1226031Sstas/* 2226031Sstas * Copyright (c) 2006 Kungliga Tekniska H�gskolan 3226031Sstas * (Royal Institute of Technology, Stockholm, Sweden). 4226031Sstas * All rights reserved. 5226031Sstas * 6226031Sstas * Portions Copyright (c) 2009 Apple Inc. All rights reserved. 7226031Sstas * 8226031Sstas * Redistribution and use in source and binary forms, with or without 9226031Sstas * modification, are permitted provided that the following conditions 10226031Sstas * are met: 11226031Sstas * 12226031Sstas * 1. Redistributions of source code must retain the above copyright 13226031Sstas * notice, this list of conditions and the following disclaimer. 14226031Sstas * 15226031Sstas * 2. Redistributions in binary form must reproduce the above copyright 16226031Sstas * notice, this list of conditions and the following disclaimer in the 17226031Sstas * documentation and/or other materials provided with the distribution. 18226031Sstas * 19226031Sstas * 3. Neither the name of the Institute nor the names of its contributors 20226031Sstas * may be used to endorse or promote products derived from this software 21226031Sstas * without specific prior written permission. 22226031Sstas * 23226031Sstas * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 24226031Sstas * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25226031Sstas * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26226031Sstas * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 27226031Sstas * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28226031Sstas * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29226031Sstas * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30226031Sstas * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31226031Sstas * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32226031Sstas * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33226031Sstas * SUCH DAMAGE. 34226031Sstas */ 35226031Sstas 36226031Sstas#include "ntlm.h" 37226031Sstas 38226031Sstasvoid GSSAPI_CALLCONV 39226031Sstas_gss_ntlm_iter_creds_f(OM_uint32 flags, 40226031Sstas void *userctx , 41226031Sstas void (*cred_iter)(void *, gss_OID, gss_cred_id_t)) 42226031Sstas{ 43226031Sstas#ifdef HAVE_KCM 44226031Sstas krb5_error_code ret; 45226031Sstas krb5_context context = NULL; 46226031Sstas krb5_storage *request, *response; 47226031Sstas krb5_data response_data; 48226031Sstas 49226031Sstas ret = krb5_init_context(&context); 50226031Sstas if (ret) 51226031Sstas goto done; 52226031Sstas 53226031Sstas ret = krb5_kcm_storage_request(context, KCM_OP_GET_NTLM_USER_LIST, &request); 54226031Sstas if (ret) 55226031Sstas goto done; 56226031Sstas 57226031Sstas ret = krb5_kcm_call(context, request, &response, &response_data); 58226031Sstas krb5_storage_free(request); 59226031Sstas if (ret) 60226031Sstas goto done; 61226031Sstas 62226031Sstas while (1) { 63226031Sstas uint32_t morep; 64226031Sstas char *user = NULL, *domain = NULL; 65226031Sstas ntlm_cred dn; 66226031Sstas 67226031Sstas ret = krb5_ret_uint32(response, &morep); 68226031Sstas if (ret) goto out; 69226031Sstas 70226031Sstas if (!morep) goto out; 71226031Sstas 72226031Sstas ret = krb5_ret_stringz(response, &user); 73226031Sstas if (ret) goto out; 74226031Sstas ret = krb5_ret_stringz(response, &domain); 75226031Sstas if (ret) { 76226031Sstas free(user); 77226031Sstas goto out; 78226031Sstas } 79226031Sstas 80226031Sstas dn = calloc(1, sizeof(*dn)); 81226031Sstas if (dn == NULL) { 82226031Sstas free(user); 83226031Sstas free(domain); 84226031Sstas goto out; 85226031Sstas } 86226031Sstas dn->username = user; 87226031Sstas dn->domain = domain; 88226031Sstas 89226031Sstas cred_iter(userctx, GSS_NTLM_MECHANISM, (gss_cred_id_t)dn); 90226031Sstas } 91226031Sstas out: 92226031Sstas krb5_storage_free(response); 93226031Sstas krb5_data_free(&response_data); 94226031Sstas done: 95226031Sstas if (context) 96226031Sstas krb5_free_context(context); 97226031Sstas#endif /* HAVE_KCM */ 98226031Sstas (*cred_iter)(userctx, NULL, NULL); 99226031Sstas} 100