search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge new lorikeet heimdal, revision 85ed7247f515770c73b1f1ced1739f6ce19d75d2
[Samba.git] / source4 / heimdal / lib / gssapi / mech / gss_mo.c
blobcb24b764a52937920cc8986926f01ac3fbcfb6fd
1 /*
2 * Copyright (c) 2010 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Portions Copyright (c) 2010 Apple Inc. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 *
19 * 3. Neither the name of the Institute nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 */
35
36 #include "mech_locl.h"
37
38 static int
39 get_option_def(int def, gss_const_OID mech, gss_mo_desc *mo, gss_buffer_t value)
40 {
41 return def;
42 }
43
44
45 int
46 _gss_mo_get_option_1(gss_const_OID mech, gss_mo_desc *mo, gss_buffer_t value)
47 {
48 return get_option_def(1, mech, mo, value);
49 }
50
51 int
52 _gss_mo_get_option_0(gss_const_OID mech, gss_mo_desc *mo, gss_buffer_t value)
53 {
54 return get_option_def(0, mech, mo, value);
55 }
56
57 int
58 _gss_mo_get_ctx_as_string(gss_const_OID mech, gss_mo_desc *mo, gss_buffer_t value)
59 {
60 if (value) {
61 value->value = strdup((char *)mo->ctx);
62 if (value->value == NULL)
63 return 1;
64 value->length = strlen((char *)mo->ctx);
65 }
66 return 0;
67 }
68
69 GSSAPI_LIB_FUNCTION int GSSAPI_LIB_CALL
70 gss_mo_set(gss_const_OID mech, gss_const_OID option,
71 int enable, gss_buffer_t value)
72 {
73 gssapi_mech_interface m;
74 size_t n;
75
76 if ((m = __gss_get_mechanism(mech)) == NULL)
77 return GSS_S_BAD_MECH;
78
79 for (n = 0; n < m->gm_mo_num; n++)
80 if (gss_oid_equal(option, m->gm_mo[n].option) && m->gm_mo[n].set)
81 return m->gm_mo[n].set(mech, &m->gm_mo[n], enable, value);
82 return 0;
83 }
84
85 GSSAPI_LIB_FUNCTION int GSSAPI_LIB_CALL
86 gss_mo_get(gss_const_OID mech, gss_const_OID option, gss_buffer_t value)
87 {
88 gssapi_mech_interface m;
89 size_t n;
90
91 _mg_buffer_zero(value);
92
93 if ((m = __gss_get_mechanism(mech)) == NULL)
94 return 0;
95
96 for (n = 0; n < m->gm_mo_num; n++)
97 if (gss_oid_equal(option, m->gm_mo[n].option) && m->gm_mo[n].get)
98 return m->gm_mo[n].get(mech, &m->gm_mo[n], value);
99
100 return 0;
101 }
102
103 static void
104 add_all_mo(gssapi_mech_interface m, gss_OID_set *options, OM_uint32 mask)
105 {
106 OM_uint32 minor;
107 size_t n;
108
109 for (n = 0; n < m->gm_mo_num; n++)
110 if ((m->gm_mo[n].flags & mask) == mask)
111 gss_add_oid_set_member(&minor, m->gm_mo[n].option, options);
112 }
113
114 GSSAPI_LIB_FUNCTION void GSSAPI_LIB_CALL
115 gss_mo_list(gss_const_OID mech, gss_OID_set *options)
116 {
117 gssapi_mech_interface m;
118 OM_uint32 major, minor;
119
120 if (options == NULL)
121 return;
122
123 *options = GSS_C_NO_OID_SET;
124
125 if ((m = __gss_get_mechanism(mech)) == NULL)
126 return;
127
128 major = gss_create_empty_oid_set(&minor, options);
129 if (major != GSS_S_COMPLETE)
130 return;
131
132 add_all_mo(m, options, 0);
133 }
134
135 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
136 gss_mo_name(gss_const_OID mech, gss_const_OID option, gss_buffer_t name)
137 {
138 gssapi_mech_interface m;
139 size_t n;
140
141 if (name == NULL)
142 return GSS_S_BAD_NAME;
143
144 if ((m = __gss_get_mechanism(mech)) == NULL)
145 return GSS_S_BAD_MECH;
146
147 for (n = 0; n < m->gm_mo_num; n++) {
148 if (gss_oid_equal(option, m->gm_mo[n].option)) {
149 /*
150 * If ther is no name, its because its a GSS_C_MA and there is already a table for that.
151 */
152 if (m->gm_mo[n].name) {
153 name->value = strdup(m->gm_mo[n].name);
154 if (name->value == NULL)
155 return GSS_S_BAD_NAME;
156 name->length = strlen(m->gm_mo[n].name);
157 return GSS_S_COMPLETE;
158 } else {
159 OM_uint32 junk;
160 return gss_display_mech_attr(&junk, option,
161 NULL, name, NULL);
162 }
163 }
164 }
165 return GSS_S_BAD_NAME;
166 }
167
168 /*
169 * Helper function to allow NULL name
170 */
171
172 static OM_uint32
173 mo_value(const gss_const_OID mech, gss_const_OID option, gss_buffer_t name)
174 {
175 if (name == NULL)
176 return GSS_S_COMPLETE;
177
178 if (gss_mo_get(mech, option, name) != 0 && name->length == 0)
179 return GSS_S_FAILURE;
180
181 return GSS_S_COMPLETE;
182 }
183
184 /**
185 * Returns differnt protocol names and description of the mechanism.
186 *
187 * @param minor_status minor status code
188 * @param desired_mech mech list query
189 * @param sasl_mech_name SASL GS2 protocol name
190 * @param mech_name gssapi protocol name
191 * @param mech_description description of gssapi mech
192 *
193 * @return returns GSS_S_COMPLETE or a error code.
194 *
195 * @ingroup gssapi
196 */
197
198 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
199 gss_inquire_saslname_for_mech(OM_uint32 *minor_status,
200 const gss_OID desired_mech,
201 gss_buffer_t sasl_mech_name,
202 gss_buffer_t mech_name,
203 gss_buffer_t mech_description)
204 {
205 OM_uint32 major;
206
207 _mg_buffer_zero(sasl_mech_name);
208 _mg_buffer_zero(mech_name);
209 _mg_buffer_zero(mech_description);
210
211 if (minor_status)
212 *minor_status = 0;
213
214 if (desired_mech == NULL)
215 return GSS_S_BAD_MECH;
216
217 major = mo_value(desired_mech, GSS_C_MA_SASL_MECH_NAME, sasl_mech_name);
218 if (major) return major;
219
220 major = mo_value(desired_mech, GSS_C_MA_MECH_NAME, mech_name);
221 if (major) return major;
222
223 major = mo_value(desired_mech, GSS_C_MA_MECH_DESCRIPTION, mech_description);
224 if (major) return major;
225
226 return GSS_S_COMPLETE;
227 }
228
229 /**
230 * Find a mech for a sasl name
231 *
232 * @param minor_status minor status code
233 * @param sasl_mech_name
234 * @param mech_type
235 *
236 * @return returns GSS_S_COMPLETE or an error code.
237 */
238
239 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
240 gss_inquire_mech_for_saslname(OM_uint32 *minor_status,
241 const gss_buffer_t sasl_mech_name,
242 gss_OID *mech_type)
243 {
244 struct _gss_mech_switch *m;
245 gss_buffer_desc name;
246 OM_uint32 major;
247
248 _gss_load_mech();
249
250 *mech_type = NULL;
251
252 HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link) {
253
254 major = mo_value(&m->gm_mech_oid, GSS_C_MA_SASL_MECH_NAME, &name);
255 if (major)
256 continue;
257 if (name.length == sasl_mech_name->length &&
258 memcmp(name.value, sasl_mech_name->value, name.length) == 0) {
259 gss_release_buffer(&major, &name);
260 *mech_type = &m->gm_mech_oid;
261 return 0;
262 }
263 gss_release_buffer(&major, &name);
264 }
265
266 return GSS_S_BAD_MECH;
267 }
268
269 /**
270 * Return set of mechanism that fullfill the criteria
271 *
272 * @param minor_status minor status code
273 * @param desired_mech_attrs
274 * @param except_mech_attrs
275 * @param critical_mech_attrs
276 * @param mechs returned mechs, free with gss_release_oid_set().
277 *
278 * @return returns GSS_S_COMPLETE or an error code.
279 */
280
281 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
282 gss_indicate_mechs_by_attrs(OM_uint32 * minor_status,
283 gss_const_OID_set desired_mech_attrs,
284 gss_const_OID_set except_mech_attrs,
285 gss_const_OID_set critical_mech_attrs,
286 gss_OID_set *mechs)
287 {
288 struct _gss_mech_switch *ms;
289 OM_uint32 major;
290 size_t n, m;
291
292 major = gss_create_empty_oid_set(minor_status, mechs);
293 if (major)
294 return major;
295
296 _gss_load_mech();
297
298 HEIM_SLIST_FOREACH(ms, &_gss_mechs, gm_link) {
299 gssapi_mech_interface mi = &ms->gm_mech;
300
301 if (desired_mech_attrs) {
302 for (n = 0; n < desired_mech_attrs->count; n++) {
303 for (m = 0; m < mi->gm_mo_num; m++)
304 if (gss_oid_equal(mi->gm_mo[m].option, &desired_mech_attrs->elements[n]))
305 break;
306 if (m == mi->gm_mo_num)
307 goto next;
308 }
309 }
310
311 if (except_mech_attrs) {
312 for (n = 0; n < desired_mech_attrs->count; n++) {
313 for (m = 0; m < mi->gm_mo_num; m++) {
314 if (gss_oid_equal(mi->gm_mo[m].option, &desired_mech_attrs->elements[n]))
315 goto next;
316 }
317 }
318 }
319
320 if (critical_mech_attrs) {
321 for (n = 0; n < desired_mech_attrs->count; n++) {
322 for (m = 0; m < mi->gm_mo_num; m++) {
323 if (mi->gm_mo[m].flags & GSS_MO_MA_CRITICAL)
324 continue;
325 if (gss_oid_equal(mi->gm_mo[m].option, &desired_mech_attrs->elements[n]))
326 break;
327 }
328 if (m == mi->gm_mo_num)
329 goto next;
330 }
331 }
332
333
334 next:
335 do { } while(0);
336 }
337
338
339 return GSS_S_FAILURE;
340 }
341
342 /**
343 * List support attributes for a mech and/or all mechanisms.
344 *
345 * @param minor_status minor status code
346 * @param mech given together with mech_attr will return the list of
347 * attributes for mechanism, can optionally be GSS_C_NO_OID.
348 * @param mech_attr see mech parameter, can optionally be NULL,
349 * release with gss_release_oid_set().
350 * @param known_mech_attrs all attributes for mechanisms supported,
351 * release with gss_release_oid_set().
352 *
353 * @ingroup gssapi
354 */
355
356 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
357 gss_inquire_attrs_for_mech(OM_uint32 * minor_status,
358 gss_const_OID mech,
359 gss_OID_set *mech_attr,
360 gss_OID_set *known_mech_attrs)
361 {
362 OM_uint32 major, junk;
363
364 if (mech_attr && mech) {
365 gssapi_mech_interface m;
366
367 if ((m = __gss_get_mechanism(mech)) == NULL) {
368 *minor_status = 0;
369 return GSS_S_BAD_MECH;
370 }
371
372 major = gss_create_empty_oid_set(minor_status, mech_attr);
373 if (major != GSS_S_COMPLETE)
374 return major;
375
376 add_all_mo(m, mech_attr, GSS_MO_MA);
377 }
378
379 if (known_mech_attrs) {
380 struct _gss_mech_switch *m;
381
382 major = gss_create_empty_oid_set(minor_status, known_mech_attrs);
383 if (major) {
384 if (mech_attr)
385 gss_release_oid_set(&junk, mech_attr);
386 return major;
387 }
388
389 _gss_load_mech();
390
391 HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link)
392 add_all_mo(&m->gm_mech, known_mech_attrs, GSS_MO_MA);
393 }
394
395
396 return GSS_S_COMPLETE;
397 }
398
399 /**
400 * Return names and descriptions of mech attributes
401 *
402 * @param minor_status minor status code
403 * @param mech_attr
404 * @param name
405 * @param short_desc
406 * @param long_desc
407 *
408 * @return returns GSS_S_COMPLETE or an error code.
409 */
410
411 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
412 gss_display_mech_attr(OM_uint32 * minor_status,
413 gss_const_OID mech_attr,
414 gss_buffer_t name,
415 gss_buffer_t short_desc,
416 gss_buffer_t long_desc)
417 {
418 struct _gss_oid_name_table *ma = NULL;
419 OM_uint32 major;
420 size_t n;
421
422 _mg_buffer_zero(name);
423 _mg_buffer_zero(short_desc);
424 _mg_buffer_zero(long_desc);
425
426 if (minor_status)
427 *minor_status = 0;
428
429 for (n = 0; ma == NULL && _gss_ont_ma[n].oid; n++)
430 if (gss_oid_equal(mech_attr, _gss_ont_ma[n].oid))
431 ma = &_gss_ont_ma[n];
432
433 if (ma == NULL)
434 return GSS_S_BAD_MECH_ATTR;
435
436 if (name) {
437 gss_buffer_desc n;
438 n.value = rk_UNCONST(ma->name);
439 n.length = strlen(ma->name);
440 major = _gss_copy_buffer(minor_status, &n, name);
441 if (major != GSS_S_COMPLETE)
442 return major;
443 }
444
445 if (short_desc) {
446 gss_buffer_desc n;
447 n.value = rk_UNCONST(ma->short_desc);
448 n.length = strlen(ma->short_desc);
449 major = _gss_copy_buffer(minor_status, &n, short_desc);
450 if (major != GSS_S_COMPLETE)
451 return major;
452 }
453
454 if (long_desc) {
455 gss_buffer_desc n;
456 n.value = rk_UNCONST(ma->long_desc);
457 n.length = strlen(ma->long_desc);
458 major = _gss_copy_buffer(minor_status, &n, long_desc);
459 if (major != GSS_S_COMPLETE)
460 return major;
461 }
462
463 return GSS_S_COMPLETE;
464 }
Samba GIT mirror