+++ /dev/null
-/* #ident "@(#)gss_accept_sec_context.c 1.19 95/08/07 SMI" */
-
-/*
- * Copyright 1996 by Sun Microsystems, Inc.
- *
- * Permission to use, copy, modify, distribute, and sell this software
- * and its documentation for any purpose is hereby granted without fee,
- * provided that the above copyright notice appears in all copies and
- * that both that copyright notice and this permission notice appear in
- * supporting documentation, and that the name of Sun Microsystems not be used
- * in advertising or publicity pertaining to distribution of the software
- * without specific, written prior permission. Sun Microsystems makes no
- * representations about the suitability of this software for any
- * purpose. It is provided "as is" without express or implied warranty.
- *
- * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
- * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
- * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
- * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
- * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
- * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- * PERFORMANCE OF THIS SOFTWARE.
- */
-
-/*
- * glue routine for gss_accept_sec_context
- */
-
-#include "mglueP.h"
-#ifdef HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-#include <string.h>
-#include <errno.h>
-
-OM_uint32 KRB5_CALLCONV
-gss_accept_sec_context (minor_status,
- context_handle,
- verifier_cred_handle,
- input_token_buffer,
- input_chan_bindings,
- src_name,
- mech_type,
- output_token,
- ret_flags,
- time_rec,
- delegated_cred_handle)
-
-OM_uint32 * minor_status;
-gss_ctx_id_t * context_handle;
-gss_cred_id_t verifier_cred_handle;
-gss_buffer_t input_token_buffer;
-gss_channel_bindings_t input_chan_bindings;
-gss_name_t * src_name;
-gss_OID * mech_type;
-gss_buffer_t output_token;
-OM_uint32 * ret_flags;
-OM_uint32 * time_rec;
-gss_cred_id_t * delegated_cred_handle;
-
-{
- OM_uint32 status, temp_status, temp_minor_status;
- gss_union_ctx_id_t union_ctx_id;
- gss_union_cred_t union_cred;
- gss_cred_id_t input_cred_handle = GSS_C_NO_CREDENTIAL;
- gss_name_t internal_name;
- gss_OID_desc token_mech_type_desc;
- gss_OID token_mech_type = &token_mech_type_desc;
- gss_mechanism mech;
-
- gss_initialize();
-
- if (context_handle == NULL)
- return GSS_S_NO_CONTEXT;
-
- /*
- * if context_handle is GSS_C_NO_CONTEXT, allocate a union context
- * descriptor to hold the mech type information as well as the
- * underlying mechanism context handle. Otherwise, cast the
- * value of *context_handle to the union context variable.
- */
-
- if(*context_handle == GSS_C_NO_CONTEXT) {
-
- /* Get the token mech type */
- status = __gss_get_mech_type(token_mech_type, input_token_buffer);
- if (status)
- return status;
-
- status = GSS_S_FAILURE;
- union_ctx_id = (gss_union_ctx_id_t)
- malloc(sizeof(gss_union_ctx_id_desc));
- if (!union_ctx_id) {
- *minor_status = ENOMEM;
- goto error_out;
- }
-
- union_ctx_id->mech_type = (gss_OID) malloc(sizeof(gss_OID_desc));
- if (!union_ctx_id->mech_type) {
- *minor_status = ENOMEM;
- goto error_out;
- }
-
- union_ctx_id->mech_type->elements = (void *)
- malloc(token_mech_type->length);
- if (!union_ctx_id->mech_type->elements) {
- *minor_status = ENOMEM;
- goto error_out;
- }
-
- union_ctx_id->mech_type->length = token_mech_type->length;
- memcpy(union_ctx_id->mech_type->elements,
- token_mech_type->elements,
- token_mech_type->length);
-
- /* copy the supplied context handle */
-
- union_ctx_id->internal_ctx_id = *context_handle;
- } else {
- union_ctx_id = *context_handle;
- token_mech_type = union_ctx_id->mech_type;
- }
-
- /*
- * get the appropriate cred handle from the union cred struct.
- * defaults to GSS_C_NO_CREDENTIAL if there is no cred, which will
- * use the default credential.
- */
- union_cred = (gss_union_cred_t) verifier_cred_handle;
- input_cred_handle = __gss_get_mechanism_cred(union_cred, token_mech_type);
-
- /*
- * now select the approprate underlying mechanism routine and
- * call it.
- */
-
- mech = __gss_get_mechanism (token_mech_type);
- if (mech && mech->gss_accept_sec_context) {
-
- status = mech->gss_accept_sec_context(
-#ifdef USE_MECH_CONTEXT
- mech->context,
-#endif
- minor_status,
- &union_ctx_id->internal_ctx_id,
- input_cred_handle,
- input_token_buffer,
- input_chan_bindings,
- &internal_name,
- mech_type,
- output_token,
- ret_flags,
- time_rec,
- delegated_cred_handle);
-
- /* If there's more work to do, keep going... */
- if (status == GSS_S_CONTINUE_NEEDED)
- return GSS_S_CONTINUE_NEEDED;
-
- /* if the call failed, return with failure */
- if (status != GSS_S_COMPLETE)
- goto error_out;
-
- /*
- * if src_name is non-NULL,
- * convert internal_name into a union name equivalent
- * First call the mechanism specific display_name()
- * then call gss_import_name() to create
- * the union name struct cast to src_name
- */
-#if 0
- /* ANDROS: src_name is never null, it is a ptr from the gss_accept_sec_context
- * caller. internal_name may or may not be set by the mechanism. so, don't
- * call __gss_convert_name_to_union_name which sets the src_name
- * unless the internal name is set
- * by the above mech->gss_accept_sec_context.
- */
- if (internal_name != NULL && status == GSS_S_COMPLETE) {
-#else
- if (src_name != NULL && status == GSS_S_COMPLETE) {
-#endif
- temp_status = __gss_convert_name_to_union_name(
- &temp_minor_status, mech, internal_name, src_name);
- if (temp_status != GSS_S_COMPLETE) {
- if (minor_status)
- *minor_status = temp_minor_status;
- gss_release_buffer(&temp_minor_status, output_token);
- __gss_release_internal_name(&temp_minor_status,
- &mech->mech_type, &internal_name);
- return (temp_status);
- }
- }
-
- if(*context_handle == GSS_C_NO_CONTEXT)
- *context_handle = (gss_ctx_id_t *) union_ctx_id;
-
- return(status);
- }
-
- return(GSS_S_BAD_MECH);
-
-error_out:
- if (union_ctx_id) {
- if (union_ctx_id->mech_type) {
- if (union_ctx_id->mech_type->elements)
- free(union_ctx_id->mech_type->elements);
- free(union_ctx_id->mech_type);
- }
- free(union_ctx_id);
- }
- return (status);
-}
-
projects / nfs-utils.git / blobdiff