1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2007 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 *
25 * A module that implements the spnego security mechanism.
26 * It is used to negotiate the security mechanism between
27 * peers using the GSS-API.
28 *
29 */
30
31 #pragma ident "%Z%%M% %I% %E% SMI"
32
33 #include <stdio.h>
34 #include <stdlib.h>
35 #include <errno.h>
36 #include "gssapiP_spnego.h"
37 #include <mechglueP.h>
38 #include <gssapi_err_generic.h>
39 #include <rpc/types.h>
40 #include <libintl.h>
41
42 /* der routines defined in libgss */
43 extern unsigned int der_length_size(OM_uint32);
44 extern int get_der_length(uchar_t **, OM_uint32, OM_uint32*);
45 extern int put_der_length(OM_uint32, uchar_t **, OM_uint32);
46
47
48 /* private routines for spnego_mechanism */
49 static spnego_token_t make_spnego_token(char *);
50 static gss_buffer_desc make_err_msg(char *);
51 static int g_token_size(gss_OID, OM_uint32);
52 static int g_make_token_header(gss_OID, int, uchar_t **, int);
1062 (void) gss_release_buffer(&mstat, output_token);
1063 }
1064
1065 cleanup:
1066 if (ret != GSS_S_COMPLETE &&
1067 ret != GSS_S_CONTINUE_NEEDED) {
1068 if (spnego_ctx != NULL) {
1069 (void) gss_delete_sec_context(&mstat,
1070 &spnego_ctx->ctx_handle, NULL);
1071
1072 spnego_ctx->ctx_handle = NULL;
1073
1074 release_spnego_ctx(&spnego_ctx);
1075 }
1076 *context_handle = GSS_C_NO_CONTEXT;
1077 }
1078 if (mech_wanted != NULL) {
1079 generic_gss_release_oid(&mstat, &mech_wanted);
1080 }
1081
1082 (void) gss_release_cred(minor_status, &acquired_cred);
1083 (void) gss_release_oid_set(minor_status, &supported_mechSet);
1084
1085 (void) gss_release_buffer(&mstat, i_output_token);
1086 free(i_output_token);
1087
1088 return (ret);
1089 }
1090
1091 /*ARGSUSED*/
1092 OM_uint32
1093 spnego_gss_display_status(void *ctx,
1094 OM_uint32 *minor_status,
1095 OM_uint32 status_value,
1096 int status_type,
1097 gss_OID mech_type,
1098 OM_uint32 *message_context,
1099 gss_buffer_t status_string)
1100 {
1101 OM_uint32 ret = GSS_S_COMPLETE;
1102 dsyslog("Entering display_status\n");
1103
|
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 *
26 * A module that implements the spnego security mechanism.
27 * It is used to negotiate the security mechanism between
28 * peers using the GSS-API.
29 *
30 */
31
32 #include <stdio.h>
33 #include <stdlib.h>
34 #include <errno.h>
35 #include "gssapiP_spnego.h"
36 #include <mechglueP.h>
37 #include <gssapi_err_generic.h>
38 #include <rpc/types.h>
39 #include <libintl.h>
40
41 /* der routines defined in libgss */
42 extern unsigned int der_length_size(OM_uint32);
43 extern int get_der_length(uchar_t **, OM_uint32, OM_uint32*);
44 extern int put_der_length(OM_uint32, uchar_t **, OM_uint32);
45
46
47 /* private routines for spnego_mechanism */
48 static spnego_token_t make_spnego_token(char *);
49 static gss_buffer_desc make_err_msg(char *);
50 static int g_token_size(gss_OID, OM_uint32);
51 static int g_make_token_header(gss_OID, int, uchar_t **, int);
1061 (void) gss_release_buffer(&mstat, output_token);
1062 }
1063
1064 cleanup:
1065 if (ret != GSS_S_COMPLETE &&
1066 ret != GSS_S_CONTINUE_NEEDED) {
1067 if (spnego_ctx != NULL) {
1068 (void) gss_delete_sec_context(&mstat,
1069 &spnego_ctx->ctx_handle, NULL);
1070
1071 spnego_ctx->ctx_handle = NULL;
1072
1073 release_spnego_ctx(&spnego_ctx);
1074 }
1075 *context_handle = GSS_C_NO_CONTEXT;
1076 }
1077 if (mech_wanted != NULL) {
1078 generic_gss_release_oid(&mstat, &mech_wanted);
1079 }
1080
1081 (void) gss_release_cred(&mstat, &acquired_cred);
1082 (void) gss_release_oid_set(&mstat, &supported_mechSet);
1083
1084 (void) gss_release_buffer(&mstat, i_output_token);
1085 free(i_output_token);
1086
1087 return (ret);
1088 }
1089
1090 /*ARGSUSED*/
1091 OM_uint32
1092 spnego_gss_display_status(void *ctx,
1093 OM_uint32 *minor_status,
1094 OM_uint32 status_value,
1095 int status_type,
1096 gss_OID mech_type,
1097 OM_uint32 *message_context,
1098 gss_buffer_t status_string)
1099 {
1100 OM_uint32 ret = GSS_S_COMPLETE;
1101 dsyslog("Entering display_status\n");
1102
|