1 #pragma ident	"%Z%%M%	%I%	%E% SMI"
2 
3 /*
4  * lib/gssapi/krb5/export_sec_context.c
5  *
6  * Copyright 1995 by the Massachusetts Institute of Technology.
7  * All Rights Reserved.
8  *
9  * Export of this software from the United States of America may
10  *   require a specific license from the United States Government.
11  *   It is the responsibility of any person or organization contemplating
12  *   export to obtain such a license before exporting.
13  *
14  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
15  * distribute this software and its documentation for any purpose and
16  * without fee is hereby granted, provided that the above copyright
17  * notice appear in all copies and that both that copyright notice and
18  * this permission notice appear in supporting documentation, and that
19  * the name of M.I.T. not be used in advertising or publicity pertaining
20  * to distribution of the software without specific, written prior
21  * permission.  Furthermore if you modify this software you must label
22  * your software as modified software and not distribute it in such a
23  * fashion that it might be confused with the original M.I.T. software.
24  * M.I.T. makes no representations about the suitability of
25  * this software for any purpose.  It is provided "as is" without express
26  * or implied warranty.
27  *
28  */
29 
30 /*
31  * export_sec_context.c	- Externalize the security context.
32  */
33 #include "gssapiP_krb5.h"
34 
35 OM_uint32
36 krb5_gss_export_sec_context(minor_status, context_handle, interprocess_token)
37     OM_uint32		*minor_status;
38     gss_ctx_id_t	*context_handle;
39     gss_buffer_t	interprocess_token;
40 {
41     krb5_context	context;
42     krb5_error_code	kret;
43     OM_uint32		retval;
44     size_t		bufsize, blen;
45     krb5_gss_ctx_id_t	ctx;
46     krb5_octet		*obuffer, *obp;
47 
48     /* Assume a tragic failure */
49     obuffer = (krb5_octet *) NULL;
50     retval = GSS_S_FAILURE;
51     *minor_status = 0;
52 
53     if (!kg_validate_ctx_id(*context_handle)) {
54 	    kret = (OM_uint32) G_VALIDATE_FAILED;
55 	    retval = GSS_S_NO_CONTEXT;
56 	    goto error_out;
57     }
58 
59     ctx = (krb5_gss_ctx_id_t) *context_handle;
60     context = ctx->k5_context;
61     kret = krb5_gss_ser_init(context);
62     if (kret)
63 	goto error_out;
64 
65     { gss_OID go = ctx->mech_used;
66     printf("export ctx len=%lu\n", go->length);
67     }
68 
69     /* Determine size needed for externalization of context */
70     bufsize = 0;
71     if ((kret = kg_ctx_size(context, (krb5_pointer) ctx,
72 			    &bufsize)))
73 	    goto error_out;
74 
75     /* Allocate the buffer */
76     if ((obuffer = (krb5_octet *) xmalloc(bufsize)) == NULL) {
77 	    kret = ENOMEM;
78 	    goto error_out;
79     }
80 
81     obp = obuffer;
82     blen = bufsize;
83     /* Externalize the context */
84     if ((kret = kg_ctx_externalize(context,
85 				   (krb5_pointer) ctx, &obp, &blen)))
86 	    goto error_out;
87 
88     /* Success!  Return the buffer */
89     interprocess_token->length = bufsize - blen;
90     interprocess_token->value = obuffer;
91     *minor_status = 0;
92     retval = GSS_S_COMPLETE;
93 
94     /* Now, clean up the context state */
95     (void)krb5_gss_delete_sec_context(minor_status, context_handle, NULL);
96     *context_handle = GSS_C_NO_CONTEXT;
97 
98     return (GSS_S_COMPLETE);
99 
100 error_out:
101     if (obuffer && bufsize) {
102 	    memset(obuffer, 0, bufsize);
103 	    xfree(obuffer);
104     }
105     if (*minor_status == 0)
106 	    *minor_status = (OM_uint32) kret;
107     return(retval);
108 }
109