2 * Copyright (c) 2000 - 2001, 2003 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "gssapi_locl.h"
36 RCSID("$Id: copy_ccache.c,v 1.9 2005/10/31 16:02:08 lha Exp $");
39 gss_krb5_copy_ccache(OM_uint32 *minor_status,
45 HEIMDAL_MUTEX_lock(&cred->cred_id_mutex);
47 if (cred->ccache == NULL) {
48 HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex);
49 *minor_status = EINVAL;
53 kret = krb5_cc_copy_cache(gssapi_krb5_context, cred->ccache, out);
54 HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex);
57 gssapi_krb5_set_error_string ();
61 return GSS_S_COMPLETE;
66 gss_krb5_import_ccache(OM_uint32 *minor_status,
78 handle = (gss_cred_id_t)calloc(1, sizeof(*handle));
79 if (handle == GSS_C_NO_CREDENTIAL) {
80 gssapi_krb5_clear_status ();
81 *minor_status = ENOMEM;
82 return (GSS_S_FAILURE);
84 HEIMDAL_MUTEX_init(&handle->cred_id_mutex);
86 handle->usage = GSS_C_INITIATE;
88 kret = krb5_cc_get_principal(gssapi_krb5_context, in, &handle->principal);
91 gssapi_krb5_set_error_string ();
96 ret = _gssapi_krb5_ccache_lifetime(minor_status,
100 if (ret != GSS_S_COMPLETE) {
101 krb5_free_principal(gssapi_krb5_context, handle->principal);
106 ret = gss_create_empty_oid_set(minor_status, &handle->mechanisms);
107 if (ret == GSS_S_COMPLETE)
108 ret = gss_add_oid_set_member(minor_status, GSS_KRB5_MECHANISM,
109 &handle->mechanisms);
110 if (ret != GSS_S_COMPLETE) {
111 krb5_free_principal(gssapi_krb5_context, handle->principal);
113 *minor_status = kret;
114 return GSS_S_FAILURE;
118 const char *type, *name;
121 type = krb5_cc_get_type(gssapi_krb5_context, in);
122 name = krb5_cc_get_name(gssapi_krb5_context, in);
124 if (asprintf(&str, "%s:%s", type, name) == -1) {
125 krb5_set_error_string(gssapi_krb5_context,
126 "malloc - out of memory");
131 kret = krb5_cc_resolve(gssapi_krb5_context, str, &handle->ccache);
139 return GSS_S_COMPLETE;
142 gssapi_krb5_set_error_string ();
143 if (handle->principal)
144 krb5_free_principal(gssapi_krb5_context, handle->principal);
145 HEIMDAL_MUTEX_destroy(&handle->cred_id_mutex);
147 *minor_status = kret;
148 return GSS_S_FAILURE;
153 gsskrb5_extract_authz_data_from_sec_context(OM_uint32 *minor_status,
154 gss_ctx_id_t context_handle,
156 gss_buffer_t ad_data)
161 ad_data->value = NULL;
164 HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex);
165 if (context_handle->ticket == NULL) {
166 HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);
167 *minor_status = EINVAL;
168 return GSS_S_FAILURE;
171 ret = krb5_ticket_get_authorization_data_type(gssapi_krb5_context,
172 context_handle->ticket,
175 HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);
178 return GSS_S_FAILURE;
181 ad_data->value = malloc(data.length);
182 if (ad_data->value == NULL) {
183 krb5_data_free(&data);
184 *minor_status = ENOMEM;
185 return GSS_S_FAILURE;
188 ad_data->length = data.length;
189 memcpy(ad_data->value, data.data, ad_data->length);
190 krb5_data_free(&data);
193 return GSS_S_COMPLETE;
197 gsskrb5_extract_authtime_from_sec_context(OM_uint32 *minor_status,
198 gss_ctx_id_t context_handle,
201 HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex);
202 if (context_handle->ticket == NULL) {
203 HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);
204 *minor_status = EINVAL;
205 return GSS_S_FAILURE;
208 *authtime = context_handle->ticket->ticket.authtime;
209 HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);
212 return GSS_S_COMPLETE;
215 OM_uint32 gss_krb5_copy_service_keyblock
216 (OM_uint32 *minor_status,
217 gss_ctx_id_t context_handle,
218 struct EncryptionKey **out)
222 HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex);
223 if (context_handle->service_keyblock == NULL) {
224 HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);
225 *minor_status = EINVAL;
226 return GSS_S_FAILURE;
229 ret = krb5_copy_keyblock(gssapi_krb5_context,
230 context_handle->service_keyblock,
233 HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);
236 return GSS_S_FAILURE;
240 return GSS_S_COMPLETE;