1 /* include/gssrpc/auth_gssapi.h - GSS-API style auth parameters for RPC */ 2 /* 3 * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved. 4 */ 5 6 #ifndef GSSRPC_AUTH_GSSAPI_H 7 #define GSSRPC_AUTH_GSSAPI_H 8 9 GSSRPC__BEGIN_DECLS 10 11 #define AUTH_GSSAPI_EXIT 0 12 #define AUTH_GSSAPI_INIT 1 13 #define AUTH_GSSAPI_CONTINUE_INIT 2 14 #define AUTH_GSSAPI_MSG 3 15 #define AUTH_GSSAPI_DESTROY 4 16 17 /* 18 * Yuck. Some sys/types.h files leak symbols 19 */ 20 #ifdef major 21 #undef major 22 #endif 23 #ifdef minor 24 #undef minor 25 #endif 26 27 typedef struct _auth_gssapi_name { 28 char *name; 29 gss_OID type; 30 } auth_gssapi_name; 31 32 typedef struct _auth_gssapi_creds { 33 uint32_t version; 34 bool_t auth_msg; 35 gss_buffer_desc client_handle; 36 } auth_gssapi_creds; 37 38 typedef struct _auth_gssapi_init_arg { 39 uint32_t version; 40 gss_buffer_desc token; 41 } auth_gssapi_init_arg; 42 43 typedef struct _auth_gssapi_init_res { 44 uint32_t version; 45 gss_buffer_desc client_handle; 46 OM_uint32 gss_major, gss_minor; 47 gss_buffer_desc token; 48 gss_buffer_desc signed_isn; 49 } auth_gssapi_init_res; 50 51 typedef void (*auth_gssapi_log_badauth_func) 52 (OM_uint32 major, 53 OM_uint32 minor, 54 struct sockaddr_in *raddr, 55 caddr_t data); 56 57 /* auth_gssapi_log_badauth_func is IPv4-specific; this version gives the 58 * transport handle so the fd can be used to get the address. */ 59 typedef void (*auth_gssapi_log_badauth2_func) 60 (OM_uint32 major, 61 OM_uint32 minor, 62 SVCXPRT *xprt, 63 caddr_t data); 64 65 typedef void (*auth_gssapi_log_badverf_func) 66 (gss_name_t client, 67 gss_name_t server, 68 struct svc_req *rqst, 69 struct rpc_msg *msg, 70 caddr_t data); 71 72 typedef void (*auth_gssapi_log_miscerr_func) 73 (struct svc_req *rqst, 74 struct rpc_msg *msg, 75 char *error, 76 caddr_t data); 77 78 bool_t xdr_gss_buf(XDR *, gss_buffer_t); 79 bool_t xdr_authgssapi_creds(XDR *, auth_gssapi_creds *); 80 bool_t xdr_authgssapi_init_arg(XDR *, auth_gssapi_init_arg *); 81 bool_t xdr_authgssapi_init_res(XDR *, auth_gssapi_init_res *); 82 83 bool_t auth_gssapi_wrap_data 84 (OM_uint32 *major, OM_uint32 *minor, 85 gss_ctx_id_t context, uint32_t seq_num, 86 XDR *out_xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr); 87 bool_t auth_gssapi_unwrap_data 88 (OM_uint32 *major, OM_uint32 *minor, 89 gss_ctx_id_t context, uint32_t seq_num, 90 XDR *in_xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr); 91 92 AUTH *auth_gssapi_create 93 (CLIENT *clnt, 94 OM_uint32 *major_status, 95 OM_uint32 *minor_status, 96 gss_cred_id_t claimant_cred_handle, 97 gss_name_t target_name, 98 gss_OID mech_type, 99 OM_uint32 req_flags, 100 OM_uint32 time_req, 101 gss_OID *actual_mech_type, 102 OM_uint32 *ret_flags, 103 OM_uint32 *time_rec); 104 105 AUTH *auth_gssapi_create_default 106 (CLIENT *clnt, char *service_name); 107 108 void auth_gssapi_display_status 109 (char *msg, OM_uint32 major, 110 OM_uint32 minor); 111 112 bool_t auth_gssapi_seal_seq 113 (gss_ctx_id_t context, uint32_t seq_num, gss_buffer_t out_buf); 114 115 bool_t auth_gssapi_unseal_seq 116 (gss_ctx_id_t context, gss_buffer_t in_buf, uint32_t *seq_num); 117 118 bool_t svcauth_gssapi_set_names 119 (auth_gssapi_name *names, int num); 120 void svcauth_gssapi_unset_names 121 (void); 122 123 void svcauth_gssapi_set_log_badauth_func 124 (auth_gssapi_log_badauth_func func, 125 caddr_t data); 126 void svcauth_gssapi_set_log_badauth2_func 127 (auth_gssapi_log_badauth2_func func, 128 caddr_t data); 129 void svcauth_gssapi_set_log_badverf_func 130 (auth_gssapi_log_badverf_func func, 131 caddr_t data); 132 void svcauth_gssapi_set_log_miscerr_func 133 (auth_gssapi_log_miscerr_func func, 134 caddr_t data); 135 136 void svcauth_gss_set_log_badauth_func(auth_gssapi_log_badauth_func, 137 caddr_t); 138 void svcauth_gss_set_log_badauth2_func(auth_gssapi_log_badauth2_func, 139 caddr_t); 140 void svcauth_gss_set_log_badverf_func(auth_gssapi_log_badverf_func, 141 caddr_t); 142 void svcauth_gss_set_log_miscerr_func(auth_gssapi_log_miscerr_func, 143 caddr_t data); 144 145 #define GSS_COPY_BUFFER(dest, src) { \ 146 (dest).length = (src).length; \ 147 (dest).value = (src).value; } 148 149 #define GSS_DUP_BUFFER(dest, src) { \ 150 (dest).length = (src).length; \ 151 (dest).value = (void *) malloc((dest).length); \ 152 memcpy((dest).value, (src).value, (dest).length); } 153 154 #define GSS_BUFFERS_EQUAL(b1, b2) (((b1).length == (b2).length) && \ 155 !memcmp((b1).value,(b2).value,(b1.length))) 156 157 158 GSSRPC__END_DECLS 159 160 #endif /* !defined(GSSRPC_AUTH_GSSAPI_H) */ 161