2 * Copyright (c) 1999 - 2003 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "krb5/gsskrb5_locl.h"
36 RCSID("$Id: export_sec_context.c,v 1.11 2006/10/07 22:14:42 lha Exp $");
39 _gsskrb5_export_sec_context (
40 OM_uint32 * minor_status,
41 gss_ctx_id_t * context_handle,
42 gss_buffer_t interprocess_token
45 const gsskrb5_ctx ctx = (const gsskrb5_ctx) *context_handle;
48 OM_uint32 ret = GSS_S_COMPLETE;
50 gss_buffer_desc buffer;
57 HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex);
59 if (!(ctx->flags & GSS_C_TRANS_FLAG)) {
60 HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
62 return GSS_S_UNAVAILABLE;
65 sp = krb5_storage_emem ();
67 HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
68 *minor_status = ENOMEM;
71 ac = ctx->auth_context;
73 /* flagging included fields */
76 if (ac->local_address)
77 flags |= SC_LOCAL_ADDRESS;
78 if (ac->remote_address)
79 flags |= SC_REMOTE_ADDRESS;
83 flags |= SC_LOCAL_SUBKEY;
84 if (ac->remote_subkey)
85 flags |= SC_REMOTE_SUBKEY;
87 kret = krb5_store_int32 (sp, flags);
93 /* marshall auth context */
95 kret = krb5_store_int32 (sp, ac->flags);
100 if (ac->local_address) {
101 kret = krb5_store_address (sp, *ac->local_address);
103 *minor_status = kret;
107 if (ac->remote_address) {
108 kret = krb5_store_address (sp, *ac->remote_address);
110 *minor_status = kret;
114 kret = krb5_store_int16 (sp, ac->local_port);
116 *minor_status = kret;
119 kret = krb5_store_int16 (sp, ac->remote_port);
121 *minor_status = kret;
125 kret = krb5_store_keyblock (sp, *ac->keyblock);
127 *minor_status = kret;
131 if (ac->local_subkey) {
132 kret = krb5_store_keyblock (sp, *ac->local_subkey);
134 *minor_status = kret;
138 if (ac->remote_subkey) {
139 kret = krb5_store_keyblock (sp, *ac->remote_subkey);
141 *minor_status = kret;
145 kret = krb5_store_int32 (sp, ac->local_seqnumber);
147 *minor_status = kret;
150 kret = krb5_store_int32 (sp, ac->remote_seqnumber);
152 *minor_status = kret;
156 kret = krb5_store_int32 (sp, ac->keytype);
158 *minor_status = kret;
161 kret = krb5_store_int32 (sp, ac->cksumtype);
163 *minor_status = kret;
169 ret = _gsskrb5_export_name (minor_status,
170 (gss_name_t)ctx->source, &buffer);
173 data.data = buffer.value;
174 data.length = buffer.length;
175 kret = krb5_store_data (sp, data);
176 _gsskrb5_release_buffer (&minor, &buffer);
178 *minor_status = kret;
182 ret = _gsskrb5_export_name (minor_status,
183 (gss_name_t)ctx->target, &buffer);
186 data.data = buffer.value;
187 data.length = buffer.length;
191 kret = krb5_store_data (sp, data);
192 _gsskrb5_release_buffer (&minor, &buffer);
194 *minor_status = kret;
198 kret = krb5_store_int32 (sp, ctx->flags);
200 *minor_status = kret;
203 kret = krb5_store_int32 (sp, ctx->more_flags);
205 *minor_status = kret;
208 kret = krb5_store_int32 (sp, ctx->lifetime);
210 *minor_status = kret;
213 kret = _gssapi_msg_order_export(sp, ctx->order);
215 *minor_status = kret;
219 kret = krb5_storage_to_data (sp, &data);
220 krb5_storage_free (sp);
222 HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
223 *minor_status = kret;
224 return GSS_S_FAILURE;
226 interprocess_token->length = data.length;
227 interprocess_token->value = data.data;
228 HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
229 ret = _gsskrb5_delete_sec_context (minor_status, context_handle,
231 if (ret != GSS_S_COMPLETE)
232 _gsskrb5_release_buffer (NULL, interprocess_token);
236 HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
237 krb5_storage_free (sp);