search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
tests: Use here-doc kadmin in Java test
[heimdal.git] / lib / gssapi / krb5 / export_sec_context.c
blobc29841537526364caeeaf703a78e1917ea33286f
1 /*
2 * Copyright (c) 1999 - 2003 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #include "gsskrb5_locl.h"
35
36 OM_uint32 GSSAPI_CALLCONV
37 _gsskrb5_export_sec_context(
38 OM_uint32 *minor_status,
39 gss_ctx_id_t *context_handle,
40 gss_buffer_t interprocess_token
41 )
42 {
43 krb5_context context;
44 const gsskrb5_ctx ctx = (const gsskrb5_ctx) *context_handle;
45 krb5_storage *sp;
46 krb5_auth_context ac;
47 OM_uint32 ret = GSS_S_COMPLETE;
48 krb5_data data;
49 int flags;
50 OM_uint32 minor;
51 krb5_error_code kret;
52
53 GSSAPI_KRB5_INIT (&context);
54
55 HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex);
56
57 if (!(ctx->flags & GSS_C_TRANS_FLAG)) {
58 HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
59 *minor_status = 0;
60 return GSS_S_UNAVAILABLE;
61 }
62
63 sp = krb5_storage_emem ();
64 if (sp == NULL) {
65 HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
66 *minor_status = ENOMEM;
67 return GSS_S_FAILURE;
68 }
69 ac = ctx->auth_context;
70
71 krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_PACKED);
72 krb5_storage_set_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE);
73
74 /* flagging included fields */
75
76 flags = 0;
77 if (ac->local_address)
78 flags |= SC_LOCAL_ADDRESS;
79 if (ac->remote_address)
80 flags |= SC_REMOTE_ADDRESS;
81 if (ac->keyblock)
82 flags |= SC_KEYBLOCK;
83 if (ac->local_subkey)
84 flags |= SC_LOCAL_SUBKEY;
85 if (ac->remote_subkey)
86 flags |= SC_REMOTE_SUBKEY;
87 if (ac->authenticator)
88 flags |= SC_AUTHENTICATOR;
89 if (ctx->source)
90 flags |= SC_SOURCE_NAME;
91 if (ctx->target)
92 flags |= SC_TARGET_NAME;
93 if (ctx->order)
94 flags |= SC_ORDER;
95
96 kret = krb5_store_int32 (sp, flags);
97 if (kret) {
98 *minor_status = kret;
99 goto failure;
100 }
101
102 /* marshall auth context */
103
104 kret = krb5_store_int32 (sp, ac->flags);
105 if (kret) {
106 *minor_status = kret;
107 goto failure;
108 }
109 if (ac->local_address) {
110 kret = krb5_store_address (sp, *ac->local_address);
111 if (kret) {
112 *minor_status = kret;
113 goto failure;
114 }
115 }
116 if (ac->remote_address) {
117 kret = krb5_store_address (sp, *ac->remote_address);
118 if (kret) {
119 *minor_status = kret;
120 goto failure;
121 }
122 }
123 kret = krb5_store_int16 (sp, ac->local_port);
124 if (kret) {
125 *minor_status = kret;
126 goto failure;
127 }
128 kret = krb5_store_int16 (sp, ac->remote_port);
129 if (kret) {
130 *minor_status = kret;
131 goto failure;
132 }
133 if (ac->keyblock) {
134 kret = krb5_store_keyblock (sp, *ac->keyblock);
135 if (kret) {
136 *minor_status = kret;
137 goto failure;
138 }
139 }
140 if (ac->local_subkey) {
141 kret = krb5_store_keyblock (sp, *ac->local_subkey);
142 if (kret) {
143 *minor_status = kret;
144 goto failure;
145 }
146 }
147 if (ac->remote_subkey) {
148 kret = krb5_store_keyblock (sp, *ac->remote_subkey);
149 if (kret) {
150 *minor_status = kret;
151 goto failure;
152 }
153 }
154 kret = krb5_store_int32 (sp, ac->local_seqnumber);
155 if (kret) {
156 *minor_status = kret;
157 goto failure;
158 }
159 kret = krb5_store_int32 (sp, ac->remote_seqnumber);
160 if (kret) {
161 *minor_status = kret;
162 goto failure;
163 }
164 if (ac->authenticator) {
165 kret = krb5_store_int64(sp, ac->authenticator->ctime);
166 if (kret) {
167 *minor_status = kret;
168 goto failure;
169 }
170 kret = krb5_store_int32(sp, ac->authenticator->cusec);
171 if (kret) {
172 *minor_status = kret;
173 goto failure;
174 }
175 }
176
177 kret = krb5_store_int32 (sp, ac->keytype);
178 if (kret) {
179 *minor_status = kret;
180 goto failure;
181 }
182 kret = krb5_store_int32 (sp, ac->cksumtype);
183 if (kret) {
184 *minor_status = kret;
185 goto failure;
186 }
187
188 /* names */
189 if (ctx->source) {
190 kret = krb5_store_principal(sp, ctx->source);
191 if (kret) {
192 *minor_status = kret;
193 goto failure;
194 }
195 }
196
197 if (ctx->target) {
198 kret = krb5_store_principal(sp, ctx->target);
199 if (kret) {
200 *minor_status = kret;
201 goto failure;
202 }
203 }
204
205 kret = krb5_store_int32 (sp, ctx->flags);
206 if (kret) {
207 *minor_status = kret;
208 goto failure;
209 }
210 kret = krb5_store_int32 (sp, ctx->more_flags);
211 if (kret) {
212 *minor_status = kret;
213 goto failure;
214 }
215 kret = krb5_store_int32 (sp, ctx->state);
216 if (kret) {
217 *minor_status = kret;
218 goto failure;
219 }
220 /*
221 * XXX We should put a 64-bit int here, but we don't have a
222 * krb5_store_int64() yet.
223 */
224 kret = krb5_store_int32 (sp, ctx->endtime);
225 if (kret) {
226 *minor_status = kret;
227 goto failure;
228 }
229 if (ctx->order) {
230 kret = _gssapi_msg_order_export(sp, ctx->order);
231 if (kret) {
232 *minor_status = kret;
233 goto failure;
234 }
235 }
236
237 kret = krb5_storage_to_data (sp, &data);
238 krb5_storage_free (sp);
239 if (kret) {
240 HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
241 *minor_status = kret;
242 return GSS_S_FAILURE;
243 }
244 interprocess_token->length = data.length;
245 interprocess_token->value = data.data;
246 HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
247 ret = _gsskrb5_delete_sec_context (minor_status, context_handle,
248 GSS_C_NO_BUFFER);
249 if (ret != GSS_S_COMPLETE)
250 _gss_secure_release_buffer (&minor, interprocess_token);
251 *minor_status = 0;
252 return ret;
253 failure:
254 HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
255 krb5_storage_free (sp);
256 return ret;
257 }
Heimdal