#include "mglueP.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
static OM_uint32 displayMajor(OM_uint32, OM_uint32 *, gss_buffer_t);
OM_uint32 KRB5_CALLCONV
gss_display_status (minor_status,
status_value,
status_type,
req_mech_type,
message_context,
status_string)
OM_uint32 * minor_status;
OM_uint32 status_value;
int status_type;
gss_OID req_mech_type;
OM_uint32 * message_context;
gss_buffer_t status_string;
{
gss_OID mech_type = (gss_OID) req_mech_type;
gss_mechanism mech;
if (minor_status != NULL)
*minor_status = 0;
if (status_string != GSS_C_NO_BUFFER) {
status_string->length = 0;
status_string->value = NULL;
}
if (minor_status == NULL ||
message_context == NULL ||
status_string == GSS_C_NO_BUFFER)
return (GSS_S_CALL_INACCESSIBLE_WRITE);
if (status_type == GSS_C_GSS_CODE)
return (displayMajor(status_value, message_context,
status_string));
mech = gssint_get_mechanism (mech_type);
if (mech && mech->gss_display_status) {
if (mech_type == GSS_C_NULL_OID)
mech_type = &mech->mech_type;
return (mech->gss_display_status(mech->context, minor_status,
status_value, status_type, mech_type,
message_context, status_string));
}
if (!mech)
return (GSS_S_BAD_MECH);
return (GSS_S_UNAVAILABLE);
}
static OM_uint32
displayMajor(status, msgCtxt, outStr)
OM_uint32 status;
OM_uint32 *msgCtxt;
gss_buffer_t outStr;
{
OM_uint32 oneVal, mask = 0x1, currErr;
char *errStr = NULL;
int i, haveErr = 0;
if (status == GSS_S_COMPLETE)
errStr = "The routine completed successfully";
else if (*msgCtxt == 0 && (oneVal = GSS_CALLING_ERROR(status))) {
switch (oneVal) {
case GSS_S_CALL_INACCESSIBLE_READ:
errStr = "A required input parameter"
" could not be read";
break;
case GSS_S_CALL_INACCESSIBLE_WRITE:
errStr = "A required output parameter"
" could not be written";
break;
case GSS_S_CALL_BAD_STRUCTURE:
errStr = "A parameter was malformed";
break;
default:
errStr = "An invalid status code was supplied";
break;
}
if (GSS_ROUTINE_ERROR(status))
*msgCtxt = 1;
else if ((oneVal = GSS_SUPPLEMENTARY_INFO(status)) != 0)
*msgCtxt = (OM_uint32)(oneVal << 1);
else
*msgCtxt = 0;
} else if ((*msgCtxt == 0 || *msgCtxt == 1) &&
(oneVal = GSS_ROUTINE_ERROR(status))) {
switch (oneVal) {
case GSS_S_BAD_MECH:
errStr = "An unsupported mechanism"
" was requested";
break;
case GSS_S_BAD_NAME:
errStr = "An invalid name was supplied";
break;
case GSS_S_BAD_NAMETYPE:
errStr = "A supplied name was of an"
" unsupported type";
break;
case GSS_S_BAD_BINDINGS:
errStr = "Incorrect channel bindings"
" were supplied";
break;
case GSS_S_BAD_SIG:
errStr = "A token had an invalid Message"
" Integrity Check (MIC)";
break;
case GSS_S_NO_CRED:
errStr = "No credentials were supplied, or the"
" credentials were unavailable or"
" inaccessible";
break;
case GSS_S_NO_CONTEXT:
errStr = "No context has been established";
break;
case GSS_S_DEFECTIVE_TOKEN:
errStr = "Invalid token was supplied";
break;
case GSS_S_DEFECTIVE_CREDENTIAL:
errStr = "Invalid credential was supplied";
break;
case GSS_S_CREDENTIALS_EXPIRED:
errStr = "The referenced credential has"
" expired";
break;
case GSS_S_CONTEXT_EXPIRED:
errStr = "The referenced context has expired";
break;
case GSS_S_FAILURE:
errStr = "Unspecified GSS failure. Minor code"
" may provide more information";
break;
case GSS_S_BAD_QOP:
errStr = "The quality-of-protection (QOP) "
"requested could not be provided";
break;
case GSS_S_UNAUTHORIZED:
errStr = "The operation is forbidden by local"
" security policy";
break;
case GSS_S_UNAVAILABLE:
errStr = "The operation or option is not"
" available or unsupported";
break;
case GSS_S_DUPLICATE_ELEMENT:
errStr = "The requested credential element"
" already exists";
break;
case GSS_S_NAME_NOT_MN:
errStr = "The provided name was not mechanism"
" specific (MN)";
break;
case GSS_S_BAD_STATUS:
default:
errStr = "An invalid status code was supplied";
}
if ((oneVal = GSS_SUPPLEMENTARY_INFO(status)) != 0)
*msgCtxt = (OM_uint32)(oneVal << 1);
else
*msgCtxt = 0;
} else if ((*msgCtxt == 0 || *msgCtxt >= 2) &&
(oneVal = GSS_SUPPLEMENTARY_INFO(status))) {
if (*msgCtxt >= 2)
oneVal = (OM_uint32) (*msgCtxt) >> 1;
else
oneVal = GSS_SUPPLEMENTARY_INFO(status);
for (i = 0; i < 16; i++) {
if (oneVal & mask) {
haveErr = 1;
break;
}
mask <<= 1;
}
if (haveErr)
currErr = oneVal & mask;
else
currErr = 1 << 17;
switch (currErr) {
case GSS_S_CONTINUE_NEEDED:
errStr = "The routine must be called again to"
" complete its function";
break;
case GSS_S_DUPLICATE_TOKEN:
errStr = "The token was a duplicate of an"
" earlier token";
break;
case GSS_S_OLD_TOKEN:
errStr = "The token's validity period"
" has expired";
break;
case GSS_S_UNSEQ_TOKEN:
errStr = "A later token has already been"
" processed";
break;
case GSS_S_GAP_TOKEN:
errStr = "An expected per-message token was"
" not received";
break;
default:
errStr = "An invalid status code was supplied";
}
if (!haveErr)
*msgCtxt = 0;
else if (GSS_SUPPLEMENTARY_INFO(oneVal) ^ mask)
*msgCtxt = (OM_uint32)
((GSS_SUPPLEMENTARY_INFO(oneVal) ^ mask) << 1);
else
*msgCtxt = 0;
}
if (errStr == NULL)
errStr = "An invalid status code was supplied";
outStr->length = strlen(errStr);
outStr->value = malloc((size_t)outStr->length+1);
if (outStr->value == NULL) {
outStr->length = 0;
return (GSS_S_FAILURE);
}
(void) strcpy((char *)outStr->value, errStr);
return (GSS_S_COMPLETE);
}