17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5503a2b89SPeter Shoults * Common Development and Distribution License (the "License"). 6503a2b89SPeter Shoults * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 22*5e01956fSGlenn Barry * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved. 237c478bd9Sstevel@tonic-gate */ 247c478bd9Sstevel@tonic-gate 257c478bd9Sstevel@tonic-gate /* 267c478bd9Sstevel@tonic-gate * glue routine for gss_compare_name 277c478bd9Sstevel@tonic-gate * 287c478bd9Sstevel@tonic-gate */ 297c478bd9Sstevel@tonic-gate 307c478bd9Sstevel@tonic-gate #include <mechglueP.h> 31*5e01956fSGlenn Barry #include "gssapiP_generic.h" 327c478bd9Sstevel@tonic-gate #ifdef HAVE_STDLIB_H 337c478bd9Sstevel@tonic-gate #include <stdlib.h> 347c478bd9Sstevel@tonic-gate #endif 357c478bd9Sstevel@tonic-gate #include <string.h> 367c478bd9Sstevel@tonic-gate 37503a2b89SPeter Shoults static OM_uint32 38503a2b89SPeter Shoults val_comp_name_args( 39503a2b89SPeter Shoults OM_uint32 *minor_status, 40503a2b89SPeter Shoults gss_name_t name1, 41503a2b89SPeter Shoults gss_name_t name2, 42503a2b89SPeter Shoults int *name_equal) 43503a2b89SPeter Shoults { 44503a2b89SPeter Shoults 45503a2b89SPeter Shoults /* Initialize outputs. */ 46503a2b89SPeter Shoults 47503a2b89SPeter Shoults if (minor_status != NULL) 48503a2b89SPeter Shoults *minor_status = 0; 49503a2b89SPeter Shoults 50503a2b89SPeter Shoults /* Validate arguments. */ 51503a2b89SPeter Shoults 52503a2b89SPeter Shoults if (name1 == GSS_C_NO_NAME || name2 == GSS_C_NO_NAME) 53503a2b89SPeter Shoults return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME); 54503a2b89SPeter Shoults 55503a2b89SPeter Shoults if (name_equal == NULL) 56503a2b89SPeter Shoults return (GSS_S_CALL_INACCESSIBLE_WRITE); 57503a2b89SPeter Shoults 58503a2b89SPeter Shoults return (GSS_S_COMPLETE); 59503a2b89SPeter Shoults } 60503a2b89SPeter Shoults 617c478bd9Sstevel@tonic-gate OM_uint32 627c478bd9Sstevel@tonic-gate gss_compare_name(minor_status, 637c478bd9Sstevel@tonic-gate name1, 647c478bd9Sstevel@tonic-gate name2, 657c478bd9Sstevel@tonic-gate name_equal) 667c478bd9Sstevel@tonic-gate 677c478bd9Sstevel@tonic-gate OM_uint32 *minor_status; 687c478bd9Sstevel@tonic-gate const gss_name_t name1; 697c478bd9Sstevel@tonic-gate const gss_name_t name2; 707c478bd9Sstevel@tonic-gate int *name_equal; 717c478bd9Sstevel@tonic-gate 727c478bd9Sstevel@tonic-gate { 737c478bd9Sstevel@tonic-gate OM_uint32 major_status, temp_minor; 747c478bd9Sstevel@tonic-gate gss_union_name_t union_name1, union_name2; 75*5e01956fSGlenn Barry gss_mechanism mech = NULL; 767c478bd9Sstevel@tonic-gate gss_name_t internal_name; 777c478bd9Sstevel@tonic-gate 78503a2b89SPeter Shoults major_status = val_comp_name_args(minor_status, 79503a2b89SPeter Shoults name1, name2, name_equal); 80503a2b89SPeter Shoults if (major_status != GSS_S_COMPLETE) 81503a2b89SPeter Shoults return (major_status); 827c478bd9Sstevel@tonic-gate 837c478bd9Sstevel@tonic-gate union_name1 = (gss_union_name_t)name1; 847c478bd9Sstevel@tonic-gate union_name2 = (gss_union_name_t)name2; 857c478bd9Sstevel@tonic-gate /* 867c478bd9Sstevel@tonic-gate * Try our hardest to make union_name1 be the mechanism-specific 877c478bd9Sstevel@tonic-gate * name. (Of course we can't if both names aren't 887c478bd9Sstevel@tonic-gate * mechanism-specific.) 897c478bd9Sstevel@tonic-gate */ 907c478bd9Sstevel@tonic-gate if (union_name1->mech_type == 0) { 917c478bd9Sstevel@tonic-gate union_name1 = (gss_union_name_t)name2; 927c478bd9Sstevel@tonic-gate union_name2 = (gss_union_name_t)name1; 937c478bd9Sstevel@tonic-gate } 947c478bd9Sstevel@tonic-gate /* 957c478bd9Sstevel@tonic-gate * If union_name1 is mechanism specific, then fetch its mechanism 967c478bd9Sstevel@tonic-gate * information. 977c478bd9Sstevel@tonic-gate */ 987c478bd9Sstevel@tonic-gate if (union_name1->mech_type) { 997c478bd9Sstevel@tonic-gate mech = __gss_get_mechanism(union_name1->mech_type); 1007c478bd9Sstevel@tonic-gate if (!mech) 1017c478bd9Sstevel@tonic-gate return (GSS_S_BAD_MECH); 1027c478bd9Sstevel@tonic-gate if (!mech->gss_compare_name) 1037c478bd9Sstevel@tonic-gate return (GSS_S_UNAVAILABLE); 1047c478bd9Sstevel@tonic-gate } 1057c478bd9Sstevel@tonic-gate 1067c478bd9Sstevel@tonic-gate *name_equal = 0; /* Default to *not* equal.... */ 1077c478bd9Sstevel@tonic-gate 1087c478bd9Sstevel@tonic-gate /* 1097c478bd9Sstevel@tonic-gate * First case... both names are mechanism-specific 1107c478bd9Sstevel@tonic-gate */ 1117c478bd9Sstevel@tonic-gate if (union_name1->mech_type && union_name2->mech_type) { 1127c478bd9Sstevel@tonic-gate if (!g_OID_equal(union_name1->mech_type, 1137c478bd9Sstevel@tonic-gate union_name2->mech_type)) 1147c478bd9Sstevel@tonic-gate return (GSS_S_COMPLETE); 1157c478bd9Sstevel@tonic-gate if ((union_name1->mech_name == 0) || 1167c478bd9Sstevel@tonic-gate (union_name2->mech_name == 0)) 1177c478bd9Sstevel@tonic-gate /* should never happen */ 1187c478bd9Sstevel@tonic-gate return (GSS_S_BAD_NAME); 119*5e01956fSGlenn Barry if (!mech) 120*5e01956fSGlenn Barry return (GSS_S_BAD_MECH); 121*5e01956fSGlenn Barry if (!mech->gss_compare_name) 122*5e01956fSGlenn Barry return (GSS_S_UNAVAILABLE); 123*5e01956fSGlenn Barry major_status = mech->gss_compare_name(mech->context, 124*5e01956fSGlenn Barry minor_status, 1257c478bd9Sstevel@tonic-gate union_name1->mech_name, 1267c478bd9Sstevel@tonic-gate union_name2->mech_name, 127*5e01956fSGlenn Barry name_equal); 128*5e01956fSGlenn Barry if (major_status != GSS_S_COMPLETE) 129*5e01956fSGlenn Barry map_error(minor_status, mech); 130*5e01956fSGlenn Barry return major_status; 1317c478bd9Sstevel@tonic-gate } 1327c478bd9Sstevel@tonic-gate 1337c478bd9Sstevel@tonic-gate /* 1347c478bd9Sstevel@tonic-gate * Second case... both names are NOT mechanism specific. 1357c478bd9Sstevel@tonic-gate * 1367c478bd9Sstevel@tonic-gate * All we do here is make sure the two name_types are equal and then 1377c478bd9Sstevel@tonic-gate * that the external_names are equal. Note the we do not take care 1387c478bd9Sstevel@tonic-gate * of the case where two different external names map to the same 1397c478bd9Sstevel@tonic-gate * internal name. We cannot determine this, since we as yet do not 1407c478bd9Sstevel@tonic-gate * know what mechanism to use for calling the underlying 1417c478bd9Sstevel@tonic-gate * gss_import_name(). 1427c478bd9Sstevel@tonic-gate */ 1437c478bd9Sstevel@tonic-gate if (!union_name1->mech_type && !union_name2->mech_type) { 1447c478bd9Sstevel@tonic-gate /* 1457c478bd9Sstevel@tonic-gate * Second case, first sub-case... one name has null 1467c478bd9Sstevel@tonic-gate * name_type, the other doesn't. 1477c478bd9Sstevel@tonic-gate * 1487c478bd9Sstevel@tonic-gate * Not knowing a mech_type we can't import the name with 1497c478bd9Sstevel@tonic-gate * null name_type so we can't compare. 1507c478bd9Sstevel@tonic-gate */ 1517c478bd9Sstevel@tonic-gate if ((union_name1->name_type == GSS_C_NULL_OID && 1527c478bd9Sstevel@tonic-gate union_name2->name_type != GSS_C_NULL_OID) || 1537c478bd9Sstevel@tonic-gate (union_name1->name_type != GSS_C_NULL_OID && 1547c478bd9Sstevel@tonic-gate union_name2->name_type == GSS_C_NULL_OID)) 1557c478bd9Sstevel@tonic-gate return (GSS_S_COMPLETE); 1567c478bd9Sstevel@tonic-gate /* 1577c478bd9Sstevel@tonic-gate * Second case, second sub-case... both names have 1587c478bd9Sstevel@tonic-gate * name_types, but they are different. 1597c478bd9Sstevel@tonic-gate */ 1607c478bd9Sstevel@tonic-gate if ((union_name1->name_type != GSS_C_NULL_OID && 1617c478bd9Sstevel@tonic-gate union_name2->name_type != GSS_C_NULL_OID) && 1627c478bd9Sstevel@tonic-gate !g_OID_equal(union_name1->name_type, 1637c478bd9Sstevel@tonic-gate union_name2->name_type)) 1647c478bd9Sstevel@tonic-gate return (GSS_S_COMPLETE); 1657c478bd9Sstevel@tonic-gate /* 1667c478bd9Sstevel@tonic-gate * Second case, third sub-case... both names have equal 1677c478bd9Sstevel@tonic-gate * name_types (and both have no mech_types) so we just 1687c478bd9Sstevel@tonic-gate * compare the external_names. 1697c478bd9Sstevel@tonic-gate */ 1707c478bd9Sstevel@tonic-gate if ((union_name1->external_name->length != 1717c478bd9Sstevel@tonic-gate union_name2->external_name->length) || 1727c478bd9Sstevel@tonic-gate (memcmp(union_name1->external_name->value, 1737c478bd9Sstevel@tonic-gate union_name2->external_name->value, 1747c478bd9Sstevel@tonic-gate union_name1->external_name->length) != 0)) 1757c478bd9Sstevel@tonic-gate return (GSS_S_COMPLETE); 1767c478bd9Sstevel@tonic-gate *name_equal = 1; 1777c478bd9Sstevel@tonic-gate return (GSS_S_COMPLETE); 1787c478bd9Sstevel@tonic-gate } 1797c478bd9Sstevel@tonic-gate 1807c478bd9Sstevel@tonic-gate /* 1817c478bd9Sstevel@tonic-gate * Final case... one name is mechanism specific, the other isn't. 1827c478bd9Sstevel@tonic-gate * 1837c478bd9Sstevel@tonic-gate * We attempt to convert the general name to the mechanism type of 1847c478bd9Sstevel@tonic-gate * the mechanism-specific name, and then do the compare. If we 1857c478bd9Sstevel@tonic-gate * can't import the general name, then we return that the name is 1867c478bd9Sstevel@tonic-gate * _NOT_ equal. 1877c478bd9Sstevel@tonic-gate */ 1887c478bd9Sstevel@tonic-gate if (union_name2->mech_type) { 1897c478bd9Sstevel@tonic-gate /* We make union_name1 the mechanism specific name. */ 1907c478bd9Sstevel@tonic-gate union_name1 = (gss_union_name_t)name2; 1917c478bd9Sstevel@tonic-gate union_name2 = (gss_union_name_t)name1; 1927c478bd9Sstevel@tonic-gate } 1937c478bd9Sstevel@tonic-gate major_status = __gss_import_internal_name(minor_status, 1947c478bd9Sstevel@tonic-gate union_name1->mech_type, 1957c478bd9Sstevel@tonic-gate union_name2, 1967c478bd9Sstevel@tonic-gate &internal_name); 1977c478bd9Sstevel@tonic-gate if (major_status != GSS_S_COMPLETE) 1987c478bd9Sstevel@tonic-gate return (GSS_S_COMPLETE); /* return complete, but not equal */ 1997c478bd9Sstevel@tonic-gate 200*5e01956fSGlenn Barry if (!mech) 201*5e01956fSGlenn Barry return (GSS_S_BAD_MECH); 202*5e01956fSGlenn Barry if (!mech->gss_compare_name) 203*5e01956fSGlenn Barry return (GSS_S_UNAVAILABLE); 2047c478bd9Sstevel@tonic-gate major_status = mech->gss_compare_name(mech->context, minor_status, 2057c478bd9Sstevel@tonic-gate union_name1->mech_name, 2067c478bd9Sstevel@tonic-gate internal_name, 2077c478bd9Sstevel@tonic-gate name_equal); 208*5e01956fSGlenn Barry if (major_status != GSS_S_COMPLETE) 209*5e01956fSGlenn Barry map_error(minor_status, mech); 2107c478bd9Sstevel@tonic-gate (void) __gss_release_internal_name(&temp_minor, union_name1->mech_type, 2117c478bd9Sstevel@tonic-gate &internal_name); 2127c478bd9Sstevel@tonic-gate return (major_status); 2137c478bd9Sstevel@tonic-gate } 214