1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 #ifndef _KCMD_H 28 #define _KCMD_H 29 30 #ifdef __cplusplus 31 extern "C" { 32 #endif 33 34 #define OPTS_FORWARD_CREDS 0x00000002 35 #define OPTS_FORWARDABLE_CREDS 0x00000001 36 37 #define SERVER 0 38 #define CLIENT 1 39 40 enum kcmd_proto { 41 /* 42 * Old protocol: DES encryption only. No subkeys. 43 * No protection for cleartext length. No ivec supplied. 44 * OOB hacks used for rlogin. Checksum may be omitted at 45 * connection startup. 46 */ 47 KCMD_OLD_PROTOCOL = 1, 48 /* 49 * New protocol: Any encryption scheme. Client-generated 50 * subkey required. Prepend cleartext-length to cleartext 51 * data (but don't include it in count). Starting ivec defined, 52 * chained. In-band signalling. Checksum required. 53 */ 54 KCMD_NEW_PROTOCOL, 55 56 /* 57 * Hack: Get credentials, and use the old protocol iff the session 58 * key type is single-DES. 59 */ 60 KCMD_PROTOCOL_COMPAT_HACK, 61 /* Using Kerberos version 4. */ 62 KCMD_V4_PROTOCOL, 63 KCMD_UNKNOWN_PROTOCOL 64 }; 65 66 #define SOCK_FAMILY(ss) ((ss).ss_family) 67 68 #define SOCK_PORT(ss) ((ss).ss_family == AF_INET6 ? \ 69 ((struct sockaddr_in6 *)&(ss))->sin6_port : \ 70 ((struct sockaddr_in *)&(ss))->sin_port) 71 72 #define SOCK_ADDR(ss) ((ss).ss_family == AF_INET6 ? \ 73 (void *)&((struct sockaddr_in6 *)&(ss))->sin6_addr : \ 74 (void *)&((struct sockaddr_in *)&(ss))->sin_addr) 75 76 #define SET_SOCK_FAMILY(ss, family) (SOCK_FAMILY(ss) = (family)) 77 78 #define SET_SOCK_PORT(ss, port) \ 79 ((ss).ss_family == AF_INET6 ? \ 80 (((struct sockaddr_in6 *)&(ss))->sin6_port = (port)) : \ 81 (((struct sockaddr_in *)&(ss))->sin_port = (port))) 82 83 #define SET_SOCK_ADDR4(ss, addr) ((void)(sock_set_inaddr(&(ss), (addr)))) 84 85 #define SET_SOCK_ADDR_ANY(ss) \ 86 ((void) ((ss).ss_family == AF_INET6 ? \ 87 (void) (((struct sockaddr_in6 *)&(ss))->sin6_addr = in6addr_any) : \ 88 (void) (((struct sockaddr_in *)&(ss))->sin_addr.s_addr = \ 89 htonl(INADDR_ANY)))) 90 91 /* 92 * Prototypes for functions in 'kcmd.c' 93 */ 94 char *strsave(char *sp); 95 96 int kcmd(int *sock, char **ahost, ushort_t rport, char *locuser, 97 char *remuser, char *cmd, int *fd2p, char *service, char *realm, 98 krb5_context bsd_context, krb5_auth_context *authconp, 99 krb5_creds **cred, krb5_int32 *seqno, krb5_int32 *server_seqno, 100 krb5_flags authopts, 101 int anyport, enum kcmd_proto *kcmd_proto); 102 103 void init_encrypt(int, krb5_context, enum kcmd_proto, 104 krb5_data *, krb5_data *, 105 int, krb5_encrypt_block *); 106 107 int desread(int, char *, int, int); 108 int deswrite(int, char *, int, int); 109 110 #ifdef __cplusplus 111 } 112 #endif 113 114 #endif /* _KCMD_H */ 115