PageRenderTime 17ms CodeModel.GetById 4ms app.highlight 6ms RepoModel.GetById 5ms app.codeStats 0ms

/crypto/heimdal/lib/gssapi/krb5/copy_ccache.c

https://bitbucket.org/freebsd/freebsd-head/
C | 193 lines | 131 code | 30 blank | 32 comment | 30 complexity | 0c9460640724cae1119c78e79b3b8131 MD5 | raw file
  1/*
  2 * Copyright (c) 2000 - 2001, 2003 Kungliga Tekniska Hรถgskolan
  3 * (Royal Institute of Technology, Stockholm, Sweden).
  4 * All rights reserved.
  5 *
  6 * Redistribution and use in source and binary forms, with or without
  7 * modification, are permitted provided that the following conditions
  8 * are met:
  9 *
 10 * 1. Redistributions of source code must retain the above copyright
 11 *    notice, this list of conditions and the following disclaimer.
 12 *
 13 * 2. Redistributions in binary form must reproduce the above copyright
 14 *    notice, this list of conditions and the following disclaimer in the
 15 *    documentation and/or other materials provided with the distribution.
 16 *
 17 * 3. Neither the name of the Institute nor the names of its contributors
 18 *    may be used to endorse or promote products derived from this software
 19 *    without specific prior written permission.
 20 *
 21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 24 * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 31 * SUCH DAMAGE.
 32 */
 33
 34#include "gsskrb5_locl.h"
 35
 36#if 0
 37OM_uint32
 38gss_krb5_copy_ccache(OM_uint32 *minor_status,
 39		     krb5_context context,
 40		     gss_cred_id_t cred,
 41		     krb5_ccache out)
 42{
 43    krb5_error_code kret;
 44
 45    HEIMDAL_MUTEX_lock(&cred->cred_id_mutex);
 46
 47    if (cred->ccache == NULL) {
 48	HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex);
 49	*minor_status = EINVAL;
 50	return GSS_S_FAILURE;
 51    }
 52
 53    kret = krb5_cc_copy_cache(context, cred->ccache, out);
 54    HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex);
 55    if (kret) {
 56	*minor_status = kret;
 57	return GSS_S_FAILURE;
 58    }
 59    *minor_status = 0;
 60    return GSS_S_COMPLETE;
 61}
 62#endif
 63
 64
 65OM_uint32
 66_gsskrb5_krb5_import_cred(OM_uint32 *minor_status,
 67			  krb5_ccache id,
 68			  krb5_principal keytab_principal,
 69			  krb5_keytab keytab,
 70			  gss_cred_id_t *cred)
 71{
 72    krb5_context context;
 73    krb5_error_code kret;
 74    gsskrb5_cred handle;
 75    OM_uint32 ret;
 76
 77    *cred = NULL;
 78
 79    GSSAPI_KRB5_INIT (&context);
 80
 81    handle = calloc(1, sizeof(*handle));
 82    if (handle == NULL) {
 83	_gsskrb5_clear_status ();
 84	*minor_status = ENOMEM;
 85        return (GSS_S_FAILURE);
 86    }
 87    HEIMDAL_MUTEX_init(&handle->cred_id_mutex);
 88
 89    handle->usage = 0;
 90
 91    if (id) {
 92	char *str;
 93
 94	handle->usage |= GSS_C_INITIATE;
 95
 96	kret = krb5_cc_get_principal(context, id,
 97				     &handle->principal);
 98	if (kret) {
 99	    free(handle);
100	    *minor_status = kret;
101	    return GSS_S_FAILURE;
102	}
103
104	if (keytab_principal) {
105	    krb5_boolean match;
106
107	    match = krb5_principal_compare(context,
108					   handle->principal,
109					   keytab_principal);
110	    if (match == FALSE) {
111		krb5_free_principal(context, handle->principal);
112		free(handle);
113		_gsskrb5_clear_status ();
114		*minor_status = EINVAL;
115		return GSS_S_FAILURE;
116	    }
117	}
118
119	ret = __gsskrb5_ccache_lifetime(minor_status,
120					context,
121					id,
122					handle->principal,
123					&handle->lifetime);
124	if (ret != GSS_S_COMPLETE) {
125	    krb5_free_principal(context, handle->principal);
126	    free(handle);
127	    return ret;
128	}
129
130
131	kret = krb5_cc_get_full_name(context, id, &str);
132	if (kret)
133	    goto out;
134
135	kret = krb5_cc_resolve(context, str, &handle->ccache);
136	free(str);
137	if (kret)
138	    goto out;
139    }
140
141
142    if (keytab) {
143	char *str;
144
145	handle->usage |= GSS_C_ACCEPT;
146
147	if (keytab_principal && handle->principal == NULL) {
148	    kret = krb5_copy_principal(context,
149				       keytab_principal,
150				       &handle->principal);
151	    if (kret)
152		goto out;
153	}
154
155	kret = krb5_kt_get_full_name(context, keytab, &str);
156	if (kret)
157	    goto out;
158
159	kret = krb5_kt_resolve(context, str, &handle->keytab);
160	free(str);
161	if (kret)
162	    goto out;
163    }
164
165
166    if (id || keytab) {
167	ret = gss_create_empty_oid_set(minor_status, &handle->mechanisms);
168	if (ret == GSS_S_COMPLETE)
169	    ret = gss_add_oid_set_member(minor_status, GSS_KRB5_MECHANISM,
170					 &handle->mechanisms);
171	if (ret != GSS_S_COMPLETE) {
172	    kret = *minor_status;
173	    goto out;
174	}
175    }
176
177    *minor_status = 0;
178    *cred = (gss_cred_id_t)handle;
179    return GSS_S_COMPLETE;
180
181out:
182    gss_release_oid_set(minor_status, &handle->mechanisms);
183    if (handle->ccache)
184	krb5_cc_close(context, handle->ccache);
185    if (handle->keytab)
186	krb5_kt_close(context, handle->keytab);
187    if (handle->principal)
188	krb5_free_principal(context, handle->principal);
189    HEIMDAL_MUTEX_destroy(&handle->cred_id_mutex);
190    free(handle);
191    *minor_status = kret;
192    return GSS_S_FAILURE;
193}