1226031Sstas/* 2226031Sstas * Copyright (c) 2003 Kungliga Tekniska H��gskolan 3226031Sstas * (Royal Institute of Technology, Stockholm, Sweden). 4226031Sstas * All rights reserved. 5226031Sstas * 6226031Sstas * Redistribution and use in source and binary forms, with or without 7226031Sstas * modification, are permitted provided that the following conditions 8226031Sstas * are met: 9226031Sstas * 10226031Sstas * 1. Redistributions of source code must retain the above copyright 11226031Sstas * notice, this list of conditions and the following disclaimer. 12226031Sstas * 13226031Sstas * 2. Redistributions in binary form must reproduce the above copyright 14226031Sstas * notice, this list of conditions and the following disclaimer in the 15226031Sstas * documentation and/or other materials provided with the distribution. 16226031Sstas * 17226031Sstas * 3. Neither the name of the Institute nor the names of its contributors 18226031Sstas * may be used to endorse or promote products derived from this software 19226031Sstas * without specific prior written permission. 20226031Sstas * 21226031Sstas * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22226031Sstas * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23226031Sstas * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24226031Sstas * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25226031Sstas * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26226031Sstas * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27226031Sstas * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28226031Sstas * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29226031Sstas * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30226031Sstas * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31226031Sstas * SUCH DAMAGE. 32226031Sstas */ 33226031Sstas 34226031Sstas#include "gsskrb5_locl.h" 35226031Sstas 36226031SstasOM_uint32 GSSAPI_CALLCONV 37226031Sstas_gsskrb5_store_cred(OM_uint32 *minor_status, 38226031Sstas gss_cred_id_t input_cred_handle, 39226031Sstas gss_cred_usage_t cred_usage, 40226031Sstas const gss_OID desired_mech, 41226031Sstas OM_uint32 overwrite_cred, 42226031Sstas OM_uint32 default_cred, 43226031Sstas gss_OID_set *elements_stored, 44226031Sstas gss_cred_usage_t *cred_usage_stored) 45226031Sstas{ 46226031Sstas krb5_context context; 47226031Sstas krb5_error_code ret; 48226031Sstas gsskrb5_cred cred; 49226031Sstas krb5_ccache id; 50226031Sstas int destroy = 0; 51226031Sstas 52226031Sstas *minor_status = 0; 53226031Sstas 54226031Sstas if (cred_usage != GSS_C_INITIATE) { 55226031Sstas *minor_status = GSS_KRB5_S_G_BAD_USAGE; 56226031Sstas return GSS_S_FAILURE; 57226031Sstas } 58226031Sstas 59226031Sstas if (gss_oid_equal(desired_mech, GSS_KRB5_MECHANISM) == 0) 60226031Sstas return GSS_S_BAD_MECH; 61226031Sstas 62226031Sstas cred = (gsskrb5_cred)input_cred_handle; 63226031Sstas if (cred == NULL) 64226031Sstas return GSS_S_NO_CRED; 65226031Sstas 66226031Sstas GSSAPI_KRB5_INIT (&context); 67226031Sstas 68226031Sstas HEIMDAL_MUTEX_lock(&cred->cred_id_mutex); 69226031Sstas if (cred->usage != cred_usage && cred->usage != GSS_C_BOTH) { 70226031Sstas HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); 71226031Sstas *minor_status = GSS_KRB5_S_G_BAD_USAGE; 72226031Sstas return(GSS_S_FAILURE); 73226031Sstas } 74226031Sstas 75226031Sstas if (cred->principal == NULL) { 76226031Sstas HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); 77226031Sstas *minor_status = GSS_KRB5_S_KG_TGT_MISSING; 78226031Sstas return(GSS_S_FAILURE); 79226031Sstas } 80226031Sstas 81226031Sstas /* write out cred to credential cache */ 82226031Sstas 83226031Sstas ret = krb5_cc_cache_match(context, cred->principal, &id); 84226031Sstas if (ret) { 85226031Sstas ret = krb5_cc_new_unique(context, NULL, NULL, &id); 86226031Sstas if (ret) { 87226031Sstas HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); 88226031Sstas *minor_status = ret; 89226031Sstas return(GSS_S_FAILURE); 90226031Sstas } 91226031Sstas destroy = 1; 92226031Sstas } 93226031Sstas 94226031Sstas ret = krb5_cc_initialize(context, id, cred->principal); 95226031Sstas if (ret == 0) 96226031Sstas ret = krb5_cc_copy_match_f(context, cred->ccache, id, NULL, NULL, NULL); 97226031Sstas if (ret) { 98226031Sstas if (destroy) 99226031Sstas krb5_cc_destroy(context, id); 100226031Sstas else 101226031Sstas krb5_cc_close(context, id); 102226031Sstas HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); 103226031Sstas *minor_status = ret; 104226031Sstas return(GSS_S_FAILURE); 105226031Sstas } 106226031Sstas 107226031Sstas if (default_cred) 108226031Sstas krb5_cc_switch(context, id); 109226031Sstas 110226031Sstas krb5_cc_close(context, id); 111226031Sstas 112226031Sstas HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); 113226031Sstas 114226031Sstas *minor_status = 0; 115226031Sstas return GSS_S_COMPLETE; 116226031Sstas} 117