oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

simplify error handling

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14911 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2005-04-24 13:44:02 +00:00
parent 18d9ee7631
commit ea79507d4f
1 changed files with 103 additions and 251 deletions
Download Patch File Download Diff File Expand all files Collapse all files

354
lib/krb5/v4_glue.c
View File

@@ -36,6 +36,14 @@ RCSID("$Id$");
#include "krb5-v4compat.h" #include "krb5-v4compat.h"
/*
*
*/
#define RCHECK(r,func,label) \
do { (r) = func ; if (r) goto label; } while(0);
/* include this here, to avoid dependencies on libkrb */ /* include this here, to avoid dependencies on libkrb */
static const int _tkt_lifetimes[TKTLIFENUMFIXED] = { static const int _tkt_lifetimes[TKTLIFENUMFIXED] = {
@@ -237,38 +245,22 @@ _krb5_krb_tf_setup(krb5_context context,
krb5_clear_error_string(context); krb5_clear_error_string(context);
if (!append) { if (!append) {
ret = krb5_store_stringz(sp, v4creds->pname); RCHECK(ret, krb5_store_stringz(sp, v4creds->pname), error);
if (ret < 0) RCHECK(ret, krb5_store_stringz(sp, v4creds->pinst), error);
goto error;
ret = krb5_store_stringz(sp, v4creds->pinst);
if (ret < 0)
goto error;
} }
/* cred */ /* cred */
ret = krb5_store_stringz(sp, v4creds->service); RCHECK(ret, krb5_store_stringz(sp, v4creds->service), error);
if (ret < 0) RCHECK(ret, krb5_store_stringz(sp, v4creds->instance), error);
goto error; RCHECK(ret, krb5_store_stringz(sp, v4creds->realm), error);
ret = krb5_store_stringz(sp, v4creds->instance);
if (ret < 0)
goto error;
ret = krb5_store_stringz(sp, v4creds->realm);
if (ret < 0)
goto error;
ret = krb5_storage_write(sp, v4creds->session, 8); ret = krb5_storage_write(sp, v4creds->session, 8);
if (ret != 8) { if (ret != 8) {
ret = KRB5_CC_IO; ret = KRB5_CC_IO;
goto error; goto error;
} }
ret = krb5_store_int32(sp, v4creds->lifetime); RCHECK(ret, krb5_store_int32(sp, v4creds->lifetime), error);
if (ret) RCHECK(ret, krb5_store_int32(sp, v4creds->kvno), error);
goto error; RCHECK(ret, krb5_store_int32(sp, v4creds->ticket_st.length), error);
ret = krb5_store_int32(sp, v4creds->kvno);
if (ret)
goto error;
ret = krb5_store_int32(sp, v4creds->ticket_st.length);
if (ret)
goto error;
ret = krb5_storage_write(sp, v4creds->ticket_st.dat, ret = krb5_storage_write(sp, v4creds->ticket_st.dat,
v4creds->ticket_st.length); v4creds->ticket_st.length);
@@ -276,9 +268,7 @@ _krb5_krb_tf_setup(krb5_context context,
ret = KRB5_CC_IO; ret = KRB5_CC_IO;
goto error; goto error;
} }
ret = krb5_store_int32(sp, v4creds->issue_date); RCHECK(ret, krb5_store_int32(sp, v4creds->issue_date), error);
if (ret)
goto error;
ret = write_v4_cc(context, tkfile, sp, append); ret = write_v4_cc(context, tkfile, sp, append);
@@ -395,18 +385,13 @@ put_nir(krb5_storage *sp, const char *name,
{ {
krb5_error_code ret; krb5_error_code ret;
ret = krb5_store_stringz(sp, name); RCHECK(ret, krb5_store_stringz(sp, name), error);
if (ret) RCHECK(ret, krb5_store_stringz(sp, instance), error);
return ret;
ret = krb5_store_stringz(sp, instance);
if (ret)
return ret;
if (realm) { if (realm) {
ret = krb5_store_stringz(sp, realm); RCHECK(ret, krb5_store_stringz(sp, realm), error);
if (ret)
return ret;
} }
return 0; error:
return ret;
} }
/* /*
@@ -440,20 +425,9 @@ _krb5_krb_create_ticket(krb5_context context,
} }
krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE); krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE);
/* flags */ RCHECK(ret, krb5_store_int8(sp, flags), error);
ret = krb5_store_int8(sp, flags); RCHECK(ret, put_nir(sp, pname, pinstance, prealm), error);
if (ret) RCHECK(ret, krb5_store_int32(sp, ntohl(paddress)), error);
goto error;
/* client nir */
ret = put_nir(sp, pname, pinstance, prealm);
if (ret)
goto error;
/* address */
ret = krb5_store_int32(sp, ntohl(paddress));
if (ret)
goto error;
/* session key */ /* session key */
ret = krb5_storage_write(sp, ret = krb5_storage_write(sp,
@@ -464,20 +438,9 @@ _krb5_krb_create_ticket(krb5_context context,
goto error; goto error;
} }
/* life time */ RCHECK(ret, krb5_store_int8(sp, life), error);
ret = krb5_store_int8(sp, life); RCHECK(ret, krb5_store_int32(sp, life_sec), error);
if (ret) RCHECK(ret, put_nir(sp, sname, sinstance, NULL), error);
goto error;
/* issue time */
ret = krb5_store_int32(sp, life_sec);
if (ret)
goto error;
/* service nir */
ret = put_nir(sp, sname, sinstance, NULL);
if (ret)
goto error;
ret = storage_to_etext(context, sp, key, enc_data); ret = storage_to_etext(context, sp, key, enc_data);
@@ -527,34 +490,16 @@ _krb5_krb_create_ciph(krb5_context context,
goto error; goto error;
} }
ret = put_nir(sp, service, instance, realm); RCHECK(ret, put_nir(sp, service, instance, realm), error);
if (ret) RCHECK(ret, krb5_store_int8(sp, life), error);
goto error; RCHECK(ret, krb5_store_int8(sp, kvno), error);
RCHECK(ret, krb5_store_int8(sp, ticket->length), error);
/* life time */
ret = krb5_store_int8(sp, life);
if (ret)
goto error;
/* kvno */
ret = krb5_store_int8(sp, kvno);
if (ret)
goto error;
/* ticket */
ret = krb5_store_int8(sp, ticket->length);
if (ret)
goto error;
ret = krb5_storage_write(sp, ticket->data, ticket->length); ret = krb5_storage_write(sp, ticket->data, ticket->length);
if (ret != ticket->length) { if (ret != ticket->length) {
ret = EINVAL; ret = EINVAL;
goto error; goto error;
} }
RCHECK(ret, krb5_store_int32(sp, kdc_time), error);
/* kdc time */
ret = krb5_store_int32(sp, kdc_time);
if (ret)
goto error;
ret = storage_to_etext(context, sp, key, enc_data); ret = storage_to_etext(context, sp, key, enc_data);
@@ -594,37 +539,14 @@ _krb5_krb_create_auth_reply(krb5_context context,
} }
krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE); krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE);
ret = krb5_store_int8(sp, KRB_PROT_VERSION); RCHECK(ret, krb5_store_int8(sp, KRB_PROT_VERSION), error);
if (ret) RCHECK(ret, krb5_store_int8(sp, AUTH_MSG_KDC_REPLY), error);
goto error; RCHECK(ret, put_nir(sp, pname, pinst, prealm), error);
RCHECK(ret, krb5_store_int32(sp, time_ws), error);
ret = krb5_store_int8(sp, AUTH_MSG_KDC_REPLY); RCHECK(ret, krb5_store_int8(sp, n), error);
if (ret) RCHECK(ret, krb5_store_int32(sp, x_date), error);
goto error; RCHECK(ret, krb5_store_int8(sp, kvno), error);
RCHECK(ret, krb5_store_int16(sp, cipher->length), error);
ret = put_nir(sp, pname, pinst, prealm);
if (ret)
goto error;
ret = krb5_store_int32(sp, time_ws);
if (ret)
goto error;
ret = krb5_store_int8(sp, n);
if (ret)
goto error;
ret = krb5_store_int32(sp, x_date);
if (ret)
goto error;
ret = krb5_store_int8(sp, kvno);
if (ret)
goto error;
ret = krb5_store_int16(sp, cipher->length);
if (ret)
goto error;
ret = krb5_storage_write(sp, cipher->data, cipher->length); ret = krb5_storage_write(sp, cipher->data, cipher->length);
if (ret != cipher->length) { if (ret != cipher->length) {
ret = EINVAL; ret = EINVAL;
@@ -660,6 +582,11 @@ _krb5_krb_cr_err_reply(krb5_context context,
krb5_data_zero(data); krb5_data_zero(data);
if (name == NULL) name = "";
if (inst == NULL) inst = "";
if (realm == NULL) realm = "";
if (e_string == NULL) e_string = "";
sp = krb5_storage_emem(); sp = krb5_storage_emem();
if (sp == NULL) { if (sp == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_string(context, "malloc: out of memory");
@@ -667,36 +594,12 @@ _krb5_krb_cr_err_reply(krb5_context context,
} }
krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE); krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE);
ret = krb5_store_int8(sp, KRB_PROT_VERSION); RCHECK(ret, krb5_store_int8(sp, KRB_PROT_VERSION), error);
if (ret) RCHECK(ret, krb5_store_int8(sp, AUTH_MSG_ERR_REPLY), error);
goto error; RCHECK(ret, put_nir(sp, name, inst, realm), error);
RCHECK(ret, krb5_store_int32(sp, time_ws), error);
ret = krb5_store_int8(sp, AUTH_MSG_ERR_REPLY); RCHECK(ret, krb5_store_int32(sp, e), error);
if (ret) RCHECK(ret, krb5_store_stringz(sp, e_string), error);
goto error;
if (name == NULL) name = "";
if (inst == NULL) inst = "";
if (realm == NULL) realm = "";
ret = put_nir(sp, name, inst, realm);
if (ret)
goto error;
ret = krb5_store_int32(sp, time_ws);
if (ret)
goto error;
ret = krb5_store_int32(sp, e);
if (ret)
goto error;
if (e_string == NULL)
e_string = "";
ret = krb5_store_stringz(sp, e_string);
if (ret)
goto error;
ret = krb5_storage_to_data(sp, data); ret = krb5_storage_to_data(sp, data);
@@ -728,27 +631,28 @@ get_v4_stringz(krb5_storage *sp, char **str, size_t max_len)
* *
*/ */
static krb5_error_code KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_FUNCTION
decomp_ticket(krb5_context context, _krb5_krb_decomp_ticket(krb5_context context,
const krb5_data *enc_ticket, const krb5_data *enc_ticket,
const krb5_keyblock *key, const krb5_keyblock *key,
const char *local_realm, const char *local_realm,
char **sname, char **sname,
char **sinstance, char **sinstance,
struct _krb5_krb_auth_data *ad) struct _krb5_krb_auth_data *ad)
{ {
krb5_error_code ret; krb5_error_code ret;
krb5_ssize_t size; krb5_ssize_t size;
krb5_storage *sp; krb5_storage *sp = NULL;
krb5_data ticket; krb5_data ticket;
unsigned char des_key[8]; unsigned char des_key[8];
memset(ad, 0, sizeof(*ad));
krb5_data_zero(&ticket);
*sname = NULL; *sname = NULL;
*sinstance = NULL; *sinstance = NULL;
ret = decrypt_etext(context, key, enc_ticket, &ticket); RCHECK(ret, decrypt_etext(context, key, enc_ticket, &ticket), error);
if (ret)
return ret;
sp = krb5_storage_from_data(&ticket); sp = krb5_storage_from_data(&ticket);
if (sp == NULL) { if (sp == NULL) {
@@ -759,21 +663,32 @@ decomp_ticket(krb5_context context,
krb5_storage_set_eof_code(sp, EINVAL); /* XXX */ krb5_storage_set_eof_code(sp, EINVAL); /* XXX */
ret = krb5_ret_int8(sp, &ad->k_flags); RCHECK(ret, krb5_ret_int8(sp, &ad->k_flags), error);
if (ret) RCHECK(ret, get_v4_stringz(sp, &ad->pname, ANAME_SZ), error);
RCHECK(ret, get_v4_stringz(sp, &ad->pinst, INST_SZ), error);
RCHECK(ret, get_v4_stringz(sp, &ad->prealm, REALM_SZ), error);
RCHECK(ret, krb5_ret_int32(sp, &ad->address), error);
size = krb5_storage_read(sp, des_key, sizeof(des_key));
if (size != sizeof(des_key)) {
ret = EINVAL; /* XXX */
goto error; goto error;
}
/* XXX check lengths of principals */ RCHECK(ret, krb5_ret_int8(sp, &ad->life), error);
ret = get_v4_stringz(sp, &ad->pname, ANAME_SZ); if (ad->k_flags & 1)
if (ret) krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_LE);
goto error; else
krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE);
ret = get_v4_stringz(sp, &ad->pinst, INST_SZ); RCHECK(ret, krb5_ret_int32(sp, &ad->time_sec), error);
if (ret)
goto error;
ret = get_v4_stringz(sp, &ad->prealm, REALM_SZ); RCHECK(ret, get_v4_stringz(sp, sname, ANAME_SZ), error);
RCHECK(ret, get_v4_stringz(sp, sinstance, INST_SZ), error);
ret = krb5_keyblock_init(context, ETYPE_DES_PCBC_NONE,
des_key, sizeof(des_key), &ad->session);
if (ret) if (ret)
goto error; goto error;
@@ -786,42 +701,10 @@ decomp_ticket(krb5_context context,
} }
} }
ret = krb5_ret_int32(sp, &ad->address);
if (ret)
goto error;
size = krb5_storage_read(sp, des_key, sizeof(des_key));
if (size != sizeof(des_key)) {
ret = EINVAL; /* XXX */
goto error;
}
ret = krb5_keyblock_init(context, ETYPE_DES_PCBC_NONE,
des_key, sizeof(des_key), &ad->session);
if (ret)
goto error;
ret = krb5_ret_int8(sp, &ad->life);
if (ret)
goto error;
if (ad->k_flags & 1)
krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_LE);
else
krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE);
krb5_ret_int32(sp, &ad->time_sec);
ret = get_v4_stringz(sp, sname, ANAME_SZ);
if (ret)
goto error;
ret = get_v4_stringz(sp, sinstance, INST_SZ);
if (ret)
goto error;
error: error:
krb5_storage_free(sp); memset(des_key, 0, sizeof(des_key));
if (sp)
krb5_storage_free(sp);
krb5_data_free(&ticket); krb5_data_free(&ticket);
if (ret) { if (ret) {
if (*sname) { if (*sname) {
@@ -909,25 +792,11 @@ _krb5_krb_rd_req(krb5_context context,
goto error; goto error;
} }
ret = krb5_ret_int8(sp, &s_kvno); RCHECK(ret, krb5_ret_int8(sp, &s_kvno), error);
if (ret) RCHECK(ret, get_v4_stringz(sp, &realm, REALM_SZ), error);
goto error; RCHECK(ret, krb5_ret_int8(sp, &ticket_length), error);
RCHECK(ret, krb5_ret_int8(sp, &eaut_length), error);
ret = get_v4_stringz(sp, &realm, REALM_SZ); RCHECK(ret, krb5_data_alloc(&ticket, ticket_length), error);
if (ret)
goto error;
ret = krb5_ret_int8(sp, &ticket_length);
if (ret)
goto error;
ret = krb5_ret_int8(sp, &eaut_length);
if (ret)
goto error;
ret = krb5_data_alloc(&ticket, ticket_length);
if (ret)
goto error;
size = krb5_storage_read(sp, ticket.data, ticket.length); size = krb5_storage_read(sp, ticket.data, ticket.length);
if (size != ticket.length) { if (size != ticket.length) {
@@ -936,14 +805,12 @@ _krb5_krb_rd_req(krb5_context context,
} }
/* Decrypt and take apart ticket */ /* Decrypt and take apart ticket */
ret = decomp_ticket(context, &ticket, key, local_realm, ret = _krb5_krb_decomp_ticket(context, &ticket, key, local_realm,
&sname, &sinstance, ad); &sname, &sinstance, ad);
if (ret) if (ret)
goto error; goto error;
ret = krb5_data_alloc(&eaut, eaut_length); RCHECK(ret, krb5_data_alloc(&eaut, eaut_length), error);
if (ret)
goto error;
size = krb5_storage_read(sp, eaut.data, eaut.length); size = krb5_storage_read(sp, eaut.data, eaut.length);
if (size != eaut.length) { if (size != eaut.length) {
@@ -970,28 +837,13 @@ _krb5_krb_rd_req(krb5_context context,
else else
krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE); krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE);
RCHECK(ret, get_v4_stringz(sp, &r_name, ANAME_SZ), error);
RCHECK(ret, get_v4_stringz(sp, &r_instance, INST_SZ), error);
RCHECK(ret, get_v4_stringz(sp, &r_realm, REALM_SZ), error);
ret = get_v4_stringz(sp, &r_name, ANAME_SZ); RCHECK(ret, krb5_ret_int32(sp, &ad->checksum), error);
if (ret) RCHECK(ret, krb5_ret_int8(sp, &time_5ms), error);
goto error; RCHECK(ret, krb5_ret_int32(sp, &r_time_sec), error);
ret = get_v4_stringz(sp, &r_instance, INST_SZ);
if (ret)
goto error;
ret = get_v4_stringz(sp, &r_realm, REALM_SZ);
if (ret)
goto error;
ret = krb5_ret_int32(sp, &ad->checksum);
if (ret)
goto error;
ret = krb5_ret_int8(sp, &time_5ms);
if (ret)
goto error;
ret = krb5_ret_int32(sp, &r_time_sec);
if (ret)
goto error;
if (strcmp(ad->pname, r_name) != 0 || if (strcmp(ad->pname, r_name) != 0 ||
strcmp(ad->pinst, r_instance) != 0 || strcmp(ad->pinst, r_instance) != 0 ||