OpenVAS Scanner 23.43.1
nasl_krb5.c File Reference
#include "nasl_krb5.h"
#include "../misc/openvas-krb5.h"
#include "nasl_debug.h"
#include "nasl_func.h"
#include "nasl_global_ctxt.h"
#include "nasl_lex_ctxt.h"
#include "nasl_tree.h"
#include "nasl_var.h"
#include <gvm/base/networking.h>
#include <netinet/in.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
Include dependency graph for nasl_krb5.c:

Go to the source code of this file.

Macros

#define NASL_PRINT_KRB_ERROR(lexic, credential, result)
#define SET_SLICE_FROM_LEX_OR_ENV(lexic, slice, name, env_name)
#define PERROR_SET_SLICE_FROM_LEX_OR_ENV(lexic, slice, name, env_name)

Functions

static OKrb5Credential build_krb5_credential (lex_ctxt *lexic)
tree_cellnasl_okrb5_find_kdc (lex_ctxt *lexic)
 Returns the defined KDC of a given Realm.
tree_cellnasl_okrb5_add_realm (lex_ctxt *lexic)
 Adds the given KDC to the given Realm.
tree_cellnasl_okrb5_is_success (lex_ctxt *lexic)
 Returns 1 if the krb5 function was successful 0 otherwise.
tree_cellnasl_okrb5_is_failure (lex_ctxt *lexic)
 Returns 0 if the krb5 function was successful and 1 if it failed.
tree_cellnasl_okrb5_gss_init (lex_ctxt *lexic)
tree_cellnasl_okrb5_gss_prepare_context (lex_ctxt *lexic)
tree_cellnasl_okrb5_gss_update_context (lex_ctxt *lexic)
void nasl_okrb5_clean (void)
tree_cellnasl_okrb5_gss_update_context_needs_more (lex_ctxt *lexic)
static tree_cellokrb5_slice_to_tree_cell (struct OKrb5Slice *slice)
tree_cellnasl_okrb5_gss_update_context_out (lex_ctxt *lexic)
tree_cellnasl_okrb5_gss_session_key_context (lex_ctxt *lexic)
tree_cellnasl_okrb5_error_code_to_string (lex_ctxt *lexic)

Variables

static OKrb5ErrorCode last_okrb5_result
static struct OKrb5GSSContextcached_gss_context = NULL
static struct OKrb5Sliceto_application = NULL
static bool gss_update_context_more = false
static char * generated_config_path = NULL

Macro Definition Documentation

◆ NASL_PRINT_KRB_ERROR

#define NASL_PRINT_KRB_ERROR ( lexic,
credential,
result )
Value:
do \
{ \
char *error_str = okrb5_error_code_to_string (result); \
nasl_perror ( \
lexic, "%s[config_path: '%s' realm: '%s' user: '%s'] => %s (%d)", \
__func__, credential.config_path.data, credential.realm.data, \
credential.user.user.data, error_str, result); \
free (error_str); \
} \
while (0)
okrb5_error_code_to_string
char * okrb5_error_code_to_string(const OKrb5ErrorCode code)
Definition openvas-krb5.c:608

Definition at line 21 of file nasl_krb5.c.

21#define NASL_PRINT_KRB_ERROR(lexic, credential, result) \
22 do \
23 { \
24 char *error_str = okrb5_error_code_to_string (result); \
25 nasl_perror ( \
26 lexic, "%s[config_path: '%s' realm: '%s' user: '%s'] => %s (%d)", \
27 __func__, credential.config_path.data, credential.realm.data, \
28 credential.user.user.data, error_str, result); \
29 free (error_str); \
30 } \
31 while (0)

Referenced by build_krb5_credential(), nasl_okrb5_add_realm(), and nasl_okrb5_find_kdc().

◆ PERROR_SET_SLICE_FROM_LEX_OR_ENV

#define PERROR_SET_SLICE_FROM_LEX_OR_ENV ( lexic,
slice,
name,
env_name )
Value:
do \
{ \
SET_SLICE_FROM_LEX_OR_ENV (lexic, slice, name, env_name); \
if (slice.len == 0) \
{ \
nasl_perror (lexic, "Expected %s or env variable %s", name, \
env_name); \
} \
} \
while (0)
name
const char * name
Definition nasl_init.c:440

Definition at line 73 of file nasl_krb5.c.

73#define PERROR_SET_SLICE_FROM_LEX_OR_ENV(lexic, slice, name, env_name) \
74 do \
75 { \
76 SET_SLICE_FROM_LEX_OR_ENV (lexic, slice, name, env_name); \
77 if (slice.len == 0) \
78 { \
79 nasl_perror (lexic, "Expected %s or env variable %s", name, \
80 env_name); \
81 } \
82 } \
83 while (0)

Referenced by build_krb5_credential().

◆ SET_SLICE_FROM_LEX_OR_ENV

#define SET_SLICE_FROM_LEX_OR_ENV ( lexic,
slice,
name,
env_name )
Value:
do \
{ \
okrb5_set_slice_from_str (slice, get_str_var_by_name (lexic, name)); \
if (slice.len == 0) \
{ \
okrb5_set_slice_from_str (slice, getenv (env_name)); \
} \
else \
{ \
setenv (env_name, get_str_var_by_name (lexic, name), 1); \
} \
} \
while (0)
get_str_var_by_name
char * get_str_var_by_name(lex_ctxt *, const char *)
Definition nasl_var.c:1118

Definition at line 58 of file nasl_krb5.c.

58#define SET_SLICE_FROM_LEX_OR_ENV(lexic, slice, name, env_name) \
59 do \
60 { \
61 okrb5_set_slice_from_str (slice, get_str_var_by_name (lexic, name)); \
62 if (slice.len == 0) \
63 { \
64 okrb5_set_slice_from_str (slice, getenv (env_name)); \
65 } \
66 else \
67 { \
68 setenv (env_name, get_str_var_by_name (lexic, name), 1); \
69 } \
70 } \
71 while (0)

Referenced by build_krb5_credential().

Function Documentation

◆ build_krb5_credential()

OKrb5Credential build_krb5_credential ( lex_ctxt * lexic)
static

Definition at line 86 of file nasl_krb5.c.

87{
88 OKrb5Credential credential = {0};
89 OKrb5ErrorCode code;
90
91 char *kdc = NULL;
92
93 SET_SLICE_FROM_LEX_OR_ENV (lexic, credential.config_path, "config_path",
94 "KRB5_CONFIG");
95 if (credential.config_path.len == 0)
96 {
97 char *ip_str = addr6_as_str (lexic->script_infos->ip);
98 for (int i = 0; ip_str[i] != '\0'; i++)
99 {
100 if (ip_str[i] == '.' || ip_str[i] == ':')
101 {
102 ip_str[i] = '_';
103 }
104 }
105 char default_config_path[256];
106 snprintf (default_config_path, sizeof (default_config_path),
107 "/tmp/krb5_%s.conf", ip_str);
108 setenv ("KRB5_CONFIG", default_config_path, 1);
109 okrb5_set_slice_from_str (credential.config_path, default_config_path);
110 }
111
112 // Store path for cleanup
113 if (generated_config_path != NULL)
114 free (generated_config_path);
115 generated_config_path =
116 strndup (credential.config_path.data, credential.config_path.len);
117
118 PERROR_SET_SLICE_FROM_LEX_OR_ENV (lexic, credential.realm, "realm",
119 "KRB5_REALM");
120 PERROR_SET_SLICE_FROM_LEX_OR_ENV (lexic, credential.kdc, "kdc", "KRB5_KDC");
121 PERROR_SET_SLICE_FROM_LEX_OR_ENV (lexic, credential.user.user, "user",
122 "KRB5_USER");
123 PERROR_SET_SLICE_FROM_LEX_OR_ENV (lexic, credential.user.password, "password",
124 "KRB5_PASSWORD");
125 PERROR_SET_SLICE_FROM_LEX_OR_ENV (lexic, credential.target.host_name, "host",
126 "KRB5_TARGET_HOST");
127 // SET_SLICE_FROM_LEX_OR_ENV (lexic, credential.target.service, "service",
128 // "KRB5_TARGET_SERVICE");
129
130 if ((code = o_krb5_find_kdc (&credential, &kdc)))
131 {
132 if (code != O_KRB5_REALM_NOT_FOUND && code != O_KRB5_CONF_NOT_FOUND)
133 {
134 NASL_PRINT_KRB_ERROR (lexic, credential, code);
135 }
136 else
137 {
138 if ((code = o_krb5_add_realm (&credential, credential.kdc.data)))
139 {
140 NASL_PRINT_KRB_ERROR (lexic, credential, code);
141 }
142 }
143 }
144 else
145 {
146 free (kdc);
147 }
148 if (credential.target.service.len == 0)
149 {
150 okrb5_set_slice_from_str (credential.target.service, "cifs");
151 }
152 SET_SLICE_FROM_LEX_OR_ENV (lexic, credential.kdc, "kdc", "KRB5_KDC");
153
154 memset (&credential.target.domain, 0, sizeof (struct OKrb5Slice));
155
156 return credential;
157}
free
void free(void *)
generated_config_path
static char * generated_config_path
Definition nasl_krb5.c:56
PERROR_SET_SLICE_FROM_LEX_OR_ENV
#define PERROR_SET_SLICE_FROM_LEX_OR_ENV(lexic, slice, name, env_name)
Definition nasl_krb5.c:73
SET_SLICE_FROM_LEX_OR_ENV
#define SET_SLICE_FROM_LEX_OR_ENV(lexic, slice, name, env_name)
Definition nasl_krb5.c:58
NASL_PRINT_KRB_ERROR
#define NASL_PRINT_KRB_ERROR(lexic, credential, result)
Definition nasl_krb5.c:21
code
#define code
o_krb5_add_realm
OKrb5ErrorCode o_krb5_add_realm(const OKrb5Credential *creds, const char *kdc)
Definition openvas-krb5.c:247
o_krb5_find_kdc
OKrb5ErrorCode o_krb5_find_kdc(const OKrb5Credential *creds, char **kdc)
Definition openvas-krb5.c:85
OKrb5ErrorCode
OKrb5ErrorCode
Definition openvas-krb5.h:17
O_KRB5_REALM_NOT_FOUND
@ O_KRB5_REALM_NOT_FOUND
Definition openvas-krb5.h:24
O_KRB5_CONF_NOT_FOUND
@ O_KRB5_CONF_NOT_FOUND
Definition openvas-krb5.h:20
okrb5_set_slice_from_str
#define okrb5_set_slice_from_str(slice, str)
Definition openvas-krb5.h:86
OKrb5Credential::kdc
struct OKrb5Slice kdc
Definition openvas-krb5.h:63
OKrb5Credential::realm
struct OKrb5Slice realm
Definition openvas-krb5.h:60
OKrb5Credential::target
struct OKrb5Target target
Definition openvas-krb5.h:65
OKrb5Credential::config_path
struct OKrb5Slice config_path
Definition openvas-krb5.h:59
OKrb5Credential::user
struct OKrb5User user
Definition openvas-krb5.h:64
OKrb5Slice::data
void * data
Definition openvas-krb5.h:40
OKrb5Target::service
struct OKrb5Slice service
Definition openvas-krb5.h:53
OKrb5Target::domain
struct OKrb5Slice domain
Definition openvas-krb5.h:54
OKrb5Target::host_name
struct OKrb5Slice host_name
Definition openvas-krb5.h:52
OKrb5User::password
struct OKrb5Slice password
Definition openvas-krb5.h:47
OKrb5User::user
struct OKrb5Slice user
Definition openvas-krb5.h:46
script_infos::ip
struct in6_addr * ip
Definition scanneraux.h:37
struct_lex_ctxt::script_infos
struct script_infos * script_infos
Definition nasl_lex_ctxt.h:33

References code, OKrb5Credential::config_path, OKrb5Slice::data, OKrb5Target::domain, free(), generated_config_path, OKrb5Target::host_name, script_infos::ip, OKrb5Credential::kdc, OKrb5Slice::len, NASL_PRINT_KRB_ERROR, o_krb5_add_realm(), O_KRB5_CONF_NOT_FOUND, o_krb5_find_kdc(), O_KRB5_REALM_NOT_FOUND, okrb5_set_slice_from_str, OKrb5User::password, PERROR_SET_SLICE_FROM_LEX_OR_ENV, OKrb5Credential::realm, struct_lex_ctxt::script_infos, OKrb5Target::service, SET_SLICE_FROM_LEX_OR_ENV, OKrb5Credential::target, OKrb5Credential::user, and OKrb5User::user.

Referenced by nasl_okrb5_add_realm(), nasl_okrb5_find_kdc(), and nasl_okrb5_gss_prepare_context().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ nasl_okrb5_add_realm()

tree_cell * nasl_okrb5_add_realm ( lex_ctxt * lexic)

Adds the given KDC to the given Realm.

This function returns 0 on success. To retrieve a human readable error message, the function okrb5_result can be used.

The nasl function has three optional parameter:

  • realm: The realm for which the KDC should be returned. If the realm is not defined, then the env parameter KRB5_REALM is used.
  • kdc: The realm for which the KDC should be returned. If the realm is not defined, then the env parameter KRB5_KDC is used.
  • config_path: The path to the krb5.conf file. If the path is not defined, then the env parameter KRB5_CONFIG is used.

This function should only be used for debug purposes.

Parameters
[in]lexicNASL lexer.
Returns
lex cell containing a number indicating success or failure.

Definition at line 200 of file nasl_krb5.c.

201{
202 tree_cell *retc;
203 OKrb5Credential credential;
204 char *kdc = get_str_var_by_name (lexic, "kdc");
205 if (kdc == NULL)
206 {
207 kdc = getenv ("KRB5_KDC");
208 if (kdc == NULL)
209 {
210 last_okrb5_result = O_KRB5_EXPECTED_NOT_NULL;
211 NASL_PRINT_KRB_ERROR (lexic, credential, last_okrb5_result);
212 goto exit;
213 }
214 }
215
216 credential = build_krb5_credential (lexic);
217
218 if ((last_okrb5_result = o_krb5_add_realm (&credential, kdc)))
219 {
220 NASL_PRINT_KRB_ERROR (lexic, credential, last_okrb5_result);
221 }
222
223exit:
224 retc = alloc_typed_cell (CONST_INT);
225 retc->x.i_val = last_okrb5_result;
226 return retc;
227}
last_okrb5_result
static OKrb5ErrorCode last_okrb5_result
Definition nasl_krb5.c:37
build_krb5_credential
static OKrb5Credential build_krb5_credential(lex_ctxt *lexic)
Definition nasl_krb5.c:86
alloc_typed_cell
tree_cell * alloc_typed_cell(int typ)
Definition nasl_tree.c:25
CONST_INT
@ CONST_INT
Definition nasl_tree.h:79
tree_cell
struct TC tree_cell
O_KRB5_EXPECTED_NOT_NULL
@ O_KRB5_EXPECTED_NOT_NULL
Definition openvas-krb5.h:26
TC::i_val
long int i_val
Definition nasl_tree.h:104
TC::x
union TC::@332262321161220155002104006201360276211317150140 x

References alloc_typed_cell(), build_krb5_credential(), CONST_INT, get_str_var_by_name(), TC::i_val, last_okrb5_result, NASL_PRINT_KRB_ERROR, o_krb5_add_realm(), O_KRB5_EXPECTED_NOT_NULL, and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_clean()

void nasl_okrb5_clean ( void )

Definition at line 340 of file nasl_krb5.c.

341{
342 if (to_application != NULL)
343 {
344 free (to_application->data);
345 free (to_application);
346 to_application = NULL;
347 }
348 if (cached_gss_context != NULL)
349 {
350 okrb5_gss_free_context (cached_gss_context);
351 cached_gss_context = NULL;
352 }
353 if (generated_config_path != NULL)
354 {
355 unlink (generated_config_path);
356 free (generated_config_path);
357 generated_config_path = NULL;
358 }
359}
to_application
static struct OKrb5Slice * to_application
Definition nasl_krb5.c:49
cached_gss_context
static struct OKrb5GSSContext * cached_gss_context
Definition nasl_krb5.c:45
okrb5_gss_free_context
void okrb5_gss_free_context(struct OKrb5GSSContext *context)
Definition openvas-krb5.c:405

References cached_gss_context, free(), generated_config_path, okrb5_gss_free_context(), and to_application.

Referenced by exec_nasl_script().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ nasl_okrb5_error_code_to_string()

tree_cell * nasl_okrb5_error_code_to_string ( lex_ctxt * lexic)

Definition at line 414 of file nasl_krb5.c.

415{
416 (void) lexic;
417 tree_cell *retc = alloc_typed_cell (CONST_STR);
418 retc->x.str_val = okrb5_error_code_to_string (last_okrb5_result);
419 retc->size = strlen (retc->x.str_val);
420 return retc;
421}
CONST_STR
@ CONST_STR
Definition nasl_tree.h:80
TC::size
long int size
Definition nasl_tree.h:99
TC::str_val
char * str_val
Definition nasl_tree.h:103

References alloc_typed_cell(), CONST_STR, last_okrb5_result, okrb5_error_code_to_string(), TC::size, TC::str_val, and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_find_kdc()

tree_cell * nasl_okrb5_find_kdc ( lex_ctxt * lexic)

Returns the defined KDC of a given Realm.

This function returns the KDC of a given Realm. The Realm is defined in the krb5.conf file. If there is no KDC for the given Realm, the function returns NULL within the tree_cell to the script.

The nasl function has two optional parameter:

  • realm: The realm for which the KDC should be returned. If the realm is not defined, then the env parameter KRB5_REALM is used.
  • config_path: The path to the krb5.conf file. If the path is not defined, then the env parameter KRB5_CONFIG is used.

This function should only be used for debug purposes.

Parameters
[in]lexicNASL lexer.
Returns
lex cell containing the KDC as a string.

Definition at line 179 of file nasl_krb5.c.

180{
181 tree_cell *retc;
182 char *kdc = NULL;
183 OKrb5Credential credential;
184
185 credential = build_krb5_credential (lexic);
186
187 if ((last_okrb5_result = o_krb5_find_kdc (&credential, &kdc)))
188 {
189 NASL_PRINT_KRB_ERROR (lexic, credential, last_okrb5_result);
190 return FAKE_CELL;
191 }
192
193 retc = alloc_typed_cell (CONST_DATA);
194 retc->x.str_val = kdc;
195 retc->size = strlen (kdc);
196 return retc;
197}
CONST_DATA
@ CONST_DATA
Definition nasl_tree.h:82
FAKE_CELL
#define FAKE_CELL
Definition nasl_tree.h:110

References alloc_typed_cell(), build_krb5_credential(), CONST_DATA, FAKE_CELL, last_okrb5_result, NASL_PRINT_KRB_ERROR, o_krb5_find_kdc(), TC::size, TC::str_val, and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_gss_init()

tree_cell * nasl_okrb5_gss_init ( lex_ctxt * lexic)

Definition at line 272 of file nasl_krb5.c.

273{
274 (void) lexic;
275 cached_gss_context = okrb5_gss_init_context ();
276 if (cached_gss_context == NULL)
277 {
278 last_okrb5_result = O_KRB5_EXPECTED_NOT_NULL;
279 }
280 else
281 {
282 last_okrb5_result = O_KRB5_SUCCESS;
283 };
284 tree_cell *retc = alloc_typed_cell (CONST_INT);
285 retc->x.i_val = last_okrb5_result;
286 return retc;
287}
okrb5_gss_init_context
struct OKrb5GSSContext * okrb5_gss_init_context(void)
Definition openvas-krb5.c:392
O_KRB5_SUCCESS
@ O_KRB5_SUCCESS
Definition openvas-krb5.h:18

References alloc_typed_cell(), cached_gss_context, CONST_INT, TC::i_val, last_okrb5_result, O_KRB5_EXPECTED_NOT_NULL, O_KRB5_SUCCESS, okrb5_gss_init_context(), and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_gss_prepare_context()

tree_cell * nasl_okrb5_gss_prepare_context ( lex_ctxt * lexic)

Definition at line 289 of file nasl_krb5.c.

290{
291 (void) lexic;
292
293 OKrb5Credential credential;
294 credential = build_krb5_credential (lexic);
295 OKrb5ErrorCode result = O_KRB5_SUCCESS;
296 if (cached_gss_context == NULL)
297 {
298 cached_gss_context = okrb5_gss_init_context ();
299 }
300 result = o_krb5_gss_prepare_context (&credential, cached_gss_context);
301 tree_cell *retc = alloc_typed_cell (CONST_INT);
302 retc->x.i_val = result;
303 last_okrb5_result = result;
304 return retc;
305}
o_krb5_gss_prepare_context
OKrb5ErrorCode o_krb5_gss_prepare_context(const OKrb5Credential *creds, struct OKrb5GSSContext *gss_context)
Definition openvas-krb5.c:446

References alloc_typed_cell(), build_krb5_credential(), cached_gss_context, CONST_INT, TC::i_val, last_okrb5_result, o_krb5_gss_prepare_context(), O_KRB5_SUCCESS, okrb5_gss_init_context(), and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_gss_session_key_context()

tree_cell * nasl_okrb5_gss_session_key_context ( lex_ctxt * lexic)

Definition at line 395 of file nasl_krb5.c.

396{
397 (void) lexic;
398 struct OKrb5Slice *session_key = NULL;
399 if (cached_gss_context == NULL)
400 {
401 last_okrb5_result = O_KRB5_EXPECTED_NOT_NULL;
402 return FAKE_CELL;
403 }
404 if ((last_okrb5_result =
405 o_krb5_gss_session_key_context (cached_gss_context, &session_key))
406 != O_KRB5_SUCCESS)
407 {
408 return FAKE_CELL;
409 }
410 return okrb5_slice_to_tree_cell (session_key);
411}
okrb5_slice_to_tree_cell
static tree_cell * okrb5_slice_to_tree_cell(struct OKrb5Slice *slice)
Definition nasl_krb5.c:371
o_krb5_gss_session_key_context
OKrb5ErrorCode o_krb5_gss_session_key_context(struct OKrb5GSSContext *gss_context, struct OKrb5Slice **out)
Definition openvas-krb5.c:571

References cached_gss_context, FAKE_CELL, last_okrb5_result, O_KRB5_EXPECTED_NOT_NULL, o_krb5_gss_session_key_context(), O_KRB5_SUCCESS, and okrb5_slice_to_tree_cell().

Here is the call graph for this function:

◆ nasl_okrb5_gss_update_context()

tree_cell * nasl_okrb5_gss_update_context ( lex_ctxt * lexic)

Definition at line 308 of file nasl_krb5.c.

309{
310 OKrb5ErrorCode result = O_KRB5_SUCCESS;
311 tree_cell *retc;
312 struct OKrb5Slice from_application;
313
314 if (to_application != NULL)
315 {
316 free (to_application->data);
317 free (to_application);
318 to_application = NULL;
319 }
320
321 from_application.data = (void *) get_str_var_by_num (lexic, 0);
322 from_application.len = get_var_size_by_num (lexic, 0);
323
324 if (cached_gss_context == NULL)
325 {
326 last_okrb5_result = O_KRB5_EXPECTED_NOT_NULL;
327 goto result;
328 }
329 result =
330 o_krb5_gss_update_context (cached_gss_context, &from_application,
331 &to_application, &gss_update_context_more);
332result:
333 retc = alloc_typed_cell (CONST_INT);
334 retc->x.i_val = result;
335 last_okrb5_result = result;
336 return retc;
337}
gss_update_context_more
static bool gss_update_context_more
Definition nasl_krb5.c:53
get_var_size_by_num
long int get_var_size_by_num(lex_ctxt *, int)
Definition nasl_var.c:1145
get_str_var_by_num
char * get_str_var_by_num(lex_ctxt *, int)
Definition nasl_var.c:1108
o_krb5_gss_update_context
OKrb5ErrorCode o_krb5_gss_update_context(struct OKrb5GSSContext *gss_context, const struct OKrb5Slice *in_data, struct OKrb5Slice **out_data, bool *more)
Definition openvas-krb5.c:529

References alloc_typed_cell(), cached_gss_context, CONST_INT, OKrb5Slice::data, free(), get_str_var_by_num(), get_var_size_by_num(), gss_update_context_more, TC::i_val, last_okrb5_result, OKrb5Slice::len, O_KRB5_EXPECTED_NOT_NULL, o_krb5_gss_update_context(), O_KRB5_SUCCESS, to_application, and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_gss_update_context_needs_more()

tree_cell * nasl_okrb5_gss_update_context_needs_more ( lex_ctxt * lexic)

Definition at line 362 of file nasl_krb5.c.

363{
364 (void) lexic;
365 tree_cell *retc = alloc_typed_cell (CONST_INT);
366 retc->x.i_val = gss_update_context_more;
367 return retc;
368}

References alloc_typed_cell(), CONST_INT, gss_update_context_more, TC::i_val, and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_gss_update_context_out()

tree_cell * nasl_okrb5_gss_update_context_out ( lex_ctxt * lexic)

Definition at line 380 of file nasl_krb5.c.

381{
382 (void) lexic;
383 if (to_application == NULL)
384 {
385 return FAKE_CELL;
386 }
387 tree_cell *out = okrb5_slice_to_tree_cell (to_application);
388 // we need to prevent accidental free it as it is freed when the tree_cell is
389 // cleaned up
390 to_application = NULL;
391 return out;
392}

References FAKE_CELL, okrb5_slice_to_tree_cell(), and to_application.

Here is the call graph for this function:

◆ nasl_okrb5_is_failure()

tree_cell * nasl_okrb5_is_failure ( lex_ctxt * lexic)

Returns 0 if the krb5 function was successful and 1 if it failed.

The nasl function has one optional parameter:

  • retval: the return value of the krb5 function. If the value is not defined, the return value of the last krb5 function is used.
Parameters
[in]lexicNASL lexer.
Returns
lex cell containing a number indicating success.

Definition at line 263 of file nasl_krb5.c.

264{
265 OKrb5ErrorCode result = get_int_var_by_num (lexic, 0, last_okrb5_result);
266 tree_cell *retc = alloc_typed_cell (CONST_INT);
267 retc->x.i_val = result != O_KRB5_SUCCESS;
268 return retc;
269}
get_int_var_by_num
long int get_int_var_by_num(lex_ctxt *, int, int)
Definition nasl_var.c:1094

References alloc_typed_cell(), CONST_INT, get_int_var_by_num(), TC::i_val, last_okrb5_result, O_KRB5_SUCCESS, and TC::x.

Here is the call graph for this function:

◆ nasl_okrb5_is_success()

tree_cell * nasl_okrb5_is_success ( lex_ctxt * lexic)

Returns 1 if the krb5 function was successful 0 otherwise.

The nasl function has one optional parameter:

  • retval: the return value of the krb5 function. If the value is not defined, the return value of the last krb5 function is used.
Parameters
[in]lexicNASL lexer.
Returns
lex cell containing a number indicating success.

Definition at line 242 of file nasl_krb5.c.

243{
244 OKrb5ErrorCode result = get_int_var_by_num (lexic, 0, last_okrb5_result);
245 tree_cell *retc = alloc_typed_cell (CONST_INT);
246 retc->x.i_val = result == O_KRB5_SUCCESS;
247 return retc;
248}

References alloc_typed_cell(), CONST_INT, get_int_var_by_num(), TC::i_val, last_okrb5_result, O_KRB5_SUCCESS, and TC::x.

Here is the call graph for this function:

◆ okrb5_slice_to_tree_cell()

tree_cell * okrb5_slice_to_tree_cell ( struct OKrb5Slice * slice)
inlinestatic

Definition at line 371 of file nasl_krb5.c.

372{
373 tree_cell *retc = alloc_typed_cell (CONST_DATA);
374 retc->x.str_val = slice->data;
375 retc->size = slice->len;
376 return retc;
377}

References alloc_typed_cell(), CONST_DATA, OKrb5Slice::data, OKrb5Slice::len, TC::size, TC::str_val, and TC::x.

Referenced by nasl_okrb5_gss_session_key_context(), and nasl_okrb5_gss_update_context_out().

Here is the call graph for this function:
Here is the caller graph for this function:

Variable Documentation

◆ cached_gss_context

struct OKrb5GSSContext* cached_gss_context = NULL
static

Definition at line 45 of file nasl_krb5.c.

Referenced by nasl_okrb5_clean(), nasl_okrb5_gss_init(), nasl_okrb5_gss_prepare_context(), nasl_okrb5_gss_session_key_context(), and nasl_okrb5_gss_update_context().

◆ generated_config_path

char* generated_config_path = NULL
static

Definition at line 56 of file nasl_krb5.c.

Referenced by build_krb5_credential(), and nasl_okrb5_clean().

◆ gss_update_context_more

bool gss_update_context_more = false
static

Definition at line 53 of file nasl_krb5.c.

Referenced by nasl_okrb5_gss_update_context(), and nasl_okrb5_gss_update_context_needs_more().

◆ last_okrb5_result

OKrb5ErrorCode last_okrb5_result
static

Definition at line 37 of file nasl_krb5.c.

Referenced by nasl_okrb5_add_realm(), nasl_okrb5_error_code_to_string(), nasl_okrb5_find_kdc(), nasl_okrb5_gss_init(), nasl_okrb5_gss_prepare_context(), nasl_okrb5_gss_session_key_context(), nasl_okrb5_gss_update_context(), nasl_okrb5_is_failure(), and nasl_okrb5_is_success().

◆ to_application

struct OKrb5Slice* to_application = NULL
static

Definition at line 49 of file nasl_krb5.c.

Referenced by nasl_okrb5_clean(), nasl_okrb5_gss_update_context(), and nasl_okrb5_gss_update_context_out().