2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
4 * Copyright (c) 2008 Doug Rabson
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 #include <sys/queue.h>
38 #include <rpc/rpcsec_gss.h>
40 #include "rpcsec_gss_int.h"
42 #ifndef _PATH_GSS_MECH
43 #define _PATH_GSS_MECH "/etc/gss/mech"
47 #define _PATH_GSS_QOP "/etc/gss/qop"
51 SLIST_ENTRY(mech_info) link;
58 SLIST_HEAD(mech_info_list, mech_info);
60 static struct mech_info_list mechs = SLIST_HEAD_INITIALIZER(mechs);
61 static const char **mech_names;
64 SLIST_ENTRY(qop_info) link;
69 SLIST_HEAD(qop_info_list, qop_info);
71 static struct qop_info_list qops = SLIST_HEAD_INITIALIZER(qops);
74 _rpc_gss_string_to_oid(const char* s, gss_OID oid)
76 int number_count, i, j;
82 * First figure out how many numbers in the oid, then
83 * calculate the compiled oid size.
86 for (p = s; p; p = q) {
93 * The first two numbers are in the first byte and each
94 * subsequent number is encoded in a variable byte sequence.
100 * We do this in two passes. The first pass, we just figure
101 * out the size. Second time around, we actually encode the
105 for (i = 0; i < 2; i++) {
107 for (p = s, j = 0; p; p = q, j++) {
111 * Find the end of this number.
117 * Read the number of of the string. Don't
118 * bother with anything except base ten.
120 while (*p && *p != '.') {
121 number = 10 * number + (*p - '0');
126 * Encode the number. The first two numbers
127 * are packed into the first byte. Subsequent
128 * numbers are encoded in bytes seven bits at
129 * a time with the last byte having the high
143 * The number is encoded in seven bit chunks.
149 for (t = number; t; t >>= 7)
151 if (bytes == 0) bytes = 1;
154 int bit = 7*(bytes-1);
156 *res = (number >> bit) & 0x7f;
167 res = malloc(byte_count);
170 oid->length = byte_count;
179 _rpc_gss_load_mech(void)
184 char *name, *oid, *lib, *kobj;
185 struct mech_info *info;
189 if (SLIST_FIRST(&mechs))
192 fp = fopen(_PATH_GSS_MECH, "r");
197 while (fgets(buf, sizeof(buf), fp)) {
201 name = strsep(&p, "\t\n ");
202 if (p) while (isspace(*p)) p++;
203 oid = strsep(&p, "\t\n ");
204 if (p) while (isspace(*p)) p++;
205 lib = strsep(&p, "\t\n ");
206 if (p) while (isspace(*p)) p++;
207 kobj = strsep(&p, "\t\n ");
208 if (!name || !oid || !lib || !kobj)
211 info = malloc(sizeof(struct mech_info));
214 if (_rpc_gss_string_to_oid(oid, &info->oid)) {
218 info->name = strdup(name);
220 info->lib = strdup(lib);
221 info->kobj = strdup(kobj);
222 SLIST_INSERT_HEAD(&mechs, info, link);
227 mech_names = malloc((count + 1) * sizeof(char*));
229 SLIST_FOREACH(info, &mechs, link) {
236 _rpc_gss_load_qop(void)
241 char *name, *num, *mech;
242 struct mech_info *minfo;
243 struct qop_info *info;
245 const char **mech_qops;
248 if (SLIST_FIRST(&qops))
251 fp = fopen(_PATH_GSS_QOP, "r");
255 while (fgets(buf, sizeof(buf), fp)) {
259 name = strsep(&p, "\t\n ");
260 if (p) while (isspace(*p)) p++;
261 num = strsep(&p, "\t\n ");
262 if (p) while (isspace(*p)) p++;
263 mech = strsep(&p, "\t\n ");
264 if (!name || !num || !mech)
267 info = malloc(sizeof(struct qop_info));
270 info->name = strdup(name);
271 info->qop = strtoul(name, 0, 0);
272 info->mech = strdup(mech);
273 SLIST_INSERT_HEAD(&qops, info, link);
278 * Compile lists of qops for each mechanism.
280 SLIST_FOREACH(minfo, &mechs, link) {
282 SLIST_FOREACH(info, &qops, link) {
283 if (strcmp(info->mech, minfo->name) == 0)
286 mech_qops = malloc((count + 1) * sizeof(char*));
288 SLIST_FOREACH(info, &qops, link) {
289 if (strcmp(info->mech, minfo->name) == 0)
293 minfo->qops = mech_qops;
298 rpc_gss_mech_to_oid(const char *mech, gss_OID *oid_ret)
300 struct mech_info *info;
302 _rpc_gss_load_mech();
303 SLIST_FOREACH(info, &mechs, link) {
304 if (!strcmp(info->name, mech)) {
305 *oid_ret = &info->oid;
309 _rpc_gss_set_error(RPC_GSS_ER_SYSTEMERROR, ENOENT);
314 rpc_gss_oid_to_mech(gss_OID oid, const char **mech_ret)
316 struct mech_info *info;
318 _rpc_gss_load_mech();
319 SLIST_FOREACH(info, &mechs, link) {
320 if (oid->length == info->oid.length
321 && !memcmp(oid->elements, info->oid.elements,
323 *mech_ret = info->name;
327 _rpc_gss_set_error(RPC_GSS_ER_SYSTEMERROR, ENOENT);
332 rpc_gss_qop_to_num(const char *qop, const char *mech, u_int *num_ret)
334 struct qop_info *info;
337 SLIST_FOREACH(info, &qops, link) {
338 if (strcmp(info->name, qop) == 0
339 && strcmp(info->mech, mech) == 0) {
340 *num_ret = info->qop;
344 _rpc_gss_set_error(RPC_GSS_ER_SYSTEMERROR, ENOENT);
349 _rpc_gss_num_to_qop(const char *mech, u_int num)
351 struct qop_info *info;
353 if (num == GSS_C_QOP_DEFAULT)
357 SLIST_FOREACH(info, &qops, link) {
358 if (info->qop == num && strcmp(info->mech, mech) == 0) {
366 rpc_gss_get_mechanisms(void)
369 _rpc_gss_load_mech();
374 rpc_gss_get_mech_info(const char *mech, rpc_gss_service_t *service)
376 struct mech_info *info;
378 _rpc_gss_load_mech();
380 SLIST_FOREACH(info, &mechs, link) {
381 if (!strcmp(mech, info->name)) {
383 * I'm not sure what to do with service
384 * here. The Solaris manpages are not clear on
385 * the subject and the OpenSolaris code just
386 * sets it to rpc_gss_svc_privacy
387 * unconditionally with a comment noting that
390 *service = rpc_gss_svc_privacy;
395 _rpc_gss_set_error(RPC_GSS_ER_SYSTEMERROR, ENOENT);
400 rpc_gss_get_versions(u_int *vers_hi, u_int *vers_lo)
409 rpc_gss_is_installed(const char *mech)
411 struct mech_info *info;
413 _rpc_gss_load_mech();
414 SLIST_FOREACH(info, &mechs, link)
415 if (!strcmp(mech, info->name))