1 /* 2 * Copyright 2002 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6 #pragma ident "%Z%%M% %I% %E% SMI" 7 8 /* 9 * /usr/src/lib/gss_mechs/mech_krb5/mech/copy_ccache.c 10 */ 11 12 #include <gssapiP_krb5.h> 13 14 GSS_DLLIMP OM_uint32 KRB5_CALLCONV 15 gss_krb5_copy_ccache(ctx, minor_status, cred_handle, out_ccache) 16 void *ctx; 17 OM_uint32 *minor_status; 18 gss_cred_id_t cred_handle; 19 krb5_ccache out_ccache; 20 { 21 OM_uint32 major_status; 22 krb5_gss_cred_id_t k5creds; 23 krb5_cc_cursor cursor; 24 krb5_creds creds; 25 krb5_error_code code; 26 krb5_context context = ctx; 27 28 mutex_lock(&krb5_mutex); 29 30 *minor_status = 0; 31 32 /* validate the cred handle */ 33 major_status = krb5_gss_validate_cred_no_lock(context, minor_status, 34 cred_handle); 35 if (major_status) 36 goto unlock; 37 38 k5creds = (krb5_gss_cred_id_t) cred_handle; 39 if (k5creds->usage == GSS_C_ACCEPT) { 40 *minor_status = (OM_uint32) G_BAD_USAGE; 41 major_status = GSS_S_FAILURE; 42 goto unlock; 43 } 44 45 /* Solaris Kerberos: for MT safety, we avoid the use of a default 46 * context via kg_get_context() */ 47 #if 0 48 if (GSS_ERROR(kg_get_context(minor_status, &context))) 49 return (GSS_S_FAILURE); 50 #endif 51 52 code = krb5_cc_start_seq_get(context, k5creds->ccache, &cursor); 53 if (code) { 54 *minor_status = code; 55 major_status = GSS_S_FAILURE; 56 goto unlock; 57 } 58 while (!code && !krb5_cc_next_cred(context, k5creds->ccache, &cursor, &creds)) 59 code = krb5_cc_store_cred(context, out_ccache, &creds); 60 krb5_cc_end_seq_get(context, k5creds->ccache, &cursor); 61 62 if (code) { 63 *minor_status = code; 64 major_status = GSS_S_FAILURE; 65 goto unlock; 66 } else { 67 *minor_status = 0; 68 major_status = GSS_S_COMPLETE; 69 goto unlock; 70 } 71 72 unlock: 73 mutex_unlock(&krb5_mutex); 74 return(major_status); 75 } 76