implement gss_inquire_cred_by_mech

[moonshot.git] / moonshot / mech_eap / util_cred.c

diff --git a/moonshot/mech_eap/util_cred.c b/moonshot/mech_eap/util_cred.c
index 1d49e56..28cb76c 100644 (file)
--- a/moonshot/mech_eap/util_cred.c
+++ b/moonshot/mech_eap/util_cred.c
@@ -389,3 +389,69 @@ gssEapCredAvailable(gss_cred_id_t cred, gss_OID mech)
 
     return present;
 }
+
+OM_uint32
+gssEapInquireCred(OM_uint32 *minor,
+                  gss_cred_id_t cred,
+                  gss_name_t *name,
+                  OM_uint32 *pLifetime,
+                  gss_cred_usage_t *cred_usage,
+                  gss_OID_set *mechanisms)
+{
+    OM_uint32 major;
+    time_t now, lifetime;
+
+    if (name != NULL) {
+        major = gssEapDuplicateName(minor, cred->name, name);
+        if (GSS_ERROR(major))
+            return major;
+    }
+
+    if (cred_usage != NULL) {
+        OM_uint32 flags = (cred->flags & (CRED_FLAG_INITIATE | CRED_FLAG_ACCEPT));
+
+        switch (flags) {
+        case CRED_FLAG_INITIATE:
+            *cred_usage = GSS_C_INITIATE;
+            break;
+        case CRED_FLAG_ACCEPT:
+            *cred_usage = GSS_C_ACCEPT;
+            break;
+        default:
+            *cred_usage = GSS_C_BOTH;
+            break;
+        }
+    }
+
+    if (mechanisms != NULL) {
+        if (cred->mechanisms != GSS_C_NO_OID_SET)
+            major = duplicateOidSet(minor, cred->mechanisms, mechanisms);
+        else
+            major = gssEapIndicateMechs(minor, mechanisms);
+        if (GSS_ERROR(major))
+            return major;
+    }
+
+    if (cred->expiryTime == 0) {
+        lifetime = GSS_C_INDEFINITE;
+    } else  {
+        now = time(NULL);
+        lifetime = now - cred->expiryTime;
+        if (lifetime < 0)
+            lifetime = 0;
+    }
+
+    if (pLifetime != NULL) {
+        *pLifetime = lifetime;
+    }
+
+    if (lifetime == 0) {
+        *minor = GSSEAP_CRED_EXPIRED;
+        return GSS_S_CREDENTIALS_EXPIRED;
+    }
+
+    major = GSS_S_COMPLETE;
+    *minor = 0;
+
+    return major;
+}