gss_shim.c

mgcp协议源代码。支持多种编码：g711

      s = "Invalid context handle"; break;
    case GSS_S_NO_CRED:
      s = "Invalid credentials handle"; break;
    case SEC_E_NO_AUTHENTICATING_AUTHORITY:
      s = "No authenticating authority"; break;
    case SEC_E_TARGET_UNKNOWN:
      s = "target is unknown or unreachable"; break;
    default:
      sprintf (s = tmp,"SSPI code %lx",status_value);
    }
    break;
  case GSS_C_MECH_CODE:		/* minor status - drop into default */
  default:
    return GSS_S_BAD_STATUS;	/* bad status type */
  }
				/* return status string */
  status_string->length = strlen (status_string->value = cpystr (s));
  return GSS_S_COMPLETE;
}

/* GSSAPI delete security context
 * Accepts: pointer to return minor status
 *	    context to delete
 *	    output context token
 * Returns: major status, always
 */

OM_uint32 gss_delete_sec_context (OM_uint32 *minor_status,
				  gss_ctx_id_t *context_handle,
				  gss_buffer_t output_token)
{
  OM_uint32 major_status;
  *minor_status = 0;		/* never any minor status */
				/* output token not supported */
  major_status = output_token ? GSS_S_FAILURE :
    DeleteSecurityContext (*context_handle);
  fs_give ((void **) context_handle);
  return major_status;
}


/* GSSAPI release buffer
 * Accepts: pointer to return minor status
 *	    buffer to release
 * Returns: GSS_S_COMPLETE, always
 */

OM_uint32 gss_release_buffer (OM_uint32 *minor_status,gss_buffer_t buffer)
{
  *minor_status = 0;		/* never any minor status */
  fs_give (&buffer->value);
  return GSS_S_COMPLETE;
}


/* GSSAPI release name
 * Accepts: pointer to return minor status
 *	    pointer to name to release
 * Returns: GSS_S_COMPLETE, always
 */

OM_uint32 gss_release_name (OM_uint32 *minor_status,gss_name_t *input_name)
{
  *minor_status = 0;		/* never any minor status */
  fs_give (input_name);
  return GSS_S_COMPLETE;
}

/* GSSAPI wrap data
 * Accepts: pointer to return minor status
 *	    context handle
 *	    requested confidentiality
 *	    requested quality of protection
 *	    input message buffer
 *	    pointer to return confidentiality state
 *	    output message buffer
 * Returns: major status, always
 */

OM_uint32 gss_wrap (OM_uint32 *minor_status,gss_ctx_id_t context_handle,
		    int conf_req_flag,gss_qop_t qop_req,
		    gss_buffer_t input_message_buffer,int *conf_state,
		    gss_buffer_t output_message_buffer)
{
  OM_uint32 major_status;
  SecBuffer buf[3];
  SecBufferDesc bufs;
  SecPkgContext_Sizes sizes;
  *minor_status = NIL;		/* never any minor status */
  *conf_state = conf_req_flag;	/* same as requested */
				/* can't do non-default QOP */
  if (qop_req != GSS_C_QOP_DEFAULT) return GSS_S_BAD_QOP;
  if ((major_status =		/* get trailer and padding sizes */
       QueryContextAttributes (context_handle,SECPKG_ATTR_SIZES,&sizes)) ==
      SEC_E_OK) {
				/* create output buffer */
    output_message_buffer->value =
      fs_get (sizes.cbSecurityTrailer + input_message_buffer->length +
	      sizes.cbBlockSize);
    bufs.cBuffers = 3;		/* set up buffer descriptor */
    bufs.pBuffers = buf;
    bufs.ulVersion = SECBUFFER_VERSION;
    buf[0].BufferType = SECBUFFER_TOKEN;
    buf[0].pvBuffer = output_message_buffer->value;
    buf[0].cbBuffer = sizes.cbSecurityTrailer;
				/* I/O buffer */
    buf[1].BufferType = SECBUFFER_DATA;
    buf[1].pvBuffer = ((char *) buf[0].pvBuffer) + buf[0].cbBuffer;
    buf[1].cbBuffer = input_message_buffer->length;
    memcpy (buf[1].pvBuffer,input_message_buffer->value,buf[1].cbBuffer);
    buf[2].BufferType = SECBUFFER_PADDING;
    buf[2].pvBuffer = ((char *) buf[1].pvBuffer) + buf[1].cbBuffer;
    if ((major_status = EncryptMessage (context_handle,
					conf_req_flag ? 0:KERB_WRAP_NO_ENCRYPT,
					&bufs,0)) == GSS_S_COMPLETE) {
				/* slide data as necessary (how annoying!) */
      unsigned long i = sizes.cbSecurityTrailer - buf[0].cbBuffer;
      if (i) buf[1].pvBuffer =
	       memmove (((char *) buf[0].pvBuffer) + buf[0].cbBuffer,
			buf[1].pvBuffer,buf[1].cbBuffer);
      if (i += (input_message_buffer->length - buf[1].cbBuffer))
	buf[1].pvBuffer = memmove (((char *)buf[1].pvBuffer) + buf[1].cbBuffer,
		   buf[2].pvBuffer,buf[2].cbBuffer);
      output_message_buffer->length = buf[0].cbBuffer + buf[1].cbBuffer +
	buf[2].cbBuffer;
    }
    else fs_give (&output_message_buffer->value);
  }
  return major_status;		/* return status */
}

/* GSSAPI unwrap data
 * Accepts: pointer to return minor status
 *	    context handle
 *	    input message buffer
 *	    output message buffer
 *	    pointer to return confidentiality state
 *	    pointer to return quality of protection
 * Returns: major status, always
 */

OM_uint32 gss_unwrap (OM_uint32 *minor_status,gss_ctx_id_t context_handle,
		      gss_buffer_t input_message_buffer,
		      gss_buffer_t output_message_buffer,int *conf_state,
		      gss_qop_t *qop_state)
{
  OM_uint32 major_status;
  SecBuffer buf[2];
  SecBufferDesc bufs;
  bufs.cBuffers = 2;		/* set up buffer descriptor */
  bufs.pBuffers = buf;
  bufs.ulVersion = SECBUFFER_VERSION;
				/* input buffer */
  buf[0].BufferType = SECBUFFER_STREAM;
  buf[0].pvBuffer = input_message_buffer->value;
  buf[0].cbBuffer = input_message_buffer->length;
				/* output buffer */
  buf[1].BufferType = SECBUFFER_DATA;
  buf[1].pvBuffer = NIL;
  buf[1].cbBuffer = 0;
  major_status = DecryptMessage (context_handle,&bufs,0,(PULONG) conf_state);
  *minor_status = NIL;		/* never any minor status */
  *qop_state = GSS_C_QOP_DEFAULT;
				/* set output buffer */
  output_message_buffer->value = buf[1].pvBuffer;
  memcpy (output_message_buffer->value = fs_get (buf[1].cbBuffer),
	  buf[1].pvBuffer,buf[1].cbBuffer);
  output_message_buffer->length = buf[1].cbBuffer;
  return major_status;		/* return status */
}

/* From here on are server-only functions, currently unused */


/* GSSAPI acquire credentials
 * Accepts: pointer to return minor status
 *	    desired principal
 *	    desired lifetime
 *	    desired mechanisms
 *	    credentials usage
 *	    pointer to return credentials handle
 *	    pointer to return mechanisms
 *	    pointer to return lifetime
 * Returns: major status, always
 */

OM_uint32 gss_acquire_cred (OM_uint32 *minor_status,gss_name_t desired_name,
			    OM_uint32 time_req,gss_OID_set desired_mechs,
			    gss_cred_usage_t cred_usage,
			    gss_cred_id_t *output_cred_handle,
			    gss_OID_set *actual_mechs,OM_uint32 *time_rec)
{
  *minor_status = 0;		/* never any minor status */
  return GSS_S_FAILURE;		/* server only */
}


/* GSSAPI release credentials
 * Accepts: pointer to return minor status
 *	    credentials handle to free
 * Returns: GSS_S_COMPLETE, always
 */

OM_uint32 gss_release_cred (OM_uint32 *minor_status,gss_cred_id_t *cred_handle)
{
  *minor_status = 0;		/* never any minor status */
  return GSS_S_FAILURE;		/* server only */
}

/* GSSAPI Accept security context
 * Accepts: pointer to return minor status
 *	    context
 *	    acceptor credentials
 *	    input token buffer
 *	    input channel bindings
 *	    pointer to return source name
 *	    pointer to return mechanism type
 *	    buffer to return output token
 *	    pointer to return flags
 *	    pointer to return context lifetime
 *	    pointer to return delegated credentials
 * Returns: GSS_S_FAILURE, always
 */

OM_uint32 gss_accept_sec_context (OM_uint32 *minor_status,
				  gss_ctx_id_t *context_handle,
				  gss_cred_id_t acceptor_cred_handle,
				  gss_buffer_t input_token_buffer,
				  gss_channel_bindings_t input_chan_bindings,
				  gss_name_t *src_name,gss_OID *mech_type,
				  gss_buffer_t output_token,
				  OM_uint32 *ret_flags,OM_uint32 *time_rec,
				  gss_cred_id_t *delegated_cred_handle)
{
  *minor_status = 0;		/* never any minor status */
  return GSS_S_FAILURE;		/* server only */
}


/* GSSAPI return printable name
 * Accepts: pointer to return minor status
 *	    internal name
 *	    buffer to return output name
 *	    output name type
 * Returns: GSS_S_FAILURE, always
 */

OM_uint32 gss_display_name (OM_uint32 *minor_status,gss_name_t input_name,
			    gss_buffer_t output_name_buffer,
			    gss_OID *output_name_type)
{
  *minor_status = 0;		/* never any minor status */
  return GSS_S_FAILURE;		/* server only */
}