1 /*- 2 * Copyright (c) 2005 Doug Rabson 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * 26 * $FreeBSD$ 27 */ 28 29 #include <gssapi/gssapi.h> 30 #include <string.h> 31 32 #include "mech_switch.h" 33 34 struct _gss_status_desc { 35 OM_uint32 gs_status; 36 const char* gs_desc; 37 }; 38 39 static struct _gss_status_desc _gss_status_descs[] = { 40 GSS_S_BAD_MECH, "An unsupported mechanism was requested", 41 GSS_S_BAD_NAME, "An invalid name was supplied", 42 GSS_S_BAD_NAMETYPE, "A supplied name was of an unsupported type", 43 GSS_S_BAD_BINDINGS, "Incorrect channel bindings were supplied", 44 GSS_S_BAD_STATUS, "An invalid status code was supplied", 45 GSS_S_BAD_MIC, "A token had an invalid MIC", 46 GSS_S_NO_CRED, "No credentials were supplied, or the " 47 "credentials were unavailable or inaccessible", 48 GSS_S_NO_CONTEXT, "No context has been established", 49 GSS_S_DEFECTIVE_TOKEN, "A token was invalid", 50 GSS_S_DEFECTIVE_CREDENTIAL, "A credential was invalid", 51 GSS_S_CREDENTIALS_EXPIRED, "The referenced credentials have expired", 52 GSS_S_CONTEXT_EXPIRED, "The context has expired", 53 GSS_S_FAILURE, "Miscellaneous failure", 54 GSS_S_BAD_QOP, "The quality-of-protection requested could " 55 "not be provided", 56 GSS_S_UNAUTHORIZED, "The operation is forbidden by local security " 57 "policy", 58 GSS_S_UNAVAILABLE, "The operation or option is unavailable", 59 GSS_S_DUPLICATE_ELEMENT, "The requested credential element already " 60 "exists", 61 GSS_S_NAME_NOT_MN, "The provided name was not a mechanism name" 62 }; 63 #define _gss_status_desc_count \ 64 sizeof(_gss_status_descs) / sizeof(_gss_status_descs[0]) 65 66 67 OM_uint32 68 gss_display_status(OM_uint32 *minor_status, 69 OM_uint32 status_value, 70 int status_type, 71 const gss_OID mech_type, 72 OM_uint32 *message_content, 73 gss_buffer_t status_string) 74 { 75 OM_uint32 major_status; 76 struct _gss_mech_switch *m; 77 int i; 78 const char *message; 79 80 *minor_status = 0; 81 switch (status_type) { 82 case GSS_C_GSS_CODE: 83 for (i = 0; i < _gss_status_desc_count; i++) { 84 if (_gss_status_descs[i].gs_status == status_value) { 85 message = _gss_status_descs[i].gs_desc; 86 status_string->length = strlen(message); 87 status_string->value = strdup(message); 88 return (GSS_S_COMPLETE); 89 } 90 } 91 92 /* 93 * Fall through to attempt to get some underlying 94 * implementation to describe the value. 95 */ 96 case GSS_C_MECH_CODE: 97 SLIST_FOREACH(m, &_gss_mechs, gm_link) { 98 if (mech_type && 99 !_gss_oid_equal(&m->gm_mech_oid, mech_type)) 100 continue; 101 major_status = m->gm_display_status(minor_status, 102 status_value, status_type, mech_type, 103 message_content, status_string); 104 if (major_status == GSS_S_COMPLETE) 105 return (GSS_S_COMPLETE); 106 } 107 } 108 109 return (GSS_S_BAD_STATUS); 110 } 111