1/*
2 * Copyright (c) 1998 - 2005 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 *    notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 *    notice, this list of conditions and the following disclaimer in the
15 *    documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 *    may be used to endorse or promote products derived from this software
19 *    without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34/* $Id$ */
35
36#ifndef __security_h__
37#define __security_h__
38
39enum protection_level {
40    prot_invalid = -1,
41    prot_clear = 0,
42    prot_safe = 1,
43    prot_confidential = 2,
44    prot_private = 3
45};
46
47struct sec_client_mech {
48    char *name;
49    size_t size;
50    int (*init)(void *);
51    int (*auth)(void *, char*);
52    void (*end)(void *);
53    int (*check_prot)(void *, int);
54    int (*overhead)(void *, int, int);
55    int (*encode)(void *, void*, int, int, void**);
56    int (*decode)(void *, void*, int, int);
57};
58
59struct sec_server_mech {
60    char *name;
61    size_t size;
62    int (*init)(void *);
63    void (*end)(void *);
64    int (*check_prot)(void *, int);
65    int (*overhead)(void *, int, int);
66    int (*encode)(void *, void*, int, int, void**);
67    int (*decode)(void *, void*, int, int);
68
69    int (*auth)(void *);
70    int (*adat)(void *, void*, size_t);
71    size_t (*pbsz)(void *, size_t);
72    int (*ccc)(void*);
73    int (*userok)(void*, char*);
74    int (*session)(void*, char*);
75};
76
77#define AUTH_OK		0
78#define AUTH_CONTINUE	1
79#define AUTH_ERROR	2
80
81extern int ftp_do_gss_bindings;
82extern int ftp_do_gss_delegate;
83#ifdef FTP_SERVER
84extern struct sec_server_mech krb4_server_mech, gss_server_mech;
85#else
86extern struct sec_client_mech krb4_client_mech, gss_client_mech;
87#endif
88
89extern int sec_complete;
90
91#ifdef FTP_SERVER
92extern char *ftp_command;
93void new_ftp_command(char*);
94void delete_ftp_command(void);
95#endif
96
97/* ---- */
98
99
100int sec_fflush (FILE *);
101int sec_fprintf (FILE *, const char *, ...)
102    __attribute__ ((format (printf, 2,3)));
103int sec_getc (FILE *);
104int sec_putc (int, FILE *);
105int sec_read (int, void *, int);
106int sec_read_msg (char *, int);
107int sec_vfprintf (FILE *, const char *, va_list)
108    __attribute__ ((format (printf, 2,0)));
109int sec_fprintf2(FILE *f, const char *fmt, ...)
110    __attribute__ ((format (printf, 2,3)));
111int sec_vfprintf2(FILE *, const char *, va_list)
112    __attribute__ ((format (printf, 2,0)));
113int sec_write (int, char *, int);
114
115#ifdef FTP_SERVER
116void adat (char *);
117void auth (char *);
118void ccc (void);
119void mec (char *, enum protection_level);
120void pbsz (int);
121void prot (char *);
122void delete_ftp_command (void);
123void new_ftp_command (char *);
124int sec_userok (char *);
125int sec_session(char *);
126int secure_command (void);
127enum protection_level get_command_prot(void);
128#else
129void sec_end (void);
130int sec_login (char *);
131void sec_prot (int, char **);
132void sec_prot_command (int, char **);
133int sec_request_prot (char *);
134void sec_set_protection_level (void);
135void sec_status (void);
136
137enum protection_level set_command_prot(enum protection_level);
138
139#endif
140
141#endif /* __security_h__ */
142