inquire_attrs_for_mech.c \
inquire_context.c \
inquire_cred.c \
+ inquire_cred_by_mech.c \
inquire_cred_by_oid.c \
inquire_mech_for_saslname.c \
inquire_mechs_for_name.c \
gss_OID_set *mechanisms)
{
OM_uint32 major;
- time_t now, lifetime;
if (cred == NULL) {
*minor = EINVAL;
GSSEAP_MUTEX_LOCK(&cred->mutex);
- if (name != NULL) {
- major = gssEapDuplicateName(minor, cred->name, name);
- if (GSS_ERROR(major))
- goto cleanup;
- }
-
- if (cred_usage != NULL) {
- OM_uint32 flags = (cred->flags & (CRED_FLAG_INITIATE | CRED_FLAG_ACCEPT));
-
- switch (flags) {
- case CRED_FLAG_INITIATE:
- *cred_usage = GSS_C_INITIATE;
- break;
- case CRED_FLAG_ACCEPT:
- *cred_usage = GSS_C_ACCEPT;
- break;
- default:
- *cred_usage = GSS_C_BOTH;
- break;
- }
- }
-
- if (mechanisms != NULL) {
- if (cred->mechanisms != GSS_C_NO_OID_SET)
- major = duplicateOidSet(minor, cred->mechanisms, mechanisms);
- else
- major = gssEapIndicateMechs(minor, mechanisms);
- if (GSS_ERROR(major))
- goto cleanup;
- }
-
- if (cred->expiryTime == 0) {
- lifetime = GSS_C_INDEFINITE;
- } else {
- now = time(NULL);
- lifetime = now - cred->expiryTime;
- if (lifetime < 0)
- lifetime = 0;
- }
-
- if (pLifetime != NULL) {
- *pLifetime = lifetime;
- }
-
- if (lifetime == 0) {
- major = GSS_S_CREDENTIALS_EXPIRED;
- *minor = GSSEAP_CRED_EXPIRED;
- goto cleanup;
- }
-
- major = GSS_S_COMPLETE;
- *minor = 0;
+ major = gssEapInquireCred(minor, cred, name, pLifetime, cred_usage, mechanisms);
-cleanup:
GSSEAP_MUTEX_UNLOCK(&cred->mutex);
return major;
--- /dev/null
+/*
+ * Copyright (c) 2011, JANET(UK)
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of JANET(UK) nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/*
+ * Return credential handle properties.
+ */
+
+#include "gssapiP_eap.h"
+
+OM_uint32
+gss_inquire_cred_by_mech(OM_uint32 *minor,
+ gss_cred_id_t cred,
+ gss_OID mech_type,
+ gss_name_t *name,
+ OM_uint32 *pInitiatorLifetime,
+ OM_uint32 *pAcceptorLifetime,
+ gss_cred_usage_t *cred_usage)
+{
+ OM_uint32 major, lifetime;
+
+ if (cred == NULL) {
+ *minor = EINVAL;
+ return GSS_S_NO_CRED;
+ }
+
+ GSSEAP_MUTEX_LOCK(&cred->mutex);
+
+ if (!gssEapCredAvailable(cred, mech_type)) {
+ major = GSS_S_BAD_MECH;
+ *minor = GSSEAP_CRED_MECH_MISMATCH;
+ goto cleanup;
+ }
+
+ major = gssEapInquireCred(minor, cred, name, &lifetime, cred_usage, NULL);
+ if (GSS_ERROR(major))
+ goto cleanup;
+
+ if (pInitiatorLifetime != NULL)
+ *pInitiatorLifetime = (cred->flags & CRED_FLAG_INITIATE) ? lifetime : 0;
+ if (pAcceptorLifetime != NULL)
+ *pAcceptorLifetime = (cred->flags & CRED_FLAG_ACCEPT) ? lifetime : 0;
+
+cleanup:
+ GSSEAP_MUTEX_UNLOCK(&cred->mutex);
+
+ return major;
+}
gss_inquire_attrs_for_mech
gss_inquire_context
gss_inquire_cred
+gss_inquire_cred_by_mech
gss_inquire_cred_by_oid
gss_inquire_mechs_for_name
gss_inquire_mech_for_saslname
int gssEapCredAvailable(gss_cred_id_t cred, gss_OID mech);
+OM_uint32
+gssEapInquireCred(OM_uint32 *minor,
+ gss_cred_id_t cred,
+ gss_name_t *name,
+ OM_uint32 *pLifetime,
+ gss_cred_usage_t *cred_usage,
+ gss_OID_set *mechanisms);
+
/* util_crypt.c */
int
gssEapEncrypt(krb5_context context, int dce_style, size_t ec,
return present;
}
+
+OM_uint32
+gssEapInquireCred(OM_uint32 *minor,
+ gss_cred_id_t cred,
+ gss_name_t *name,
+ OM_uint32 *pLifetime,
+ gss_cred_usage_t *cred_usage,
+ gss_OID_set *mechanisms)
+{
+ OM_uint32 major;
+ time_t now, lifetime;
+
+ if (name != NULL) {
+ major = gssEapDuplicateName(minor, cred->name, name);
+ if (GSS_ERROR(major))
+ return major;
+ }
+
+ if (cred_usage != NULL) {
+ OM_uint32 flags = (cred->flags & (CRED_FLAG_INITIATE | CRED_FLAG_ACCEPT));
+
+ switch (flags) {
+ case CRED_FLAG_INITIATE:
+ *cred_usage = GSS_C_INITIATE;
+ break;
+ case CRED_FLAG_ACCEPT:
+ *cred_usage = GSS_C_ACCEPT;
+ break;
+ default:
+ *cred_usage = GSS_C_BOTH;
+ break;
+ }
+ }
+
+ if (mechanisms != NULL) {
+ if (cred->mechanisms != GSS_C_NO_OID_SET)
+ major = duplicateOidSet(minor, cred->mechanisms, mechanisms);
+ else
+ major = gssEapIndicateMechs(minor, mechanisms);
+ if (GSS_ERROR(major))
+ return major;
+ }
+
+ if (cred->expiryTime == 0) {
+ lifetime = GSS_C_INDEFINITE;
+ } else {
+ now = time(NULL);
+ lifetime = now - cred->expiryTime;
+ if (lifetime < 0)
+ lifetime = 0;
+ }
+
+ if (pLifetime != NULL) {
+ *pLifetime = lifetime;
+ }
+
+ if (lifetime == 0) {
+ *minor = GSSEAP_CRED_EXPIRED;
+ return GSS_S_CREDENTIALS_EXPIRED;
+ }
+
+ major = GSS_S_COMPLETE;
+ *minor = 0;
+
+ return major;
+}