/* include/gssrpc/auth_gssapi.h - GSS-API style auth parameters for RPC */ /* * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved. */ #ifndef GSSRPC_AUTH_GSSAPI_H #define GSSRPC_AUTH_GSSAPI_H GSSRPC__BEGIN_DECLS #define AUTH_GSSAPI_EXIT 0 #define AUTH_GSSAPI_INIT 1 #define AUTH_GSSAPI_CONTINUE_INIT 2 #define AUTH_GSSAPI_MSG 3 #define AUTH_GSSAPI_DESTROY 4 /* * Yuck. Some sys/types.h files leak symbols */ #ifdef major #undef major #endif #ifdef minor #undef minor #endif typedef struct _auth_gssapi_name { char *name; gss_OID type; } auth_gssapi_name; typedef struct _auth_gssapi_creds { uint32_t version; bool_t auth_msg; gss_buffer_desc client_handle; } auth_gssapi_creds; typedef struct _auth_gssapi_init_arg { uint32_t version; gss_buffer_desc token; } auth_gssapi_init_arg; typedef struct _auth_gssapi_init_res { uint32_t version; gss_buffer_desc client_handle; OM_uint32 gss_major, gss_minor; gss_buffer_desc token; gss_buffer_desc signed_isn; } auth_gssapi_init_res; typedef void (*auth_gssapi_log_badauth_func) (OM_uint32 major, OM_uint32 minor, struct sockaddr_in *raddr, caddr_t data); /* auth_gssapi_log_badauth_func is IPv4-specific; this version gives the * transport handle so the fd can be used to get the address. */ typedef void (*auth_gssapi_log_badauth2_func) (OM_uint32 major, OM_uint32 minor, SVCXPRT *xprt, caddr_t data); typedef void (*auth_gssapi_log_badverf_func) (gss_name_t client, gss_name_t server, struct svc_req *rqst, struct rpc_msg *msg, caddr_t data); typedef void (*auth_gssapi_log_miscerr_func) (struct svc_req *rqst, struct rpc_msg *msg, char *error, caddr_t data); bool_t xdr_gss_buf(XDR *, gss_buffer_t); bool_t xdr_authgssapi_creds(XDR *, auth_gssapi_creds *); bool_t xdr_authgssapi_init_arg(XDR *, auth_gssapi_init_arg *); bool_t xdr_authgssapi_init_res(XDR *, auth_gssapi_init_res *); bool_t auth_gssapi_wrap_data (OM_uint32 *major, OM_uint32 *minor, gss_ctx_id_t context, uint32_t seq_num, XDR *out_xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr); bool_t auth_gssapi_unwrap_data (OM_uint32 *major, OM_uint32 *minor, gss_ctx_id_t context, uint32_t seq_num, XDR *in_xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr); AUTH *auth_gssapi_create (CLIENT *clnt, OM_uint32 *major_status, OM_uint32 *minor_status, gss_cred_id_t claimant_cred_handle, gss_name_t target_name, gss_OID mech_type, OM_uint32 req_flags, OM_uint32 time_req, gss_OID *actual_mech_type, OM_uint32 *ret_flags, OM_uint32 *time_rec); AUTH *auth_gssapi_create_default (CLIENT *clnt, char *service_name); void auth_gssapi_display_status (char *msg, OM_uint32 major, OM_uint32 minor); bool_t auth_gssapi_seal_seq (gss_ctx_id_t context, uint32_t seq_num, gss_buffer_t out_buf); bool_t auth_gssapi_unseal_seq (gss_ctx_id_t context, gss_buffer_t in_buf, uint32_t *seq_num); bool_t svcauth_gssapi_set_names (auth_gssapi_name *names, int num); void svcauth_gssapi_unset_names (void); void svcauth_gssapi_set_log_badauth_func (auth_gssapi_log_badauth_func func, caddr_t data); void svcauth_gssapi_set_log_badauth2_func (auth_gssapi_log_badauth2_func func, caddr_t data); void svcauth_gssapi_set_log_badverf_func (auth_gssapi_log_badverf_func func, caddr_t data); void svcauth_gssapi_set_log_miscerr_func (auth_gssapi_log_miscerr_func func, caddr_t data); void svcauth_gss_set_log_badauth_func(auth_gssapi_log_badauth_func, caddr_t); void svcauth_gss_set_log_badauth2_func(auth_gssapi_log_badauth2_func, caddr_t); void svcauth_gss_set_log_badverf_func(auth_gssapi_log_badverf_func, caddr_t); void svcauth_gss_set_log_miscerr_func(auth_gssapi_log_miscerr_func, caddr_t data); #define GSS_COPY_BUFFER(dest, src) { \ (dest).length = (src).length; \ (dest).value = (src).value; } #define GSS_DUP_BUFFER(dest, src) { \ (dest).length = (src).length; \ (dest).value = (void *) malloc((dest).length); \ memcpy((dest).value, (src).value, (dest).length); } #define GSS_BUFFERS_EQUAL(b1, b2) (((b1).length == (b2).length) && \ !memcmp((b1).value,(b2).value,(b1.length))) GSSRPC__END_DECLS #endif /* !defined(GSSRPC_AUTH_GSSAPI_H) */