1*7c478bd9Sstevel@tonic-gate /* 2*7c478bd9Sstevel@tonic-gate * Copyright 2001-2002 Sun Microsystems, Inc. All rights reserved. 3*7c478bd9Sstevel@tonic-gate * Use is subject to license terms. 4*7c478bd9Sstevel@tonic-gate */ 5*7c478bd9Sstevel@tonic-gate 6*7c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 7*7c478bd9Sstevel@tonic-gate 8*7c478bd9Sstevel@tonic-gate /* 9*7c478bd9Sstevel@tonic-gate * Copyright 1993 by OpenVision Technologies, Inc. 10*7c478bd9Sstevel@tonic-gate * 11*7c478bd9Sstevel@tonic-gate * Permission to use, copy, modify, distribute, and sell this software 12*7c478bd9Sstevel@tonic-gate * and its documentation for any purpose is hereby granted without fee, 13*7c478bd9Sstevel@tonic-gate * provided that the above copyright notice appears in all copies and 14*7c478bd9Sstevel@tonic-gate * that both that copyright notice and this permission notice appear in 15*7c478bd9Sstevel@tonic-gate * supporting documentation, and that the name of OpenVision not be used 16*7c478bd9Sstevel@tonic-gate * in advertising or publicity pertaining to distribution of the software 17*7c478bd9Sstevel@tonic-gate * without specific, written prior permission. OpenVision makes no 18*7c478bd9Sstevel@tonic-gate * representations about the suitability of this software for any 19*7c478bd9Sstevel@tonic-gate * purpose. It is provided "as is" without express or implied warranty. 20*7c478bd9Sstevel@tonic-gate * 21*7c478bd9Sstevel@tonic-gate * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, 22*7c478bd9Sstevel@tonic-gate * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO 23*7c478bd9Sstevel@tonic-gate * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR 24*7c478bd9Sstevel@tonic-gate * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF 25*7c478bd9Sstevel@tonic-gate * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR 26*7c478bd9Sstevel@tonic-gate * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 27*7c478bd9Sstevel@tonic-gate * PERFORMANCE OF THIS SOFTWARE. 28*7c478bd9Sstevel@tonic-gate */ 29*7c478bd9Sstevel@tonic-gate 30*7c478bd9Sstevel@tonic-gate #include <gssapiP_krb5.h> 31*7c478bd9Sstevel@tonic-gate 32*7c478bd9Sstevel@tonic-gate /* 33*7c478bd9Sstevel@tonic-gate * $Id: sign.c,v 1.11 1996/07/22 20:34:35 marc Exp $ 34*7c478bd9Sstevel@tonic-gate */ 35*7c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 36*7c478bd9Sstevel@tonic-gate 37*7c478bd9Sstevel@tonic-gate OM_uint32 38*7c478bd9Sstevel@tonic-gate krb5_gss_sign(ctx, minor_status, context_handle, 39*7c478bd9Sstevel@tonic-gate qop_req, message_buffer, 40*7c478bd9Sstevel@tonic-gate message_token 41*7c478bd9Sstevel@tonic-gate #ifdef _KERNEL 42*7c478bd9Sstevel@tonic-gate , gssd_ctx_verifier 43*7c478bd9Sstevel@tonic-gate #endif 44*7c478bd9Sstevel@tonic-gate ) 45*7c478bd9Sstevel@tonic-gate void *ctx; 46*7c478bd9Sstevel@tonic-gate OM_uint32 *minor_status; 47*7c478bd9Sstevel@tonic-gate gss_ctx_id_t context_handle; 48*7c478bd9Sstevel@tonic-gate int qop_req; 49*7c478bd9Sstevel@tonic-gate gss_buffer_t message_buffer; 50*7c478bd9Sstevel@tonic-gate gss_buffer_t message_token; 51*7c478bd9Sstevel@tonic-gate #ifdef _KERNEL 52*7c478bd9Sstevel@tonic-gate OM_uint32 gssd_ctx_verifier; 53*7c478bd9Sstevel@tonic-gate #endif 54*7c478bd9Sstevel@tonic-gate { 55*7c478bd9Sstevel@tonic-gate krb5_context context; 56*7c478bd9Sstevel@tonic-gate OM_uint32 status; 57*7c478bd9Sstevel@tonic-gate 58*7c478bd9Sstevel@tonic-gate /* Solaris Kerberos: for MT safety, we avoid the use of a default 59*7c478bd9Sstevel@tonic-gate * context via kg_get_context() */ 60*7c478bd9Sstevel@tonic-gate #if 0 61*7c478bd9Sstevel@tonic-gate if (GSS_ERROR(kg_get_context(minor_status, &context))) 62*7c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 63*7c478bd9Sstevel@tonic-gate #endif 64*7c478bd9Sstevel@tonic-gate 65*7c478bd9Sstevel@tonic-gate mutex_lock(&krb5_mutex); 66*7c478bd9Sstevel@tonic-gate 67*7c478bd9Sstevel@tonic-gate context = ctx; 68*7c478bd9Sstevel@tonic-gate status = kg_seal(context, minor_status, context_handle, 0, 69*7c478bd9Sstevel@tonic-gate qop_req, message_buffer, NULL, 70*7c478bd9Sstevel@tonic-gate message_token, KG_TOK_SIGN_MSG); 71*7c478bd9Sstevel@tonic-gate mutex_unlock(&krb5_mutex); 72*7c478bd9Sstevel@tonic-gate return(status); 73*7c478bd9Sstevel@tonic-gate } 74*7c478bd9Sstevel@tonic-gate 75*7c478bd9Sstevel@tonic-gate /* V2 interface */ 76*7c478bd9Sstevel@tonic-gate OM_uint32 77*7c478bd9Sstevel@tonic-gate krb5_gss_get_mic(ctx, minor_status, context_handle, qop_req, 78*7c478bd9Sstevel@tonic-gate message_buffer, message_token) 79*7c478bd9Sstevel@tonic-gate void *ctx; 80*7c478bd9Sstevel@tonic-gate OM_uint32 *minor_status; 81*7c478bd9Sstevel@tonic-gate gss_ctx_id_t context_handle; 82*7c478bd9Sstevel@tonic-gate gss_qop_t qop_req; 83*7c478bd9Sstevel@tonic-gate gss_buffer_t message_buffer; 84*7c478bd9Sstevel@tonic-gate gss_buffer_t message_token; 85*7c478bd9Sstevel@tonic-gate { 86*7c478bd9Sstevel@tonic-gate krb5_context context; 87*7c478bd9Sstevel@tonic-gate OM_uint32 status; 88*7c478bd9Sstevel@tonic-gate 89*7c478bd9Sstevel@tonic-gate /* Solaris Kerberos: for MT safety, we avoid the use of a default 90*7c478bd9Sstevel@tonic-gate * context via kg_get_context() */ 91*7c478bd9Sstevel@tonic-gate #if 0 92*7c478bd9Sstevel@tonic-gate if (GSS_ERROR(kg_get_context(minor_status, &context))) 93*7c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 94*7c478bd9Sstevel@tonic-gate #endif 95*7c478bd9Sstevel@tonic-gate 96*7c478bd9Sstevel@tonic-gate mutex_lock(&krb5_mutex); 97*7c478bd9Sstevel@tonic-gate 98*7c478bd9Sstevel@tonic-gate context = ctx; 99*7c478bd9Sstevel@tonic-gate 100*7c478bd9Sstevel@tonic-gate status = kg_seal(context, minor_status, context_handle, 0, 101*7c478bd9Sstevel@tonic-gate (int) qop_req, message_buffer, NULL, 102*7c478bd9Sstevel@tonic-gate message_token, KG_TOK_MIC_MSG); 103*7c478bd9Sstevel@tonic-gate mutex_unlock(&krb5_mutex); 104*7c478bd9Sstevel@tonic-gate return(status); 105*7c478bd9Sstevel@tonic-gate } 106