1 /* 2 * Copyright 2001-2002 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6 #pragma ident "%Z%%M% %I% %E% SMI" 7 8 /* 9 * Copyright 1993 by OpenVision Technologies, Inc. 10 * 11 * Permission to use, copy, modify, distribute, and sell this software 12 * and its documentation for any purpose is hereby granted without fee, 13 * provided that the above copyright notice appears in all copies and 14 * that both that copyright notice and this permission notice appear in 15 * supporting documentation, and that the name of OpenVision not be used 16 * in advertising or publicity pertaining to distribution of the software 17 * without specific, written prior permission. OpenVision makes no 18 * representations about the suitability of this software for any 19 * purpose. It is provided "as is" without express or implied warranty. 20 * 21 * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, 22 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO 23 * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR 24 * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF 25 * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR 26 * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 27 * PERFORMANCE OF THIS SOFTWARE. 28 */ 29 30 #include <gssapiP_krb5.h> 31 32 /* 33 * $Id: verify.c,v 1.11 1996/07/22 20:34:45 marc Exp $ 34 */ 35 /*ARGSUSED*/ 36 OM_uint32 37 krb5_gss_verify(ctx, minor_status, context_handle, 38 message_buffer, token_buffer, 39 qop_state 40 #ifdef _KERNEL 41 , gssd_ctx_verifier 42 #endif 43 ) 44 void *ctx; 45 OM_uint32 *minor_status; 46 gss_ctx_id_t context_handle; 47 gss_buffer_t message_buffer; 48 gss_buffer_t token_buffer; 49 int *qop_state; 50 #ifdef _KERNEL 51 OM_uint32 gssd_ctx_verifier; 52 #endif 53 { 54 krb5_context context; 55 OM_uint32 status; 56 57 /* Solaris Kerberos: for MT safety, we avoid the use of a default 58 * context via kg_get_context() */ 59 #if 0 60 if (GSS_ERROR(kg_get_context(minor_status, &context))) 61 return(GSS_S_FAILURE); 62 #endif 63 64 mutex_lock(&krb5_mutex); 65 context = ctx; 66 67 status = kg_unseal(context, minor_status, context_handle, 68 token_buffer, message_buffer, 69 NULL, qop_state, KG_TOK_SIGN_MSG); 70 mutex_unlock(&krb5_mutex); 71 return(status); 72 } 73 74 /* V2 interface */ 75 OM_uint32 76 krb5_gss_verify_mic(ctx, minor_status, context_handle, 77 message_buffer, token_buffer, 78 qop_state) 79 void *ctx; 80 OM_uint32 *minor_status; 81 gss_ctx_id_t context_handle; 82 gss_buffer_t message_buffer; 83 gss_buffer_t token_buffer; 84 gss_qop_t *qop_state; 85 { 86 krb5_context context; 87 OM_uint32 rstat; 88 int qstate; 89 90 /* Solaris Kerberos: for MT safety, we avoid the use of a default 91 * context via kg_get_context() */ 92 #if 0 93 if (GSS_ERROR(kg_get_context(minor_status, &context))) 94 return(GSS_S_FAILURE); 95 #endif 96 97 mutex_lock(&krb5_mutex); 98 context = ctx; 99 100 rstat = kg_unseal(context, minor_status, context_handle, 101 token_buffer, message_buffer, 102 NULL, &qstate, KG_TOK_MIC_MSG); 103 if (!rstat && qop_state) 104 *qop_state = (gss_qop_t) qstate; 105 mutex_unlock(&krb5_mutex); 106 return(rstat); 107 } 108