root/source4/heimdal/lib/gssapi/mech/gss_add_cred.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. _gss_copy_cred
  2. gss_add_cred

   1 /*-
   2  * Copyright (c) 2005 Doug Rabson
   3  * All rights reserved.
   4  *
   5  * Redistribution and use in source and binary forms, with or without
   6  * modification, are permitted provided that the following conditions
   7  * are met:
   8  * 1. Redistributions of source code must retain the above copyright
   9  *    notice, this list of conditions and the following disclaimer.
  10  * 2. Redistributions in binary form must reproduce the above copyright
  11  *    notice, this list of conditions and the following disclaimer in the
  12  *    documentation and/or other materials provided with the distribution.
  13  *
  14  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
  15  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  16  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  17  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  18  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  19  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  20  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  21  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  22  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  23  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  24  * SUCH DAMAGE.
  25  *
  26  *      $FreeBSD: src/lib/libgssapi/gss_add_cred.c,v 1.1 2005/12/29 14:40:20 dfr Exp $
  27  */
  28 
  29 #include "mech_locl.h"
  30 RCSID("$Id$");
  31 
  32 static struct _gss_mechanism_cred *
  33 _gss_copy_cred(struct _gss_mechanism_cred *mc)
     /* [<][>][^][v][top][bottom][index][help] */
  34 {
  35         struct _gss_mechanism_cred *new_mc;
  36         gssapi_mech_interface m = mc->gmc_mech;
  37         OM_uint32 major_status, minor_status;
  38         gss_name_t name;
  39         gss_cred_id_t cred;
  40         OM_uint32 initiator_lifetime, acceptor_lifetime;
  41         gss_cred_usage_t cred_usage;
  42 
  43         major_status = m->gm_inquire_cred_by_mech(&minor_status,
  44             mc->gmc_cred, mc->gmc_mech_oid,
  45             &name, &initiator_lifetime, &acceptor_lifetime, &cred_usage);
  46         if (major_status) {
  47                 _gss_mg_error(m, major_status, minor_status);
  48                 return (0);
  49         }
  50 
  51         major_status = m->gm_add_cred(&minor_status,
  52             GSS_C_NO_CREDENTIAL, name, mc->gmc_mech_oid,
  53             cred_usage, initiator_lifetime, acceptor_lifetime,
  54             &cred, 0, 0, 0);
  55         m->gm_release_name(&minor_status, &name);
  56 
  57         if (major_status) {
  58                 _gss_mg_error(m, major_status, minor_status);
  59                 return (0);
  60         }
  61 
  62         new_mc = malloc(sizeof(struct _gss_mechanism_cred));
  63         if (!new_mc) {
  64                 m->gm_release_cred(&minor_status, &cred);
  65                 return (0);
  66         }
  67         new_mc->gmc_mech = m;
  68         new_mc->gmc_mech_oid = &m->gm_mech_oid;
  69         new_mc->gmc_cred = cred;
  70 
  71         return (new_mc);
  72 }
  73 
  74 OM_uint32 GSSAPI_LIB_FUNCTION
  75 gss_add_cred(OM_uint32 *minor_status,
     /* [<][>][^][v][top][bottom][index][help] */
  76     const gss_cred_id_t input_cred_handle,
  77     const gss_name_t desired_name,
  78     const gss_OID desired_mech,
  79     gss_cred_usage_t cred_usage,
  80     OM_uint32 initiator_time_req,
  81     OM_uint32 acceptor_time_req,
  82     gss_cred_id_t *output_cred_handle,
  83     gss_OID_set *actual_mechs,
  84     OM_uint32 *initiator_time_rec,
  85     OM_uint32 *acceptor_time_rec)
  86 {
  87         OM_uint32 major_status;
  88         gssapi_mech_interface m;
  89         struct _gss_cred *cred = (struct _gss_cred *) input_cred_handle;
  90         struct _gss_cred *new_cred;
  91         gss_cred_id_t release_cred;
  92         struct _gss_mechanism_cred *mc, *target_mc, *copy_mc;
  93         struct _gss_mechanism_name *mn;
  94         OM_uint32 junk;
  95 
  96         *minor_status = 0;
  97         *output_cred_handle = GSS_C_NO_CREDENTIAL;
  98         if (initiator_time_rec)
  99             *initiator_time_rec = 0;
 100         if (acceptor_time_rec)
 101             *acceptor_time_rec = 0;
 102         if (actual_mechs)
 103             *actual_mechs = GSS_C_NO_OID_SET;
 104 
 105         new_cred = malloc(sizeof(struct _gss_cred));
 106         if (!new_cred) {
 107                 *minor_status = ENOMEM;
 108                 return (GSS_S_FAILURE);
 109         }
 110         SLIST_INIT(&new_cred->gc_mc);
 111 
 112         /*
 113          * We go through all the mc attached to the input_cred_handle
 114          * and check the mechanism. If it matches, we call
 115          * gss_add_cred for that mechanism, otherwise we copy the mc
 116          * to new_cred.
 117          */
 118         target_mc = 0;
 119         if (cred) {
 120                 SLIST_FOREACH(mc, &cred->gc_mc, gmc_link) {
 121                         if (gss_oid_equal(mc->gmc_mech_oid, desired_mech)) {
 122                                 target_mc = mc;
 123                         }
 124                         copy_mc = _gss_copy_cred(mc);
 125                         if (!copy_mc) {
 126                                 release_cred = (gss_cred_id_t)new_cred;
 127                                 gss_release_cred(&junk, &release_cred);
 128                                 *minor_status = ENOMEM;
 129                                 return (GSS_S_FAILURE);
 130                         }
 131                         SLIST_INSERT_HEAD(&new_cred->gc_mc, copy_mc, gmc_link);
 132                 }
 133         }
 134 
 135         /*
 136          * Figure out a suitable mn, if any.
 137          */
 138         if (desired_name) {
 139                 major_status = _gss_find_mn(minor_status,
 140                                             (struct _gss_name *) desired_name,
 141                                             desired_mech,
 142                                             &mn);
 143                 if (major_status != GSS_S_COMPLETE) {
 144                         free(new_cred);
 145                         return major_status;
 146                 }
 147         } else {
 148                 mn = 0;
 149         }
 150 
 151         m = __gss_get_mechanism(desired_mech);
 152 
 153         mc = malloc(sizeof(struct _gss_mechanism_cred));
 154         if (!mc) {
 155                 release_cred = (gss_cred_id_t)new_cred;
 156                 gss_release_cred(&junk, &release_cred);
 157                 *minor_status = ENOMEM;
 158                 return (GSS_S_FAILURE);
 159         }
 160         mc->gmc_mech = m;
 161         mc->gmc_mech_oid = &m->gm_mech_oid;
 162 
 163         major_status = m->gm_add_cred(minor_status,
 164             target_mc ? target_mc->gmc_cred : GSS_C_NO_CREDENTIAL,
 165             desired_name ? mn->gmn_name : GSS_C_NO_NAME,
 166             desired_mech,
 167             cred_usage,
 168             initiator_time_req,
 169             acceptor_time_req,
 170             &mc->gmc_cred,
 171             actual_mechs,
 172             initiator_time_rec,
 173             acceptor_time_rec);
 174 
 175         if (major_status) {
 176                 _gss_mg_error(m, major_status, *minor_status);
 177                 release_cred = (gss_cred_id_t)new_cred;
 178                 gss_release_cred(&junk, &release_cred);
 179                 free(mc);
 180                 return (major_status);
 181         }
 182         SLIST_INSERT_HEAD(&new_cred->gc_mc, mc, gmc_link);
 183         *output_cred_handle = (gss_cred_id_t) new_cred;
 184 
 185         return (GSS_S_COMPLETE);
 186 }
 187 

/* [<][>][^][v][top][bottom][index][help] */