric server_ex, server_name, 122 1.1 elric req->msg_type == krb_as_req); 123 1.1 elric 124 1.1.1.1.4.1 yamt return (windcft->client_access)(windcctx, 125 1.1.1.1.4.1 yamt context, config, 126 1.1.1.1.4.1 yamt client_ex, client_name, 127 1.1.1.1.4.1 yamt server_ex, server_name, 128 1.1 elric req, e_data); 129 1.1 elric } 130
Indexes created Tue Apr 28 00:22:25 UTC 2026