2
* Copyright (c) 2005 Doug Rabson
5
* Redistribution and use in source and binary forms, with or without
6
* modification, are permitted provided that the following conditions
8
* 1. Redistributions of source code must retain the above copyright
9
* notice, this list of conditions and the following disclaimer.
10
* 2. Redistributions in binary form must reproduce the above copyright
11
* notice, this list of conditions and the following disclaimer in the
12
* documentation and/or other materials provided with the distribution.
14
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26
* $FreeBSD: src/lib/libgssapi/gss_add_cred.c,v 1.1 2005/12/29 14:40:20 dfr Exp $
29
#include "mech_locl.h"
32
static struct _gss_mechanism_cred *
33
_gss_copy_cred(struct _gss_mechanism_cred *mc)
35
struct _gss_mechanism_cred *new_mc;
36
gssapi_mech_interface m = mc->gmc_mech;
37
OM_uint32 major_status, minor_status;
40
OM_uint32 initiator_lifetime, acceptor_lifetime;
41
gss_cred_usage_t cred_usage;
43
major_status = m->gm_inquire_cred_by_mech(&minor_status,
44
mc->gmc_cred, mc->gmc_mech_oid,
45
&name, &initiator_lifetime, &acceptor_lifetime, &cred_usage);
47
_gss_mg_error(m, major_status, minor_status);
51
major_status = m->gm_add_cred(&minor_status,
52
GSS_C_NO_CREDENTIAL, name, mc->gmc_mech_oid,
53
cred_usage, initiator_lifetime, acceptor_lifetime,
55
m->gm_release_name(&minor_status, &name);
58
_gss_mg_error(m, major_status, minor_status);
62
new_mc = malloc(sizeof(struct _gss_mechanism_cred));
64
m->gm_release_cred(&minor_status, &cred);
68
new_mc->gmc_mech_oid = &m->gm_mech_oid;
69
new_mc->gmc_cred = cred;
74
OM_uint32 GSSAPI_LIB_FUNCTION
75
gss_add_cred(OM_uint32 *minor_status,
76
const gss_cred_id_t input_cred_handle,
77
const gss_name_t desired_name,
78
const gss_OID desired_mech,
79
gss_cred_usage_t cred_usage,
80
OM_uint32 initiator_time_req,
81
OM_uint32 acceptor_time_req,
82
gss_cred_id_t *output_cred_handle,
83
gss_OID_set *actual_mechs,
84
OM_uint32 *initiator_time_rec,
85
OM_uint32 *acceptor_time_rec)
87
OM_uint32 major_status;
88
gssapi_mech_interface m;
89
struct _gss_cred *cred = (struct _gss_cred *) input_cred_handle;
90
struct _gss_cred *new_cred;
91
gss_cred_id_t release_cred;
92
struct _gss_mechanism_cred *mc, *target_mc, *copy_mc;
93
struct _gss_mechanism_name *mn;
97
*output_cred_handle = GSS_C_NO_CREDENTIAL;
98
if (initiator_time_rec)
99
*initiator_time_rec = 0;
100
if (acceptor_time_rec)
101
*acceptor_time_rec = 0;
103
*actual_mechs = GSS_C_NO_OID_SET;
105
new_cred = malloc(sizeof(struct _gss_cred));
107
*minor_status = ENOMEM;
108
return (GSS_S_FAILURE);
110
SLIST_INIT(&new_cred->gc_mc);
113
* We go through all the mc attached to the input_cred_handle
114
* and check the mechanism. If it matches, we call
115
* gss_add_cred for that mechanism, otherwise we copy the mc
120
SLIST_FOREACH(mc, &cred->gc_mc, gmc_link) {
121
if (gss_oid_equal(mc->gmc_mech_oid, desired_mech)) {
124
copy_mc = _gss_copy_cred(mc);
126
release_cred = (gss_cred_id_t)new_cred;
127
gss_release_cred(&junk, &release_cred);
128
*minor_status = ENOMEM;
129
return (GSS_S_FAILURE);
131
SLIST_INSERT_HEAD(&new_cred->gc_mc, copy_mc, gmc_link);
136
* Figure out a suitable mn, if any.
139
major_status = _gss_find_mn(minor_status,
140
(struct _gss_name *) desired_name,
143
if (major_status != GSS_S_COMPLETE) {
151
m = __gss_get_mechanism(desired_mech);
153
mc = malloc(sizeof(struct _gss_mechanism_cred));
155
release_cred = (gss_cred_id_t)new_cred;
156
gss_release_cred(&junk, &release_cred);
157
*minor_status = ENOMEM;
158
return (GSS_S_FAILURE);
161
mc->gmc_mech_oid = &m->gm_mech_oid;
163
major_status = m->gm_add_cred(minor_status,
164
target_mc ? target_mc->gmc_cred : GSS_C_NO_CREDENTIAL,
165
desired_name ? mn->gmn_name : GSS_C_NO_NAME,
176
_gss_mg_error(m, major_status, *minor_status);
177
release_cred = (gss_cred_id_t)new_cred;
178
gss_release_cred(&junk, &release_cred);
180
return (major_status);
182
SLIST_INSERT_HEAD(&new_cred->gc_mc, mc, gmc_link);
183
*output_cred_handle = (gss_cred_id_t) new_cred;
185
return (GSS_S_COMPLETE);