xref: /freebsd/crypto/krb5/src/include/gssrpc/auth_gssapi.h (revision 7f2fe78b9dd5f51c821d771b63d2e096f6fd49e9) 
1 /* include/gssrpc/auth_gssapi.h - GSS-API style auth parameters for RPC */
2 /*
3  * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved.
4  */
5 
6 #ifndef GSSRPC_AUTH_GSSAPI_H
7 #define GSSRPC_AUTH_GSSAPI_H
8 
9 GSSRPC__BEGIN_DECLS
10 
11 #define AUTH_GSSAPI_EXIT		0
12 #define AUTH_GSSAPI_INIT 		1
13 #define AUTH_GSSAPI_CONTINUE_INIT 	2
14 #define AUTH_GSSAPI_MSG 		3
15 #define AUTH_GSSAPI_DESTROY 		4
16 
17 /*
18  * Yuck.  Some sys/types.h files leak symbols
19  */
20 #ifdef major
21 #undef major
22 #endif
23 #ifdef minor
24 #undef minor
25 #endif
26 
27 typedef struct _auth_gssapi_name {
28      char *name;
29      gss_OID type;
30 } auth_gssapi_name;
31 
32 typedef struct _auth_gssapi_creds {
33      uint32_t version;
34      bool_t auth_msg;
35      gss_buffer_desc client_handle;
36 } auth_gssapi_creds;
37 
38 typedef struct _auth_gssapi_init_arg {
39      uint32_t version;
40      gss_buffer_desc token;
41 } auth_gssapi_init_arg;
42 
43 typedef struct _auth_gssapi_init_res {
44      uint32_t version;
45      gss_buffer_desc client_handle;
46      OM_uint32 gss_major, gss_minor;
47      gss_buffer_desc token;
48      gss_buffer_desc signed_isn;
49 } auth_gssapi_init_res;
50 
51 typedef void (*auth_gssapi_log_badauth_func)
52      (OM_uint32 major,
53 		OM_uint32 minor,
54 		struct sockaddr_in *raddr,
55 		caddr_t data);
56 
57 /* auth_gssapi_log_badauth_func is IPv4-specific; this version gives the
58  * transport handle so the fd can be used to get the address. */
59 typedef void (*auth_gssapi_log_badauth2_func)
60      (OM_uint32 major,
61 		OM_uint32 minor,
62 		SVCXPRT *xprt,
63 		caddr_t data);
64 
65 typedef void (*auth_gssapi_log_badverf_func)
66      (gss_name_t client,
67 		gss_name_t server,
68 		struct svc_req *rqst,
69 		struct rpc_msg *msg,
70 		caddr_t data);
71 
72 typedef void (*auth_gssapi_log_miscerr_func)
73      (struct svc_req *rqst,
74 		struct rpc_msg *msg,
75 		char *error,
76 		caddr_t data);
77 
78 bool_t xdr_gss_buf(XDR *, gss_buffer_t);
79 bool_t xdr_authgssapi_creds(XDR *, auth_gssapi_creds *);
80 bool_t xdr_authgssapi_init_arg(XDR *, auth_gssapi_init_arg *);
81 bool_t xdr_authgssapi_init_res(XDR *, auth_gssapi_init_res *);
82 
83 bool_t auth_gssapi_wrap_data
84 (OM_uint32 *major, OM_uint32 *minor,
85 	   gss_ctx_id_t context, uint32_t seq_num, XDR
86 	   *out_xdrs, bool_t (*xdr_func)(), caddr_t
87 	   xdr_ptr);
88 bool_t auth_gssapi_unwrap_data
89 (OM_uint32 *major, OM_uint32 *minor,
90 	   gss_ctx_id_t context, uint32_t seq_num, XDR
91 	   *in_xdrs, bool_t (*xdr_func)(), caddr_t
92 	   xdr_ptr);
93 
94 AUTH *auth_gssapi_create
95 (CLIENT *clnt,
96 	   OM_uint32 *major_status,
97 	   OM_uint32 *minor_status,
98 	   gss_cred_id_t claimant_cred_handle,
99 	   gss_name_t target_name,
100 	   gss_OID mech_type,
101 	   OM_uint32 req_flags,
102 	   OM_uint32 time_req,
103 	   gss_OID *actual_mech_type,
104 	   OM_uint32 *ret_flags,
105 	   OM_uint32 *time_rec);
106 
107 AUTH *auth_gssapi_create_default
108 (CLIENT *clnt, char *service_name);
109 
110 void auth_gssapi_display_status
111 (char *msg, OM_uint32 major,
112 	   OM_uint32 minor);
113 
114 bool_t auth_gssapi_seal_seq
115 (gss_ctx_id_t context, uint32_t seq_num, gss_buffer_t out_buf);
116 
117 bool_t auth_gssapi_unseal_seq
118 (gss_ctx_id_t context, gss_buffer_t in_buf, uint32_t *seq_num);
119 
120 bool_t svcauth_gssapi_set_names
121 (auth_gssapi_name *names, int num);
122 void svcauth_gssapi_unset_names
123 (void);
124 
125 void svcauth_gssapi_set_log_badauth_func
126 (auth_gssapi_log_badauth_func func,
127 	   caddr_t data);
128 void svcauth_gssapi_set_log_badauth2_func
129 (auth_gssapi_log_badauth2_func func,
130 	   caddr_t data);
131 void svcauth_gssapi_set_log_badverf_func
132 (auth_gssapi_log_badverf_func func,
133 	   caddr_t data);
134 void svcauth_gssapi_set_log_miscerr_func
135 (auth_gssapi_log_miscerr_func func,
136 	   caddr_t data);
137 
138 void svcauth_gss_set_log_badauth_func(auth_gssapi_log_badauth_func,
139 				      caddr_t);
140 void svcauth_gss_set_log_badauth2_func(auth_gssapi_log_badauth2_func,
141 				       caddr_t);
142 void svcauth_gss_set_log_badverf_func(auth_gssapi_log_badverf_func,
143 				      caddr_t);
144 void svcauth_gss_set_log_miscerr_func(auth_gssapi_log_miscerr_func,
145 				      caddr_t data);
146 
147 #define GSS_COPY_BUFFER(dest, src) { \
148      (dest).length = (src).length; \
149      (dest).value = (src).value; }
150 
151 #define GSS_DUP_BUFFER(dest, src) { \
152      (dest).length = (src).length; \
153      (dest).value = (void *) malloc((dest).length); \
154      memcpy((dest).value, (src).value, (dest).length); }
155 
156 #define GSS_BUFFERS_EQUAL(b1, b2) (((b1).length == (b2).length) && \
157 				   !memcmp((b1).value,(b2).value,(b1.length)))
158 
159 
160 GSSRPC__END_DECLS
161 
162 #endif /* !defined(GSSRPC_AUTH_GSSAPI_H) */
163