2N/A * The contents of this file are subject to the terms of the 2N/A * Common Development and Distribution License (the "License"). 2N/A * You may not use this file except in compliance with the License. 2N/A * See the License for the specific language governing permissions 2N/A * and limitations under the License. 2N/A * When distributing Covered Code, include this CDDL HEADER in each 2N/A * If applicable, add the following below this CDDL HEADER, with the 2N/A * fields enclosed by brackets "[]" replaced with your own identifying 2N/A * information: Portions Copyright [yyyy] [name of copyright owner] 2N/A * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. 2N/A * This module supports the GSS credential family of routines for 2N/A * Diffie-Hellman mechanism. 2N/A * __dh_gss_acquire_cred: Get the credential associated with principal 2N/A * with the requested expire time and usage. Return the credential with 2N/A * the optional set of supported mechs and actual time left on the credential. 2N/A * Note in Diffie-Hellman the supplied principal name must be that of 2N/A * the caller. There is no way to delegate credentials. 2N/A * Libgss alwas sets desired_mechs to GSS_C_NO_OID_SET and set the return 2N/A * set of mechs to NULL. 2N/A /* Need to write to these */ 2N/A /* Set sane outputs */ 2N/A * If not GSS_C_NO_OID_SET then the set must contain the 2N/A * Diffie-Hellman mechanism 2N/A /* See if the callers secretkey is available */ 2N/A /* Get the principal name of the caller */ 2N/A * Diffie-Hellman requires the principal to be the principal 2N/A /* Allocate the credential */ 2N/A /* Set credential state */ 2N/A * If mechs set it to the set that contains the appropriate 2N/A * Diffie-Hellman mechanism 2N/A /* Register the credential */ 2N/A /* Return the Diffie-Hellman credential through cred */ 2N/A * __dh_gss_add_cred is currently a no-op. All the work is done at the 2N/A * libgss layer. That layer will invoke the mechanism specific gss_acquire_cred 2N/A * routine. This entry point should never be called. The entry point for 2N/A * __dh_gss_add_cred(void * ctx, OM_uint32 *minor, gss_cred_id_t cred_in, 2N/A * gss_name_t name, gss_OID mech, gss_cred_usage_t usage, 2N/A * OM_uint32 init_time_req, OM_uint32 accep_time_req, 2N/A * gss_cred_id_t *cred_out, gss_OID_set *mechs, 2N/A * OM_uint32 *init_time_rec, OM_uint32 *accep_time_rec) 2N/A * return (GSS_S_UNAVAILABLE); 2N/A * __dh_gss_inquire_cred: Return tracked state of the supplied credential. 2N/A /* cred is a Diffie-Hellman credential */ 2N/A /* Validate creditial */ 2N/A /* Check if the credential is still valid */ 2N/A * __dh_gss_inquire_cred_by_mech: Return the information associated with 2N/A * cred and mech. Since we're a backend, mech must be our mech. 2N/A * We verify that passed in mech is correct and use the above routine 2N/A /* This should never happen. It would indicate a libgss failure */ 2N/A /* Fetch cred info */ 2N/A /* Return option values */ 2N/A /* set init_time if we can */ 2N/A /* Ditto for accept time */ 2N/A * __dh_gss_release_cred: Release the resources associated with cred. 2N/A /* Check that we can read and write required parameters */ 2N/A /* Check if the credential is valid */ 2N/A /* Unregister the credential */ 2N/A /* Free the principal and the cred itself */ 2N/A /* Set cred to no credential */