xref: /freebsd/crypto/krb5/src/ccapi/server/ccs_credentials.c (revision b670c9bafc0e31c7609969bf374b2e80bdc00211) 
1 /* ccapi/server/ccs_credentials.c */
2 /*
3  * Copyright 2006 Massachusetts Institute of Technology.
4  * All Rights Reserved.
5  *
6  * Export of this software from the United States of America may
7  * require a specific license from the United States Government.
8  * It is the responsibility of any person or organization contemplating
9  * export to obtain such a license before exporting.
10  *
11  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
12  * distribute this software and its documentation for any purpose and
13  * without fee is hereby granted, provided that the above copyright
14  * notice appear in all copies and that both that copyright notice and
15  * this permission notice appear in supporting documentation, and that
16  * the name of M.I.T. not be used in advertising or publicity pertaining
17  * to distribution of the software without specific, written prior
18  * permission.  Furthermore if you modify this software you must label
19  * your software as modified software and not distribute it in such a
20  * fashion that it might be confused with the original M.I.T. software.
21  * M.I.T. makes no representations about the suitability of
22  * this software for any purpose.  It is provided "as is" without express
23  * or implied warranty.
24  */
25 
26 #include "ccs_common.h"
27 
28 struct ccs_credentials_d {
29     cc_credentials_union *cred_union;
30     cci_identifier_t identifier;
31 };
32 
33 struct ccs_credentials_d ccs_credentials_initializer = { NULL, NULL };
34 
35 /* ------------------------------------------------------------------------ */
36 
37 cc_int32 ccs_credentials_new (ccs_credentials_t      *out_credentials,
38                               k5_ipc_stream            in_stream,
39                               cc_uint32               in_ccache_version,
40                               ccs_credentials_list_t  io_credentials_list)
41 {
42     cc_int32 err = ccNoError;
43     ccs_credentials_t credentials = NULL;
44 
45     if (!out_credentials) { err = cci_check_error (ccErrBadParam); }
46     if (!in_stream      ) { err = cci_check_error (ccErrBadParam); }
47 
48     if (!err) {
49         credentials = malloc (sizeof (*credentials));
50         if (credentials) {
51             *credentials = ccs_credentials_initializer;
52         } else {
53             err = cci_check_error (ccErrNoMem);
54         }
55     }
56 
57     if (!err) {
58         err = cci_credentials_union_read (&credentials->cred_union, in_stream);
59     }
60 
61     if (!err && !(credentials->cred_union->version & in_ccache_version)) {
62         /* ccache does not have a principal set for this credentials version */
63         err = cci_check_error (ccErrBadCredentialsVersion);
64     }
65 
66     if (!err) {
67         err = ccs_server_new_identifier (&credentials->identifier);
68     }
69 
70     if (!err) {
71         err = ccs_credentials_list_add (io_credentials_list, credentials);
72     }
73 
74     if (!err) {
75         *out_credentials = credentials;
76         credentials = NULL;
77     }
78 
79     ccs_credentials_release (credentials);
80 
81     return cci_check_error (err);
82 }
83 
84 /* ------------------------------------------------------------------------ */
85 
86 cc_int32 ccs_credentials_release (ccs_credentials_t io_credentials)
87 {
88     cc_int32 err = ccNoError;
89 
90     if (!err && io_credentials) {
91         cci_credentials_union_release (io_credentials->cred_union);
92         cci_identifier_release (io_credentials->identifier);
93         free (io_credentials);
94     }
95 
96     return cci_check_error (err);
97 }
98 
99 /* ------------------------------------------------------------------------ */
100 
101 cc_int32 ccs_credentials_write (ccs_credentials_t in_credentials,
102                                 k5_ipc_stream      io_stream)
103 {
104     cc_int32 err = ccNoError;
105 
106     if (!in_credentials) { err = cci_check_error (ccErrBadParam); }
107     if (!io_stream     ) { err = cci_check_error (ccErrBadParam); }
108 
109     if (!err) {
110         err = cci_identifier_write (in_credentials->identifier, io_stream);
111     }
112 
113     if (!err) {
114         err = cci_credentials_union_write (in_credentials->cred_union, io_stream);
115     }
116 
117     return cci_check_error (err);
118 }
119 
120 /* ------------------------------------------------------------------------ */
121 
122 cc_int32 ccs_credentials_compare_identifier (ccs_credentials_t  in_credentials,
123                                              cci_identifier_t   in_identifier,
124                                              cc_uint32         *out_equal)
125 {
126     cc_int32 err = ccNoError;
127 
128     if (!in_credentials) { err = cci_check_error (ccErrBadParam); }
129     if (!in_identifier ) { err = cci_check_error (ccErrBadParam); }
130     if (!out_equal     ) { err = cci_check_error (ccErrBadParam); }
131 
132     if (!err) {
133         err = cci_identifier_compare (in_credentials->identifier,
134                                       in_identifier,
135                                       out_equal);
136     }
137 
138     return cci_check_error (err);
139 }
140