2 * Copyright 2004 Sun Microsystems, Inc. All rights reserved.
3 * Use is subject to license terms.
6 /* #pragma ident "@(#)g_store_cred.c 1.2 04/04/05 SMI" */
9 * glue routine for gss_store_cred
16 OM_uint32 *minor_status,
18 gss_cred_id_t mech_cred,
19 gss_cred_usage_t cred_usage,
21 OM_uint32 overwrite_cred,
22 OM_uint32 default_cred,
23 gss_const_key_value_set_t cred_store,
24 gss_OID_set *elements_stored,
25 gss_cred_usage_t *cred_usage_stored)
27 gss_OID public_mech = gssint_get_public_oid(desired_mech);
29 if (mech->gss_store_cred_into != NULL) {
30 return mech->gss_store_cred_into(minor_status, mech_cred,
31 cred_usage, public_mech,
32 overwrite_cred, default_cred,
33 cred_store, elements_stored,
35 } else if (cred_store == GSS_C_NO_CRED_STORE) {
36 return mech->gss_store_cred(minor_status, mech_cred,
37 cred_usage, public_mech,
38 overwrite_cred, default_cred,
42 return GSS_S_UNAVAILABLE;
48 OM_uint32 *minor_status,
49 const gss_cred_id_t input_cred_handle,
50 gss_cred_usage_t cred_usage,
51 const gss_OID desired_mech,
52 OM_uint32 overwrite_cred,
53 OM_uint32 default_cred,
54 gss_const_key_value_set_t cred_store,
55 gss_OID_set *elements_stored,
56 gss_cred_usage_t *cred_usage_stored)
59 /* Initialize outputs. */
61 if (minor_status != NULL)
64 if (elements_stored != NULL)
65 *elements_stored = GSS_C_NULL_OID_SET;
67 /* Validate arguments. */
69 if (minor_status == NULL)
70 return (GSS_S_CALL_INACCESSIBLE_WRITE);
72 if (input_cred_handle == GSS_C_NO_CREDENTIAL)
73 return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CRED);
75 if (cred_usage != GSS_C_ACCEPT
76 && cred_usage != GSS_C_INITIATE
77 && cred_usage != GSS_C_BOTH) {
79 *minor_status = EINVAL;
80 map_errcode(minor_status);
85 if (cred_store != NULL && cred_store->count == 0) {
86 *minor_status = EINVAL;
87 map_errcode(minor_status);
91 return (GSS_S_COMPLETE);
95 OM_uint32 KRB5_CALLCONV
96 gss_store_cred(minor_status,
105 OM_uint32 *minor_status;
106 gss_cred_id_t input_cred_handle;
107 gss_cred_usage_t cred_usage;
108 const gss_OID desired_mech;
109 OM_uint32 overwrite_cred;
110 OM_uint32 default_cred;
111 gss_OID_set *elements_stored;
112 gss_cred_usage_t *cred_usage_stored;
115 return gss_store_cred_into(minor_status, input_cred_handle, cred_usage,
116 desired_mech, overwrite_cred, default_cred,
117 GSS_C_NO_CRED_STORE, elements_stored,
121 OM_uint32 KRB5_CALLCONV
122 gss_store_cred_into(minor_status,
132 OM_uint32 *minor_status;
133 gss_cred_id_t input_cred_handle;
134 gss_cred_usage_t cred_usage;
135 gss_OID desired_mech;
136 OM_uint32 overwrite_cred;
137 OM_uint32 default_cred;
138 gss_const_key_value_set_t cred_store;
139 gss_OID_set *elements_stored;
140 gss_cred_usage_t *cred_usage_stored;
143 OM_uint32 major_status = GSS_S_FAILURE;
144 gss_union_cred_t union_cred;
145 gss_cred_id_t mech_cred;
148 gss_OID selected_mech;
151 major_status = val_store_cred_args(minor_status,
160 if (major_status != GSS_S_COMPLETE)
161 return (major_status);
163 /* Initial value needed below. */
164 major_status = GSS_S_FAILURE;
166 if (cred_usage_stored != NULL)
167 *cred_usage_stored = GSS_C_BOTH; /* there's no GSS_C_NEITHER */
169 union_cred = (gss_union_cred_t)input_cred_handle;
171 /* desired_mech != GSS_C_NULL_OID -> store one element */
172 if (desired_mech != GSS_C_NULL_OID) {
173 major_status = gssint_select_mech_type(minor_status,
176 if (major_status != GSS_S_COMPLETE)
177 return (major_status);
179 mech = gssint_get_mechanism(selected_mech);
181 return (GSS_S_BAD_MECH);
183 if (mech->gss_store_cred_into == NULL &&
184 cred_store != GSS_C_NO_CRED_STORE)
185 return (major_status);
187 if (mech->gss_store_cred == NULL &&
188 mech->gss_store_cred_into == NULL)
189 return (major_status);
191 mech_cred = gssint_get_mechanism_cred(union_cred, selected_mech);
192 if (mech_cred == GSS_C_NO_CREDENTIAL)
193 return (GSS_S_NO_CRED);
195 major_status = store_cred_fallback(minor_status, mech,
196 mech_cred, cred_usage,
199 default_cred, cred_store,
202 if (major_status != GSS_S_COMPLETE)
203 map_error(minor_status, mech);
207 /* desired_mech == GSS_C_NULL_OID -> store all elements */
211 for (i = 0; i < union_cred->count; i++) {
212 /* Get mech and cred element */
213 dmech = &union_cred->mechs_array[i];
214 mech = gssint_get_mechanism(dmech);
218 if (mech->gss_store_cred_into == NULL &&
219 cred_store != GSS_C_NO_CRED_STORE)
222 if (mech->gss_store_cred == NULL &&
223 mech->gss_store_cred_into == NULL)
226 mech_cred = gssint_get_mechanism_cred(union_cred, dmech);
227 if (mech_cred == GSS_C_NO_CREDENTIAL)
228 continue; /* can't happen, but safe to ignore */
230 major_status = store_cred_fallback(minor_status, mech,
231 mech_cred, cred_usage,
232 dmech, overwrite_cred,
233 default_cred, cred_store,
234 NULL, cred_usage_stored);
235 if (major_status != GSS_S_COMPLETE) {
236 map_error(minor_status, mech);
240 /* Succeeded for at least one mech */
242 if (elements_stored == NULL)
245 if (*elements_stored == GSS_C_NULL_OID_SET) {
246 major_status = gss_create_empty_oid_set(minor_status,
249 if (GSS_ERROR(major_status))
250 return (major_status);
253 major_status = gss_add_oid_set_member(minor_status, dmech,
256 /* The caller should clean up elements_stored */
257 if (GSS_ERROR(major_status))
258 return (major_status);
262 * Success with some mechs may mask failure with others, but
263 * that's what elements_stored is for.
265 return (major_status);