18360efbdSAlfred Perlstein /* $NetBSD: auth.h,v 1.15 2000/06/02 22:57:55 fvdl Exp $ */ 28360efbdSAlfred Perlstein 32e322d37SHiroki Sato /*- 4*2321c474SPedro F. Giffuni * SPDX-License-Identifier: BSD-3-Clause 5*2321c474SPedro F. Giffuni * 62e322d37SHiroki Sato * Copyright (c) 2009, Sun Microsystems, Inc. 72e322d37SHiroki Sato * All rights reserved. 8dba7a33eSGarrett Wollman * 92e322d37SHiroki Sato * Redistribution and use in source and binary forms, with or without 102e322d37SHiroki Sato * modification, are permitted provided that the following conditions are met: 112e322d37SHiroki Sato * - Redistributions of source code must retain the above copyright notice, 122e322d37SHiroki Sato * this list of conditions and the following disclaimer. 132e322d37SHiroki Sato * - Redistributions in binary form must reproduce the above copyright notice, 142e322d37SHiroki Sato * this list of conditions and the following disclaimer in the documentation 152e322d37SHiroki Sato * and/or other materials provided with the distribution. 162e322d37SHiroki Sato * - Neither the name of Sun Microsystems, Inc. nor the names of its 172e322d37SHiroki Sato * contributors may be used to endorse or promote products derived 182e322d37SHiroki Sato * from this software without specific prior written permission. 19dba7a33eSGarrett Wollman * 202e322d37SHiroki Sato * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 212e322d37SHiroki Sato * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 222e322d37SHiroki Sato * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 232e322d37SHiroki Sato * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 242e322d37SHiroki Sato * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 252e322d37SHiroki Sato * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 262e322d37SHiroki Sato * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 272e322d37SHiroki Sato * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 282e322d37SHiroki Sato * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 292e322d37SHiroki Sato * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 302e322d37SHiroki Sato * POSSIBILITY OF SUCH DAMAGE. 3186b9a9ccSGarrett Wollman * 3286b9a9ccSGarrett Wollman * from: @(#)auth.h 1.17 88/02/08 SMI 3386b9a9ccSGarrett Wollman * from: @(#)auth.h 2.3 88/08/07 4.0 RPCSRC 348360efbdSAlfred Perlstein * from: @(#)auth.h 1.43 98/02/02 SMI 35a4add9a9SPeter Wemm * $FreeBSD$ 36dba7a33eSGarrett Wollman */ 37dba7a33eSGarrett Wollman 38dba7a33eSGarrett Wollman /* 39dba7a33eSGarrett Wollman * auth.h, Authentication interface. 40dba7a33eSGarrett Wollman * 41dba7a33eSGarrett Wollman * Copyright (C) 1984, Sun Microsystems, Inc. 42dba7a33eSGarrett Wollman * 43dba7a33eSGarrett Wollman * The data structures are completely opaque to the client. The client 449d5abbddSJens Schweikhardt * is required to pass an AUTH * to routines that create rpc 45dba7a33eSGarrett Wollman * "sessions". 46dba7a33eSGarrett Wollman */ 47dba7a33eSGarrett Wollman 4886b9a9ccSGarrett Wollman #ifndef _RPC_AUTH_H 4986b9a9ccSGarrett Wollman #define _RPC_AUTH_H 508360efbdSAlfred Perlstein #include <rpc/xdr.h> 518360efbdSAlfred Perlstein #include <rpc/clnt_stat.h> 5286b9a9ccSGarrett Wollman #include <sys/cdefs.h> 53f26dae2bSBill Paul #include <sys/socket.h> 54dba7a33eSGarrett Wollman 55dba7a33eSGarrett Wollman #define MAX_AUTH_BYTES 400 56dba7a33eSGarrett Wollman #define MAXNETNAMELEN 255 /* maximum length of network user's name */ 57dba7a33eSGarrett Wollman 58dba7a33eSGarrett Wollman /* 598360efbdSAlfred Perlstein * Client side authentication/security data 608360efbdSAlfred Perlstein */ 618360efbdSAlfred Perlstein 628360efbdSAlfred Perlstein typedef struct sec_data { 638360efbdSAlfred Perlstein u_int secmod; /* security mode number e.g. in nfssec.conf */ 648360efbdSAlfred Perlstein u_int rpcflavor; /* rpc flavors:AUTH_UNIX,AUTH_DES,RPCSEC_GSS */ 658360efbdSAlfred Perlstein int flags; /* AUTH_F_xxx flags */ 668360efbdSAlfred Perlstein caddr_t data; /* opaque data per flavor */ 678360efbdSAlfred Perlstein } sec_data_t; 688360efbdSAlfred Perlstein 698360efbdSAlfred Perlstein #ifdef _SYSCALL32_IMPL 708360efbdSAlfred Perlstein struct sec_data32 { 718360efbdSAlfred Perlstein uint32_t secmod; /* security mode number e.g. in nfssec.conf */ 728360efbdSAlfred Perlstein uint32_t rpcflavor; /* rpc flavors:AUTH_UNIX,AUTH_DES,RPCSEC_GSS */ 738360efbdSAlfred Perlstein int32_t flags; /* AUTH_F_xxx flags */ 748360efbdSAlfred Perlstein caddr32_t data; /* opaque data per flavor */ 758360efbdSAlfred Perlstein }; 768360efbdSAlfred Perlstein #endif /* _SYSCALL32_IMPL */ 778360efbdSAlfred Perlstein 788360efbdSAlfred Perlstein /* 798360efbdSAlfred Perlstein * AUTH_DES flavor specific data from sec_data opaque data field. 808360efbdSAlfred Perlstein * AUTH_KERB has the same structure. 818360efbdSAlfred Perlstein */ 828360efbdSAlfred Perlstein typedef struct des_clnt_data { 838360efbdSAlfred Perlstein struct netbuf syncaddr; /* time sync addr */ 848360efbdSAlfred Perlstein struct knetconfig *knconf; /* knetconfig info that associated */ 858360efbdSAlfred Perlstein /* with the syncaddr. */ 868360efbdSAlfred Perlstein char *netname; /* server's netname */ 878360efbdSAlfred Perlstein int netnamelen; /* server's netname len */ 888360efbdSAlfred Perlstein } dh_k4_clntdata_t; 898360efbdSAlfred Perlstein 908360efbdSAlfred Perlstein #ifdef _SYSCALL32_IMPL 918360efbdSAlfred Perlstein struct des_clnt_data32 { 928360efbdSAlfred Perlstein struct netbuf32 syncaddr; /* time sync addr */ 938360efbdSAlfred Perlstein caddr32_t knconf; /* knetconfig info that associated */ 948360efbdSAlfred Perlstein /* with the syncaddr. */ 958360efbdSAlfred Perlstein caddr32_t netname; /* server's netname */ 968360efbdSAlfred Perlstein int32_t netnamelen; /* server's netname len */ 978360efbdSAlfred Perlstein }; 988360efbdSAlfred Perlstein #endif /* _SYSCALL32_IMPL */ 998360efbdSAlfred Perlstein 1008360efbdSAlfred Perlstein #ifdef KERBEROS 1018360efbdSAlfred Perlstein /* 1028360efbdSAlfred Perlstein * flavor specific data to hold the data for AUTH_DES/AUTH_KERB(v4) 1038360efbdSAlfred Perlstein * in sec_data->data opaque field. 1048360efbdSAlfred Perlstein */ 1058360efbdSAlfred Perlstein typedef struct krb4_svc_data { 1068360efbdSAlfred Perlstein int window; /* window option value */ 1078360efbdSAlfred Perlstein } krb4_svcdata_t; 1088360efbdSAlfred Perlstein 1098360efbdSAlfred Perlstein typedef struct krb4_svc_data des_svcdata_t; 1108360efbdSAlfred Perlstein #endif /* KERBEROS */ 1118360efbdSAlfred Perlstein 1128360efbdSAlfred Perlstein /* 1138360efbdSAlfred Perlstein * authentication/security specific flags 1148360efbdSAlfred Perlstein */ 1158360efbdSAlfred Perlstein #define AUTH_F_RPCTIMESYNC 0x001 /* use RPC to do time sync */ 1168360efbdSAlfred Perlstein #define AUTH_F_TRYNONE 0x002 /* allow fall back to AUTH_NONE */ 1178360efbdSAlfred Perlstein 1188360efbdSAlfred Perlstein 1198360efbdSAlfred Perlstein /* 120dba7a33eSGarrett Wollman * Status returned from authentication check 121dba7a33eSGarrett Wollman */ 122dba7a33eSGarrett Wollman enum auth_stat { 123dba7a33eSGarrett Wollman AUTH_OK=0, 124dba7a33eSGarrett Wollman /* 125dba7a33eSGarrett Wollman * failed at remote end 126dba7a33eSGarrett Wollman */ 127dba7a33eSGarrett Wollman AUTH_BADCRED=1, /* bogus credentials (seal broken) */ 128dba7a33eSGarrett Wollman AUTH_REJECTEDCRED=2, /* client should begin new session */ 129dba7a33eSGarrett Wollman AUTH_BADVERF=3, /* bogus verifier (seal broken) */ 130dba7a33eSGarrett Wollman AUTH_REJECTEDVERF=4, /* verifier expired or was replayed */ 131dba7a33eSGarrett Wollman AUTH_TOOWEAK=5, /* rejected due to security reasons */ 132dba7a33eSGarrett Wollman /* 133dba7a33eSGarrett Wollman * failed locally 134dba7a33eSGarrett Wollman */ 135dba7a33eSGarrett Wollman AUTH_INVALIDRESP=6, /* bogus response verifier */ 1368f55a568SDoug Rabson AUTH_FAILED=7, /* some unknown reason */ 1378360efbdSAlfred Perlstein #ifdef KERBEROS 1388360efbdSAlfred Perlstein /* 1398360efbdSAlfred Perlstein * kerberos errors 1408360efbdSAlfred Perlstein */ 141f91b492aSAlfred Perlstein , 1428360efbdSAlfred Perlstein AUTH_KERB_GENERIC = 8, /* kerberos generic error */ 1438360efbdSAlfred Perlstein AUTH_TIMEEXPIRE = 9, /* time of credential expired */ 1448360efbdSAlfred Perlstein AUTH_TKT_FILE = 10, /* something wrong with ticket file */ 1458360efbdSAlfred Perlstein AUTH_DECODE = 11, /* can't decode authenticator */ 1468f55a568SDoug Rabson AUTH_NET_ADDR = 12, /* wrong net address in ticket */ 1478360efbdSAlfred Perlstein #endif /* KERBEROS */ 1488f55a568SDoug Rabson /* 1498f55a568SDoug Rabson * RPCSEC_GSS errors 1508f55a568SDoug Rabson */ 1518f55a568SDoug Rabson RPCSEC_GSS_CREDPROBLEM = 13, 1528f55a568SDoug Rabson RPCSEC_GSS_CTXPROBLEM = 14, 1538f55a568SDoug Rabson RPCSEC_GSS_NODISPATCH = 0x8000000 154dba7a33eSGarrett Wollman }; 155dba7a33eSGarrett Wollman 156dba7a33eSGarrett Wollman union des_block { 157dba7a33eSGarrett Wollman struct { 1588360efbdSAlfred Perlstein uint32_t high; 1598360efbdSAlfred Perlstein uint32_t low; 160dba7a33eSGarrett Wollman } key; 161dba7a33eSGarrett Wollman char c[8]; 162dba7a33eSGarrett Wollman }; 163dba7a33eSGarrett Wollman typedef union des_block des_block; 16486b9a9ccSGarrett Wollman __BEGIN_DECLS 1658360efbdSAlfred Perlstein extern bool_t xdr_des_block(XDR *, des_block *); 16686b9a9ccSGarrett Wollman __END_DECLS 167dba7a33eSGarrett Wollman 168dba7a33eSGarrett Wollman /* 169dba7a33eSGarrett Wollman * Authentication info. Opaque to client. 170dba7a33eSGarrett Wollman */ 171dba7a33eSGarrett Wollman struct opaque_auth { 172dba7a33eSGarrett Wollman enum_t oa_flavor; /* flavor of auth */ 173dba7a33eSGarrett Wollman caddr_t oa_base; /* address of more auth stuff */ 174dba7a33eSGarrett Wollman u_int oa_length; /* not to exceed MAX_AUTH_BYTES */ 175dba7a33eSGarrett Wollman }; 176dba7a33eSGarrett Wollman 177dba7a33eSGarrett Wollman 178dba7a33eSGarrett Wollman /* 179dba7a33eSGarrett Wollman * Auth handle, interface to client side authenticators. 180dba7a33eSGarrett Wollman */ 1818360efbdSAlfred Perlstein typedef struct __auth { 182dba7a33eSGarrett Wollman struct opaque_auth ah_cred; 183dba7a33eSGarrett Wollman struct opaque_auth ah_verf; 184dba7a33eSGarrett Wollman union des_block ah_key; 185dba7a33eSGarrett Wollman struct auth_ops { 1868360efbdSAlfred Perlstein void (*ah_nextverf) (struct __auth *); 18770de0abfSPeter Wemm /* nextverf & serialize */ 1888360efbdSAlfred Perlstein int (*ah_marshal) (struct __auth *, XDR *); 18970de0abfSPeter Wemm /* validate verifier */ 1908360efbdSAlfred Perlstein int (*ah_validate) (struct __auth *, 1918360efbdSAlfred Perlstein struct opaque_auth *); 19270de0abfSPeter Wemm /* refresh credentials */ 1938360efbdSAlfred Perlstein int (*ah_refresh) (struct __auth *, void *); 19470de0abfSPeter Wemm /* destroy this structure */ 1958360efbdSAlfred Perlstein void (*ah_destroy) (struct __auth *); 196dba7a33eSGarrett Wollman } *ah_ops; 197f91b492aSAlfred Perlstein void *ah_private; 198dba7a33eSGarrett Wollman } AUTH; 199dba7a33eSGarrett Wollman 200dba7a33eSGarrett Wollman 201dba7a33eSGarrett Wollman /* 202dba7a33eSGarrett Wollman * Authentication ops. 203dba7a33eSGarrett Wollman * The ops and the auth handle provide the interface to the authenticators. 204dba7a33eSGarrett Wollman * 205dba7a33eSGarrett Wollman * AUTH *auth; 206dba7a33eSGarrett Wollman * XDR *xdrs; 207dba7a33eSGarrett Wollman * struct opaque_auth verf; 208dba7a33eSGarrett Wollman */ 209dba7a33eSGarrett Wollman #define AUTH_NEXTVERF(auth) \ 210dba7a33eSGarrett Wollman ((*((auth)->ah_ops->ah_nextverf))(auth)) 211dba7a33eSGarrett Wollman #define auth_nextverf(auth) \ 212dba7a33eSGarrett Wollman ((*((auth)->ah_ops->ah_nextverf))(auth)) 213dba7a33eSGarrett Wollman 214dba7a33eSGarrett Wollman #define AUTH_MARSHALL(auth, xdrs) \ 215dba7a33eSGarrett Wollman ((*((auth)->ah_ops->ah_marshal))(auth, xdrs)) 216dba7a33eSGarrett Wollman #define auth_marshall(auth, xdrs) \ 217dba7a33eSGarrett Wollman ((*((auth)->ah_ops->ah_marshal))(auth, xdrs)) 218dba7a33eSGarrett Wollman 219dba7a33eSGarrett Wollman #define AUTH_VALIDATE(auth, verfp) \ 220dba7a33eSGarrett Wollman ((*((auth)->ah_ops->ah_validate))((auth), verfp)) 221dba7a33eSGarrett Wollman #define auth_validate(auth, verfp) \ 222dba7a33eSGarrett Wollman ((*((auth)->ah_ops->ah_validate))((auth), verfp)) 223dba7a33eSGarrett Wollman 2248360efbdSAlfred Perlstein #define AUTH_REFRESH(auth, msg) \ 2258360efbdSAlfred Perlstein ((*((auth)->ah_ops->ah_refresh))(auth, msg)) 2268360efbdSAlfred Perlstein #define auth_refresh(auth, msg) \ 2278360efbdSAlfred Perlstein ((*((auth)->ah_ops->ah_refresh))(auth, msg)) 228dba7a33eSGarrett Wollman 229dba7a33eSGarrett Wollman #define AUTH_DESTROY(auth) \ 230dba7a33eSGarrett Wollman ((*((auth)->ah_ops->ah_destroy))(auth)) 231dba7a33eSGarrett Wollman #define auth_destroy(auth) \ 232dba7a33eSGarrett Wollman ((*((auth)->ah_ops->ah_destroy))(auth)) 233dba7a33eSGarrett Wollman 234dba7a33eSGarrett Wollman 2358360efbdSAlfred Perlstein __BEGIN_DECLS 236dba7a33eSGarrett Wollman extern struct opaque_auth _null_auth; 2378360efbdSAlfred Perlstein __END_DECLS 238dba7a33eSGarrett Wollman 239dba7a33eSGarrett Wollman /* 240dba7a33eSGarrett Wollman * These are the various implementations of client side authenticators. 241dba7a33eSGarrett Wollman */ 242dba7a33eSGarrett Wollman 243dba7a33eSGarrett Wollman /* 2448360efbdSAlfred Perlstein * System style authentication 245dba7a33eSGarrett Wollman * AUTH *authunix_create(machname, uid, gid, len, aup_gids) 246dba7a33eSGarrett Wollman * char *machname; 2470d1040e5SPedro F. Giffuni * u_int uid; 2480d1040e5SPedro F. Giffuni * u_int gid; 249dba7a33eSGarrett Wollman * int len; 2500d1040e5SPedro F. Giffuni * u_int *aup_gids; 251dba7a33eSGarrett Wollman */ 25286b9a9ccSGarrett Wollman __BEGIN_DECLS 2530d1040e5SPedro F. Giffuni extern AUTH *authunix_create(char *, u_int, u_int, int, u_int *); 2548360efbdSAlfred Perlstein extern AUTH *authunix_create_default(void); /* takes no parameters */ 2558360efbdSAlfred Perlstein extern AUTH *authnone_create(void); /* takes no parameters */ 25686b9a9ccSGarrett Wollman __END_DECLS 257f26dae2bSBill Paul /* 258f26dae2bSBill Paul * DES style authentication 2598360efbdSAlfred Perlstein * AUTH *authsecdes_create(servername, window, timehost, ckey) 260f26dae2bSBill Paul * char *servername; - network name of server 261f26dae2bSBill Paul * u_int window; - time to live 2628360efbdSAlfred Perlstein * const char *timehost; - optional hostname to sync with 263f26dae2bSBill Paul * des_block *ckey; - optional conversation key to use 264f26dae2bSBill Paul */ 265f26dae2bSBill Paul __BEGIN_DECLS 2668360efbdSAlfred Perlstein extern AUTH *authdes_create (char *, u_int, struct sockaddr *, des_block *); 2678360efbdSAlfred Perlstein extern AUTH *authdes_seccreate (const char *, const u_int, const char *, 2688360efbdSAlfred Perlstein const des_block *); 269f26dae2bSBill Paul __END_DECLS 270f26dae2bSBill Paul 2718360efbdSAlfred Perlstein __BEGIN_DECLS 2728d630135SAlfred Perlstein extern bool_t xdr_opaque_auth (XDR *, struct opaque_auth *); 2738360efbdSAlfred Perlstein __END_DECLS 2748360efbdSAlfred Perlstein 2758360efbdSAlfred Perlstein #define authsys_create(c,i1,i2,i3,ip) authunix_create((c),(i1),(i2),(i3),(ip)) 2768360efbdSAlfred Perlstein #define authsys_create_default() authunix_create_default() 2778360efbdSAlfred Perlstein 278f26dae2bSBill Paul /* 279f26dae2bSBill Paul * Netname manipulation routines. 280f26dae2bSBill Paul */ 281f26dae2bSBill Paul __BEGIN_DECLS 2828360efbdSAlfred Perlstein extern int getnetname(char *); 2838360efbdSAlfred Perlstein extern int host2netname(char *, const char *, const char *); 2848360efbdSAlfred Perlstein extern int user2netname(char *, const uid_t, const char *); 2858360efbdSAlfred Perlstein extern int netname2user(char *, uid_t *, gid_t *, int *, gid_t *); 2868360efbdSAlfred Perlstein extern int netname2host(char *, char *, const int); 2878360efbdSAlfred Perlstein extern void passwd2des ( char *, char * ); 288f26dae2bSBill Paul __END_DECLS 289f26dae2bSBill Paul 290f26dae2bSBill Paul /* 2918360efbdSAlfred Perlstein * 2928360efbdSAlfred Perlstein * These routines interface to the keyserv daemon 2938360efbdSAlfred Perlstein * 294f26dae2bSBill Paul */ 295f26dae2bSBill Paul __BEGIN_DECLS 2968360efbdSAlfred Perlstein extern int key_decryptsession(const char *, des_block *); 2978360efbdSAlfred Perlstein extern int key_encryptsession(const char *, des_block *); 2988360efbdSAlfred Perlstein extern int key_gendes(des_block *); 2998360efbdSAlfred Perlstein extern int key_setsecret(const char *); 3008360efbdSAlfred Perlstein extern int key_secretkey_is_set(void); 3018360efbdSAlfred Perlstein __END_DECLS 3028360efbdSAlfred Perlstein 3038d630135SAlfred Perlstein /* 3048d630135SAlfred Perlstein * Publickey routines. 3058d630135SAlfred Perlstein */ 3068d630135SAlfred Perlstein __BEGIN_DECLS 3078d630135SAlfred Perlstein extern int getpublickey (const char *, char *); 3080411773bSDaniel Eischen extern int getpublicandprivatekey (const char *, char *); 3098d630135SAlfred Perlstein extern int getsecretkey (char *, char *, char *); 3108d630135SAlfred Perlstein __END_DECLS 3118d630135SAlfred Perlstein 3128360efbdSAlfred Perlstein #ifdef KERBEROS 3138360efbdSAlfred Perlstein /* 3148360efbdSAlfred Perlstein * Kerberos style authentication 3158360efbdSAlfred Perlstein * AUTH *authkerb_seccreate(service, srv_inst, realm, window, timehost, status) 3168360efbdSAlfred Perlstein * const char *service; - service name 3178360efbdSAlfred Perlstein * const char *srv_inst; - server instance 3188360efbdSAlfred Perlstein * const char *realm; - server realm 3198360efbdSAlfred Perlstein * const u_int window; - time to live 3208360efbdSAlfred Perlstein * const char *timehost; - optional hostname to sync with 3218360efbdSAlfred Perlstein * int *status; - kerberos status returned 3228360efbdSAlfred Perlstein */ 3238360efbdSAlfred Perlstein __BEGIN_DECLS 3248360efbdSAlfred Perlstein extern AUTH *authkerb_seccreate(const char *, const char *, const char *, 3258360efbdSAlfred Perlstein const u_int, const char *, int *); 326f26dae2bSBill Paul __END_DECLS 327f26dae2bSBill Paul 328f26dae2bSBill Paul /* 3298360efbdSAlfred Perlstein * Map a kerberos credential into a unix cred. 3308360efbdSAlfred Perlstein * 3318360efbdSAlfred Perlstein * authkerb_getucred(rqst, uid, gid, grouplen, groups) 3328360efbdSAlfred Perlstein * const struct svc_req *rqst; - request pointer 3338360efbdSAlfred Perlstein * uid_t *uid; 3348360efbdSAlfred Perlstein * gid_t *gid; 3358360efbdSAlfred Perlstein * short *grouplen; 3368360efbdSAlfred Perlstein * int *groups; 3378360efbdSAlfred Perlstein * 338f26dae2bSBill Paul */ 339f26dae2bSBill Paul __BEGIN_DECLS 3408360efbdSAlfred Perlstein extern int authkerb_getucred(/* struct svc_req *, uid_t *, gid_t *, 3418360efbdSAlfred Perlstein short *, int * */); 342f26dae2bSBill Paul __END_DECLS 3438360efbdSAlfred Perlstein #endif /* KERBEROS */ 344f26dae2bSBill Paul 3458360efbdSAlfred Perlstein __BEGIN_DECLS 3468360efbdSAlfred Perlstein struct svc_req; 3478360efbdSAlfred Perlstein struct rpc_msg; 3488d630135SAlfred Perlstein enum auth_stat _svcauth_null (struct svc_req *, struct rpc_msg *); 3498d630135SAlfred Perlstein enum auth_stat _svcauth_short (struct svc_req *, struct rpc_msg *); 3508d630135SAlfred Perlstein enum auth_stat _svcauth_unix (struct svc_req *, struct rpc_msg *); 3518360efbdSAlfred Perlstein __END_DECLS 352f26dae2bSBill Paul 353dba7a33eSGarrett Wollman #define AUTH_NONE 0 /* no authentication */ 354dba7a33eSGarrett Wollman #define AUTH_NULL 0 /* backward compatibility */ 3558360efbdSAlfred Perlstein #define AUTH_SYS 1 /* unix style (uid, gids) */ 3568360efbdSAlfred Perlstein #define AUTH_UNIX AUTH_SYS 357dba7a33eSGarrett Wollman #define AUTH_SHORT 2 /* short hand unix style */ 3588360efbdSAlfred Perlstein #define AUTH_DH 3 /* for Diffie-Hellman mechanism */ 3598360efbdSAlfred Perlstein #define AUTH_DES AUTH_DH /* for backward compatibility */ 3608360efbdSAlfred Perlstein #define AUTH_KERB 4 /* kerberos style */ 3618f55a568SDoug Rabson #define RPCSEC_GSS 6 /* RPCSEC_GSS */ 3628f55a568SDoug Rabson 3638f55a568SDoug Rabson /* 3648f55a568SDoug Rabson * Pseudo auth flavors for RPCSEC_GSS. 3658f55a568SDoug Rabson */ 3668f55a568SDoug Rabson #define RPCSEC_GSS_KRB5 390003 3678f55a568SDoug Rabson #define RPCSEC_GSS_KRB5I 390004 3688f55a568SDoug Rabson #define RPCSEC_GSS_KRB5P 390005 36986b9a9ccSGarrett Wollman 37086b9a9ccSGarrett Wollman #endif /* !_RPC_AUTH_H */ 371