1 /*- 2 * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ 3 * Authors: Doug Rabson <dfr@rabson.org> 4 * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25 * SUCH DAMAGE. 26 */ 27 28 29 #ifdef RPC_HDR 30 31 %#ifdef _KERNEL 32 %#include <kgssapi/gssapi.h> 33 %#else 34 %#include <gssapi/gssapi.h> 35 %#endif 36 37 %extern bool_t xdr_gss_buffer_desc(XDR *xdrs, gss_buffer_desc *buf); 38 %extern bool_t xdr_gss_OID_desc(XDR *xdrs, gss_OID_desc *oid); 39 %extern bool_t xdr_gss_OID(XDR *xdrs, gss_OID *oidp); 40 %extern bool_t xdr_gss_OID_set_desc(XDR *xdrs, gss_OID_set_desc *set); 41 %extern bool_t xdr_gss_OID_set(XDR *xdrs, gss_OID_set *setp); 42 %extern bool_t xdr_gss_channel_bindings_t(XDR *xdrs, gss_channel_bindings_t *chp); 43 44 #endif 45 46 typedef uint64_t gssd_ctx_id_t; 47 typedef uint64_t gssd_cred_id_t; 48 typedef uint64_t gssd_name_t; 49 50 struct init_sec_context_res { 51 uint32_t major_status; 52 uint32_t minor_status; 53 gssd_ctx_id_t ctx; 54 gss_OID actual_mech_type; 55 gss_buffer_desc output_token; 56 uint32_t ret_flags; 57 uint32_t time_rec; 58 }; 59 60 struct init_sec_context_args { 61 uint32_t uid; 62 gssd_cred_id_t cred; 63 gssd_ctx_id_t ctx; 64 gssd_name_t name; 65 gss_OID mech_type; 66 uint32_t req_flags; 67 uint32_t time_req; 68 gss_channel_bindings_t input_chan_bindings; 69 gss_buffer_desc input_token; 70 }; 71 72 struct accept_sec_context_res { 73 uint32_t major_status; 74 uint32_t minor_status; 75 gssd_ctx_id_t ctx; 76 gssd_name_t src_name; 77 gss_OID mech_type; 78 gss_buffer_desc output_token; 79 uint32_t ret_flags; 80 uint32_t time_rec; 81 gssd_cred_id_t delegated_cred_handle; 82 }; 83 84 struct accept_sec_context_args { 85 gssd_ctx_id_t ctx; 86 gssd_cred_id_t cred; 87 gss_buffer_desc input_token; 88 gss_channel_bindings_t input_chan_bindings; 89 }; 90 91 struct delete_sec_context_res { 92 uint32_t major_status; 93 uint32_t minor_status; 94 gss_buffer_desc output_token; 95 }; 96 97 struct delete_sec_context_args { 98 gssd_ctx_id_t ctx; 99 }; 100 101 enum sec_context_format { 102 KGSS_HEIMDAL_0_6, 103 KGSS_HEIMDAL_1_1 104 }; 105 106 struct export_sec_context_res { 107 uint32_t major_status; 108 uint32_t minor_status; 109 enum sec_context_format format; 110 gss_buffer_desc interprocess_token; 111 }; 112 113 struct export_sec_context_args { 114 gssd_ctx_id_t ctx; 115 }; 116 117 struct import_name_res { 118 uint32_t major_status; 119 uint32_t minor_status; 120 gssd_name_t output_name; 121 }; 122 123 struct import_name_args { 124 gss_buffer_desc input_name_buffer; 125 gss_OID input_name_type; 126 }; 127 128 struct canonicalize_name_res { 129 uint32_t major_status; 130 uint32_t minor_status; 131 gssd_name_t output_name; 132 }; 133 134 struct canonicalize_name_args { 135 gssd_name_t input_name; 136 gss_OID mech_type; 137 }; 138 139 struct export_name_res { 140 uint32_t major_status; 141 uint32_t minor_status; 142 gss_buffer_desc exported_name; 143 }; 144 145 struct export_name_args { 146 gssd_name_t input_name; 147 }; 148 149 struct release_name_res { 150 uint32_t major_status; 151 uint32_t minor_status; 152 }; 153 154 struct release_name_args { 155 gssd_name_t input_name; 156 }; 157 158 struct pname_to_uid_res { 159 uint32_t major_status; 160 uint32_t minor_status; 161 uint32_t uid; 162 uint32_t gid; 163 uint32_t gidlist<>; 164 }; 165 166 struct pname_to_uid_args { 167 gssd_name_t pname; 168 gss_OID mech; 169 }; 170 171 struct acquire_cred_res { 172 uint32_t major_status; 173 uint32_t minor_status; 174 gssd_cred_id_t output_cred; 175 gss_OID_set actual_mechs; 176 uint32_t time_rec; 177 }; 178 179 struct acquire_cred_args { 180 uint32_t uid; 181 gssd_name_t desired_name; 182 uint32_t time_req; 183 gss_OID_set desired_mechs; 184 int cred_usage; 185 }; 186 187 struct set_cred_option_res { 188 uint32_t major_status; 189 uint32_t minor_status; 190 }; 191 192 struct set_cred_option_args { 193 gssd_cred_id_t cred; 194 gss_OID option_name; 195 gss_buffer_desc option_value; 196 }; 197 198 struct release_cred_res { 199 uint32_t major_status; 200 uint32_t minor_status; 201 }; 202 203 struct release_cred_args { 204 gssd_cred_id_t cred; 205 }; 206 207 struct display_status_res { 208 uint32_t major_status; 209 uint32_t minor_status; 210 uint32_t message_context; 211 gss_buffer_desc status_string; 212 }; 213 214 struct display_status_args { 215 uint32_t status_value; 216 int status_type; 217 gss_OID mech_type; 218 uint32_t message_context; 219 }; 220 221 program GSSD { 222 version GSSDVERS { 223 void GSSD_NULL(void) = 0; 224 225 init_sec_context_res 226 GSSD_INIT_SEC_CONTEXT(init_sec_context_args) = 1; 227 228 accept_sec_context_res 229 GSSD_ACCEPT_SEC_CONTEXT(accept_sec_context_args) = 2; 230 231 delete_sec_context_res 232 GSSD_DELETE_SEC_CONTEXT(delete_sec_context_args) = 3; 233 234 export_sec_context_res 235 GSSD_EXPORT_SEC_CONTEXT(export_sec_context_args) = 4; 236 237 import_name_res 238 GSSD_IMPORT_NAME(import_name_args) = 5; 239 240 canonicalize_name_res 241 GSSD_CANONICALIZE_NAME(canonicalize_name_args) = 6; 242 243 export_name_res 244 GSSD_EXPORT_NAME(export_name_args) = 7; 245 246 release_name_res 247 GSSD_RELEASE_NAME(release_name_args) = 8; 248 249 pname_to_uid_res 250 GSSD_PNAME_TO_UID(pname_to_uid_args) = 9; 251 252 acquire_cred_res 253 GSSD_ACQUIRE_CRED(acquire_cred_args) = 10; 254 255 set_cred_option_res 256 GSSD_SET_CRED_OPTION(set_cred_option_args) = 11; 257 258 release_cred_res 259 GSSD_RELEASE_CRED(release_cred_args) = 12; 260 261 display_status_res 262 GSSD_DISPLAY_STATUS(display_status_args) = 13; 263 } = 1; 264 } = 0x40677373; 265