1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * support.c 24 * 25 * Copyright (c) 1997, by Sun Microsystems, Inc. 26 * All rights reserved. 27 * 28 */ 29 30 #include <libintl.h> 31 #include <locale.h> 32 33 #include "dh_gssapi.h" 34 35 /* 36 * __dh_gss_display_status: This is the routine that implements 37 * gss_display_status for Diffie-Hellman mechanism. Note we will 38 * return failure if the status_type parameter is GSS_C_GSS_CODE 39 * since libgss should handle the mechanism independent codes. 40 */ 41 OM_uint32 42 __dh_gss_display_status(void *ctx, /* Per mechanism context */ 43 OM_uint32 *minor, /* This mechanism's status */ 44 OM_uint32 status_value, /* The value to dispaly */ 45 int status_type, /* Shoud alway be GSS_C_MECH_COE */ 46 gss_OID mech, /* Our OID or GSS_C_NO_OID */ 47 OM_uint32* mesg_ctx, /* Message context for continues */ 48 gss_buffer_t status_str /* The displayed output */) 49 { 50 char *str; 51 OM_uint32 major = GSS_S_COMPLETE; 52 53 if (!minor) 54 return (GSS_S_CALL_INACCESSIBLE_WRITE); 55 *minor = DH_SUCCESS; 56 57 if (!mesg_ctx) 58 return (GSS_S_CALL_INACCESSIBLE_WRITE); 59 60 /* We only have one message per status value */ 61 *mesg_ctx = 0; 62 63 64 /* 65 * If status_type equals GSS_C_GSS_CODE, we'll return 66 * GSS_S_FAILURE. This status type is handled by the caller, 67 * libgss, since it is mechanism independent. We should never see 68 * this. If the status type does not equal GSS_C_MECH_CODE and 69 * does not equal GSS_C_GSS_CODE we return GSS_S_BAD_STATUS as per 70 * spec. 71 */ 72 73 if (status_type != GSS_C_MECH_CODE) 74 return ((status_type == GSS_C_GSS_CODE ? 75 GSS_S_FAILURE : GSS_S_BAD_STATUS)); 76 77 if (mech != GSS_C_NO_OID && 78 !__OID_equal(((dh_context_t)ctx)->mech, mech)) 79 return (GSS_S_BAD_MECH); 80 81 /* Convert the DH status value to an internationalize string */ 82 switch (status_value) { 83 case DH_SUCCESS: 84 str = dgettext(TEXT_DOMAIN, "mech_dh: Success"); 85 break; 86 case DH_NOMEM_FAILURE: 87 str = dgettext(TEXT_DOMAIN, "mech_dh: No memory"); 88 break; 89 case DH_ENCODE_FAILURE: 90 str = dgettext(TEXT_DOMAIN, 91 "mech_dh: Could not encode token"); 92 break; 93 case DH_DECODE_FAILURE: 94 str = dgettext(TEXT_DOMAIN, 95 "mech_dh: Could not decode token"); 96 break; 97 case DH_BADARG_FAILURE: 98 str = dgettext(TEXT_DOMAIN, "mech_dh: Bad argument"); 99 break; 100 case DH_CIPHER_FAILURE: 101 str = dgettext(TEXT_DOMAIN, "mech_dh: Cipher failure"); 102 break; 103 case DH_VERIFIER_FAILURE: 104 str = dgettext(TEXT_DOMAIN, "mech_dh: Verifier failure"); 105 break; 106 case DH_SESSION_CIPHER_FAILURE: 107 str = dgettext(TEXT_DOMAIN, "mech_dh: Session cipher failure"); 108 break; 109 case DH_NO_SECRET: 110 str = dgettext(TEXT_DOMAIN, "mech_dh: No secret key"); 111 break; 112 case DH_NO_PRINCIPAL: 113 str = dgettext(TEXT_DOMAIN, "mech_dh: No principal"); 114 break; 115 case DH_NOT_LOCAL: 116 str = dgettext(TEXT_DOMAIN, "mech_dh: Not local principal"); 117 break; 118 case DH_UNKNOWN_QOP: 119 str = dgettext(TEXT_DOMAIN, "mech_dh: Unkown QOP"); 120 break; 121 case DH_VERIFIER_MISMATCH: 122 str = dgettext(TEXT_DOMAIN, "mech_dh: Verifier mismatch"); 123 break; 124 case DH_NO_SUCH_USER: 125 str = dgettext(TEXT_DOMAIN, "mech_dh: No such user"); 126 break; 127 case DH_NETNAME_FAILURE: 128 str = dgettext(TEXT_DOMAIN, 129 "mech_dh: Could not generate netname"); 130 break; 131 case DH_BAD_CRED: 132 str = dgettext(TEXT_DOMAIN, "mech_dh: Invalid credential"); 133 break; 134 case DH_BAD_CONTEXT: 135 str = dgettext(TEXT_DOMAIN, "mech_dh: Invalid GSS context"); 136 break; 137 case DH_PROTO_MISMATCH: 138 str = dgettext(TEXT_DOMAIN, "mech_dh: Diffie-Hellman protocol " 139 "mismatch"); 140 break; 141 default: 142 str = dgettext(TEXT_DOMAIN, "mech_dh: Invalid or " 143 "unknown error"); 144 major = GSS_S_BAD_STATUS; 145 break; 146 } 147 148 /* Copy the string to the output */ 149 status_str->value = strdup(str); 150 if (status_str == 0) { 151 *minor = DH_NOMEM_FAILURE; 152 return (GSS_S_FAILURE); 153 } 154 status_str->length = strlen(str); 155 156 /* Return the GSS status of GSS_S_COMPLETE or GSS_S_BAD_STATUS */ 157 return (major); 158 } 159 160 161 /* 162 * This function is completely implemented in libgss. Its entry point is 163 * set to NULL in dhmech.c 164 */ 165 /* 166 * OM_uint32 167 * __dh_gss_indicate_mechs(void *ctx, OM_uint32 *minor, gss_OID_set *mechs) 168 * { 169 * return (GSS_S_UNAVAILABLE); 170 * } 171 */ 172