LCOV - code coverage report
Current view: top level - source4/kdc/mit-kdb - kdb_samba_common.c (source / functions) Hit Total Coverage
Test: coverage report for master 2f515e9b Lines: 26 31 83.9 %
Date: 2024-04-21 15:09:00 Functions: 5 6 83.3 % 

          Line data    Source code
       1             : /*
       2             :    Unix SMB/CIFS implementation.
       3             : 
       4             :    Samba KDB plugin for MIT Kerberos
       5             : 
       6             :    Copyright (c) 2010      Simo Sorce <idra@samba.org>.
       7             :    Copyright (c) 2014      Andreas Schneider <asn@samba.org>
       8             : 
       9             :    This program is free software; you can redistribute it and/or modify
      10             :    it under the terms of the GNU General Public License as published by
      11             :    the Free Software Foundation; either version 3 of the License, or
      12             :    (at your option) any later version.
      13             : 
      14             :    This program is distributed in the hope that it will be useful,
      15             :    but WITHOUT ANY WARRANTY; without even the implied warranty of
      16             :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      17             :    GNU General Public License for more details.
      18             : 
      19             :    You should have received a copy of the GNU General Public License
      20             :    along with this program.  If not, see <http://www.gnu.org/licenses/>.
      21             : */
      22             : 
      23             : #include "includes.h"
      24             : 
      25             : #include "system/kerberos.h"
      26             : 
      27             : #include <profile.h>
      28             : #include <kdb.h>
      29             : 
      30             : #include "kdc/mit_samba.h"
      31             : #include "kdb_samba.h"
      32             : 
      33             : #undef DBGC_CLASS
      34             : #define DBGC_CLASS DBGC_KERBEROS
      35             : 
      36         201 : struct mit_samba_context *ks_get_context(krb5_context kcontext)
      37             : {
      38         201 :         struct mit_samba_context *mit_ctx = NULL;
      39         201 :         void *db_ctx = NULL;
      40             :         krb5_error_code code;
      41             : 
      42         201 :         code = krb5_db_get_context(kcontext, &db_ctx);
      43         201 :         if (code != 0) {
      44           0 :                 return NULL;
      45             :         }
      46             : 
      47         201 :         mit_ctx = talloc_get_type_abort(db_ctx, struct mit_samba_context);
      48             : 
      49             :         /*
      50             :          * This is nomrally the starting point for Kerberos operations in
      51             :          * MIT KRB5, so reset errno to 0 for possible com_err debug messages.
      52             :          */
      53         201 :         errno = 0;
      54             : 
      55         201 :         return mit_ctx;
      56             : }
      57             : 
      58         644 : bool ks_data_eq_string(krb5_data d, const char *s)
      59             : {
      60             :         int rc;
      61             : 
      62         644 :         if (d.length != strlen(s) || d.length == 0) {
      63         276 :                 return false;
      64             :         }
      65             : 
      66         368 :         rc = memcmp(d.data, s, d.length);
      67         368 :         if (rc != 0) {
      68           0 :                 return false;
      69             :         }
      70             : 
      71         368 :         return true;
      72             : }
      73             : 
      74           0 : krb5_boolean ks_is_kadmin(krb5_context context,
      75             :                           krb5_const_principal princ)
      76             : {
      77           0 :         return krb5_princ_size(context, princ) >= 1 &&
      78           0 :                ks_data_eq_string(princ->data[0], "kadmin");
      79             : }
      80             : 
      81          92 : krb5_boolean ks_is_kadmin_history(krb5_context context,
      82             :                                   krb5_const_principal princ)
      83             : {
      84          92 :         return krb5_princ_size(context, princ) == 2 &&
      85         184 :                ks_data_eq_string(princ->data[0], "kadmin") &&
      86          92 :                ks_data_eq_string(princ->data[1], "history");
      87             : }
      88             : 
      89          92 : krb5_boolean ks_is_kadmin_changepw(krb5_context context,
      90             :                                    krb5_const_principal princ)
      91             : {
      92          92 :         return krb5_princ_size(context, princ) == 2 &&
      93         184 :                ks_data_eq_string(princ->data[0], "kadmin") &&
      94          92 :                ks_data_eq_string(princ->data[1], "changepw");
      95             : }
      96             : 
      97          92 : krb5_boolean ks_is_kadmin_admin(krb5_context context,
      98             :                                 krb5_const_principal princ)
      99             : {
     100          92 :         return krb5_princ_size(context, princ) == 2 &&
     101         184 :                ks_data_eq_string(princ->data[0], "kadmin") &&
     102          92 :                ks_data_eq_string(princ->data[1], "admin");
     103             : }

Generated by: LCOV version 1.14