xref: /freebsd/sys/kgssapi/gssd.x (revision 8311bc5f17dec348749f763b82dfe2737bc53cd7)
1 /*-
2  * Copyright (c) 2008 Isilon Inc http://www.isilon.com/
3  * Authors: Doug Rabson <dfr@rabson.org>
4  * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org>
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  *    notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in the
13  *    documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25  * SUCH DAMAGE.
26  */
27 
28 
29 #ifdef RPC_HDR
30 
31 %#ifdef _KERNEL
32 %#include <kgssapi/gssapi.h>
33 %#else
34 %#include <gssapi/gssapi.h>
35 %#include <netdb.h>
36 %#endif
37 
38 %extern bool_t xdr_gss_buffer_desc(XDR *xdrs, gss_buffer_desc *buf);
39 %extern bool_t xdr_gss_OID_desc(XDR *xdrs, gss_OID_desc *oid);
40 %extern bool_t xdr_gss_OID(XDR *xdrs, gss_OID *oidp);
41 %extern bool_t xdr_gss_OID_set_desc(XDR *xdrs, gss_OID_set_desc *set);
42 %extern bool_t xdr_gss_OID_set(XDR *xdrs, gss_OID_set *setp);
43 %extern bool_t xdr_gss_channel_bindings_t(XDR *xdrs, gss_channel_bindings_t *chp);
44 
45 #endif
46 
47 typedef uint64_t gssd_ctx_id_t;
48 typedef uint64_t gssd_cred_id_t;
49 typedef uint64_t gssd_name_t;
50 
51 struct init_sec_context_res {
52 	uint32_t	major_status;
53 	uint32_t	minor_status;
54 	gssd_ctx_id_t	ctx;
55 	gss_OID		actual_mech_type;
56 	gss_buffer_desc output_token;
57 	uint32_t	ret_flags;
58 	uint32_t	time_rec;
59 };
60 
61 struct init_sec_context_args {
62 	uint32_t	uid;
63 	gssd_cred_id_t	cred;
64 	gssd_ctx_id_t	ctx;
65 	gssd_name_t	name;
66 	gss_OID		mech_type;
67 	uint32_t	req_flags;
68 	uint32_t	time_req;
69 	gss_channel_bindings_t input_chan_bindings;
70 	gss_buffer_desc input_token;
71 };
72 
73 struct accept_sec_context_res {
74 	uint32_t	major_status;
75 	uint32_t	minor_status;
76 	gssd_ctx_id_t	ctx;
77 	gssd_name_t	src_name;
78 	gss_OID		mech_type;
79 	gss_buffer_desc	output_token;
80 	uint32_t	ret_flags;
81 	uint32_t	time_rec;
82 	gssd_cred_id_t	delegated_cred_handle;
83 };
84 
85 struct accept_sec_context_args {
86 	gssd_ctx_id_t	ctx;
87 	gssd_cred_id_t	cred;
88 	gss_buffer_desc	input_token;
89 	gss_channel_bindings_t input_chan_bindings;
90 };
91 
92 struct delete_sec_context_res {
93 	uint32_t	major_status;
94 	uint32_t	minor_status;
95 	gss_buffer_desc	output_token;
96 };
97 
98 struct delete_sec_context_args {
99 	gssd_ctx_id_t	ctx;
100 };
101 
102 enum sec_context_format {
103 	KGSS_HEIMDAL_0_6,
104 	KGSS_HEIMDAL_1_1
105 };
106 
107 struct export_sec_context_res {
108 	uint32_t	major_status;
109 	uint32_t	minor_status;
110 	enum sec_context_format format;
111 	gss_buffer_desc	interprocess_token;
112 };
113 
114 struct export_sec_context_args {
115        gssd_ctx_id_t	ctx;
116 };
117 
118 struct import_name_res {
119 	uint32_t	major_status;
120 	uint32_t	minor_status;
121 	gssd_name_t	output_name;
122 };
123 
124 struct import_name_args {
125 	gss_buffer_desc	input_name_buffer;
126 	gss_OID		input_name_type;
127 };
128 
129 struct canonicalize_name_res {
130 	uint32_t	major_status;
131 	uint32_t	minor_status;
132 	gssd_name_t	output_name;
133 };
134 
135 struct canonicalize_name_args {
136 	gssd_name_t	input_name;
137 	gss_OID		mech_type;
138 };
139 
140 struct export_name_res {
141 	uint32_t	major_status;
142 	uint32_t	minor_status;
143 	gss_buffer_desc	exported_name;
144 };
145 
146 struct export_name_args {
147 	gssd_name_t	input_name;
148 };
149 
150 struct release_name_res {
151 	uint32_t	major_status;
152 	uint32_t	minor_status;
153 };
154 
155 struct release_name_args {
156 	gssd_name_t	input_name;
157 };
158 
159 struct pname_to_uid_res {
160 	uint32_t	major_status;
161 	uint32_t	minor_status;
162 	uint32_t	uid;
163 	uint32_t	gid;
164 	uint32_t	gidlist<>;
165 };
166 
167 struct pname_to_uid_args {
168        gssd_name_t	pname;
169        gss_OID		mech;
170 };
171 
172 struct acquire_cred_res {
173 	uint32_t	major_status;
174 	uint32_t	minor_status;
175 	gssd_cred_id_t	output_cred;
176 	gss_OID_set	actual_mechs;
177 	uint32_t	time_rec;
178 };
179 
180 struct acquire_cred_args {
181 	uint32_t	uid;
182 	gssd_name_t	desired_name;
183 	uint32_t	time_req;
184 	gss_OID_set	desired_mechs;
185 	int		cred_usage;
186 };
187 
188 struct set_cred_option_res {
189 	uint32_t	major_status;
190 	uint32_t	minor_status;
191 };
192 
193 struct set_cred_option_args {
194        gssd_cred_id_t	cred;
195        gss_OID		option_name;
196        gss_buffer_desc	option_value;
197 };
198 
199 struct release_cred_res {
200 	uint32_t	major_status;
201 	uint32_t	minor_status;
202 };
203 
204 struct release_cred_args {
205 	gssd_cred_id_t	cred;
206 };
207 
208 struct display_status_res {
209 	uint32_t	major_status;
210 	uint32_t	minor_status;
211 	uint32_t	message_context;
212 	gss_buffer_desc	status_string;
213 };
214 
215 struct display_status_args {
216        uint32_t		status_value;
217        int		status_type;
218        gss_OID		mech_type;
219        uint32_t		message_context;
220 };
221 
222 struct ip_to_dns_res {
223 	uint32_t	major_status;
224 	uint32_t	minor_status;
225 	char		dns_name<NI_MAXHOST>;
226 };
227 
228 struct ip_to_dns_args {
229 	char		ip_addr<NI_MAXHOST>;
230 };
231 
232 program GSSD {
233 	version GSSDVERS {
234 		void GSSD_NULL(void) = 0;
235 
236 		init_sec_context_res
237 		GSSD_INIT_SEC_CONTEXT(init_sec_context_args) = 1;
238 
239 		accept_sec_context_res
240 		GSSD_ACCEPT_SEC_CONTEXT(accept_sec_context_args) = 2;
241 
242 		delete_sec_context_res
243 		GSSD_DELETE_SEC_CONTEXT(delete_sec_context_args) = 3;
244 
245 		export_sec_context_res
246 		GSSD_EXPORT_SEC_CONTEXT(export_sec_context_args) = 4;
247 
248 		import_name_res
249 		GSSD_IMPORT_NAME(import_name_args) = 5;
250 
251 		canonicalize_name_res
252 		GSSD_CANONICALIZE_NAME(canonicalize_name_args) = 6;
253 
254 		export_name_res
255 		GSSD_EXPORT_NAME(export_name_args) = 7;
256 
257 		release_name_res
258 		GSSD_RELEASE_NAME(release_name_args) = 8;
259 
260 		pname_to_uid_res
261 		GSSD_PNAME_TO_UID(pname_to_uid_args) = 9;
262 
263 		acquire_cred_res
264 		GSSD_ACQUIRE_CRED(acquire_cred_args) = 10;
265 
266 		set_cred_option_res
267 		GSSD_SET_CRED_OPTION(set_cred_option_args) = 11;
268 
269 		release_cred_res
270 		GSSD_RELEASE_CRED(release_cred_args) = 12;
271 
272 		display_status_res
273 		GSSD_DISPLAY_STATUS(display_status_args) = 13;
274 
275 		ip_to_dns_res
276 		GSSD_IP_TO_DNS(ip_to_dns_args) = 14;
277 	} = 1;
278 } = 0x40677373;
279