moonshot/mech_eap/inquire_cred.c

   1 /*
   2  * Copyright (c) 2011, JANET(UK)
   3  * All rights reserved.
   4  *
   5  * Redistribution and use in source and binary forms, with or without
   6  * modification, are permitted provided that the following conditions
   7  * are met:
   8  *
   9  * 1. Redistributions of source code must retain the above copyright
  10  *    notice, this list of conditions and the following disclaimer.
  11  *
  12  * 2. Redistributions in binary form must reproduce the above copyright
  13  *    notice, this list of conditions and the following disclaimer in the
  14  *    documentation and/or other materials provided with the distribution.
  15  *
  16  * 3. Neither the name of JANET(UK) nor the names of its contributors
  17  *    may be used to endorse or promote products derived from this software
  18  *    without specific prior written permission.
  19  *
  20  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
  21  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  22  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  23  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
  24  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  25  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  26  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  27  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  28  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  29  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  30  * SUCH DAMAGE.
  31  */
  32
  33 /*
  34  * Return credential handle properties.
  35  */
  36
  37 #include "gssapiP_eap.h"
  38
  39 OM_uint32
  40 gss_inquire_cred(OM_uint32 *minor,
  41                  gss_cred_id_t cred,
  42                  gss_name_t *name,
  43                  OM_uint32 *pLifetime,
  44                  gss_cred_usage_t *cred_usage,
  45                  gss_OID_set *mechanisms)
  46 {
  47     OM_uint32 major;
  48     time_t now, lifetime;
  49
  50     if (cred == NULL) {
  51         *minor = EINVAL;
  52         return GSS_S_NO_CRED;
  53     }
  54
  55     GSSEAP_MUTEX_LOCK(&cred->mutex);
  56
  57     if (name != NULL) {
  58         major = gssEapDuplicateName(minor, cred->name, name);
  59         if (GSS_ERROR(major))
  60             goto cleanup;
  61     }
  62
  63     if (cred_usage != NULL) {
  64         OM_uint32 flags = (cred->flags & (CRED_FLAG_INITIATE | CRED_FLAG_ACCEPT));
  65
  66         switch (flags) {
  67         case CRED_FLAG_INITIATE:
  68             *cred_usage = GSS_C_INITIATE;
  69             break;
  70         case CRED_FLAG_ACCEPT:
  71             *cred_usage = GSS_C_ACCEPT;
  72             break;
  73         default:
  74             *cred_usage = GSS_C_BOTH;
  75             break;
  76         }
  77     }
  78
  79     if (mechanisms != NULL) {
  80         if (cred->mechanisms != GSS_C_NO_OID_SET)
  81             major = duplicateOidSet(minor, cred->mechanisms, mechanisms);
  82         else
  83             major = gssEapIndicateMechs(minor, mechanisms);
  84         if (GSS_ERROR(major))
  85             goto cleanup;
  86     }
  87
  88     if (cred->expiryTime == 0) {
  89         lifetime = GSS_C_INDEFINITE;
  90     } else  {
  91         now = time(NULL);
  92         lifetime = now - cred->expiryTime;
  93         if (lifetime < 0)
  94             lifetime = 0;
  95     }
  96
  97     if (pLifetime != NULL) {
  98         *pLifetime = lifetime;
  99     }
 100
 101     if (lifetime == 0) {
 102         major = GSS_S_CREDENTIALS_EXPIRED;
 103         *minor = GSSEAP_CRED_EXPIRED;
 104         goto cleanup;
 105     }
 106
 107     major = GSS_S_COMPLETE;
 108     *minor = 0;
 109
 110 cleanup:
 111     GSSEAP_MUTEX_UNLOCK(&cred->mutex);
 112
 113     return major;
 114 }