xref: /titanic_52/usr/src/cmd/cmd-inet/common/kcmd.h (revision 88447a05f537aabe9a1bc3d5313f22581ec992a7)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #ifndef	_KCMD_H
28 #define	_KCMD_H
29 
30 #pragma ident	"%Z%%M%	%I%	%E% SMI"
31 
32 #ifdef	__cplusplus
33 extern "C" {
34 #endif
35 
36 #define	OPTS_FORWARD_CREDS		0x00000002
37 #define	OPTS_FORWARDABLE_CREDS		0x00000001
38 
39 #define	SERVER	0
40 #define	CLIENT	1
41 
42 enum kcmd_proto {
43 	/*
44 	 * Old protocol: DES encryption only.  No subkeys.
45 	 * No protection for cleartext length.  No ivec supplied.
46 	 * OOB hacks used for rlogin.  Checksum may be omitted at
47 	 * connection startup.
48 	 */
49 	KCMD_OLD_PROTOCOL = 1,
50 	/*
51 	 * New protocol: Any encryption scheme.  Client-generated
52 	 * subkey required.  Prepend cleartext-length to cleartext
53 	 * data (but don't include it in count).  Starting ivec defined,
54 	 * chained.  In-band signalling.  Checksum required.
55 	 */
56 	KCMD_NEW_PROTOCOL,
57 
58 	/*
59 	 * Hack: Get credentials, and use the old protocol iff the session
60 	 * key type is single-DES.
61 	 */
62 	KCMD_PROTOCOL_COMPAT_HACK,
63 	/* Using Kerberos version 4.  */
64 	KCMD_V4_PROTOCOL,
65 	KCMD_UNKNOWN_PROTOCOL
66 };
67 
68 #define	SOCK_FAMILY(ss) ((ss).ss_family)
69 
70 #define	SOCK_PORT(ss) ((ss).ss_family == AF_INET6 ? \
71 ((struct sockaddr_in6 *)&(ss))->sin6_port : \
72 ((struct sockaddr_in *)&(ss))->sin_port)
73 
74 #define	SOCK_ADDR(ss) ((ss).ss_family == AF_INET6 ? \
75 (void *)&((struct sockaddr_in6 *)&(ss))->sin6_addr : \
76 (void *)&((struct sockaddr_in *)&(ss))->sin_addr)
77 
78 #define	SET_SOCK_FAMILY(ss, family) (SOCK_FAMILY(ss) = (family))
79 
80 #define	SET_SOCK_PORT(ss, port) \
81 	((ss).ss_family == AF_INET6 ? \
82 	(((struct sockaddr_in6 *)&(ss))->sin6_port = (port)) : \
83 	(((struct sockaddr_in *)&(ss))->sin_port = (port)))
84 
85 #define	SET_SOCK_ADDR4(ss, addr) ((void)(sock_set_inaddr(&(ss), (addr))))
86 
87 #define	SET_SOCK_ADDR_ANY(ss) \
88 	((void) ((ss).ss_family == AF_INET6 ? \
89 	(void) (((struct sockaddr_in6 *)&(ss))->sin6_addr = in6addr_any) : \
90 	(void) (((struct sockaddr_in *)&(ss))->sin_addr.s_addr = \
91 	htonl(INADDR_ANY))))
92 
93 /*
94  * Prototypes for functions in 'kcmd.c'
95  */
96 char *strsave(char *sp);
97 
98 int kcmd(int *sock, char **ahost, ushort_t rport, char *locuser,
99 	char *remuser, char *cmd, int *fd2p, char *service, char *realm,
100 	krb5_context bsd_context, krb5_auth_context *authconp,
101 	krb5_creds **cred, krb5_int32 *seqno, krb5_int32 *server_seqno,
102 	krb5_flags authopts,
103 	int anyport, enum kcmd_proto *kcmd_proto);
104 
105 void init_encrypt(int, krb5_context, enum kcmd_proto,
106 			krb5_data *, krb5_data *,
107 			int, krb5_encrypt_block *);
108 
109 int desread(int, char *, int, int);
110 int deswrite(int, char *, int, int);
111 
112 #ifdef	__cplusplus
113 }
114 #endif
115 
116 #endif /* _KCMD_H */
117