1 /* lib/gssapi/mechglue/mglueP.h */ 2 3 /* 4 * Copyright (c) 1995, by Sun Microsystems, Inc. 5 * All rights reserved. 6 */ 7 8 /* This header contains the private mechglue definitions. */ 9 10 #ifndef _GSS_MECHGLUEP_H 11 #define _GSS_MECHGLUEP_H 12 13 #include "autoconf.h" 14 #include "mechglue.h" 15 #include "gssapiP_generic.h" 16 17 #define g_OID_copy(o1, o2) \ 18 do { \ 19 memcpy((o1)->elements, (o2)->elements, (o2)->length); \ 20 (o1)->length = (o2)->length; \ 21 } while (0) 22 23 /* 24 * Array of context IDs typed by mechanism OID 25 */ 26 typedef struct gss_union_ctx_id_struct { 27 struct gss_union_ctx_id_struct *loopback; 28 gss_OID mech_type; 29 gss_ctx_id_t internal_ctx_id; 30 } gss_union_ctx_id_desc, *gss_union_ctx_id_t; 31 32 /* 33 * Generic GSSAPI names. A name can either be a generic name, or a 34 * mechanism specific name.... 35 */ 36 typedef struct gss_name_struct { 37 struct gss_name_struct *loopback; 38 gss_OID name_type; 39 gss_buffer_t external_name; 40 /* 41 * These last two fields are only filled in for mechanism 42 * names. 43 */ 44 gss_OID mech_type; 45 gss_name_t mech_name; 46 } gss_union_name_desc, *gss_union_name_t; 47 48 /* 49 * Structure for holding list of mechanism-specific name types 50 */ 51 typedef struct gss_mech_spec_name_t { 52 gss_OID name_type; 53 gss_OID mech; 54 struct gss_mech_spec_name_t *next, *prev; 55 } gss_mech_spec_name_desc, *gss_mech_spec_name; 56 57 /* 58 * Set of Credentials typed on mechanism OID 59 */ 60 typedef struct gss_cred_id_struct { 61 struct gss_cred_id_struct *loopback; 62 int count; 63 gss_OID mechs_array; 64 gss_cred_id_t *cred_array; 65 } gss_union_cred_desc, *gss_union_cred_t; 66 67 /* 68 * Rudimentary pointer validation macro to check whether the 69 * "loopback" field of an opaque struct points back to itself. This 70 * field also catches some programming errors where an opaque pointer 71 * is passed to a function expecting the address of the opaque 72 * pointer. 73 */ 74 #define GSSINT_CHK_LOOP(p) (!((p) != NULL && (p)->loopback == (p))) 75 76 /********************************************************/ 77 /* The Mechanism Dispatch Table -- a mechanism needs to */ 78 /* define one of these and provide a function to return */ 79 /* it to initialize the GSSAPI library */ 80 int gssint_mechglue_initialize_library(void); 81 82 /* 83 * This table is used to access mechanism-specific versions of the GSSAPI 84 * functions. It contains all of the functions defined in gssapi.h except for 85 * gss_release_buffer() and gss_release_oid_set(), which are assumed to be 86 * identical across mechanisms. 87 */ 88 typedef struct gss_config { 89 gss_OID_desc mech_type; 90 void * context; 91 OM_uint32 (KRB5_CALLCONV *gss_acquire_cred) 92 ( 93 OM_uint32*, /* minor_status */ 94 gss_name_t, /* desired_name */ 95 OM_uint32, /* time_req */ 96 gss_OID_set, /* desired_mechs */ 97 int, /* cred_usage */ 98 gss_cred_id_t*, /* output_cred_handle */ 99 gss_OID_set*, /* actual_mechs */ 100 OM_uint32* /* time_rec */ 101 ); 102 OM_uint32 (KRB5_CALLCONV *gss_release_cred) 103 ( 104 OM_uint32*, /* minor_status */ 105 gss_cred_id_t* /* cred_handle */ 106 ); 107 OM_uint32 (KRB5_CALLCONV *gss_init_sec_context) 108 ( 109 OM_uint32*, /* minor_status */ 110 gss_cred_id_t, /* claimant_cred_handle */ 111 gss_ctx_id_t*, /* context_handle */ 112 gss_name_t, /* target_name */ 113 gss_OID, /* mech_type */ 114 OM_uint32, /* req_flags */ 115 OM_uint32, /* time_req */ 116 gss_channel_bindings_t, /* input_chan_bindings */ 117 gss_buffer_t, /* input_token */ 118 gss_OID*, /* actual_mech_type */ 119 gss_buffer_t, /* output_token */ 120 OM_uint32*, /* ret_flags */ 121 OM_uint32* /* time_rec */ 122 ); 123 OM_uint32 (KRB5_CALLCONV *gss_accept_sec_context) 124 ( 125 OM_uint32*, /* minor_status */ 126 gss_ctx_id_t*, /* context_handle */ 127 gss_cred_id_t, /* verifier_cred_handle */ 128 gss_buffer_t, /* input_token_buffer */ 129 gss_channel_bindings_t, /* input_chan_bindings */ 130 gss_name_t*, /* src_name */ 131 gss_OID*, /* mech_type */ 132 gss_buffer_t, /* output_token */ 133 OM_uint32*, /* ret_flags */ 134 OM_uint32*, /* time_rec */ 135 gss_cred_id_t* /* delegated_cred_handle */ 136 ); 137 OM_uint32 (KRB5_CALLCONV *gss_process_context_token) 138 ( 139 OM_uint32*, /* minor_status */ 140 gss_ctx_id_t, /* context_handle */ 141 gss_buffer_t /* token_buffer */ 142 ); 143 OM_uint32 (KRB5_CALLCONV *gss_delete_sec_context) 144 ( 145 OM_uint32*, /* minor_status */ 146 gss_ctx_id_t*, /* context_handle */ 147 gss_buffer_t /* output_token */ 148 ); 149 OM_uint32 (KRB5_CALLCONV *gss_context_time) 150 ( 151 OM_uint32*, /* minor_status */ 152 gss_ctx_id_t, /* context_handle */ 153 OM_uint32* /* time_rec */ 154 ); 155 OM_uint32 (KRB5_CALLCONV *gss_get_mic) 156 ( 157 OM_uint32*, /* minor_status */ 158 gss_ctx_id_t, /* context_handle */ 159 gss_qop_t, /* qop_req */ 160 gss_buffer_t, /* message_buffer */ 161 gss_buffer_t /* message_token */ 162 ); 163 OM_uint32 (KRB5_CALLCONV *gss_verify_mic) 164 ( 165 OM_uint32*, /* minor_status */ 166 gss_ctx_id_t, /* context_handle */ 167 gss_buffer_t, /* message_buffer */ 168 gss_buffer_t, /* token_buffer */ 169 gss_qop_t* /* qop_state */ 170 ); 171 OM_uint32 (KRB5_CALLCONV *gss_wrap) 172 ( 173 OM_uint32*, /* minor_status */ 174 gss_ctx_id_t, /* context_handle */ 175 int, /* conf_req_flag */ 176 gss_qop_t, /* qop_req */ 177 gss_buffer_t, /* input_message_buffer */ 178 int*, /* conf_state */ 179 gss_buffer_t /* output_message_buffer */ 180 ); 181 OM_uint32 (KRB5_CALLCONV *gss_unwrap) 182 ( 183 OM_uint32*, /* minor_status */ 184 gss_ctx_id_t, /* context_handle */ 185 gss_buffer_t, /* input_message_buffer */ 186 gss_buffer_t, /* output_message_buffer */ 187 int*, /* conf_state */ 188 gss_qop_t* /* qop_state */ 189 ); 190 OM_uint32 (KRB5_CALLCONV *gss_display_status) 191 ( 192 OM_uint32*, /* minor_status */ 193 OM_uint32, /* status_value */ 194 int, /* status_type */ 195 gss_OID, /* mech_type */ 196 OM_uint32*, /* message_context */ 197 gss_buffer_t /* status_string */ 198 ); 199 OM_uint32 (KRB5_CALLCONV *gss_indicate_mechs) 200 ( 201 OM_uint32*, /* minor_status */ 202 gss_OID_set* /* mech_set */ 203 ); 204 OM_uint32 (KRB5_CALLCONV *gss_compare_name) 205 ( 206 OM_uint32*, /* minor_status */ 207 gss_name_t, /* name1 */ 208 gss_name_t, /* name2 */ 209 int* /* name_equal */ 210 ); 211 OM_uint32 (KRB5_CALLCONV *gss_display_name) 212 ( 213 OM_uint32*, /* minor_status */ 214 gss_name_t, /* input_name */ 215 gss_buffer_t, /* output_name_buffer */ 216 gss_OID* /* output_name_type */ 217 ); 218 OM_uint32 (KRB5_CALLCONV *gss_import_name) 219 ( 220 OM_uint32*, /* minor_status */ 221 gss_buffer_t, /* input_name_buffer */ 222 gss_OID, /* input_name_type */ 223 gss_name_t* /* output_name */ 224 ); 225 OM_uint32 (KRB5_CALLCONV *gss_release_name) 226 ( 227 OM_uint32*, /* minor_status */ 228 gss_name_t* /* input_name */ 229 ); 230 OM_uint32 (KRB5_CALLCONV *gss_inquire_cred) 231 ( 232 OM_uint32 *, /* minor_status */ 233 gss_cred_id_t, /* cred_handle */ 234 gss_name_t *, /* name */ 235 OM_uint32 *, /* lifetime */ 236 int *, /* cred_usage */ 237 gss_OID_set * /* mechanisms */ 238 ); 239 OM_uint32 (KRB5_CALLCONV *gss_add_cred) 240 ( 241 OM_uint32 *, /* minor_status */ 242 gss_cred_id_t, /* input_cred_handle */ 243 gss_name_t, /* desired_name */ 244 gss_OID, /* desired_mech */ 245 gss_cred_usage_t, /* cred_usage */ 246 OM_uint32, /* initiator_time_req */ 247 OM_uint32, /* acceptor_time_req */ 248 gss_cred_id_t *, /* output_cred_handle */ 249 gss_OID_set *, /* actual_mechs */ 250 OM_uint32 *, /* initiator_time_rec */ 251 OM_uint32 * /* acceptor_time_rec */ 252 ); 253 OM_uint32 (KRB5_CALLCONV *gss_export_sec_context) 254 ( 255 OM_uint32 *, /* minor_status */ 256 gss_ctx_id_t *, /* context_handle */ 257 gss_buffer_t /* interprocess_token */ 258 ); 259 OM_uint32 (KRB5_CALLCONV *gss_import_sec_context) 260 ( 261 OM_uint32 *, /* minor_status */ 262 gss_buffer_t, /* interprocess_token */ 263 gss_ctx_id_t * /* context_handle */ 264 ); 265 OM_uint32 (KRB5_CALLCONV *gss_inquire_cred_by_mech) 266 ( 267 OM_uint32 *, /* minor_status */ 268 gss_cred_id_t, /* cred_handle */ 269 gss_OID, /* mech_type */ 270 gss_name_t *, /* name */ 271 OM_uint32 *, /* initiator_lifetime */ 272 OM_uint32 *, /* acceptor_lifetime */ 273 gss_cred_usage_t * /* cred_usage */ 274 ); 275 OM_uint32 (KRB5_CALLCONV *gss_inquire_names_for_mech) 276 ( 277 OM_uint32 *, /* minor_status */ 278 gss_OID, /* mechanism */ 279 gss_OID_set * /* name_types */ 280 ); 281 OM_uint32 (KRB5_CALLCONV *gss_inquire_context) 282 ( 283 OM_uint32 *, /* minor_status */ 284 gss_ctx_id_t, /* context_handle */ 285 gss_name_t *, /* src_name */ 286 gss_name_t *, /* targ_name */ 287 OM_uint32 *, /* lifetime_rec */ 288 gss_OID *, /* mech_type */ 289 OM_uint32 *, /* ctx_flags */ 290 int *, /* locally_initiated */ 291 int * /* open */ 292 ); 293 OM_uint32 (KRB5_CALLCONV *gss_internal_release_oid) 294 ( 295 OM_uint32 *, /* minor_status */ 296 gss_OID * /* OID */ 297 ); 298 OM_uint32 (KRB5_CALLCONV *gss_wrap_size_limit) 299 ( 300 OM_uint32 *, /* minor_status */ 301 gss_ctx_id_t, /* context_handle */ 302 int, /* conf_req_flag */ 303 gss_qop_t, /* qop_req */ 304 OM_uint32, /* req_output_size */ 305 OM_uint32 * /* max_input_size */ 306 ); 307 OM_uint32 (KRB5_CALLCONV *gss_localname) 308 ( 309 OM_uint32 *, /* minor */ 310 const gss_name_t, /* name */ 311 gss_const_OID, /* mech_type */ 312 gss_buffer_t /* localname */ 313 ); 314 OM_uint32 (KRB5_CALLCONV *gssspi_authorize_localname) 315 ( 316 OM_uint32 *, /* minor_status */ 317 const gss_name_t, /* pname */ 318 gss_const_buffer_t, /* local user */ 319 gss_const_OID /* local nametype */ 320 /* */); 321 OM_uint32 (KRB5_CALLCONV *gss_export_name) 322 ( 323 OM_uint32 *, /* minor_status */ 324 const gss_name_t, /* input_name */ 325 gss_buffer_t /* exported_name */ 326 /* */); 327 OM_uint32 (KRB5_CALLCONV *gss_duplicate_name) 328 ( 329 OM_uint32*, /* minor_status */ 330 const gss_name_t, /* input_name */ 331 gss_name_t * /* output_name */ 332 /* */); 333 OM_uint32 (KRB5_CALLCONV *gss_store_cred) 334 ( 335 OM_uint32 *, /* minor_status */ 336 const gss_cred_id_t, /* input_cred */ 337 gss_cred_usage_t, /* cred_usage */ 338 const gss_OID, /* desired_mech */ 339 OM_uint32, /* overwrite_cred */ 340 OM_uint32, /* default_cred */ 341 gss_OID_set *, /* elements_stored */ 342 gss_cred_usage_t * /* cred_usage_stored */ 343 /* */); 344 345 346 /* GGF extensions */ 347 348 OM_uint32 (KRB5_CALLCONV *gss_inquire_sec_context_by_oid) 349 ( 350 OM_uint32 *, /* minor_status */ 351 const gss_ctx_id_t, /* context_handle */ 352 const gss_OID, /* OID */ 353 gss_buffer_set_t * /* data_set */ 354 ); 355 OM_uint32 (KRB5_CALLCONV *gss_inquire_cred_by_oid) 356 ( 357 OM_uint32 *, /* minor_status */ 358 const gss_cred_id_t, /* cred_handle */ 359 const gss_OID, /* OID */ 360 gss_buffer_set_t * /* data_set */ 361 ); 362 OM_uint32 (KRB5_CALLCONV *gss_set_sec_context_option) 363 ( 364 OM_uint32 *, /* minor_status */ 365 gss_ctx_id_t *, /* context_handle */ 366 const gss_OID, /* OID */ 367 const gss_buffer_t /* value */ 368 ); 369 OM_uint32 (KRB5_CALLCONV *gssspi_set_cred_option) 370 ( 371 OM_uint32 *, /* minor_status */ 372 gss_cred_id_t *, /* cred_handle */ 373 const gss_OID, /* OID */ 374 const gss_buffer_t /* value */ 375 ); 376 OM_uint32 (KRB5_CALLCONV *gssspi_mech_invoke) 377 ( 378 OM_uint32*, /* minor_status */ 379 const gss_OID, /* mech OID */ 380 const gss_OID, /* OID */ 381 gss_buffer_t /* value */ 382 ); 383 384 /* AEAD extensions */ 385 OM_uint32 (KRB5_CALLCONV *gss_wrap_aead) 386 ( 387 OM_uint32 *, /* minor_status */ 388 gss_ctx_id_t, /* context_handle */ 389 int, /* conf_req_flag */ 390 gss_qop_t, /* qop_req */ 391 gss_buffer_t, /* input_assoc_buffer */ 392 gss_buffer_t, /* input_payload_buffer */ 393 int *, /* conf_state */ 394 gss_buffer_t /* output_message_buffer */ 395 /* */); 396 397 OM_uint32 (KRB5_CALLCONV *gss_unwrap_aead) 398 ( 399 OM_uint32 *, /* minor_status */ 400 gss_ctx_id_t, /* context_handle */ 401 gss_buffer_t, /* input_message_buffer */ 402 gss_buffer_t, /* input_assoc_buffer */ 403 gss_buffer_t, /* output_payload_buffer */ 404 int *, /* conf_state */ 405 gss_qop_t * /* qop_state */ 406 /* */); 407 408 /* SSPI extensions */ 409 OM_uint32 (KRB5_CALLCONV *gss_wrap_iov) 410 ( 411 OM_uint32 *, /* minor_status */ 412 gss_ctx_id_t, /* context_handle */ 413 int, /* conf_req_flag */ 414 gss_qop_t, /* qop_req */ 415 int *, /* conf_state */ 416 gss_iov_buffer_desc *, /* iov */ 417 int /* iov_count */ 418 /* */); 419 420 OM_uint32 (KRB5_CALLCONV *gss_unwrap_iov) 421 ( 422 OM_uint32 *, /* minor_status */ 423 gss_ctx_id_t, /* context_handle */ 424 int *, /* conf_state */ 425 gss_qop_t *, /* qop_state */ 426 gss_iov_buffer_desc *, /* iov */ 427 int /* iov_count */ 428 /* */); 429 430 OM_uint32 (KRB5_CALLCONV *gss_wrap_iov_length) 431 ( 432 OM_uint32 *, /* minor_status */ 433 gss_ctx_id_t, /* context_handle */ 434 int, /* conf_req_flag*/ 435 gss_qop_t, /* qop_req */ 436 int *, /* conf_state */ 437 gss_iov_buffer_desc *, /* iov */ 438 int /* iov_count */ 439 /* */); 440 441 OM_uint32 (KRB5_CALLCONV *gss_complete_auth_token) 442 ( 443 OM_uint32*, /* minor_status */ 444 const gss_ctx_id_t, /* context_handle */ 445 gss_buffer_t /* input_message_buffer */ 446 ); 447 448 /* New for 1.8 */ 449 450 OM_uint32 (KRB5_CALLCONV *gss_acquire_cred_impersonate_name) 451 ( 452 OM_uint32 *, /* minor_status */ 453 const gss_cred_id_t, /* impersonator_cred_handle */ 454 const gss_name_t, /* desired_name */ 455 OM_uint32, /* time_req */ 456 const gss_OID_set, /* desired_mechs */ 457 gss_cred_usage_t, /* cred_usage */ 458 gss_cred_id_t *, /* output_cred_handle */ 459 gss_OID_set *, /* actual_mechs */ 460 OM_uint32 * /* time_rec */ 461 /* */); 462 463 OM_uint32 (KRB5_CALLCONV *gss_add_cred_impersonate_name) 464 ( 465 OM_uint32 *, /* minor_status */ 466 gss_cred_id_t, /* input_cred_handle */ 467 const gss_cred_id_t, /* impersonator_cred_handle */ 468 const gss_name_t, /* desired_name */ 469 const gss_OID, /* desired_mech */ 470 gss_cred_usage_t, /* cred_usage */ 471 OM_uint32, /* initiator_time_req */ 472 OM_uint32, /* acceptor_time_req */ 473 gss_cred_id_t *, /* output_cred_handle */ 474 gss_OID_set *, /* actual_mechs */ 475 OM_uint32 *, /* initiator_time_rec */ 476 OM_uint32 * /* acceptor_time_rec */ 477 /* */); 478 479 OM_uint32 (KRB5_CALLCONV *gss_display_name_ext) 480 ( 481 OM_uint32 *, /* minor_status */ 482 gss_name_t, /* name */ 483 gss_OID, /* display_as_name_type */ 484 gss_buffer_t /* display_name */ 485 /* */); 486 487 OM_uint32 (KRB5_CALLCONV *gss_inquire_name) 488 ( 489 OM_uint32 *, /* minor_status */ 490 gss_name_t, /* name */ 491 int *, /* name_is_MN */ 492 gss_OID *, /* MN_mech */ 493 gss_buffer_set_t * /* attrs */ 494 /* */); 495 496 OM_uint32 (KRB5_CALLCONV *gss_get_name_attribute) 497 ( 498 OM_uint32 *, /* minor_status */ 499 gss_name_t, /* name */ 500 gss_buffer_t, /* attr */ 501 int *, /* authenticated */ 502 int *, /* complete */ 503 gss_buffer_t, /* value */ 504 gss_buffer_t, /* display_value */ 505 int * /* more */ 506 /* */); 507 508 OM_uint32 (KRB5_CALLCONV *gss_set_name_attribute) 509 ( 510 OM_uint32 *, /* minor_status */ 511 gss_name_t, /* name */ 512 int, /* complete */ 513 gss_buffer_t, /* attr */ 514 gss_buffer_t /* value */ 515 /* */); 516 517 OM_uint32 (KRB5_CALLCONV *gss_delete_name_attribute) 518 ( 519 OM_uint32 *, /* minor_status */ 520 gss_name_t, /* name */ 521 gss_buffer_t /* attr */ 522 /* */); 523 524 OM_uint32 (KRB5_CALLCONV *gss_export_name_composite) 525 ( 526 OM_uint32 *, /* minor_status */ 527 gss_name_t, /* name */ 528 gss_buffer_t /* exp_composite_name */ 529 /* */); 530 531 OM_uint32 (KRB5_CALLCONV *gss_map_name_to_any) 532 ( 533 OM_uint32 *, /* minor_status */ 534 gss_name_t, /* name */ 535 int, /* authenticated */ 536 gss_buffer_t, /* type_id */ 537 gss_any_t * /* output */ 538 /* */); 539 540 OM_uint32 (KRB5_CALLCONV *gss_release_any_name_mapping) 541 ( 542 OM_uint32 *, /* minor_status */ 543 gss_name_t, /* name */ 544 gss_buffer_t, /* type_id */ 545 gss_any_t * /* input */ 546 /* */); 547 548 OM_uint32 (KRB5_CALLCONV *gss_pseudo_random) 549 ( 550 OM_uint32 *, /* minor_status */ 551 gss_ctx_id_t, /* context */ 552 int, /* prf_key */ 553 const gss_buffer_t, /* prf_in */ 554 ssize_t, /* desired_output_len */ 555 gss_buffer_t /* prf_out */ 556 /* */); 557 558 OM_uint32 (KRB5_CALLCONV *gss_set_neg_mechs) 559 ( 560 OM_uint32 *, /* minor_status */ 561 gss_cred_id_t, /* cred_handle */ 562 const gss_OID_set /* mech_set */ 563 /* */); 564 565 OM_uint32 (KRB5_CALLCONV *gss_inquire_saslname_for_mech) 566 ( 567 OM_uint32 *, /* minor_status */ 568 const gss_OID, /* desired_mech */ 569 gss_buffer_t, /* sasl_mech_name */ 570 gss_buffer_t, /* mech_name */ 571 gss_buffer_t /* mech_description */ 572 /* */); 573 574 OM_uint32 (KRB5_CALLCONV *gss_inquire_mech_for_saslname) 575 ( 576 OM_uint32 *, /* minor_status */ 577 const gss_buffer_t, /* sasl_mech_name */ 578 gss_OID * /* mech_type */ 579 /* */); 580 581 OM_uint32 (KRB5_CALLCONV *gss_inquire_attrs_for_mech) 582 ( 583 OM_uint32 *, /* minor_status */ 584 gss_const_OID, /* mech */ 585 gss_OID_set *, /* mech_attrs */ 586 gss_OID_set * /* known_mech_attrs */ 587 /* */); 588 589 /* Credential store extensions */ 590 591 OM_uint32 (KRB5_CALLCONV *gss_acquire_cred_from) 592 ( 593 OM_uint32 *, /* minor_status */ 594 gss_name_t, /* desired_name */ 595 OM_uint32, /* time_req */ 596 gss_OID_set, /* desired_mechs */ 597 gss_cred_usage_t, /* cred_usage */ 598 gss_const_key_value_set_t, /* cred_store */ 599 gss_cred_id_t *, /* output_cred_handle */ 600 gss_OID_set *, /* actual_mechs */ 601 OM_uint32 * /* time_rec */ 602 /* */); 603 604 OM_uint32 (KRB5_CALLCONV *gss_store_cred_into) 605 ( 606 OM_uint32 *, /* minor_status */ 607 gss_cred_id_t, /* input_cred_handle */ 608 gss_cred_usage_t, /* input_usage */ 609 gss_OID, /* desired_mech */ 610 OM_uint32, /* overwrite_cred */ 611 OM_uint32, /* default_cred */ 612 gss_const_key_value_set_t, /* cred_store */ 613 gss_OID_set *, /* elements_stored */ 614 gss_cred_usage_t * /* cred_usage_stored */ 615 /* */); 616 617 OM_uint32 (KRB5_CALLCONV *gssspi_acquire_cred_with_password) 618 ( 619 OM_uint32 *, /* minor_status */ 620 const gss_name_t, /* desired_name */ 621 const gss_buffer_t, /* password */ 622 OM_uint32, /* time_req */ 623 const gss_OID_set, /* desired_mechs */ 624 int, /* cred_usage */ 625 gss_cred_id_t *, /* output_cred_handle */ 626 gss_OID_set *, /* actual_mechs */ 627 OM_uint32 * /* time_rec */ 628 /* */); 629 630 OM_uint32 (KRB5_CALLCONV *gss_export_cred) 631 ( 632 OM_uint32 *, /* minor_status */ 633 gss_cred_id_t, /* cred_handle */ 634 gss_buffer_t /* token */ 635 /* */); 636 637 OM_uint32 (KRB5_CALLCONV *gss_import_cred) 638 ( 639 OM_uint32 *, /* minor_status */ 640 gss_buffer_t, /* token */ 641 gss_cred_id_t * /* cred_handle */ 642 /* */); 643 644 OM_uint32 (KRB5_CALLCONV *gssspi_import_sec_context_by_mech) 645 ( 646 OM_uint32 *, /* minor_status */ 647 gss_OID, /* desired_mech */ 648 gss_buffer_t, /* interprocess_token */ 649 gss_ctx_id_t * /* context_handle */ 650 /* */); 651 652 OM_uint32 (KRB5_CALLCONV *gssspi_import_name_by_mech) 653 ( 654 OM_uint32 *, /* minor_status */ 655 gss_OID, /* mech_type */ 656 gss_buffer_t, /* input_name_buffer */ 657 gss_OID, /* input_name_type */ 658 gss_name_t* /* output_name */ 659 /* */); 660 661 OM_uint32 (KRB5_CALLCONV *gssspi_import_cred_by_mech) 662 ( 663 OM_uint32 *, /* minor_status */ 664 gss_OID, /* mech_type */ 665 gss_buffer_t, /* token */ 666 gss_cred_id_t * /* cred_handle */ 667 /* */); 668 669 /* get_mic_iov extensions, added in 1.12 */ 670 671 OM_uint32 (KRB5_CALLCONV *gss_get_mic_iov) 672 ( 673 OM_uint32 *, /* minor_status */ 674 gss_ctx_id_t, /* context_handle */ 675 gss_qop_t, /* qop_req */ 676 gss_iov_buffer_desc *, /* iov */ 677 int /* iov_count */ 678 ); 679 680 OM_uint32 (KRB5_CALLCONV *gss_verify_mic_iov) 681 ( 682 OM_uint32 *, /* minor_status */ 683 gss_ctx_id_t, /* context_handle */ 684 gss_qop_t *, /* qop_state */ 685 gss_iov_buffer_desc *, /* iov */ 686 int /* iov_count */ 687 ); 688 689 OM_uint32 (KRB5_CALLCONV *gss_get_mic_iov_length) 690 ( 691 OM_uint32 *, /* minor_status */ 692 gss_ctx_id_t, /* context_handle */ 693 gss_qop_t, /* qop_req */ 694 gss_iov_buffer_desc *, /* iov */ 695 int /* iov_count */ 696 ); 697 698 /* NegoEx extensions added in 1.18 */ 699 700 OM_uint32 (KRB5_CALLCONV *gssspi_query_meta_data) 701 ( 702 OM_uint32 *, /* minor_status */ 703 gss_const_OID, /* mech_oid */ 704 gss_cred_id_t, /* cred_handle */ 705 gss_ctx_id_t *, /* context_handle */ 706 const gss_name_t, /* targ_name */ 707 OM_uint32, /* req_flags */ 708 gss_buffer_t /* meta_data */ 709 /* */); 710 711 OM_uint32 (KRB5_CALLCONV *gssspi_exchange_meta_data) 712 ( 713 OM_uint32 *, /* minor_status */ 714 gss_const_OID, /* mech_oid */ 715 gss_cred_id_t, /* cred_handle */ 716 gss_ctx_id_t *, /* context_handle */ 717 const gss_name_t, /* targ_name */ 718 OM_uint32, /* req_flags */ 719 gss_const_buffer_t /* meta_data */ 720 /* */); 721 722 OM_uint32 (KRB5_CALLCONV *gssspi_query_mechanism_info) 723 ( 724 OM_uint32 *, /* minor_status */ 725 gss_const_OID, /* mech_oid */ 726 unsigned char[16] /* auth_scheme */ 727 /* */); 728 729 } *gss_mechanism; 730 731 /* 732 * In the user space we use a wrapper structure to encompass the 733 * mechanism entry points. The wrapper contain the mechanism 734 * entry points and other data which is only relevant to the gss-api 735 * layer. In the kernel we use only the gss_config structure because 736 * the kernel does not cantain any of the extra gss-api specific data. 737 */ 738 typedef struct gss_mech_config { 739 char *kmodName; /* kernel module name */ 740 char *uLibName; /* user library name */ 741 char *mechNameStr; /* mechanism string name */ 742 char *optionStr; /* optional mech parameters */ 743 void *dl_handle; /* RTLD object handle for the mech */ 744 gss_OID mech_type; /* mechanism oid */ 745 gss_mechanism mech; /* mechanism initialization struct */ 746 int priority; /* mechanism preference order */ 747 int freeMech; /* free mech table */ 748 int is_interposer; /* interposer mechanism flag */ 749 gss_OID int_mech_type; /* points to the interposer OID */ 750 gss_mechanism int_mech; /* points to the interposer mech */ 751 struct gss_mech_config *next; /* next element in the list */ 752 } *gss_mech_info; 753 754 /********************************************************/ 755 /* Internal mechglue routines */ 756 757 OM_uint32 gssint_select_mech_type(OM_uint32 *minor, gss_const_OID in_oid, 758 gss_OID *selected_oid); 759 gss_OID gssint_get_public_oid(gss_const_OID internal_oid); 760 OM_uint32 gssint_make_public_oid_set(OM_uint32 *minor_status, gss_OID oids, 761 int count, gss_OID_set *public_set); 762 gss_mechanism gssint_get_mechanism (gss_const_OID); 763 OM_uint32 gssint_get_mech_type (gss_OID, gss_buffer_t); 764 char *gssint_get_kmodName(const gss_OID); 765 char *gssint_get_modOptions(const gss_OID); 766 OM_uint32 gssint_import_internal_name (OM_uint32 *, gss_OID, gss_union_name_t, 767 gss_name_t *); 768 OM_uint32 gssint_export_internal_name(OM_uint32 *, const gss_OID, 769 const gss_name_t, gss_buffer_t); 770 OM_uint32 gssint_display_internal_name (OM_uint32 *, gss_OID, gss_name_t, 771 gss_buffer_t, gss_OID *); 772 OM_uint32 gssint_release_internal_name (OM_uint32 *, gss_OID, gss_name_t *); 773 OM_uint32 gssint_delete_internal_sec_context (OM_uint32 *, gss_OID, 774 gss_ctx_id_t *, gss_buffer_t); 775 #ifdef _GSS_STATIC_LINK 776 int gssint_register_mechinfo(gss_mech_info template); 777 #endif 778 779 OM_uint32 gssint_convert_name_to_union_name 780 (OM_uint32 *, /* minor_status */ 781 gss_mechanism, /* mech */ 782 gss_name_t, /* internal_name */ 783 gss_name_t * /* external_name */ 784 ); 785 gss_cred_id_t gssint_get_mechanism_cred 786 (gss_union_cred_t, /* union_cred */ 787 gss_OID /* mech_type */ 788 ); 789 790 OM_uint32 gssint_create_copy_buffer( 791 const gss_buffer_t, /* src buffer */ 792 gss_buffer_t *, /* destination buffer */ 793 int /* NULL terminate buffer ? */ 794 ); 795 796 OM_uint32 gssint_create_union_context( 797 OM_uint32 *minor, /* minor_status */ 798 gss_const_OID, /* mech_oid */ 799 gss_union_ctx_id_t * /* ctx_out */ 800 ); 801 802 /* 803 * Sun extensions to GSS-API v2 804 */ 805 806 OM_uint32 807 gssint_wrap_aead (gss_mechanism, /* mech */ 808 OM_uint32 *, /* minor_status */ 809 gss_union_ctx_id_t, /* ctx */ 810 int, /* conf_req_flag */ 811 gss_qop_t, /* qop_req_flag */ 812 gss_buffer_t, /* input_assoc_buffer */ 813 gss_buffer_t, /* input_payload_buffer */ 814 int *, /* conf_state */ 815 gss_buffer_t); /* output_message_buffer */ 816 OM_uint32 817 gssint_unwrap_aead (gss_mechanism, /* mech */ 818 OM_uint32 *, /* minor_status */ 819 gss_union_ctx_id_t, /* ctx */ 820 gss_buffer_t, /* input_message_buffer */ 821 gss_buffer_t, /* input_assoc_buffer */ 822 gss_buffer_t, /* output_payload_buffer */ 823 int *, /* conf_state */ 824 gss_qop_t *); /* qop_state */ 825 826 827 /* Use this to map an error code that was returned from a mech 828 operation; the mech will be asked to produce the associated error 829 messages. 830 831 Remember that if the minor status code cannot be returned to the 832 caller (e.g., if it's stuffed in an automatic variable and then 833 ignored), then we don't care about producing a mapping. */ 834 #define map_error(MINORP, MECH) \ 835 (*(MINORP) = gssint_mecherrmap_map(*(MINORP), &(MECH)->mech_type)) 836 #define map_error_oid(MINORP, MECHOID) \ 837 (*(MINORP) = gssint_mecherrmap_map(*(MINORP), (MECHOID))) 838 839 /* Use this to map an errno value or com_err error code being 840 generated within the mechglue code (e.g., by calling generic oid 841 ops). Any errno or com_err values produced by mech operations 842 should be processed with map_error. This means they'll be stored 843 separately even if the mech uses com_err, because we can't assume 844 that it will use com_err. */ 845 #define map_errcode(MINORP) \ 846 (*(MINORP) = gssint_mecherrmap_map_errcode(*(MINORP))) 847 848 #endif /* _GSS_MECHGLUEP_H */ 849