/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
*/
/*
* glue routine for gss_acquire_cred
*/
#include <mglueP.h>
#include "gssapiP_generic.h"
#include <stdio.h>
#ifdef HAVE_STDLIB_H
#include <stdlib.h>
#endif
#include <string.h>
#include <errno.h>
#include <time.h>
/* local functions */
static gss_OID_set
const gss_OID mechs_array;
int count;
{
int i;
if (!actual_mechs)
return (NULL);
if (!actual_mechs->elements) {
return (NULL);
}
actual_mechs->count = 0;
for (i = 0; i < count; i++) {
return (NULL);
}
actual_mechs->count++;
}
return (actual_mechs);
}
static OM_uint32
/*LINTED*/
/*LINTED*/
/*LINTED*/
int cred_usage,
{
/* Initialize outputs. */
if (minor_status != NULL)
*minor_status = 0;
if (output_cred_handle != NULL)
if (actual_mechs != NULL)
*time_rec = 0;
/* Validate arguments. */
if (minor_status == NULL)
return (GSS_S_CALL_INACCESSIBLE_WRITE);
if (output_cred_handle == NULL)
return (GSS_S_CALL_INACCESSIBLE_WRITE);
if (cred_usage != GSS_C_ACCEPT &&
cred_usage != GSS_C_INITIATE &&
cred_usage != GSS_C_BOTH) {
if (minor_status) {
*minor_status = EINVAL;
}
return (GSS_S_FAILURE);
}
return (GSS_S_COMPLETE);
}
const gss_name_t desired_name;
const gss_OID_set desired_mechs;
int cred_usage;
{
unsigned int i;
time_rec);
if (major != GSS_S_COMPLETE)
return (major);
/* Initial value needed below. */
/*
* if desired_mechs equals GSS_C_NULL_OID_SET, then pick an
* appropriate default. We use the first mechanism in the
* mechansim list as the default. This set is created with
* statics thus needs not be freed
*/
if (desired_mechs == GSS_C_NULL_OID_SET) {
return (GSS_S_BAD_MECH);
mechs = &default_OID_set;
} else
return (GSS_S_BAD_MECH);
/* allocate the output credential structure */
return (GSS_S_FAILURE);
/* initialize to 0s */
/* for each requested mech attempt to obtain a credential */
if (major == GSS_S_COMPLETE) {
/* update the credential's time */
if (cred_usage == GSS_C_ACCEPT) {
if (outTime > acceptTimeOut)
} else if (cred_usage == GSS_C_INITIATE) {
if (outTime > initTimeOut)
} else {
/*
* time_rec is the lesser of the
*/
if (initTimeOut > acceptTimeOut)
else
}
}
} /* for */
/* ensure that we have at least one credential element */
return (major);
}
/*
* fill in output parameters
* setup the actual mechs output parameter
*/
if (actual_mechs != NULL) {
(void) gss_release_cred(minor_status,
(gss_cred_id_t *)&creds);
*minor_status = 0;
return (GSS_S_FAILURE);
}
}
if (time_rec)
return (GSS_S_COMPLETE);
}
static OM_uint32
/*LINTED*/
/*LINTED*/
/*LINTED*/
/*LINTED*/
{
/* Initialize outputs. */
if (minor_status != NULL)
*minor_status = 0;
if (output_cred_handle != NULL)
if (actual_mechs != NULL)
if (acceptor_time_rec != NULL)
*acceptor_time_rec = 0;
if (initiator_time_rec != NULL)
*initiator_time_rec = 0;
/* Validate arguments. */
if (minor_status == NULL)
return (GSS_S_CALL_INACCESSIBLE_WRITE);
if (input_cred_handle == GSS_C_NO_CREDENTIAL &&
return (GSS_S_CALL_INACCESSIBLE_WRITE | GSS_S_NO_CRED);
if (cred_usage != GSS_C_ACCEPT &&
cred_usage != GSS_C_INITIATE &&
cred_usage != GSS_C_BOTH) {
if (minor_status) {
*minor_status = EINVAL;
}
return (GSS_S_FAILURE);
}
return (GSS_S_COMPLETE);
}
/* V2 INTERFACE */
const gss_cred_id_t input_cred_handle;
const gss_name_t desired_name;
const gss_OID desired_mech;
{
if (status != GSS_S_COMPLETE)
return (status);
if (!mech)
return (GSS_S_BAD_MECH);
else if (!mech->gss_acquire_cred)
return (GSS_S_UNAVAILABLE);
if (input_cred_handle == GSS_C_NO_CREDENTIAL) {
if (union_cred == NULL)
return (GSS_S_FAILURE);
} else {
/* Input Cred is non-NULL */
goto errout;
}
/*
* If no name was given, determine the name from the
* existing credential.
*/
if (desired_name == GSS_C_NO_NAME) {
&allocated_name) == GSS_S_COMPLETE &&
NULL) == GSS_S_COMPLETE)) {
}
} /* else, get the name from the desired_name below */
}
if (desired_name != GSS_C_NO_NAME) {
/* may need to create a mechanism specific name */
if (union_name->mech_type &&
else {
&allocated_name) != GSS_S_COMPLETE) {
goto errout;
}
}
}
if (cred_usage == GSS_C_ACCEPT)
else if (cred_usage == GSS_C_INITIATE)
else if (cred_usage == GSS_C_BOTH)
else
time_req = 0;
if (status != GSS_S_COMPLETE) {
goto errout;
}
/* may need to set credential auxinfo structure */
/*
* If internal_name is GSS_C_NO_NAME a cred with no associated
* name was requested: don't set auxinfo.name or auxinfo.name_type.
*/
if (internal_name != GSS_C_NO_NAME) {
goto errout;
}
}
/* now add the new credential elements */
new_cred_array = (gss_cred_id_t *)
if (!new_mechs_array || !new_cred_array) {
goto errout;
}
if (acceptor_time_rec)
if (initiator_time_rec)
/*
* OK, expand the mechanism array and the credential array
*/
goto errout;
if (actual_mechs) {
if (*actual_mechs == NULL) {
goto errout;
}
}
if (output_cred_handle == NULL) {
} else {
if (new_union_cred == NULL) {
goto errout;
}
*new_union_cred = *union_cred;
}
new_union_cred->count++;
/* We're done with the internal name. Free it if we allocated it. */
if (allocated_name)
return (GSS_S_COMPLETE);
if (new_mechs_array)
if (new_cred_array)
if (allocated_name)
}
return (status);
}