1 /* 2 * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6 /* 7 * Copyright 1993 by OpenVision Technologies, Inc. 8 * 9 * Permission to use, copy, modify, distribute, and sell this software 10 * and its documentation for any purpose is hereby granted without fee, 11 * provided that the above copyright notice appears in all copies and 12 * that both that copyright notice and this permission notice appear in 13 * supporting documentation, and that the name of OpenVision not be used 14 * in advertising or publicity pertaining to distribution of the software 15 * without specific, written prior permission. OpenVision makes no 16 * representations about the suitability of this software for any 17 * purpose. It is provided "as is" without express or implied warranty. 18 * 19 * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, 20 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO 21 * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR 22 * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF 23 * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR 24 * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 25 * PERFORMANCE OF THIS SOFTWARE. 26 */ 27 28 #ifndef _GSSAPI_H_ 29 #define _GSSAPI_H_ 30 31 #pragma ident "%Z%%M% %I% %E% SMI" 32 33 #ifdef __cplusplus 34 extern "C" { 35 #endif 36 37 38 /* 39 * First, include sys/types.h to get size_t defined. 40 */ 41 #include <sys/types.h> 42 43 /* 44 * If the platform supports the xom.h header file, it should be 45 * included here. 46 */ 47 #ifdef HAVE_XOM_H 48 #include <xom.h> 49 #endif 50 51 /* 52 * Now define the three implementation-dependent types. 53 */ 54 struct gss_ctx_id; 55 struct gss_cred_id; 56 struct gss_name; 57 58 typedef struct gss_ctx_id *gss_ctx_id_t; 59 typedef struct gss_cred_id *gss_cred_id_t; 60 typedef struct gss_name *gss_name_t; 61 62 /* 63 * The following type must be defined as the smallest natural 64 * unsigned integer supported by the platform that has at least 65 * 32 bits of precision. 66 */ 67 typedef unsigned int gss_uint32; 68 typedef int gss_int32; 69 70 71 #ifdef OM_STRING 72 /* 73 * We have included the xom.h header file. Verify that OM_uint32 74 * is defined correctly. 75 */ 76 77 #if sizeof (gss_uint32) != sizeof (OM_uint32) 78 #error Incompatible definition of OM_uint32 from xom.h 79 #endif 80 81 typedef OM_object_identifier gss_OID_desc, *gss_OID; 82 83 #else 84 85 86 87 /* 88 * We can't use X/Open definitions, so roll our own. 89 */ 90 91 typedef gss_uint32 OM_uint32; 92 93 typedef struct gss_OID_desc_struct { 94 OM_uint32 length; 95 void*elements; 96 } gss_OID_desc, *gss_OID; 97 98 #endif 99 100 typedef struct gss_OID_set_desc_struct { 101 size_t count; 102 gss_OID elements; 103 } gss_OID_set_desc, *gss_OID_set; 104 105 #ifdef _SYSCALL32 106 typedef struct gss_OID_desc_struct32 { 107 OM_uint32 length; 108 caddr32_t elements; 109 } gss_OID_desc32, *gss_OID32; 110 #endif /* _SYSCALL32 */ 111 112 typedef struct gss_buffer_desc_struct { 113 size_t length; 114 void *value; 115 } gss_buffer_desc, *gss_buffer_t; 116 117 typedef struct gss_channel_bindings_struct { 118 OM_uint32 initiator_addrtype; 119 gss_buffer_desc initiator_address; 120 OM_uint32 acceptor_addrtype; 121 gss_buffer_desc acceptor_address; 122 gss_buffer_desc application_data; 123 } *gss_channel_bindings_t; 124 125 /* 126 * For now, define a QOP-type as an OM_uint32 127 */ 128 typedef OM_uint32 gss_qop_t; 129 typedef int gss_cred_usage_t; 130 131 /* 132 * Flag bits for context-level services. 133 */ 134 #define GSS_C_DELEG_FLAG 1 135 #define GSS_C_MUTUAL_FLAG 2 136 #define GSS_C_REPLAY_FLAG 4 137 #define GSS_C_SEQUENCE_FLAG 8 138 #define GSS_C_CONF_FLAG 16 139 #define GSS_C_INTEG_FLAG 32 140 #define GSS_C_ANON_FLAG 64 141 #define GSS_C_PROT_READY_FLAG 128 142 #define GSS_C_TRANS_FLAG 256 143 144 /* 145 * Credential usage options 146 */ 147 #define GSS_C_BOTH 0 148 #define GSS_C_INITIATE 1 149 #define GSS_C_ACCEPT 2 150 151 /* 152 * Status code types for gss_display_status 153 */ 154 #define GSS_C_GSS_CODE 1 155 #define GSS_C_MECH_CODE 2 156 157 /* 158 * The constant definitions for channel-bindings address families 159 */ 160 #define GSS_C_AF_UNSPEC 0 161 #define GSS_C_AF_LOCAL 1 162 #define GSS_C_AF_INET 2 163 #define GSS_C_AF_IMPLINK 3 164 #define GSS_C_AF_PUP 4 165 #define GSS_C_AF_CHAOS 5 166 #define GSS_C_AF_NS 6 167 #define GSS_C_AF_NBS 7 168 #define GSS_C_AF_ECMA 8 169 #define GSS_C_AF_DATAKIT 9 170 #define GSS_C_AF_CCITT 10 171 #define GSS_C_AF_SNA 11 172 #define GSS_C_AF_DECnet 12 173 #define GSS_C_AF_DLI 13 174 #define GSS_C_AF_LAT 14 175 #define GSS_C_AF_HYLINK 15 176 #define GSS_C_AF_APPLETALK 16 177 #define GSS_C_AF_BSC 17 178 #define GSS_C_AF_DSS 18 179 #define GSS_C_AF_OSI 19 180 #define GSS_C_AF_X25 21 181 182 #define GSS_C_AF_NULLADDR 255 183 184 /* 185 * Various Null values 186 */ 187 #define GSS_C_NO_NAME ((gss_name_t) 0) 188 #define GSS_C_NO_BUFFER ((gss_buffer_t) 0) 189 #define GSS_C_NO_OID ((gss_OID) 0) 190 #define GSS_C_NO_OID_SET ((gss_OID_set) 0) 191 #define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0) 192 #define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0) 193 #define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0) 194 #define GSS_C_EMPTY_BUFFER {0, NULL} 195 196 /* 197 * Some alternate names for a couple of the above 198 * values. These are defined for V1 compatibility. 199 */ 200 #define GSS_C_NULL_OID GSS_C_NO_OID 201 #define GSS_C_NULL_OID_SET GSS_C_NO_OID_SET 202 203 /* 204 * Define the default Quality of Protection for per-message 205 * services. Note that an implementation that offers multiple 206 * levels of QOP may define GSS_C_QOP_DEFAULT to be either zero 207 * (as done here) to mean "default protection", or to a specific 208 * explicit QOP value. However, a value of 0 should always be 209 * interpreted by a GSSAPI implementation as a request for the 210 * default protection level. 211 */ 212 #define GSS_C_QOP_DEFAULT 0 213 214 /* 215 * Expiration time of 2^32-1 seconds means infinite lifetime for a 216 * credential or security context 217 */ 218 #define GSS_C_INDEFINITE ((OM_uint32) 0xfffffffful) 219 220 /* 221 * The implementation must reserve static storage for a 222 * gss_OID_desc object containing the value 223 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 224 * "\x01\x02\x01\x01"}, 225 * corresponding to an object-identifier value of 226 * {iso(1) member-body(2) United States(840) mit(113554) 227 * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant 228 * GSS_C_NT_USER_NAME should be initialized to point 229 * to that gss_OID_desc. 230 */ 231 extern const gss_OID GSS_C_NT_USER_NAME; 232 233 /* 234 * The implementation must reserve static storage for a 235 * gss_OID_desc object containing the value 236 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 237 * "\x01\x02\x01\x02"}, 238 * corresponding to an object-identifier value of 239 * {iso(1) member-body(2) United States(840) mit(113554) 240 * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}. 241 * The constant GSS_C_NT_MACHINE_UID_NAME should be 242 * initialized to point to that gss_OID_desc. 243 */ 244 extern const gss_OID GSS_C_NT_MACHINE_UID_NAME; 245 246 /* 247 * The implementation must reserve static storage for a 248 * gss_OID_desc object containing the value 249 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 250 * "\x01\x02\x01\x03"}, 251 * corresponding to an object-identifier value of 252 * {iso(1) member-body(2) United States(840) mit(113554) 253 * infosys(1) gssapi(2) generic(1) string_uid_name(3)}. 254 * The constant GSS_C_NT_STRING_UID_NAME should be 255 * initialized to point to that gss_OID_desc. 256 */ 257 extern const gss_OID GSS_C_NT_STRING_UID_NAME; 258 259 /* 260 * The implementation must reserve static storage for a 261 * gss_OID_desc object containing the value 262 * {6, (void *)"\x2b\x06\x01\x05\x06\x02"}, 263 * corresponding to an object-identifier value of 264 * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 265 * 6(nametypes), 2(gss-host-based-services)}. The constant 266 * GSS_C_NT_HOSTBASED_SERVICE should be initialized to point 267 * to that gss_OID_desc. 268 */ 269 extern const gss_OID GSS_C_NT_HOSTBASED_SERVICE; 270 271 /* 272 * The implementation must reserve static storage for a 273 * gss_OID_desc object containing the value 274 * {6, (void *)"\x2b\x06\01\x05\x06\x03"}, 275 * corresponding to an object identifier value of 276 * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 277 * 6(nametypes), 3(gss-anonymous-name)}. The constant 278 * and GSS_C_NT_ANONYMOUS should be initialized to point 279 * to that gss_OID_desc. 280 */ 281 extern const gss_OID GSS_C_NT_ANONYMOUS; 282 283 /* 284 * The implementation must reserve static storage for a 285 * gss_OID_desc object containing the value 286 * {6, (void *)"\x2b\x06\x01\x05\x06\x04"}, 287 * corresponding to an object-identifier value of 288 * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 289 * 6(nametypes), 4(gss-api-exported-name)}. The constant 290 * GSS_C_NT_EXPORT_NAME should be initialized to point 291 * to that gss_OID_desc. 292 */ 293 extern const gss_OID GSS_C_NT_EXPORT_NAME; 294 295 296 /* Major status codes */ 297 298 #define GSS_S_COMPLETE 0 299 300 /* 301 * Some "helper" definitions to make the status code macros obvious. 302 */ 303 #define GSS_C_CALLING_ERROR_OFFSET 24 304 #define GSS_C_ROUTINE_ERROR_OFFSET 16 305 #define GSS_C_SUPPLEMENTARY_OFFSET 0 306 #define GSS_C_CALLING_ERROR_MASK ((OM_uint32) 0377ul) 307 #define GSS_C_ROUTINE_ERROR_MASK ((OM_uint32) 0377ul) 308 #define GSS_C_SUPPLEMENTARY_MASK ((OM_uint32) 0177777ul) 309 310 /* 311 * The macros that test status codes for error conditions. 312 * Note that the GSS_ERROR() macro has changed slightly from 313 * the V1 GSSAPI so that it now evaluates its argument 314 * only once. 315 */ 316 #define GSS_CALLING_ERROR(x) \ 317 ((x) & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET)) 318 #define GSS_ROUTINE_ERROR(x) \ 319 ((x) & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)) 320 #define GSS_SUPPLEMENTARY_INFO(x) \ 321 ((x) & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET)) 322 #define GSS_ERROR(x) \ 323 ((x) & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) | \ 324 (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))) 325 326 /* 327 * Now the actual status code definitions 328 */ 329 330 /* 331 * Calling errors: 332 */ 333 #define GSS_S_CALL_INACCESSIBLE_READ \ 334 (((OM_uint32) 1ul) << GSS_C_CALLING_ERROR_OFFSET) 335 #define GSS_S_CALL_INACCESSIBLE_WRITE \ 336 (((OM_uint32) 2ul) << GSS_C_CALLING_ERROR_OFFSET) 337 #define GSS_S_CALL_BAD_STRUCTURE \ 338 (((OM_uint32) 3ul) << GSS_C_CALLING_ERROR_OFFSET) 339 340 /* 341 * Routine errors: 342 */ 343 #define GSS_S_BAD_MECH (((OM_uint32) 1ul) << GSS_C_ROUTINE_ERROR_OFFSET) 344 #define GSS_S_BAD_NAME (((OM_uint32) 2ul) << GSS_C_ROUTINE_ERROR_OFFSET) 345 #define GSS_S_BAD_NAMETYPE (((OM_uint32) 3ul) << GSS_C_ROUTINE_ERROR_OFFSET) 346 #define GSS_S_BAD_BINDINGS (((OM_uint32) 4ul) << GSS_C_ROUTINE_ERROR_OFFSET) 347 #define GSS_S_BAD_STATUS (((OM_uint32) 5ul) << GSS_C_ROUTINE_ERROR_OFFSET) 348 #define GSS_S_BAD_SIG (((OM_uint32) 6ul) << GSS_C_ROUTINE_ERROR_OFFSET) 349 #define GSS_S_BAD_MIC GSS_S_BAD_SIG 350 #define GSS_S_NO_CRED (((OM_uint32) 7ul) << GSS_C_ROUTINE_ERROR_OFFSET) 351 #define GSS_S_NO_CONTEXT (((OM_uint32) 8ul) << GSS_C_ROUTINE_ERROR_OFFSET) 352 #define GSS_S_DEFECTIVE_TOKEN (((OM_uint32) 9ul) << GSS_C_ROUTINE_ERROR_OFFSET) 353 #define GSS_S_DEFECTIVE_CREDENTIAL \ 354 (((OM_uint32) 10ul) << GSS_C_ROUTINE_ERROR_OFFSET) 355 #define GSS_S_CREDENTIALS_EXPIRED \ 356 (((OM_uint32) 11ul) << GSS_C_ROUTINE_ERROR_OFFSET) 357 #define GSS_S_CONTEXT_EXPIRED \ 358 (((OM_uint32) 12ul) << GSS_C_ROUTINE_ERROR_OFFSET) 359 #define GSS_S_FAILURE (((OM_uint32) 13ul) << GSS_C_ROUTINE_ERROR_OFFSET) 360 #define GSS_S_BAD_QOP (((OM_uint32) 14ul) << GSS_C_ROUTINE_ERROR_OFFSET) 361 #define GSS_S_UNAUTHORIZED (((OM_uint32) 15ul) << GSS_C_ROUTINE_ERROR_OFFSET) 362 #define GSS_S_UNAVAILABLE (((OM_uint32) 16ul) << GSS_C_ROUTINE_ERROR_OFFSET) 363 #define GSS_S_DUPLICATE_ELEMENT \ 364 (((OM_uint32) 17ul) << GSS_C_ROUTINE_ERROR_OFFSET) 365 #define GSS_S_NAME_NOT_MN (((OM_uint32) 18ul) << GSS_C_ROUTINE_ERROR_OFFSET) 366 367 /* 368 * Supplementary info bits: 369 */ 370 #define GSS_S_CONTINUE_NEEDED (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 0)) 371 #define GSS_S_DUPLICATE_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 1)) 372 #define GSS_S_OLD_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 2)) 373 #define GSS_S_UNSEQ_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 3)) 374 #define GSS_S_GAP_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 4)) 375 376 377 /* 378 * Finally, function prototypes for the GSS-API routines. 379 */ 380 381 OM_uint32 gss_acquire_cred( 382 OM_uint32 *, /* minor_status */ 383 const gss_name_t, /* desired_name */ 384 OM_uint32, /* time_req */ 385 const gss_OID_set, /* desired_mechs */ 386 gss_cred_usage_t, /* cred_usage */ 387 gss_cred_id_t *, /* output_cred_handle */ 388 gss_OID_set *, /* actual_mechs */ 389 OM_uint32 * /* time_rec */ 390 ); 391 392 OM_uint32 gss_release_cred( 393 OM_uint32 *, /* minor_status */ 394 gss_cred_id_t * /* cred_handle */ 395 ); 396 397 OM_uint32 gss_init_sec_context( 398 OM_uint32 *, /* minor_status */ 399 const gss_cred_id_t, /* initiator_cred_handle */ 400 gss_ctx_id_t *, /* context_handle */ 401 const gss_name_t, /* target_name */ 402 const gss_OID, /* mech_type */ 403 OM_uint32, /* req_flags */ 404 OM_uint32, /* time_req */ 405 gss_channel_bindings_t, /* input_chan_bindings */ 406 const gss_buffer_t, /* input_token */ 407 gss_OID *, /* actual_mech_type */ 408 gss_buffer_t, /* output_token */ 409 OM_uint32 *, /* ret_flags */ 410 OM_uint32 * /* time_rec */ 411 ); 412 413 OM_uint32 gss_accept_sec_context( 414 OM_uint32 *, /* minor_status */ 415 gss_ctx_id_t *, /* context_handle */ 416 const gss_cred_id_t, /* acceptor_cred_handle */ 417 const gss_buffer_t, /* input_token_buffer */ 418 const gss_channel_bindings_t, /* input_chan_bindings */ 419 gss_name_t *, /* src_name */ 420 gss_OID *, /* mech_type */ 421 gss_buffer_t, /* output_token */ 422 OM_uint32 *, /* ret_flags */ 423 OM_uint32 *, /* time_rec */ 424 gss_cred_id_t * /* delegated_cred_handle */ 425 ); 426 427 OM_uint32 gss_process_context_token( 428 OM_uint32 *, /* minor_status */ 429 const gss_ctx_id_t, /* context_handle */ 430 const gss_buffer_t /* token_buffer */ 431 ); 432 433 OM_uint32 gss_delete_sec_context( 434 OM_uint32 *, /* minor_status */ 435 gss_ctx_id_t *, /* context_handle */ 436 gss_buffer_t /* output_token */ 437 ); 438 439 OM_uint32 gss_context_time( 440 OM_uint32 *, /* minor_status */ 441 const gss_ctx_id_t, /* context_handle */ 442 OM_uint32 * /* time_rec */ 443 ); 444 445 OM_uint32 gss_get_mic( 446 OM_uint32 *, /* minor_status */ 447 const gss_ctx_id_t, /* context_handle */ 448 gss_qop_t, /* qop_req */ 449 const gss_buffer_t, /* message_buffer */ 450 gss_buffer_t /* message_token */ 451 ); 452 453 OM_uint32 gss_verify_mic( 454 OM_uint32 *, /* minor_status */ 455 const gss_ctx_id_t, /* context_handle */ 456 const gss_buffer_t, /* message_buffer */ 457 const gss_buffer_t, /* token_buffer */ 458 gss_qop_t * /* qop_state */ 459 ); 460 461 OM_uint32 gss_wrap( 462 OM_uint32 *, /* minor_status */ 463 const gss_ctx_id_t, /* context_handle */ 464 int, /* conf_req_flag */ 465 gss_qop_t, /* qop_req */ 466 const gss_buffer_t, /* input_message_buffer */ 467 int *, /* conf_state */ 468 gss_buffer_t /* output_message_buffer */ 469 ); 470 471 OM_uint32 gss_unwrap( 472 OM_uint32 *, /* minor_status */ 473 const gss_ctx_id_t, /* context_handle */ 474 const gss_buffer_t, /* input_message_buffer */ 475 gss_buffer_t, /* output_message_buffer */ 476 int *, /* conf_state */ 477 gss_qop_t * /* qop_state */ 478 ); 479 480 OM_uint32 gss_display_status( 481 OM_uint32 *, /* minor_status */ 482 OM_uint32, /* status_value */ 483 int, /* status_type */ 484 const gss_OID, /* mech_type */ 485 OM_uint32 *, /* message_context */ 486 gss_buffer_t /* status_string */ 487 ); 488 489 OM_uint32 gss_indicate_mechs( 490 OM_uint32 *, /* minor_status */ 491 gss_OID_set * /* mech_set */ 492 ); 493 494 OM_uint32 gss_compare_name( 495 OM_uint32 *, /* minor_status */ 496 const gss_name_t, /* name1 */ 497 const gss_name_t, /* name2 */ 498 int * /* name_equal */ 499 ); 500 501 OM_uint32 gss_display_name( 502 OM_uint32 *, /* minor_status */ 503 const gss_name_t, /* input_name */ 504 gss_buffer_t, /* output_name_buffer */ 505 gss_OID * /* output_name_type */ 506 ); 507 508 OM_uint32 gss_import_name( 509 OM_uint32 *, /* minor_status */ 510 const gss_buffer_t, /* input_name_buffer */ 511 const gss_OID, /* input_name_type */ 512 gss_name_t * /* output_name */ 513 ); 514 515 OM_uint32 gss_export_name( 516 OM_uint32 *, /* minor_status */ 517 const gss_name_t, /* input_name */ 518 gss_buffer_t /* exported_name */ 519 ); 520 521 OM_uint32 gss_release_name( 522 OM_uint32 *, /* minor_status */ 523 gss_name_t * /* input_name */ 524 ); 525 526 OM_uint32 gss_release_buffer( 527 OM_uint32 *, /* minor_status */ 528 gss_buffer_t /* buffer */ 529 ); 530 531 OM_uint32 gss_release_oid_set( 532 OM_uint32 *, /* minor_status */ 533 gss_OID_set * /* set */ 534 ); 535 536 OM_uint32 gss_inquire_cred( 537 OM_uint32 *, /* minor_status */ 538 const gss_cred_id_t, /* cred_handle */ 539 gss_name_t *, /* name */ 540 OM_uint32 *, /* lifetime */ 541 gss_cred_usage_t *, /* cred_usage */ 542 gss_OID_set * /* mechanisms */ 543 ); 544 545 OM_uint32 gss_inquire_context( 546 OM_uint32 *, /* minor_status */ 547 const gss_ctx_id_t, /* context_handle */ 548 gss_name_t *, /* src_name */ 549 gss_name_t *, /* targ_name */ 550 OM_uint32 *, /* lifetime_rec */ 551 gss_OID *, /* mech_type */ 552 OM_uint32 *, /* ctx_flags */ 553 int *, /* locally_initiated */ 554 int * /* open */ 555 ); 556 557 OM_uint32 gss_wrap_size_limit( 558 OM_uint32 *, /* minor_status */ 559 const gss_ctx_id_t, /* context_handle */ 560 int, /* conf_req_flag */ 561 gss_qop_t, /* qop_req */ 562 OM_uint32, /* req_output_size */ 563 OM_uint32 * /* max_input_size */ 564 ); 565 566 OM_uint32 gss_add_cred( 567 OM_uint32 *, /* minor_status */ 568 const gss_cred_id_t, /* input_cred_handle */ 569 const gss_name_t, /* desired_name */ 570 const gss_OID, /* desired_mech */ 571 gss_cred_usage_t, /* cred_usage */ 572 OM_uint32, /* initiator_time_req */ 573 OM_uint32, /* acceptor_time_req */ 574 gss_cred_id_t *, /* output_cred_handle */ 575 gss_OID_set *, /* actual_mechs */ 576 OM_uint32 *, /* initiator_time_rec */ 577 OM_uint32 * /* acceptor_time_rec */ 578 ); 579 580 OM_uint32 gss_store_cred( 581 OM_uint32 *, /* minor_status */ 582 const gss_cred_id_t, /* input_cred */ 583 gss_cred_usage_t, /* cred_usage */ 584 const gss_OID, /* desired_mech */ 585 OM_uint32, /* overwrite_cred */ 586 OM_uint32, /* default_cred */ 587 gss_OID_set *, /* elements_stored */ 588 gss_cred_usage_t * /* cred_usage_stored */ 589 ); 590 591 OM_uint32 gss_inquire_cred_by_mech( 592 OM_uint32 *, /* minor_status */ 593 const gss_cred_id_t, /* cred_handle */ 594 const gss_OID, /* mech_type */ 595 gss_name_t *, /* name */ 596 OM_uint32 *, /* initiator_lifetime */ 597 OM_uint32 *, /* acceptor_lifetime */ 598 gss_cred_usage_t * /* cred_usage */ 599 ); 600 601 OM_uint32 gss_export_sec_context( 602 OM_uint32 *, /* minor_status */ 603 gss_ctx_id_t *, /* context_handle */ 604 gss_buffer_t /* interprocess_token */ 605 ); 606 607 OM_uint32 gss_import_sec_context( 608 OM_uint32 *, /* minor_status */ 609 const gss_buffer_t, /* interprocess_token */ 610 gss_ctx_id_t * /* context_handle */ 611 ); 612 613 OM_uint32 gss_create_empty_oid_set( 614 OM_uint32 *, /* minor_status */ 615 gss_OID_set * /* oid_set */ 616 ); 617 618 OM_uint32 gss_add_oid_set_member( 619 OM_uint32 *, /* minor_status */ 620 const gss_OID, /* member_oid */ 621 gss_OID_set * /* oid_set */ 622 ); 623 624 OM_uint32 gss_test_oid_set_member( 625 OM_uint32 *, /* minor_status */ 626 const gss_OID, /* member */ 627 const gss_OID_set, /* set */ 628 int * /* present */ 629 ); 630 631 OM_uint32 gss_inquire_names_for_mech( 632 OM_uint32 *, /* minor_status */ 633 const gss_OID, /* mechanism */ 634 gss_OID_set * /* name_types */ 635 ); 636 637 OM_uint32 gss_inquire_mechs_for_name( 638 OM_uint32 *, /* minor_status */ 639 const gss_name_t, /* input_name */ 640 gss_OID_set * /* mech_types */ 641 ); 642 643 OM_uint32 gss_canonicalize_name( 644 OM_uint32 *, /* minor_status */ 645 const gss_name_t, /* input_name */ 646 const gss_OID, /* mech_type */ 647 gss_name_t * /* output_name */ 648 ); 649 650 OM_uint32 gss_duplicate_name( 651 OM_uint32 *, /* minor_status */ 652 const gss_name_t, /* src_name */ 653 gss_name_t * /* dest_name */ 654 ); 655 656 657 OM_uint32 gss_release_oid( 658 OM_uint32 *, /* minor_status */ 659 gss_OID * /* oid */ 660 ); 661 662 OM_uint32 gss_str_to_oid( 663 OM_uint32 *, /* minor_status */ 664 const gss_buffer_t, /* oid_str */ 665 gss_OID * /* oid */ 666 ); 667 668 OM_uint32 gss_oid_to_str( 669 OM_uint32 *, /* minor_status */ 670 const gss_OID, /* oid */ 671 gss_buffer_t /* oid_str */ 672 ); 673 674 675 /* 676 * The following routines are obsolete variants of gss_get_mic, 677 * gss_verify_mic, gss_wrap and gss_unwrap. They should be 678 * provided by GSSAPI V2 implementations for backwards 679 * compatibility with V1 applications. Distinct entrypoints 680 * (as opposed to #defines) should be provided, both to allow 681 * GSSAPI V1 applications to link against GSSAPI V2 implementations, 682 * and to retain the slight parameter type differences between the 683 * obsolete versions of these routines and their current forms. 684 */ 685 686 OM_uint32 gss_sign( 687 OM_uint32 *, /* minor_status */ 688 gss_ctx_id_t, /* context_handle */ 689 int, /* qop_req */ 690 gss_buffer_t, /* message_buffer */ 691 gss_buffer_t /* message_token */ 692 ); 693 694 OM_uint32 gss_verify( 695 OM_uint32 *, /* minor_status */ 696 gss_ctx_id_t, /* context_handle */ 697 gss_buffer_t, /* message_buffer */ 698 gss_buffer_t, /* token_buffer */ 699 int * /* qop_state */ 700 ); 701 702 OM_uint32 gss_seal( 703 OM_uint32 *, /* minor_status */ 704 gss_ctx_id_t, /* context_handle */ 705 int, /* conf_req_flag */ 706 int, /* qop_req */ 707 gss_buffer_t, /* input_message_buffer */ 708 int *, /* conf_state */ 709 gss_buffer_t /* output_message_buffer */ 710 ); 711 712 OM_uint32 gss_unseal( 713 OM_uint32 *, /* minor_status */ 714 gss_ctx_id_t, /* context_handle */ 715 gss_buffer_t, /* input_message_buffer */ 716 gss_buffer_t, /* output_message_buffer */ 717 int *, /* conf_state */ 718 int * /* qop_state */ 719 ); 720 721 722 #ifdef _KERNEL /* For kernel */ 723 724 #include <rpc/types.h> 725 726 void kgss_free_oid(gss_OID oid); 727 728 OM_uint32 kgss_acquire_cred( 729 OM_uint32 *, 730 const gss_name_t, 731 OM_uint32, 732 const gss_OID_set, 733 int, 734 gss_cred_id_t *, 735 gss_OID_set *, 736 OM_uint32 *, 737 uid_t); 738 739 OM_uint32 kgss_add_cred( 740 OM_uint32 *, 741 gss_cred_id_t, 742 gss_name_t, 743 gss_OID, 744 int, 745 int, 746 int, 747 gss_OID_set *, 748 OM_uint32 *, 749 OM_uint32 *, 750 uid_t); 751 752 OM_uint32 kgss_release_cred( 753 OM_uint32 *, 754 gss_cred_id_t *, 755 uid_t); 756 757 OM_uint32 kgss_init_sec_context( 758 OM_uint32 *, 759 const gss_cred_id_t, 760 gss_ctx_id_t *, 761 const gss_name_t, 762 const gss_OID, 763 int, 764 OM_uint32, 765 const gss_channel_bindings_t, 766 const gss_buffer_t, 767 gss_OID *, 768 gss_buffer_t, 769 int *, 770 OM_uint32 *, 771 uid_t); 772 773 OM_uint32 kgss_accept_sec_context( 774 OM_uint32 *, 775 gss_ctx_id_t *, 776 const gss_cred_id_t, 777 const gss_buffer_t, 778 const gss_channel_bindings_t, 779 const gss_buffer_t, 780 gss_OID *, 781 gss_buffer_t, 782 int *, 783 OM_uint32 *, 784 gss_cred_id_t *, 785 uid_t); 786 787 OM_uint32 kgss_process_context_token( 788 OM_uint32 *, 789 const gss_ctx_id_t, 790 const gss_buffer_t, 791 uid_t); 792 793 OM_uint32 kgss_delete_sec_context( 794 OM_uint32 *, 795 gss_ctx_id_t *, 796 gss_buffer_t); 797 798 OM_uint32 kgss_export_sec_context( 799 OM_uint32 *, 800 const gss_ctx_id_t, 801 gss_buffer_t); 802 803 OM_uint32 kgss_import_sec_context( 804 OM_uint32 *, 805 const gss_buffer_t, 806 gss_ctx_id_t); 807 808 OM_uint32 kgss_context_time( 809 OM_uint32 *, 810 const gss_ctx_id_t, 811 OM_uint32 *, 812 uid_t); 813 814 OM_uint32 kgss_sign( 815 OM_uint32 *, 816 const gss_ctx_id_t, 817 int, 818 const gss_buffer_t, 819 gss_buffer_t); 820 821 822 OM_uint32 kgss_verify( 823 OM_uint32 *, 824 const gss_ctx_id_t, 825 const gss_buffer_t, 826 const gss_buffer_t, 827 int *); 828 829 OM_uint32 kgss_seal( 830 OM_uint32 *, 831 const gss_ctx_id_t, 832 int, 833 int, 834 const gss_buffer_t, 835 int *, 836 gss_buffer_t); 837 838 OM_uint32 kgss_unseal( 839 OM_uint32 *, 840 const gss_ctx_id_t, 841 const gss_buffer_t, 842 gss_buffer_t, 843 int *, 844 int *); 845 846 OM_uint32 kgss_display_status( 847 OM_uint32 *, 848 OM_uint32, 849 int, 850 const gss_OID, 851 int *, 852 gss_buffer_t, 853 uid_t); 854 855 OM_uint32 kgss_indicate_mechs( 856 OM_uint32 *, 857 gss_OID_set *, 858 uid_t); 859 860 OM_uint32 kgss_inquire_cred( 861 OM_uint32 *, 862 const gss_cred_id_t, 863 gss_name_t *, 864 OM_uint32 *, 865 int *, 866 gss_OID_set *, 867 uid_t); 868 869 OM_uint32 kgss_inquire_cred_by_mech( 870 OM_uint32 *, 871 gss_cred_id_t, 872 gss_OID, 873 uid_t); 874 875 876 #endif /* if _KERNEL */ 877 878 #ifdef __cplusplus 879 } 880 #endif 881 882 #endif /* _GSSAPI_H_ */ 883