17c478bd9Sstevel@tonic-gate /*
2*159d09a2SMark Phalan  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
37c478bd9Sstevel@tonic-gate  * Use is subject to license terms.
47c478bd9Sstevel@tonic-gate  */
57c478bd9Sstevel@tonic-gate 
67c478bd9Sstevel@tonic-gate 
77c478bd9Sstevel@tonic-gate /*
87c478bd9Sstevel@tonic-gate  * Copyright 1993 by OpenVision Technologies, Inc.
97c478bd9Sstevel@tonic-gate  *
107c478bd9Sstevel@tonic-gate  * Permission to use, copy, modify, distribute, and sell this software
117c478bd9Sstevel@tonic-gate  * and its documentation for any purpose is hereby granted without fee,
127c478bd9Sstevel@tonic-gate  * provided that the above copyright notice appears in all copies and
137c478bd9Sstevel@tonic-gate  * that both that copyright notice and this permission notice appear in
147c478bd9Sstevel@tonic-gate  * supporting documentation, and that the name of OpenVision not be used
157c478bd9Sstevel@tonic-gate  * in advertising or publicity pertaining to distribution of the software
167c478bd9Sstevel@tonic-gate  * without specific, written prior permission. OpenVision makes no
177c478bd9Sstevel@tonic-gate  * representations about the suitability of this software for any
187c478bd9Sstevel@tonic-gate  * purpose.  It is provided "as is" without express or implied warranty.
197c478bd9Sstevel@tonic-gate  *
207c478bd9Sstevel@tonic-gate  * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
217c478bd9Sstevel@tonic-gate  * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
227c478bd9Sstevel@tonic-gate  * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR
237c478bd9Sstevel@tonic-gate  * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
247c478bd9Sstevel@tonic-gate  * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
257c478bd9Sstevel@tonic-gate  * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
267c478bd9Sstevel@tonic-gate  * PERFORMANCE OF THIS SOFTWARE.
277c478bd9Sstevel@tonic-gate  */
287c478bd9Sstevel@tonic-gate 
297c478bd9Sstevel@tonic-gate /*
30*159d09a2SMark Phalan  * $Id: util_validate.c 18721 2006-10-16 16:18:29Z epeisach $
317c478bd9Sstevel@tonic-gate  */
327c478bd9Sstevel@tonic-gate 
337c478bd9Sstevel@tonic-gate /*
347c478bd9Sstevel@tonic-gate  * functions to validate name, credential, and context handles
357c478bd9Sstevel@tonic-gate  */
367c478bd9Sstevel@tonic-gate 
37ab9b2e15Sgtb #include "gssapiP_generic.h"
38ab9b2e15Sgtb #ifndef	_KERNEL
39ab9b2e15Sgtb #include "gss_libinit.h"
40ab9b2e15Sgtb #endif
417c478bd9Sstevel@tonic-gate 
427c478bd9Sstevel@tonic-gate #ifdef HAVE_SYS_TYPES_H
437c478bd9Sstevel@tonic-gate #include <sys/types.h>
447c478bd9Sstevel@tonic-gate #endif
457c478bd9Sstevel@tonic-gate 
467c478bd9Sstevel@tonic-gate #ifdef	_KERNEL
477c478bd9Sstevel@tonic-gate #include <sys/fcntl.h>
487c478bd9Sstevel@tonic-gate #else
497c478bd9Sstevel@tonic-gate #include <fcntl.h>
507c478bd9Sstevel@tonic-gate #include <limits.h>
517c478bd9Sstevel@tonic-gate #endif
527c478bd9Sstevel@tonic-gate 
537c478bd9Sstevel@tonic-gate #ifdef HAVE_BSD_DB
547c478bd9Sstevel@tonic-gate #include <sys/file.h>
557c478bd9Sstevel@tonic-gate #include <db.h>
567c478bd9Sstevel@tonic-gate 
577c478bd9Sstevel@tonic-gate static const int one = 1;
587c478bd9Sstevel@tonic-gate static const DBT dbtone = { (void *) &one, sizeof(one) };
597c478bd9Sstevel@tonic-gate 
607c478bd9Sstevel@tonic-gate typedef struct _vkey {
617c478bd9Sstevel@tonic-gate    int type;
627c478bd9Sstevel@tonic-gate    void *ptr;
637c478bd9Sstevel@tonic-gate } vkey;
647c478bd9Sstevel@tonic-gate #endif
657c478bd9Sstevel@tonic-gate 
667c478bd9Sstevel@tonic-gate #define V_NAME		1
677c478bd9Sstevel@tonic-gate #define V_CRED_ID	2
687c478bd9Sstevel@tonic-gate #define V_CTX_ID	3
69ab9b2e15Sgtb #define V_LCTX_ID	4
70ab9b2e15Sgtb 
71ab9b2e15Sgtb /* SUNW15resync
72ab9b2e15Sgtb    beware some of the uses below of type look dubious but seem
73ab9b2e15Sgtb    to have been working in Solaris for a long time */
747c478bd9Sstevel@tonic-gate 
757c478bd9Sstevel@tonic-gate /* All these functions return 0 on failure, and non-zero on success */
767c478bd9Sstevel@tonic-gate 
g_save(db,type,ptr)777c478bd9Sstevel@tonic-gate static int g_save(db, type, ptr)
78ab9b2e15Sgtb      g_set *db;
797c478bd9Sstevel@tonic-gate      int type;
807c478bd9Sstevel@tonic-gate      void *ptr;
817c478bd9Sstevel@tonic-gate {
82ab9b2e15Sgtb    int ret;
837c478bd9Sstevel@tonic-gate #ifdef HAVE_BSD_DB
84ab9b2e15Sgtb    DB **vdb;
857c478bd9Sstevel@tonic-gate    vkey vk;
867c478bd9Sstevel@tonic-gate    DBT key;
877c478bd9Sstevel@tonic-gate 
88ab9b2e15Sgtb #ifndef	_KERNEL
89ab9b2e15Sgtb    ret = gssint_initialize_library();
90ab9b2e15Sgtb    if (ret)
91ab9b2e15Sgtb        return 0;
92ab9b2e15Sgtb #endif
93ab9b2e15Sgtb    ret = k5_mutex_lock(&db->mutex);
94ab9b2e15Sgtb    if (ret)
95ab9b2e15Sgtb        return 0;
96ab9b2e15Sgtb 
97ab9b2e15Sgtb    vdb = (DB **) &db->data;
98ab9b2e15Sgtb 
997c478bd9Sstevel@tonic-gate    if (!*vdb)
1007c478bd9Sstevel@tonic-gate       *vdb = dbopen(NULL, O_CREAT|O_RDWR, O_CREAT|O_RDWR, DB_HASH, NULL);
1017c478bd9Sstevel@tonic-gate 
1027c478bd9Sstevel@tonic-gate    vk.type = type;
1037c478bd9Sstevel@tonic-gate    vk.ptr = ptr;
1047c478bd9Sstevel@tonic-gate 
1057c478bd9Sstevel@tonic-gate    key.data = &vk;
1067c478bd9Sstevel@tonic-gate    key.size = sizeof(vk);
1077c478bd9Sstevel@tonic-gate 
108ab9b2e15Sgtb    ret = ((*((*vdb)->put))(*vdb, &key, &dbtone, 0) == 0);
109ab9b2e15Sgtb    (void) k5_mutex_unlock(&db->mutex);
110ab9b2e15Sgtb    return ret;
1117c478bd9Sstevel@tonic-gate #else
112ab9b2e15Sgtb    g_set_elt *gs;
113ab9b2e15Sgtb 
114ab9b2e15Sgtb #ifndef _KERNEL
115ab9b2e15Sgtb    ret = gssint_initialize_library();
116ab9b2e15Sgtb    if (ret)
117ab9b2e15Sgtb        return 0;
118ab9b2e15Sgtb #endif
119ab9b2e15Sgtb    ret = k5_mutex_lock(&db->mutex);
120ab9b2e15Sgtb    if (ret)
121ab9b2e15Sgtb        return 0;
122ab9b2e15Sgtb 
123ab9b2e15Sgtb    gs = (g_set_elt *) &db->data;
1247c478bd9Sstevel@tonic-gate 
1257c478bd9Sstevel@tonic-gate    if (!*gs)
126ab9b2e15Sgtb       if (g_set_init(gs)) {
127ab9b2e15Sgtb 	 (void) k5_mutex_unlock(&db->mutex);
1287c478bd9Sstevel@tonic-gate 	 return(0);
129ab9b2e15Sgtb       }
130ab9b2e15Sgtb 
131ab9b2e15Sgtb    /* SUNW15resync */
132ab9b2e15Sgtb    ret = (g_set_entry_add(gs, ptr, (void *)(intptr_t)type) == 0);
133ab9b2e15Sgtb    (void) k5_mutex_unlock(&db->mutex);
134ab9b2e15Sgtb    return ret;
1357c478bd9Sstevel@tonic-gate #endif
1367c478bd9Sstevel@tonic-gate }
1377c478bd9Sstevel@tonic-gate 
g_validate(db,type,ptr)1387c478bd9Sstevel@tonic-gate static int g_validate(db, type, ptr)
139ab9b2e15Sgtb      g_set *db;
1407c478bd9Sstevel@tonic-gate      int type;
1417c478bd9Sstevel@tonic-gate      void *ptr;
1427c478bd9Sstevel@tonic-gate {
143ab9b2e15Sgtb    int ret;
1447c478bd9Sstevel@tonic-gate #ifdef HAVE_BSD_DB
145ab9b2e15Sgtb    DB **vdb;
1467c478bd9Sstevel@tonic-gate    vkey vk;
1477c478bd9Sstevel@tonic-gate    DBT key, value;
1487c478bd9Sstevel@tonic-gate 
149ab9b2e15Sgtb    ret = k5_mutex_lock(&db->mutex);
150ab9b2e15Sgtb    if (ret)
151ab9b2e15Sgtb        return 0;
152ab9b2e15Sgtb 
153ab9b2e15Sgtb    vdb = (DB **) &db->data;
154ab9b2e15Sgtb    if (!*vdb) {
155ab9b2e15Sgtb       (void) k5_mutex_unlock(&db->mutex);
1567c478bd9Sstevel@tonic-gate       return(0);
157ab9b2e15Sgtb    }
1587c478bd9Sstevel@tonic-gate 
1597c478bd9Sstevel@tonic-gate    vk.type = type;
1607c478bd9Sstevel@tonic-gate    vk.ptr = ptr;
1617c478bd9Sstevel@tonic-gate 
1627c478bd9Sstevel@tonic-gate    key.data = &vk;
1637c478bd9Sstevel@tonic-gate    key.size = sizeof(vk);
1647c478bd9Sstevel@tonic-gate 
165ab9b2e15Sgtb    if ((*((*vdb)->get))(*vdb, &key, &value, 0)) {
166ab9b2e15Sgtb       (void) k5_mutex_unlock(&db->mutex);
1677c478bd9Sstevel@tonic-gate       return(0);
168ab9b2e15Sgtb    }
1697c478bd9Sstevel@tonic-gate 
170ab9b2e15Sgtb    (void) k5_mutex_unlock(&db->mutex);
1717c478bd9Sstevel@tonic-gate    return((value.size == sizeof(one)) &&
1727c478bd9Sstevel@tonic-gate 	  (*((int *) value.data) == one));
1737c478bd9Sstevel@tonic-gate #else
174ab9b2e15Sgtb    g_set_elt *gs;
1757c478bd9Sstevel@tonic-gate    void *value;
1767c478bd9Sstevel@tonic-gate 
177ab9b2e15Sgtb    ret = k5_mutex_lock(&db->mutex);
178ab9b2e15Sgtb    if (ret)
179ab9b2e15Sgtb        return 0;
1807c478bd9Sstevel@tonic-gate 
181ab9b2e15Sgtb    gs = (g_set_elt *) &db->data;
182ab9b2e15Sgtb    if (!*gs) {
183ab9b2e15Sgtb       (void) k5_mutex_unlock(&db->mutex);
1847c478bd9Sstevel@tonic-gate       return(0);
185ab9b2e15Sgtb    }
1867c478bd9Sstevel@tonic-gate 
187ab9b2e15Sgtb    if (g_set_entry_get(gs, ptr, (void **) &value)) {
188ab9b2e15Sgtb       (void) k5_mutex_unlock(&db->mutex);
189ab9b2e15Sgtb       return(0);
190ab9b2e15Sgtb    }
191ab9b2e15Sgtb    (void) k5_mutex_unlock(&db->mutex);
192ab9b2e15Sgtb    return((intptr_t)value == (intptr_t)type); /* SUNW15resync */
1937c478bd9Sstevel@tonic-gate #endif
1947c478bd9Sstevel@tonic-gate }
1957c478bd9Sstevel@tonic-gate 
1967c478bd9Sstevel@tonic-gate /*ARGSUSED*/
g_delete(db,type,ptr)1977c478bd9Sstevel@tonic-gate static int g_delete(db, type, ptr)
198ab9b2e15Sgtb      g_set *db;
1997c478bd9Sstevel@tonic-gate      int type;
2007c478bd9Sstevel@tonic-gate      void *ptr;
2017c478bd9Sstevel@tonic-gate {
202ab9b2e15Sgtb    int ret;
2037c478bd9Sstevel@tonic-gate #ifdef HAVE_BSD_DB
204ab9b2e15Sgtb    DB **vdb;
2057c478bd9Sstevel@tonic-gate    vkey vk;
2067c478bd9Sstevel@tonic-gate    DBT key;
2077c478bd9Sstevel@tonic-gate 
208ab9b2e15Sgtb    ret = k5_mutex_lock(&db->mutex);
209ab9b2e15Sgtb    if (ret)
210ab9b2e15Sgtb        return 0;
211ab9b2e15Sgtb 
212ab9b2e15Sgtb    vdb = (DB **) &db->data;
213ab9b2e15Sgtb    if (!*vdb) {
214ab9b2e15Sgtb       (void) k5_mutex_unlock(&db->mutex);
2157c478bd9Sstevel@tonic-gate       return(0);
216ab9b2e15Sgtb    }
2177c478bd9Sstevel@tonic-gate 
2187c478bd9Sstevel@tonic-gate    vk.type = type;
2197c478bd9Sstevel@tonic-gate    vk.ptr = ptr;
2207c478bd9Sstevel@tonic-gate 
2217c478bd9Sstevel@tonic-gate    key.data = &vk;
2227c478bd9Sstevel@tonic-gate    key.size = sizeof(vk);
2237c478bd9Sstevel@tonic-gate 
224ab9b2e15Sgtb    ret = ((*((*vdb)->del))(*vdb, &key, 0) == 0);
225ab9b2e15Sgtb    (void) k5_mutex_unlock(&db->mutex);
226ab9b2e15Sgtb    return ret;
2277c478bd9Sstevel@tonic-gate #else
228ab9b2e15Sgtb    g_set_elt *gs;
2297c478bd9Sstevel@tonic-gate 
230ab9b2e15Sgtb    ret = k5_mutex_lock(&db->mutex);
231ab9b2e15Sgtb    if (ret)
232ab9b2e15Sgtb        return 0;
2337c478bd9Sstevel@tonic-gate 
234ab9b2e15Sgtb    gs = (g_set_elt *) &db->data;
235ab9b2e15Sgtb    if (!*gs) {
236ab9b2e15Sgtb       (void) k5_mutex_unlock(&db->mutex);
2377c478bd9Sstevel@tonic-gate       return(0);
238ab9b2e15Sgtb    }
2397c478bd9Sstevel@tonic-gate 
240ab9b2e15Sgtb    if (g_set_entry_delete(gs, ptr)) {
241ab9b2e15Sgtb       (void) k5_mutex_unlock(&db->mutex);
242ab9b2e15Sgtb       return(0);
243ab9b2e15Sgtb    }
244ab9b2e15Sgtb    (void) k5_mutex_unlock(&db->mutex);
2457c478bd9Sstevel@tonic-gate    return(1);
2467c478bd9Sstevel@tonic-gate #endif
2477c478bd9Sstevel@tonic-gate }
2487c478bd9Sstevel@tonic-gate 
2497c478bd9Sstevel@tonic-gate /* functions for each type */
2507c478bd9Sstevel@tonic-gate 
2517c478bd9Sstevel@tonic-gate /* save */
2527c478bd9Sstevel@tonic-gate 
g_save_name(vdb,name)2537c478bd9Sstevel@tonic-gate int g_save_name(vdb, name)
254ab9b2e15Sgtb      g_set *vdb;
2557c478bd9Sstevel@tonic-gate      gss_name_t name;
2567c478bd9Sstevel@tonic-gate {
2577c478bd9Sstevel@tonic-gate    return(g_save(vdb, V_NAME, (void *) name));
2587c478bd9Sstevel@tonic-gate }
g_save_cred_id(vdb,cred)2597c478bd9Sstevel@tonic-gate int g_save_cred_id(vdb, cred)
260ab9b2e15Sgtb      g_set *vdb;
2617c478bd9Sstevel@tonic-gate      gss_cred_id_t cred;
2627c478bd9Sstevel@tonic-gate {
2637c478bd9Sstevel@tonic-gate    return(g_save(vdb, V_CRED_ID, (void *) cred));
2647c478bd9Sstevel@tonic-gate }
g_save_ctx_id(vdb,ctx)2657c478bd9Sstevel@tonic-gate int g_save_ctx_id(vdb, ctx)
266ab9b2e15Sgtb      g_set *vdb;
2677c478bd9Sstevel@tonic-gate      gss_ctx_id_t ctx;
2687c478bd9Sstevel@tonic-gate {
2697c478bd9Sstevel@tonic-gate    return(g_save(vdb, V_CTX_ID, (void *) ctx));
2707c478bd9Sstevel@tonic-gate }
g_save_lucidctx_id(vdb,lctx)271ab9b2e15Sgtb int g_save_lucidctx_id(vdb, lctx)
272ab9b2e15Sgtb      g_set *vdb;
273ab9b2e15Sgtb      void *lctx;
274ab9b2e15Sgtb {
275ab9b2e15Sgtb    return(g_save(vdb, V_LCTX_ID, (void *) lctx));
276ab9b2e15Sgtb }
277ab9b2e15Sgtb 
2787c478bd9Sstevel@tonic-gate 
2797c478bd9Sstevel@tonic-gate /* validate */
2807c478bd9Sstevel@tonic-gate 
g_validate_name(vdb,name)2817c478bd9Sstevel@tonic-gate int g_validate_name(vdb, name)
282ab9b2e15Sgtb      g_set *vdb;
2837c478bd9Sstevel@tonic-gate      gss_name_t name;
2847c478bd9Sstevel@tonic-gate {
2857c478bd9Sstevel@tonic-gate    return(g_validate(vdb, V_NAME, (void *) name));
2867c478bd9Sstevel@tonic-gate }
g_validate_cred_id(vdb,cred)2877c478bd9Sstevel@tonic-gate int g_validate_cred_id(vdb, cred)
288ab9b2e15Sgtb      g_set *vdb;
2897c478bd9Sstevel@tonic-gate      gss_cred_id_t cred;
2907c478bd9Sstevel@tonic-gate {
2917c478bd9Sstevel@tonic-gate    return(g_validate(vdb, V_CRED_ID, (void *) cred));
2927c478bd9Sstevel@tonic-gate }
g_validate_ctx_id(vdb,ctx)2937c478bd9Sstevel@tonic-gate int g_validate_ctx_id(vdb, ctx)
294ab9b2e15Sgtb      g_set *vdb;
2957c478bd9Sstevel@tonic-gate      gss_ctx_id_t ctx;
2967c478bd9Sstevel@tonic-gate {
2977c478bd9Sstevel@tonic-gate    return(g_validate(vdb, V_CTX_ID, (void *) ctx));
2987c478bd9Sstevel@tonic-gate }
g_validate_lucidctx_id(vdb,lctx)299ab9b2e15Sgtb int g_validate_lucidctx_id(vdb, lctx)
300ab9b2e15Sgtb      g_set *vdb;
301ab9b2e15Sgtb      void *lctx;
302ab9b2e15Sgtb {
303ab9b2e15Sgtb    return(g_validate(vdb, V_LCTX_ID, (void *) lctx));
304ab9b2e15Sgtb }
3057c478bd9Sstevel@tonic-gate 
3067c478bd9Sstevel@tonic-gate /* delete */
3077c478bd9Sstevel@tonic-gate 
g_delete_name(vdb,name)3087c478bd9Sstevel@tonic-gate int g_delete_name(vdb, name)
309ab9b2e15Sgtb      g_set *vdb;
3107c478bd9Sstevel@tonic-gate      gss_name_t name;
3117c478bd9Sstevel@tonic-gate {
3127c478bd9Sstevel@tonic-gate    return(g_delete(vdb, V_NAME, (void *) name));
3137c478bd9Sstevel@tonic-gate }
g_delete_cred_id(vdb,cred)3147c478bd9Sstevel@tonic-gate int g_delete_cred_id(vdb, cred)
315ab9b2e15Sgtb      g_set *vdb;
3167c478bd9Sstevel@tonic-gate      gss_cred_id_t cred;
3177c478bd9Sstevel@tonic-gate {
3187c478bd9Sstevel@tonic-gate    return(g_delete(vdb, V_CRED_ID, (void *) cred));
3197c478bd9Sstevel@tonic-gate }
g_delete_ctx_id(vdb,ctx)3207c478bd9Sstevel@tonic-gate int g_delete_ctx_id(vdb, ctx)
321ab9b2e15Sgtb      g_set *vdb;
3227c478bd9Sstevel@tonic-gate      gss_ctx_id_t ctx;
3237c478bd9Sstevel@tonic-gate {
3247c478bd9Sstevel@tonic-gate    return(g_delete(vdb, V_CTX_ID, (void *) ctx));
3257c478bd9Sstevel@tonic-gate }
g_delete_lucidctx_id(vdb,lctx)326ab9b2e15Sgtb int g_delete_lucidctx_id(vdb, lctx)
327ab9b2e15Sgtb      g_set *vdb;
328ab9b2e15Sgtb      void *lctx;
329ab9b2e15Sgtb {
330ab9b2e15Sgtb    return(g_delete(vdb, V_LCTX_ID, (void *) lctx));
331ab9b2e15Sgtb }
3327c478bd9Sstevel@tonic-gate 
333