search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Remove building with NOCRYPTO option
[minix.git] / crypto / external / bsd / heimdal / dist / lib / gssapi / krb5 / creds.c
blob80c150ebe491c3b49b700d420342623a38b021d0
1 /* $NetBSD: creds.c,v 1.1.1.2 2014/04/24 12:45:29 pettai Exp $ */
2
3 /*
4 * Copyright (c) 2009 Kungliga Tekniska Högskolan
5 * (Royal Institute of Technology, Stockholm, Sweden).
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 *
19 * 3. Neither the name of the Institute nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 */
35
36 #include "gsskrb5_locl.h"
37
38 OM_uint32 GSSAPI_CALLCONV
39 _gsskrb5_export_cred(OM_uint32 *minor_status,
40 gss_cred_id_t cred_handle,
41 gss_buffer_t cred_token)
42 {
43 gsskrb5_cred handle = (gsskrb5_cred)cred_handle;
44 krb5_context context;
45 krb5_error_code ret;
46 krb5_storage *sp;
47 krb5_data data, mech;
48 const char *type;
49 char *str;
50
51 GSSAPI_KRB5_INIT (&context);
52
53 if (handle->usage != GSS_C_INITIATE && handle->usage != GSS_C_BOTH) {
54 *minor_status = GSS_KRB5_S_G_BAD_USAGE;
55 return GSS_S_FAILURE;
56 }
57
58 sp = krb5_storage_emem();
59 if (sp == NULL) {
60 *minor_status = ENOMEM;
61 return GSS_S_FAILURE;
62 }
63
64 type = krb5_cc_get_type(context, handle->ccache);
65 if (strcmp(type, "MEMORY") == 0) {
66 krb5_creds *creds;
67 ret = krb5_store_uint32(sp, 0);
68 if (ret) {
69 krb5_storage_free(sp);
70 *minor_status = ret;
71 return GSS_S_FAILURE;
72 }
73
74 ret = _krb5_get_krbtgt(context, handle->ccache,
75 handle->principal->realm,
76 &creds);
77 if (ret) {
78 krb5_storage_free(sp);
79 *minor_status = ret;
80 return GSS_S_FAILURE;
81 }
82
83 ret = krb5_store_creds(sp, creds);
84 krb5_free_creds(context, creds);
85 if (ret) {
86 krb5_storage_free(sp);
87 *minor_status = ret;
88 return GSS_S_FAILURE;
89 }
90
91 } else {
92 ret = krb5_store_uint32(sp, 1);
93 if (ret) {
94 krb5_storage_free(sp);
95 *minor_status = ret;
96 return GSS_S_FAILURE;
97 }
98
99 ret = krb5_cc_get_full_name(context, handle->ccache, &str);
100 if (ret) {
101 krb5_storage_free(sp);
102 *minor_status = ret;
103 return GSS_S_FAILURE;
104 }
105
106 ret = krb5_store_string(sp, str);
107 free(str);
108 if (ret) {
109 krb5_storage_free(sp);
110 *minor_status = ret;
111 return GSS_S_FAILURE;
112 }
113 }
114 ret = krb5_storage_to_data(sp, &data);
115 krb5_storage_free(sp);
116 if (ret) {
117 *minor_status = ret;
118 return GSS_S_FAILURE;
119 }
120 sp = krb5_storage_emem();
121 if (sp == NULL) {
122 krb5_data_free(&data);
123 *minor_status = ENOMEM;
124 return GSS_S_FAILURE;
125 }
126
127 mech.data = GSS_KRB5_MECHANISM->elements;
128 mech.length = GSS_KRB5_MECHANISM->length;
129
130 ret = krb5_store_data(sp, mech);
131 if (ret) {
132 krb5_data_free(&data);
133 krb5_storage_free(sp);
134 *minor_status = ret;
135 return GSS_S_FAILURE;
136 }
137
138 ret = krb5_store_data(sp, data);
139 krb5_data_free(&data);
140 if (ret) {
141 krb5_storage_free(sp);
142 *minor_status = ret;
143 return GSS_S_FAILURE;
144 }
145
146 ret = krb5_storage_to_data(sp, &data);
147 krb5_storage_free(sp);
148 if (ret) {
149 *minor_status = ret;
150 return GSS_S_FAILURE;
151 }
152
153 cred_token->value = data.data;
154 cred_token->length = data.length;
155
156 return GSS_S_COMPLETE;
157 }
158
159 OM_uint32 GSSAPI_CALLCONV
160 _gsskrb5_import_cred(OM_uint32 * minor_status,
161 gss_buffer_t cred_token,
162 gss_cred_id_t * cred_handle)
163 {
164 krb5_context context;
165 krb5_error_code ret;
166 gsskrb5_cred handle;
167 krb5_ccache id;
168 krb5_storage *sp;
169 char *str;
170 uint32_t type;
171 int flags = 0;
172
173 *cred_handle = GSS_C_NO_CREDENTIAL;
174
175 GSSAPI_KRB5_INIT (&context);
176
177 sp = krb5_storage_from_mem(cred_token->value, cred_token->length);
178 if (sp == NULL) {
179 *minor_status = ENOMEM;
180 return GSS_S_FAILURE;
181 }
182
183 ret = krb5_ret_uint32(sp, &type);
184 if (ret) {
185 krb5_storage_free(sp);
186 *minor_status = ret;
187 return GSS_S_FAILURE;
188 }
189 switch (type) {
190 case 0: {
191 krb5_creds creds;
192
193 ret = krb5_ret_creds(sp, &creds);
194 krb5_storage_free(sp);
195 if (ret) {
196 *minor_status = ret;
197 return GSS_S_FAILURE;
198 }
199
200 ret = krb5_cc_new_unique(context, "MEMORY", NULL, &id);
201 if (ret) {
202 *minor_status = ret;
203 return GSS_S_FAILURE;
204 }
205
206 ret = krb5_cc_initialize(context, id, creds.client);
207 if (ret) {
208 krb5_cc_destroy(context, id);
209 *minor_status = ret;
210 return GSS_S_FAILURE;
211 }
212
213 ret = krb5_cc_store_cred(context, id, &creds);
214 krb5_free_cred_contents(context, &creds);
215
216 flags |= GSS_CF_DESTROY_CRED_ON_RELEASE;
217
218 break;
219 }
220 case 1:
221 ret = krb5_ret_string(sp, &str);
222 krb5_storage_free(sp);
223 if (ret) {
224 *minor_status = ret;
225 return GSS_S_FAILURE;
226 }
227
228 ret = krb5_cc_resolve(context, str, &id);
229 krb5_xfree(str);
230 if (ret) {
231 *minor_status = ret;
232 return GSS_S_FAILURE;
233 }
234 break;
235
236 default:
237 krb5_storage_free(sp);
238 *minor_status = 0;
239 return GSS_S_NO_CRED;
240 }
241
242 handle = calloc(1, sizeof(*handle));
243 if (handle == NULL) {
244 krb5_cc_close(context, id);
245 *minor_status = ENOMEM;
246 return GSS_S_FAILURE;
247 }
248
249 handle->usage = GSS_C_INITIATE;
250 krb5_cc_get_principal(context, id, &handle->principal);
251 handle->ccache = id;
252 handle->cred_flags = flags;
253
254 *cred_handle = (gss_cred_id_t)handle;
255
256 return GSS_S_COMPLETE;
257 }
MINIX 3 (repo.or.cz mirror)