2 * Copyright (c) 2009 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of KTH nor the names of its contributors may be
18 * used to endorse or promote products derived from this software without
19 * specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
22 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
24 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
25 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
28 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
29 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
30 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
31 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34 #include "mech_locl.h"
38 * format: any number of:
40 * mech-data: char * (not alligned)
42 * cred-data char * (not alligned)
45 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
46 gss_export_cred(OM_uint32
* minor_status
,
47 gss_cred_id_t cred_handle
,
50 struct _gss_cred
*cred
= (struct _gss_cred
*)cred_handle
;
51 struct _gss_mechanism_cred
*mc
;
52 gss_buffer_desc buffer
;
58 _mg_buffer_zero(token
);
65 HEIM_SLIST_FOREACH(mc
, &cred
->gc_mc
, gmc_link
) {
66 if (mc
->gmc_mech
->gm_export_cred
== NULL
) {
72 sp
= krb5_storage_emem();
74 *minor_status
= ENOMEM
;
78 HEIM_SLIST_FOREACH(mc
, &cred
->gc_mc
, gmc_link
) {
80 major
= mc
->gmc_mech
->gm_export_cred(minor_status
,
81 mc
->gmc_cred
, &buffer
);
83 krb5_storage_free(sp
);
87 ret
= krb5_storage_write(sp
, buffer
.value
, buffer
.length
);
88 if (ret
< 0 || (size_t)ret
!= buffer
.length
) {
89 gss_release_buffer(minor_status
, &buffer
);
90 krb5_storage_free(sp
);
91 *minor_status
= EINVAL
;
94 gss_release_buffer(minor_status
, &buffer
);
97 ret
= krb5_storage_to_data(sp
, &data
);
98 krb5_storage_free(sp
);
101 return GSS_S_FAILURE
;
104 token
->value
= data
.data
;
105 token
->length
= data
.length
;
107 return GSS_S_COMPLETE
;
110 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
111 gss_import_cred(OM_uint32
* minor_status
,
113 gss_cred_id_t
* cred_handle
)
115 gssapi_mech_interface m
;
117 struct _gss_cred
*cred
;
118 krb5_storage
*sp
= NULL
;
119 OM_uint32 major
, junk
;
122 *cred_handle
= GSS_C_NO_CREDENTIAL
;
124 if (token
->length
== 0) {
125 *minor_status
= ENOMEM
;
126 return GSS_S_FAILURE
;
129 sp
= krb5_storage_from_readonly_mem(token
->value
, token
->length
);
131 *minor_status
= ENOMEM
;
132 return GSS_S_FAILURE
;
135 cred
= calloc(1, sizeof(struct _gss_cred
));
137 krb5_storage_free(sp
);
138 *minor_status
= ENOMEM
;
139 return GSS_S_FAILURE
;
141 HEIM_SLIST_INIT(&cred
->gc_mc
);
143 *cred_handle
= (gss_cred_id_t
)cred
;
146 struct _gss_mechanism_cred
*mc
;
147 gss_buffer_desc buffer
;
151 ret
= krb5_ret_data(sp
, &data
);
152 if (ret
== HEIM_ERR_EOF
) {
156 major
= GSS_S_FAILURE
;
159 oid
.elements
= data
.data
;
160 oid
.length
= data
.length
;
162 m
= __gss_get_mechanism(&oid
);
163 krb5_data_free(&data
);
166 major
= GSS_S_BAD_MECH
;
170 if (m
->gm_import_cred
== NULL
) {
172 major
= GSS_S_BAD_MECH
;
176 ret
= krb5_ret_data(sp
, &data
);
179 major
= GSS_S_FAILURE
;
183 buffer
.value
= data
.data
;
184 buffer
.length
= data
.length
;
186 major
= m
->gm_import_cred(minor_status
,
188 krb5_data_free(&data
);
193 mc
= malloc(sizeof(struct _gss_mechanism_cred
));
195 *minor_status
= EINVAL
;
196 major
= GSS_S_FAILURE
;
201 mc
->gmc_mech_oid
= &m
->gm_mech_oid
;
202 mc
->gmc_cred
= mcred
;
204 HEIM_SLIST_INSERT_HEAD(&cred
->gc_mc
, mc
, gmc_link
);
206 krb5_storage_free(sp
);
209 if (HEIM_SLIST_EMPTY(&cred
->gc_mc
)) {
210 major
= GSS_S_NO_CRED
;
214 return GSS_S_COMPLETE
;
218 krb5_storage_free(sp
);
220 gss_release_cred(&junk
, cred_handle
);