support/gssapi/g_init_sec_context.c

   1 /* #ident  "@(#)gss_init_sec_context.c 1.20     95/08/07 SMI" */
   2
   3 /*
   4  * Copyright 1996 by Sun Microsystems, Inc.
   5  *
   6  * Permission to use, copy, modify, distribute, and sell this software
   7  * and its documentation for any purpose is hereby granted without fee,
   8  * provided that the above copyright notice appears in all copies and
   9  * that both that copyright notice and this permission notice appear in
  10  * supporting documentation, and that the name of Sun Microsystems not be used
  11  * in advertising or publicity pertaining to distribution of the software
  12  * without specific, written prior permission. Sun Microsystems makes no
  13  * representations about the suitability of this software for any
  14  * purpose.  It is provided "as is" without express or implied warranty.
  15  *
  16  * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
  17  * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
  18  * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
  19  * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
  20  * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
  21  * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  22  * PERFORMANCE OF THIS SOFTWARE.
  23  */
  24
  25 /*
  26  *  glue routine for gss_init_sec_context
  27  */
  28
  29 #include "mglueP.h"
  30 #include <stdio.h>
  31 #ifdef HAVE_STDLIB_H
  32 #include <stdlib.h>
  33 #endif
  34 #include <string.h>
  35
  36 #define g_OID_equal(o1,o2) \
  37    (((o1)->length == (o2)->length) && \
  38     (memcmp((o1)->elements,(o2)->elements,(int) (o1)->length) == 0))
  39
  40 OM_uint32 KRB5_CALLCONV
  41 gss_init_sec_context (minor_status,
  42                       claimant_cred_handle,
  43                       context_handle,
  44                       target_name,
  45                       req_mech_type,
  46                       req_flags,
  47                       time_req,
  48                       input_chan_bindings,
  49                       input_token,
  50                       actual_mech_type,
  51                       output_token,
  52                       ret_flags,
  53                       time_rec)
  54
  55 OM_uint32 *             minor_status;
  56 gss_cred_id_t           claimant_cred_handle;
  57 gss_ctx_id_t *          context_handle;
  58 gss_name_t              target_name;
  59 gss_OID                 req_mech_type;
  60 OM_uint32               req_flags;
  61 OM_uint32               time_req;
  62 gss_channel_bindings_t  input_chan_bindings;
  63 gss_buffer_t            input_token;
  64 gss_OID *               actual_mech_type;
  65 gss_buffer_t            output_token;
  66 OM_uint32 *             ret_flags;
  67 OM_uint32 *             time_rec;
  68
  69 {
  70     OM_uint32           status, temp_status, temp_minor_status;
  71     gss_union_name_t    union_name;
  72     gss_union_cred_t    union_cred;
  73     gss_name_t          internal_name;
  74     gss_union_ctx_id_t  union_ctx_id;
  75     gss_OID             mech_type = (gss_OID) req_mech_type;
  76     gss_mechanism       mech;
  77     gss_cred_id_t       input_cred_handle;
  78
  79     gss_initialize();
  80
  81     if (context_handle == NULL)
  82         return GSS_S_NO_CONTEXT;
  83
  84     union_name = (gss_union_name_t) target_name;
  85
  86     /*
  87      * If mech_type is NULL, and the target_name is
  88      * mechanism-specific, then set it to the mech_type of
  89      * target_name.
  90      */
  91     if ((mech_type == GSS_C_NULL_OID) && union_name->mech_type)
  92         mech_type = union_name->mech_type;
  93
  94     /*
  95      * obtain the gss mechanism information for the requested
  96      * mechanism.  If mech_type is NULL, set it to the resultant
  97      * mechanism
  98      */
  99     mech = __gss_get_mechanism (mech_type);
 100     if (mech == NULL)
 101         return (GSS_S_BAD_MECH);
 102
 103     if (mech_type == GSS_C_NULL_OID)
 104         mech_type = &mech->mech_type;
 105
 106     /*
 107      * If target_name is mechanism_specific, then it must match the
 108      * mech_type that we're about to use.  Otherwise, do an import on
 109      * the external_name form of the target name.
 110      */
 111     if (union_name->mech_type) {
 112         if (!g_OID_equal(union_name->mech_type, mech_type))
 113             return (GSS_S_BAD_MECH);
 114         internal_name = union_name->mech_name;
 115     } else {
 116         if ((temp_status = __gss_import_internal_name(minor_status, mech_type,
 117                                                       union_name,
 118                                                       &internal_name)))
 119             return (GSS_S_BAD_NAME);
 120     }
 121
 122     /*
 123      * if context_handle is GSS_C_NO_CONTEXT, allocate a union context
 124      * descriptor to hold the mech type information as well as the
 125      * underlying mechanism context handle. Otherwise, cast the
 126      * value of *context_handle to the union context variable.
 127      */
 128
 129     if(*context_handle == GSS_C_NO_CONTEXT) {
 130         union_ctx_id = (gss_union_ctx_id_t)
 131             malloc(sizeof(gss_union_ctx_id_desc));
 132
 133         union_ctx_id->mech_type = (gss_OID)
 134             malloc(sizeof(gss_OID_desc));
 135
 136         /* copy in the mech type information */
 137
 138         union_ctx_id->mech_type->elements = (void *)
 139             malloc(mech_type->length);
 140
 141         union_ctx_id->mech_type->length = mech_type->length;
 142         memcpy(union_ctx_id->mech_type->elements, mech_type->elements,
 143                mech_type->length);
 144
 145         /* copy the supplied context handle */
 146
 147         union_ctx_id->internal_ctx_id = *context_handle;
 148     } else
 149         union_ctx_id = *context_handle;
 150
 151     /*
 152      * get the appropriate cred handle from the union cred struct.
 153      * defaults to GSS_C_NO_CREDENTIAL if there is no cred, which will
 154      * use the default credential.
 155      */
 156     union_cred = (gss_union_cred_t) claimant_cred_handle;
 157     input_cred_handle = __gss_get_mechanism_cred(union_cred, mech_type);
 158
 159     /*
 160      * now call the approprate underlying mechanism routine
 161      */
 162
 163     if (mech->gss_init_sec_context) {
 164         status = mech->gss_init_sec_context(
 165 #ifdef USE_MECH_CONTEXT
 166                                             mech->context,
 167 #endif
 168                                             minor_status,
 169                                             input_cred_handle,
 170                                             &union_ctx_id->internal_ctx_id,
 171                                             internal_name,
 172                                             mech_type,
 173                                             req_flags,
 174                                             time_req,
 175                                             input_chan_bindings,
 176                                             input_token,
 177                                             actual_mech_type,
 178                                             output_token,
 179                                             ret_flags,
 180                                             time_rec);
 181
 182         if (*context_handle == GSS_C_NO_CONTEXT)
 183             *context_handle = (gss_ctx_id_t) union_ctx_id;
 184
 185     } else
 186         status = GSS_S_BAD_BINDINGS;
 187
 188     if (!union_name->mech_type) {
 189         (void) __gss_release_internal_name(&temp_minor_status,
 190                                            mech_type, &internal_name);
 191     }
 192
 193     return(status);
 194 }