xref: /illumos-gate/usr/src/cmd/cmd-inet/common/kcmd.h (revision e3ae4b35c024af1196582063ecee3ab79367227d)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #ifndef	_KCMD_H
28 #define	_KCMD_H
29 
30 #ifdef	__cplusplus
31 extern "C" {
32 #endif
33 
34 #define	OPTS_FORWARD_CREDS		0x00000002
35 #define	OPTS_FORWARDABLE_CREDS		0x00000001
36 
37 #define	SERVER	0
38 #define	CLIENT	1
39 
40 enum kcmd_proto {
41 	/*
42 	 * Old protocol: DES encryption only.  No subkeys.
43 	 * No protection for cleartext length.  No ivec supplied.
44 	 * OOB hacks used for rlogin.  Checksum may be omitted at
45 	 * connection startup.
46 	 */
47 	KCMD_OLD_PROTOCOL = 1,
48 	/*
49 	 * New protocol: Any encryption scheme.  Client-generated
50 	 * subkey required.  Prepend cleartext-length to cleartext
51 	 * data (but don't include it in count).  Starting ivec defined,
52 	 * chained.  In-band signalling.  Checksum required.
53 	 */
54 	KCMD_NEW_PROTOCOL,
55 
56 	/*
57 	 * Hack: Get credentials, and use the old protocol iff the session
58 	 * key type is single-DES.
59 	 */
60 	KCMD_PROTOCOL_COMPAT_HACK,
61 	/* Using Kerberos version 4.  */
62 	KCMD_V4_PROTOCOL,
63 	KCMD_UNKNOWN_PROTOCOL
64 };
65 
66 #define	SOCK_FAMILY(ss) ((ss).ss_family)
67 
68 #define	SOCK_PORT(ss) ((ss).ss_family == AF_INET6 ? \
69 ((struct sockaddr_in6 *)&(ss))->sin6_port : \
70 ((struct sockaddr_in *)&(ss))->sin_port)
71 
72 #define	SOCK_ADDR(ss) ((ss).ss_family == AF_INET6 ? \
73 (void *)&((struct sockaddr_in6 *)&(ss))->sin6_addr : \
74 (void *)&((struct sockaddr_in *)&(ss))->sin_addr)
75 
76 #define	SET_SOCK_FAMILY(ss, family) (SOCK_FAMILY(ss) = (family))
77 
78 #define	SET_SOCK_PORT(ss, port) \
79 	((ss).ss_family == AF_INET6 ? \
80 	(((struct sockaddr_in6 *)&(ss))->sin6_port = (port)) : \
81 	(((struct sockaddr_in *)&(ss))->sin_port = (port)))
82 
83 #define	SET_SOCK_ADDR4(ss, addr) ((void)(sock_set_inaddr(&(ss), (addr))))
84 
85 #define	SET_SOCK_ADDR_ANY(ss) \
86 	((void) ((ss).ss_family == AF_INET6 ? \
87 	(void) (((struct sockaddr_in6 *)&(ss))->sin6_addr = in6addr_any) : \
88 	(void) (((struct sockaddr_in *)&(ss))->sin_addr.s_addr = \
89 	htonl(INADDR_ANY))))
90 
91 /*
92  * Prototypes for functions in 'kcmd.c'
93  */
94 char *strsave(char *sp);
95 
96 int kcmd(int *sock, char **ahost, ushort_t rport, char *locuser,
97 	char *remuser, char *cmd, int *fd2p, char *service, char *realm,
98 	krb5_context bsd_context, krb5_auth_context *authconp,
99 	krb5_creds **cred, krb5_int32 *seqno, krb5_int32 *server_seqno,
100 	krb5_flags authopts,
101 	int anyport, enum kcmd_proto *kcmd_proto);
102 
103 void init_encrypt(int, krb5_context, enum kcmd_proto,
104 			krb5_data *, krb5_data *,
105 			int, krb5_encrypt_block *);
106 
107 int desread(int, char *, int, int);
108 int deswrite(int, char *, int, int);
109 
110 #ifdef	__cplusplus
111 }
112 #endif
113 
114 #endif /* _KCMD_H */
115