Line data    Source code

       1             : /*
       2             :  * Copyright (c) 2011, PADL Software Pty Ltd.
       3             :  * All rights reserved.
       4             :  *
       5             :  * Redistribution and use in source and binary forms, with or without
       6             :  * modification, are permitted provided that the following conditions
       7             :  * are met:
       8             :  *
       9             :  * 1. Redistributions of source code must retain the above copyright
      10             :  *    notice, this list of conditions and the following disclaimer.
      11             :  *
      12             :  * 2. Redistributions in binary form must reproduce the above copyright
      13             :  *    notice, this list of conditions and the following disclaimer in the
      14             :  *    documentation and/or other materials provided with the distribution.
      15             :  *
      16             :  * 3. Neither the name of PADL Software nor the names of its contributors
      17             :  *    may be used to endorse or promote products derived from this software
      18             :  *    without specific prior written permission.
      19             :  *
      20             :  * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND
      21             :  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
      22             :  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
      23             :  * ARE DISCLAIMED.  IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE
      24             :  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
      25             :  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
      26             :  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
      27             :  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
      28             :  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
      29             :  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
      30             :  * SUCH DAMAGE.
      31             :  */
      32             : 
      33             : #include "gsskrb5_locl.h"
      34             : 
      35             : OM_uint32 GSSAPI_CALLCONV
      36           0 : _gsskrb5_authorize_localname(OM_uint32 *minor_status,
      37             :                              gss_const_name_t input_name,
      38             :                              gss_const_buffer_t user_name,
      39             :                              gss_const_OID user_name_type)
      40             : {
      41             :     krb5_context context;
      42           0 :     krb5_principal princ = (krb5_principal)input_name;
      43             :     char *user;
      44             :     int user_ok;
      45             : 
      46           0 :     if (!gss_oid_equal(user_name_type, GSS_C_NT_USER_NAME))
      47           0 :         return GSS_S_BAD_NAMETYPE;
      48             : 
      49           0 :     GSSAPI_KRB5_INIT(&context);
      50             : 
      51           0 :     user = malloc(user_name->length + 1);
      52           0 :     if (user == NULL) {
      53           0 :         *minor_status = ENOMEM;
      54           0 :         return GSS_S_FAILURE;
      55             :     }
      56             : 
      57           0 :     memcpy(user, user_name->value, user_name->length);
      58           0 :     user[user_name->length] = '\0';
      59             : 
      60           0 :     *minor_status = 0;
      61           0 :     user_ok = krb5_kuserok(context, princ, user);
      62             : 
      63           0 :     free(user);
      64             : 
      65           0 :     return user_ok ? GSS_S_COMPLETE : GSS_S_UNAUTHORIZED;
      66             : }