Home | History | Annotate | Download | only in libgss
      1 /*
      2  * CDDL HEADER START
      3  *
      4  * The contents of this file are subject to the terms of the
      5  * Common Development and Distribution License, Version 1.0 only
      6  * (the "License").  You may not use this file except in compliance
      7  * with the License.
      8  *
      9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
     10  * or http://www.opensolaris.org/os/licensing.
     11  * See the License for the specific language governing permissions
     12  * and limitations under the License.
     13  *
     14  * When distributing Covered Code, include this CDDL HEADER in each
     15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
     16  * If applicable, add the following below this CDDL HEADER, with the
     17  * fields enclosed by brackets "[]" replaced with your own identifying
     18  * information: Portions Copyright [yyyy] [name of copyright owner]
     19  *
     20  * CDDL HEADER END
     21  */
     22 /*
     23  * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
     24  * Use is subject to license terms.
     25  */
     26 
     27 #pragma ident	"%Z%%M%	%I%	%E% SMI"
     28 
     29 /*
     30  *  glue routine for gss_store_cred
     31  */
     32 
     33 #include <mechglueP.h>
     34 
     35 OM_uint32 gss_store_cred(minor_status,
     36 			input_cred_handle,
     37 			cred_usage,
     38 			desired_mech,
     39 			overwrite_cred,
     40 			default_cred,
     41 			elements_stored,
     42 			cred_usage_stored)
     43 
     44 OM_uint32		*minor_status;
     45 const gss_cred_id_t	 input_cred_handle;
     46 gss_cred_usage_t	 cred_usage;
     47 const gss_OID		 desired_mech;
     48 OM_uint32		 overwrite_cred;
     49 OM_uint32		 default_cred;
     50 gss_OID_set		*elements_stored;
     51 gss_cred_usage_t	*cred_usage_stored;
     52 
     53 {
     54 	OM_uint32		major_status = GSS_S_FAILURE;
     55 	gss_union_cred_t	union_cred;
     56 	gss_cred_id_t		mech_cred;
     57 	gss_mechanism		mech;
     58 	gss_OID			dmech;
     59 	int			i;
     60 
     61 	/* Start by checking parameters */
     62 	if (minor_status == NULL)
     63 		return (GSS_S_CALL_INACCESSIBLE_WRITE|GSS_S_NO_CRED);
     64 	*minor_status = 0;
     65 
     66 	if (input_cred_handle == GSS_C_NO_CREDENTIAL)
     67 		return (GSS_S_CALL_INACCESSIBLE_READ);
     68 
     69 	if (elements_stored != NULL)
     70 		*elements_stored = GSS_C_NULL_OID_SET;
     71 
     72 	if (cred_usage_stored != NULL)
     73 		*cred_usage_stored = GSS_C_BOTH; /* there's no GSS_C_NEITHER */
     74 
     75 	union_cred = (gss_union_cred_t)input_cred_handle;
     76 
     77 	/* desired_mech != GSS_C_NULL_OID -> store one element */
     78 	if (desired_mech != GSS_C_NULL_OID) {
     79 		mech = __gss_get_mechanism(desired_mech);
     80 		if (mech == NULL)
     81 			return (GSS_S_BAD_MECH);
     82 
     83 		if (mech->gss_store_cred == NULL)
     84 			return (major_status);
     85 
     86 		mech_cred = __gss_get_mechanism_cred(union_cred, desired_mech);
     87 		if (mech_cred == GSS_C_NO_CREDENTIAL)
     88 			return (GSS_S_NO_CRED);
     89 
     90 		return (mech->gss_store_cred(mech->context,
     91 						minor_status,
     92 						(gss_cred_id_t)mech_cred,
     93 						cred_usage,
     94 						desired_mech,
     95 						overwrite_cred,
     96 						default_cred,
     97 						elements_stored,
     98 						cred_usage_stored));
     99 	}
    100 
    101 	/* desired_mech == GSS_C_NULL_OID -> store all elements */
    102 
    103 	*minor_status = 0;
    104 
    105 	for (i = 0; i < union_cred->count; i++) {
    106 		/* Get mech and cred element */
    107 		dmech = &union_cred->mechs_array[i];
    108 		mech = __gss_get_mechanism(dmech);
    109 		if (mech == NULL)
    110 			continue;
    111 
    112 		if (mech->gss_store_cred == NULL)
    113 			continue;
    114 
    115 		mech_cred = __gss_get_mechanism_cred(union_cred, dmech);
    116 		if (mech_cred == GSS_C_NO_CREDENTIAL)
    117 			continue; /* can't happen, but safe to ignore */
    118 
    119 		major_status = mech->gss_store_cred(mech->context,
    120 						minor_status,
    121 						(gss_cred_id_t)mech_cred,
    122 						cred_usage,
    123 						dmech,
    124 						overwrite_cred,
    125 						default_cred,
    126 						NULL,
    127 						cred_usage_stored);
    128 		if (major_status != GSS_S_COMPLETE)
    129 			continue;
    130 
    131 		/* Succeeded for at least one mech */
    132 
    133 		if (elements_stored == NULL)
    134 			continue;
    135 
    136 		if (*elements_stored == GSS_C_NULL_OID_SET) {
    137 			major_status = gss_create_empty_oid_set(minor_status,
    138 						elements_stored);
    139 
    140 			if (GSS_ERROR(major_status))
    141 				return (major_status);
    142 		}
    143 
    144 		major_status = gss_add_oid_set_member(minor_status, dmech,
    145 			elements_stored);
    146 
    147 		/* The caller should clean up elements_stored */
    148 		if (GSS_ERROR(major_status))
    149 			return (major_status);
    150 	}
    151 
    152 	/*
    153 	 * Success with some mechs may mask failure with others, but
    154 	 * that's what elements_stored is for.
    155 	 */
    156 	return (major_status);
    157 }
    158