Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/krb5/src/lib/gssapi/mechglue/g_inq_cred.c
39586 views
1
/* #pragma ident	"@(#)g_inquire_cred.c	1.16	04/02/23 SMI" */

2


3
/*

4
 * Copyright 1996 by Sun Microsystems, Inc.

5
 *

6
 * Permission to use, copy, modify, distribute, and sell this software

7
 * and its documentation for any purpose is hereby granted without fee,

8
 * provided that the above copyright notice appears in all copies and

9
 * that both that copyright notice and this permission notice appear in

10
 * supporting documentation, and that the name of Sun Microsystems not be used

11
 * in advertising or publicity pertaining to distribution of the software

12
 * without specific, written prior permission. Sun Microsystems makes no

13
 * representations about the suitability of this software for any

14
 * purpose.  It is provided "as is" without express or implied warranty.

15
 *

16
 * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,

17
 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO

18
 * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR

19
 * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF

20
 * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR

21
 * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR

22
 * PERFORMANCE OF THIS SOFTWARE.

23
 */

24


25
/*

26
 *  glue routine for gss_inquire_cred

27
 */

28


29
#include "mglueP.h"

30
#include <stdio.h>

31
#ifdef HAVE_STDLIB_H

32
#include <stdlib.h>

33
#endif

34
#include <string.h>

35
#include <time.h>

36


37
OM_uint32 KRB5_CALLCONV

38
gss_inquire_cred(OM_uint32 *minor_status, gss_cred_id_t cred_handle,

39
		 gss_name_t *name, OM_uint32 *lifetime, int *cred_usage,

40
		 gss_OID_set *mechanisms)

41
{

42
    OM_uint32		status, temp_minor_status;

43
    gss_union_cred_t	union_cred;

44
    gss_mechanism	mech;

45
    gss_cred_id_t	mech_cred;

46
    gss_name_t		mech_name;

47
    gss_OID_set		mechs = NULL;

48


49
    /* Initialize outputs. */

50


51
    if (minor_status != NULL)

52
	*minor_status = 0;

53


54
    if (name != NULL)

55
	*name = GSS_C_NO_NAME;

56


57
    if (mechanisms != NULL)

58
	*mechanisms = GSS_C_NO_OID_SET;

59


60
    /* Validate arguments. */

61
    if (minor_status == NULL)

62
	return (GSS_S_CALL_INACCESSIBLE_WRITE);

63


64
    /*

65
     * XXX We should iterate over all mechanisms in the credential and

66
     * aggregate the results.  This requires a union name structure containing

67
     * multiple mechanism names, which we don't currently have.  For now,

68
     * inquire the first mechanism in the credential; this is consistent with

69
     * our historical behavior.

70
     */

71


72
    /* Determine mechanism and mechanism credential. */

73
    if (cred_handle != GSS_C_NO_CREDENTIAL) {

74
	union_cred = (gss_union_cred_t) cred_handle;

75
	if (union_cred->count <= 0)

76
	    return (GSS_S_DEFECTIVE_CREDENTIAL);

77
	mech_cred = union_cred->cred_array[0];

78
	mech = gssint_get_mechanism(&union_cred->mechs_array[0]);

79
    } else {

80
	union_cred = NULL;

81
	mech_cred = GSS_C_NO_CREDENTIAL;

82
	mech = gssint_get_mechanism(GSS_C_NULL_OID);

83
    }

84


85
    /* Skip the call into the mech if the caller doesn't care about any of the

86
     * values we would ask for. */

87
    if (name != NULL || lifetime != NULL || cred_usage != NULL) {

88
	if (mech == NULL)

89
	    return (GSS_S_DEFECTIVE_CREDENTIAL);

90
	if (!mech->gss_inquire_cred)

91
	    return (GSS_S_UNAVAILABLE);

92


93
	status = mech->gss_inquire_cred(minor_status, mech_cred,

94
					name ? &mech_name : NULL,

95
					lifetime, cred_usage, NULL);

96
	if (status != GSS_S_COMPLETE) {

97
	    map_error(minor_status, mech);

98
	    return(status);

99
	}

100


101
	if (name) {

102
	    /* Convert mech_name into a union_name equivalent. */

103
	    status = gssint_convert_name_to_union_name(&temp_minor_status,

104
						       mech, mech_name, name);

105
	    if (status != GSS_S_COMPLETE) {

106
		*minor_status = temp_minor_status;

107
		map_error(minor_status, mech);

108
		return (status);

109
	    }

110
	}

111
    }

112


113
    /*

114
     * copy the mechanism set in union_cred into an OID set and return in

115
     * the mechanisms parameter.

116
     */

117


118
    if(mechanisms != NULL) {

119
	if (union_cred) {

120
	    status = gssint_make_public_oid_set(minor_status,

121
						union_cred->mechs_array,

122
						union_cred->count, &mechs);

123
	    if (GSS_ERROR(status))

124
		goto error;

125
	} else {

126
	    status = gss_create_empty_oid_set(minor_status, &mechs);

127
	    if (GSS_ERROR(status))

128
		goto error;

129


130
	    status = gss_add_oid_set_member(minor_status,

131
					    &mech->mech_type, &mechs);

132
	    if (GSS_ERROR(status))

133
		goto error;

134
	}

135
	*mechanisms = mechs;

136
    }

137


138
    return(GSS_S_COMPLETE);

139


140
error:

141
    if (mechs != NULL)

142
	(void) gss_release_oid_set(&temp_minor_status, &mechs);

143


144
    if (name && *name != NULL)

145
	(void) gss_release_name(&temp_minor_status, name);

146


147
    return (status);

148
}

149


150
OM_uint32 KRB5_CALLCONV

151
gss_inquire_cred_by_mech(OM_uint32 *minor_status, gss_cred_id_t cred_handle,

152
			 gss_OID mech_type, gss_name_t *name,

153
			 OM_uint32 *initiator_lifetime,

154
			 OM_uint32 *acceptor_lifetime,

155
			 gss_cred_usage_t *cred_usage)

156
{

157
    gss_union_cred_t	union_cred;

158
    gss_cred_id_t	mech_cred;

159
    gss_mechanism	mech;

160
    OM_uint32		status, temp_minor_status;

161
    gss_name_t		internal_name;

162
    gss_OID		selected_mech, public_mech;

163


164
    if (minor_status != NULL)

165
	*minor_status = 0;

166


167
    if (name != NULL)

168
	*name = GSS_C_NO_NAME;

169


170
    if (minor_status == NULL)

171
	return (GSS_S_CALL_INACCESSIBLE_WRITE);

172


173
    status = gssint_select_mech_type(minor_status, mech_type, &selected_mech);

174
    if (status != GSS_S_COMPLETE)

175
	return (status);

176


177
    mech = gssint_get_mechanism(selected_mech);

178
    if (!mech)

179
	return (GSS_S_BAD_MECH);

180
    if (!mech->gss_inquire_cred_by_mech)

181
	return (GSS_S_BAD_BINDINGS);

182


183
    union_cred = (gss_union_cred_t) cred_handle;

184
    mech_cred = gssint_get_mechanism_cred(union_cred, selected_mech);

185
    if (cred_handle != GSS_C_NO_CREDENTIAL && mech_cred == GSS_C_NO_CREDENTIAL)

186
	return (GSS_S_NO_CRED);

187


188
    public_mech = gssint_get_public_oid(selected_mech);

189
    status = mech->gss_inquire_cred_by_mech(minor_status,

190
					    mech_cred, public_mech,

191
					    name ? &internal_name : NULL,

192
					    initiator_lifetime,

193
					    acceptor_lifetime, cred_usage);

194


195
    if (status != GSS_S_COMPLETE) {

196
	map_error(minor_status, mech);

197
	return (status);

198
    }

199


200
    if (name) {

201
	/*

202
	 * Convert internal_name into a union_name equivalent.

203
	 */

204
	status = gssint_convert_name_to_union_name(

205
	    &temp_minor_status, mech,

206
	    internal_name, name);

207
	if (status != GSS_S_COMPLETE) {

208
	    *minor_status = temp_minor_status;

209
	    map_error(minor_status, mech);

210
	    return (status);

211
	}

212
    }

213


214
    return (GSS_S_COMPLETE);

215
}

216


217