/*
* set hashed vendor id.
* hash function is always MD5.
*/
vchar_t *
set_vendorid(int vendorid)
{
struct vendor_id *current;
vchar_t vid, *new;
if (vendorid == VENDORID_UNKNOWN) {
/*
* The default unknown ID gets translated to
* KAME/racoon.
*/
vendorid = VENDORID_KAME;
}
current = lookup_vendor_id_by_id(vendorid);
if (current == NULL) {
plog(LLV_ERROR, LOCATION, NULL,
"invalid vendor ID index: %d\n", vendorid);
return (NULL);
}
/* The rest of racoon expects a private copy
* of the VID that could be free'd after use.
* That's why we don't return the original pointer. */
return vdup(current->hash);
}
vchar_t *
gssapi_get_id(struct ph1handle *iph1)
{
gss_buffer_desc id_buffer;
gss_buffer_t id = &id_buffer;
gss_name_t defname, canon_name;
OM_uint32 min_stat, maj_stat;
vchar_t *vmbuf;
if (iph1->rmconf->proposal->gssid != NULL)
return (vdup(iph1->rmconf->proposal->gssid));
if (gssapi_get_default_name(iph1, 0, &defname) < 0)
return NULL;
maj_stat = gss_canonicalize_name(&min_stat, defname, GSS_C_NO_OID,
&canon_name);
if (GSS_ERROR(maj_stat)) {
gssapi_error(min_stat, LOCATION, "canonicalize name\n");
maj_stat = gss_release_name(&min_stat, &defname);
if (GSS_ERROR(maj_stat))
gssapi_error(min_stat, LOCATION,
"release default name\n");
return NULL;
}
maj_stat = gss_release_name(&min_stat, &defname);
if (GSS_ERROR(maj_stat))
gssapi_error(min_stat, LOCATION, "release default name\n");
maj_stat = gss_export_name(&min_stat, canon_name, id);
if (GSS_ERROR(maj_stat)) {
gssapi_error(min_stat, LOCATION, "export name\n");
maj_stat = gss_release_name(&min_stat, &canon_name);
if (GSS_ERROR(maj_stat))
gssapi_error(min_stat, LOCATION,
"release canonical name\n");
return NULL;
}
maj_stat = gss_release_name(&min_stat, &canon_name);
if (GSS_ERROR(maj_stat))
gssapi_error(min_stat, LOCATION, "release canonical name\n");
#if 0
/*
* XXXJRT Did this debug message ever work? This is a GSS name
* blob at this point.
*/
plog(LLV_DEBUG, LOCATION, NULL, "will try to acquire '%.*s' creds\n",
id->length, id->value);
#endif
if (gssapi_gss2vmbuf(id, &vmbuf) < 0) {
plog(LLV_ERROR, LOCATION, NULL, "gss2vmbuf failed\n");
maj_stat = gss_release_buffer(&min_stat, id);
if (GSS_ERROR(maj_stat))
gssapi_error(min_stat, LOCATION, "release id buffer\n");
return NULL;
}
maj_stat = gss_release_buffer(&min_stat, id);
if (GSS_ERROR(maj_stat))
gssapi_error(min_stat, LOCATION, "release id buffer\n");
return vmbuf;
}
