tirpc/rpc/rpcsec_gss.h

0001 /*
0002  * Copyright (c) 2013, Oracle America, Inc.
0003  * All rights reserved.
0004  *
0005  * Redistribution and use in source and binary forms, with or without
0006  * modification, are permitted provided that the following conditions are met:
0007  * - Redistributions of source code must retain the above copyright notice,
0008  *   this list of conditions and the following disclaimer.
0009  * - Redistributions in binary form must reproduce the above copyright notice,
0010  *   this list of conditions and the following disclaimer in the documentation
0011  *   and/or other materials provided with the distribution.
0012  * - Neither the name of "Oracle America, Inc." nor the names of its
0013  *   contributors may be used to endorse or promote products derived
0014  *   from this software without specific prior written permission.
0015  *
0016  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
0017  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
0018  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
0019  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
0020  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
0021  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
0022  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
0023  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
0024  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
0025  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
0026  * POSSIBILITY OF SUCH DAMAGE.
0027  */
0028
0029 #ifndef _TIRPC_RPCSEC_GSS_H
0030 #define _TIRPC_RPCSEC_GSS_H
0031
0032 #include <sys/types.h>
0033
0034 #include <rpc/auth.h>
0035 #include <rpc/clnt.h>
0036
0037 #include <gssapi/gssapi.h>
0038
0039 typedef enum {
0040     rpcsec_gss_svc_default  = 0,
0041     rpcsec_gss_svc_none = 1,
0042     rpcsec_gss_svc_integrity = 2,
0043     rpcsec_gss_svc_privacy  = 3
0044 } rpc_gss_service_t;
0045
0046 typedef struct {
0047     int         len;
0048     char            name[1];
0049 } *rpc_gss_principal_t;
0050
0051 typedef struct {
0052     int         req_flags;
0053     int         time_req;
0054     gss_cred_id_t       my_cred;
0055     gss_channel_bindings_t  input_channel_bindings;
0056 } rpc_gss_options_req_t;
0057
0058 #define MAX_GSS_MECH        128
0059 typedef struct {
0060     int         major_status;
0061     int         minor_status;
0062     u_int           rpcsec_version;
0063     int         ret_flags;
0064     int         time_ret;
0065     gss_ctx_id_t        gss_context;
0066     char            actual_mechanism[MAX_GSS_MECH];
0067 } rpc_gss_options_ret_t;
0068
0069 typedef struct {
0070     u_int           version;
0071     char            *mechanism;
0072     char            *qop;
0073     rpc_gss_principal_t client_principal;
0074     char            *svc_principal;
0075     rpc_gss_service_t   service;
0076 } rpc_gss_rawcred_t;
0077
0078 typedef struct {
0079     uid_t           uid;
0080     gid_t           gid;
0081     short           gidlen;
0082     gid_t           *gidlist;
0083 } rpc_gss_ucred_t;
0084
0085 typedef struct {
0086     bool_t          locked;
0087     rpc_gss_rawcred_t   *raw_cred;
0088 } rpc_gss_lock_t;
0089
0090 typedef struct {
0091     u_int           program;
0092     u_int           version;
0093     bool_t          (*callback)(struct svc_req *,
0094                     gss_cred_id_t, gss_ctx_id_t,
0095                     rpc_gss_lock_t *, void **);
0096 } rpc_gss_callback_t;
0097
0098 typedef struct {
0099     int         rpc_gss_error;
0100     int         system_error;
0101 } rpc_gss_error_t;
0102 #define RPC_GSS_ER_SUCCESS  0
0103 #define RPC_GSS_ER_SYSTEMERROR  1
0104
0105 typedef gss_OID_desc rpc_gss_OID_desc;
0106 typedef rpc_gss_OID_desc *rpc_gss_OID;
0107
0108
0109 #ifdef __cplusplus
0110 extern "C" {
0111 #endif
0112
0113 AUTH    *rpc_gss_seccreate(CLIENT *, char *, char *, rpc_gss_service_t,
0114                 char *, rpc_gss_options_req_t *,
0115                 rpc_gss_options_ret_t *);
0116 bool_t  rpc_gss_set_defaults(AUTH *, rpc_gss_service_t, char *);
0117 int rpc_gss_max_data_length(AUTH *, int);
0118 int rpc_gss_svc_max_data_length(struct svc_req *, int);
0119 bool_t  rpc_gss_set_svc_name(char *, char *, u_int, u_int, u_int);
0120 bool_t  rpc_gss_getcred(struct svc_req *, rpc_gss_rawcred_t **,
0121                 rpc_gss_ucred_t **, void **);
0122 bool_t  rpc_gss_set_callback(rpc_gss_callback_t *);
0123 bool_t  rpc_gss_get_principal_name(rpc_gss_principal_t *, char *,
0124                 char *, char *, char *);
0125 void    rpc_gss_get_error(rpc_gss_error_t *);
0126 char    **rpc_gss_get_mechanisms(void);
0127 char    **rpc_gss_get_mech_info(char *, rpc_gss_service_t *);
0128 bool_t  rpc_gss_get_versions(u_int *, u_int *);
0129 bool_t  rpc_gss_is_installed(char *);
0130 bool_t  rpc_gss_mech_to_oid(char *, rpc_gss_OID *);
0131 bool_t  rpc_gss_qop_to_num(char *, char *, u_int *);
0132
0133 #ifdef __cplusplus
0134 }
0135 #endif
0136
0137 #endif  /* !_TIRPC_RPCSEC_GSS_H */