17c478bd9Sstevel@tonic-gate /*
27c478bd9Sstevel@tonic-gate * CDDL HEADER START
37c478bd9Sstevel@tonic-gate *
47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the
5503a2b89SPeter Shoults * Common Development and Distribution License (the "License").
6503a2b89SPeter Shoults * You may not use this file except in compliance with the License.
77c478bd9Sstevel@tonic-gate *
87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing.
107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions
117c478bd9Sstevel@tonic-gate * and limitations under the License.
127c478bd9Sstevel@tonic-gate *
137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each
147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the
167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying
177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner]
187c478bd9Sstevel@tonic-gate *
197c478bd9Sstevel@tonic-gate * CDDL HEADER END
207c478bd9Sstevel@tonic-gate */
217c478bd9Sstevel@tonic-gate /*
22*5e01956fSGlenn Barry * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
237c478bd9Sstevel@tonic-gate */
247c478bd9Sstevel@tonic-gate
257c478bd9Sstevel@tonic-gate /*
267c478bd9Sstevel@tonic-gate * glue routine for gss_compare_name
277c478bd9Sstevel@tonic-gate *
287c478bd9Sstevel@tonic-gate */
297c478bd9Sstevel@tonic-gate
307c478bd9Sstevel@tonic-gate #include <mechglueP.h>
31*5e01956fSGlenn Barry #include "gssapiP_generic.h"
327c478bd9Sstevel@tonic-gate #ifdef HAVE_STDLIB_H
337c478bd9Sstevel@tonic-gate #include <stdlib.h>
347c478bd9Sstevel@tonic-gate #endif
357c478bd9Sstevel@tonic-gate #include <string.h>
367c478bd9Sstevel@tonic-gate
37503a2b89SPeter Shoults static OM_uint32
val_comp_name_args(OM_uint32 * minor_status,gss_name_t name1,gss_name_t name2,int * name_equal)38503a2b89SPeter Shoults val_comp_name_args(
39503a2b89SPeter Shoults OM_uint32 *minor_status,
40503a2b89SPeter Shoults gss_name_t name1,
41503a2b89SPeter Shoults gss_name_t name2,
42503a2b89SPeter Shoults int *name_equal)
43503a2b89SPeter Shoults {
44503a2b89SPeter Shoults
45503a2b89SPeter Shoults /* Initialize outputs. */
46503a2b89SPeter Shoults
47503a2b89SPeter Shoults if (minor_status != NULL)
48503a2b89SPeter Shoults *minor_status = 0;
49503a2b89SPeter Shoults
50503a2b89SPeter Shoults /* Validate arguments. */
51503a2b89SPeter Shoults
52503a2b89SPeter Shoults if (name1 == GSS_C_NO_NAME || name2 == GSS_C_NO_NAME)
53503a2b89SPeter Shoults return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME);
54503a2b89SPeter Shoults
55503a2b89SPeter Shoults if (name_equal == NULL)
56503a2b89SPeter Shoults return (GSS_S_CALL_INACCESSIBLE_WRITE);
57503a2b89SPeter Shoults
58503a2b89SPeter Shoults return (GSS_S_COMPLETE);
59503a2b89SPeter Shoults }
60503a2b89SPeter Shoults
617c478bd9Sstevel@tonic-gate OM_uint32
gss_compare_name(minor_status,name1,name2,name_equal)627c478bd9Sstevel@tonic-gate gss_compare_name(minor_status,
637c478bd9Sstevel@tonic-gate name1,
647c478bd9Sstevel@tonic-gate name2,
657c478bd9Sstevel@tonic-gate name_equal)
667c478bd9Sstevel@tonic-gate
677c478bd9Sstevel@tonic-gate OM_uint32 *minor_status;
687c478bd9Sstevel@tonic-gate const gss_name_t name1;
697c478bd9Sstevel@tonic-gate const gss_name_t name2;
707c478bd9Sstevel@tonic-gate int *name_equal;
717c478bd9Sstevel@tonic-gate
727c478bd9Sstevel@tonic-gate {
737c478bd9Sstevel@tonic-gate OM_uint32 major_status, temp_minor;
747c478bd9Sstevel@tonic-gate gss_union_name_t union_name1, union_name2;
75*5e01956fSGlenn Barry gss_mechanism mech = NULL;
767c478bd9Sstevel@tonic-gate gss_name_t internal_name;
777c478bd9Sstevel@tonic-gate
78503a2b89SPeter Shoults major_status = val_comp_name_args(minor_status,
79503a2b89SPeter Shoults name1, name2, name_equal);
80503a2b89SPeter Shoults if (major_status != GSS_S_COMPLETE)
81503a2b89SPeter Shoults return (major_status);
827c478bd9Sstevel@tonic-gate
837c478bd9Sstevel@tonic-gate union_name1 = (gss_union_name_t)name1;
847c478bd9Sstevel@tonic-gate union_name2 = (gss_union_name_t)name2;
857c478bd9Sstevel@tonic-gate /*
867c478bd9Sstevel@tonic-gate * Try our hardest to make union_name1 be the mechanism-specific
877c478bd9Sstevel@tonic-gate * name. (Of course we can't if both names aren't
887c478bd9Sstevel@tonic-gate * mechanism-specific.)
897c478bd9Sstevel@tonic-gate */
907c478bd9Sstevel@tonic-gate if (union_name1->mech_type == 0) {
917c478bd9Sstevel@tonic-gate union_name1 = (gss_union_name_t)name2;
927c478bd9Sstevel@tonic-gate union_name2 = (gss_union_name_t)name1;
937c478bd9Sstevel@tonic-gate }
947c478bd9Sstevel@tonic-gate /*
957c478bd9Sstevel@tonic-gate * If union_name1 is mechanism specific, then fetch its mechanism
967c478bd9Sstevel@tonic-gate * information.
977c478bd9Sstevel@tonic-gate */
987c478bd9Sstevel@tonic-gate if (union_name1->mech_type) {
997c478bd9Sstevel@tonic-gate mech = __gss_get_mechanism(union_name1->mech_type);
1007c478bd9Sstevel@tonic-gate if (!mech)
1017c478bd9Sstevel@tonic-gate return (GSS_S_BAD_MECH);
1027c478bd9Sstevel@tonic-gate if (!mech->gss_compare_name)
1037c478bd9Sstevel@tonic-gate return (GSS_S_UNAVAILABLE);
1047c478bd9Sstevel@tonic-gate }
1057c478bd9Sstevel@tonic-gate
1067c478bd9Sstevel@tonic-gate *name_equal = 0; /* Default to *not* equal.... */
1077c478bd9Sstevel@tonic-gate
1087c478bd9Sstevel@tonic-gate /*
1097c478bd9Sstevel@tonic-gate * First case... both names are mechanism-specific
1107c478bd9Sstevel@tonic-gate */
1117c478bd9Sstevel@tonic-gate if (union_name1->mech_type && union_name2->mech_type) {
1127c478bd9Sstevel@tonic-gate if (!g_OID_equal(union_name1->mech_type,
1137c478bd9Sstevel@tonic-gate union_name2->mech_type))
1147c478bd9Sstevel@tonic-gate return (GSS_S_COMPLETE);
1157c478bd9Sstevel@tonic-gate if ((union_name1->mech_name == 0) ||
1167c478bd9Sstevel@tonic-gate (union_name2->mech_name == 0))
1177c478bd9Sstevel@tonic-gate /* should never happen */
1187c478bd9Sstevel@tonic-gate return (GSS_S_BAD_NAME);
119*5e01956fSGlenn Barry if (!mech)
120*5e01956fSGlenn Barry return (GSS_S_BAD_MECH);
121*5e01956fSGlenn Barry if (!mech->gss_compare_name)
122*5e01956fSGlenn Barry return (GSS_S_UNAVAILABLE);
123*5e01956fSGlenn Barry major_status = mech->gss_compare_name(mech->context,
124*5e01956fSGlenn Barry minor_status,
125*5e01956fSGlenn Barry union_name1->mech_name,
126*5e01956fSGlenn Barry union_name2->mech_name,
127*5e01956fSGlenn Barry name_equal);
128*5e01956fSGlenn Barry if (major_status != GSS_S_COMPLETE)
129*5e01956fSGlenn Barry map_error(minor_status, mech);
130*5e01956fSGlenn Barry return major_status;
1317c478bd9Sstevel@tonic-gate }
1327c478bd9Sstevel@tonic-gate
1337c478bd9Sstevel@tonic-gate /*
1347c478bd9Sstevel@tonic-gate * Second case... both names are NOT mechanism specific.
1357c478bd9Sstevel@tonic-gate *
1367c478bd9Sstevel@tonic-gate * All we do here is make sure the two name_types are equal and then
1377c478bd9Sstevel@tonic-gate * that the external_names are equal. Note the we do not take care
1387c478bd9Sstevel@tonic-gate * of the case where two different external names map to the same
1397c478bd9Sstevel@tonic-gate * internal name. We cannot determine this, since we as yet do not
1407c478bd9Sstevel@tonic-gate * know what mechanism to use for calling the underlying
1417c478bd9Sstevel@tonic-gate * gss_import_name().
1427c478bd9Sstevel@tonic-gate */
1437c478bd9Sstevel@tonic-gate if (!union_name1->mech_type && !union_name2->mech_type) {
1447c478bd9Sstevel@tonic-gate /*
1457c478bd9Sstevel@tonic-gate * Second case, first sub-case... one name has null
1467c478bd9Sstevel@tonic-gate * name_type, the other doesn't.
1477c478bd9Sstevel@tonic-gate *
1487c478bd9Sstevel@tonic-gate * Not knowing a mech_type we can't import the name with
1497c478bd9Sstevel@tonic-gate * null name_type so we can't compare.
1507c478bd9Sstevel@tonic-gate */
1517c478bd9Sstevel@tonic-gate if ((union_name1->name_type == GSS_C_NULL_OID &&
1527c478bd9Sstevel@tonic-gate union_name2->name_type != GSS_C_NULL_OID) ||
1537c478bd9Sstevel@tonic-gate (union_name1->name_type != GSS_C_NULL_OID &&
1547c478bd9Sstevel@tonic-gate union_name2->name_type == GSS_C_NULL_OID))
1557c478bd9Sstevel@tonic-gate return (GSS_S_COMPLETE);
1567c478bd9Sstevel@tonic-gate /*
1577c478bd9Sstevel@tonic-gate * Second case, second sub-case... both names have
1587c478bd9Sstevel@tonic-gate * name_types, but they are different.
1597c478bd9Sstevel@tonic-gate */
1607c478bd9Sstevel@tonic-gate if ((union_name1->name_type != GSS_C_NULL_OID &&
1617c478bd9Sstevel@tonic-gate union_name2->name_type != GSS_C_NULL_OID) &&
1627c478bd9Sstevel@tonic-gate !g_OID_equal(union_name1->name_type,
1637c478bd9Sstevel@tonic-gate union_name2->name_type))
1647c478bd9Sstevel@tonic-gate return (GSS_S_COMPLETE);
1657c478bd9Sstevel@tonic-gate /*
1667c478bd9Sstevel@tonic-gate * Second case, third sub-case... both names have equal
1677c478bd9Sstevel@tonic-gate * name_types (and both have no mech_types) so we just
1687c478bd9Sstevel@tonic-gate * compare the external_names.
1697c478bd9Sstevel@tonic-gate */
1707c478bd9Sstevel@tonic-gate if ((union_name1->external_name->length !=
1717c478bd9Sstevel@tonic-gate union_name2->external_name->length) ||
1727c478bd9Sstevel@tonic-gate (memcmp(union_name1->external_name->value,
1737c478bd9Sstevel@tonic-gate union_name2->external_name->value,
1747c478bd9Sstevel@tonic-gate union_name1->external_name->length) != 0))
1757c478bd9Sstevel@tonic-gate return (GSS_S_COMPLETE);
1767c478bd9Sstevel@tonic-gate *name_equal = 1;
1777c478bd9Sstevel@tonic-gate return (GSS_S_COMPLETE);
1787c478bd9Sstevel@tonic-gate }
1797c478bd9Sstevel@tonic-gate
1807c478bd9Sstevel@tonic-gate /*
1817c478bd9Sstevel@tonic-gate * Final case... one name is mechanism specific, the other isn't.
1827c478bd9Sstevel@tonic-gate *
1837c478bd9Sstevel@tonic-gate * We attempt to convert the general name to the mechanism type of
1847c478bd9Sstevel@tonic-gate * the mechanism-specific name, and then do the compare. If we
1857c478bd9Sstevel@tonic-gate * can't import the general name, then we return that the name is
1867c478bd9Sstevel@tonic-gate * _NOT_ equal.
1877c478bd9Sstevel@tonic-gate */
1887c478bd9Sstevel@tonic-gate if (union_name2->mech_type) {
1897c478bd9Sstevel@tonic-gate /* We make union_name1 the mechanism specific name. */
1907c478bd9Sstevel@tonic-gate union_name1 = (gss_union_name_t)name2;
1917c478bd9Sstevel@tonic-gate union_name2 = (gss_union_name_t)name1;
1927c478bd9Sstevel@tonic-gate }
1937c478bd9Sstevel@tonic-gate major_status = __gss_import_internal_name(minor_status,
1947c478bd9Sstevel@tonic-gate union_name1->mech_type,
1957c478bd9Sstevel@tonic-gate union_name2,
1967c478bd9Sstevel@tonic-gate &internal_name);
1977c478bd9Sstevel@tonic-gate if (major_status != GSS_S_COMPLETE)
1987c478bd9Sstevel@tonic-gate return (GSS_S_COMPLETE); /* return complete, but not equal */
1997c478bd9Sstevel@tonic-gate
200*5e01956fSGlenn Barry if (!mech)
201*5e01956fSGlenn Barry return (GSS_S_BAD_MECH);
202*5e01956fSGlenn Barry if (!mech->gss_compare_name)
203*5e01956fSGlenn Barry return (GSS_S_UNAVAILABLE);
2047c478bd9Sstevel@tonic-gate major_status = mech->gss_compare_name(mech->context, minor_status,
2057c478bd9Sstevel@tonic-gate union_name1->mech_name,
2067c478bd9Sstevel@tonic-gate internal_name,
2077c478bd9Sstevel@tonic-gate name_equal);
208*5e01956fSGlenn Barry if (major_status != GSS_S_COMPLETE)
209*5e01956fSGlenn Barry map_error(minor_status, mech);
2107c478bd9Sstevel@tonic-gate (void) __gss_release_internal_name(&temp_minor, union_name1->mech_type,
2117c478bd9Sstevel@tonic-gate &internal_name);
2127c478bd9Sstevel@tonic-gate return (major_status);
2137c478bd9Sstevel@tonic-gate }
214