1 /*- 2 * Copyright (c) 2005 Doug Rabson 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * 26 * $FreeBSD$ 27 */ 28 29 #include <gssapi/gssapi.h> 30 #include <stdlib.h> 31 #include <errno.h> 32 33 #include "mech_switch.h" 34 #include "name.h" 35 36 /* 37 * The implementation must reserve static storage for a 38 * gss_OID_desc object containing the value 39 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 40 * "\x01\x02\x01\x01"}, 41 * corresponding to an object-identifier value of 42 * {iso(1) member-body(2) United States(840) mit(113554) 43 * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant 44 * GSS_C_NT_USER_NAME should be initialized to point 45 * to that gss_OID_desc. 46 */ 47 static gss_OID_desc GSS_C_NT_USER_NAME_storage = 48 {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x01"}; 49 gss_OID GSS_C_NT_USER_NAME = &GSS_C_NT_USER_NAME_storage; 50 51 /* 52 * The implementation must reserve static storage for a 53 * gss_OID_desc object containing the value 54 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 55 * "\x01\x02\x01\x02"}, 56 * corresponding to an object-identifier value of 57 * {iso(1) member-body(2) United States(840) mit(113554) 58 * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}. 59 * The constant GSS_C_NT_MACHINE_UID_NAME should be 60 * initialized to point to that gss_OID_desc. 61 */ 62 static gss_OID_desc GSS_C_NT_MACHINE_UID_NAME_storage = 63 {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x02"}; 64 gss_OID GSS_C_NT_MACHINE_UID_NAME = &GSS_C_NT_MACHINE_UID_NAME_storage; 65 66 /* 67 * The implementation must reserve static storage for a 68 * gss_OID_desc object containing the value 69 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 70 * "\x01\x02\x01\x03"}, 71 * corresponding to an object-identifier value of 72 * {iso(1) member-body(2) United States(840) mit(113554) 73 * infosys(1) gssapi(2) generic(1) string_uid_name(3)}. 74 * The constant GSS_C_NT_STRING_UID_NAME should be 75 * initialized to point to that gss_OID_desc. 76 */ 77 static gss_OID_desc GSS_C_NT_STRING_UID_NAME_storage = 78 {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x03"}; 79 gss_OID GSS_C_NT_STRING_UID_NAME = &GSS_C_NT_STRING_UID_NAME_storage; 80 81 /* 82 * The implementation must reserve static storage for a 83 * gss_OID_desc object containing the value 84 * {6, (void *)"\x2b\x06\x01\x05\x06\x02"}, 85 * corresponding to an object-identifier value of 86 * {iso(1) org(3) dod(6) internet(1) security(5) 87 * nametypes(6) gss-host-based-services(2)). The constant 88 * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point 89 * to that gss_OID_desc. This is a deprecated OID value, and 90 * implementations wishing to support hostbased-service names 91 * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID, 92 * defined below, to identify such names; 93 * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym 94 * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input 95 * parameter, but should not be emitted by GSS-API 96 * implementations 97 */ 98 static gss_OID_desc GSS_C_NT_HOSTBASED_SERVICE_X_storage = 99 {6, (void *)"\x2b\x06\x01\x05\x06\x02"}; 100 gss_OID GSS_C_NT_HOSTBASED_SERVICE_X = &GSS_C_NT_HOSTBASED_SERVICE_X_storage; 101 102 /* 103 * The implementation must reserve static storage for a 104 * gss_OID_desc object containing the value 105 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 106 * "\x01\x02\x01\x04"}, corresponding to an 107 * object-identifier value of {iso(1) member-body(2) 108 * Unites States(840) mit(113554) infosys(1) gssapi(2) 109 * generic(1) service_name(4)}. The constant 110 * GSS_C_NT_HOSTBASED_SERVICE should be initialized 111 * to point to that gss_OID_desc. 112 */ 113 static gss_OID_desc GSS_C_NT_HOSTBASED_SERVICE_storage = 114 {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x04"}; 115 gss_OID GSS_C_NT_HOSTBASED_SERVICE = &GSS_C_NT_HOSTBASED_SERVICE_storage; 116 117 /* 118 * The implementation must reserve static storage for a 119 * gss_OID_desc object containing the value 120 * {6, (void *)"\x2b\x06\01\x05\x06\x03"}, 121 * corresponding to an object identifier value of 122 * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 123 * 6(nametypes), 3(gss-anonymous-name)}. The constant 124 * and GSS_C_NT_ANONYMOUS should be initialized to point 125 * to that gss_OID_desc. 126 */ 127 static gss_OID_desc GSS_C_NT_ANONYMOUS_storage = 128 {6, (void *)"\x2b\x06\01\x05\x06\x03"}; 129 gss_OID GSS_C_NT_ANONYMOUS = &GSS_C_NT_ANONYMOUS_storage; 130 131 /* 132 * The implementation must reserve static storage for a 133 * gss_OID_desc object containing the value 134 * {6, (void *)"\x2b\x06\x01\x05\x06\x04"}, 135 * corresponding to an object-identifier value of 136 * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 137 * 6(nametypes), 4(gss-api-exported-name)}. The constant 138 * GSS_C_NT_EXPORT_NAME should be initialized to point 139 * to that gss_OID_desc. 140 */ 141 static gss_OID_desc GSS_C_NT_EXPORT_NAME_storage = 142 {6, (void *)"\x2b\x06\x01\x05\x06\x04"}; 143 gss_OID GSS_C_NT_EXPORT_NAME = &GSS_C_NT_EXPORT_NAME_storage; 144 145 /* 146 * This name form shall be represented by the Object Identifier {iso(1) 147 * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 148 * krb5(2) krb5_name(1)}. The recommended symbolic name for this type 149 * is "GSS_KRB5_NT_PRINCIPAL_NAME". 150 */ 151 static gss_OID_desc GSS_KRB5_NT_PRINCIPAL_NAME_storage = 152 {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x01"}; 153 gss_OID GSS_KRB5_NT_PRINCIPAL_NAME = &GSS_KRB5_NT_PRINCIPAL_NAME_storage; 154 155 /* 156 * This name form shall be represented by the Object Identifier {iso(1) 157 * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 158 * generic(1) user_name(1)}. The recommended symbolic name for this 159 * type is "GSS_KRB5_NT_USER_NAME". 160 */ 161 gss_OID GSS_KRB5_NT_USER_NAME = &GSS_C_NT_USER_NAME_storage; 162 163 /* 164 * This name form shall be represented by the Object Identifier {iso(1) 165 * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 166 * generic(1) machine_uid_name(2)}. The recommended symbolic name for 167 * this type is "GSS_KRB5_NT_MACHINE_UID_NAME". 168 */ 169 gss_OID GSS_KRB5_NT_MACHINE_UID_NAME = &GSS_C_NT_MACHINE_UID_NAME_storage; 170 171 /* 172 * This name form shall be represented by the Object Identifier {iso(1) 173 * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 174 * generic(1) string_uid_name(3)}. The recommended symbolic name for 175 * this type is "GSS_KRB5_NT_STRING_UID_NAME". 176 */ 177 gss_OID GSS_KRB5_NT_STRING_UID_NAME = &GSS_C_NT_STRING_UID_NAME_storage; 178 179 struct _gss_mechanism_name * 180 _gss_find_mn(struct _gss_name *name, gss_OID mech) 181 { 182 OM_uint32 major_status, minor_status; 183 struct _gss_mech_switch *m; 184 struct _gss_mechanism_name *mn; 185 186 SLIST_FOREACH(mn, &name->gn_mn, gmn_link) { 187 if (_gss_oid_equal(mech, mn->gmn_mech_oid)) 188 break; 189 } 190 191 if (!mn) { 192 /* 193 * If this name is canonical (i.e. there is only an 194 * MN but it is from a different mech), give up now. 195 */ 196 if (!name->gn_value.value) 197 return (0); 198 199 m = _gss_find_mech_switch(mech); 200 if (!m) 201 return (0); 202 203 mn = malloc(sizeof(struct _gss_mechanism_name)); 204 if (!mn) 205 return (0); 206 207 major_status = m->gm_import_name(&minor_status, 208 &name->gn_value, 209 (name->gn_type.elements 210 ? &name->gn_type : GSS_C_NO_OID), 211 &mn->gmn_name); 212 if (major_status) { 213 free(mn); 214 return (0); 215 } 216 217 mn->gmn_mech = m; 218 mn->gmn_mech_oid = &m->gm_mech_oid; 219 SLIST_INSERT_HEAD(&name->gn_mn, mn, gmn_link); 220 } 221 return (mn); 222 } 223 224 /* 225 * Make a name from an MN. 226 */ 227 struct _gss_name * 228 _gss_make_name(struct _gss_mech_switch *m, gss_name_t new_mn) 229 { 230 OM_uint32 minor_status; 231 struct _gss_name *name; 232 struct _gss_mechanism_name *mn; 233 234 name = malloc(sizeof(struct _gss_name)); 235 if (!name) 236 return (0); 237 memset(name, 0, sizeof(struct _gss_name)); 238 239 mn = malloc(sizeof(struct _gss_mechanism_name)); 240 if (!mn) { 241 free(name); 242 return (0); 243 } 244 245 SLIST_INIT(&name->gn_mn); 246 mn->gmn_mech = m; 247 mn->gmn_mech_oid = &m->gm_mech_oid; 248 mn->gmn_name = new_mn; 249 SLIST_INSERT_HEAD(&name->gn_mn, mn, gmn_link); 250 251 return (name); 252 } 253 254