1/* $NetBSD$ */ 2 3/* 4 * Copyright (c) 2005, PADL Software Pty Ltd. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 18 * 3. Neither the name of PADL Software nor the names of its contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 */ 34 35#include "kcm_locl.h" 36 37__RCSID("$NetBSD$"); 38 39/* thread-safe in case we multi-thread later */ 40static HEIMDAL_MUTEX events_mutex = HEIMDAL_MUTEX_INITIALIZER; 41static kcm_event *events_head = NULL; 42static time_t last_run = 0; 43 44static char *action_strings[] = { 45 "NONE", "ACQUIRE_CREDS", "RENEW_CREDS", 46 "DESTROY_CREDS", "DESTROY_EMPTY_CACHE" }; 47 48krb5_error_code 49kcm_enqueue_event(krb5_context context, 50 kcm_event *event) 51{ 52 krb5_error_code ret; 53 54 if (event->action == KCM_EVENT_NONE) { 55 return 0; 56 } 57 58 HEIMDAL_MUTEX_lock(&events_mutex); 59 ret = kcm_enqueue_event_internal(context, event); 60 HEIMDAL_MUTEX_unlock(&events_mutex); 61 62 return ret; 63} 64 65static void 66print_times(time_t time, char buf[64]) 67{ 68 if (time) 69 strftime(buf, 64, "%m-%dT%H:%M", gmtime(&time)); 70 else 71 strlcpy(buf, "never", 64); 72} 73 74static void 75log_event(kcm_event *event, char *msg) 76{ 77 char fire_time[64], expire_time[64]; 78 79 print_times(event->fire_time, fire_time); 80 print_times(event->expire_time, expire_time); 81 82 kcm_log(7, "%s event %08x: fire_time %s fire_count %d expire_time %s " 83 "backoff_time %d action %s cache %s", 84 msg, event, fire_time, event->fire_count, expire_time, 85 event->backoff_time, action_strings[event->action], 86 event->ccache->name); 87} 88 89krb5_error_code 90kcm_enqueue_event_internal(krb5_context context, 91 kcm_event *event) 92{ 93 kcm_event **e; 94 95 if (event->action == KCM_EVENT_NONE) 96 return 0; 97 98 for (e = &events_head; *e != NULL; e = &(*e)->next) 99 ; 100 101 *e = (kcm_event *)malloc(sizeof(kcm_event)); 102 if (*e == NULL) { 103 return KRB5_CC_NOMEM; 104 } 105 106 (*e)->valid = 1; 107 (*e)->fire_time = event->fire_time; 108 (*e)->fire_count = 0; 109 (*e)->expire_time = event->expire_time; 110 (*e)->backoff_time = event->backoff_time; 111 112 (*e)->action = event->action; 113 114 kcm_retain_ccache(context, event->ccache); 115 (*e)->ccache = event->ccache; 116 (*e)->next = NULL; 117 118 log_event(*e, "enqueuing"); 119 120 return 0; 121} 122 123/* 124 * Dump events list on SIGUSR2 125 */ 126krb5_error_code 127kcm_debug_events(krb5_context context) 128{ 129 kcm_event *e; 130 131 for (e = events_head; e != NULL; e = e->next) 132 log_event(e, "debug"); 133 134 return 0; 135} 136 137krb5_error_code 138kcm_enqueue_event_relative(krb5_context context, 139 kcm_event *event) 140{ 141 krb5_error_code ret; 142 kcm_event e; 143 144 e = *event; 145 e.backoff_time = e.fire_time; 146 e.fire_time += time(NULL); 147 148 ret = kcm_enqueue_event(context, &e); 149 150 return ret; 151} 152 153static krb5_error_code 154kcm_remove_event_internal(krb5_context context, 155 kcm_event **e) 156{ 157 kcm_event *next; 158 159 next = (*e)->next; 160 161 (*e)->valid = 0; 162 (*e)->fire_time = 0; 163 (*e)->fire_count = 0; 164 (*e)->expire_time = 0; 165 (*e)->backoff_time = 0; 166 kcm_release_ccache(context, (*e)->ccache); 167 (*e)->next = NULL; 168 free(*e); 169 170 *e = next; 171 172 return 0; 173} 174 175static int 176is_primary_credential_p(krb5_context context, 177 kcm_ccache ccache, 178 krb5_creds *newcred) 179{ 180 krb5_flags whichfields; 181 182 if (ccache->client == NULL) 183 return 0; 184 185 if (newcred->client == NULL || 186 !krb5_principal_compare(context, ccache->client, newcred->client)) 187 return 0; 188 189 /* XXX just checks whether it's the first credential in the cache */ 190 if (ccache->creds == NULL) 191 return 0; 192 193 whichfields = KRB5_TC_MATCH_KEYTYPE | KRB5_TC_MATCH_FLAGS_EXACT | 194 KRB5_TC_MATCH_TIMES_EXACT | KRB5_TC_MATCH_AUTHDATA | 195 KRB5_TC_MATCH_2ND_TKT | KRB5_TC_MATCH_IS_SKEY; 196 197 return krb5_compare_creds(context, whichfields, newcred, &ccache->creds->cred); 198} 199 200/* 201 * Setup default events for a new credential 202 */ 203static krb5_error_code 204kcm_ccache_make_default_event(krb5_context context, 205 kcm_event *event, 206 krb5_creds *newcred) 207{ 208 krb5_error_code ret = 0; 209 kcm_ccache ccache = event->ccache; 210 211 event->fire_time = 0; 212 event->expire_time = 0; 213 event->backoff_time = KCM_EVENT_DEFAULT_BACKOFF_TIME; 214 215 if (newcred == NULL) { 216 /* no creds, must be acquire creds request */ 217 if ((ccache->flags & KCM_MASK_KEY_PRESENT) == 0) { 218 kcm_log(0, "Cannot acquire credentials without a key"); 219 return KRB5_FCC_INTERNAL; 220 } 221 222 event->fire_time = time(NULL); /* right away */ 223 event->action = KCM_EVENT_ACQUIRE_CREDS; 224 } else if (is_primary_credential_p(context, ccache, newcred)) { 225 if (newcred->flags.b.renewable) { 226 event->action = KCM_EVENT_RENEW_CREDS; 227 ccache->flags |= KCM_FLAGS_RENEWABLE; 228 } else { 229 if (ccache->flags & KCM_MASK_KEY_PRESENT) 230 event->action = KCM_EVENT_ACQUIRE_CREDS; 231 else 232 event->action = KCM_EVENT_NONE; 233 ccache->flags &= ~(KCM_FLAGS_RENEWABLE); 234 } 235 /* requeue with some slop factor */ 236 event->fire_time = newcred->times.endtime - KCM_EVENT_QUEUE_INTERVAL; 237 } else { 238 event->action = KCM_EVENT_NONE; 239 } 240 241 return ret; 242} 243 244krb5_error_code 245kcm_ccache_enqueue_default(krb5_context context, 246 kcm_ccache ccache, 247 krb5_creds *newcred) 248{ 249 kcm_event event; 250 krb5_error_code ret; 251 252 memset(&event, 0, sizeof(event)); 253 event.ccache = ccache; 254 255 ret = kcm_ccache_make_default_event(context, &event, newcred); 256 if (ret) 257 return ret; 258 259 ret = kcm_enqueue_event_internal(context, &event); 260 if (ret) 261 return ret; 262 263 return 0; 264} 265 266krb5_error_code 267kcm_remove_event(krb5_context context, 268 kcm_event *event) 269{ 270 krb5_error_code ret; 271 kcm_event **e; 272 int found = 0; 273 274 log_event(event, "removing"); 275 276 HEIMDAL_MUTEX_lock(&events_mutex); 277 for (e = &events_head; *e != NULL; e = &(*e)->next) { 278 if (event == *e) { 279 *e = event->next; 280 found++; 281 break; 282 } 283 } 284 285 if (!found) { 286 ret = KRB5_CC_NOTFOUND; 287 goto out; 288 } 289 290 ret = kcm_remove_event_internal(context, &event); 291 292out: 293 HEIMDAL_MUTEX_unlock(&events_mutex); 294 295 return ret; 296} 297 298krb5_error_code 299kcm_cleanup_events(krb5_context context, 300 kcm_ccache ccache) 301{ 302 kcm_event **e; 303 304 KCM_ASSERT_VALID(ccache); 305 306 HEIMDAL_MUTEX_lock(&events_mutex); 307 308 for (e = &events_head; *e != NULL; e = &(*e)->next) { 309 if ((*e)->valid && (*e)->ccache == ccache) { 310 kcm_remove_event_internal(context, e); 311 } 312 if (*e == NULL) 313 break; 314 } 315 316 HEIMDAL_MUTEX_unlock(&events_mutex); 317 318 return 0; 319} 320 321static krb5_error_code 322kcm_fire_event(krb5_context context, 323 kcm_event **e) 324{ 325 kcm_event *event; 326 krb5_error_code ret; 327 krb5_creds *credp = NULL; 328 int oneshot = 1; 329 330 event = *e; 331 332 switch (event->action) { 333 case KCM_EVENT_ACQUIRE_CREDS: 334 ret = kcm_ccache_acquire(context, event->ccache, &credp); 335 oneshot = 0; 336 break; 337 case KCM_EVENT_RENEW_CREDS: 338 ret = kcm_ccache_refresh(context, event->ccache, &credp); 339 if (ret == KRB5KRB_AP_ERR_TKT_EXPIRED) { 340 ret = kcm_ccache_acquire(context, event->ccache, &credp); 341 } 342 oneshot = 0; 343 break; 344 case KCM_EVENT_DESTROY_CREDS: 345 ret = kcm_ccache_destroy(context, event->ccache->name); 346 break; 347 case KCM_EVENT_DESTROY_EMPTY_CACHE: 348 ret = kcm_ccache_destroy_if_empty(context, event->ccache); 349 break; 350 default: 351 ret = KRB5_FCC_INTERNAL; 352 break; 353 } 354 355 event->fire_count++; 356 357 if (ret) { 358 /* Reschedule failed event for another time */ 359 event->fire_time += event->backoff_time; 360 if (event->backoff_time < KCM_EVENT_MAX_BACKOFF_TIME) 361 event->backoff_time *= 2; 362 363 /* Remove it if it would never get executed */ 364 if (event->expire_time && 365 event->fire_time > event->expire_time) 366 kcm_remove_event_internal(context, e); 367 } else { 368 if (!oneshot) { 369 char *cpn; 370 371 if (krb5_unparse_name(context, event->ccache->client, 372 &cpn)) 373 cpn = NULL; 374 375 kcm_log(0, "%s credentials in cache %s for principal %s", 376 (event->action == KCM_EVENT_ACQUIRE_CREDS) ? 377 "Acquired" : "Renewed", 378 event->ccache->name, 379 (cpn != NULL) ? cpn : "<none>"); 380 381 if (cpn != NULL) 382 free(cpn); 383 384 /* Succeeded, but possibly replaced with another event */ 385 ret = kcm_ccache_make_default_event(context, event, credp); 386 if (ret || event->action == KCM_EVENT_NONE) 387 oneshot = 1; 388 else 389 log_event(event, "requeuing"); 390 } 391 if (oneshot) 392 kcm_remove_event_internal(context, e); 393 } 394 395 return ret; 396} 397 398krb5_error_code 399kcm_run_events(krb5_context context, time_t now) 400{ 401 krb5_error_code ret; 402 kcm_event **e; 403 404 HEIMDAL_MUTEX_lock(&events_mutex); 405 406 /* Only run event queue every N seconds */ 407 if (now < last_run + KCM_EVENT_QUEUE_INTERVAL) { 408 HEIMDAL_MUTEX_unlock(&events_mutex); 409 return 0; 410 } 411 412 /* go through events list, fire and expire */ 413 for (e = &events_head; *e != NULL; e = &(*e)->next) { 414 if ((*e)->valid == 0) 415 continue; 416 417 if (now >= (*e)->fire_time) { 418 ret = kcm_fire_event(context, e); 419 if (ret) { 420 kcm_log(1, "Could not fire event for cache %s: %s", 421 (*e)->ccache->name, krb5_get_err_text(context, ret)); 422 } 423 } else if ((*e)->expire_time && now >= (*e)->expire_time) { 424 ret = kcm_remove_event_internal(context, e); 425 if (ret) { 426 kcm_log(1, "Could not expire event for cache %s: %s", 427 (*e)->ccache->name, krb5_get_err_text(context, ret)); 428 } 429 } 430 431 if (*e == NULL) 432 break; 433 } 434 435 last_run = now; 436 437 HEIMDAL_MUTEX_unlock(&events_mutex); 438 439 return 0; 440} 441 442