support/gssapi/g_inq_cred.c

   1 /* #ident  "@(#)gss_inquire_cred.c 1.9     95/08/02 SMI" */
   2
   3 /*
   4  * Copyright 1996 by Sun Microsystems, Inc.
   5  *
   6  * Permission to use, copy, modify, distribute, and sell this software
   7  * and its documentation for any purpose is hereby granted without fee,
   8  * provided that the above copyright notice appears in all copies and
   9  * that both that copyright notice and this permission notice appear in
  10  * supporting documentation, and that the name of Sun Microsystems not be used
  11  * in advertising or publicity pertaining to distribution of the software
  12  * without specific, written prior permission. Sun Microsystems makes no
  13  * representations about the suitability of this software for any
  14  * purpose.  It is provided "as is" without express or implied warranty.
  15  *
  16  * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
  17  * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
  18  * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
  19  * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
  20  * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
  21  * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  22  * PERFORMANCE OF THIS SOFTWARE.
  23  */
  24
  25 /*
  26  *  glue routine for gss_inquire_cred
  27  */
  28
  29 #include "mglueP.h"
  30 #include <stdio.h>
  31 #ifdef HAVE_STDLIB_H
  32 #include <stdlib.h>
  33 #endif
  34 #include <string.h>
  35 #include <time.h>
  36
  37 OM_uint32 KRB5_CALLCONV
  38 gss_inquire_cred(minor_status,
  39                  cred_handle,
  40                  name,
  41                  lifetime,
  42                  cred_usage,
  43                  mechanisms)
  44
  45 OM_uint32 *             minor_status;
  46 gss_cred_id_t           cred_handle;
  47 gss_name_t *            name;
  48 OM_uint32 *             lifetime;
  49 int *                   cred_usage;
  50 gss_OID_set *           mechanisms;
  51
  52 {
  53     OM_uint32           status, elapsed_time, temp_minor_status;
  54     gss_union_cred_t    union_cred;
  55     gss_mechanism       mech;
  56     gss_name_t          internal_name;
  57     int                 i;
  58
  59     gss_initialize();
  60
  61     if (cred_handle == GSS_C_NO_CREDENTIAL) {
  62         /*
  63          * No credential was supplied. This means we can't get a mechanism
  64          * pointer to call the mechanism specific gss_inquire_cred.
  65          * So, call get_mechanism with an arguement of GSS_C_NULL_OID.
  66          * get_mechanism will return the first mechanism in the mech
  67          * array, which becomes the default mechanism.
  68          */
  69
  70         if ((mech = __gss_get_mechanism(GSS_C_NULL_OID)) == NULL)
  71             return(GSS_S_NO_CRED);
  72
  73         if (!mech->gss_inquire_cred)
  74                 return (GSS_S_FAILURE);
  75
  76 #ifdef USE_MECH_CONTEXT
  77         status = mech->gss_inquire_cred(mech->context, minor_status,
  78 #else
  79         status = mech->gss_inquire_cred(minor_status,
  80 #endif
  81                                         GSS_C_NO_CREDENTIAL,
  82                                         name ? &internal_name : NULL,
  83                                         lifetime, cred_usage, mechanisms);
  84
  85         if (status != GSS_S_COMPLETE)
  86             return(status);
  87
  88         if (name) {
  89             /*
  90              * Convert internal_name into a union_name equivalent.
  91              */
  92             status = __gss_convert_name_to_union_name(&temp_minor_status,
  93                                                       mech, internal_name,
  94                                                       name);
  95             if (status != GSS_S_COMPLETE) {
  96                 if (minor_status)
  97                     *minor_status = temp_minor_status;
  98                 __gss_release_internal_name(&temp_minor_status,
  99                                             &mech->mech_type, &internal_name);
 100                 return (status);
 101             }
 102         }
 103         return(GSS_S_COMPLETE);
 104     }
 105
 106     /* get the cred_handle cast as a union_credentials structure */
 107
 108     union_cred = (gss_union_cred_t) cred_handle;
 109
 110     /*
 111      * get the information out of the union_cred structure that was
 112      * placed there during gss_acquire_cred.
 113      */
 114
 115     if(cred_usage != NULL)
 116         *cred_usage = union_cred->auxinfo.cred_usage;
 117
 118     if(lifetime != NULL) {
 119         elapsed_time = time(0) - union_cred->auxinfo.creation_time;
 120         *lifetime = union_cred->auxinfo.time_rec < elapsed_time ? 0 :
 121         union_cred->auxinfo.time_rec - elapsed_time;
 122     }
 123
 124     /*
 125      * if name is non_null,
 126      * call gss_import_name(), giving it the printable name held within
 127      * union_cred in order to get an internal name to pass back to the
 128      * caller. If this call fails, return failure to our caller.
 129      */
 130
 131     if(name != NULL)
 132         if(gss_import_name(&temp_minor_status,
 133                            &union_cred->auxinfo.name,
 134                            union_cred->auxinfo.name_type,
 135                            name) != GSS_S_COMPLETE)
 136             return(GSS_S_DEFECTIVE_CREDENTIAL);
 137
 138     /*
 139      * copy the mechanism set in union_cred into an OID set and return in
 140      * the mechanisms parameter.
 141      */
 142
 143     if(mechanisms != NULL) {
 144
 145         *mechanisms = (gss_OID_set) malloc(sizeof(gss_OID_set_desc));
 146
 147         (*mechanisms)->count = union_cred->count;
 148         (*mechanisms)->elements =
 149             (gss_OID) malloc(sizeof(gss_OID_desc) *
 150                              union_cred->count);
 151
 152         for(i=0; i < union_cred->count; i++) {
 153             (*mechanisms)->elements[i].length =
 154                 union_cred->mechs_array[i].length;
 155             (*mechanisms)->elements[i].elements = (void *)
 156                 malloc(union_cred->mechs_array[i].length);
 157             memcpy((*mechanisms)->elements[i].elements,
 158                    union_cred->mechs_array[i].elements,
 159                    union_cred->mechs_array[i].length);
 160         }
 161     }
 162
 163     return(GSS_S_COMPLETE);
 164 }
 165
 166 OM_uint32 KRB5_CALLCONV
 167 gss_inquire_cred_by_mech(minor_status, cred_handle, mech_type, name,
 168                          initiator_lifetime, acceptor_lifetime, cred_usage)
 169     OM_uint32           *minor_status;
 170     gss_cred_id_t       cred_handle;
 171     gss_OID             mech_type;
 172     gss_name_t          *name;
 173     OM_uint32           *initiator_lifetime;
 174     OM_uint32           *acceptor_lifetime;
 175     gss_cred_usage_t *cred_usage;
 176 {
 177     gss_union_cred_t    union_cred;
 178     gss_cred_id_t       mech_cred;
 179     gss_mechanism       mech;
 180
 181     mech = __gss_get_mechanism (mech_type);
 182     if (!mech)
 183         return (GSS_S_BAD_MECH);
 184     if (!mech->gss_inquire_cred_by_mech)
 185         return (GSS_S_BAD_BINDINGS);
 186
 187     union_cred = (gss_union_cred_t) cred_handle;
 188     mech_cred = __gss_get_mechanism_cred(union_cred, mech_type);
 189
 190 #ifdef USE_MECH_CONTEXT
 191     return (mech->gss_inquire_cred_by_mech(mech->context, minor_status,
 192 #else
 193     return (mech->gss_inquire_cred_by_mech(minor_status,
 194 #endif
 195                                            mech_cred, mech_type,
 196                                            name, initiator_lifetime,
 197                                            acceptor_lifetime, cred_usage));
 198 }
 199