lib/gssapi/krb5/export_sec_context.c

   1 /*
   2  * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan
   3  * (Royal Institute of Technology, Stockholm, Sweden).
   4  * All rights reserved.
   5  *
   6  * Redistribution and use in source and binary forms, with or without
   7  * modification, are permitted provided that the following conditions
   8  * are met:
   9  *
  10  * 1. Redistributions of source code must retain the above copyright
  11  *    notice, this list of conditions and the following disclaimer.
  12  *
  13  * 2. Redistributions in binary form must reproduce the above copyright
  14  *    notice, this list of conditions and the following disclaimer in the
  15  *    documentation and/or other materials provided with the distribution.
  16  *
  17  * 3. Neither the name of the Institute nor the names of its contributors
  18  *    may be used to endorse or promote products derived from this software
  19  *    without specific prior written permission.
  20  *
  21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
  22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
  25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  31  * SUCH DAMAGE.
  32  */
  33
  34 #include "gssapi_locl.h"
  35
  36 RCSID("$Id$");
  37
  38 OM_uint32
  39 gss_export_sec_context (
  40     OM_uint32 * minor_status,
  41     gss_ctx_id_t * context_handle,
  42     gss_buffer_t interprocess_token
  43     )
  44 {
  45     krb5_storage *sp;
  46     krb5_auth_context ac;
  47     unsigned char auth_buf[1024];
  48     size_t sz;
  49     int ret;
  50     krb5_data data;
  51     gss_buffer_desc buffer;
  52     int flags;
  53
  54     gssapi_krb5_init ();
  55     if (!((*context_handle)->flags & GSS_C_TRANS_FLAG))
  56         return GSS_S_UNAVAILABLE;
  57
  58     sp = krb5_storage_emem ();
  59     if (sp == NULL) {
  60         *minor_status = ENOMEM;
  61         return GSS_S_FAILURE;
  62     }
  63     ac = (*context_handle)->auth_context;
  64
  65     /* flagging included fields */
  66
  67     flags = 0;
  68     if (ac->local_address)
  69         flags |= SC_LOCAL_ADDRESS;
  70     if (ac->remote_address)
  71         flags |= SC_REMOTE_ADDRESS;
  72     if (ac->keyblock)
  73         flags |= SC_KEYBLOCK;
  74     if (ac->local_subkey)
  75         flags |= SC_LOCAL_SUBKEY;
  76     if (ac->remote_subkey)
  77         flags |= SC_REMOTE_SUBKEY;
  78
  79     krb5_store_int32 (sp, flags);
  80
  81     /* marshall auth context */
  82
  83     krb5_store_int32 (sp, ac->flags);
  84     if (ac->local_address)
  85         krb5_store_address (sp, *ac->local_address);
  86     if (ac->remote_address)
  87         krb5_store_address (sp, *ac->remote_address);
  88     krb5_store_int16 (sp, ac->local_port);
  89     krb5_store_int16 (sp, ac->remote_port);
  90     if (ac->keyblock)
  91         krb5_store_keyblock (sp, *ac->keyblock);
  92     if (ac->local_subkey)
  93         krb5_store_keyblock (sp, *ac->local_subkey);
  94     if (ac->remote_subkey)
  95         krb5_store_keyblock (sp, *ac->remote_subkey);
  96     krb5_store_int32 (sp, ac->local_seqnumber);
  97     krb5_store_int32 (sp, ac->remote_seqnumber);
  98
  99 #if 0
 100     ret = encode_Authenticator (auth_buf, sizeof(auth_buf),
 101                                 ac->authenticator, &sz);
 102     if (ret) {
 103         krb5_storage_free (sp);
 104         *minor_status = ret;
 105         return GSS_S_FAILURE;
 106     }
 107     data.data   = auth_buf;
 108     data.length = sz;
 109     krb5_store_data (sp, data);
 110 #endif
 111     krb5_store_int32 (sp, ac->keytype);
 112     krb5_store_int32 (sp, ac->cksumtype);
 113
 114     /* names */
 115
 116     gss_export_name (minor_status, (*context_handle)->source, &buffer);
 117     data.data   = buffer.value;
 118     data.length = buffer.length;
 119     krb5_store_data (sp, data);
 120
 121     gss_export_name (minor_status, (*context_handle)->target, &buffer);
 122     data.data   = buffer.value;
 123     data.length = buffer.length;
 124     krb5_store_data (sp, data);
 125
 126     krb5_store_int32 (sp, (*context_handle)->flags);
 127     krb5_store_int32 (sp, (*context_handle)->more_flags);
 128
 129     ret = krb5_storage_to_data (sp, &data);
 130     krb5_storage_free (sp);
 131     if (ret) {
 132         *minor_status = ret;
 133         return GSS_S_FAILURE;
 134     }
 135     interprocess_token->length = data.length;
 136     interprocess_token->value  = data.data;
 137     ret = gss_delete_sec_context (minor_status, context_handle,
 138                                   GSS_C_NO_BUFFER);
 139     if (ret != GSS_S_COMPLETE)
 140         gss_release_buffer (NULL, interprocess_token);
 141     return ret;
 142 }