lib/libgssapi/gss_display_status.c

153838Sdfr/*-
153838Sdfr * Copyright (c) 2005 Doug Rabson
153838Sdfr * All rights reserved.
153838Sdfr *
153838Sdfr * Redistribution and use in source and binary forms, with or without
153838Sdfr * modification, are permitted provided that the following conditions
153838Sdfr * are met:
153838Sdfr * 1. Redistributions of source code must retain the above copyright
153838Sdfr *    notice, this list of conditions and the following disclaimer.
153838Sdfr * 2. Redistributions in binary form must reproduce the above copyright
153838Sdfr *    notice, this list of conditions and the following disclaimer in the
153838Sdfr *    documentation and/or other materials provided with the distribution.
153838Sdfr *
153838Sdfr * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
153838Sdfr * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
153838Sdfr * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
153838Sdfr * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
153838Sdfr * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
153838Sdfr * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
153838Sdfr * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
153838Sdfr * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
153838Sdfr * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
153838Sdfr * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
153838Sdfr * SUCH DAMAGE.
153838Sdfr *
153838Sdfr *	$FreeBSD$
153838Sdfr */
171112Sdfr/*
229784Suqs * Copyright (c) 1998 - 2005 Kungliga Tekniska H��gskolan
171112Sdfr * (Royal Institute of Technology, Stockholm, Sweden).
171112Sdfr * All rights reserved.
171112Sdfr *
171112Sdfr * Redistribution and use in source and binary forms, with or without
171112Sdfr * modification, are permitted provided that the following conditions
171112Sdfr * are met:
171112Sdfr *
171112Sdfr * 1. Redistributions of source code must retain the above copyright
171112Sdfr *    notice, this list of conditions and the following disclaimer.
171112Sdfr *
171112Sdfr * 2. Redistributions in binary form must reproduce the above copyright
171112Sdfr *    notice, this list of conditions and the following disclaimer in the
171112Sdfr *    documentation and/or other materials provided with the distribution.
171112Sdfr *
171112Sdfr * 3. Neither the name of the Institute nor the names of its contributors
171112Sdfr *    may be used to endorse or promote products derived from this software
171112Sdfr *    without specific prior written permission.
171112Sdfr *
171112Sdfr * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
171112Sdfr * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
171112Sdfr * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
171112Sdfr * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
171112Sdfr * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
171112Sdfr * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
171112Sdfr * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
171112Sdfr * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
171112Sdfr * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
171112Sdfr * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
171112Sdfr * SUCH DAMAGE.
171112Sdfr */
178828Sdfr/*
229784Suqs * Copyright (c) 1998 - 2005 Kungliga Tekniska H��gskolan
178828Sdfr * (Royal Institute of Technology, Stockholm, Sweden).
178828Sdfr * All rights reserved.
178828Sdfr *
178828Sdfr * Redistribution and use in source and binary forms, with or without
178828Sdfr * modification, are permitted provided that the following conditions
178828Sdfr * are met:
178828Sdfr *
178828Sdfr * 1. Redistributions of source code must retain the above copyright
178828Sdfr *    notice, this list of conditions and the following disclaimer.
178828Sdfr *
178828Sdfr * 2. Redistributions in binary form must reproduce the above copyright
178828Sdfr *    notice, this list of conditions and the following disclaimer in the
178828Sdfr *    documentation and/or other materials provided with the distribution.
178828Sdfr *
178828Sdfr * 3. Neither the name of the Institute nor the names of its contributors
178828Sdfr *    may be used to endorse or promote products derived from this software
178828Sdfr *    without specific prior written permission.
178828Sdfr *
178828Sdfr * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
178828Sdfr * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
178828Sdfr * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
178828Sdfr * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
178828Sdfr * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
178828Sdfr * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
178828Sdfr * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
178828Sdfr * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
178828Sdfr * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
178828Sdfr * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
178828Sdfr * SUCH DAMAGE.
178828Sdfr */
153838Sdfr
153838Sdfr#include <gssapi/gssapi.h>
178828Sdfr#include <stdio.h>
153838Sdfr#include <string.h>
178828Sdfr#include <stdlib.h>
171112Sdfr#include <errno.h>
153838Sdfr
153838Sdfr#include "mech_switch.h"
178828Sdfr#include "utils.h"
153838Sdfr
171112Sdfrstatic const char *
171112Sdfrcalling_error(OM_uint32 v)
171112Sdfr{
171112Sdfr    static const char *msgs[] = {
171112Sdfr	NULL,			/* 0 */
171112Sdfr	"A required input parameter could not be read.", /*  */
171112Sdfr	"A required output parameter could not be written.", /*  */
171112Sdfr	"A parameter was malformed"
171112Sdfr    };
153838Sdfr
171112Sdfr    v >>= GSS_C_CALLING_ERROR_OFFSET;
153838Sdfr
171112Sdfr    if (v == 0)
171112Sdfr	return "";
171112Sdfr    else if (v >= sizeof(msgs)/sizeof(*msgs))
171112Sdfr	return "unknown calling error";
171112Sdfr    else
171112Sdfr	return msgs[v];
171112Sdfr}
153838Sdfr
171112Sdfrstatic const char *
171112Sdfrroutine_error(OM_uint32 v)
171112Sdfr{
171112Sdfr    static const char *msgs[] = {
178828Sdfr	"Function completed successfully",			/* 0 */
171112Sdfr	"An unsupported mechanism was requested",
171112Sdfr	"An invalid name was supplied",
171112Sdfr	"A supplied name was of an unsupported type",
171112Sdfr	"Incorrect channel bindings were supplied",
171112Sdfr	"An invalid status code was supplied",
171112Sdfr	"A token had an invalid MIC",
171112Sdfr	"No credentials were supplied, "
171112Sdfr	"or the credentials were unavailable or inaccessible.",
171112Sdfr	"No context has been established",
171112Sdfr	"A token was invalid",
171112Sdfr	"A credential was invalid",
171112Sdfr	"The referenced credentials have expired",
171112Sdfr	"The context has expired",
171112Sdfr	"Miscellaneous failure (see text)",
171112Sdfr	"The quality-of-protection requested could not be provide",
171112Sdfr	"The operation is forbidden by local security policy",
171112Sdfr	"The operation or option is not available",
171112Sdfr	"The requested credential element already exists",
171112Sdfr	"The provided name was not a mechanism name.",
171112Sdfr    };
171112Sdfr
171112Sdfr    v >>= GSS_C_ROUTINE_ERROR_OFFSET;
171112Sdfr
178828Sdfr    if (v >= sizeof(msgs)/sizeof(*msgs))
171112Sdfr	return "unknown routine error";
171112Sdfr    else
171112Sdfr	return msgs[v];
171112Sdfr}
171112Sdfr
171112Sdfrstatic const char *
171112Sdfrsupplementary_error(OM_uint32 v)
171112Sdfr{
171112Sdfr    static const char *msgs[] = {
171112Sdfr	"normal completion",
171112Sdfr	"continuation call to routine required",
171112Sdfr	"duplicate per-message token detected",
171112Sdfr	"timed-out per-message token detected",
171112Sdfr	"reordered (early) per-message token detected",
171112Sdfr	"skipped predecessor token(s) detected"
171112Sdfr    };
171112Sdfr
171112Sdfr    v >>= GSS_C_SUPPLEMENTARY_OFFSET;
171112Sdfr
171112Sdfr    if (v >= sizeof(msgs)/sizeof(*msgs))
171112Sdfr	return "unknown routine error";
171112Sdfr    else
171112Sdfr	return msgs[v];
171112Sdfr}
171112Sdfr
234011Sstas#if defined(__NO_TLS)
178828Sdfr
178828Sdfr/*
178828Sdfr * These platforms don't support TLS on FreeBSD - threads will just
178828Sdfr * have to step on each other's error values for now.
178828Sdfr */
178828Sdfr#define __thread
178828Sdfr
178828Sdfr#endif
178828Sdfr
178828Sdfrstruct mg_thread_ctx {
178828Sdfr    gss_OID mech;
178828Sdfr    OM_uint32 maj_stat;
178828Sdfr    OM_uint32 min_stat;
178828Sdfr    gss_buffer_desc maj_error;
178828Sdfr    gss_buffer_desc min_error;
178828Sdfr};
178828Sdfrstatic __thread struct mg_thread_ctx last_error_context;
178828Sdfr
178828Sdfrstatic OM_uint32
178828Sdfr_gss_mg_get_error(const gss_OID mech, OM_uint32 type,
178828Sdfr		  OM_uint32 value, gss_buffer_t string)
178828Sdfr{
178828Sdfr	struct mg_thread_ctx *mg;
178828Sdfr
178828Sdfr	mg = &last_error_context;
178828Sdfr
178828Sdfr	if (mech != NULL && gss_oid_equal(mg->mech, mech) == 0)
178828Sdfr		return (GSS_S_BAD_STATUS);
178828Sdfr
178828Sdfr	switch (type) {
178828Sdfr	case GSS_C_GSS_CODE: {
178828Sdfr		if (value != mg->maj_stat || mg->maj_error.length == 0)
178828Sdfr			break;
178828Sdfr		string->value = malloc(mg->maj_error.length);
178828Sdfr		string->length = mg->maj_error.length;
178828Sdfr		memcpy(string->value, mg->maj_error.value,
178828Sdfr		    mg->maj_error.length);
178828Sdfr		return (GSS_S_COMPLETE);
178828Sdfr	}
178828Sdfr	case GSS_C_MECH_CODE: {
178828Sdfr		if (value != mg->min_stat || mg->min_error.length == 0)
178828Sdfr			break;
178828Sdfr		string->value = malloc(mg->min_error.length);
178828Sdfr		string->length = mg->min_error.length;
178828Sdfr		memcpy(string->value, mg->min_error.value,
178828Sdfr		    mg->min_error.length);
178828Sdfr		return (GSS_S_COMPLETE);
178828Sdfr	}
178828Sdfr	}
178828Sdfr	string->value = NULL;
178828Sdfr	string->length = 0;
178828Sdfr	return (GSS_S_BAD_STATUS);
178828Sdfr}
178828Sdfr
178828Sdfrvoid
178828Sdfr_gss_mg_error(struct _gss_mech_switch *m, OM_uint32 maj, OM_uint32 min)
178828Sdfr{
178828Sdfr	OM_uint32 major_status, minor_status;
178828Sdfr	OM_uint32 message_content;
178828Sdfr	struct mg_thread_ctx *mg;
178828Sdfr
178828Sdfr	mg = &last_error_context;
178828Sdfr
178828Sdfr	gss_release_buffer(&minor_status, &mg->maj_error);
178828Sdfr	gss_release_buffer(&minor_status, &mg->min_error);
178828Sdfr
178828Sdfr	mg->mech = &m->gm_mech_oid;
178828Sdfr	mg->maj_stat = maj;
178828Sdfr	mg->min_stat = min;
178828Sdfr
178828Sdfr	major_status = m->gm_display_status(&minor_status,
178828Sdfr	    maj,
178828Sdfr	    GSS_C_GSS_CODE,
178828Sdfr	    &m->gm_mech_oid,
178828Sdfr	    &message_content,
178828Sdfr	    &mg->maj_error);
178828Sdfr	if (GSS_ERROR(major_status)) {
178828Sdfr		mg->maj_error.value = NULL;
178828Sdfr		mg->maj_error.length = 0;
178828Sdfr	}
178828Sdfr	major_status = m->gm_display_status(&minor_status,
178828Sdfr	    min,
178828Sdfr	    GSS_C_MECH_CODE,
178828Sdfr	    &m->gm_mech_oid,
178828Sdfr	    &message_content,
178828Sdfr	    &mg->min_error);
178828Sdfr	if (GSS_ERROR(major_status)) {
178828Sdfr		mg->min_error.value = NULL;
178828Sdfr		mg->min_error.length = 0;
178828Sdfr	}
178828Sdfr}
178828Sdfr
153838SdfrOM_uint32
153838Sdfrgss_display_status(OM_uint32 *minor_status,
153838Sdfr    OM_uint32 status_value,
153838Sdfr    int status_type,
178828Sdfr    const gss_OID mech_type,
153838Sdfr    OM_uint32 *message_content,
153838Sdfr    gss_buffer_t status_string)
153838Sdfr{
153838Sdfr	OM_uint32 major_status;
153838Sdfr
178828Sdfr	_gss_buffer_zero(status_string);
178828Sdfr	*message_content = 0;
178828Sdfr
178828Sdfr	major_status = _gss_mg_get_error(mech_type, status_type,
178828Sdfr					 status_value, status_string);
178828Sdfr	if (major_status == GSS_S_COMPLETE) {
178828Sdfr
178828Sdfr		*message_content = 0;
178828Sdfr		*minor_status = 0;
178828Sdfr		return (GSS_S_COMPLETE);
171254Sdfr	}
171254Sdfr
153838Sdfr	*minor_status = 0;
153838Sdfr	switch (status_type) {
171112Sdfr	case GSS_C_GSS_CODE: {
171112Sdfr		char *buf;
153838Sdfr
171112Sdfr		if (GSS_SUPPLEMENTARY_INFO(status_value))
171112Sdfr		    asprintf(&buf, "%s", supplementary_error(
171112Sdfr		        GSS_SUPPLEMENTARY_INFO(status_value)));
171112Sdfr		else
171112Sdfr		    asprintf (&buf, "%s %s",
171112Sdfr		        calling_error(GSS_CALLING_ERROR(status_value)),
171112Sdfr			routine_error(GSS_ROUTINE_ERROR(status_value)));
171112Sdfr
178828Sdfr		if (buf == NULL)
178828Sdfr			break;
178828Sdfr
171112Sdfr		status_string->length = strlen(buf);
171112Sdfr		status_string->value  = buf;
171112Sdfr
178828Sdfr		return (GSS_S_COMPLETE);
171112Sdfr	}
171112Sdfr	case GSS_C_MECH_CODE: {
178828Sdfr		OM_uint32 maj_junk, min_junk;
178828Sdfr		gss_buffer_desc oid;
178828Sdfr		char *buf;
178828Sdfr
178828Sdfr		maj_junk = gss_oid_to_str(&min_junk, mech_type, &oid);
178828Sdfr		if (maj_junk != GSS_S_COMPLETE) {
178828Sdfr			oid.value = strdup("unknown");
178828Sdfr			oid.length = 7;
153838Sdfr		}
178828Sdfr
178828Sdfr		asprintf (&buf, "unknown mech-code %lu for mech %.*s",
178828Sdfr			  (unsigned long)status_value,
178828Sdfr			  (int)oid.length, (char *)oid.value);
178828Sdfr		if (maj_junk == GSS_S_COMPLETE)
178828Sdfr			gss_release_buffer(&min_junk, &oid);
178828Sdfr
178828Sdfr		if (buf == NULL)
178828Sdfr		    break;
178828Sdfr
178828Sdfr		status_string->length = strlen(buf);
178828Sdfr		status_string->value  = buf;
178828Sdfr
178828Sdfr		return (GSS_S_COMPLETE);
153838Sdfr	}
171112Sdfr	}
178828Sdfr	_gss_buffer_zero(status_string);
153838Sdfr	return (GSS_S_BAD_STATUS);
153838Sdfr}
233294Sstas
233294Sstasvoid
233294Sstas_gss_mg_collect_error(gss_OID mech, OM_uint32 maj, OM_uint32 min)
233294Sstas{
233294Sstas	struct _gss_mech_switch *m;
233294Sstas
233294Sstas	m = _gss_find_mech_switch(mech);
233294Sstas	if (m != NULL)
233294Sstas		_gss_mg_error(m, maj, min);
233294Sstas}