diff options
| author | Simo Sorce <simo@redhat.com> | 2012-08-28 17:34:20 +0200 |
|---|---|---|
| committer | Simo Sorce <simo@redhat.com> | 2012-08-28 17:35:15 +0200 |
| commit | 6b5647094133510b43d7afbd43b79c5c1ebf3e4f (patch) | |
| tree | 9536e54b5c43fa4db7904e3b853b327fe92eb4c8 | |
| parent | a2fe4eeca580b4acf4e1e0965e47b2bd1fc7ab65 (diff) | |
| download | gss-proxy-6b5647094133510b43d7afbd43b79c5c1ebf3e4f.tar.gz gss-proxy-6b5647094133510b43d7afbd43b79c5c1ebf3e4f.tar.xz gss-proxy-6b5647094133510b43d7afbd43b79c5c1ebf3e4f.zip | |
Implement gssi_import_sec_context_for_mech
Use the new spi call in order to be able to properly implement
a context locally.
| -rw-r--r-- | proxy/src/mechglue/gpp_context.c | 48 | ||||
| -rw-r--r-- | proxy/src/mechglue/gss_plugin.h | 5 |
2 files changed, 50 insertions, 3 deletions
diff --git a/proxy/src/mechglue/gpp_context.c b/proxy/src/mechglue/gpp_context.c index fb84c59..6be68a2 100644 --- a/proxy/src/mechglue/gpp_context.c +++ b/proxy/src/mechglue/gpp_context.c @@ -63,11 +63,53 @@ OM_uint32 gssi_import_sec_context(OM_uint32 *minor_status, gss_buffer_t interprocess_token, gss_ctx_id_t *context_handle) { + return GSS_S_UNAVAILABLE; +} + +OM_uint32 gssi_import_sec_context_for_mech(OM_uint32 *minor_status, + gss_OID mech_type, + gss_buffer_t interprocess_token, + gss_ctx_id_t *context_handle) +{ struct gpp_context_handle *ctx; + gss_buffer_desc wrap_token = {0}; + gss_OID spmech; + OM_uint32 maj, min = 0; - /* FIXME: how do we know which mechanism we did interpose ? */ - /* We need a new call that passes down the mech oid */ - return GSS_S_UNAVAILABLE; + ctx = calloc(1, sizeof(struct gpp_context_handle)); + if (!ctx) { + *minor_status = 0; + return GSS_S_FAILURE; + } + + /* NOTE: it makes no sense to import a context remotely atm, + * so we only handle the local case for now. */ + spmech = gpp_special_mech(mech_type); + if (spmech == GSS_C_NO_OID) { + maj = GSS_S_FAILURE; + goto done; + } + + wrap_token.value = malloc(sizeof(uint32_t) + spmech->length + + interprocess_token->length); + if (!wrap_token.value) { + maj = GSS_S_FAILURE; + goto done; + } + wrap_token.length = sizeof(uint32_t) + spmech->length + + interprocess_token->length; + + maj = gss_import_sec_context(&min, &wrap_token, &ctx->local); + +done: + *minor_status = gpp_map_error(min); + if (maj == GSS_S_COMPLETE) { + *context_handle = (gss_ctx_id_t)ctx; + } else { + free(ctx); + } + (void)gss_release_buffer(&min, &wrap_token); + return maj; } OM_uint32 gssi_process_context_token(OM_uint32 *minor_status, diff --git a/proxy/src/mechglue/gss_plugin.h b/proxy/src/mechglue/gss_plugin.h index defcb2d..342a8bd 100644 --- a/proxy/src/mechglue/gss_plugin.h +++ b/proxy/src/mechglue/gss_plugin.h @@ -128,6 +128,11 @@ OM_uint32 gssi_import_sec_context(OM_uint32 *minor_status, gss_buffer_t interprocess_token, gss_ctx_id_t *context_handle); +OM_uint32 gssi_import_sec_context_for_mech(OM_uint32 *minor_status, + gss_OID mech_type, + gss_buffer_t interprocess_token, + gss_ctx_id_t *context_handle); + OM_uint32 gssi_process_context_token(OM_uint32 *minor_status, gss_ctx_id_t context_handle, gss_buffer_t token_buffer); |