/src/krb5/src/lib/krad/internal.h

Source
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* lib/krad/internal.h - Internal declarations for libkrad */
/*
 * Copyright 2013 Red Hat, Inc.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 *    1. Redistributions of source code must retain the above copyright
 *       notice, this list of conditions and the following disclaimer.
 *
 *    2. Redistributions in binary form must reproduce the above copyright
 *       notice, this list of conditions and the following disclaimer in
 *       the documentation and/or other materials provided with the
 *       distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
 * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
 * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#ifndef INTERNAL_H_
#define INTERNAL_H_

#include <k5-int.h>
#include "krad.h"

#include <errno.h>

#include <sys/types.h>
#include <sys/socket.h>
#include <netdb.h>

#ifndef UCHAR_MAX
#define UCHAR_MAX 255
#endif

#define MD5_DIGEST_SIZE 16

/* RFC 2865 */
#define MAX_ATTRSIZE (UCHAR_MAX - 2)
#define MAX_ATTRSETSIZE (KRAD_PACKET_SIZE_MAX - 20)

typedef struct krad_remote_st krad_remote;

/* Validate constraints of an attribute. */
krb5_error_code
kr_attr_valid(krad_attr type, const krb5_data *data);

/* Encode an attribute. */
krb5_error_code
kr_attr_encode(krb5_context ctx, const char *secret, const unsigned char *auth,
               krad_attr type, const krb5_data *in,
               unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen);

/* Decode an attribute. */
krb5_error_code
kr_attr_decode(krb5_context ctx, const char *secret, const unsigned char *auth,
               krad_attr type, const krb5_data *in,
               unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen);

/* Encode set into outbuf.  If add_msgauth is true, include a zeroed
 * Message-Authenticator as the first attribute. */
krb5_error_code
kr_attrset_encode(const krad_attrset *set, const char *secret,
                  const uint8_t *auth, krb5_boolean add_msgauth,
                  unsigned char outbuf[MAX_ATTRSETSIZE], size_t *outlen);

/* Decode attributes from a buffer. */
krb5_error_code
kr_attrset_decode(krb5_context ctx, const krb5_data *in, const char *secret,
                  const unsigned char *auth, krad_attrset **set);

/* Create a new remote object which manages a socket and the state of
 * outstanding requests. */
krb5_error_code
kr_remote_new(krb5_context kctx, verto_ctx *vctx, const struct addrinfo *info,
              const char *secret, krad_remote **rr);

/* Free a remote object. */
void
kr_remote_free(krad_remote *rr);

/*
 * Send the packet to the remote. The cb will be called when a response is
 * received, the request times out, the request is canceled or an error occurs.
 *
 * The timeout parameter is the total timeout across all retries in
 * milliseconds.
 *
 * If the cb is called with a retval of ETIMEDOUT it indicates that the
 * allotted time has elapsed. However, in the case of a timeout, we continue to
 * listen for the packet until krad_remote_cancel() is called or a response is
 * received. This means that cb will always be called twice in the event of a
 * timeout. This permits you to pursue other remotes while still listening for
 * a response from the first one.
 */
krb5_error_code
kr_remote_send(krad_remote *rr, krad_code code, krad_attrset *attrs,
               krad_cb cb, void *data, int timeout, size_t retries,
               const krad_packet **pkt);

/* Remove packet from the queue of requests awaiting responses. */
void
kr_remote_cancel(krad_remote *rr, const krad_packet *pkt);

/* Cancel all requests awaiting responses. */
void
kr_remote_cancel_all(krad_remote *rr);

/* Determine if this remote object refers to the remote resource identified
 * by the addrinfo struct and the secret. */
krb5_boolean
kr_remote_equals(const krad_remote *rr, const struct addrinfo *info,
                 const char *secret);

/* Adapted from lib/krb5/os/sendto_kdc.c. */
static inline krb5_error_code
gai_error_code(int err)
{
    switch (err) {
    case 0:
        return 0;
    case EAI_BADFLAGS:
    case EAI_FAMILY:
    case EAI_SOCKTYPE:
    case EAI_SERVICE:
#ifdef EAI_ADDRFAMILY
    case EAI_ADDRFAMILY:
#endif
        return EINVAL;
    case EAI_AGAIN:
        return EAGAIN;
    case EAI_MEMORY:
        return ENOMEM;
#if defined(EAI_NODATA) && EAI_NODATA != EAI_NONAME
    case EAI_NODATA:
#endif
    case EAI_NONAME:
        return EADDRNOTAVAIL;
#ifdef EAI_OVERFLOW
    case EAI_OVERFLOW:
        return EOVERFLOW;
#endif
#ifdef EAI_SYSTEM
    case EAI_SYSTEM:
        return errno;
#endif
    default:
        return EINVAL;
    }
}

#endif /* INTERNAL_H_ */

Line	Count	Source
1		/* -- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -- */
2		/* lib/krad/internal.h - Internal declarations for libkrad */
3		/*
4		* Copyright 2013 Red Hat, Inc. All rights reserved.
5		*
6		* Redistribution and use in source and binary forms, with or without
7		* modification, are permitted provided that the following conditions are met:
8		*
9		* 1. Redistributions of source code must retain the above copyright
10		* notice, this list of conditions and the following disclaimer.
11		*
12		* 2. Redistributions in binary form must reproduce the above copyright
13		* notice, this list of conditions and the following disclaimer in
14		* the documentation and/or other materials provided with the
15		* distribution.
16		*
17		* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
18		* IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
19		* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
20		* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
21		* OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22		* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
23		* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
24		* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
25		* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
26		* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
27		* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28		*/
29
30		#ifndef INTERNAL_H_
31		#define INTERNAL_H_
32
33		#include <k5-int.h>
34		#include "krad.h"
35
36		#include <errno.h>
37
38		#include <sys/types.h>
39		#include <sys/socket.h>
40		#include <netdb.h>
41
42		#ifndef UCHAR_MAX
43		#define UCHAR_MAX 255
44		#endif
45
46	0	#define MD5_DIGEST_SIZE 16
47
48		/* RFC 2865 */
49	1.83k	#define MAX_ATTRSIZE (UCHAR_MAX - 2)
50	690	#define MAX_ATTRSETSIZE (KRAD_PACKET_SIZE_MAX - 20)
51
52		typedef struct krad_remote_st krad_remote;
53
54		/* Validate constraints of an attribute. */
55		krb5_error_code
56		kr_attr_valid(krad_attr type, const krb5_data *data);
57
58		/* Encode an attribute. */
59		krb5_error_code
60		kr_attr_encode(krb5_context ctx, const char secret, const unsigned char auth,
61		krad_attr type, const krb5_data *in,
62		unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen);
63
64		/* Decode an attribute. */
65		krb5_error_code
66		kr_attr_decode(krb5_context ctx, const char secret, const unsigned char auth,
67		krad_attr type, const krb5_data *in,
68		unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen);
69
70		/* Encode set into outbuf. If add_msgauth is true, include a zeroed
71		* Message-Authenticator as the first attribute. */
72		krb5_error_code
73		kr_attrset_encode(const krad_attrset set, const char secret,
74		const uint8_t *auth, krb5_boolean add_msgauth,
75		unsigned char outbuf[MAX_ATTRSETSIZE], size_t *outlen);
76
77		/* Decode attributes from a buffer. */
78		krb5_error_code
79		kr_attrset_decode(krb5_context ctx, const krb5_data in, const char secret,
80		const unsigned char auth, krad_attrset *set);
81
82		/* Create a new remote object which manages a socket and the state of
83		* outstanding requests. */
84		krb5_error_code
85		kr_remote_new(krb5_context kctx, verto_ctx vctx, const struct addrinfo info,
86		const char secret, krad_remote *rr);
87
88		/* Free a remote object. */
89		void
90		kr_remote_free(krad_remote *rr);
91
92		/*
93		* Send the packet to the remote. The cb will be called when a response is
94		* received, the request times out, the request is canceled or an error occurs.
95		*
96		* The timeout parameter is the total timeout across all retries in
97		* milliseconds.
98		*
99		* If the cb is called with a retval of ETIMEDOUT it indicates that the
100		* allotted time has elapsed. However, in the case of a timeout, we continue to
101		* listen for the packet until krad_remote_cancel() is called or a response is
102		* received. This means that cb will always be called twice in the event of a
103		* timeout. This permits you to pursue other remotes while still listening for
104		* a response from the first one.
105		*/
106		krb5_error_code
107		kr_remote_send(krad_remote rr, krad_code code, krad_attrset attrs,
108		krad_cb cb, void *data, int timeout, size_t retries,
109		const krad_packet **pkt);
110
111		/* Remove packet from the queue of requests awaiting responses. */
112		void
113		kr_remote_cancel(krad_remote rr, const krad_packet pkt);
114
115		/* Cancel all requests awaiting responses. */
116		void
117		kr_remote_cancel_all(krad_remote *rr);
118
119		/* Determine if this remote object refers to the remote resource identified
120		* by the addrinfo struct and the secret. */
121		krb5_boolean
122		kr_remote_equals(const krad_remote rr, const struct addrinfo info,
123		const char *secret);
124
125		/* Adapted from lib/krb5/os/sendto_kdc.c. */
126		static inline krb5_error_code
127		gai_error_code(int err)
128	0	{
129	0	switch (err) {
130	0	case 0:
131	0	return 0;
132	0	case EAI_BADFLAGS:
133	0	case EAI_FAMILY:
134	0	case EAI_SOCKTYPE:
135	0	case EAI_SERVICE:
136	0	#ifdef EAI_ADDRFAMILY
137	0	case EAI_ADDRFAMILY:
138	0	#endif
139	0	return EINVAL;
140	0	case EAI_AGAIN:
141	0	return EAGAIN;
142	0	case EAI_MEMORY:
143	0	return ENOMEM;
144	0	#if defined(EAI_NODATA) && EAI_NODATA != EAI_NONAME
145	0	case EAI_NODATA:
146	0	#endif
147	0	case EAI_NONAME:
148	0	return EADDRNOTAVAIL;
149	0	#ifdef EAI_OVERFLOW
150	0	case EAI_OVERFLOW:
151	0	return EOVERFLOW;
152	0	#endif
153	0	#ifdef EAI_SYSTEM
154	0	case EAI_SYSTEM:
155	0	return errno;
156	0	#endif
157	0	default:
158	0	return EINVAL;
159	0	}
160	0	} Unexecuted instantiation: fuzz_attrset.c:gai_error_code Unexecuted instantiation: attrset.c:gai_error_code Unexecuted instantiation: attr.c:gai_error_code
161
162		#endif /* INTERNAL_H_ */

Coverage Report

Created: 2026-05-24 06:04