LCOV - code coverage report
Current view: top level - source4/kdc - sdb_to_hdb.c (source / functions) Hit Total Coverage
Test: coverage report for support-claim-type-attributes 6b5c566e Lines: 148 203 72.9 %
Date: 2023-11-21 12:31:41 Functions: 7 7 100.0 %

          Line data    Source code
       1             : /*
       2             :    Unix SMB/CIFS implementation.
       3             : 
       4             :    Database Glue between Samba and the KDC
       5             : 
       6             :    Copyright (C) Guenther Deschner <gd@samba.org> 2014
       7             :    Copyright (C) Andreas Schneider <asn@samba.org> 2014
       8             : 
       9             :    This program is free software; you can redistribute it and/or modify
      10             :    it under the terms of the GNU General Public License as published by
      11             :    the Free Software Foundation; either version 3 of the License, or
      12             :    (at your option) any later version.
      13             : 
      14             :    This program is distributed in the hope that it will be useful,
      15             :    but WITHOUT ANY WARRANTY; without even the implied warranty of
      16             :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      17             :    GNU General Public License for more details.
      18             : 
      19             : 
      20             :    You should have received a copy of the GNU General Public License
      21             :    along with this program.  If not, see <http://www.gnu.org/licenses/>.
      22             : */
      23             : 
      24             : #include "includes.h"
      25             : #include <hdb.h>
      26             : #include "sdb.h"
      27             : #include "sdb_hdb.h"
      28             : #include "lib/krb5_wrap/krb5_samba.h"
      29             : #include "librpc/gen_ndr/security.h"
      30             : #include "kdc/samba_kdc.h"
      31             : 
      32             : #undef DBGC_CLASS
      33             : #define DBGC_CLASS DBGC_KERBEROS
      34             : 
      35      299785 : static void sdb_flags_to_hdb_flags(const struct SDBFlags *s,
      36             :                                    HDBFlags *h)
      37             : {
      38       10142 :         SMB_ASSERT(sizeof(struct SDBFlags) == sizeof(HDBFlags));
      39             : 
      40      299785 :         h->initial = s->initial;
      41      299785 :         h->forwardable = s->forwardable;
      42      299785 :         h->proxiable = s->proxiable;
      43      299785 :         h->renewable = s->renewable;
      44      299785 :         h->postdate = s->postdate;
      45      299785 :         h->server = s->server;
      46      299785 :         h->client = s->client;
      47      299785 :         h->invalid = s->invalid;
      48      299785 :         h->require_preauth = s->require_preauth;
      49      299785 :         h->change_pw = s->change_pw;
      50      299785 :         h->require_hwauth = s->require_hwauth;
      51      299785 :         h->ok_as_delegate = s->ok_as_delegate;
      52      299785 :         h->user_to_user = s->user_to_user;
      53      299785 :         h->immutable = s->immutable;
      54      299785 :         h->trusted_for_delegation = s->trusted_for_delegation;
      55      299785 :         h->allow_kerberos4 = s->allow_kerberos4;
      56      299785 :         h->allow_digest = s->allow_digest;
      57      299785 :         h->locked_out = s->locked_out;
      58      299785 :         h->require_pwchange = s->require_pwchange;
      59      299785 :         h->materialize = s->materialize;
      60      299785 :         h->virtual_keys = s->virtual_keys;
      61      299785 :         h->virtual = s->virtual;
      62      299785 :         h->synthetic = s->synthetic;
      63      299785 :         h->no_auth_data_reqd = s->no_auth_data_reqd;
      64      299785 :         h->auth_data_reqd = s->auth_data_reqd;
      65      299785 :         h->_unused25 = s->_unused25;
      66      299785 :         h->_unused26 = s->_unused26;
      67      299785 :         h->_unused27 = s->_unused27;
      68      299785 :         h->_unused28 = s->_unused28;
      69      299785 :         h->_unused29 = s->_unused29;
      70      299785 :         h->force_canonicalize = s->force_canonicalize;
      71      299785 :         h->do_not_store = s->do_not_store;
      72      299785 : }
      73             : 
      74      384411 : static int sdb_salt_to_Salt(const struct sdb_salt *s, Salt *h)
      75             : {
      76       14140 :         int ret;
      77             : 
      78      384411 :         *h = (struct Salt) {};
      79             : 
      80      384411 :         h->type = s->type;
      81      384411 :         ret = smb_krb5_copy_data_contents(&h->salt, s->salt.data, s->salt.length);
      82      384411 :         if (ret != 0) {
      83           0 :                 free_Salt(h);
      84           0 :                 return ENOMEM;
      85             :         }
      86             : 
      87      370271 :         return 0;
      88             : }
      89             : 
      90      520897 : static int sdb_key_to_Key(const struct sdb_key *s, Key *h)
      91             : {
      92       18212 :         int rc;
      93             : 
      94      520897 :         *h = (struct Key) {};
      95             : 
      96      520897 :         h->key.keytype = s->key.keytype;
      97      539109 :         rc = smb_krb5_copy_data_contents(&h->key.keyvalue,
      98      520897 :                                          s->key.keyvalue.data,
      99      520897 :                                          s->key.keyvalue.length);
     100      520897 :         if (rc != 0) {
     101           0 :                 goto error_nomem;
     102             :         }
     103             : 
     104      520897 :         if (s->salt != NULL) {
     105      384411 :                 h->salt = malloc(sizeof(Salt));
     106      384411 :                 if (h->salt == NULL) {
     107           0 :                         goto error_nomem;
     108             :                 }
     109             : 
     110      384411 :                 rc = sdb_salt_to_Salt(s->salt,
     111             :                                       h->salt);
     112      384411 :                 if (rc != 0) {
     113           0 :                         goto error_nomem;
     114             :                 }
     115             :         }
     116             : 
     117      502685 :         return 0;
     118             : 
     119           0 : error_nomem:
     120           0 :         free_Key(h);
     121           0 :         return ENOMEM;
     122             : }
     123             : 
     124      299785 : static int sdb_keys_to_Keys(const struct sdb_keys *s, Keys *h)
     125             : {
     126       10142 :         int ret, i;
     127             : 
     128      299785 :         *h = (struct Keys) {};
     129             : 
     130      299785 :         if (s->val != NULL) {
     131      298923 :                 h->val = malloc(s->len * sizeof(Key));
     132      298923 :                 if (h->val == NULL) {
     133           0 :                         return ENOMEM;
     134             :                 }
     135      814508 :                 for (i = 0; i < s->len; i++) {
     136      533725 :                         ret = sdb_key_to_Key(&s->val[i],
     137      515585 :                                              &h->val[i]);
     138      515585 :                         if (ret != 0) {
     139           0 :                                 free_Keys(h);
     140           0 :                                 return ENOMEM;
     141             :                         }
     142             : 
     143      515585 :                         ++h->len;
     144             :                 }
     145             :         }
     146             : 
     147      289643 :         return 0;
     148             : }
     149             : 
     150       64390 : static int sdb_keys_to_HistKeys(krb5_context context,
     151             :                                 const struct sdb_keys *s,
     152             :                                 krb5_kvno kvno,
     153             :                                 hdb_entry *h)
     154             : {
     155         661 :         unsigned int i;
     156             : 
     157       69702 :         for (i = 0; i < s->len; i++) {
     158        5312 :                 Key k = { 0, };
     159          72 :                 int ret;
     160             : 
     161        5312 :                 ret = sdb_key_to_Key(&s->val[i], &k);
     162        5312 :                 if (ret != 0) {
     163           0 :                         return ENOMEM;
     164             :                 }
     165        5312 :                 ret = hdb_add_history_key(context, h, kvno, &k);
     166        5312 :                 free_Key(&k);
     167        5312 :                 if (ret != 0) {
     168           0 :                         return ENOMEM;
     169             :                 }
     170             :         }
     171             : 
     172       63729 :         return 0;
     173             : }
     174             : 
     175      299785 : static int sdb_event_to_Event(krb5_context context,
     176             :                               const struct sdb_event *s, Event *h)
     177             : {
     178       10142 :         int ret;
     179             : 
     180      299785 :         *h = (struct Event) {};
     181             : 
     182      299785 :         if (s->principal != NULL) {
     183        1149 :                 ret = krb5_copy_principal(context,
     184        1149 :                                           s->principal,
     185        1149 :                                           &h->principal);
     186        1149 :                 if (ret != 0) {
     187           0 :                         free_Event(h);
     188           0 :                         return ret;
     189             :                 }
     190             :         }
     191      299785 :         h->time = s->time;
     192             : 
     193      299785 :         return 0;
     194             : }
     195             : 
     196      299785 : int sdb_entry_to_hdb_entry(krb5_context context,
     197             :                            const struct sdb_entry *s,
     198             :                            hdb_entry *h)
     199             : {
     200      299785 :         struct samba_kdc_entry *ske = s->skdc_entry;
     201       10142 :         unsigned int i;
     202       10142 :         int rc;
     203             : 
     204      299785 :         *h = (hdb_entry) {};
     205             : 
     206      299785 :         if (s->principal != NULL) {
     207      309927 :                 rc = krb5_copy_principal(context,
     208      289643 :                                          s->principal,
     209      299785 :                                          &h->principal);
     210      299785 :                 if (rc != 0) {
     211           0 :                         return rc;
     212             :                 }
     213             :         }
     214             : 
     215      299785 :         h->kvno = s->kvno;
     216             : 
     217      299785 :         rc = sdb_keys_to_Keys(&s->keys, &h->keys);
     218      299785 :         if (rc != 0) {
     219           0 :                 goto error;
     220             :         }
     221             : 
     222      299785 :         if (h->kvno > 1) {
     223       42741 :                 rc = sdb_keys_to_HistKeys(context,
     224             :                                           &s->old_keys,
     225       42132 :                                           h->kvno - 1,
     226             :                                           h);
     227       42132 :                 if (rc != 0) {
     228           0 :                         goto error;
     229             :                 }
     230             :         }
     231             : 
     232      299785 :         if (h->kvno > 2) {
     233       22310 :                 rc = sdb_keys_to_HistKeys(context,
     234             :                                           &s->older_keys,
     235       22258 :                                           h->kvno - 2,
     236             :                                           h);
     237       22258 :                 if (rc != 0) {
     238           0 :                         goto error;
     239             :                 }
     240             :         }
     241             : 
     242      299785 :         rc = sdb_event_to_Event(context,
     243             :                                  &s->created_by,
     244             :                                  &h->created_by);
     245      299785 :         if (rc != 0) {
     246           0 :                 goto error;
     247             :         }
     248             : 
     249      299785 :         if (s->modified_by) {
     250           0 :                 h->modified_by = malloc(sizeof(Event));
     251           0 :                 if (h->modified_by == NULL) {
     252           0 :                         rc = ENOMEM;
     253           0 :                         goto error;
     254             :                 }
     255             : 
     256           0 :                 rc = sdb_event_to_Event(context,
     257           0 :                                          s->modified_by,
     258             :                                          h->modified_by);
     259           0 :                 if (rc != 0) {
     260           0 :                         goto error;
     261             :                 }
     262             :         }
     263             : 
     264      299785 :         if (s->valid_start != NULL) {
     265           0 :                 h->valid_start = malloc(sizeof(KerberosTime));
     266           0 :                 if (h->valid_start == NULL) {
     267           0 :                         rc = ENOMEM;
     268           0 :                         goto error;
     269             :                 }
     270           0 :                 *h->valid_start = *s->valid_start;
     271             :         }
     272             : 
     273      299785 :         if (s->valid_end != NULL) {
     274           0 :                 h->valid_end = malloc(sizeof(KerberosTime));
     275           0 :                 if (h->valid_end == NULL) {
     276           0 :                         rc = ENOMEM;
     277           0 :                         goto error;
     278             :                 }
     279           0 :                 *h->valid_end = *s->valid_end;
     280             :         }
     281             : 
     282      299785 :         if (s->pw_end != NULL) {
     283       81382 :                 h->pw_end = malloc(sizeof(KerberosTime));
     284       81382 :                 if (h->pw_end == NULL) {
     285           0 :                         rc = ENOMEM;
     286           0 :                         goto error;
     287             :                 }
     288       81382 :                 *h->pw_end = *s->pw_end;
     289             :         }
     290             : 
     291      299785 :         if (s->max_life != NULL) {
     292      297774 :                 h->max_life = malloc(sizeof(*h->max_life));
     293      297774 :                 if (h->max_life == NULL) {
     294           0 :                         rc = ENOMEM;
     295           0 :                         goto error;
     296             :                 }
     297      297774 :                 *h->max_life = *s->max_life;
     298             :         }
     299             : 
     300      299785 :         if (s->max_renew != NULL) {
     301      297774 :                 h->max_renew = malloc(sizeof(*h->max_renew));
     302      297774 :                 if (h->max_renew == NULL) {
     303           0 :                         rc = ENOMEM;
     304           0 :                         goto error;
     305             :                 }
     306      297774 :                 *h->max_renew = *s->max_renew;
     307             :         }
     308             : 
     309      299785 :         sdb_flags_to_hdb_flags(&s->flags, &h->flags);
     310             : 
     311      299785 :         if (s->etypes != NULL) {
     312      298923 :                 h->etypes = malloc(sizeof(*h->etypes));
     313      298923 :                 if (h->etypes == NULL) {
     314           0 :                         rc = ENOMEM;
     315           0 :                         goto error;
     316             :                 }
     317             : 
     318      298923 :                 h->etypes->len = s->etypes->len;
     319             : 
     320      298923 :                 h->etypes->val = calloc(h->etypes->len, sizeof(int));
     321      298923 :                 if (h->etypes->val == NULL) {
     322           0 :                         rc = ENOMEM;
     323           0 :                         goto error;
     324             :                 }
     325             : 
     326      814508 :                 for (i = 0; i < h->etypes->len; i++) {
     327      515585 :                         h->etypes->val[i] = s->etypes->val[i];
     328             :                 }
     329             :         }
     330             : 
     331      299785 :         if (s->session_etypes != NULL) {
     332      219888 :                 h->session_etypes = malloc(sizeof(*h->session_etypes));
     333      219888 :                 if (h->session_etypes == NULL) {
     334           0 :                         rc = ENOMEM;
     335           0 :                         goto error;
     336             :                 }
     337             : 
     338      219888 :                 h->session_etypes->len = s->session_etypes->len;
     339             : 
     340      219888 :                 h->session_etypes->val = calloc(h->session_etypes->len, sizeof(*h->session_etypes->val));
     341      219888 :                 if (h->session_etypes->val == NULL) {
     342           0 :                         rc = ENOMEM;
     343           0 :                         goto error;
     344             :                 }
     345             : 
     346      851634 :                 for (i = 0; i < h->session_etypes->len; ++i) {
     347      631746 :                         h->session_etypes->val[i] = s->session_etypes->val[i];
     348             :                 }
     349             :         }
     350             : 
     351      299785 :         h->context = ske;
     352      299785 :         if (ske != NULL) {
     353      298923 :                 ske->kdc_entry = h;
     354             :         }
     355      289643 :         return 0;
     356           0 : error:
     357           0 :         free_hdb_entry(h);
     358           0 :         return rc;
     359             : }

Generated by: LCOV version 1.14