gss_names.c revision 178828
1285SN/A/*- 2790Saefimov * Copyright (c) 2005 Doug Rabson 3285SN/A * All rights reserved. 4285SN/A * 5285SN/A * Redistribution and use in source and binary forms, with or without 6285SN/A * modification, are permitted provided that the following conditions 7285SN/A * are met: 8285SN/A * 1. Redistributions of source code must retain the above copyright 9285SN/A * notice, this list of conditions and the following disclaimer. 10285SN/A * 2. Redistributions in binary form must reproduce the above copyright 11285SN/A * notice, this list of conditions and the following disclaimer in the 12285SN/A * documentation and/or other materials provided with the distribution. 13285SN/A * 14285SN/A * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15285SN/A * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16285SN/A * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17285SN/A * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18285SN/A * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19285SN/A * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20285SN/A * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21285SN/A * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22285SN/A * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23285SN/A * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24285SN/A * SUCH DAMAGE. 25285SN/A * 26285SN/A * $FreeBSD: head/lib/libgssapi/gss_names.c 178828 2008-05-07 13:53:12Z dfr $ 27285SN/A */ 28285SN/A 29285SN/A#include <gssapi/gssapi.h> 30285SN/A#include <stdlib.h> 31285SN/A#include <string.h> 32790Saefimov#include <errno.h> 33790Saefimov 34285SN/A#include "mech_switch.h" 35285SN/A#include "name.h" 36285SN/A#include "utils.h" 37285SN/A 38285SN/A/* 39285SN/A * The implementation must reserve static storage for a 40285SN/A * gss_OID_desc object containing the value 41285SN/A * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 42285SN/A * "\x01\x02\x01\x01"}, 43285SN/A * corresponding to an object-identifier value of 44285SN/A * {iso(1) member-body(2) United States(840) mit(113554) 45285SN/A * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant 46285SN/A * GSS_C_NT_USER_NAME should be initialized to point 47285SN/A * to that gss_OID_desc. 48285SN/A */ 49285SN/Astatic gss_OID_desc GSS_C_NT_USER_NAME_storage = 50285SN/A {10, (void *)(uintptr_t)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x01"}; 51285SN/Agss_OID GSS_C_NT_USER_NAME = &GSS_C_NT_USER_NAME_storage; 52588Savstepan 53790Saefimov/* 54588Savstepan * The implementation must reserve static storage for a 55588Savstepan * gss_OID_desc object containing the value 56588Savstepan * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 57285SN/A * "\x01\x02\x01\x02"}, 58285SN/A * corresponding to an object-identifier value of 59790Saefimov * {iso(1) member-body(2) United States(840) mit(113554) 60790Saefimov * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}. 61790Saefimov * The constant GSS_C_NT_MACHINE_UID_NAME should be 62790Saefimov * initialized to point to that gss_OID_desc. 63790Saefimov */ 64790Saefimovstatic gss_OID_desc GSS_C_NT_MACHINE_UID_NAME_storage = 65790Saefimov {10, (void *)(uintptr_t)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x02"}; 66285SN/Agss_OID GSS_C_NT_MACHINE_UID_NAME = &GSS_C_NT_MACHINE_UID_NAME_storage; 67285SN/A 68285SN/A/* 69285SN/A * The implementation must reserve static storage for a 70285SN/A * gss_OID_desc object containing the value 71285SN/A * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 72285SN/A * "\x01\x02\x01\x03"}, 73285SN/A * corresponding to an object-identifier value of 74285SN/A * {iso(1) member-body(2) United States(840) mit(113554) 75285SN/A * infosys(1) gssapi(2) generic(1) string_uid_name(3)}. 76285SN/A * The constant GSS_C_NT_STRING_UID_NAME should be 77285SN/A * initialized to point to that gss_OID_desc. 78285SN/A */ 79285SN/Astatic gss_OID_desc GSS_C_NT_STRING_UID_NAME_storage = 80285SN/A {10, (void *)(uintptr_t)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x03"}; 81588Savstepangss_OID GSS_C_NT_STRING_UID_NAME = &GSS_C_NT_STRING_UID_NAME_storage; 82285SN/A 83285SN/A/* 84588Savstepan * The implementation must reserve static storage for a 85285SN/A * gss_OID_desc object containing the value 86588Savstepan * {6, (void *)"\x2b\x06\x01\x05\x06\x02"}, 87588Savstepan * corresponding to an object-identifier value of 88285SN/A * {iso(1) org(3) dod(6) internet(1) security(5) 89285SN/A * nametypes(6) gss-host-based-services(2)). The constant 90285SN/A * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point 91285SN/A * to that gss_OID_desc. This is a deprecated OID value, and 92588Savstepan * implementations wishing to support hostbased-service names 93285SN/A * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID, 94588Savstepan * defined below, to identify such names; 95588Savstepan * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym 96285SN/A * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input 97588Savstepan * parameter, but should not be emitted by GSS-API 98285SN/A * implementations 99588Savstepan */ 100588Savstepanstatic gss_OID_desc GSS_C_NT_HOSTBASED_SERVICE_X_storage = 101285SN/A {6, (void *)(uintptr_t)"\x2b\x06\x01\x05\x06\x02"}; 102285SN/Agss_OID GSS_C_NT_HOSTBASED_SERVICE_X = &GSS_C_NT_HOSTBASED_SERVICE_X_storage; 103285SN/A 104285SN/A/* 105285SN/A * The implementation must reserve static storage for a 106588Savstepan * gss_OID_desc object containing the value 107588Savstepan * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 108588Savstepan * "\x01\x02\x01\x04"}, corresponding to an 109588Savstepan * object-identifier value of {iso(1) member-body(2) 110588Savstepan * Unites States(840) mit(113554) infosys(1) gssapi(2) 111588Savstepan * generic(1) service_name(4)}. The constant 112588Savstepan * GSS_C_NT_HOSTBASED_SERVICE should be initialized 113285SN/A * to point to that gss_OID_desc. 114588Savstepan */ 115588Savstepanstatic gss_OID_desc GSS_C_NT_HOSTBASED_SERVICE_storage = 116588Savstepan {10, (void *)(uintptr_t)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x04"}; 117588Savstepangss_OID GSS_C_NT_HOSTBASED_SERVICE = &GSS_C_NT_HOSTBASED_SERVICE_storage; 118285SN/A 119285SN/A/* 120285SN/A * The implementation must reserve static storage for a 121285SN/A * gss_OID_desc object containing the value 122285SN/A * {6, (void *)"\x2b\x06\01\x05\x06\x03"}, 123285SN/A * corresponding to an object identifier value of 124285SN/A * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 125285SN/A * 6(nametypes), 3(gss-anonymous-name)}. The constant 126285SN/A * and GSS_C_NT_ANONYMOUS should be initialized to point 127285SN/A * to that gss_OID_desc. 128285SN/A */ 129285SN/Astatic gss_OID_desc GSS_C_NT_ANONYMOUS_storage = 130285SN/A {6, (void *)(uintptr_t)"\x2b\x06\01\x05\x06\x03"}; 131285SN/Agss_OID GSS_C_NT_ANONYMOUS = &GSS_C_NT_ANONYMOUS_storage; 132790Saefimov 133790Saefimov/* 134790Saefimov * The implementation must reserve static storage for a 135790Saefimov * gss_OID_desc object containing the value 136790Saefimov * {6, (void *)"\x2b\x06\x01\x05\x06\x04"}, 137790Saefimov * corresponding to an object-identifier value of 138790Saefimov * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 139790Saefimov * 6(nametypes), 4(gss-api-exported-name)}. The constant 140790Saefimov * GSS_C_NT_EXPORT_NAME should be initialized to point 141790Saefimov * to that gss_OID_desc. 142790Saefimov */ 143790Saefimovstatic gss_OID_desc GSS_C_NT_EXPORT_NAME_storage = 144790Saefimov {6, (void *)(uintptr_t)"\x2b\x06\x01\x05\x06\x04"}; 145790Saefimovgss_OID GSS_C_NT_EXPORT_NAME = &GSS_C_NT_EXPORT_NAME_storage; 146790Saefimov 147790Saefimov/* 148790Saefimov * This name form shall be represented by the Object Identifier {iso(1) 149790Saefimov * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 150790Saefimov * krb5(2) krb5_name(1)}. The recommended symbolic name for this type 151790Saefimov * is "GSS_KRB5_NT_PRINCIPAL_NAME". 152790Saefimov */ 153790Saefimovstatic gss_OID_desc GSS_KRB5_NT_PRINCIPAL_NAME_storage = 154790Saefimov {10, (void *)(uintptr_t)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x01"}; 155285SN/Agss_OID GSS_KRB5_NT_PRINCIPAL_NAME = &GSS_KRB5_NT_PRINCIPAL_NAME_storage; 156285SN/A 157285SN/A/* 158285SN/A * This name form shall be represented by the Object Identifier {iso(1) 159285SN/A * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 160285SN/A * generic(1) user_name(1)}. The recommended symbolic name for this 161285SN/A * type is "GSS_KRB5_NT_USER_NAME". 162285SN/A */ 163285SN/Agss_OID GSS_KRB5_NT_USER_NAME = &GSS_C_NT_USER_NAME_storage; 164285SN/A 165285SN/A/* 166285SN/A * This name form shall be represented by the Object Identifier {iso(1) 167285SN/A * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 168285SN/A * generic(1) machine_uid_name(2)}. The recommended symbolic name for 169285SN/A * this type is "GSS_KRB5_NT_MACHINE_UID_NAME". 170285SN/A */ 171285SN/Agss_OID GSS_KRB5_NT_MACHINE_UID_NAME = &GSS_C_NT_MACHINE_UID_NAME_storage; 172285SN/A 173285SN/A/* 174285SN/A * This name form shall be represented by the Object Identifier {iso(1) 175285SN/A * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 176285SN/A * generic(1) string_uid_name(3)}. The recommended symbolic name for 177285SN/A * this type is "GSS_KRB5_NT_STRING_UID_NAME". 178285SN/A */ 179790Saefimovgss_OID GSS_KRB5_NT_STRING_UID_NAME = &GSS_C_NT_STRING_UID_NAME_storage; 180790Saefimov 181790SaefimovOM_uint32 182790Saefimov_gss_find_mn(OM_uint32 *minor_status, struct _gss_name *name, gss_OID mech, 183790Saefimov struct _gss_mechanism_name **output_mn) 184285SN/A{ 185285SN/A OM_uint32 major_status; 186285SN/A struct _gss_mech_switch *m; 187285SN/A struct _gss_mechanism_name *mn; 188285SN/A 189285SN/A *output_mn = NULL; 190285SN/A 191485SN/A SLIST_FOREACH(mn, &name->gn_mn, gmn_link) { 192285SN/A if (gss_oid_equal(mech, mn->gmn_mech_oid)) 193485SN/A break; 194485SN/A } 195285SN/A 196285SN/A if (!mn) { 197285SN/A /* 198285SN/A * If this name is canonical (i.e. there is only an 199285SN/A * MN but it is from a different mech), give up now. 200285SN/A */ 201285SN/A if (!name->gn_value.value) 202285SN/A return (GSS_S_BAD_NAME); 203285SN/A 204285SN/A m = _gss_find_mech_switch(mech); 205285SN/A if (!m) 206285SN/A return (GSS_S_BAD_MECH); 207285SN/A 208285SN/A mn = malloc(sizeof(struct _gss_mechanism_name)); 209285SN/A if (!mn) 210285SN/A return (GSS_S_FAILURE); 211285SN/A 212285SN/A major_status = m->gm_import_name(minor_status, 213285SN/A &name->gn_value, 214285SN/A (name->gn_type.elements 215285SN/A ? &name->gn_type : GSS_C_NO_OID), 216285SN/A &mn->gmn_name); 217285SN/A if (major_status != GSS_S_COMPLETE) { 218285SN/A _gss_mg_error(m, major_status, *minor_status); 219285SN/A free(mn); 220285SN/A return (major_status); 221285SN/A } 222285SN/A 223285SN/A mn->gmn_mech = m; 224285SN/A mn->gmn_mech_oid = &m->gm_mech_oid; 225285SN/A SLIST_INSERT_HEAD(&name->gn_mn, mn, gmn_link); 226285SN/A } 227285SN/A *output_mn = mn; 228285SN/A return (GSS_S_COMPLETE); 229285SN/A} 230285SN/A 231285SN/A 232285SN/A/* 233285SN/A * Make a name from an MN. 234285SN/A */ 235285SN/Astruct _gss_name * 236285SN/A_gss_make_name(struct _gss_mech_switch *m, gss_name_t new_mn) 237285SN/A{ 238285SN/A struct _gss_name *name; 239285SN/A struct _gss_mechanism_name *mn; 240285SN/A 241285SN/A name = malloc(sizeof(struct _gss_name)); 242285SN/A if (!name) 243285SN/A return (0); 244285SN/A memset(name, 0, sizeof(struct _gss_name)); 245285SN/A 246285SN/A mn = malloc(sizeof(struct _gss_mechanism_name)); 247285SN/A if (!mn) { 248285SN/A free(name); 249285SN/A return (0); 250285SN/A } 251285SN/A 252285SN/A SLIST_INIT(&name->gn_mn); 253285SN/A mn->gmn_mech = m; 254285SN/A mn->gmn_mech_oid = &m->gm_mech_oid; 255285SN/A mn->gmn_name = new_mn; 256285SN/A SLIST_INSERT_HEAD(&name->gn_mn, mn, gmn_link); 257285SN/A 258285SN/A return (name); 259285SN/A} 260285SN/A 261285SN/A