Пример #1
0
KHMEXP khm_int32 KHMAPI kcdb_buf_release(khm_handle record)
{
    if(kcdb_cred_is_active_cred(record))
        return kcdb_cred_release(record);
    else if(kcdb_is_active_identity(record))
        return kcdb_identity_release(record);
    else
        return KHM_ERROR_INVALID_PARAM;
}
Пример #2
0
KHMEXP khm_int32 KHMAPI kcdb_buf_set_attrib(
    khm_handle  record,
    const wchar_t *   attr_name,
    void *      buffer,
    khm_size    cbbuf)
{
    if(kcdb_cred_is_active_cred(record))
        return kcdb_cred_set_attrib(record, attr_name, buffer, cbbuf);
    else if(kcdb_is_active_identity(record))
        return kcdb_identity_set_attrib(record, attr_name, buffer, cbbuf);
    else
        return KHM_ERROR_INVALID_PARAM;
}
Пример #3
0
KHMEXP khm_int32 KHMAPI kcdb_buf_get_attrib_string(
    khm_handle  record,
    const wchar_t *   attr_name,
    wchar_t *   buffer,
    khm_size *  pcbbuf,
    khm_int32   flags)
{
    if(kcdb_cred_is_active_cred(record))
        return kcdb_cred_get_attrib_string(record, attr_name, buffer, pcbbuf, flags);
    else if(kcdb_is_active_identity(record))
        return kcdb_identity_get_attrib_string(record, attr_name, buffer, pcbbuf, flags);
    else
        return KHM_ERROR_INVALID_PARAM;
}
Пример #4
0
KHMEXP khm_int32 KHMAPI kcdb_buf_get_attr(
    khm_handle  record, 
    khm_int32   attr_id, 
    khm_int32 * attr_type, 
    void *      buffer, 
    khm_size *  pcb_buf)
{
    if(kcdb_cred_is_active_cred(record))
        return kcdb_cred_get_attr(record, attr_id, attr_type, buffer, pcb_buf);
    else if(kcdb_is_active_identity(record))
        return kcdb_identity_get_attr(record, attr_id, attr_type, buffer, pcb_buf);
    else
        return KHM_ERROR_INVALID_PARAM;
}
Пример #5
0
KHMEXP khm_int32 KHMAPI
kcdb_identpro_validate_identity(khm_handle videntity)
{
    khm_int32 rv = KHM_ERROR_SUCCESS;
    khm_handle sub;

    if(!kcdb_is_active_identity(videntity))
        return KHM_ERROR_INVALID_PARAM;

    sub = identpro_get_sub_for_identity(videntity);

    if(sub != NULL) {
        rv = kmq_send_sub_msg(sub,
                              KMSG_IDENT,
                              KMSG_IDENT_VALIDATE_IDENTITY,
                              0,
                              (void *) identity);
    } else {
        rv = KHM_ERROR_NO_PROVIDER;
    }

    return rv;
}
Пример #6
0
KHMEXP khm_int32 KHMAPI 
kcdb_credset_collect(khm_handle cs_dest,
		     khm_handle cs_src, 
		     khm_handle identity, 
		     khm_int32 type,
		     khm_int32 * delta)
{
    kcdb_credset * cs;
    kcdb_credset * rcs;
    khm_int32 code = KHM_ERROR_SUCCESS;
    kcdb_cred ** r_sel = NULL;
    kcdb_cred ** c_sel = NULL;
    int nr_sel, nc_sel;
    int i;

    if((cs_src && !kcdb_credset_is_credset(cs_src)) ||
        (cs_dest && !kcdb_credset_is_credset(cs_dest)) ||
        (cs_src == cs_dest)) /* works because credsets use shared
                                handles */
        return KHM_ERROR_INVALID_PARAM;

    if(identity && !kcdb_is_active_identity(identity))
        return KHM_ERROR_INVALID_PARAM;

    if(cs_src)
        cs = (kcdb_credset *) cs_src;
    else
        cs = kcdb_root_credset;

    if(cs_dest)
        rcs = (kcdb_credset *) cs_dest;
    else
        rcs = kcdb_root_credset;

    if (kcdb_credset_is_sealed(rcs))
        return KHM_ERROR_INVALID_OPERATION;

    EnterCriticalSection(&(cs->cs));
    EnterCriticalSection(&(rcs->cs));

    /* enumerate through the root and given credential sets and select
       the ones we want */

    if(rcs->nclist > 0)
        r_sel = PMALLOC(sizeof(kcdb_cred *) * rcs->nclist);
    if(cs->nclist > 0)
        c_sel = PMALLOC(sizeof(kcdb_cred *) * cs->nclist);
    nr_sel = 0;
    nc_sel = 0;

    for(i=0; i<rcs->nclist; i++) {
        if(rcs->clist[i].cred &&
            (!identity || rcs->clist[i].cred->identity == identity) &&
            (type==KCDB_CREDTYPE_ALL || rcs->clist[i].cred->type == type))
        {
            r_sel[nr_sel++] = rcs->clist[i].cred;
        }
    }

    for(i=0; i<cs->nclist; i++) {
        if(cs->clist[i].cred &&
            (!identity || cs->clist[i].cred->identity == identity) &&
            (type==KCDB_CREDTYPE_ALL || cs->clist[i].cred->type == type))
        {
            c_sel[nc_sel++] = cs->clist[i].cred;
        }
    }

    rcs->version++;

    code = kcdb_credset_collect_core(
        rcs,
        r_sel,
        nr_sel,
        cs,
        c_sel,
        nc_sel,
        delta);

    LeaveCriticalSection(&(rcs->cs));
    LeaveCriticalSection(&(cs->cs));

    if(r_sel)
        PFREE(r_sel);
    if(c_sel)
        PFREE(c_sel);

    if (cs_dest == NULL) {
        kcdb_identity_refresh_all();
    }

    return code;
}
Пример #7
0
KHMEXP khm_int32 KHMAPI
kcdb_credset_collect(khm_handle h_cs_dest,
		     khm_handle h_cs_src,
		     khm_handle identity,
		     khm_int32 type_id,
		     khm_int32 * delta)
{
    kcdb_credset * cs_source;
    kcdb_credset * cs_dest;
    khm_int32 code = KHM_ERROR_SUCCESS;
    kcdb_cred ** clist_dest = NULL;
    kcdb_cred ** clist_src = NULL;
    int nclist_dest, nclist_src;
    int i;

    if ((h_cs_src && !kcdb_credset_is_credset(h_cs_src)) ||
        (h_cs_dest && !kcdb_credset_is_credset(h_cs_dest)) ||
        (h_cs_src == h_cs_dest)) /* works because credsets use shared
                                    handles */
        return KHM_ERROR_INVALID_PARAM;

    if(identity && !kcdb_is_active_identity(identity))
        return KHM_ERROR_INVALID_PARAM;

    if(h_cs_src)
        cs_source = (kcdb_credset *) h_cs_src;
    else
        cs_source = kcdb_root_credset;

    if(h_cs_dest)
        cs_dest = (kcdb_credset *) h_cs_dest;
    else
        cs_dest = kcdb_root_credset;

    if (kcdb_credset_is_sealed(cs_dest))
        return KHM_ERROR_INVALID_OPERATION;

    if (cs_source < cs_dest) {
        EnterCriticalSection(&(cs_source->cs));
        EnterCriticalSection(&(cs_dest->cs));
    } else {
        EnterCriticalSection(&(cs_dest->cs));
        EnterCriticalSection(&(cs_source->cs));
    }

    /* enumerate through the root and given credential sets and select
       the ones we want */

    if(cs_dest->nclist > 0)
        clist_dest = PMALLOC(sizeof(kcdb_cred *) * cs_dest->nclist);
    if(cs_source->nclist > 0)
        clist_src = PMALLOC(sizeof(kcdb_cred *) * cs_source->nclist);
    nclist_dest = 0;
    nclist_src = 0;

    for(i=0; i < cs_dest->nclist; i++) {
        if(cs_dest->clist[i].cred &&
           (!identity || cs_dest->clist[i].cred->identity == identity) &&
           (type_id==KCDB_CREDTYPE_ALL || cs_dest->clist[i].cred->type == type_id)) {

            clist_dest[nclist_dest++] = cs_dest->clist[i].cred;
        }
    }

    for(i=0; i < cs_source->nclist; i++) {
        if(cs_source->clist[i].cred &&
           (!identity || cs_source->clist[i].cred->identity == identity) &&
           (type_id==KCDB_CREDTYPE_ALL || cs_source->clist[i].cred->type == type_id)) {

            clist_src[nclist_src++] = cs_source->clist[i].cred;
        }
    }

    cs_dest->version++;

    code = kcdb_credset_collect_core(cs_dest, clist_dest, nclist_dest,
                                     cs_source, clist_src, nclist_src,
                                     delta);

    LeaveCriticalSection(&(cs_dest->cs));
    LeaveCriticalSection(&(cs_source->cs));

    if(clist_dest)
        PFREE(clist_dest);
    if(clist_src)
        PFREE(clist_src);

    if (h_cs_dest == NULL) {
        kcdb_identity_refresh_all();
    }

    return code;
}