1/* 2 * Sun RPC is a product of Sun Microsystems, Inc. and is provided for 3 * unrestricted use provided that this legend is included on all tape 4 * media and as a part of the software program in whole or part. Users 5 * may copy or modify Sun RPC without charge, but are not authorized 6 * to license or distribute it to anyone else except as part of a product or 7 * program developed by the user. 8 * 9 * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE 10 * WARRANTIES OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR 11 * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. 12 * 13 * Sun RPC is provided with no support and without any obligation on the 14 * part of Sun Microsystems, Inc. to assist in its use, correction, 15 * modification or enhancement. 16 * 17 * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE 18 * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC 19 * OR ANY PART THEREOF. 20 * 21 * In no event will Sun Microsystems, Inc. be liable for any lost revenue 22 * or profits or other special, indirect and consequential damages, even if 23 * Sun has been advised of the possibility of such damages. 24 * 25 * Sun Microsystems, Inc. 26 * 2550 Garcia Avenue 27 * Mountain View, California 94043 28 * 29 * from: @(#)auth.h 1.17 88/02/08 SMI 30 * from: @(#)auth.h 2.3 88/08/07 4.0 RPCSRC
| 1/* 2 * Sun RPC is a product of Sun Microsystems, Inc. and is provided for 3 * unrestricted use provided that this legend is included on all tape 4 * media and as a part of the software program in whole or part. Users 5 * may copy or modify Sun RPC without charge, but are not authorized 6 * to license or distribute it to anyone else except as part of a product or 7 * program developed by the user. 8 * 9 * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE 10 * WARRANTIES OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR 11 * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. 12 * 13 * Sun RPC is provided with no support and without any obligation on the 14 * part of Sun Microsystems, Inc. to assist in its use, correction, 15 * modification or enhancement. 16 * 17 * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE 18 * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC 19 * OR ANY PART THEREOF. 20 * 21 * In no event will Sun Microsystems, Inc. be liable for any lost revenue 22 * or profits or other special, indirect and consequential damages, even if 23 * Sun has been advised of the possibility of such damages. 24 * 25 * Sun Microsystems, Inc. 26 * 2550 Garcia Avenue 27 * Mountain View, California 94043 28 * 29 * from: @(#)auth.h 1.17 88/02/08 SMI 30 * from: @(#)auth.h 2.3 88/08/07 4.0 RPCSRC
|
31 * $Id: auth.h,v 1.11 1997/05/07 20:00:40 eivind Exp $
| 31 * $Id: auth.h,v 1.6 1996/12/30 13:59:37 peter Exp $
|
32 */ 33 34/* 35 * auth.h, Authentication interface. 36 * 37 * Copyright (C) 1984, Sun Microsystems, Inc. 38 * 39 * The data structures are completely opaque to the client. The client 40 * is required to pass a AUTH * to routines that create rpc 41 * "sessions". 42 */ 43 44#ifndef _RPC_AUTH_H 45#define _RPC_AUTH_H 46#include <sys/cdefs.h>
| 32 */ 33 34/* 35 * auth.h, Authentication interface. 36 * 37 * Copyright (C) 1984, Sun Microsystems, Inc. 38 * 39 * The data structures are completely opaque to the client. The client 40 * is required to pass a AUTH * to routines that create rpc 41 * "sessions". 42 */ 43 44#ifndef _RPC_AUTH_H 45#define _RPC_AUTH_H 46#include <sys/cdefs.h>
|
| 47#include <sys/socket.h>
|
47 48#define MAX_AUTH_BYTES 400 49#define MAXNETNAMELEN 255 /* maximum length of network user's name */ 50 51/* 52 * Status returned from authentication check 53 */ 54enum auth_stat { 55 AUTH_OK=0, 56 /* 57 * failed at remote end 58 */ 59 AUTH_BADCRED=1, /* bogus credentials (seal broken) */ 60 AUTH_REJECTEDCRED=2, /* client should begin new session */ 61 AUTH_BADVERF=3, /* bogus verifier (seal broken) */ 62 AUTH_REJECTEDVERF=4, /* verifier expired or was replayed */ 63 AUTH_TOOWEAK=5, /* rejected due to security reasons */ 64 /* 65 * failed locally 66 */ 67 AUTH_INVALIDRESP=6, /* bogus response verifier */ 68 AUTH_FAILED=7 /* some unknown reason */ 69}; 70 71union des_block { 72 struct { 73 u_int32_t high; 74 u_int32_t low; 75 } key; 76 char c[8]; 77}; 78typedef union des_block des_block; 79__BEGIN_DECLS 80extern bool_t xdr_des_block __P((XDR *, des_block *)); 81__END_DECLS 82 83/* 84 * Authentication info. Opaque to client. 85 */ 86struct opaque_auth { 87 enum_t oa_flavor; /* flavor of auth */ 88 caddr_t oa_base; /* address of more auth stuff */ 89 u_int oa_length; /* not to exceed MAX_AUTH_BYTES */ 90}; 91__BEGIN_DECLS 92bool_t xdr_opaque_auth __P((XDR *xdrs, struct opaque_auth *ap)); 93__END_DECLS 94 95 96/* 97 * Auth handle, interface to client side authenticators. 98 */ 99typedef struct __rpc_auth { 100 struct opaque_auth ah_cred; 101 struct opaque_auth ah_verf; 102 union des_block ah_key; 103 struct auth_ops { 104 void (*ah_nextverf) __P((struct __rpc_auth *)); 105 /* nextverf & serialize */ 106 int (*ah_marshal) __P((struct __rpc_auth *, XDR *)); 107 /* validate verifier */ 108 int (*ah_validate) __P((struct __rpc_auth *, 109 struct opaque_auth *)); 110 /* refresh credentials */ 111 int (*ah_refresh) __P((struct __rpc_auth *)); 112 /* destroy this structure */ 113 void (*ah_destroy) __P((struct __rpc_auth *)); 114 } *ah_ops; 115 caddr_t ah_private; 116} AUTH; 117 118 119/* 120 * Authentication ops. 121 * The ops and the auth handle provide the interface to the authenticators. 122 * 123 * AUTH *auth; 124 * XDR *xdrs; 125 * struct opaque_auth verf; 126 */ 127#define AUTH_NEXTVERF(auth) \ 128 ((*((auth)->ah_ops->ah_nextverf))(auth)) 129#define auth_nextverf(auth) \ 130 ((*((auth)->ah_ops->ah_nextverf))(auth)) 131 132#define AUTH_MARSHALL(auth, xdrs) \ 133 ((*((auth)->ah_ops->ah_marshal))(auth, xdrs)) 134#define auth_marshall(auth, xdrs) \ 135 ((*((auth)->ah_ops->ah_marshal))(auth, xdrs)) 136 137#define AUTH_VALIDATE(auth, verfp) \ 138 ((*((auth)->ah_ops->ah_validate))((auth), verfp)) 139#define auth_validate(auth, verfp) \ 140 ((*((auth)->ah_ops->ah_validate))((auth), verfp)) 141 142#define AUTH_REFRESH(auth) \ 143 ((*((auth)->ah_ops->ah_refresh))(auth)) 144#define auth_refresh(auth) \ 145 ((*((auth)->ah_ops->ah_refresh))(auth)) 146 147#define AUTH_DESTROY(auth) \ 148 ((*((auth)->ah_ops->ah_destroy))(auth)) 149#define auth_destroy(auth) \ 150 ((*((auth)->ah_ops->ah_destroy))(auth)) 151 152 153extern struct opaque_auth _null_auth; 154 155/* 156 * These are the various implementations of client side authenticators. 157 */ 158 159/* 160 * Unix style authentication 161 * AUTH *authunix_create(machname, uid, gid, len, aup_gids) 162 * char *machname; 163 * int uid; 164 * int gid; 165 * int len; 166 * int *aup_gids; 167 */ 168__BEGIN_DECLS 169struct sockaddr_in; 170extern AUTH *authunix_create __P((char *, int, int, int, int *)); 171extern AUTH *authunix_create_default __P((void)); 172extern AUTH *authnone_create __P((void));
| 48 49#define MAX_AUTH_BYTES 400 50#define MAXNETNAMELEN 255 /* maximum length of network user's name */ 51 52/* 53 * Status returned from authentication check 54 */ 55enum auth_stat { 56 AUTH_OK=0, 57 /* 58 * failed at remote end 59 */ 60 AUTH_BADCRED=1, /* bogus credentials (seal broken) */ 61 AUTH_REJECTEDCRED=2, /* client should begin new session */ 62 AUTH_BADVERF=3, /* bogus verifier (seal broken) */ 63 AUTH_REJECTEDVERF=4, /* verifier expired or was replayed */ 64 AUTH_TOOWEAK=5, /* rejected due to security reasons */ 65 /* 66 * failed locally 67 */ 68 AUTH_INVALIDRESP=6, /* bogus response verifier */ 69 AUTH_FAILED=7 /* some unknown reason */ 70}; 71 72union des_block { 73 struct { 74 u_int32_t high; 75 u_int32_t low; 76 } key; 77 char c[8]; 78}; 79typedef union des_block des_block; 80__BEGIN_DECLS 81extern bool_t xdr_des_block __P((XDR *, des_block *)); 82__END_DECLS 83 84/* 85 * Authentication info. Opaque to client. 86 */ 87struct opaque_auth { 88 enum_t oa_flavor; /* flavor of auth */ 89 caddr_t oa_base; /* address of more auth stuff */ 90 u_int oa_length; /* not to exceed MAX_AUTH_BYTES */ 91}; 92__BEGIN_DECLS 93bool_t xdr_opaque_auth __P((XDR *xdrs, struct opaque_auth *ap)); 94__END_DECLS 95 96 97/* 98 * Auth handle, interface to client side authenticators. 99 */ 100typedef struct __rpc_auth { 101 struct opaque_auth ah_cred; 102 struct opaque_auth ah_verf; 103 union des_block ah_key; 104 struct auth_ops { 105 void (*ah_nextverf) __P((struct __rpc_auth *)); 106 /* nextverf & serialize */ 107 int (*ah_marshal) __P((struct __rpc_auth *, XDR *)); 108 /* validate verifier */ 109 int (*ah_validate) __P((struct __rpc_auth *, 110 struct opaque_auth *)); 111 /* refresh credentials */ 112 int (*ah_refresh) __P((struct __rpc_auth *)); 113 /* destroy this structure */ 114 void (*ah_destroy) __P((struct __rpc_auth *)); 115 } *ah_ops; 116 caddr_t ah_private; 117} AUTH; 118 119 120/* 121 * Authentication ops. 122 * The ops and the auth handle provide the interface to the authenticators. 123 * 124 * AUTH *auth; 125 * XDR *xdrs; 126 * struct opaque_auth verf; 127 */ 128#define AUTH_NEXTVERF(auth) \ 129 ((*((auth)->ah_ops->ah_nextverf))(auth)) 130#define auth_nextverf(auth) \ 131 ((*((auth)->ah_ops->ah_nextverf))(auth)) 132 133#define AUTH_MARSHALL(auth, xdrs) \ 134 ((*((auth)->ah_ops->ah_marshal))(auth, xdrs)) 135#define auth_marshall(auth, xdrs) \ 136 ((*((auth)->ah_ops->ah_marshal))(auth, xdrs)) 137 138#define AUTH_VALIDATE(auth, verfp) \ 139 ((*((auth)->ah_ops->ah_validate))((auth), verfp)) 140#define auth_validate(auth, verfp) \ 141 ((*((auth)->ah_ops->ah_validate))((auth), verfp)) 142 143#define AUTH_REFRESH(auth) \ 144 ((*((auth)->ah_ops->ah_refresh))(auth)) 145#define auth_refresh(auth) \ 146 ((*((auth)->ah_ops->ah_refresh))(auth)) 147 148#define AUTH_DESTROY(auth) \ 149 ((*((auth)->ah_ops->ah_destroy))(auth)) 150#define auth_destroy(auth) \ 151 ((*((auth)->ah_ops->ah_destroy))(auth)) 152 153 154extern struct opaque_auth _null_auth; 155 156/* 157 * These are the various implementations of client side authenticators. 158 */ 159 160/* 161 * Unix style authentication 162 * AUTH *authunix_create(machname, uid, gid, len, aup_gids) 163 * char *machname; 164 * int uid; 165 * int gid; 166 * int len; 167 * int *aup_gids; 168 */ 169__BEGIN_DECLS 170struct sockaddr_in; 171extern AUTH *authunix_create __P((char *, int, int, int, int *)); 172extern AUTH *authunix_create_default __P((void)); 173extern AUTH *authnone_create __P((void));
|
173extern AUTH *authdes_create __P((char *, u_int, 174 struct sockaddr_in *, des_block *));
| |
175__END_DECLS 176
| 174__END_DECLS 175
|
| 176/* Forward compatibility with TI-RPC */ 177#define authsys_create authunix_create 178#define authsys_create_default authunix_create_default 179 180/* 181 * DES style authentication 182 * AUTH *authdes_create(servername, window, timehost, ckey) 183 * char *servername; - network name of server 184 * u_int window; - time to live 185 * struct sockaddr *timehost; - optional hostname to sync with 186 * des_block *ckey; - optional conversation key to use 187 */ 188__BEGIN_DECLS 189extern AUTH *authdes_create __P(( char *, u_int, struct sockaddr *, des_block * )); 190#ifdef NOTYET 191/* 192 * TI-RPC supports this call, but it requires the inclusion of 193 * NIS+-specific headers which would require the inclusion of other 194 * headers which would result in a tangled mess. For now, the NIS+ 195 * code prototypes this routine internally. 196 */ 197extern AUTH *authdes_pk_create __P(( char *, netobj *, u_int, 198 struct sockaddr *, des_block *, 199 nis_server * )); 200#endif 201__END_DECLS 202 203/* 204 * Netname manipulation routines. 205 */ 206__BEGIN_DECLS 207extern int netname2user __P(( char *, uid_t *, gid_t *, int *, gid_t *)); 208extern int netname2host __P(( char *, char *, int )); 209extern int getnetname __P(( char * )); 210extern int user2netname __P(( char *, uid_t, char * )); 211extern int host2netname __P(( char *, char *, char * )); 212extern void passwd2des __P(( char *, char * )); 213__END_DECLS 214 215/* 216 * Keyserv interface routines. 217 * XXX Should not be here. 218 */ 219#ifndef HEXKEYBYTES 220#define HEXKEYBYTES 48 221#endif 222typedef char kbuf[HEXKEYBYTES]; 223typedef char *namestr; 224 225struct netstarg { 226 kbuf st_priv_key; 227 kbuf st_pub_key; 228 namestr st_netname; 229}; 230 231__BEGIN_DECLS 232extern int key_decryptsession __P(( const char *, des_block * )); 233extern int key_decryptsession_pk __P(( char *, netobj *, des_block * )); 234extern int key_encryptsession __P(( const char *, des_block * )); 235extern int key_encryptsession_pk __P(( char *, netobj *, des_block * )); 236extern int key_gendes __P(( des_block * )); 237extern int key_setsecret __P(( const char * )); 238extern int key_secretkey_is_set __P(( void )); 239extern int key_setnet __P(( struct netstarg * )); 240extern int key_get_conv __P(( char *, des_block * )); 241__END_DECLS 242 243/* 244 * Publickey routines. 245 */ 246__BEGIN_DECLS 247extern int getpublickey __P(( char *, char * )); 248extern int getpublicandprivatekey __P(( char *, char * )); 249extern int getsecretkey __P(( char *, char *, char * )); 250__END_DECLS 251 252
|
177#ifndef AUTH_NONE /* Protect against <login_cap.h> */ 178#define AUTH_NONE 0 /* no authentication */ 179#endif 180#define AUTH_NULL 0 /* backward compatibility */ 181#define AUTH_UNIX 1 /* unix style (uid, gids) */
| 253#ifndef AUTH_NONE /* Protect against <login_cap.h> */ 254#define AUTH_NONE 0 /* no authentication */ 255#endif 256#define AUTH_NULL 0 /* backward compatibility */ 257#define AUTH_UNIX 1 /* unix style (uid, gids) */
|
| 258#define AUTH_SYS 1 /* forward compatibility */
|
182#define AUTH_SHORT 2 /* short hand unix style */ 183#define AUTH_DES 3 /* des style (encrypted timestamps) */ 184 185#endif /* !_RPC_AUTH_H */
| 259#define AUTH_SHORT 2 /* short hand unix style */ 260#define AUTH_DES 3 /* des style (encrypted timestamps) */ 261 262#endif /* !_RPC_AUTH_H */
|