nfs-ganesha: context_spkm3.c Source File

nfs-ganesha 1.4
00001 /*
00002   Copyright (c) 2004 The Regents of the University of Michigan.
00003   All rights reserved.
00004 
00005   Redistribution and use in source and binary forms, with or without
00006   modification, are permitted provided that the following conditions
00007   are met:
00008 
00009   1. Redistributions of source code must retain the above copyright
00010      notice, this list of conditions and the following disclaimer.
00011   2. Redistributions in binary form must reproduce the above copyright
00012      notice, this list of conditions and the following disclaimer in the
00013      documentation and/or other materials provided with the distribution.
00014   3. Neither the name of the University nor the names of its
00015      contributors may be used to endorse or promote products derived
00016      from this software without specific prior written permission.
00017 
00018   THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
00019   WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
00020   MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
00021   DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
00022   FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
00023   CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
00024   SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
00025   BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
00026   LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
00027   NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
00028   SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
00029 */
00030 
00031 #ifdef HAVE_CONFIG_H
00032 #include <config.h>
00033 #endif  /* HAVE_CONFIG_H */
00034 
00035 #include <stdio.h>
00036 #include <syslog.h>
00037 #include <string.h>
00038 #include <gssapi/gssapi.h>
00039 #include <rpc/rpc.h>
00040 #include <rpc/auth_gss.h>
00041 #include "gss_util.h"
00042 #include "gss_oids.h"
00043 #include "err_util.h"
00044 #include "context.h"
00045 
00046 #ifdef HAVE_SPKM3_H
00047 
00048 #include <spkm3.h>
00049 
00050 /*
00051  * Function: prepare_spkm3_ctx_buffer()
00052  *
00053  * Prepare spkm3 lucid context for the kernel
00054  *
00055  *      buf->length should be:
00056  *
00057  *      version 4
00058  *      ctx_id 4 + 12
00059  *      qop 4
00060  *      mech_used 4 + 7
00061  *      ret_fl  4
00062  *      req_fl  4
00063  *      share   4 + key_len
00064  *      conf_alg 4 + oid_len
00065  *      d_conf_key 4 + key_len
00066  *      intg_alg 4 + oid_len
00067  *      d_intg_key 4 + key_len
00068  *      kyestb 4 + oid_len
00069  *      owl alg 4 + oid_len
00070 */
00071 static int
00072 prepare_spkm3_ctx_buffer(gss_spkm3_lucid_ctx_t *lctx, gss_buffer_desc *buf)
00073 {
00074         char *p, *end;
00075         unsigned int buf_size = 0;
00076 
00077         buf_size = sizeof(lctx->version) +
00078                 lctx->ctx_id.length + sizeof(lctx->ctx_id.length) +
00079                 sizeof(lctx->endtime) +
00080                 sizeof(lctx->mech_used.length) + lctx->mech_used.length +
00081                 sizeof(lctx->ret_flags) +
00082                 sizeof(lctx->conf_alg.length) + lctx->conf_alg.length +
00083                 sizeof(lctx->derived_conf_key.length) +
00084                 lctx->derived_conf_key.length +
00085                 sizeof(lctx->intg_alg.length) + lctx->intg_alg.length +
00086                 sizeof(lctx->derived_integ_key.length) +
00087                 lctx->derived_integ_key.length;
00088 
00089         if (!(buf->value = calloc(1, buf_size)))
00090                 goto out_err;
00091         p = buf->value;
00092         end = buf->value + buf_size;
00093 
00094         if (WRITE_BYTES(&p, end, lctx->version))
00095                 goto out_err;
00096         printerr(2, "DEBUG: exporting version = %d\n", lctx->version);
00097 
00098         if (write_buffer(&p, end, &lctx->ctx_id))
00099                 goto out_err;
00100         printerr(2, "DEBUG: exporting ctx_id(%d)\n", lctx->ctx_id.length);
00101 
00102         if (WRITE_BYTES(&p, end, lctx->endtime))
00103                 goto out_err;
00104         printerr(2, "DEBUG: exporting endtime = %d\n", lctx->endtime);
00105 
00106         if (write_buffer(&p, end, &lctx->mech_used))
00107                 goto out_err;
00108         printerr(2, "DEBUG: exporting mech oid (%d)\n", lctx->mech_used.length);
00109 
00110         if (WRITE_BYTES(&p, end, lctx->ret_flags))
00111                 goto out_err;
00112         printerr(2, "DEBUG: exporting ret_flags = %d\n", lctx->ret_flags);
00113 
00114         if (write_buffer(&p, end, &lctx->conf_alg))
00115                 goto out_err;
00116         printerr(2, "DEBUG: exporting conf_alg oid (%d)\n", lctx->conf_alg.length);
00117 
00118         if (write_buffer(&p, end, &lctx->derived_conf_key))
00119                 goto out_err;
00120         printerr(2, "DEBUG: exporting conf key (%d)\n", lctx->derived_conf_key.length);
00121 
00122         if (write_buffer(&p, end, &lctx->intg_alg))
00123                 goto out_err;
00124         printerr(2, "DEBUG: exporting intg_alg oid (%d)\n", lctx->intg_alg.length);
00125 
00126         if (write_buffer(&p, end, &lctx->derived_integ_key))
00127                 goto out_err;
00128         printerr(2, "DEBUG: exporting intg key (%d)\n", lctx->derived_integ_key.length);
00129 
00130         buf->length = p - (char *)buf->value;
00131         return 0;
00132 out_err:
00133         printerr(0, "ERROR: failed serializing spkm3 context for kernel\n");
00134         if (buf->value) free(buf->value);
00135         buf->length = 0;
00136 
00137         return -1;
00138 }
00139 
00140 /* ANDROS: need to determine which fields of the spkm3_gss_ctx_id_desc_t
00141  * are needed in the kernel for get_mic, validate, wrap, unwrap, and destroy
00142  * and only export those fields to the kernel.
00143  */
00144 int
00145 serialize_spkm3_ctx(gss_ctx_id_t ctx, gss_buffer_desc *buf, int32_t *endtime)
00146 {
00147         OM_uint32 vers, ret, maj_stat, min_stat;
00148         void *ret_ctx = 0;
00149         gss_spkm3_lucid_ctx_t     *lctx;
00150 
00151         printerr(1, "serialize_spkm3_ctx called\n");
00152 
00153         printerr(2, "DEBUG: serialize_spkm3_ctx: lucid version!\n");
00154         maj_stat = gss_export_lucid_sec_context(&min_stat, &ctx, 1, &ret_ctx);
00155         if (maj_stat != GSS_S_COMPLETE)
00156                 goto out_err;
00157 
00158         lctx = (gss_spkm3_lucid_ctx_t *)ret_ctx;
00159 
00160         vers = lctx->version;
00161         if (vers != 1) {
00162                 printerr(0, "ERROR: unsupported spkm3 context version %d\n",
00163                         vers);
00164                 goto out_err;
00165         }
00166         ret = prepare_spkm3_ctx_buffer(lctx, buf);
00167 
00168         if (endtime)
00169                 *endtime = lctx->endtime;
00170 
00171         maj_stat = gss_free_lucid_sec_context(&min_stat, ctx, ret_ctx);
00172 
00173         if (maj_stat != GSS_S_COMPLETE)
00174                 printerr(0, "WARN: failed to free lucid sec context\n");
00175         if (ret)
00176                 goto out_err;
00177         printerr(2, "DEBUG: serialize_spkm3_ctx: success\n");
00178         return 0;
00179 
00180 out_err:
00181         printerr(2, "DEBUG: serialize_spkm3_ctx: failed\n");
00182         return -1;
00183 }
00184 #endif /* HAVE_SPKM3_H */