1 /* lib/gssapi/mechglue/mglueP.h */ 2 3 /* 4 * Copyright (c) 1995, by Sun Microsystems, Inc. 5 * All rights reserved. 6 */ 7 8 /* This header contains the private mechglue definitions. */ 9 10 #ifndef _GSS_MECHGLUEP_H 11 #define _GSS_MECHGLUEP_H 12 13 #include "autoconf.h" 14 #include "mechglue.h" 15 #include "gssapiP_generic.h" 16 17 #define g_OID_copy(o1, o2) \ 18 do { \ 19 memcpy((o1)->elements, (o2)->elements, (o2)->length); \ 20 (o1)->length = (o2)->length; \ 21 } while (0) 22 23 /* 24 * Array of context IDs typed by mechanism OID 25 */ 26 typedef struct gss_union_ctx_id_struct { 27 struct gss_union_ctx_id_struct *loopback; 28 gss_OID mech_type; 29 gss_ctx_id_t internal_ctx_id; 30 } gss_union_ctx_id_desc, *gss_union_ctx_id_t; 31 32 /* 33 * Generic GSSAPI names. A name can either be a generic name, or a 34 * mechanism specific name.... 35 */ 36 typedef struct gss_name_struct { 37 struct gss_name_struct *loopback; 38 gss_OID name_type; 39 gss_buffer_t external_name; 40 /* 41 * These last two fields are only filled in for mechanism 42 * names. 43 */ 44 gss_OID mech_type; 45 gss_name_t mech_name; 46 } gss_union_name_desc, *gss_union_name_t; 47 48 /* 49 * Structure for holding list of mechanism-specific name types 50 */ 51 typedef struct gss_mech_spec_name_t { 52 gss_OID name_type; 53 gss_OID mech; 54 struct gss_mech_spec_name_t *next, *prev; 55 } gss_mech_spec_name_desc, *gss_mech_spec_name; 56 57 /* 58 * Set of Credentials typed on mechanism OID 59 */ 60 typedef struct gss_cred_id_struct { 61 struct gss_cred_id_struct *loopback; 62 int count; 63 gss_OID mechs_array; 64 gss_cred_id_t *cred_array; 65 } gss_union_cred_desc, *gss_union_cred_t; 66 67 /* 68 * Rudimentary pointer validation macro to check whether the 69 * "loopback" field of an opaque struct points back to itself. This 70 * field also catches some programming errors where an opaque pointer 71 * is passed to a function expecting the address of the opaque 72 * pointer. 73 */ 74 #define GSSINT_CHK_LOOP(p) (!((p) != NULL && (p)->loopback == (p))) 75 76 /********************************************************/ 77 /* The Mechanism Dispatch Table -- a mechanism needs to */ 78 /* define one of these and provide a function to return */ 79 /* it to initialize the GSSAPI library */ 80 int gssint_mechglue_initialize_library(void); 81 82 OM_uint32 gssint_get_mech_type_oid(gss_OID OID, gss_buffer_t token); 83 84 /* 85 * This table is used to access mechanism-specific versions of the GSSAPI 86 * functions. It contains all of the functions defined in gssapi.h except for 87 * gss_release_buffer() and gss_release_oid_set(), which are assumed to be 88 * identical across mechanisms. 89 */ 90 typedef struct gss_config { 91 gss_OID_desc mech_type; 92 void * context; 93 OM_uint32 (KRB5_CALLCONV *gss_acquire_cred) 94 ( 95 OM_uint32*, /* minor_status */ 96 gss_name_t, /* desired_name */ 97 OM_uint32, /* time_req */ 98 gss_OID_set, /* desired_mechs */ 99 int, /* cred_usage */ 100 gss_cred_id_t*, /* output_cred_handle */ 101 gss_OID_set*, /* actual_mechs */ 102 OM_uint32* /* time_rec */ 103 ); 104 OM_uint32 (KRB5_CALLCONV *gss_release_cred) 105 ( 106 OM_uint32*, /* minor_status */ 107 gss_cred_id_t* /* cred_handle */ 108 ); 109 OM_uint32 (KRB5_CALLCONV *gss_init_sec_context) 110 ( 111 OM_uint32*, /* minor_status */ 112 gss_cred_id_t, /* claimant_cred_handle */ 113 gss_ctx_id_t*, /* context_handle */ 114 gss_name_t, /* target_name */ 115 gss_OID, /* mech_type */ 116 OM_uint32, /* req_flags */ 117 OM_uint32, /* time_req */ 118 gss_channel_bindings_t, /* input_chan_bindings */ 119 gss_buffer_t, /* input_token */ 120 gss_OID*, /* actual_mech_type */ 121 gss_buffer_t, /* output_token */ 122 OM_uint32*, /* ret_flags */ 123 OM_uint32* /* time_rec */ 124 ); 125 OM_uint32 (KRB5_CALLCONV *gss_accept_sec_context) 126 ( 127 OM_uint32*, /* minor_status */ 128 gss_ctx_id_t*, /* context_handle */ 129 gss_cred_id_t, /* verifier_cred_handle */ 130 gss_buffer_t, /* input_token_buffer */ 131 gss_channel_bindings_t, /* input_chan_bindings */ 132 gss_name_t*, /* src_name */ 133 gss_OID*, /* mech_type */ 134 gss_buffer_t, /* output_token */ 135 OM_uint32*, /* ret_flags */ 136 OM_uint32*, /* time_rec */ 137 gss_cred_id_t* /* delegated_cred_handle */ 138 ); 139 OM_uint32 (KRB5_CALLCONV *gss_process_context_token) 140 ( 141 OM_uint32*, /* minor_status */ 142 gss_ctx_id_t, /* context_handle */ 143 gss_buffer_t /* token_buffer */ 144 ); 145 OM_uint32 (KRB5_CALLCONV *gss_delete_sec_context) 146 ( 147 OM_uint32*, /* minor_status */ 148 gss_ctx_id_t*, /* context_handle */ 149 gss_buffer_t /* output_token */ 150 ); 151 OM_uint32 (KRB5_CALLCONV *gss_context_time) 152 ( 153 OM_uint32*, /* minor_status */ 154 gss_ctx_id_t, /* context_handle */ 155 OM_uint32* /* time_rec */ 156 ); 157 OM_uint32 (KRB5_CALLCONV *gss_get_mic) 158 ( 159 OM_uint32*, /* minor_status */ 160 gss_ctx_id_t, /* context_handle */ 161 gss_qop_t, /* qop_req */ 162 gss_buffer_t, /* message_buffer */ 163 gss_buffer_t /* message_token */ 164 ); 165 OM_uint32 (KRB5_CALLCONV *gss_verify_mic) 166 ( 167 OM_uint32*, /* minor_status */ 168 gss_ctx_id_t, /* context_handle */ 169 gss_buffer_t, /* message_buffer */ 170 gss_buffer_t, /* token_buffer */ 171 gss_qop_t* /* qop_state */ 172 ); 173 OM_uint32 (KRB5_CALLCONV *gss_wrap) 174 ( 175 OM_uint32*, /* minor_status */ 176 gss_ctx_id_t, /* context_handle */ 177 int, /* conf_req_flag */ 178 gss_qop_t, /* qop_req */ 179 gss_buffer_t, /* input_message_buffer */ 180 int*, /* conf_state */ 181 gss_buffer_t /* output_message_buffer */ 182 ); 183 OM_uint32 (KRB5_CALLCONV *gss_unwrap) 184 ( 185 OM_uint32*, /* minor_status */ 186 gss_ctx_id_t, /* context_handle */ 187 gss_buffer_t, /* input_message_buffer */ 188 gss_buffer_t, /* output_message_buffer */ 189 int*, /* conf_state */ 190 gss_qop_t* /* qop_state */ 191 ); 192 OM_uint32 (KRB5_CALLCONV *gss_display_status) 193 ( 194 OM_uint32*, /* minor_status */ 195 OM_uint32, /* status_value */ 196 int, /* status_type */ 197 gss_OID, /* mech_type */ 198 OM_uint32*, /* message_context */ 199 gss_buffer_t /* status_string */ 200 ); 201 OM_uint32 (KRB5_CALLCONV *gss_indicate_mechs) 202 ( 203 OM_uint32*, /* minor_status */ 204 gss_OID_set* /* mech_set */ 205 ); 206 OM_uint32 (KRB5_CALLCONV *gss_compare_name) 207 ( 208 OM_uint32*, /* minor_status */ 209 gss_name_t, /* name1 */ 210 gss_name_t, /* name2 */ 211 int* /* name_equal */ 212 ); 213 OM_uint32 (KRB5_CALLCONV *gss_display_name) 214 ( 215 OM_uint32*, /* minor_status */ 216 gss_name_t, /* input_name */ 217 gss_buffer_t, /* output_name_buffer */ 218 gss_OID* /* output_name_type */ 219 ); 220 OM_uint32 (KRB5_CALLCONV *gss_import_name) 221 ( 222 OM_uint32*, /* minor_status */ 223 gss_buffer_t, /* input_name_buffer */ 224 gss_OID, /* input_name_type */ 225 gss_name_t* /* output_name */ 226 ); 227 OM_uint32 (KRB5_CALLCONV *gss_release_name) 228 ( 229 OM_uint32*, /* minor_status */ 230 gss_name_t* /* input_name */ 231 ); 232 OM_uint32 (KRB5_CALLCONV *gss_inquire_cred) 233 ( 234 OM_uint32 *, /* minor_status */ 235 gss_cred_id_t, /* cred_handle */ 236 gss_name_t *, /* name */ 237 OM_uint32 *, /* lifetime */ 238 int *, /* cred_usage */ 239 gss_OID_set * /* mechanisms */ 240 ); 241 OM_uint32 (KRB5_CALLCONV *gss_add_cred) 242 ( 243 OM_uint32 *, /* minor_status */ 244 gss_cred_id_t, /* input_cred_handle */ 245 gss_name_t, /* desired_name */ 246 gss_OID, /* desired_mech */ 247 gss_cred_usage_t, /* cred_usage */ 248 OM_uint32, /* initiator_time_req */ 249 OM_uint32, /* acceptor_time_req */ 250 gss_cred_id_t *, /* output_cred_handle */ 251 gss_OID_set *, /* actual_mechs */ 252 OM_uint32 *, /* initiator_time_rec */ 253 OM_uint32 * /* acceptor_time_rec */ 254 ); 255 OM_uint32 (KRB5_CALLCONV *gss_export_sec_context) 256 ( 257 OM_uint32 *, /* minor_status */ 258 gss_ctx_id_t *, /* context_handle */ 259 gss_buffer_t /* interprocess_token */ 260 ); 261 OM_uint32 (KRB5_CALLCONV *gss_import_sec_context) 262 ( 263 OM_uint32 *, /* minor_status */ 264 gss_buffer_t, /* interprocess_token */ 265 gss_ctx_id_t * /* context_handle */ 266 ); 267 OM_uint32 (KRB5_CALLCONV *gss_inquire_cred_by_mech) 268 ( 269 OM_uint32 *, /* minor_status */ 270 gss_cred_id_t, /* cred_handle */ 271 gss_OID, /* mech_type */ 272 gss_name_t *, /* name */ 273 OM_uint32 *, /* initiator_lifetime */ 274 OM_uint32 *, /* acceptor_lifetime */ 275 gss_cred_usage_t * /* cred_usage */ 276 ); 277 OM_uint32 (KRB5_CALLCONV *gss_inquire_names_for_mech) 278 ( 279 OM_uint32 *, /* minor_status */ 280 gss_OID, /* mechanism */ 281 gss_OID_set * /* name_types */ 282 ); 283 OM_uint32 (KRB5_CALLCONV *gss_inquire_context) 284 ( 285 OM_uint32 *, /* minor_status */ 286 gss_ctx_id_t, /* context_handle */ 287 gss_name_t *, /* src_name */ 288 gss_name_t *, /* targ_name */ 289 OM_uint32 *, /* lifetime_rec */ 290 gss_OID *, /* mech_type */ 291 OM_uint32 *, /* ctx_flags */ 292 int *, /* locally_initiated */ 293 int * /* open */ 294 ); 295 OM_uint32 (KRB5_CALLCONV *gss_internal_release_oid) 296 ( 297 OM_uint32 *, /* minor_status */ 298 gss_OID * /* OID */ 299 ); 300 OM_uint32 (KRB5_CALLCONV *gss_wrap_size_limit) 301 ( 302 OM_uint32 *, /* minor_status */ 303 gss_ctx_id_t, /* context_handle */ 304 int, /* conf_req_flag */ 305 gss_qop_t, /* qop_req */ 306 OM_uint32, /* req_output_size */ 307 OM_uint32 * /* max_input_size */ 308 ); 309 OM_uint32 (KRB5_CALLCONV *gss_localname) 310 ( 311 OM_uint32 *, /* minor */ 312 const gss_name_t, /* name */ 313 gss_const_OID, /* mech_type */ 314 gss_buffer_t /* localname */ 315 ); 316 OM_uint32 (KRB5_CALLCONV *gssspi_authorize_localname) 317 ( 318 OM_uint32 *, /* minor_status */ 319 const gss_name_t, /* pname */ 320 gss_const_buffer_t, /* local user */ 321 gss_const_OID /* local nametype */ 322 /* */); 323 OM_uint32 (KRB5_CALLCONV *gss_export_name) 324 ( 325 OM_uint32 *, /* minor_status */ 326 const gss_name_t, /* input_name */ 327 gss_buffer_t /* exported_name */ 328 /* */); 329 OM_uint32 (KRB5_CALLCONV *gss_duplicate_name) 330 ( 331 OM_uint32*, /* minor_status */ 332 const gss_name_t, /* input_name */ 333 gss_name_t * /* output_name */ 334 /* */); 335 OM_uint32 (KRB5_CALLCONV *gss_store_cred) 336 ( 337 OM_uint32 *, /* minor_status */ 338 const gss_cred_id_t, /* input_cred */ 339 gss_cred_usage_t, /* cred_usage */ 340 const gss_OID, /* desired_mech */ 341 OM_uint32, /* overwrite_cred */ 342 OM_uint32, /* default_cred */ 343 gss_OID_set *, /* elements_stored */ 344 gss_cred_usage_t * /* cred_usage_stored */ 345 /* */); 346 347 348 /* GGF extensions */ 349 350 OM_uint32 (KRB5_CALLCONV *gss_inquire_sec_context_by_oid) 351 ( 352 OM_uint32 *, /* minor_status */ 353 const gss_ctx_id_t, /* context_handle */ 354 const gss_OID, /* OID */ 355 gss_buffer_set_t * /* data_set */ 356 ); 357 OM_uint32 (KRB5_CALLCONV *gss_inquire_cred_by_oid) 358 ( 359 OM_uint32 *, /* minor_status */ 360 const gss_cred_id_t, /* cred_handle */ 361 const gss_OID, /* OID */ 362 gss_buffer_set_t * /* data_set */ 363 ); 364 OM_uint32 (KRB5_CALLCONV *gss_set_sec_context_option) 365 ( 366 OM_uint32 *, /* minor_status */ 367 gss_ctx_id_t *, /* context_handle */ 368 const gss_OID, /* OID */ 369 const gss_buffer_t /* value */ 370 ); 371 OM_uint32 (KRB5_CALLCONV *gssspi_set_cred_option) 372 ( 373 OM_uint32 *, /* minor_status */ 374 gss_cred_id_t *, /* cred_handle */ 375 const gss_OID, /* OID */ 376 const gss_buffer_t /* value */ 377 ); 378 OM_uint32 (KRB5_CALLCONV *gssspi_mech_invoke) 379 ( 380 OM_uint32*, /* minor_status */ 381 const gss_OID, /* mech OID */ 382 const gss_OID, /* OID */ 383 gss_buffer_t /* value */ 384 ); 385 386 /* AEAD extensions */ 387 OM_uint32 (KRB5_CALLCONV *gss_wrap_aead) 388 ( 389 OM_uint32 *, /* minor_status */ 390 gss_ctx_id_t, /* context_handle */ 391 int, /* conf_req_flag */ 392 gss_qop_t, /* qop_req */ 393 gss_buffer_t, /* input_assoc_buffer */ 394 gss_buffer_t, /* input_payload_buffer */ 395 int *, /* conf_state */ 396 gss_buffer_t /* output_message_buffer */ 397 /* */); 398 399 OM_uint32 (KRB5_CALLCONV *gss_unwrap_aead) 400 ( 401 OM_uint32 *, /* minor_status */ 402 gss_ctx_id_t, /* context_handle */ 403 gss_buffer_t, /* input_message_buffer */ 404 gss_buffer_t, /* input_assoc_buffer */ 405 gss_buffer_t, /* output_payload_buffer */ 406 int *, /* conf_state */ 407 gss_qop_t * /* qop_state */ 408 /* */); 409 410 /* SSPI extensions */ 411 OM_uint32 (KRB5_CALLCONV *gss_wrap_iov) 412 ( 413 OM_uint32 *, /* minor_status */ 414 gss_ctx_id_t, /* context_handle */ 415 int, /* conf_req_flag */ 416 gss_qop_t, /* qop_req */ 417 int *, /* conf_state */ 418 gss_iov_buffer_desc *, /* iov */ 419 int /* iov_count */ 420 /* */); 421 422 OM_uint32 (KRB5_CALLCONV *gss_unwrap_iov) 423 ( 424 OM_uint32 *, /* minor_status */ 425 gss_ctx_id_t, /* context_handle */ 426 int *, /* conf_state */ 427 gss_qop_t *, /* qop_state */ 428 gss_iov_buffer_desc *, /* iov */ 429 int /* iov_count */ 430 /* */); 431 432 OM_uint32 (KRB5_CALLCONV *gss_wrap_iov_length) 433 ( 434 OM_uint32 *, /* minor_status */ 435 gss_ctx_id_t, /* context_handle */ 436 int, /* conf_req_flag*/ 437 gss_qop_t, /* qop_req */ 438 int *, /* conf_state */ 439 gss_iov_buffer_desc *, /* iov */ 440 int /* iov_count */ 441 /* */); 442 443 OM_uint32 (KRB5_CALLCONV *gss_complete_auth_token) 444 ( 445 OM_uint32*, /* minor_status */ 446 const gss_ctx_id_t, /* context_handle */ 447 gss_buffer_t /* input_message_buffer */ 448 ); 449 450 /* New for 1.8 */ 451 452 OM_uint32 (KRB5_CALLCONV *gss_acquire_cred_impersonate_name) 453 ( 454 OM_uint32 *, /* minor_status */ 455 const gss_cred_id_t, /* impersonator_cred_handle */ 456 const gss_name_t, /* desired_name */ 457 OM_uint32, /* time_req */ 458 const gss_OID_set, /* desired_mechs */ 459 gss_cred_usage_t, /* cred_usage */ 460 gss_cred_id_t *, /* output_cred_handle */ 461 gss_OID_set *, /* actual_mechs */ 462 OM_uint32 * /* time_rec */ 463 /* */); 464 465 OM_uint32 (KRB5_CALLCONV *gss_add_cred_impersonate_name) 466 ( 467 OM_uint32 *, /* minor_status */ 468 gss_cred_id_t, /* input_cred_handle */ 469 const gss_cred_id_t, /* impersonator_cred_handle */ 470 const gss_name_t, /* desired_name */ 471 const gss_OID, /* desired_mech */ 472 gss_cred_usage_t, /* cred_usage */ 473 OM_uint32, /* initiator_time_req */ 474 OM_uint32, /* acceptor_time_req */ 475 gss_cred_id_t *, /* output_cred_handle */ 476 gss_OID_set *, /* actual_mechs */ 477 OM_uint32 *, /* initiator_time_rec */ 478 OM_uint32 * /* acceptor_time_rec */ 479 /* */); 480 481 OM_uint32 (KRB5_CALLCONV *gss_display_name_ext) 482 ( 483 OM_uint32 *, /* minor_status */ 484 gss_name_t, /* name */ 485 gss_OID, /* display_as_name_type */ 486 gss_buffer_t /* display_name */ 487 /* */); 488 489 OM_uint32 (KRB5_CALLCONV *gss_inquire_name) 490 ( 491 OM_uint32 *, /* minor_status */ 492 gss_name_t, /* name */ 493 int *, /* name_is_MN */ 494 gss_OID *, /* MN_mech */ 495 gss_buffer_set_t * /* attrs */ 496 /* */); 497 498 OM_uint32 (KRB5_CALLCONV *gss_get_name_attribute) 499 ( 500 OM_uint32 *, /* minor_status */ 501 gss_name_t, /* name */ 502 gss_buffer_t, /* attr */ 503 int *, /* authenticated */ 504 int *, /* complete */ 505 gss_buffer_t, /* value */ 506 gss_buffer_t, /* display_value */ 507 int * /* more */ 508 /* */); 509 510 OM_uint32 (KRB5_CALLCONV *gss_set_name_attribute) 511 ( 512 OM_uint32 *, /* minor_status */ 513 gss_name_t, /* name */ 514 int, /* complete */ 515 gss_buffer_t, /* attr */ 516 gss_buffer_t /* value */ 517 /* */); 518 519 OM_uint32 (KRB5_CALLCONV *gss_delete_name_attribute) 520 ( 521 OM_uint32 *, /* minor_status */ 522 gss_name_t, /* name */ 523 gss_buffer_t /* attr */ 524 /* */); 525 526 OM_uint32 (KRB5_CALLCONV *gss_export_name_composite) 527 ( 528 OM_uint32 *, /* minor_status */ 529 gss_name_t, /* name */ 530 gss_buffer_t /* exp_composite_name */ 531 /* */); 532 533 OM_uint32 (KRB5_CALLCONV *gss_map_name_to_any) 534 ( 535 OM_uint32 *, /* minor_status */ 536 gss_name_t, /* name */ 537 int, /* authenticated */ 538 gss_buffer_t, /* type_id */ 539 gss_any_t * /* output */ 540 /* */); 541 542 OM_uint32 (KRB5_CALLCONV *gss_release_any_name_mapping) 543 ( 544 OM_uint32 *, /* minor_status */ 545 gss_name_t, /* name */ 546 gss_buffer_t, /* type_id */ 547 gss_any_t * /* input */ 548 /* */); 549 550 OM_uint32 (KRB5_CALLCONV *gss_pseudo_random) 551 ( 552 OM_uint32 *, /* minor_status */ 553 gss_ctx_id_t, /* context */ 554 int, /* prf_key */ 555 const gss_buffer_t, /* prf_in */ 556 ssize_t, /* desired_output_len */ 557 gss_buffer_t /* prf_out */ 558 /* */); 559 560 OM_uint32 (KRB5_CALLCONV *gss_set_neg_mechs) 561 ( 562 OM_uint32 *, /* minor_status */ 563 gss_cred_id_t, /* cred_handle */ 564 const gss_OID_set /* mech_set */ 565 /* */); 566 567 OM_uint32 (KRB5_CALLCONV *gss_inquire_saslname_for_mech) 568 ( 569 OM_uint32 *, /* minor_status */ 570 const gss_OID, /* desired_mech */ 571 gss_buffer_t, /* sasl_mech_name */ 572 gss_buffer_t, /* mech_name */ 573 gss_buffer_t /* mech_description */ 574 /* */); 575 576 OM_uint32 (KRB5_CALLCONV *gss_inquire_mech_for_saslname) 577 ( 578 OM_uint32 *, /* minor_status */ 579 const gss_buffer_t, /* sasl_mech_name */ 580 gss_OID * /* mech_type */ 581 /* */); 582 583 OM_uint32 (KRB5_CALLCONV *gss_inquire_attrs_for_mech) 584 ( 585 OM_uint32 *, /* minor_status */ 586 gss_const_OID, /* mech */ 587 gss_OID_set *, /* mech_attrs */ 588 gss_OID_set * /* known_mech_attrs */ 589 /* */); 590 591 /* Credential store extensions */ 592 593 OM_uint32 (KRB5_CALLCONV *gss_acquire_cred_from) 594 ( 595 OM_uint32 *, /* minor_status */ 596 gss_name_t, /* desired_name */ 597 OM_uint32, /* time_req */ 598 gss_OID_set, /* desired_mechs */ 599 gss_cred_usage_t, /* cred_usage */ 600 gss_const_key_value_set_t, /* cred_store */ 601 gss_cred_id_t *, /* output_cred_handle */ 602 gss_OID_set *, /* actual_mechs */ 603 OM_uint32 * /* time_rec */ 604 /* */); 605 606 OM_uint32 (KRB5_CALLCONV *gss_store_cred_into) 607 ( 608 OM_uint32 *, /* minor_status */ 609 gss_cred_id_t, /* input_cred_handle */ 610 gss_cred_usage_t, /* input_usage */ 611 gss_OID, /* desired_mech */ 612 OM_uint32, /* overwrite_cred */ 613 OM_uint32, /* default_cred */ 614 gss_const_key_value_set_t, /* cred_store */ 615 gss_OID_set *, /* elements_stored */ 616 gss_cred_usage_t * /* cred_usage_stored */ 617 /* */); 618 619 OM_uint32 (KRB5_CALLCONV *gssspi_acquire_cred_with_password) 620 ( 621 OM_uint32 *, /* minor_status */ 622 const gss_name_t, /* desired_name */ 623 const gss_buffer_t, /* password */ 624 OM_uint32, /* time_req */ 625 const gss_OID_set, /* desired_mechs */ 626 int, /* cred_usage */ 627 gss_cred_id_t *, /* output_cred_handle */ 628 gss_OID_set *, /* actual_mechs */ 629 OM_uint32 * /* time_rec */ 630 /* */); 631 632 OM_uint32 (KRB5_CALLCONV *gss_export_cred) 633 ( 634 OM_uint32 *, /* minor_status */ 635 gss_cred_id_t, /* cred_handle */ 636 gss_buffer_t /* token */ 637 /* */); 638 639 OM_uint32 (KRB5_CALLCONV *gss_import_cred) 640 ( 641 OM_uint32 *, /* minor_status */ 642 gss_buffer_t, /* token */ 643 gss_cred_id_t * /* cred_handle */ 644 /* */); 645 646 OM_uint32 (KRB5_CALLCONV *gssspi_import_sec_context_by_mech) 647 ( 648 OM_uint32 *, /* minor_status */ 649 gss_OID, /* desired_mech */ 650 gss_buffer_t, /* interprocess_token */ 651 gss_ctx_id_t * /* context_handle */ 652 /* */); 653 654 OM_uint32 (KRB5_CALLCONV *gssspi_import_name_by_mech) 655 ( 656 OM_uint32 *, /* minor_status */ 657 gss_OID, /* mech_type */ 658 gss_buffer_t, /* input_name_buffer */ 659 gss_OID, /* input_name_type */ 660 gss_name_t* /* output_name */ 661 /* */); 662 663 OM_uint32 (KRB5_CALLCONV *gssspi_import_cred_by_mech) 664 ( 665 OM_uint32 *, /* minor_status */ 666 gss_OID, /* mech_type */ 667 gss_buffer_t, /* token */ 668 gss_cred_id_t * /* cred_handle */ 669 /* */); 670 671 /* get_mic_iov extensions, added in 1.12 */ 672 673 OM_uint32 (KRB5_CALLCONV *gss_get_mic_iov) 674 ( 675 OM_uint32 *, /* minor_status */ 676 gss_ctx_id_t, /* context_handle */ 677 gss_qop_t, /* qop_req */ 678 gss_iov_buffer_desc *, /* iov */ 679 int /* iov_count */ 680 ); 681 682 OM_uint32 (KRB5_CALLCONV *gss_verify_mic_iov) 683 ( 684 OM_uint32 *, /* minor_status */ 685 gss_ctx_id_t, /* context_handle */ 686 gss_qop_t *, /* qop_state */ 687 gss_iov_buffer_desc *, /* iov */ 688 int /* iov_count */ 689 ); 690 691 OM_uint32 (KRB5_CALLCONV *gss_get_mic_iov_length) 692 ( 693 OM_uint32 *, /* minor_status */ 694 gss_ctx_id_t, /* context_handle */ 695 gss_qop_t, /* qop_req */ 696 gss_iov_buffer_desc *, /* iov */ 697 int /* iov_count */ 698 ); 699 700 /* NegoEx extensions added in 1.18 */ 701 702 OM_uint32 (KRB5_CALLCONV *gssspi_query_meta_data) 703 ( 704 OM_uint32 *, /* minor_status */ 705 gss_const_OID, /* mech_oid */ 706 gss_cred_id_t, /* cred_handle */ 707 gss_ctx_id_t *, /* context_handle */ 708 const gss_name_t, /* targ_name */ 709 OM_uint32, /* req_flags */ 710 gss_buffer_t /* meta_data */ 711 /* */); 712 713 OM_uint32 (KRB5_CALLCONV *gssspi_exchange_meta_data) 714 ( 715 OM_uint32 *, /* minor_status */ 716 gss_const_OID, /* mech_oid */ 717 gss_cred_id_t, /* cred_handle */ 718 gss_ctx_id_t *, /* context_handle */ 719 const gss_name_t, /* targ_name */ 720 OM_uint32, /* req_flags */ 721 gss_const_buffer_t /* meta_data */ 722 /* */); 723 724 OM_uint32 (KRB5_CALLCONV *gssspi_query_mechanism_info) 725 ( 726 OM_uint32 *, /* minor_status */ 727 gss_const_OID, /* mech_oid */ 728 unsigned char[16] /* auth_scheme */ 729 /* */); 730 731 } *gss_mechanism; 732 733 /* 734 * In the user space we use a wrapper structure to encompass the 735 * mechanism entry points. The wrapper contain the mechanism 736 * entry points and other data which is only relevant to the gss-api 737 * layer. In the kernel we use only the gss_config structure because 738 * the kernel does not cantain any of the extra gss-api specific data. 739 */ 740 typedef struct gss_mech_config { 741 char *kmodName; /* kernel module name */ 742 char *uLibName; /* user library name */ 743 char *mechNameStr; /* mechanism string name */ 744 char *optionStr; /* optional mech parameters */ 745 void *dl_handle; /* RTLD object handle for the mech */ 746 gss_OID mech_type; /* mechanism oid */ 747 gss_mechanism mech; /* mechanism initialization struct */ 748 int priority; /* mechanism preference order */ 749 int freeMech; /* free mech table */ 750 int is_interposer; /* interposer mechanism flag */ 751 gss_OID int_mech_type; /* points to the interposer OID */ 752 gss_mechanism int_mech; /* points to the interposer mech */ 753 struct gss_mech_config *next; /* next element in the list */ 754 } *gss_mech_info; 755 756 /********************************************************/ 757 /* Internal mechglue routines */ 758 759 OM_uint32 gssint_select_mech_type(OM_uint32 *minor, gss_const_OID in_oid, 760 gss_OID *selected_oid); 761 gss_OID gssint_get_public_oid(gss_const_OID internal_oid); 762 OM_uint32 gssint_make_public_oid_set(OM_uint32 *minor_status, gss_OID oids, 763 int count, gss_OID_set *public_set); 764 gss_mechanism gssint_get_mechanism (gss_const_OID); 765 OM_uint32 gssint_get_mech_type (gss_OID, gss_buffer_t); 766 char *gssint_get_kmodName(const gss_OID); 767 char *gssint_get_modOptions(const gss_OID); 768 OM_uint32 gssint_import_internal_name (OM_uint32 *, gss_OID, gss_union_name_t, 769 gss_name_t *); 770 OM_uint32 gssint_export_internal_name(OM_uint32 *, const gss_OID, 771 const gss_name_t, gss_buffer_t); 772 OM_uint32 gssint_display_internal_name (OM_uint32 *, gss_OID, gss_name_t, 773 gss_buffer_t, gss_OID *); 774 OM_uint32 gssint_release_internal_name (OM_uint32 *, gss_OID, gss_name_t *); 775 OM_uint32 gssint_delete_internal_sec_context (OM_uint32 *, gss_OID, 776 gss_ctx_id_t *, gss_buffer_t); 777 #ifdef _GSS_STATIC_LINK 778 int gssint_register_mechinfo(gss_mech_info template); 779 #endif 780 781 OM_uint32 gssint_convert_name_to_union_name 782 (OM_uint32 *, /* minor_status */ 783 gss_mechanism, /* mech */ 784 gss_name_t, /* internal_name */ 785 gss_name_t * /* external_name */ 786 ); 787 gss_cred_id_t gssint_get_mechanism_cred 788 (gss_union_cred_t, /* union_cred */ 789 gss_OID /* mech_type */ 790 ); 791 792 OM_uint32 gssint_create_copy_buffer( 793 const gss_buffer_t, /* src buffer */ 794 gss_buffer_t *, /* destination buffer */ 795 int /* NULL terminate buffer ? */ 796 ); 797 798 OM_uint32 gssint_create_union_context( 799 OM_uint32 *minor, /* minor_status */ 800 gss_const_OID, /* mech_oid */ 801 gss_union_ctx_id_t * /* ctx_out */ 802 ); 803 804 OM_uint32 gssint_copy_oid_set( 805 OM_uint32 *, /* minor_status */ 806 const gss_OID_set_desc * const, /* oid set */ 807 gss_OID_set * /* new oid set */ 808 ); 809 810 gss_OID gss_find_mechanism_from_name_type (gss_OID); /* name_type */ 811 812 OM_uint32 gss_add_mech_name_type 813 (OM_uint32 *, /* minor_status */ 814 gss_OID, /* name_type */ 815 gss_OID /* mech */ 816 ); 817 818 /* 819 * Sun extensions to GSS-API v2 820 */ 821 822 OM_uint32 823 gssint_wrap_aead (gss_mechanism, /* mech */ 824 OM_uint32 *, /* minor_status */ 825 gss_union_ctx_id_t, /* ctx */ 826 int, /* conf_req_flag */ 827 gss_qop_t, /* qop_req_flag */ 828 gss_buffer_t, /* input_assoc_buffer */ 829 gss_buffer_t, /* input_payload_buffer */ 830 int *, /* conf_state */ 831 gss_buffer_t); /* output_message_buffer */ 832 OM_uint32 833 gssint_unwrap_aead (gss_mechanism, /* mech */ 834 OM_uint32 *, /* minor_status */ 835 gss_union_ctx_id_t, /* ctx */ 836 gss_buffer_t, /* input_message_buffer */ 837 gss_buffer_t, /* input_assoc_buffer */ 838 gss_buffer_t, /* output_payload_buffer */ 839 int *, /* conf_state */ 840 gss_qop_t *); /* qop_state */ 841 842 843 /* Use this to map an error code that was returned from a mech 844 operation; the mech will be asked to produce the associated error 845 messages. 846 847 Remember that if the minor status code cannot be returned to the 848 caller (e.g., if it's stuffed in an automatic variable and then 849 ignored), then we don't care about producing a mapping. */ 850 #define map_error(MINORP, MECH) \ 851 (*(MINORP) = gssint_mecherrmap_map(*(MINORP), &(MECH)->mech_type)) 852 #define map_error_oid(MINORP, MECHOID) \ 853 (*(MINORP) = gssint_mecherrmap_map(*(MINORP), (MECHOID))) 854 855 /* Use this to map an errno value or com_err error code being 856 generated within the mechglue code (e.g., by calling generic oid 857 ops). Any errno or com_err values produced by mech operations 858 should be processed with map_error. This means they'll be stored 859 separately even if the mech uses com_err, because we can't assume 860 that it will use com_err. */ 861 #define map_errcode(MINORP) \ 862 (*(MINORP) = gssint_mecherrmap_map_errcode(*(MINORP))) 863 864 #endif /* _GSS_MECHGLUEP_H */ 865