lib/libgss/g_userok.c

0  stevel /*
0  stevel  * CDDL HEADER START
0  stevel  *
0  stevel  * The contents of this file are subject to the terms of the
0  stevel  * Common Development and Distribution License, Version 1.0 only
0  stevel  * (the "License").  You may not use this file except in compliance
0  stevel  * with the License.
0  stevel  *
0  stevel  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
0  stevel  * or http://www.opensolaris.org/os/licensing.
0  stevel  * See the License for the specific language governing permissions
0  stevel  * and limitations under the License.
0  stevel  *
0  stevel  * When distributing Covered Code, include this CDDL HEADER in each
0  stevel  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
0  stevel  * If applicable, add the following below this CDDL HEADER, with the
0  stevel  * fields enclosed by brackets "[]" replaced with your own identifying
0  stevel  * information: Portions Copyright [yyyy] [name of copyright owner]
0  stevel  *
0  stevel  * CDDL HEADER END
0  stevel  */
0  stevel /*
0  stevel  * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
0  stevel  * Use is subject to license terms.
0  stevel  */
0  stevel
0  stevel #pragma ident	"%Z%%M%	%I%	%E% SMI"
0  stevel
0  stevel #include <stdio.h>
0  stevel #include <stdlib.h>
0  stevel #include <unistd.h>
0  stevel #include <deflt.h>
0  stevel #include <mechglueP.h>
0  stevel #include <gssapi/gssapi.h>
0  stevel #include <gssapi/gssapi_ext.h>
0  stevel
0  stevel
0  stevel static OM_uint32
0  stevel compare_names(OM_uint32 *minor,
0  stevel 	    const gss_OID mech_type,
0  stevel 	    const gss_name_t name,
0  stevel 	    const char *user,
0  stevel 	    int *user_ok)
0  stevel {
0  stevel
0  stevel 	OM_uint32 status, tmpMinor;
0  stevel 	gss_name_t imported_name;
0  stevel 	gss_name_t canon_name;
0  stevel 	gss_buffer_desc gss_user;
0  stevel 	int match = 0;
0  stevel
0  stevel 	*user_ok = 0;
0  stevel
0  stevel 	gss_user.value = (void *)user;
0  stevel 	if (!gss_user.value || !name || !mech_type)
0  stevel 		return (GSS_S_BAD_NAME);
0  stevel 	gss_user.length = strlen(gss_user.value);
0  stevel
0  stevel 	status = gss_import_name(minor,
0  stevel 				&gss_user,
0  stevel 				GSS_C_NT_USER_NAME,
0  stevel 				&imported_name);
0  stevel 	if (status != GSS_S_COMPLETE) {
0  stevel 		goto out;
0  stevel 	}
0  stevel
0  stevel 	status = gss_canonicalize_name(minor,
0  stevel 				    imported_name,
0  stevel 				    mech_type,
0  stevel 				    &canon_name);
0  stevel 	if (status != GSS_S_COMPLETE) {
0  stevel 		(void) gss_release_name(&tmpMinor, &imported_name);
0  stevel 		goto out;
0  stevel 	}
0  stevel
0  stevel 	status = gss_compare_name(minor,
0  stevel 				canon_name,
0  stevel 				name,
0  stevel 				&match);
0  stevel 	(void) gss_release_name(&tmpMinor, &canon_name);
0  stevel 	(void) gss_release_name(&tmpMinor, &imported_name);
0  stevel 	if (status == GSS_S_COMPLETE) {
0  stevel 		if (match)
0  stevel 			*user_ok = 1; /* remote user is a-ok */
0  stevel 	}
0  stevel
0  stevel out:
0  stevel 	return (status);
0  stevel }
0  stevel
0  stevel
0  stevel OM_uint32
0  stevel __gss_userok(OM_uint32 *minor,
0  stevel 	    const gss_name_t name,
0  stevel 	    const char *user,
0  stevel 	    int *user_ok)
0  stevel
0  stevel {
0  stevel 	gss_mechanism mech;
0  stevel 	gss_union_name_t intName;
0  stevel 	gss_name_t mechName = NULL;
0  stevel 	OM_uint32 major;
0  stevel
0  stevel 	if (minor == NULL || user_ok == NULL)
0  stevel 		return (GSS_S_CALL_INACCESSIBLE_WRITE);
0  stevel
0  stevel 	if (name == NULL || user == NULL)
0  stevel 		return (GSS_S_CALL_INACCESSIBLE_READ);
0  stevel
0  stevel 	*user_ok = 0;
0  stevel 	*minor = GSS_S_COMPLETE;
0  stevel
0  stevel 	intName = (gss_union_name_t)name;
0  stevel
0  stevel 	mech = __gss_get_mechanism(intName->mech_type);
0  stevel 	if (mech == NULL)
0  stevel 		return (GSS_S_UNAVAILABLE);
0  stevel
0  stevel 	/* may need to import the name if this is not MN */
0  stevel 	if (intName->mech_type == NULL) {
0  stevel 		return (GSS_S_FAILURE);
0  stevel 	} else
0  stevel 		mechName = intName->mech_name;
0  stevel
0  stevel 	if (mech->__gss_userok)
0  stevel 		major = mech->__gss_userok(mech->context,  minor, mechName,
0  stevel 				user, user_ok);
0  stevel 	else
0  stevel 		major = compare_names(minor, intName->mech_type,
0  stevel 				    name, user, user_ok);
0  stevel
0  stevel 	return (major);
0  stevel } /* gss_userok */