1 /*
2 * Copyright 2008 by the Massachusetts Institute of Technology.
3 * All Rights Reserved.
4 *
5 * Export of this software from the United States of America may
6 * require a specific license from the United States Government.
7 * It is the responsibility of any person or organization contemplating
8 * export to obtain such a license before exporting.
9 *
10 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
11 * distribute this software and its documentation for any purpose and
12 * without fee is hereby granted, provided that the above copyright
13 * notice appear in all copies and that both that copyright notice and
14 * this permission notice appear in supporting documentation, and that
15 * the name of M.I.T. not be used in advertising or publicity pertaining
16 * to distribution of the software without specific, written prior
17 * permission. Furthermore if you modify this software you must label
18 * your software as modified software and not distribute it in such a
19 * fashion that it might be confused with the original M.I.T. software.
20 * M.I.T. makes no representations about the suitability of
21 * this software for any purpose. It is provided "as is" without express
22 * or implied warranty.
23 */
24
25 /* Glue routine for gss_inquire_cred_by_oid */
26
27 #include "mglueP.h"
28 #include <stdio.h>
29 #ifdef HAVE_STDLIB_H
30 #include <stdlib.h>
31 #endif
32 #include <string.h>
33 #include <time.h>
34
append_to_buffer_set(OM_uint32 * minor_status,gss_buffer_set_t * dst,const gss_buffer_set_t src)35 static OM_uint32 append_to_buffer_set(OM_uint32 *minor_status,
36 gss_buffer_set_t *dst,
37 const gss_buffer_set_t src)
38 {
39 size_t i;
40 OM_uint32 status;
41
42 if (src == GSS_C_NO_BUFFER_SET)
43 return GSS_S_COMPLETE;
44
45 if (*dst == GSS_C_NO_BUFFER_SET) {
46 status = gss_create_empty_buffer_set(minor_status, dst);
47 if (status != GSS_S_COMPLETE)
48 return status;
49 }
50
51 status = GSS_S_COMPLETE;
52
53 for (i = 0; i < src->count; i++) {
54 status = gss_add_buffer_set_member(minor_status,
55 &src->elements[i],
56 dst);
57 if (status != GSS_S_COMPLETE)
58 break;
59 }
60
61 return status;
62 }
63
64 OM_uint32 KRB5_CALLCONV
gss_inquire_cred_by_oid(OM_uint32 * minor_status,const gss_cred_id_t cred_handle,const gss_OID desired_object,gss_buffer_set_t * data_set)65 gss_inquire_cred_by_oid(OM_uint32 *minor_status,
66 const gss_cred_id_t cred_handle,
67 const gss_OID desired_object,
68 gss_buffer_set_t *data_set)
69 {
70 gss_union_cred_t union_cred;
71 gss_mechanism mech;
72 int i;
73 gss_buffer_set_t union_set = GSS_C_NO_BUFFER_SET;
74 gss_buffer_set_t ret_set = GSS_C_NO_BUFFER_SET;
75 OM_uint32 status, minor;
76
77 if (minor_status != NULL)
78 *minor_status = 0;
79
80 if (data_set != NULL)
81 *data_set = GSS_C_NO_BUFFER_SET;
82
83 if (minor_status == NULL || data_set == NULL)
84 return GSS_S_CALL_INACCESSIBLE_WRITE;
85
86 if (cred_handle == GSS_C_NO_CREDENTIAL)
87 return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CRED;
88
89 if (desired_object == GSS_C_NO_OID)
90 return GSS_S_CALL_INACCESSIBLE_READ;
91
92 union_cred = (gss_union_cred_t) cred_handle;
93
94 status = GSS_S_UNAVAILABLE;
95
96 for (i = 0; i < union_cred->count; i++) {
97 mech = gssint_get_mechanism(&union_cred->mechs_array[i]);
98 if (mech == NULL) {
99 status = GSS_S_BAD_MECH;
100 break;
101 }
102
103 if (mech->gss_inquire_cred_by_oid == NULL) {
104 status = GSS_S_UNAVAILABLE;
105 continue;
106 }
107
108 status = (mech->gss_inquire_cred_by_oid)(minor_status,
109 union_cred->cred_array[i],
110 desired_object,
111 &ret_set);
112 if (status != GSS_S_COMPLETE) {
113 map_error(minor_status, mech);
114 continue;
115 }
116
117 if (union_cred->count == 1) {
118 union_set = ret_set;
119 break;
120 }
121
122 status = append_to_buffer_set(minor_status, &union_set, ret_set);
123 gss_release_buffer_set(&minor, &ret_set);
124 if (status != GSS_S_COMPLETE)
125 break;
126 }
127
128 if (status != GSS_S_COMPLETE)
129 gss_release_buffer_set(&minor, &union_set);
130
131 *data_set = union_set;
132
133 return status;
134 }
135