1 /* 2 * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6 /* 7 * Copyright 1993 by OpenVision Technologies, Inc. 8 * 9 * Permission to use, copy, modify, distribute, and sell this software 10 * and its documentation for any purpose is hereby granted without fee, 11 * provided that the above copyright notice appears in all copies and 12 * that both that copyright notice and this permission notice appear in 13 * supporting documentation, and that the name of OpenVision not be used 14 * in advertising or publicity pertaining to distribution of the software 15 * without specific, written prior permission. OpenVision makes no 16 * representations about the suitability of this software for any 17 * purpose. It is provided "as is" without express or implied warranty. 18 * 19 * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, 20 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO 21 * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR 22 * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF 23 * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR 24 * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 25 * PERFORMANCE OF THIS SOFTWARE. 26 */ 27 28 #ifndef _GSSAPI_H_ 29 #define _GSSAPI_H_ 30 31 #ifdef __cplusplus 32 extern "C" { 33 #endif 34 35 36 /* 37 * First, include sys/types.h to get size_t defined. 38 */ 39 #include <sys/types.h> 40 41 /* 42 * If the platform supports the xom.h header file, it should be 43 * included here. 44 */ 45 #ifdef HAVE_XOM_H 46 #include <xom.h> 47 #endif 48 49 /* 50 * Now define the three implementation-dependent types. 51 */ 52 struct gss_ctx_id; 53 struct gss_cred_id; 54 struct gss_name; 55 56 typedef struct gss_ctx_id *gss_ctx_id_t; 57 typedef struct gss_cred_id *gss_cred_id_t; 58 typedef struct gss_name *gss_name_t; 59 60 /* 61 * The following type must be defined as the smallest natural 62 * unsigned integer supported by the platform that has at least 63 * 32 bits of precision. 64 */ 65 typedef unsigned int gss_uint32; 66 typedef int gss_int32; 67 68 69 #ifdef OM_STRING 70 /* 71 * We have included the xom.h header file. Verify that OM_uint32 72 * is defined correctly. 73 */ 74 75 #if sizeof (gss_uint32) != sizeof (OM_uint32) 76 #error Incompatible definition of OM_uint32 from xom.h 77 #endif 78 79 typedef OM_object_identifier gss_OID_desc, *gss_OID; 80 81 #else 82 83 84 85 /* 86 * We can't use X/Open definitions, so roll our own. 87 */ 88 89 typedef gss_uint32 OM_uint32; 90 91 typedef struct gss_OID_desc_struct { 92 OM_uint32 length; 93 void*elements; 94 } gss_OID_desc, *gss_OID; 95 96 #endif 97 98 typedef struct gss_OID_set_desc_struct { 99 size_t count; 100 gss_OID elements; 101 } gss_OID_set_desc, *gss_OID_set; 102 103 #ifdef _SYSCALL32 104 typedef struct gss_OID_desc_struct32 { 105 OM_uint32 length; 106 caddr32_t elements; 107 } gss_OID_desc32, *gss_OID32; 108 #endif /* _SYSCALL32 */ 109 110 typedef struct gss_buffer_desc_struct { 111 size_t length; 112 void *value; 113 } gss_buffer_desc, *gss_buffer_t; 114 115 typedef struct gss_channel_bindings_struct { 116 OM_uint32 initiator_addrtype; 117 gss_buffer_desc initiator_address; 118 OM_uint32 acceptor_addrtype; 119 gss_buffer_desc acceptor_address; 120 gss_buffer_desc application_data; 121 } *gss_channel_bindings_t; 122 123 /* 124 * For now, define a QOP-type as an OM_uint32 125 */ 126 typedef OM_uint32 gss_qop_t; 127 typedef int gss_cred_usage_t; 128 129 /* 130 * Flag bits for context-level services. 131 */ 132 #define GSS_C_DELEG_FLAG 1 133 #define GSS_C_MUTUAL_FLAG 2 134 #define GSS_C_REPLAY_FLAG 4 135 #define GSS_C_SEQUENCE_FLAG 8 136 #define GSS_C_CONF_FLAG 16 137 #define GSS_C_INTEG_FLAG 32 138 #define GSS_C_ANON_FLAG 64 139 #define GSS_C_PROT_READY_FLAG 128 140 #define GSS_C_TRANS_FLAG 256 141 142 /* 143 * Credential usage options 144 */ 145 #define GSS_C_BOTH 0 146 #define GSS_C_INITIATE 1 147 #define GSS_C_ACCEPT 2 148 149 /* 150 * Status code types for gss_display_status 151 */ 152 #define GSS_C_GSS_CODE 1 153 #define GSS_C_MECH_CODE 2 154 155 /* 156 * The constant definitions for channel-bindings address families 157 */ 158 #define GSS_C_AF_UNSPEC 0 159 #define GSS_C_AF_LOCAL 1 160 #define GSS_C_AF_INET 2 161 #define GSS_C_AF_IMPLINK 3 162 #define GSS_C_AF_PUP 4 163 #define GSS_C_AF_CHAOS 5 164 #define GSS_C_AF_NS 6 165 #define GSS_C_AF_NBS 7 166 #define GSS_C_AF_ECMA 8 167 #define GSS_C_AF_DATAKIT 9 168 #define GSS_C_AF_CCITT 10 169 #define GSS_C_AF_SNA 11 170 #define GSS_C_AF_DECnet 12 171 #define GSS_C_AF_DLI 13 172 #define GSS_C_AF_LAT 14 173 #define GSS_C_AF_HYLINK 15 174 #define GSS_C_AF_APPLETALK 16 175 #define GSS_C_AF_BSC 17 176 #define GSS_C_AF_DSS 18 177 #define GSS_C_AF_OSI 19 178 #define GSS_C_AF_X25 21 179 180 #define GSS_C_AF_NULLADDR 255 181 182 /* 183 * Various Null values 184 */ 185 #define GSS_C_NO_NAME ((gss_name_t) 0) 186 #define GSS_C_NO_BUFFER ((gss_buffer_t) 0) 187 #define GSS_C_NO_OID ((gss_OID) 0) 188 #define GSS_C_NO_OID_SET ((gss_OID_set) 0) 189 #define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0) 190 #define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0) 191 #define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0) 192 #define GSS_C_EMPTY_BUFFER {0, NULL} 193 194 /* 195 * Some alternate names for a couple of the above 196 * values. These are defined for V1 compatibility. 197 */ 198 #define GSS_C_NULL_OID GSS_C_NO_OID 199 #define GSS_C_NULL_OID_SET GSS_C_NO_OID_SET 200 201 /* 202 * Define the default Quality of Protection for per-message 203 * services. Note that an implementation that offers multiple 204 * levels of QOP may define GSS_C_QOP_DEFAULT to be either zero 205 * (as done here) to mean "default protection", or to a specific 206 * explicit QOP value. However, a value of 0 should always be 207 * interpreted by a GSSAPI implementation as a request for the 208 * default protection level. 209 */ 210 #define GSS_C_QOP_DEFAULT 0 211 212 /* 213 * Expiration time of 2^32-1 seconds means infinite lifetime for a 214 * credential or security context 215 */ 216 #define GSS_C_INDEFINITE ((OM_uint32) 0xfffffffful) 217 218 /* 219 * The implementation must reserve static storage for a 220 * gss_OID_desc object containing the value 221 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 222 * "\x01\x02\x01\x01"}, 223 * corresponding to an object-identifier value of 224 * {iso(1) member-body(2) United States(840) mit(113554) 225 * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant 226 * GSS_C_NT_USER_NAME should be initialized to point 227 * to that gss_OID_desc. 228 */ 229 extern const gss_OID GSS_C_NT_USER_NAME; 230 231 /* 232 * The implementation must reserve static storage for a 233 * gss_OID_desc object containing the value 234 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 235 * "\x01\x02\x01\x02"}, 236 * corresponding to an object-identifier value of 237 * {iso(1) member-body(2) United States(840) mit(113554) 238 * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}. 239 * The constant GSS_C_NT_MACHINE_UID_NAME should be 240 * initialized to point to that gss_OID_desc. 241 */ 242 extern const gss_OID GSS_C_NT_MACHINE_UID_NAME; 243 244 /* 245 * The implementation must reserve static storage for a 246 * gss_OID_desc object containing the value 247 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 248 * "\x01\x02\x01\x03"}, 249 * corresponding to an object-identifier value of 250 * {iso(1) member-body(2) United States(840) mit(113554) 251 * infosys(1) gssapi(2) generic(1) string_uid_name(3)}. 252 * The constant GSS_C_NT_STRING_UID_NAME should be 253 * initialized to point to that gss_OID_desc. 254 */ 255 extern const gss_OID GSS_C_NT_STRING_UID_NAME; 256 257 /* 258 * The implementation must reserve static storage for a 259 * gss_OID_desc object containing the value 260 * {6, (void *)"\x2b\x06\x01\x05\x06\x02"}, 261 * corresponding to an object-identifier value of 262 * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 263 * 6(nametypes), 2(gss-host-based-services)}. The constant 264 * GSS_C_NT_HOSTBASED_SERVICE should be initialized to point 265 * to that gss_OID_desc. 266 */ 267 extern const gss_OID GSS_C_NT_HOSTBASED_SERVICE; 268 269 /* 270 * The implementation must reserve static storage for a 271 * gss_OID_desc object containing the value 272 * {6, (void *)"\x2b\x06\01\x05\x06\x03"}, 273 * corresponding to an object identifier value of 274 * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 275 * 6(nametypes), 3(gss-anonymous-name)}. The constant 276 * and GSS_C_NT_ANONYMOUS should be initialized to point 277 * to that gss_OID_desc. 278 */ 279 extern const gss_OID GSS_C_NT_ANONYMOUS; 280 281 /* 282 * The implementation must reserve static storage for a 283 * gss_OID_desc object containing the value 284 * {6, (void *)"\x2b\x06\x01\x05\x06\x04"}, 285 * corresponding to an object-identifier value of 286 * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 287 * 6(nametypes), 4(gss-api-exported-name)}. The constant 288 * GSS_C_NT_EXPORT_NAME should be initialized to point 289 * to that gss_OID_desc. 290 */ 291 extern const gss_OID GSS_C_NT_EXPORT_NAME; 292 293 294 /* Major status codes */ 295 296 #define GSS_S_COMPLETE 0 297 298 /* 299 * Some "helper" definitions to make the status code macros obvious. 300 */ 301 #define GSS_C_CALLING_ERROR_OFFSET 24 302 #define GSS_C_ROUTINE_ERROR_OFFSET 16 303 #define GSS_C_SUPPLEMENTARY_OFFSET 0 304 #define GSS_C_CALLING_ERROR_MASK ((OM_uint32) 0377ul) 305 #define GSS_C_ROUTINE_ERROR_MASK ((OM_uint32) 0377ul) 306 #define GSS_C_SUPPLEMENTARY_MASK ((OM_uint32) 0177777ul) 307 308 /* 309 * The macros that test status codes for error conditions. 310 * Note that the GSS_ERROR() macro has changed slightly from 311 * the V1 GSSAPI so that it now evaluates its argument 312 * only once. 313 */ 314 #define GSS_CALLING_ERROR(x) \ 315 ((x) & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET)) 316 #define GSS_ROUTINE_ERROR(x) \ 317 ((x) & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)) 318 #define GSS_SUPPLEMENTARY_INFO(x) \ 319 ((x) & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET)) 320 #define GSS_ERROR(x) \ 321 ((x) & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) | \ 322 (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))) 323 324 /* 325 * Now the actual status code definitions 326 */ 327 328 /* 329 * Calling errors: 330 */ 331 #define GSS_S_CALL_INACCESSIBLE_READ \ 332 (((OM_uint32) 1ul) << GSS_C_CALLING_ERROR_OFFSET) 333 #define GSS_S_CALL_INACCESSIBLE_WRITE \ 334 (((OM_uint32) 2ul) << GSS_C_CALLING_ERROR_OFFSET) 335 #define GSS_S_CALL_BAD_STRUCTURE \ 336 (((OM_uint32) 3ul) << GSS_C_CALLING_ERROR_OFFSET) 337 338 /* 339 * Routine errors: 340 */ 341 #define GSS_S_BAD_MECH (((OM_uint32) 1ul) << GSS_C_ROUTINE_ERROR_OFFSET) 342 #define GSS_S_BAD_NAME (((OM_uint32) 2ul) << GSS_C_ROUTINE_ERROR_OFFSET) 343 #define GSS_S_BAD_NAMETYPE (((OM_uint32) 3ul) << GSS_C_ROUTINE_ERROR_OFFSET) 344 #define GSS_S_BAD_BINDINGS (((OM_uint32) 4ul) << GSS_C_ROUTINE_ERROR_OFFSET) 345 #define GSS_S_BAD_STATUS (((OM_uint32) 5ul) << GSS_C_ROUTINE_ERROR_OFFSET) 346 #define GSS_S_BAD_SIG (((OM_uint32) 6ul) << GSS_C_ROUTINE_ERROR_OFFSET) 347 #define GSS_S_BAD_MIC GSS_S_BAD_SIG 348 #define GSS_S_NO_CRED (((OM_uint32) 7ul) << GSS_C_ROUTINE_ERROR_OFFSET) 349 #define GSS_S_NO_CONTEXT (((OM_uint32) 8ul) << GSS_C_ROUTINE_ERROR_OFFSET) 350 #define GSS_S_DEFECTIVE_TOKEN (((OM_uint32) 9ul) << GSS_C_ROUTINE_ERROR_OFFSET) 351 #define GSS_S_DEFECTIVE_CREDENTIAL \ 352 (((OM_uint32) 10ul) << GSS_C_ROUTINE_ERROR_OFFSET) 353 #define GSS_S_CREDENTIALS_EXPIRED \ 354 (((OM_uint32) 11ul) << GSS_C_ROUTINE_ERROR_OFFSET) 355 #define GSS_S_CONTEXT_EXPIRED \ 356 (((OM_uint32) 12ul) << GSS_C_ROUTINE_ERROR_OFFSET) 357 #define GSS_S_FAILURE (((OM_uint32) 13ul) << GSS_C_ROUTINE_ERROR_OFFSET) 358 #define GSS_S_BAD_QOP (((OM_uint32) 14ul) << GSS_C_ROUTINE_ERROR_OFFSET) 359 #define GSS_S_UNAUTHORIZED (((OM_uint32) 15ul) << GSS_C_ROUTINE_ERROR_OFFSET) 360 #define GSS_S_UNAVAILABLE (((OM_uint32) 16ul) << GSS_C_ROUTINE_ERROR_OFFSET) 361 #define GSS_S_DUPLICATE_ELEMENT \ 362 (((OM_uint32) 17ul) << GSS_C_ROUTINE_ERROR_OFFSET) 363 #define GSS_S_NAME_NOT_MN (((OM_uint32) 18ul) << GSS_C_ROUTINE_ERROR_OFFSET) 364 365 /* 366 * Supplementary info bits: 367 */ 368 #define GSS_S_CONTINUE_NEEDED (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 0)) 369 #define GSS_S_DUPLICATE_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 1)) 370 #define GSS_S_OLD_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 2)) 371 #define GSS_S_UNSEQ_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 3)) 372 #define GSS_S_GAP_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 4)) 373 374 375 /* 376 * Finally, function prototypes for the GSS-API routines. 377 */ 378 379 OM_uint32 gss_acquire_cred( 380 OM_uint32 *, /* minor_status */ 381 const gss_name_t, /* desired_name */ 382 OM_uint32, /* time_req */ 383 const gss_OID_set, /* desired_mechs */ 384 gss_cred_usage_t, /* cred_usage */ 385 gss_cred_id_t *, /* output_cred_handle */ 386 gss_OID_set *, /* actual_mechs */ 387 OM_uint32 * /* time_rec */ 388 ); 389 390 OM_uint32 gss_release_cred( 391 OM_uint32 *, /* minor_status */ 392 gss_cred_id_t * /* cred_handle */ 393 ); 394 395 OM_uint32 gss_init_sec_context( 396 OM_uint32 *, /* minor_status */ 397 const gss_cred_id_t, /* initiator_cred_handle */ 398 gss_ctx_id_t *, /* context_handle */ 399 const gss_name_t, /* target_name */ 400 const gss_OID, /* mech_type */ 401 OM_uint32, /* req_flags */ 402 OM_uint32, /* time_req */ 403 gss_channel_bindings_t, /* input_chan_bindings */ 404 const gss_buffer_t, /* input_token */ 405 gss_OID *, /* actual_mech_type */ 406 gss_buffer_t, /* output_token */ 407 OM_uint32 *, /* ret_flags */ 408 OM_uint32 * /* time_rec */ 409 ); 410 411 OM_uint32 gss_accept_sec_context( 412 OM_uint32 *, /* minor_status */ 413 gss_ctx_id_t *, /* context_handle */ 414 const gss_cred_id_t, /* acceptor_cred_handle */ 415 const gss_buffer_t, /* input_token_buffer */ 416 const gss_channel_bindings_t, /* input_chan_bindings */ 417 gss_name_t *, /* src_name */ 418 gss_OID *, /* mech_type */ 419 gss_buffer_t, /* output_token */ 420 OM_uint32 *, /* ret_flags */ 421 OM_uint32 *, /* time_rec */ 422 gss_cred_id_t * /* delegated_cred_handle */ 423 ); 424 425 OM_uint32 gss_process_context_token( 426 OM_uint32 *, /* minor_status */ 427 const gss_ctx_id_t, /* context_handle */ 428 const gss_buffer_t /* token_buffer */ 429 ); 430 431 OM_uint32 gss_delete_sec_context( 432 OM_uint32 *, /* minor_status */ 433 gss_ctx_id_t *, /* context_handle */ 434 gss_buffer_t /* output_token */ 435 ); 436 437 OM_uint32 gss_context_time( 438 OM_uint32 *, /* minor_status */ 439 const gss_ctx_id_t, /* context_handle */ 440 OM_uint32 * /* time_rec */ 441 ); 442 443 OM_uint32 gss_get_mic( 444 OM_uint32 *, /* minor_status */ 445 const gss_ctx_id_t, /* context_handle */ 446 gss_qop_t, /* qop_req */ 447 const gss_buffer_t, /* message_buffer */ 448 gss_buffer_t /* message_token */ 449 ); 450 451 OM_uint32 gss_verify_mic( 452 OM_uint32 *, /* minor_status */ 453 const gss_ctx_id_t, /* context_handle */ 454 const gss_buffer_t, /* message_buffer */ 455 const gss_buffer_t, /* token_buffer */ 456 gss_qop_t * /* qop_state */ 457 ); 458 459 OM_uint32 gss_wrap( 460 OM_uint32 *, /* minor_status */ 461 const gss_ctx_id_t, /* context_handle */ 462 int, /* conf_req_flag */ 463 gss_qop_t, /* qop_req */ 464 const gss_buffer_t, /* input_message_buffer */ 465 int *, /* conf_state */ 466 gss_buffer_t /* output_message_buffer */ 467 ); 468 469 OM_uint32 gss_unwrap( 470 OM_uint32 *, /* minor_status */ 471 const gss_ctx_id_t, /* context_handle */ 472 const gss_buffer_t, /* input_message_buffer */ 473 gss_buffer_t, /* output_message_buffer */ 474 int *, /* conf_state */ 475 gss_qop_t * /* qop_state */ 476 ); 477 478 OM_uint32 gss_display_status( 479 OM_uint32 *, /* minor_status */ 480 OM_uint32, /* status_value */ 481 int, /* status_type */ 482 const gss_OID, /* mech_type */ 483 OM_uint32 *, /* message_context */ 484 gss_buffer_t /* status_string */ 485 ); 486 487 OM_uint32 gss_indicate_mechs( 488 OM_uint32 *, /* minor_status */ 489 gss_OID_set * /* mech_set */ 490 ); 491 492 OM_uint32 gss_compare_name( 493 OM_uint32 *, /* minor_status */ 494 const gss_name_t, /* name1 */ 495 const gss_name_t, /* name2 */ 496 int * /* name_equal */ 497 ); 498 499 OM_uint32 gss_display_name( 500 OM_uint32 *, /* minor_status */ 501 const gss_name_t, /* input_name */ 502 gss_buffer_t, /* output_name_buffer */ 503 gss_OID * /* output_name_type */ 504 ); 505 506 OM_uint32 gss_import_name( 507 OM_uint32 *, /* minor_status */ 508 const gss_buffer_t, /* input_name_buffer */ 509 const gss_OID, /* input_name_type */ 510 gss_name_t * /* output_name */ 511 ); 512 513 OM_uint32 gss_export_name( 514 OM_uint32 *, /* minor_status */ 515 const gss_name_t, /* input_name */ 516 gss_buffer_t /* exported_name */ 517 ); 518 519 OM_uint32 gss_release_name( 520 OM_uint32 *, /* minor_status */ 521 gss_name_t * /* input_name */ 522 ); 523 524 OM_uint32 gss_release_buffer( 525 OM_uint32 *, /* minor_status */ 526 gss_buffer_t /* buffer */ 527 ); 528 529 OM_uint32 gss_release_oid_set( 530 OM_uint32 *, /* minor_status */ 531 gss_OID_set * /* set */ 532 ); 533 534 OM_uint32 gss_inquire_cred( 535 OM_uint32 *, /* minor_status */ 536 const gss_cred_id_t, /* cred_handle */ 537 gss_name_t *, /* name */ 538 OM_uint32 *, /* lifetime */ 539 gss_cred_usage_t *, /* cred_usage */ 540 gss_OID_set * /* mechanisms */ 541 ); 542 543 OM_uint32 gss_inquire_context( 544 OM_uint32 *, /* minor_status */ 545 const gss_ctx_id_t, /* context_handle */ 546 gss_name_t *, /* src_name */ 547 gss_name_t *, /* targ_name */ 548 OM_uint32 *, /* lifetime_rec */ 549 gss_OID *, /* mech_type */ 550 OM_uint32 *, /* ctx_flags */ 551 int *, /* locally_initiated */ 552 int * /* open */ 553 ); 554 555 OM_uint32 gss_wrap_size_limit( 556 OM_uint32 *, /* minor_status */ 557 const gss_ctx_id_t, /* context_handle */ 558 int, /* conf_req_flag */ 559 gss_qop_t, /* qop_req */ 560 OM_uint32, /* req_output_size */ 561 OM_uint32 * /* max_input_size */ 562 ); 563 564 OM_uint32 gss_add_cred( 565 OM_uint32 *, /* minor_status */ 566 const gss_cred_id_t, /* input_cred_handle */ 567 const gss_name_t, /* desired_name */ 568 const gss_OID, /* desired_mech */ 569 gss_cred_usage_t, /* cred_usage */ 570 OM_uint32, /* initiator_time_req */ 571 OM_uint32, /* acceptor_time_req */ 572 gss_cred_id_t *, /* output_cred_handle */ 573 gss_OID_set *, /* actual_mechs */ 574 OM_uint32 *, /* initiator_time_rec */ 575 OM_uint32 * /* acceptor_time_rec */ 576 ); 577 578 OM_uint32 gss_store_cred( 579 OM_uint32 *, /* minor_status */ 580 const gss_cred_id_t, /* input_cred */ 581 gss_cred_usage_t, /* cred_usage */ 582 const gss_OID, /* desired_mech */ 583 OM_uint32, /* overwrite_cred */ 584 OM_uint32, /* default_cred */ 585 gss_OID_set *, /* elements_stored */ 586 gss_cred_usage_t * /* cred_usage_stored */ 587 ); 588 589 OM_uint32 gss_inquire_cred_by_mech( 590 OM_uint32 *, /* minor_status */ 591 const gss_cred_id_t, /* cred_handle */ 592 const gss_OID, /* mech_type */ 593 gss_name_t *, /* name */ 594 OM_uint32 *, /* initiator_lifetime */ 595 OM_uint32 *, /* acceptor_lifetime */ 596 gss_cred_usage_t * /* cred_usage */ 597 ); 598 599 OM_uint32 gss_export_sec_context( 600 OM_uint32 *, /* minor_status */ 601 gss_ctx_id_t *, /* context_handle */ 602 gss_buffer_t /* interprocess_token */ 603 ); 604 605 OM_uint32 gss_import_sec_context( 606 OM_uint32 *, /* minor_status */ 607 const gss_buffer_t, /* interprocess_token */ 608 gss_ctx_id_t * /* context_handle */ 609 ); 610 611 OM_uint32 gss_create_empty_oid_set( 612 OM_uint32 *, /* minor_status */ 613 gss_OID_set * /* oid_set */ 614 ); 615 616 OM_uint32 gss_add_oid_set_member( 617 OM_uint32 *, /* minor_status */ 618 const gss_OID, /* member_oid */ 619 gss_OID_set * /* oid_set */ 620 ); 621 622 OM_uint32 gss_test_oid_set_member( 623 OM_uint32 *, /* minor_status */ 624 const gss_OID, /* member */ 625 const gss_OID_set, /* set */ 626 int * /* present */ 627 ); 628 629 OM_uint32 gss_inquire_names_for_mech( 630 OM_uint32 *, /* minor_status */ 631 const gss_OID, /* mechanism */ 632 gss_OID_set * /* name_types */ 633 ); 634 635 OM_uint32 gss_inquire_mechs_for_name( 636 OM_uint32 *, /* minor_status */ 637 const gss_name_t, /* input_name */ 638 gss_OID_set * /* mech_types */ 639 ); 640 641 OM_uint32 gss_canonicalize_name( 642 OM_uint32 *, /* minor_status */ 643 const gss_name_t, /* input_name */ 644 const gss_OID, /* mech_type */ 645 gss_name_t * /* output_name */ 646 ); 647 648 OM_uint32 gss_duplicate_name( 649 OM_uint32 *, /* minor_status */ 650 const gss_name_t, /* src_name */ 651 gss_name_t * /* dest_name */ 652 ); 653 654 655 OM_uint32 gss_release_oid( 656 OM_uint32 *, /* minor_status */ 657 gss_OID * /* oid */ 658 ); 659 660 OM_uint32 gss_str_to_oid( 661 OM_uint32 *, /* minor_status */ 662 const gss_buffer_t, /* oid_str */ 663 gss_OID * /* oid */ 664 ); 665 666 OM_uint32 gss_oid_to_str( 667 OM_uint32 *, /* minor_status */ 668 const gss_OID, /* oid */ 669 gss_buffer_t /* oid_str */ 670 ); 671 672 673 /* 674 * The following routines are obsolete variants of gss_get_mic, 675 * gss_verify_mic, gss_wrap and gss_unwrap. They should be 676 * provided by GSSAPI V2 implementations for backwards 677 * compatibility with V1 applications. Distinct entrypoints 678 * (as opposed to #defines) should be provided, both to allow 679 * GSSAPI V1 applications to link against GSSAPI V2 implementations, 680 * and to retain the slight parameter type differences between the 681 * obsolete versions of these routines and their current forms. 682 */ 683 684 OM_uint32 gss_sign( 685 OM_uint32 *, /* minor_status */ 686 gss_ctx_id_t, /* context_handle */ 687 int, /* qop_req */ 688 gss_buffer_t, /* message_buffer */ 689 gss_buffer_t /* message_token */ 690 ); 691 692 OM_uint32 gss_verify( 693 OM_uint32 *, /* minor_status */ 694 gss_ctx_id_t, /* context_handle */ 695 gss_buffer_t, /* message_buffer */ 696 gss_buffer_t, /* token_buffer */ 697 int * /* qop_state */ 698 ); 699 700 OM_uint32 gss_seal( 701 OM_uint32 *, /* minor_status */ 702 gss_ctx_id_t, /* context_handle */ 703 int, /* conf_req_flag */ 704 int, /* qop_req */ 705 gss_buffer_t, /* input_message_buffer */ 706 int *, /* conf_state */ 707 gss_buffer_t /* output_message_buffer */ 708 ); 709 710 OM_uint32 gss_unseal( 711 OM_uint32 *, /* minor_status */ 712 gss_ctx_id_t, /* context_handle */ 713 gss_buffer_t, /* input_message_buffer */ 714 gss_buffer_t, /* output_message_buffer */ 715 int *, /* conf_state */ 716 int * /* qop_state */ 717 ); 718 719 720 #ifdef _KERNEL /* For kernel */ 721 722 #include <rpc/types.h> 723 724 void kgss_free_oid(gss_OID oid); 725 726 OM_uint32 kgss_acquire_cred( 727 OM_uint32 *, 728 const gss_name_t, 729 OM_uint32, 730 const gss_OID_set, 731 int, 732 gss_cred_id_t *, 733 gss_OID_set *, 734 OM_uint32 *, 735 uid_t); 736 737 OM_uint32 kgss_add_cred( 738 OM_uint32 *, 739 gss_cred_id_t, 740 gss_name_t, 741 gss_OID, 742 int, 743 int, 744 int, 745 gss_OID_set *, 746 OM_uint32 *, 747 OM_uint32 *, 748 uid_t); 749 750 OM_uint32 kgss_release_cred( 751 OM_uint32 *, 752 gss_cred_id_t *, 753 uid_t); 754 755 OM_uint32 kgss_init_sec_context( 756 OM_uint32 *, 757 const gss_cred_id_t, 758 gss_ctx_id_t *, 759 const gss_name_t, 760 const gss_OID, 761 int, 762 OM_uint32, 763 const gss_channel_bindings_t, 764 const gss_buffer_t, 765 gss_OID *, 766 gss_buffer_t, 767 int *, 768 OM_uint32 *, 769 uid_t); 770 771 OM_uint32 kgss_accept_sec_context( 772 OM_uint32 *, 773 gss_ctx_id_t *, 774 const gss_cred_id_t, 775 const gss_buffer_t, 776 const gss_channel_bindings_t, 777 const gss_buffer_t, 778 gss_OID *, 779 gss_buffer_t, 780 int *, 781 OM_uint32 *, 782 gss_cred_id_t *, 783 uid_t); 784 785 OM_uint32 kgss_process_context_token( 786 OM_uint32 *, 787 const gss_ctx_id_t, 788 const gss_buffer_t, 789 uid_t); 790 791 OM_uint32 kgss_delete_sec_context( 792 OM_uint32 *, 793 gss_ctx_id_t *, 794 gss_buffer_t); 795 796 OM_uint32 kgss_export_sec_context( 797 OM_uint32 *, 798 const gss_ctx_id_t, 799 gss_buffer_t); 800 801 OM_uint32 kgss_import_sec_context( 802 OM_uint32 *, 803 const gss_buffer_t, 804 gss_ctx_id_t); 805 806 OM_uint32 kgss_context_time( 807 OM_uint32 *, 808 const gss_ctx_id_t, 809 OM_uint32 *, 810 uid_t); 811 812 OM_uint32 kgss_sign( 813 OM_uint32 *, 814 const gss_ctx_id_t, 815 int, 816 const gss_buffer_t, 817 gss_buffer_t); 818 819 820 OM_uint32 kgss_verify( 821 OM_uint32 *, 822 const gss_ctx_id_t, 823 const gss_buffer_t, 824 const gss_buffer_t, 825 int *); 826 827 OM_uint32 kgss_seal( 828 OM_uint32 *, 829 const gss_ctx_id_t, 830 int, 831 int, 832 const gss_buffer_t, 833 int *, 834 gss_buffer_t); 835 836 OM_uint32 kgss_unseal( 837 OM_uint32 *, 838 const gss_ctx_id_t, 839 const gss_buffer_t, 840 gss_buffer_t, 841 int *, 842 int *); 843 844 OM_uint32 kgss_display_status( 845 OM_uint32 *, 846 OM_uint32, 847 int, 848 const gss_OID, 849 int *, 850 gss_buffer_t, 851 uid_t); 852 853 OM_uint32 kgss_indicate_mechs( 854 OM_uint32 *, 855 gss_OID_set *, 856 uid_t); 857 858 OM_uint32 kgss_inquire_cred( 859 OM_uint32 *, 860 const gss_cred_id_t, 861 gss_name_t *, 862 OM_uint32 *, 863 int *, 864 gss_OID_set *, 865 uid_t); 866 867 OM_uint32 kgss_inquire_cred_by_mech( 868 OM_uint32 *, 869 gss_cred_id_t, 870 gss_OID, 871 uid_t); 872 873 874 #endif /* if _KERNEL */ 875 876 #ifdef __cplusplus 877 } 878 #endif 879 880 #endif /* _GSSAPI_H_ */ 881