1 /* 2 * Copyright (C) The Internet Society (2000). All Rights Reserved. 3 * 4 * This document and translations of it may be copied and furnished to 5 * others, and derivative works that comment on or otherwise explain it 6 * or assist in its implementation may be prepared, copied, published 7 * and distributed, in whole or in part, without restriction of any 8 * kind, provided that the above copyright notice and this paragraph are 9 * included on all such copies and derivative works. However, this 10 * document itself may not be modified in any way, such as by removing 11 * the copyright notice or references to the Internet Society or other 12 * Internet organizations, except as needed for the purpose of 13 * developing Internet standards in which case the procedures for 14 * copyrights defined in the Internet Standards process must be 15 * followed, or as required to translate it into languages other than 16 * English. 17 * 18 * The limited permissions granted above are perpetual and will not be 19 * revoked by the Internet Society or its successors or assigns. 20 * 21 * This document and the information contained herein is provided on an 22 * "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 23 * TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 24 * BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 25 * HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 26 * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 27 * 28 * $FreeBSD$ 29 */ 30 31 #ifndef _KGSSAPI_GSSAPI_H_ 32 #define _KGSSAPI_GSSAPI_H_ 33 34 /* 35 * A cut-down version of the GSS-API for in-kernel use 36 */ 37 38 /* 39 * Now define the three implementation-dependent types. 40 */ 41 typedef struct _gss_ctx_id_t *gss_ctx_id_t; 42 typedef struct _gss_cred_id_t *gss_cred_id_t; 43 typedef struct _gss_name_t *gss_name_t; 44 45 /* 46 * We can't use X/Open definitions, so roll our own. 47 */ 48 typedef uint32_t OM_uint32; 49 typedef uint64_t OM_uint64; 50 51 typedef struct gss_OID_desc_struct { 52 OM_uint32 length; 53 void *elements; 54 } gss_OID_desc, *gss_OID; 55 56 typedef struct gss_OID_set_desc_struct { 57 size_t count; 58 gss_OID elements; 59 } gss_OID_set_desc, *gss_OID_set; 60 61 typedef struct gss_buffer_desc_struct { 62 size_t length; 63 void *value; 64 } gss_buffer_desc, *gss_buffer_t; 65 66 typedef struct gss_channel_bindings_struct { 67 OM_uint32 initiator_addrtype; 68 gss_buffer_desc initiator_address; 69 OM_uint32 acceptor_addrtype; 70 gss_buffer_desc acceptor_address; 71 gss_buffer_desc application_data; 72 } *gss_channel_bindings_t; 73 74 /* 75 * For now, define a QOP-type as an OM_uint32 76 */ 77 typedef OM_uint32 gss_qop_t; 78 79 typedef int gss_cred_usage_t; 80 81 /* 82 * Flag bits for context-level services. 83 */ 84 #define GSS_C_DELEG_FLAG 1 85 #define GSS_C_MUTUAL_FLAG 2 86 #define GSS_C_REPLAY_FLAG 4 87 #define GSS_C_SEQUENCE_FLAG 8 88 #define GSS_C_CONF_FLAG 16 89 #define GSS_C_INTEG_FLAG 32 90 #define GSS_C_ANON_FLAG 64 91 #define GSS_C_PROT_READY_FLAG 128 92 #define GSS_C_TRANS_FLAG 256 93 94 /* 95 * Credential usage options 96 */ 97 #define GSS_C_BOTH 0 98 #define GSS_C_INITIATE 1 99 #define GSS_C_ACCEPT 2 100 101 /* 102 * Status code types for gss_display_status 103 */ 104 #define GSS_C_GSS_CODE 1 105 #define GSS_C_MECH_CODE 2 106 107 /* 108 * The constant definitions for channel-bindings address families 109 */ 110 #define GSS_C_AF_UNSPEC 0 111 #define GSS_C_AF_LOCAL 1 112 #define GSS_C_AF_INET 2 113 #define GSS_C_AF_IMPLINK 3 114 #define GSS_C_AF_PUP 4 115 #define GSS_C_AF_CHAOS 5 116 #define GSS_C_AF_NS 6 117 #define GSS_C_AF_NBS 7 118 #define GSS_C_AF_ECMA 8 119 #define GSS_C_AF_DATAKIT 9 120 #define GSS_C_AF_CCITT 10 121 #define GSS_C_AF_SNA 11 122 #define GSS_C_AF_DECnet 12 123 #define GSS_C_AF_DLI 13 124 #define GSS_C_AF_LAT 14 125 #define GSS_C_AF_HYLINK 15 126 #define GSS_C_AF_APPLETALK 16 127 #define GSS_C_AF_BSC 17 128 #define GSS_C_AF_DSS 18 129 #define GSS_C_AF_OSI 19 130 #define GSS_C_AF_X25 21 131 #define GSS_C_AF_NULLADDR 255 132 133 /* 134 * Various Null values 135 */ 136 #define GSS_C_NO_NAME ((gss_name_t) 0) 137 #define GSS_C_NO_BUFFER ((gss_buffer_t) 0) 138 #define GSS_C_NO_OID ((gss_OID) 0) 139 #define GSS_C_NO_OID_SET ((gss_OID_set) 0) 140 #define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0) 141 #define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0) 142 #define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0) 143 #define GSS_C_EMPTY_BUFFER {0, NULL} 144 145 /* 146 * Some alternate names for a couple of the above 147 * values. These are defined for V1 compatibility. 148 */ 149 #define GSS_C_NULL_OID GSS_C_NO_OID 150 #define GSS_C_NULL_OID_SET GSS_C_NO_OID_SET 151 152 /* 153 * Define the default Quality of Protection for per-message 154 * services. Note that an implementation that offers multiple 155 * levels of QOP may define GSS_C_QOP_DEFAULT to be either zero 156 * (as done here) to mean "default protection", or to a specific 157 * explicit QOP value. However, a value of 0 should always be 158 * interpreted by a GSS-API implementation as a request for the 159 * default protection level. 160 */ 161 #define GSS_C_QOP_DEFAULT 0 162 163 /* 164 * Expiration time of 2^32-1 seconds means infinite lifetime for a 165 * credential or security context 166 */ 167 #define GSS_C_INDEFINITE 0xfffffffful 168 169 /* 170 * The implementation must reserve static storage for a 171 * gss_OID_desc object containing the value 172 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 173 * "\x01\x02\x01\x01"}, 174 * corresponding to an object-identifier value of 175 * {iso(1) member-body(2) United States(840) mit(113554) 176 * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant 177 * GSS_C_NT_USER_NAME should be initialized to point 178 * to that gss_OID_desc. 179 */ 180 extern gss_OID GSS_C_NT_USER_NAME; 181 182 /* 183 * The implementation must reserve static storage for a 184 * gss_OID_desc object containing the value 185 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 186 * "\x01\x02\x01\x02"}, 187 * corresponding to an object-identifier value of 188 * {iso(1) member-body(2) United States(840) mit(113554) 189 * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}. 190 * The constant GSS_C_NT_MACHINE_UID_NAME should be 191 * initialized to point to that gss_OID_desc. 192 */ 193 extern gss_OID GSS_C_NT_MACHINE_UID_NAME; 194 195 /* 196 * The implementation must reserve static storage for a 197 * gss_OID_desc object containing the value 198 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 199 * "\x01\x02\x01\x03"}, 200 * corresponding to an object-identifier value of 201 * {iso(1) member-body(2) United States(840) mit(113554) 202 * infosys(1) gssapi(2) generic(1) string_uid_name(3)}. 203 * The constant GSS_C_NT_STRING_UID_NAME should be 204 * initialized to point to that gss_OID_desc. 205 */ 206 extern gss_OID GSS_C_NT_STRING_UID_NAME; 207 208 /* 209 * The implementation must reserve static storage for a 210 * gss_OID_desc object containing the value 211 * {6, (void *)"\x2b\x06\x01\x05\x06\x02"}, 212 * corresponding to an object-identifier value of 213 * {iso(1) org(3) dod(6) internet(1) security(5) 214 * nametypes(6) gss-host-based-services(2)). The constant 215 * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point 216 * to that gss_OID_desc. This is a deprecated OID value, and 217 * implementations wishing to support hostbased-service names 218 * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID, 219 * defined below, to identify such names; 220 * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym 221 * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input 222 * parameter, but should not be emitted by GSS-API 223 * implementations 224 */ 225 extern gss_OID GSS_C_NT_HOSTBASED_SERVICE_X; 226 227 /* 228 * The implementation must reserve static storage for a 229 * gss_OID_desc object containing the value 230 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 231 * "\x01\x02\x01\x04"}, corresponding to an 232 * object-identifier value of {iso(1) member-body(2) 233 * Unites States(840) mit(113554) infosys(1) gssapi(2) 234 * generic(1) service_name(4)}. The constant 235 * GSS_C_NT_HOSTBASED_SERVICE should be initialized 236 * to point to that gss_OID_desc. 237 */ 238 extern gss_OID GSS_C_NT_HOSTBASED_SERVICE; 239 240 /* 241 * The implementation must reserve static storage for a 242 * gss_OID_desc object containing the value 243 * {6, (void *)"\x2b\x06\01\x05\x06\x03"}, 244 * corresponding to an object identifier value of 245 * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 246 * 6(nametypes), 3(gss-anonymous-name)}. The constant 247 * and GSS_C_NT_ANONYMOUS should be initialized to point 248 * to that gss_OID_desc. 249 */ 250 extern gss_OID GSS_C_NT_ANONYMOUS; 251 252 253 /* 254 * The implementation must reserve static storage for a 255 * gss_OID_desc object containing the value 256 * {6, (void *)"\x2b\x06\x01\x05\x06\x04"}, 257 * corresponding to an object-identifier value of 258 * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 259 * 6(nametypes), 4(gss-api-exported-name)}. The constant 260 * GSS_C_NT_EXPORT_NAME should be initialized to point 261 * to that gss_OID_desc. 262 */ 263 extern gss_OID GSS_C_NT_EXPORT_NAME; 264 265 /* 266 * This name form shall be represented by the Object Identifier {iso(1) 267 * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 268 * krb5(2) krb5_name(1)}. The recommended symbolic name for this type 269 * is "GSS_KRB5_NT_PRINCIPAL_NAME". 270 */ 271 extern gss_OID GSS_KRB5_NT_PRINCIPAL_NAME; 272 273 /* 274 * This name form shall be represented by the Object Identifier {iso(1) 275 * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 276 * generic(1) user_name(1)}. The recommended symbolic name for this 277 * type is "GSS_KRB5_NT_USER_NAME". 278 */ 279 extern gss_OID GSS_KRB5_NT_USER_NAME; 280 281 /* 282 * This name form shall be represented by the Object Identifier {iso(1) 283 * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 284 * generic(1) machine_uid_name(2)}. The recommended symbolic name for 285 * this type is "GSS_KRB5_NT_MACHINE_UID_NAME". 286 */ 287 extern gss_OID GSS_KRB5_NT_MACHINE_UID_NAME; 288 289 /* 290 * This name form shall be represented by the Object Identifier {iso(1) 291 * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 292 * generic(1) string_uid_name(3)}. The recommended symbolic name for 293 * this type is "GSS_KRB5_NT_STRING_UID_NAME". 294 */ 295 extern gss_OID GSS_KRB5_NT_STRING_UID_NAME; 296 297 /* Major status codes */ 298 299 #define GSS_S_COMPLETE 0 300 301 /* 302 * Some "helper" definitions to make the status code macros obvious. 303 */ 304 #define GSS_C_CALLING_ERROR_OFFSET 24 305 #define GSS_C_ROUTINE_ERROR_OFFSET 16 306 #define GSS_C_SUPPLEMENTARY_OFFSET 0 307 #define GSS_C_CALLING_ERROR_MASK 0377ul 308 #define GSS_C_ROUTINE_ERROR_MASK 0377ul 309 #define GSS_C_SUPPLEMENTARY_MASK 0177777ul 310 311 /* 312 * The macros that test status codes for error conditions. 313 * Note that the GSS_ERROR() macro has changed slightly from 314 * the V1 GSS-API so that it now evaluates its argument 315 * only once. 316 */ 317 #define GSS_CALLING_ERROR(x) \ 318 (x & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET)) 319 #define GSS_ROUTINE_ERROR(x) \ 320 (x & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)) 321 #define GSS_SUPPLEMENTARY_INFO(x) \ 322 (x & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET)) 323 #define GSS_ERROR(x) \ 324 (x & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) | \ 325 (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))) 326 327 /* 328 * Now the actual status code definitions 329 */ 330 331 /* 332 * Calling errors: 333 */ 334 #define GSS_S_CALL_INACCESSIBLE_READ \ 335 (1ul << GSS_C_CALLING_ERROR_OFFSET) 336 #define GSS_S_CALL_INACCESSIBLE_WRITE \ 337 (2ul << GSS_C_CALLING_ERROR_OFFSET) 338 #define GSS_S_CALL_BAD_STRUCTURE \ 339 (3ul << GSS_C_CALLING_ERROR_OFFSET) 340 341 /* 342 * Routine errors: 343 */ 344 #define GSS_S_BAD_MECH (1ul << GSS_C_ROUTINE_ERROR_OFFSET) 345 #define GSS_S_BAD_NAME (2ul << GSS_C_ROUTINE_ERROR_OFFSET) 346 #define GSS_S_BAD_NAMETYPE (3ul << GSS_C_ROUTINE_ERROR_OFFSET) 347 #define GSS_S_BAD_BINDINGS (4ul << GSS_C_ROUTINE_ERROR_OFFSET) 348 #define GSS_S_BAD_STATUS (5ul << GSS_C_ROUTINE_ERROR_OFFSET) 349 #define GSS_S_BAD_SIG (6ul << GSS_C_ROUTINE_ERROR_OFFSET) 350 #define GSS_S_BAD_MIC GSS_S_BAD_SIG 351 #define GSS_S_NO_CRED (7ul << GSS_C_ROUTINE_ERROR_OFFSET) 352 #define GSS_S_NO_CONTEXT (8ul << GSS_C_ROUTINE_ERROR_OFFSET) 353 #define GSS_S_DEFECTIVE_TOKEN (9ul << GSS_C_ROUTINE_ERROR_OFFSET) 354 #define GSS_S_DEFECTIVE_CREDENTIAL (10ul << GSS_C_ROUTINE_ERROR_OFFSET) 355 #define GSS_S_CREDENTIALS_EXPIRED (11ul << GSS_C_ROUTINE_ERROR_OFFSET) 356 #define GSS_S_CONTEXT_EXPIRED (12ul << GSS_C_ROUTINE_ERROR_OFFSET) 357 #define GSS_S_FAILURE (13ul << GSS_C_ROUTINE_ERROR_OFFSET) 358 #define GSS_S_BAD_QOP (14ul << GSS_C_ROUTINE_ERROR_OFFSET) 359 #define GSS_S_UNAUTHORIZED (15ul << GSS_C_ROUTINE_ERROR_OFFSET) 360 #define GSS_S_UNAVAILABLE (16ul << GSS_C_ROUTINE_ERROR_OFFSET) 361 #define GSS_S_DUPLICATE_ELEMENT (17ul << GSS_C_ROUTINE_ERROR_OFFSET) 362 #define GSS_S_NAME_NOT_MN (18ul << GSS_C_ROUTINE_ERROR_OFFSET) 363 364 /* 365 * Supplementary info bits: 366 */ 367 #define GSS_S_CONTINUE_NEEDED \ 368 (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 0)) 369 #define GSS_S_DUPLICATE_TOKEN \ 370 (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 1)) 371 #define GSS_S_OLD_TOKEN \ 372 (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 2)) 373 #define GSS_S_UNSEQ_TOKEN \ 374 (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 3)) 375 #define GSS_S_GAP_TOKEN \ 376 (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 4)) 377 378 __BEGIN_DECLS 379 380 /* 381 * Finally, function prototypes for the GSS-API routines. 382 */ 383 OM_uint32 gss_acquire_cred 384 (OM_uint32 *, /* minor_status */ 385 const gss_name_t, /* desired_name */ 386 OM_uint32, /* time_req */ 387 const gss_OID_set, /* desired_mechs */ 388 gss_cred_usage_t, /* cred_usage */ 389 gss_cred_id_t *, /* output_cred_handle */ 390 gss_OID_set *, /* actual_mechs */ 391 OM_uint32 * /* time_rec */ 392 ); 393 394 OM_uint32 gss_release_cred 395 (OM_uint32 *, /* minor_status */ 396 gss_cred_id_t * /* cred_handle */ 397 ); 398 399 OM_uint32 gss_init_sec_context 400 (OM_uint32 *, /* minor_status */ 401 const gss_cred_id_t, /* initiator_cred_handle */ 402 gss_ctx_id_t *, /* context_handle */ 403 const gss_name_t, /* target_name */ 404 const gss_OID, /* mech_type */ 405 OM_uint32, /* req_flags */ 406 OM_uint32, /* time_req */ 407 const gss_channel_bindings_t, 408 /* input_chan_bindings */ 409 const gss_buffer_t, /* input_token */ 410 gss_OID *, /* actual_mech_type */ 411 gss_buffer_t, /* output_token */ 412 OM_uint32 *, /* ret_flags */ 413 OM_uint32 * /* time_rec */ 414 ); 415 416 OM_uint32 gss_accept_sec_context 417 (OM_uint32 *, /* minor_status */ 418 gss_ctx_id_t *, /* context_handle */ 419 const gss_cred_id_t, /* acceptor_cred_handle */ 420 const gss_buffer_t, /* input_token_buffer */ 421 const gss_channel_bindings_t, 422 /* input_chan_bindings */ 423 gss_name_t *, /* src_name */ 424 gss_OID *, /* mech_type */ 425 gss_buffer_t, /* output_token */ 426 OM_uint32 *, /* ret_flags */ 427 OM_uint32 *, /* time_rec */ 428 gss_cred_id_t * /* delegated_cred_handle */ 429 ); 430 431 OM_uint32 gss_delete_sec_context 432 (OM_uint32 *, /* minor_status */ 433 gss_ctx_id_t *, /* context_handle */ 434 gss_buffer_t /* output_token */ 435 ); 436 437 OM_uint32 gss_get_mic 438 (OM_uint32 *, /* minor_status */ 439 const gss_ctx_id_t, /* context_handle */ 440 gss_qop_t, /* qop_req */ 441 const gss_buffer_t, /* message_buffer */ 442 gss_buffer_t /* message_token */ 443 ); 444 445 OM_uint32 gss_verify_mic 446 (OM_uint32 *, /* minor_status */ 447 const gss_ctx_id_t, /* context_handle */ 448 const gss_buffer_t, /* message_buffer */ 449 const gss_buffer_t, /* token_buffer */ 450 gss_qop_t * /* qop_state */ 451 ); 452 453 OM_uint32 gss_wrap 454 (OM_uint32 *, /* minor_status */ 455 const gss_ctx_id_t, /* context_handle */ 456 int, /* conf_req_flag */ 457 gss_qop_t, /* qop_req */ 458 const gss_buffer_t, /* input_message_buffer */ 459 int *, /* conf_state */ 460 gss_buffer_t /* output_message_buffer */ 461 ); 462 463 OM_uint32 gss_unwrap 464 (OM_uint32 *, /* minor_status */ 465 const gss_ctx_id_t, /* context_handle */ 466 const gss_buffer_t, /* input_message_buffer */ 467 gss_buffer_t, /* output_message_buffer */ 468 int *, /* conf_state */ 469 gss_qop_t * /* qop_state */ 470 ); 471 472 OM_uint32 gss_display_status 473 (OM_uint32 *, /* minor_status */ 474 OM_uint32, /* status_value */ 475 int, /* status_type */ 476 const gss_OID, /* mech_type */ 477 OM_uint32 *, /* message_context */ 478 gss_buffer_t /* status_string */ 479 ); 480 481 OM_uint32 gss_import_name 482 (OM_uint32 *, /* minor_status */ 483 const gss_buffer_t, /* input_name_buffer */ 484 const gss_OID, /* input_name_type */ 485 gss_name_t * /* output_name */ 486 ); 487 488 OM_uint32 gss_export_name 489 (OM_uint32 *, /* minor_status */ 490 const gss_name_t, /* input_name */ 491 gss_buffer_t /* exported_name */ 492 ); 493 494 OM_uint32 gss_release_name 495 (OM_uint32 *, /* minor_status */ 496 gss_name_t * /* input_name */ 497 ); 498 499 OM_uint32 gss_release_buffer 500 (OM_uint32 *, /* minor_status */ 501 gss_buffer_t /* buffer */ 502 ); 503 504 OM_uint32 gss_release_oid_set 505 (OM_uint32 *, /* minor_status */ 506 gss_OID_set * /* set */ 507 ); 508 509 OM_uint32 gss_wrap_size_limit ( 510 OM_uint32 *, /* minor_status */ 511 const gss_ctx_id_t, /* context_handle */ 512 int, /* conf_req_flag */ 513 gss_qop_t, /* qop_req */ 514 OM_uint32, /* req_output_size */ 515 OM_uint32 * /* max_input_size */ 516 ); 517 518 OM_uint32 gss_create_empty_oid_set ( 519 OM_uint32 *, /* minor_status */ 520 gss_OID_set * /* oid_set */ 521 ); 522 523 OM_uint32 gss_add_oid_set_member ( 524 OM_uint32 *, /* minor_status */ 525 const gss_OID, /* member_oid */ 526 gss_OID_set * /* oid_set */ 527 ); 528 529 OM_uint32 gss_test_oid_set_member ( 530 OM_uint32 *, /* minor_status */ 531 const gss_OID, /* member */ 532 const gss_OID_set, /* set */ 533 int * /* present */ 534 ); 535 536 OM_uint32 gss_canonicalize_name ( 537 OM_uint32 *, /* minor_status */ 538 const gss_name_t, /* input_name */ 539 const gss_OID, /* mech_type */ 540 gss_name_t * /* output_name */ 541 ); 542 543 /* 544 * Other extensions and helper functions. 545 */ 546 547 OM_uint32 gss_set_cred_option 548 (OM_uint32 *, /* minor status */ 549 gss_cred_id_t *, /* cred */ 550 const gss_OID, /* option to set */ 551 const gss_buffer_t /* option value */ 552 ); 553 554 OM_uint32 gss_pname_to_uid 555 (OM_uint32 *, /* minor status */ 556 const gss_name_t pname, /* principal name */ 557 const gss_OID mech, /* mechanism to query */ 558 uid_t *uidp /* pointer to UID for result */ 559 ); 560 561 /* 562 * On entry, *numgroups is set to the maximum number of groups to return. On exit, *numgroups is set to the actual number of groups returned. 563 */ 564 OM_uint32 gss_pname_to_unix_cred 565 (OM_uint32 *, /* minor status */ 566 const gss_name_t pname, /* principal name */ 567 const gss_OID mech, /* mechanism to query */ 568 uid_t *uidp, /* pointer to UID for result */ 569 gid_t *gidp, /* pointer to GID for result */ 570 int *numgroups, /* number of groups */ 571 gid_t *groups /* pointer to group list */ 572 ); 573 574 /* 575 * Mbuf oriented message signing and encryption. 576 * 577 * Get_mic allocates an mbuf to hold the message checksum. Verify_mic 578 * may modify the passed-in mic but will not free it. 579 * 580 * Wrap and unwrap 581 * consume the message and generate a new mbuf chain with the 582 * result. The original message is freed on error. 583 */ 584 struct mbuf; 585 OM_uint32 gss_get_mic_mbuf 586 (OM_uint32 *, /* minor_status */ 587 const gss_ctx_id_t, /* context_handle */ 588 gss_qop_t, /* qop_req */ 589 struct mbuf *, /* message_buffer */ 590 struct mbuf ** /* message_token */ 591 ); 592 593 OM_uint32 gss_verify_mic_mbuf 594 (OM_uint32 *, /* minor_status */ 595 const gss_ctx_id_t, /* context_handle */ 596 struct mbuf *, /* message_buffer */ 597 struct mbuf *, /* token_buffer */ 598 gss_qop_t * /* qop_state */ 599 ); 600 601 OM_uint32 gss_wrap_mbuf 602 (OM_uint32 *, /* minor_status */ 603 const gss_ctx_id_t, /* context_handle */ 604 int, /* conf_req_flag */ 605 gss_qop_t, /* qop_req */ 606 struct mbuf **, /* message_buffer */ 607 int * /* conf_state */ 608 ); 609 610 OM_uint32 gss_unwrap_mbuf 611 (OM_uint32 *, /* minor_status */ 612 const gss_ctx_id_t, /* context_handle */ 613 struct mbuf **, /* message_buffer */ 614 int *, /* conf_state */ 615 gss_qop_t * /* qop_state */ 616 ); 617 618 __END_DECLS 619 620 #endif /* _KGSSAPI_GSSAPI_H_ */ 621