g_acquire_cred.c revision 3dba6097f91d71408b4a7c824521f8f0687ab6ff
fa9e4066f08beec538e775443c5be79dd423fcabahrens * CDDL HEADER START
fa9e4066f08beec538e775443c5be79dd423fcabahrens * The contents of this file are subject to the terms of the
441d80aa4f613b6298fc8bd3151f4be02dbf84fclling * Common Development and Distribution License (the "License").
441d80aa4f613b6298fc8bd3151f4be02dbf84fclling * You may not use this file except in compliance with the License.
fa9e4066f08beec538e775443c5be79dd423fcabahrens * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
fa9e4066f08beec538e775443c5be79dd423fcabahrens * See the License for the specific language governing permissions
fa9e4066f08beec538e775443c5be79dd423fcabahrens * and limitations under the License.
fa9e4066f08beec538e775443c5be79dd423fcabahrens * When distributing Covered Code, include this CDDL HEADER in each
fa9e4066f08beec538e775443c5be79dd423fcabahrens * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
fa9e4066f08beec538e775443c5be79dd423fcabahrens * If applicable, add the following below this CDDL HEADER, with the
fa9e4066f08beec538e775443c5be79dd423fcabahrens * fields enclosed by brackets "[]" replaced with your own identifying
fa9e4066f08beec538e775443c5be79dd423fcabahrens * information: Portions Copyright [yyyy] [name of copyright owner]
fa9e4066f08beec538e775443c5be79dd423fcabahrens * CDDL HEADER END
fa9e4066f08beec538e775443c5be79dd423fcabahrens * Copyright 2007 Sun Microsystems, Inc. All rights reserved.
39c23413b8df94a95f67b34cfd4a4dfc3fd0b48deschrock * Use is subject to license terms.
fa9e4066f08beec538e775443c5be79dd423fcabahrens#pragma ident "%Z%%M% %I% %E% SMI"
fa9e4066f08beec538e775443c5be79dd423fcabahrens * glue routine for gss_acquire_cred
fa9e4066f08beec538e775443c5be79dd423fcabahrens/* local functions */
fa9e4066f08beec538e775443c5be79dd423fcabahrensstatic gss_OID_set create_actual_mechs(const gss_OID, int);
fa9e4066f08beec538e775443c5be79dd423fcabahrens actual_mechs = (gss_OID_set) malloc(sizeof (gss_OID_set_desc));
fa9e4066f08beec538e775443c5be79dd423fcabahrens for (i = 0; i < count; i++) {
fa9e4066f08beec538e775443c5be79dd423fcabahrens g_OID_copy(&actual_mechs->elements[i], &mechs_array[i]);
65cd9f2809a015b46790a9c5c2ef992d56177624eschrock OM_uint32 initTimeOut, acceptTimeOut, outTime = GSS_C_INDEFINITE;
06eeb2ad640ce72d394ac521094bed7681044408ek /* start by checking parameters */
65cd9f2809a015b46790a9c5c2ef992d56177624eschrock return (GSS_S_CALL_INACCESSIBLE_WRITE | GSS_S_NO_CRED);
b1b8ab34de515a5e83206da22c3d7e563241b021lling /* Set output parameters to NULL for now */
fa9e4066f08beec538e775443c5be79dd423fcabahrens * if desired_mechs equals GSS_C_NULL_OID_SET, then pick an
65cd9f2809a015b46790a9c5c2ef992d56177624eschrock * appropriate default. We use the first mechanism in the
fa9e4066f08beec538e775443c5be79dd423fcabahrens * mechansim list as the default. This set is created with
fa9e4066f08beec538e775443c5be79dd423fcabahrens * statics thus needs not be freed
65cd9f2809a015b46790a9c5c2ef992d56177624eschrock /* allocate the output credential structure */
65cd9f2809a015b46790a9c5c2ef992d56177624eschrock creds = (gss_union_cred_t)malloc(sizeof (gss_union_cred_desc));
ea8dc4b6d2251b437950c0056bc626b311c73c27eschrock /* initialize to 0s */
fa9e4066f08beec538e775443c5be79dd423fcabahrens (void) memset(creds, 0, sizeof (gss_union_cred_desc));
65cd9f2809a015b46790a9c5c2ef992d56177624eschrock /* for each requested mech attempt to obtain a credential */
fa9e4066f08beec538e775443c5be79dd423fcabahrens major = gss_add_cred(minor_status, (gss_cred_id_t)creds,
06eeb2ad640ce72d394ac521094bed7681044408ek /* update the credential's time */
2a6b87f07ac0c0b819179c84afe5a60afa04cfa5ek * time_rec is the lesser of the
ea8dc4b6d2251b437950c0056bc626b311c73c27eschrock } /* for */
990b4856d0eaada6f8140335733a1b1771ed2746lling /* ensure that we have at least one credential element */
65cd9f2809a015b46790a9c5c2ef992d56177624eschrock * fill in output parameters
06eeb2ad640ce72d394ac521094bed7681044408ek * setup the actual mechs output parameter
4c58d71403cebfaa40a572ff12b17668ebd56987darrenm if ((*actual_mechs = create_actual_mechs(creds->mechs_array,
65cd9f2809a015b46790a9c5c2ef992d56177624eschrock/* V2 INTERFACE */
65cd9f2809a015b46790a9c5c2ef992d56177624eschrock OM_uint32 status, time_req, time_rec, temp_minor_status;
b1b8ab34de515a5e83206da22c3d7e563241b021lling /* check input parameters */
990b4856d0eaada6f8140335733a1b1771ed2746lling return (GSS_S_CALL_INACCESSIBLE_WRITE | GSS_S_NO_CRED);
fa9e4066f08beec538e775443c5be79dd423fcabahrens (void) memset(union_cred, 0, sizeof (gss_union_cred_desc));
fa9e4066f08beec538e775443c5be79dd423fcabahrens /* Input Cred is non-NULL */
fa9e4066f08beec538e775443c5be79dd423fcabahrens if (__gss_get_mechanism_cred(union_cred, desired_mech) !=
65cd9f2809a015b46790a9c5c2ef992d56177624eschrock * If no name was given, determine the name from the
fa9e4066f08beec538e775443c5be79dd423fcabahrens * existing credential.
b1b8ab34de515a5e83206da22c3d7e563241b021lling } /* else, get the name from the desired_name below */
b1b8ab34de515a5e83206da22c3d7e563241b021lling /* may need to create a mechanism specific name */
fa9e4066f08beec538e775443c5be79dd423fcabahrens time_req = (acceptor_time_req > initiator_time_req) ?
fa9e4066f08beec538e775443c5be79dd423fcabahrens status = mech->gss_acquire_cred(mech->context, minor_status,
8654d0253136055bd4cc2423d87378e8a37f2eb5perrin /* may need to set credential auxinfo structure */
fa9e4066f08beec538e775443c5be79dd423fcabahrens * If internal_name is GSS_C_NO_NAME a cred with no associated
fa9e4066f08beec538e775443c5be79dd423fcabahrens * name was requested: don't set auxinfo.name or auxinfo.name_type.
990b4856d0eaada6f8140335733a1b1771ed2746lling /* now add the new credential elements */
990b4856d0eaada6f8140335733a1b1771ed2746lling malloc(sizeof (gss_OID_desc) * (union_cred->count+1));
990b4856d0eaada6f8140335733a1b1771ed2746lling malloc(sizeof (gss_cred_id_t) * (union_cred->count+1));
990b4856d0eaada6f8140335733a1b1771ed2746lling if (cred_usage == GSS_C_ACCEPT || cred_usage == GSS_C_BOTH)
2f8aaab38e6371ad39ed90a1211ba8921acbb4d5eschrock if (cred_usage == GSS_C_INITIATE || cred_usage == GSS_C_BOTH)
990b4856d0eaada6f8140335733a1b1771ed2746lling * OK, expand the mechanism array and the credential array
990b4856d0eaada6f8140335733a1b1771ed2746lling (void) memcpy(new_mechs_array, union_cred->mechs_array,
fa9e4066f08beec538e775443c5be79dd423fcabahrens new_union_cred = malloc(sizeof (gss_union_cred_desc));
99653d4ee642c6528e88224f12409a5f23060994eschrock /* We're done with the internal name. Free it if we allocated it. */
fa9e4066f08beec538e775443c5be79dd423fcabahrens (void) __gss_release_internal_name(&temp_minor_status,
fa9e4066f08beec538e775443c5be79dd423fcabahrens (void) __gss_release_internal_name(&temp_minor_status,