1c0b9f4feSDoug Rabson /*- 2c0b9f4feSDoug Rabson * Copyright (c) 2005 Doug Rabson 3c0b9f4feSDoug Rabson * All rights reserved. 4c0b9f4feSDoug Rabson * 5c0b9f4feSDoug Rabson * Redistribution and use in source and binary forms, with or without 6c0b9f4feSDoug Rabson * modification, are permitted provided that the following conditions 7c0b9f4feSDoug Rabson * are met: 8c0b9f4feSDoug Rabson * 1. Redistributions of source code must retain the above copyright 9c0b9f4feSDoug Rabson * notice, this list of conditions and the following disclaimer. 10c0b9f4feSDoug Rabson * 2. Redistributions in binary form must reproduce the above copyright 11c0b9f4feSDoug Rabson * notice, this list of conditions and the following disclaimer in the 12c0b9f4feSDoug Rabson * documentation and/or other materials provided with the distribution. 13c0b9f4feSDoug Rabson * 14c0b9f4feSDoug Rabson * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15c0b9f4feSDoug Rabson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16c0b9f4feSDoug Rabson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17c0b9f4feSDoug Rabson * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18c0b9f4feSDoug Rabson * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19c0b9f4feSDoug Rabson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20c0b9f4feSDoug Rabson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21c0b9f4feSDoug Rabson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22c0b9f4feSDoug Rabson * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23c0b9f4feSDoug Rabson * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24c0b9f4feSDoug Rabson * SUCH DAMAGE. 25c0b9f4feSDoug Rabson * 26c0b9f4feSDoug Rabson * $FreeBSD$ 27c0b9f4feSDoug Rabson */ 28c0b9f4feSDoug Rabson 29c0b9f4feSDoug Rabson #include <gssapi/gssapi.h> 30c0b9f4feSDoug Rabson #include <stdlib.h> 31c0b9f4feSDoug Rabson #include <errno.h> 32c0b9f4feSDoug Rabson 33c0b9f4feSDoug Rabson #include "mech_switch.h" 34c0b9f4feSDoug Rabson #include "name.h" 35c0b9f4feSDoug Rabson 36c0b9f4feSDoug Rabson /* 37c0b9f4feSDoug Rabson * The implementation must reserve static storage for a 38c0b9f4feSDoug Rabson * gss_OID_desc object containing the value 39c0b9f4feSDoug Rabson * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 40c0b9f4feSDoug Rabson * "\x01\x02\x01\x01"}, 41c0b9f4feSDoug Rabson * corresponding to an object-identifier value of 42c0b9f4feSDoug Rabson * {iso(1) member-body(2) United States(840) mit(113554) 43c0b9f4feSDoug Rabson * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant 44c0b9f4feSDoug Rabson * GSS_C_NT_USER_NAME should be initialized to point 45c0b9f4feSDoug Rabson * to that gss_OID_desc. 46c0b9f4feSDoug Rabson */ 47c0b9f4feSDoug Rabson static gss_OID_desc GSS_C_NT_USER_NAME_storage = 48c0b9f4feSDoug Rabson {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x01"}; 49c0b9f4feSDoug Rabson gss_OID GSS_C_NT_USER_NAME = &GSS_C_NT_USER_NAME_storage; 50c0b9f4feSDoug Rabson 51c0b9f4feSDoug Rabson /* 52c0b9f4feSDoug Rabson * The implementation must reserve static storage for a 53c0b9f4feSDoug Rabson * gss_OID_desc object containing the value 54c0b9f4feSDoug Rabson * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 55c0b9f4feSDoug Rabson * "\x01\x02\x01\x02"}, 56c0b9f4feSDoug Rabson * corresponding to an object-identifier value of 57c0b9f4feSDoug Rabson * {iso(1) member-body(2) United States(840) mit(113554) 58c0b9f4feSDoug Rabson * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}. 59c0b9f4feSDoug Rabson * The constant GSS_C_NT_MACHINE_UID_NAME should be 60c0b9f4feSDoug Rabson * initialized to point to that gss_OID_desc. 61c0b9f4feSDoug Rabson */ 62c0b9f4feSDoug Rabson static gss_OID_desc GSS_C_NT_MACHINE_UID_NAME_storage = 63c0b9f4feSDoug Rabson {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x02"}; 64c0b9f4feSDoug Rabson gss_OID GSS_C_NT_MACHINE_UID_NAME = &GSS_C_NT_MACHINE_UID_NAME_storage; 65c0b9f4feSDoug Rabson 66c0b9f4feSDoug Rabson /* 67c0b9f4feSDoug Rabson * The implementation must reserve static storage for a 68c0b9f4feSDoug Rabson * gss_OID_desc object containing the value 69c0b9f4feSDoug Rabson * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 70c0b9f4feSDoug Rabson * "\x01\x02\x01\x03"}, 71c0b9f4feSDoug Rabson * corresponding to an object-identifier value of 72c0b9f4feSDoug Rabson * {iso(1) member-body(2) United States(840) mit(113554) 73c0b9f4feSDoug Rabson * infosys(1) gssapi(2) generic(1) string_uid_name(3)}. 74c0b9f4feSDoug Rabson * The constant GSS_C_NT_STRING_UID_NAME should be 75c0b9f4feSDoug Rabson * initialized to point to that gss_OID_desc. 76c0b9f4feSDoug Rabson */ 77c0b9f4feSDoug Rabson static gss_OID_desc GSS_C_NT_STRING_UID_NAME_storage = 78c0b9f4feSDoug Rabson {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x03"}; 79c0b9f4feSDoug Rabson gss_OID GSS_C_NT_STRING_UID_NAME = &GSS_C_NT_STRING_UID_NAME_storage; 80c0b9f4feSDoug Rabson 81c0b9f4feSDoug Rabson /* 82c0b9f4feSDoug Rabson * The implementation must reserve static storage for a 83c0b9f4feSDoug Rabson * gss_OID_desc object containing the value 84c0b9f4feSDoug Rabson * {6, (void *)"\x2b\x06\x01\x05\x06\x02"}, 85c0b9f4feSDoug Rabson * corresponding to an object-identifier value of 86c0b9f4feSDoug Rabson * {iso(1) org(3) dod(6) internet(1) security(5) 87c0b9f4feSDoug Rabson * nametypes(6) gss-host-based-services(2)). The constant 88c0b9f4feSDoug Rabson * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point 89c0b9f4feSDoug Rabson * to that gss_OID_desc. This is a deprecated OID value, and 90c0b9f4feSDoug Rabson * implementations wishing to support hostbased-service names 91c0b9f4feSDoug Rabson * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID, 92c0b9f4feSDoug Rabson * defined below, to identify such names; 93c0b9f4feSDoug Rabson * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym 94c0b9f4feSDoug Rabson * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input 95c0b9f4feSDoug Rabson * parameter, but should not be emitted by GSS-API 96c0b9f4feSDoug Rabson * implementations 97c0b9f4feSDoug Rabson */ 98c0b9f4feSDoug Rabson static gss_OID_desc GSS_C_NT_HOSTBASED_SERVICE_X_storage = 99c0b9f4feSDoug Rabson {6, (void *)"\x2b\x06\x01\x05\x06\x02"}; 100c0b9f4feSDoug Rabson gss_OID GSS_C_NT_HOSTBASED_SERVICE_X = &GSS_C_NT_HOSTBASED_SERVICE_X_storage; 101c0b9f4feSDoug Rabson 102c0b9f4feSDoug Rabson /* 103c0b9f4feSDoug Rabson * The implementation must reserve static storage for a 104c0b9f4feSDoug Rabson * gss_OID_desc object containing the value 105c0b9f4feSDoug Rabson * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 106c0b9f4feSDoug Rabson * "\x01\x02\x01\x04"}, corresponding to an 107c0b9f4feSDoug Rabson * object-identifier value of {iso(1) member-body(2) 108c0b9f4feSDoug Rabson * Unites States(840) mit(113554) infosys(1) gssapi(2) 109c0b9f4feSDoug Rabson * generic(1) service_name(4)}. The constant 110c0b9f4feSDoug Rabson * GSS_C_NT_HOSTBASED_SERVICE should be initialized 111c0b9f4feSDoug Rabson * to point to that gss_OID_desc. 112c0b9f4feSDoug Rabson */ 113c0b9f4feSDoug Rabson static gss_OID_desc GSS_C_NT_HOSTBASED_SERVICE_storage = 114c0b9f4feSDoug Rabson {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x04"}; 115c0b9f4feSDoug Rabson gss_OID GSS_C_NT_HOSTBASED_SERVICE = &GSS_C_NT_HOSTBASED_SERVICE_storage; 116c0b9f4feSDoug Rabson 117c0b9f4feSDoug Rabson /* 118c0b9f4feSDoug Rabson * The implementation must reserve static storage for a 119c0b9f4feSDoug Rabson * gss_OID_desc object containing the value 120c0b9f4feSDoug Rabson * {6, (void *)"\x2b\x06\01\x05\x06\x03"}, 121c0b9f4feSDoug Rabson * corresponding to an object identifier value of 122c0b9f4feSDoug Rabson * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 123c0b9f4feSDoug Rabson * 6(nametypes), 3(gss-anonymous-name)}. The constant 124c0b9f4feSDoug Rabson * and GSS_C_NT_ANONYMOUS should be initialized to point 125c0b9f4feSDoug Rabson * to that gss_OID_desc. 126c0b9f4feSDoug Rabson */ 127c0b9f4feSDoug Rabson static gss_OID_desc GSS_C_NT_ANONYMOUS_storage = 128c0b9f4feSDoug Rabson {6, (void *)"\x2b\x06\01\x05\x06\x03"}; 129c0b9f4feSDoug Rabson gss_OID GSS_C_NT_ANONYMOUS = &GSS_C_NT_ANONYMOUS_storage; 130c0b9f4feSDoug Rabson 131c0b9f4feSDoug Rabson /* 132c0b9f4feSDoug Rabson * The implementation must reserve static storage for a 133c0b9f4feSDoug Rabson * gss_OID_desc object containing the value 134c0b9f4feSDoug Rabson * {6, (void *)"\x2b\x06\x01\x05\x06\x04"}, 135c0b9f4feSDoug Rabson * corresponding to an object-identifier value of 136c0b9f4feSDoug Rabson * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 137c0b9f4feSDoug Rabson * 6(nametypes), 4(gss-api-exported-name)}. The constant 138c0b9f4feSDoug Rabson * GSS_C_NT_EXPORT_NAME should be initialized to point 139c0b9f4feSDoug Rabson * to that gss_OID_desc. 140c0b9f4feSDoug Rabson */ 141c0b9f4feSDoug Rabson static gss_OID_desc GSS_C_NT_EXPORT_NAME_storage = 142c0b9f4feSDoug Rabson {6, (void *)"\x2b\x06\x01\x05\x06\x04"}; 143c0b9f4feSDoug Rabson gss_OID GSS_C_NT_EXPORT_NAME = &GSS_C_NT_EXPORT_NAME_storage; 144c0b9f4feSDoug Rabson 145c0b9f4feSDoug Rabson /* 146c0b9f4feSDoug Rabson * This name form shall be represented by the Object Identifier {iso(1) 147c0b9f4feSDoug Rabson * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 148c0b9f4feSDoug Rabson * krb5(2) krb5_name(1)}. The recommended symbolic name for this type 149c0b9f4feSDoug Rabson * is "GSS_KRB5_NT_PRINCIPAL_NAME". 150c0b9f4feSDoug Rabson */ 151c0b9f4feSDoug Rabson static gss_OID_desc GSS_KRB5_NT_PRINCIPAL_NAME_storage = 152c0b9f4feSDoug Rabson {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x01"}; 153c0b9f4feSDoug Rabson gss_OID GSS_KRB5_NT_PRINCIPAL_NAME = &GSS_KRB5_NT_PRINCIPAL_NAME_storage; 154c0b9f4feSDoug Rabson 155c0b9f4feSDoug Rabson /* 156c0b9f4feSDoug Rabson * This name form shall be represented by the Object Identifier {iso(1) 157c0b9f4feSDoug Rabson * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 158c0b9f4feSDoug Rabson * generic(1) user_name(1)}. The recommended symbolic name for this 159c0b9f4feSDoug Rabson * type is "GSS_KRB5_NT_USER_NAME". 160c0b9f4feSDoug Rabson */ 161c0b9f4feSDoug Rabson gss_OID GSS_KRB5_NT_USER_NAME = &GSS_C_NT_USER_NAME_storage; 162c0b9f4feSDoug Rabson 163c0b9f4feSDoug Rabson /* 164c0b9f4feSDoug Rabson * This name form shall be represented by the Object Identifier {iso(1) 165c0b9f4feSDoug Rabson * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 166c0b9f4feSDoug Rabson * generic(1) machine_uid_name(2)}. The recommended symbolic name for 167c0b9f4feSDoug Rabson * this type is "GSS_KRB5_NT_MACHINE_UID_NAME". 168c0b9f4feSDoug Rabson */ 169c0b9f4feSDoug Rabson gss_OID GSS_KRB5_NT_MACHINE_UID_NAME = &GSS_C_NT_MACHINE_UID_NAME_storage; 170c0b9f4feSDoug Rabson 171c0b9f4feSDoug Rabson /* 172c0b9f4feSDoug Rabson * This name form shall be represented by the Object Identifier {iso(1) 173c0b9f4feSDoug Rabson * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 174c0b9f4feSDoug Rabson * generic(1) string_uid_name(3)}. The recommended symbolic name for 175c0b9f4feSDoug Rabson * this type is "GSS_KRB5_NT_STRING_UID_NAME". 176c0b9f4feSDoug Rabson */ 177c0b9f4feSDoug Rabson gss_OID GSS_KRB5_NT_STRING_UID_NAME = &GSS_C_NT_STRING_UID_NAME_storage; 178c0b9f4feSDoug Rabson 179c0b9f4feSDoug Rabson struct _gss_mechanism_name * 180c0b9f4feSDoug Rabson _gss_find_mn(struct _gss_name *name, gss_OID mech) 181c0b9f4feSDoug Rabson { 182c0b9f4feSDoug Rabson OM_uint32 major_status, minor_status; 183c0b9f4feSDoug Rabson struct _gss_mech_switch *m; 184c0b9f4feSDoug Rabson struct _gss_mechanism_name *mn; 185c0b9f4feSDoug Rabson 186c0b9f4feSDoug Rabson SLIST_FOREACH(mn, &name->gn_mn, gmn_link) { 187c0b9f4feSDoug Rabson if (_gss_oid_equal(mech, mn->gmn_mech_oid)) 188c0b9f4feSDoug Rabson break; 189c0b9f4feSDoug Rabson } 190c0b9f4feSDoug Rabson 191c0b9f4feSDoug Rabson if (!mn) { 192c0b9f4feSDoug Rabson /* 193c0b9f4feSDoug Rabson * If this name is canonical (i.e. there is only an 194c0b9f4feSDoug Rabson * MN but it is from a different mech), give up now. 195c0b9f4feSDoug Rabson */ 196c0b9f4feSDoug Rabson if (!name->gn_value.value) 197c0b9f4feSDoug Rabson return (0); 198c0b9f4feSDoug Rabson 199c0b9f4feSDoug Rabson m = _gss_find_mech_switch(mech); 200c0b9f4feSDoug Rabson if (!m) 201c0b9f4feSDoug Rabson return (0); 202c0b9f4feSDoug Rabson 203c0b9f4feSDoug Rabson mn = malloc(sizeof(struct _gss_mechanism_name)); 204c0b9f4feSDoug Rabson if (!mn) 205c0b9f4feSDoug Rabson return (0); 206c0b9f4feSDoug Rabson 207c0b9f4feSDoug Rabson major_status = m->gm_import_name(&minor_status, 208c0b9f4feSDoug Rabson &name->gn_value, 209c0b9f4feSDoug Rabson (name->gn_type.elements 210c0b9f4feSDoug Rabson ? &name->gn_type : GSS_C_NO_OID), 211c0b9f4feSDoug Rabson &mn->gmn_name); 212c0b9f4feSDoug Rabson if (major_status) { 213c0b9f4feSDoug Rabson free(mn); 214c0b9f4feSDoug Rabson return (0); 215c0b9f4feSDoug Rabson } 216c0b9f4feSDoug Rabson 217c0b9f4feSDoug Rabson mn->gmn_mech = m; 218c0b9f4feSDoug Rabson mn->gmn_mech_oid = &m->gm_mech_oid; 219c0b9f4feSDoug Rabson SLIST_INSERT_HEAD(&name->gn_mn, mn, gmn_link); 220c0b9f4feSDoug Rabson } 221c0b9f4feSDoug Rabson return (mn); 222c0b9f4feSDoug Rabson } 223c0b9f4feSDoug Rabson 224c0b9f4feSDoug Rabson /* 225c0b9f4feSDoug Rabson * Make a name from an MN. 226c0b9f4feSDoug Rabson */ 227c0b9f4feSDoug Rabson struct _gss_name * 228c0b9f4feSDoug Rabson _gss_make_name(struct _gss_mech_switch *m, gss_name_t new_mn) 229c0b9f4feSDoug Rabson { 230c0b9f4feSDoug Rabson OM_uint32 minor_status; 231c0b9f4feSDoug Rabson struct _gss_name *name; 232c0b9f4feSDoug Rabson struct _gss_mechanism_name *mn; 233c0b9f4feSDoug Rabson 234c0b9f4feSDoug Rabson name = malloc(sizeof(struct _gss_name)); 235c0b9f4feSDoug Rabson if (!name) 236c0b9f4feSDoug Rabson return (0); 237c0b9f4feSDoug Rabson memset(name, 0, sizeof(struct _gss_name)); 238c0b9f4feSDoug Rabson 239c0b9f4feSDoug Rabson mn = malloc(sizeof(struct _gss_mechanism_name)); 240c0b9f4feSDoug Rabson if (!mn) { 241c0b9f4feSDoug Rabson free(name); 242c0b9f4feSDoug Rabson return (0); 243c0b9f4feSDoug Rabson } 244c0b9f4feSDoug Rabson 245c0b9f4feSDoug Rabson SLIST_INIT(&name->gn_mn); 246c0b9f4feSDoug Rabson mn->gmn_mech = m; 247c0b9f4feSDoug Rabson mn->gmn_mech_oid = &m->gm_mech_oid; 248c0b9f4feSDoug Rabson mn->gmn_name = new_mn; 249c0b9f4feSDoug Rabson SLIST_INSERT_HEAD(&name->gn_mn, mn, gmn_link); 250c0b9f4feSDoug Rabson 251c0b9f4feSDoug Rabson return (name); 252c0b9f4feSDoug Rabson } 253c0b9f4feSDoug Rabson 254