Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/heimdal/lib/gssapi/krb5/authorize_localname.c
34923 views
1
/*

2
 * Copyright (c) 2011, PADL Software Pty Ltd.

3
 * All rights reserved.

4
 *

5
 * Redistribution and use in source and binary forms, with or without

6
 * modification, are permitted provided that the following conditions

7
 * are met:

8
 *

9
 * 1. Redistributions of source code must retain the above copyright

10
 *    notice, this list of conditions and the following disclaimer.

11
 *

12
 * 2. Redistributions in binary form must reproduce the above copyright

13
 *    notice, this list of conditions and the following disclaimer in the

14
 *    documentation and/or other materials provided with the distribution.

15
 *

16
 * 3. Neither the name of PADL Software nor the names of its contributors

17
 *    may be used to endorse or promote products derived from this software

18
 *    without specific prior written permission.

19
 *

20
 * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND

21
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

22
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

23
 * ARE DISCLAIMED.  IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE

24
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

25
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

26
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

27
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

28
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

29
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

30
 * SUCH DAMAGE.

31
 */

32


33
#include "gsskrb5_locl.h"

34


35
OM_uint32 GSSAPI_CALLCONV

36
_gsskrb5_authorize_localname(OM_uint32 *minor_status,

37
                             const gss_name_t input_name,

38
                             gss_const_buffer_t user_name,

39
                             gss_const_OID user_name_type)

40
{

41
    krb5_context context;

42
    krb5_principal princ = (krb5_principal)input_name;

43
    char *user;

44
    int user_ok;

45


46
    if (!gss_oid_equal(user_name_type, GSS_C_NT_USER_NAME))

47
        return GSS_S_BAD_NAMETYPE;

48


49
    GSSAPI_KRB5_INIT(&context);

50


51
    user = malloc(user_name->length + 1);

52
    if (user == NULL) {

53
        *minor_status = ENOMEM;

54
        return GSS_S_FAILURE;

55
    }

56


57
    memcpy(user, user_name->value, user_name->length);

58
    user[user_name->length] = '\0';

59


60
    *minor_status = 0;

61
    user_ok = krb5_kuserok(context, princ, user);

62


63
    free(user);

64


65
    return user_ok ? GSS_S_COMPLETE : GSS_S_UNAUTHORIZED;

66
}

67


68