include/gssrpc/auth_gssapi.h

0001 /* include/gssrpc/auth_gssapi.h - GSS-API style auth parameters for RPC */
0002 /*
0003  * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved.
0004  */
0005
0006 #ifndef GSSRPC_AUTH_GSSAPI_H
0007 #define GSSRPC_AUTH_GSSAPI_H
0008
0009 GSSRPC__BEGIN_DECLS
0010
0011 #define AUTH_GSSAPI_EXIT        0
0012 #define AUTH_GSSAPI_INIT        1
0013 #define AUTH_GSSAPI_CONTINUE_INIT   2
0014 #define AUTH_GSSAPI_MSG         3
0015 #define AUTH_GSSAPI_DESTROY         4
0016
0017 /*
0018  * Yuck.  Some sys/types.h files leak symbols
0019  */
0020 #ifdef major
0021 #undef major
0022 #endif
0023 #ifdef minor
0024 #undef minor
0025 #endif
0026
0027 typedef struct _auth_gssapi_name {
0028      char *name;
0029      gss_OID type;
0030 } auth_gssapi_name;
0031
0032 typedef struct _auth_gssapi_creds {
0033      uint32_t version;
0034      bool_t auth_msg;
0035      gss_buffer_desc client_handle;
0036 } auth_gssapi_creds;
0037
0038 typedef struct _auth_gssapi_init_arg {
0039      uint32_t version;
0040      gss_buffer_desc token;
0041 } auth_gssapi_init_arg;
0042
0043 typedef struct _auth_gssapi_init_res {
0044      uint32_t version;
0045      gss_buffer_desc client_handle;
0046      OM_uint32 gss_major, gss_minor;
0047      gss_buffer_desc token;
0048      gss_buffer_desc signed_isn;
0049 } auth_gssapi_init_res;
0050
0051 typedef void (*auth_gssapi_log_badauth_func)
0052      (OM_uint32 major,
0053         OM_uint32 minor,
0054         struct sockaddr_in *raddr,
0055         caddr_t data);
0056
0057 /* auth_gssapi_log_badauth_func is IPv4-specific; this version gives the
0058  * transport handle so the fd can be used to get the address. */
0059 typedef void (*auth_gssapi_log_badauth2_func)
0060      (OM_uint32 major,
0061         OM_uint32 minor,
0062         SVCXPRT *xprt,
0063         caddr_t data);
0064
0065 typedef void (*auth_gssapi_log_badverf_func)
0066      (gss_name_t client,
0067         gss_name_t server,
0068         struct svc_req *rqst,
0069         struct rpc_msg *msg,
0070         caddr_t data);
0071
0072 typedef void (*auth_gssapi_log_miscerr_func)
0073      (struct svc_req *rqst,
0074         struct rpc_msg *msg,
0075         char *error,
0076         caddr_t data);
0077
0078 bool_t xdr_gss_buf(XDR *, gss_buffer_t);
0079 bool_t xdr_authgssapi_creds(XDR *, auth_gssapi_creds *);
0080 bool_t xdr_authgssapi_init_arg(XDR *, auth_gssapi_init_arg *);
0081 bool_t xdr_authgssapi_init_res(XDR *, auth_gssapi_init_res *);
0082
0083 bool_t auth_gssapi_wrap_data
0084 (OM_uint32 *major, OM_uint32 *minor,
0085        gss_ctx_id_t context, uint32_t seq_num, XDR
0086        *out_xdrs, bool_t (*xdr_func)(), caddr_t
0087        xdr_ptr);
0088 bool_t auth_gssapi_unwrap_data
0089 (OM_uint32 *major, OM_uint32 *minor,
0090        gss_ctx_id_t context, uint32_t seq_num, XDR
0091        *in_xdrs, bool_t (*xdr_func)(), caddr_t
0092        xdr_ptr);
0093
0094 AUTH *auth_gssapi_create
0095 (CLIENT *clnt,
0096        OM_uint32 *major_status,
0097        OM_uint32 *minor_status,
0098        gss_cred_id_t claimant_cred_handle,
0099        gss_name_t target_name,
0100        gss_OID mech_type,
0101        OM_uint32 req_flags,
0102        OM_uint32 time_req,
0103        gss_OID *actual_mech_type,
0104        OM_uint32 *ret_flags,
0105        OM_uint32 *time_rec);
0106
0107 AUTH *auth_gssapi_create_default
0108 (CLIENT *clnt, char *service_name);
0109
0110 void auth_gssapi_display_status
0111 (char *msg, OM_uint32 major,
0112        OM_uint32 minor);
0113
0114 bool_t auth_gssapi_seal_seq
0115 (gss_ctx_id_t context, uint32_t seq_num, gss_buffer_t out_buf);
0116
0117 bool_t auth_gssapi_unseal_seq
0118 (gss_ctx_id_t context, gss_buffer_t in_buf, uint32_t *seq_num);
0119
0120 bool_t svcauth_gssapi_set_names
0121 (auth_gssapi_name *names, int num);
0122 void svcauth_gssapi_unset_names
0123 (void);
0124
0125 void svcauth_gssapi_set_log_badauth_func
0126 (auth_gssapi_log_badauth_func func,
0127        caddr_t data);
0128 void svcauth_gssapi_set_log_badauth2_func
0129 (auth_gssapi_log_badauth2_func func,
0130        caddr_t data);
0131 void svcauth_gssapi_set_log_badverf_func
0132 (auth_gssapi_log_badverf_func func,
0133        caddr_t data);
0134 void svcauth_gssapi_set_log_miscerr_func
0135 (auth_gssapi_log_miscerr_func func,
0136        caddr_t data);
0137
0138 void svcauth_gss_set_log_badauth_func(auth_gssapi_log_badauth_func,
0139                       caddr_t);
0140 void svcauth_gss_set_log_badauth2_func(auth_gssapi_log_badauth2_func,
0141                        caddr_t);
0142 void svcauth_gss_set_log_badverf_func(auth_gssapi_log_badverf_func,
0143                       caddr_t);
0144 void svcauth_gss_set_log_miscerr_func(auth_gssapi_log_miscerr_func,
0145                       caddr_t data);
0146
0147 #define GSS_COPY_BUFFER(dest, src) { \
0148      (dest).length = (src).length; \
0149      (dest).value = (src).value; }
0150
0151 #define GSS_DUP_BUFFER(dest, src) { \
0152      (dest).length = (src).length; \
0153      (dest).value = (void *) malloc((dest).length); \
0154      memcpy((dest).value, (src).value, (dest).length); }
0155
0156 #define GSS_BUFFERS_EQUAL(b1, b2) (((b1).length == (b2).length) && \
0157                    !memcmp((b1).value,(b2).value,(b1.length)))
0158
0159
0160 GSSRPC__END_DECLS
0161
0162 #endif /* !defined(GSSRPC_AUTH_GSSAPI_H) */