7bf4d76e75
- Formalize the TYPE:collection_name:subsidiary_name naming scheme for
ccaches in ccache collections
- KEYRING: ccaches are weird because they have one more optional field: the
"anchor", so rather than just assume a naming convention everywhere, we
add new functions as well
- Add krb5_cc_{resolve,default}_sub() that allows one to specify a
"subsidiary" ccache name in a collection separately from the
collection name
- Add krb5_cc_{resolve,default}_for() which take a principal name,
unparse it, and use it as the subsidiary ccache name (with colons
replaced)
- Make kinit use the new interfaces
- Add missing DIR ccache iteration functionality
- Revamps test_cc
- Add krb5_cc_get_collection() and krb5_cc_get_subsidiary()
- Bump the ccops SPI version number
- Add gss_store_cred_into2()
- Make MEMORY:anonymous not linked into the global MEMORY ccache
collection, and uses this for delegated cred handles
TBD:
- Split this up into a krb5 change and gss mech_krb5 change?
- Add krb5_cc_init_and_store() utility, per Greg's suggestion?
182 lines
6.7 KiB
C
182 lines
6.7 KiB
C
/*
|
|
* Copyright (c) 2009 Kungliga Tekniska Högskolan
|
|
* (Royal Institute of Technology, Stockholm, Sweden).
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
*
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
*
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
*
|
|
* 3. Neither the name of the Institute nor the names of its contributors
|
|
* may be used to endorse or promote products derived from this software
|
|
* without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*/
|
|
|
|
#include "mech_locl.h"
|
|
|
|
static OM_uint32
|
|
store_mech_cred(OM_uint32 *minor_status,
|
|
gssapi_mech_interface m,
|
|
const struct _gss_mechanism_cred *mc,
|
|
gss_cred_usage_t input_usage,
|
|
OM_uint32 store_cred_flags,
|
|
gss_const_key_value_set_t cred_store,
|
|
gss_cred_usage_t *usage_stored,
|
|
gss_buffer_set_t *env)
|
|
{
|
|
OM_uint32 major_status;
|
|
OM_uint32 overwrite_cred =
|
|
!!(store_cred_flags & GSS_C_STORE_CRED_OVERWRITE);
|
|
OM_uint32 default_cred = !!(store_cred_flags & GSS_C_STORE_CRED_DEFAULT);
|
|
|
|
if (m->gm_store_cred_into2)
|
|
major_status = m->gm_store_cred_into2(minor_status, mc->gmc_cred,
|
|
input_usage, &m->gm_mech_oid,
|
|
store_cred_flags, cred_store,
|
|
NULL, usage_stored,
|
|
env);
|
|
else if (m->gm_store_cred_into)
|
|
major_status = m->gm_store_cred_into(minor_status, mc->gmc_cred,
|
|
input_usage, &m->gm_mech_oid,
|
|
overwrite_cred, default_cred,
|
|
cred_store, NULL, usage_stored);
|
|
else if (cred_store == GSS_C_NO_CRED_STORE && m->gm_store_cred)
|
|
major_status = m->gm_store_cred(minor_status, mc->gmc_cred,
|
|
input_usage, &m->gm_mech_oid,
|
|
overwrite_cred, default_cred,
|
|
NULL, usage_stored);
|
|
else
|
|
major_status = GSS_S_UNAVAILABLE;
|
|
|
|
return major_status;
|
|
}
|
|
|
|
/*
|
|
* See RFC5588 for gss_store_cred(). This function is a variant that takes a
|
|
* const key/value hashmap-like thing that specifies a credential store in a
|
|
* mechanism- and implementation-specific way, though Heimdal and MIT agree on
|
|
* at least the following keys for the Kerberos mechanism: ccache, keytab, and
|
|
* client_keytab. A set of environment variables may be output as well
|
|
*/
|
|
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
|
|
gss_store_cred_into2(OM_uint32 *minor_status,
|
|
gss_const_cred_id_t input_cred_handle,
|
|
gss_cred_usage_t input_usage,
|
|
const gss_OID desired_mech,
|
|
OM_uint32 store_cred_flags,
|
|
gss_const_key_value_set_t cred_store,
|
|
gss_OID_set *elements_stored,
|
|
gss_cred_usage_t *cred_usage_stored,
|
|
gss_buffer_set_t *env)
|
|
{
|
|
struct _gss_cred *cred = (struct _gss_cred *)input_cred_handle;
|
|
struct _gss_mechanism_cred *mc;
|
|
OM_uint32 major_status;
|
|
OM_uint32 minor;
|
|
size_t successes;
|
|
|
|
if (env != NULL)
|
|
*env = NULL;
|
|
|
|
if (input_cred_handle == NULL)
|
|
return GSS_S_CALL_INACCESSIBLE_READ;
|
|
|
|
if (minor_status == NULL)
|
|
return GSS_S_CALL_INACCESSIBLE_WRITE;
|
|
*minor_status = 0;
|
|
|
|
if (cred_usage_stored)
|
|
*cred_usage_stored = 0;
|
|
|
|
if (elements_stored) {
|
|
*elements_stored = GSS_C_NO_OID_SET;
|
|
|
|
major_status = gss_create_empty_oid_set(minor_status,
|
|
elements_stored);
|
|
if (major_status != GSS_S_COMPLETE)
|
|
return major_status;
|
|
}
|
|
|
|
major_status = GSS_S_NO_CRED;
|
|
successes = 0;
|
|
|
|
HEIM_TAILQ_FOREACH(mc, &cred->gc_mc, gmc_link) {
|
|
gssapi_mech_interface m = mc->gmc_mech;
|
|
|
|
if (m == NULL || (m->gm_flags & GM_USE_MG_CRED) != 0)
|
|
continue;
|
|
|
|
if (desired_mech != GSS_C_NO_OID &&
|
|
!gss_oid_equal(&m->gm_mech_oid, desired_mech))
|
|
continue;
|
|
|
|
major_status = store_mech_cred(minor_status, m, mc, input_usage,
|
|
store_cred_flags, cred_store,
|
|
cred_usage_stored, env);
|
|
if (major_status == GSS_S_COMPLETE) {
|
|
if (elements_stored && desired_mech != GSS_C_NO_OID)
|
|
gss_add_oid_set_member(&minor, desired_mech, elements_stored);
|
|
successes++;
|
|
} else if (desired_mech != GSS_C_NO_OID) {
|
|
_gss_mg_error(m, *minor_status);
|
|
gss_release_oid_set(&minor, elements_stored);
|
|
return major_status;
|
|
}
|
|
}
|
|
|
|
if (successes > 0) {
|
|
*minor_status = 0;
|
|
major_status = GSS_S_COMPLETE;
|
|
}
|
|
|
|
heim_assert(successes || major_status != GSS_S_COMPLETE,
|
|
"cred storage failed, but no error raised");
|
|
|
|
return major_status;
|
|
}
|
|
|
|
/*
|
|
* See RFC5588 for gss_store_cred(). This function is a variant that takes a
|
|
* const key/value hashmap-like thing that specifies a credential store in a
|
|
* mechanism- and implementation-specific way, though Heimdal and MIT agree on
|
|
* at least the following keys for the Kerberos mechanism: ccache, keytab, and
|
|
* client_keytab.
|
|
*/
|
|
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
|
|
gss_store_cred_into(OM_uint32 *minor_status,
|
|
gss_const_cred_id_t input_cred_handle,
|
|
gss_cred_usage_t input_usage,
|
|
const gss_OID desired_mech,
|
|
OM_uint32 overwrite_cred,
|
|
OM_uint32 default_cred,
|
|
gss_const_key_value_set_t cred_store,
|
|
gss_OID_set *elements_stored,
|
|
gss_cred_usage_t *cred_usage_stored)
|
|
{
|
|
OM_uint32 store_cred_flags =
|
|
(overwrite_cred ? GSS_C_STORE_CRED_OVERWRITE : 0) |
|
|
(default_cred ? GSS_C_STORE_CRED_DEFAULT : 0);
|
|
return gss_store_cred_into2(minor_status, input_cred_handle, input_usage,
|
|
desired_mech, store_cred_flags, cred_store,
|
|
elements_stored, cred_usage_stored, NULL);
|
|
}
|