1178825Sdfr/* 2233294Sstas * Copyright (c) 1997 - 2006 Kungliga Tekniska H��gskolan 3233294Sstas * (Royal Institute of Technology, Stockholm, Sweden). 4233294Sstas * All rights reserved. 5178825Sdfr * 6233294Sstas * Redistribution and use in source and binary forms, with or without 7233294Sstas * modification, are permitted provided that the following conditions 8233294Sstas * are met: 9178825Sdfr * 10233294Sstas * 1. Redistributions of source code must retain the above copyright 11233294Sstas * notice, this list of conditions and the following disclaimer. 12178825Sdfr * 13233294Sstas * 2. Redistributions in binary form must reproduce the above copyright 14233294Sstas * notice, this list of conditions and the following disclaimer in the 15233294Sstas * documentation and/or other materials provided with the distribution. 16178825Sdfr * 17233294Sstas * 3. Neither the name of the Institute nor the names of its contributors 18233294Sstas * may be used to endorse or promote products derived from this software 19233294Sstas * without specific prior written permission. 20178825Sdfr * 21233294Sstas * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22233294Sstas * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23233294Sstas * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24233294Sstas * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25233294Sstas * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26233294Sstas * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27233294Sstas * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28233294Sstas * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29233294Sstas * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30233294Sstas * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31233294Sstas * SUCH DAMAGE. 32178825Sdfr */ 33178825Sdfr 34233294Sstas/* $Id$ */ 35178825Sdfr 36178825Sdfr#ifndef GSSAPI_KRB5_H_ 37178825Sdfr#define GSSAPI_KRB5_H_ 38178825Sdfr 39252409Shrs#include <gssapi/gssapi.h> 40178825Sdfr 41233294SstasGSSAPI_CPP_START 42233294Sstas 43233294Sstas#if !defined(__GNUC__) && !defined(__attribute__) 44233294Sstas#define __attribute__(x) 45178825Sdfr#endif 46178825Sdfr 47233294Sstas#ifndef GSSKRB5_FUNCTION_DEPRECATED 48233294Sstas#define GSSKRB5_FUNCTION_DEPRECATED __attribute__((deprecated)) 49233294Sstas#endif 50233294Sstas 51233294Sstas 52178825Sdfr/* 53178825Sdfr * This is for kerberos5 names. 54178825Sdfr */ 55178825Sdfr 56233294Sstasextern gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_nt_principal_name_oid_desc; 57233294Sstas#define GSS_KRB5_NT_PRINCIPAL_NAME (&__gss_krb5_nt_principal_name_oid_desc) 58178825Sdfr 59233294Sstas#define GSS_KRB5_NT_USER_NAME (&__gss_c_nt_user_name_oid_desc) 60233294Sstas#define GSS_KRB5_NT_MACHINE_UID_NAME (&__gss_c_nt_machine_uid_name_oid_desc) 61233294Sstas#define GSS_KRB5_NT_STRING_UID_NAME (&__gss_c_nt_string_uid_name_oid_desc) 62178825Sdfr 63233294Sstasextern gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_mechanism_oid_desc; 64233294Sstas#define GSS_KRB5_MECHANISM (&__gss_krb5_mechanism_oid_desc) 65233294Sstas 66178825Sdfr/* for compatibility with MIT api */ 67178825Sdfr 68178825Sdfr#define gss_mech_krb5 GSS_KRB5_MECHANISM 69178825Sdfr#define gss_krb5_nt_general_name GSS_KRB5_NT_PRINCIPAL_NAME 70178825Sdfr 71178825Sdfr/* 72178825Sdfr * kerberos mechanism specific functions 73178825Sdfr */ 74178825Sdfr 75178825Sdfrstruct krb5_keytab_data; 76178825Sdfrstruct krb5_ccache_data; 77178825Sdfrstruct Principal; 78178825Sdfr 79233294SstasGSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 80233294Sstasgss_krb5_ccache_name(OM_uint32 * /*minor_status*/, 81178825Sdfr const char * /*name */, 82178825Sdfr const char ** /*out_name */); 83178825Sdfr 84233294SstasGSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gsskrb5_register_acceptor_identity 85233294Sstas (const char * /*identity*/); 86178825Sdfr 87233294SstasGSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL krb5_gss_register_acceptor_identity 88233294Sstas (const char * /*identity*/); 89233294Sstas 90233294SstasGSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_krb5_copy_ccache 91233294Sstas (OM_uint32 * /*minor*/, 92178825Sdfr gss_cred_id_t /*cred*/, 93233294Sstas struct krb5_ccache_data * /*out*/); 94178825Sdfr 95233294SstasGSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 96233294Sstasgss_krb5_import_cred(OM_uint32 * /*minor*/, 97178825Sdfr struct krb5_ccache_data * /*in*/, 98178825Sdfr struct Principal * /*keytab_principal*/, 99178825Sdfr struct krb5_keytab_data * /*keytab*/, 100233294Sstas gss_cred_id_t * /*out*/); 101178825Sdfr 102233294SstasGSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_krb5_get_tkt_flags 103233294Sstas (OM_uint32 * /*minor*/, 104178825Sdfr gss_ctx_id_t /*context_handle*/, 105233294Sstas OM_uint32 * /*tkt_flags*/); 106178825Sdfr 107233294SstasGSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 108178825Sdfrgsskrb5_extract_authz_data_from_sec_context 109178825Sdfr (OM_uint32 * /*minor_status*/, 110178825Sdfr gss_ctx_id_t /*context_handle*/, 111178825Sdfr int /*ad_type*/, 112178825Sdfr gss_buffer_t /*ad_data*/); 113178825Sdfr 114233294SstasGSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 115178825Sdfrgsskrb5_set_dns_canonicalize(int); 116178825Sdfr 117178825Sdfrstruct gsskrb5_send_to_kdc { 118178825Sdfr void *func; 119178825Sdfr void *ptr; 120178825Sdfr}; 121178825Sdfr 122233294SstasGSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 123233294Sstasgsskrb5_set_send_to_kdc(struct gsskrb5_send_to_kdc *) 124233294Sstas GSSKRB5_FUNCTION_DEPRECATED; 125178825Sdfr 126233294SstasGSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 127178825Sdfrgsskrb5_set_default_realm(const char *); 128178825Sdfr 129233294SstasGSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 130178825Sdfrgsskrb5_extract_authtime_from_sec_context(OM_uint32 *, gss_ctx_id_t, time_t *); 131178825Sdfr 132178825Sdfrstruct EncryptionKey; 133178825Sdfr 134233294SstasGSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 135178825Sdfrgsskrb5_extract_service_keyblock(OM_uint32 *minor_status, 136178825Sdfr gss_ctx_id_t context_handle, 137178825Sdfr struct EncryptionKey **out); 138233294SstasGSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 139178825Sdfrgsskrb5_get_initiator_subkey(OM_uint32 *minor_status, 140178825Sdfr gss_ctx_id_t context_handle, 141178825Sdfr struct EncryptionKey **out); 142233294SstasGSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 143178825Sdfrgsskrb5_get_subkey(OM_uint32 *minor_status, 144178825Sdfr gss_ctx_id_t context_handle, 145178825Sdfr struct EncryptionKey **out); 146178825Sdfr 147233294SstasGSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 148233294Sstasgsskrb5_set_time_offset(int); 149233294Sstas 150233294SstasGSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 151233294Sstasgsskrb5_get_time_offset(int *); 152233294Sstas 153233294Sstasstruct gsskrb5_krb5_plugin { 154233294Sstas int type; 155233294Sstas char *name; 156233294Sstas void *symbol; 157233294Sstas}; 158233294Sstas 159233294SstasGSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 160233294Sstasgsskrb5_plugin_register(struct gsskrb5_krb5_plugin *); 161233294Sstas 162233294Sstas 163178825Sdfr/* 164178825Sdfr * Lucid - NFSv4 interface to GSS-API KRB5 to expose key material to 165178825Sdfr * do GSS content token handling in-kernel. 166178825Sdfr */ 167178825Sdfr 168178825Sdfrtypedef struct gss_krb5_lucid_key { 169178825Sdfr OM_uint32 type; 170178825Sdfr OM_uint32 length; 171178825Sdfr void * data; 172178825Sdfr} gss_krb5_lucid_key_t; 173178825Sdfr 174178825Sdfrtypedef struct gss_krb5_rfc1964_keydata { 175178825Sdfr OM_uint32 sign_alg; 176178825Sdfr OM_uint32 seal_alg; 177178825Sdfr gss_krb5_lucid_key_t ctx_key; 178178825Sdfr} gss_krb5_rfc1964_keydata_t; 179178825Sdfr 180178825Sdfrtypedef struct gss_krb5_cfx_keydata { 181178825Sdfr OM_uint32 have_acceptor_subkey; 182178825Sdfr gss_krb5_lucid_key_t ctx_key; 183178825Sdfr gss_krb5_lucid_key_t acceptor_subkey; 184178825Sdfr} gss_krb5_cfx_keydata_t; 185178825Sdfr 186178825Sdfrtypedef struct gss_krb5_lucid_context_v1 { 187178825Sdfr OM_uint32 version; 188178825Sdfr OM_uint32 initiate; 189178825Sdfr OM_uint32 endtime; 190178825Sdfr OM_uint64 send_seq; 191178825Sdfr OM_uint64 recv_seq; 192178825Sdfr OM_uint32 protocol; 193178825Sdfr gss_krb5_rfc1964_keydata_t rfc1964_kd; 194178825Sdfr gss_krb5_cfx_keydata_t cfx_kd; 195178825Sdfr} gss_krb5_lucid_context_v1_t; 196178825Sdfr 197178825Sdfrtypedef struct gss_krb5_lucid_context_version { 198178825Sdfr OM_uint32 version; /* Structure version number */ 199178825Sdfr} gss_krb5_lucid_context_version_t; 200178825Sdfr 201178825Sdfr/* 202178825Sdfr * Function declarations 203178825Sdfr */ 204178825Sdfr 205233294SstasGSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 206178825Sdfrgss_krb5_export_lucid_sec_context(OM_uint32 *minor_status, 207178825Sdfr gss_ctx_id_t *context_handle, 208178825Sdfr OM_uint32 version, 209178825Sdfr void **kctx); 210178825Sdfr 211178825Sdfr 212233294SstasGSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 213178825Sdfrgss_krb5_free_lucid_sec_context(OM_uint32 *minor_status, 214178825Sdfr void *kctx); 215178825Sdfr 216178825Sdfr 217233294SstasGSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 218233294Sstasgss_krb5_set_allowable_enctypes(OM_uint32 *minor_status, 219178825Sdfr gss_cred_id_t cred, 220178825Sdfr OM_uint32 num_enctypes, 221178825Sdfr int32_t *enctypes); 222178825Sdfr 223233294SstasGSSAPI_CPP_END 224178825Sdfr 225178825Sdfr#endif /* GSSAPI_SPNEGO_H_ */ 226