17c478bd9Sstevel@tonic-gate /*
27c478bd9Sstevel@tonic-gate * lib/gssapi/krb5/export_sec_context.c
37c478bd9Sstevel@tonic-gate *
47c478bd9Sstevel@tonic-gate * Copyright 1995 by the Massachusetts Institute of Technology.
57c478bd9Sstevel@tonic-gate * All Rights Reserved.
67c478bd9Sstevel@tonic-gate *
77c478bd9Sstevel@tonic-gate * Export of this software from the United States of America may
87c478bd9Sstevel@tonic-gate * require a specific license from the United States Government.
97c478bd9Sstevel@tonic-gate * It is the responsibility of any person or organization contemplating
107c478bd9Sstevel@tonic-gate * export to obtain such a license before exporting.
117c478bd9Sstevel@tonic-gate *
127c478bd9Sstevel@tonic-gate * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
137c478bd9Sstevel@tonic-gate * distribute this software and its documentation for any purpose and
147c478bd9Sstevel@tonic-gate * without fee is hereby granted, provided that the above copyright
157c478bd9Sstevel@tonic-gate * notice appear in all copies and that both that copyright notice and
167c478bd9Sstevel@tonic-gate * this permission notice appear in supporting documentation, and that
177c478bd9Sstevel@tonic-gate * the name of M.I.T. not be used in advertising or publicity pertaining
187c478bd9Sstevel@tonic-gate * to distribution of the software without specific, written prior
197c478bd9Sstevel@tonic-gate * permission. Furthermore if you modify this software you must label
207c478bd9Sstevel@tonic-gate * your software as modified software and not distribute it in such a
217c478bd9Sstevel@tonic-gate * fashion that it might be confused with the original M.I.T. software.
227c478bd9Sstevel@tonic-gate * M.I.T. makes no representations about the suitability of
237c478bd9Sstevel@tonic-gate * this software for any purpose. It is provided "as is" without express
247c478bd9Sstevel@tonic-gate * or implied warranty.
257c478bd9Sstevel@tonic-gate *
267c478bd9Sstevel@tonic-gate */
277c478bd9Sstevel@tonic-gate
287c478bd9Sstevel@tonic-gate /*
297c478bd9Sstevel@tonic-gate * export_sec_context.c - Externalize the security context.
307c478bd9Sstevel@tonic-gate */
31ab9b2e15Sgtb #include "gssapiP_krb5.h"
327c478bd9Sstevel@tonic-gate
337c478bd9Sstevel@tonic-gate OM_uint32
krb5_gss_export_sec_context(minor_status,context_handle,interprocess_token)34ab9b2e15Sgtb krb5_gss_export_sec_context(minor_status, context_handle, interprocess_token)
357c478bd9Sstevel@tonic-gate OM_uint32 *minor_status;
367c478bd9Sstevel@tonic-gate gss_ctx_id_t *context_handle;
377c478bd9Sstevel@tonic-gate gss_buffer_t interprocess_token;
387c478bd9Sstevel@tonic-gate {
39ab9b2e15Sgtb krb5_context context;
407c478bd9Sstevel@tonic-gate krb5_error_code kret;
417c478bd9Sstevel@tonic-gate OM_uint32 retval;
427c478bd9Sstevel@tonic-gate size_t bufsize, blen;
437c478bd9Sstevel@tonic-gate krb5_gss_ctx_id_t ctx;
447c478bd9Sstevel@tonic-gate krb5_octet *obuffer, *obp;
457c478bd9Sstevel@tonic-gate
467c478bd9Sstevel@tonic-gate /* Assume a tragic failure */
477c478bd9Sstevel@tonic-gate obuffer = (krb5_octet *) NULL;
487c478bd9Sstevel@tonic-gate retval = GSS_S_FAILURE;
497c478bd9Sstevel@tonic-gate *minor_status = 0;
507c478bd9Sstevel@tonic-gate
517c478bd9Sstevel@tonic-gate if (!kg_validate_ctx_id(*context_handle)) {
527c478bd9Sstevel@tonic-gate kret = (OM_uint32) G_VALIDATE_FAILED;
537c478bd9Sstevel@tonic-gate retval = GSS_S_NO_CONTEXT;
547c478bd9Sstevel@tonic-gate goto error_out;
557c478bd9Sstevel@tonic-gate }
567c478bd9Sstevel@tonic-gate
577c478bd9Sstevel@tonic-gate ctx = (krb5_gss_ctx_id_t) *context_handle;
58ab9b2e15Sgtb context = ctx->k5_context;
59ab9b2e15Sgtb kret = krb5_gss_ser_init(context);
60ab9b2e15Sgtb if (kret)
61ab9b2e15Sgtb goto error_out;
62ab9b2e15Sgtb
637c478bd9Sstevel@tonic-gate /* Determine size needed for externalization of context */
647c478bd9Sstevel@tonic-gate bufsize = 0;
657c478bd9Sstevel@tonic-gate if ((kret = kg_ctx_size(context, (krb5_pointer) ctx,
667c478bd9Sstevel@tonic-gate &bufsize)))
677c478bd9Sstevel@tonic-gate goto error_out;
687c478bd9Sstevel@tonic-gate
697c478bd9Sstevel@tonic-gate /* Allocate the buffer */
707c478bd9Sstevel@tonic-gate if ((obuffer = (krb5_octet *) xmalloc(bufsize)) == NULL) {
717c478bd9Sstevel@tonic-gate kret = ENOMEM;
727c478bd9Sstevel@tonic-gate goto error_out;
737c478bd9Sstevel@tonic-gate }
747c478bd9Sstevel@tonic-gate
757c478bd9Sstevel@tonic-gate obp = obuffer;
767c478bd9Sstevel@tonic-gate blen = bufsize;
777c478bd9Sstevel@tonic-gate /* Externalize the context */
787c478bd9Sstevel@tonic-gate if ((kret = kg_ctx_externalize(context,
797c478bd9Sstevel@tonic-gate (krb5_pointer) ctx, &obp, &blen)))
807c478bd9Sstevel@tonic-gate goto error_out;
817c478bd9Sstevel@tonic-gate
827c478bd9Sstevel@tonic-gate /* Success! Return the buffer */
837c478bd9Sstevel@tonic-gate interprocess_token->length = bufsize - blen;
847c478bd9Sstevel@tonic-gate interprocess_token->value = obuffer;
857c478bd9Sstevel@tonic-gate *minor_status = 0;
867c478bd9Sstevel@tonic-gate retval = GSS_S_COMPLETE;
877c478bd9Sstevel@tonic-gate
887c478bd9Sstevel@tonic-gate /* Now, clean up the context state */
89ab9b2e15Sgtb (void)krb5_gss_delete_sec_context(minor_status, context_handle, NULL);
907c478bd9Sstevel@tonic-gate *context_handle = GSS_C_NO_CONTEXT;
917c478bd9Sstevel@tonic-gate
927c478bd9Sstevel@tonic-gate return (GSS_S_COMPLETE);
937c478bd9Sstevel@tonic-gate
947c478bd9Sstevel@tonic-gate error_out:
955e01956fSGlenn Barry if (retval != GSS_S_COMPLETE)
965e01956fSGlenn Barry if (kret != 0 && context != 0)
975e01956fSGlenn Barry save_error_info((OM_uint32)kret, context);
987c478bd9Sstevel@tonic-gate if (obuffer && bufsize) {
997c478bd9Sstevel@tonic-gate memset(obuffer, 0, bufsize);
100ab9b2e15Sgtb xfree(obuffer);
1017c478bd9Sstevel@tonic-gate }
102*55fea89dSDan Cross if (*minor_status == 0)
1037c478bd9Sstevel@tonic-gate *minor_status = (OM_uint32) kret;
1047c478bd9Sstevel@tonic-gate return(retval);
1057c478bd9Sstevel@tonic-gate }
106