X-Git-Url: http://www.project-moonshot.org/gitweb/?p=mech_eap.git;a=blobdiff_plain;f=inquire_sec_context_by_oid.c;h=a69b9e91d8ae3eef4df142404ee63588471fa946;hp=3e0654bfc89622e45b276dd4605e2a0311459de1;hb=ae79fdae047f980d01b2b4e84ccea52e24d8c7a0;hpb=4e9b3903aa48d12e358be75d1a7b3f37a2251d1b

diff --git a/inquire_sec_context_by_oid.c b/inquire_sec_context_by_oid.c
index 3e0654b..a69b9e9 100644
--- a/inquire_sec_context_by_oid.c
+++ b/inquire_sec_context_by_oid.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, JANET(UK)
+ * Copyright (c) 2011, JANET(UK)
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -30,5 +30,112 @@
  * SUCH DAMAGE.
  */
 
+/*
+ * Return extended properties of a context handle.
+ */
+
 #include "gssapiP_eap.h"
 
+static OM_uint32
+inquireSessionKey(OM_uint32 *minor,
+                  const gss_ctx_id_t ctx,
+                  const gss_OID desired_object GSSEAP_UNUSED,
+                  gss_buffer_set_t *dataSet)
+{
+    OM_uint32 major, tmpMinor;
+    unsigned char oidBuf[16];
+    gss_buffer_desc buf;
+    gss_OID_desc oid;
+
+    buf.length = KRB_KEY_LENGTH(&ctx->rfc3961Key);
+    buf.value = KRB_KEY_DATA(&ctx->rfc3961Key);
+
+    major = gss_add_buffer_set_member(minor, &buf, dataSet);
+    if (GSS_ERROR(major))
+        goto cleanup;
+
+    oid.length = sizeof(oidBuf);
+    oid.elements = oidBuf;
+
+    major = composeOid(minor,
+                       "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x04",
+                       10,
+                       ctx->encryptionType,
+                       &oid);
+    if (GSS_ERROR(major))
+        goto cleanup;
+
+    buf.length = oid.length;
+    buf.value = oid.elements;
+
+    major = gss_add_buffer_set_member(minor, &buf, dataSet);
+    if (GSS_ERROR(major))
+        goto cleanup;
+
+    major = GSS_S_COMPLETE;
+    *minor = 0;
+
+cleanup:
+    if (GSS_ERROR(major) && *dataSet != GSS_C_NO_BUFFER_SET) {
+        gss_buffer_set_t set = *dataSet;
+
+        if (set->count != 0)
+            memset(set->elements[0].value, 0, set->elements[0].length);
+        gss_release_buffer_set(&tmpMinor, dataSet);
+    }
+
+    return major;
+}
+
+static struct {
+    gss_OID_desc oid;
+    OM_uint32 (*inquire)(OM_uint32 *, const gss_ctx_id_t,
+                         const gss_OID, gss_buffer_set_t *);
+} inquireCtxOps[] = {
+    {
+        /* GSS_C_INQ_SSPI_SESSION_KEY */
+        { 11, "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x05\x05" },
+        inquireSessionKey
+    },
+    {
+        /* GSS_KRB5_EXPORT_LUCID_SEC_CONTEXT + v1 */
+        { 12, "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x05\x06\x01" },
+        gssEapExportLucidSecContext
+    },
+};
+
+OM_uint32
+gss_inquire_sec_context_by_oid(OM_uint32 *minor,
+                               const gss_ctx_id_t ctx,
+                               const gss_OID desired_object,
+                               gss_buffer_set_t *data_set)
+{
+    OM_uint32 major;
+    int i;
+
+    *data_set = GSS_C_NO_BUFFER_SET;
+
+    GSSEAP_MUTEX_LOCK(&ctx->mutex);
+
+    if (!CTX_IS_ESTABLISHED(ctx)) {
+        *minor = GSSEAP_CONTEXT_INCOMPLETE;
+        major = GSS_S_NO_CONTEXT;
+        goto cleanup;
+    }
+
+    major = GSS_S_UNAVAILABLE;
+    *minor = GSSEAP_BAD_CONTEXT_OPTION;
+
+    for (i = 0; i < sizeof(inquireCtxOps) / sizeof(inquireCtxOps[0]); i++) {
+        if (oidEqual(&inquireCtxOps[i].oid, desired_object)) {
+            major = (*inquireCtxOps[i].inquire)(minor, ctx,
+                                                 desired_object, data_set);
+            break;
+        }
+    }
+
+cleanup:
+    GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
+
+    return major;
+}