1/* 2 * Copyright (c) 2008-2010 Kungliga Tekniska Högskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Portions Copyright (c) 2008-2010 Apple Inc. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * 3. Neither the name of the Institute nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36#include "heim.h" 37#include "mit-gssapi.h" 38#include "mit-gssapi_krb5.h" 39#include <string.h> 40#include <errno.h> 41#include <stdio.h> 42#include <stdlib.h> 43 44OM_uint32 45heim_gsskrb5_extract_authz_data_from_sec_context(OM_uint32 * /*minor_status*/, 46 gss_ctx_id_t /*context_handle*/, 47 int /*ad_type*/, 48 gss_buffer_t /*ad_data*/); 49 50uint32_t KRB5_CALLCONV 51apple_gss_krb5_export_authdata_if_relevant_context(uint32_t *min_stat, 52 gss_ctx_id_t *context_handle, 53 uint32_t version, 54 void **kctx) 55{ 56 apple_gss_krb5_authdata_if_relevant *d; 57 gss_buffer_desc buffer; 58 uint32_t maj_stat; 59 60 if (version != 1 && *context_handle == NULL) { 61 *min_stat = EINVAL; 62 return GSS_S_FAILURE; 63 } 64 65 maj_stat = heim_gsskrb5_extract_authz_data_from_sec_context(min_stat, 66 *context_handle, 67 KRB5_AUTHDATA_IF_RELEVANT, 68 &buffer); 69 if (maj_stat) 70 return maj_stat; 71 72 d = calloc(1, sizeof(*d)); 73 if (d == NULL) { 74 gss_release_buffer(min_stat, &buffer); 75 return GSS_S_FAILURE; 76 } 77 78 d->type = KRB5_AUTHDATA_IF_RELEVANT; 79 d->length = buffer.length; 80 d->data = malloc(buffer.length); 81 if (d->data == NULL) { 82 gss_release_buffer(min_stat, &buffer); 83 free(d); 84 *min_stat = 0; 85 return GSS_S_FAILURE; 86 } 87 memcpy(d->data, buffer.value, buffer.length); 88 89 gss_release_buffer(min_stat, &buffer); 90 91 *kctx = d; 92 93 *min_stat = 0; 94 return GSS_S_COMPLETE; 95} 96 97uint32_t 98apple_gss_krb5_free_authdata_if_relevant(uint32_t *minor_status, 99 void *kctx) 100{ 101 apple_gss_krb5_authdata_if_relevant *d = kctx; 102 103 if (d) { 104 if (d->data) 105 free(d->data); 106 free(d); 107 } 108 *minor_status = 0; 109 return GSS_S_COMPLETE; 110} 111 112 113int 114gss_oid_equal(const gss_OID a, const gss_OID b); 115 116OM_uint32 117heim_gss_import_name(OM_uint32 * /*minor_status*/, 118 const gss_buffer_t /*input_name_buffer*/, 119 const gss_OID /*input_name_type*/, 120 gss_name_t * /*output_name*/); 121 122 123 124OM_uint32 125gss_import_name(OM_uint32 *minor_status, 126 gss_buffer_t input_name_buffer, 127 gss_OID name_type, 128 gss_name_t *name) 129{ 130 LOG_ENTRY(); 131 132 /* 133 * Rewrite gss_nt_krb5_principal 134 */ 135 136 if (gss_oid_equal(name_type, (gss_OID)gss_nt_krb5_principal)) { 137 struct comb_principal **p = (void *)input_name_buffer->value; 138 input_name_buffer->value = &(*p)->heim; 139 } 140 141 return heim_gss_import_name(minor_status, input_name_buffer, name_type, name); 142} 143