1153838Sdfr/* 2153838Sdfr * Copyright (C) The Internet Society (2000). All Rights Reserved. 3153838Sdfr * 4153838Sdfr * This document and translations of it may be copied and furnished to 5153838Sdfr * others, and derivative works that comment on or otherwise explain it 6153838Sdfr * or assist in its implementation may be prepared, copied, published 7153838Sdfr * and distributed, in whole or in part, without restriction of any 8153838Sdfr * kind, provided that the above copyright notice and this paragraph are 9153838Sdfr * included on all such copies and derivative works. However, this 10153838Sdfr * document itself may not be modified in any way, such as by removing 11153838Sdfr * the copyright notice or references to the Internet Society or other 12153838Sdfr * Internet organizations, except as needed for the purpose of 13153838Sdfr * developing Internet standards in which case the procedures for 14153838Sdfr * copyrights defined in the Internet Standards process must be 15153838Sdfr * followed, or as required to translate it into languages other than 16153838Sdfr * English. 17153838Sdfr * 18153838Sdfr * The limited permissions granted above are perpetual and will not be 19153838Sdfr * revoked by the Internet Society or its successors or assigns. 20153838Sdfr * 21153838Sdfr * This document and the information contained herein is provided on an 22153838Sdfr * "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 23153838Sdfr * TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 24153838Sdfr * BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 25153838Sdfr * HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 26153838Sdfr * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 27153838Sdfr * 28153838Sdfr * $FreeBSD$ 29153838Sdfr */ 30153838Sdfr 31153838Sdfr#ifndef _GSSAPI_GSSAPI_H_ 32153838Sdfr#define _GSSAPI_GSSAPI_H_ 33153838Sdfr 34153838Sdfr/* 35153838Sdfr * First, include stddef.h to get size_t defined. 36153838Sdfr */ 37153838Sdfr#include <stddef.h> 38153838Sdfr 39153838Sdfr/* 40153838Sdfr * Include stdint.h to get explicitly sized data types. 41153838Sdfr */ 42153838Sdfr#include <stdint.h> 43153838Sdfr 44178828Sdfr#ifndef _SSIZE_T_DECLARED 45178828Sdfrtypedef __ssize_t ssize_t; 46178828Sdfr#define _SSIZE_T_DECLARED 47178828Sdfr#endif 48178828Sdfr 49153838Sdfr#if 0 50153838Sdfr/* 51153838Sdfr * If the platform supports the xom.h header file, it should be 52153838Sdfr * included here. 53153838Sdfr */ 54153838Sdfr#include <xom.h> 55153838Sdfr#endif 56153838Sdfr 57153838Sdfr 58153838Sdfr/* 59153838Sdfr * Now define the three implementation-dependent types. 60153838Sdfr */ 61153838Sdfrtypedef struct _gss_ctx_id_t *gss_ctx_id_t; 62153838Sdfrtypedef struct _gss_cred_id_t *gss_cred_id_t; 63153838Sdfrtypedef struct _gss_name_t *gss_name_t; 64153838Sdfr 65153838Sdfr/* 66153838Sdfr * The following type must be defined as the smallest natural 67153838Sdfr * unsigned integer supported by the platform that has at least 68153838Sdfr * 32 bits of precision. 69153838Sdfr */ 70153838Sdfrtypedef uint32_t gss_uint32; 71153838Sdfr 72153838Sdfr 73153838Sdfr#ifdef OM_STRING 74153838Sdfr/* 75153838Sdfr * We have included the xom.h header file. Verify that OM_uint32 76153838Sdfr * is defined correctly. 77153838Sdfr */ 78153838Sdfr 79153838Sdfr#if sizeof(gss_uint32) != sizeof(OM_uint32) 80153838Sdfr#error Incompatible definition of OM_uint32 from xom.h 81153838Sdfr#endif 82153838Sdfr 83153838Sdfrtypedef OM_object_identifier gss_OID_desc, *gss_OID; 84153838Sdfr 85153838Sdfr#else 86153838Sdfr 87153838Sdfr/* 88153838Sdfr * We can't use X/Open definitions, so roll our own. 89153838Sdfr */ 90153838Sdfr 91153838Sdfrtypedef gss_uint32 OM_uint32; 92179021Sdfrtypedef uint64_t OM_uint64; 93153838Sdfr 94153838Sdfrtypedef struct gss_OID_desc_struct { 95153838Sdfr OM_uint32 length; 96153838Sdfr void *elements; 97153838Sdfr} gss_OID_desc, *gss_OID; 98153838Sdfr 99153838Sdfr#endif 100153838Sdfr 101153838Sdfrtypedef struct gss_OID_set_desc_struct { 102153838Sdfr size_t count; 103153838Sdfr gss_OID elements; 104153838Sdfr} gss_OID_set_desc, *gss_OID_set; 105153838Sdfr 106153838Sdfrtypedef struct gss_buffer_desc_struct { 107153838Sdfr size_t length; 108153838Sdfr void *value; 109153838Sdfr} gss_buffer_desc, *gss_buffer_t; 110153838Sdfr 111153838Sdfrtypedef struct gss_channel_bindings_struct { 112153838Sdfr OM_uint32 initiator_addrtype; 113153838Sdfr gss_buffer_desc initiator_address; 114153838Sdfr OM_uint32 acceptor_addrtype; 115153838Sdfr gss_buffer_desc acceptor_address; 116153838Sdfr gss_buffer_desc application_data; 117153838Sdfr} *gss_channel_bindings_t; 118153838Sdfr 119153838Sdfr/* 120153838Sdfr * For now, define a QOP-type as an OM_uint32 121153838Sdfr */ 122153838Sdfrtypedef OM_uint32 gss_qop_t; 123153838Sdfr 124153838Sdfrtypedef int gss_cred_usage_t; 125153838Sdfr 126153838Sdfr/* 127153838Sdfr * Flag bits for context-level services. 128153838Sdfr */ 129153838Sdfr#define GSS_C_DELEG_FLAG 1 130153838Sdfr#define GSS_C_MUTUAL_FLAG 2 131153838Sdfr#define GSS_C_REPLAY_FLAG 4 132153838Sdfr#define GSS_C_SEQUENCE_FLAG 8 133153838Sdfr#define GSS_C_CONF_FLAG 16 134153838Sdfr#define GSS_C_INTEG_FLAG 32 135153838Sdfr#define GSS_C_ANON_FLAG 64 136153838Sdfr#define GSS_C_PROT_READY_FLAG 128 137153838Sdfr#define GSS_C_TRANS_FLAG 256 138153838Sdfr 139153838Sdfr/* 140153838Sdfr * Credential usage options 141153838Sdfr */ 142153838Sdfr#define GSS_C_BOTH 0 143153838Sdfr#define GSS_C_INITIATE 1 144153838Sdfr#define GSS_C_ACCEPT 2 145153838Sdfr 146153838Sdfr/* 147153838Sdfr * Status code types for gss_display_status 148153838Sdfr */ 149153838Sdfr#define GSS_C_GSS_CODE 1 150153838Sdfr#define GSS_C_MECH_CODE 2 151153838Sdfr 152153838Sdfr/* 153153838Sdfr * The constant definitions for channel-bindings address families 154153838Sdfr */ 155153838Sdfr#define GSS_C_AF_UNSPEC 0 156153838Sdfr#define GSS_C_AF_LOCAL 1 157153838Sdfr#define GSS_C_AF_INET 2 158153838Sdfr#define GSS_C_AF_IMPLINK 3 159153838Sdfr#define GSS_C_AF_PUP 4 160153838Sdfr#define GSS_C_AF_CHAOS 5 161153838Sdfr#define GSS_C_AF_NS 6 162153838Sdfr#define GSS_C_AF_NBS 7 163153838Sdfr#define GSS_C_AF_ECMA 8 164153838Sdfr#define GSS_C_AF_DATAKIT 9 165153838Sdfr#define GSS_C_AF_CCITT 10 166153838Sdfr#define GSS_C_AF_SNA 11 167153838Sdfr#define GSS_C_AF_DECnet 12 168153838Sdfr#define GSS_C_AF_DLI 13 169153838Sdfr#define GSS_C_AF_LAT 14 170153838Sdfr#define GSS_C_AF_HYLINK 15 171153838Sdfr#define GSS_C_AF_APPLETALK 16 172153838Sdfr#define GSS_C_AF_BSC 17 173153838Sdfr#define GSS_C_AF_DSS 18 174153838Sdfr#define GSS_C_AF_OSI 19 175153838Sdfr#define GSS_C_AF_X25 21 176153838Sdfr#define GSS_C_AF_NULLADDR 255 177153838Sdfr 178153838Sdfr/* 179153838Sdfr * Various Null values 180153838Sdfr */ 181153838Sdfr#define GSS_C_NO_NAME ((gss_name_t) 0) 182153838Sdfr#define GSS_C_NO_BUFFER ((gss_buffer_t) 0) 183153838Sdfr#define GSS_C_NO_OID ((gss_OID) 0) 184153838Sdfr#define GSS_C_NO_OID_SET ((gss_OID_set) 0) 185153838Sdfr#define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0) 186153838Sdfr#define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0) 187153838Sdfr#define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0) 188153838Sdfr#define GSS_C_EMPTY_BUFFER {0, NULL} 189153838Sdfr 190153838Sdfr/* 191153838Sdfr * Some alternate names for a couple of the above 192153838Sdfr * values. These are defined for V1 compatibility. 193153838Sdfr */ 194153838Sdfr#define GSS_C_NULL_OID GSS_C_NO_OID 195153838Sdfr#define GSS_C_NULL_OID_SET GSS_C_NO_OID_SET 196153838Sdfr 197153838Sdfr/* 198153838Sdfr * Define the default Quality of Protection for per-message 199153838Sdfr * services. Note that an implementation that offers multiple 200153838Sdfr * levels of QOP may define GSS_C_QOP_DEFAULT to be either zero 201153838Sdfr * (as done here) to mean "default protection", or to a specific 202153838Sdfr * explicit QOP value. However, a value of 0 should always be 203153838Sdfr * interpreted by a GSS-API implementation as a request for the 204153838Sdfr * default protection level. 205153838Sdfr */ 206153838Sdfr#define GSS_C_QOP_DEFAULT 0 207153838Sdfr 208153838Sdfr/* 209153838Sdfr * Expiration time of 2^32-1 seconds means infinite lifetime for a 210153838Sdfr * credential or security context 211153838Sdfr */ 212153838Sdfr#define GSS_C_INDEFINITE 0xfffffffful 213153838Sdfr 214153838Sdfr/* 215153838Sdfr * The implementation must reserve static storage for a 216153838Sdfr * gss_OID_desc object containing the value 217153838Sdfr * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 218153838Sdfr * "\x01\x02\x01\x01"}, 219153838Sdfr * corresponding to an object-identifier value of 220153838Sdfr * {iso(1) member-body(2) United States(840) mit(113554) 221153838Sdfr * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant 222153838Sdfr * GSS_C_NT_USER_NAME should be initialized to point 223153838Sdfr * to that gss_OID_desc. 224153838Sdfr */ 225153838Sdfrextern gss_OID GSS_C_NT_USER_NAME; 226153838Sdfr 227153838Sdfr/* 228153838Sdfr * The implementation must reserve static storage for a 229153838Sdfr * gss_OID_desc object containing the value 230153838Sdfr * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 231153838Sdfr * "\x01\x02\x01\x02"}, 232153838Sdfr * corresponding to an object-identifier value of 233153838Sdfr * {iso(1) member-body(2) United States(840) mit(113554) 234153838Sdfr * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}. 235153838Sdfr * The constant GSS_C_NT_MACHINE_UID_NAME should be 236153838Sdfr * initialized to point to that gss_OID_desc. 237153838Sdfr */ 238153838Sdfrextern gss_OID GSS_C_NT_MACHINE_UID_NAME; 239153838Sdfr 240153838Sdfr/* 241153838Sdfr * The implementation must reserve static storage for a 242153838Sdfr * gss_OID_desc object containing the value 243153838Sdfr * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 244153838Sdfr * "\x01\x02\x01\x03"}, 245153838Sdfr * corresponding to an object-identifier value of 246153838Sdfr * {iso(1) member-body(2) United States(840) mit(113554) 247153838Sdfr * infosys(1) gssapi(2) generic(1) string_uid_name(3)}. 248153838Sdfr * The constant GSS_C_NT_STRING_UID_NAME should be 249153838Sdfr * initialized to point to that gss_OID_desc. 250153838Sdfr */ 251153838Sdfrextern gss_OID GSS_C_NT_STRING_UID_NAME; 252153838Sdfr 253153838Sdfr/* 254153838Sdfr * The implementation must reserve static storage for a 255153838Sdfr * gss_OID_desc object containing the value 256153838Sdfr * {6, (void *)"\x2b\x06\x01\x05\x06\x02"}, 257153838Sdfr * corresponding to an object-identifier value of 258153838Sdfr * {iso(1) org(3) dod(6) internet(1) security(5) 259153838Sdfr * nametypes(6) gss-host-based-services(2)). The constant 260153838Sdfr * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point 261153838Sdfr * to that gss_OID_desc. This is a deprecated OID value, and 262153838Sdfr * implementations wishing to support hostbased-service names 263153838Sdfr * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID, 264153838Sdfr * defined below, to identify such names; 265153838Sdfr * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym 266153838Sdfr * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input 267153838Sdfr * parameter, but should not be emitted by GSS-API 268153838Sdfr * implementations 269153838Sdfr */ 270153838Sdfrextern gss_OID GSS_C_NT_HOSTBASED_SERVICE_X; 271153838Sdfr 272153838Sdfr/* 273153838Sdfr * The implementation must reserve static storage for a 274153838Sdfr * gss_OID_desc object containing the value 275153838Sdfr * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 276153838Sdfr * "\x01\x02\x01\x04"}, corresponding to an 277153838Sdfr * object-identifier value of {iso(1) member-body(2) 278153838Sdfr * Unites States(840) mit(113554) infosys(1) gssapi(2) 279153838Sdfr * generic(1) service_name(4)}. The constant 280153838Sdfr * GSS_C_NT_HOSTBASED_SERVICE should be initialized 281153838Sdfr * to point to that gss_OID_desc. 282153838Sdfr */ 283153838Sdfrextern gss_OID GSS_C_NT_HOSTBASED_SERVICE; 284153838Sdfr 285153838Sdfr/* 286153838Sdfr * The implementation must reserve static storage for a 287153838Sdfr * gss_OID_desc object containing the value 288153838Sdfr * {6, (void *)"\x2b\x06\01\x05\x06\x03"}, 289153838Sdfr * corresponding to an object identifier value of 290153838Sdfr * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 291153838Sdfr * 6(nametypes), 3(gss-anonymous-name)}. The constant 292153838Sdfr * and GSS_C_NT_ANONYMOUS should be initialized to point 293153838Sdfr * to that gss_OID_desc. 294153838Sdfr */ 295153838Sdfrextern gss_OID GSS_C_NT_ANONYMOUS; 296153838Sdfr 297153838Sdfr 298153838Sdfr/* 299153838Sdfr * The implementation must reserve static storage for a 300153838Sdfr * gss_OID_desc object containing the value 301153838Sdfr * {6, (void *)"\x2b\x06\x01\x05\x06\x04"}, 302153838Sdfr * corresponding to an object-identifier value of 303153838Sdfr * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 304153838Sdfr * 6(nametypes), 4(gss-api-exported-name)}. The constant 305153838Sdfr * GSS_C_NT_EXPORT_NAME should be initialized to point 306153838Sdfr * to that gss_OID_desc. 307153838Sdfr */ 308153838Sdfrextern gss_OID GSS_C_NT_EXPORT_NAME; 309153838Sdfr 310153838Sdfr/* 311153838Sdfr * This name form shall be represented by the Object Identifier {iso(1) 312153838Sdfr * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 313153838Sdfr * krb5(2) krb5_name(1)}. The recommended symbolic name for this type 314153838Sdfr * is "GSS_KRB5_NT_PRINCIPAL_NAME". 315153838Sdfr */ 316153838Sdfrextern gss_OID GSS_KRB5_NT_PRINCIPAL_NAME; 317153838Sdfr 318153838Sdfr/* 319153838Sdfr * This name form shall be represented by the Object Identifier {iso(1) 320153838Sdfr * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 321153838Sdfr * generic(1) user_name(1)}. The recommended symbolic name for this 322153838Sdfr * type is "GSS_KRB5_NT_USER_NAME". 323153838Sdfr */ 324153838Sdfrextern gss_OID GSS_KRB5_NT_USER_NAME; 325153838Sdfr 326153838Sdfr/* 327153838Sdfr * This name form shall be represented by the Object Identifier {iso(1) 328153838Sdfr * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 329153838Sdfr * generic(1) machine_uid_name(2)}. The recommended symbolic name for 330153838Sdfr * this type is "GSS_KRB5_NT_MACHINE_UID_NAME". 331153838Sdfr */ 332153838Sdfrextern gss_OID GSS_KRB5_NT_MACHINE_UID_NAME; 333153838Sdfr 334153838Sdfr/* 335153838Sdfr * This name form shall be represented by the Object Identifier {iso(1) 336153838Sdfr * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 337153838Sdfr * generic(1) string_uid_name(3)}. The recommended symbolic name for 338153838Sdfr * this type is "GSS_KRB5_NT_STRING_UID_NAME". 339153838Sdfr */ 340153838Sdfrextern gss_OID GSS_KRB5_NT_STRING_UID_NAME; 341153838Sdfr 342153838Sdfr/* Major status codes */ 343153838Sdfr 344153838Sdfr#define GSS_S_COMPLETE 0 345153838Sdfr 346153838Sdfr/* 347153838Sdfr * Some "helper" definitions to make the status code macros obvious. 348153838Sdfr */ 349153838Sdfr#define GSS_C_CALLING_ERROR_OFFSET 24 350153838Sdfr#define GSS_C_ROUTINE_ERROR_OFFSET 16 351153838Sdfr#define GSS_C_SUPPLEMENTARY_OFFSET 0 352153838Sdfr#define GSS_C_CALLING_ERROR_MASK 0377ul 353153838Sdfr#define GSS_C_ROUTINE_ERROR_MASK 0377ul 354153838Sdfr#define GSS_C_SUPPLEMENTARY_MASK 0177777ul 355153838Sdfr 356153838Sdfr/* 357153838Sdfr * The macros that test status codes for error conditions. 358153838Sdfr * Note that the GSS_ERROR() macro has changed slightly from 359153838Sdfr * the V1 GSS-API so that it now evaluates its argument 360153838Sdfr * only once. 361153838Sdfr */ 362153838Sdfr#define GSS_CALLING_ERROR(x) \ 363153838Sdfr (x & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET)) 364153838Sdfr#define GSS_ROUTINE_ERROR(x) \ 365153838Sdfr (x & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)) 366153838Sdfr#define GSS_SUPPLEMENTARY_INFO(x) \ 367153838Sdfr (x & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET)) 368153838Sdfr#define GSS_ERROR(x) \ 369153838Sdfr (x & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) | \ 370153838Sdfr (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))) 371153838Sdfr 372153838Sdfr/* 373153838Sdfr * Now the actual status code definitions 374153838Sdfr */ 375153838Sdfr 376153838Sdfr/* 377153838Sdfr * Calling errors: 378153838Sdfr */ 379153838Sdfr#define GSS_S_CALL_INACCESSIBLE_READ \ 380153838Sdfr(1ul << GSS_C_CALLING_ERROR_OFFSET) 381153838Sdfr#define GSS_S_CALL_INACCESSIBLE_WRITE \ 382153838Sdfr(2ul << GSS_C_CALLING_ERROR_OFFSET) 383153838Sdfr#define GSS_S_CALL_BAD_STRUCTURE \ 384153838Sdfr(3ul << GSS_C_CALLING_ERROR_OFFSET) 385153838Sdfr 386153838Sdfr/* 387153838Sdfr * Routine errors: 388153838Sdfr */ 389153838Sdfr#define GSS_S_BAD_MECH (1ul << GSS_C_ROUTINE_ERROR_OFFSET) 390153838Sdfr#define GSS_S_BAD_NAME (2ul << GSS_C_ROUTINE_ERROR_OFFSET) 391153838Sdfr#define GSS_S_BAD_NAMETYPE (3ul << GSS_C_ROUTINE_ERROR_OFFSET) 392153838Sdfr#define GSS_S_BAD_BINDINGS (4ul << GSS_C_ROUTINE_ERROR_OFFSET) 393153838Sdfr#define GSS_S_BAD_STATUS (5ul << GSS_C_ROUTINE_ERROR_OFFSET) 394153838Sdfr#define GSS_S_BAD_SIG (6ul << GSS_C_ROUTINE_ERROR_OFFSET) 395153838Sdfr#define GSS_S_BAD_MIC GSS_S_BAD_SIG 396153838Sdfr#define GSS_S_NO_CRED (7ul << GSS_C_ROUTINE_ERROR_OFFSET) 397153838Sdfr#define GSS_S_NO_CONTEXT (8ul << GSS_C_ROUTINE_ERROR_OFFSET) 398153838Sdfr#define GSS_S_DEFECTIVE_TOKEN (9ul << GSS_C_ROUTINE_ERROR_OFFSET) 399153838Sdfr#define GSS_S_DEFECTIVE_CREDENTIAL (10ul << GSS_C_ROUTINE_ERROR_OFFSET) 400153838Sdfr#define GSS_S_CREDENTIALS_EXPIRED (11ul << GSS_C_ROUTINE_ERROR_OFFSET) 401153838Sdfr#define GSS_S_CONTEXT_EXPIRED (12ul << GSS_C_ROUTINE_ERROR_OFFSET) 402153838Sdfr#define GSS_S_FAILURE (13ul << GSS_C_ROUTINE_ERROR_OFFSET) 403153838Sdfr#define GSS_S_BAD_QOP (14ul << GSS_C_ROUTINE_ERROR_OFFSET) 404153838Sdfr#define GSS_S_UNAUTHORIZED (15ul << GSS_C_ROUTINE_ERROR_OFFSET) 405153838Sdfr#define GSS_S_UNAVAILABLE (16ul << GSS_C_ROUTINE_ERROR_OFFSET) 406153838Sdfr#define GSS_S_DUPLICATE_ELEMENT (17ul << GSS_C_ROUTINE_ERROR_OFFSET) 407153838Sdfr#define GSS_S_NAME_NOT_MN (18ul << GSS_C_ROUTINE_ERROR_OFFSET) 408153838Sdfr 409153838Sdfr/* 410153838Sdfr * Supplementary info bits: 411153838Sdfr */ 412153838Sdfr#define GSS_S_CONTINUE_NEEDED \ 413153838Sdfr (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 0)) 414153838Sdfr#define GSS_S_DUPLICATE_TOKEN \ 415153838Sdfr (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 1)) 416153838Sdfr#define GSS_S_OLD_TOKEN \ 417153838Sdfr (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 2)) 418153838Sdfr#define GSS_S_UNSEQ_TOKEN \ 419153838Sdfr (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 3)) 420153838Sdfr#define GSS_S_GAP_TOKEN \ 421153838Sdfr (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 4)) 422153838Sdfr 423179033Sdfr__BEGIN_DECLS 424179033Sdfr 425153838Sdfr/* 426153838Sdfr * Finally, function prototypes for the GSS-API routines. 427153838Sdfr */ 428153838SdfrOM_uint32 gss_acquire_cred 429153838Sdfr (OM_uint32 *, /* minor_status */ 430153838Sdfr const gss_name_t, /* desired_name */ 431153838Sdfr OM_uint32, /* time_req */ 432153838Sdfr const gss_OID_set, /* desired_mechs */ 433153838Sdfr gss_cred_usage_t, /* cred_usage */ 434153838Sdfr gss_cred_id_t *, /* output_cred_handle */ 435153838Sdfr gss_OID_set *, /* actual_mechs */ 436153838Sdfr OM_uint32 * /* time_rec */ 437153838Sdfr ); 438153838Sdfr 439153838SdfrOM_uint32 gss_release_cred 440153838Sdfr (OM_uint32 *, /* minor_status */ 441153838Sdfr gss_cred_id_t * /* cred_handle */ 442153838Sdfr ); 443153838Sdfr 444153838SdfrOM_uint32 gss_init_sec_context 445153838Sdfr (OM_uint32 *, /* minor_status */ 446153838Sdfr const gss_cred_id_t, /* initiator_cred_handle */ 447153838Sdfr gss_ctx_id_t *, /* context_handle */ 448153838Sdfr const gss_name_t, /* target_name */ 449153838Sdfr const gss_OID, /* mech_type */ 450153838Sdfr OM_uint32, /* req_flags */ 451153838Sdfr OM_uint32, /* time_req */ 452153838Sdfr const gss_channel_bindings_t, 453153838Sdfr /* input_chan_bindings */ 454153838Sdfr const gss_buffer_t, /* input_token */ 455153838Sdfr gss_OID *, /* actual_mech_type */ 456153838Sdfr gss_buffer_t, /* output_token */ 457153838Sdfr OM_uint32 *, /* ret_flags */ 458153838Sdfr OM_uint32 * /* time_rec */ 459153838Sdfr ); 460153838Sdfr 461153838SdfrOM_uint32 gss_accept_sec_context 462153838Sdfr (OM_uint32 *, /* minor_status */ 463153838Sdfr gss_ctx_id_t *, /* context_handle */ 464153838Sdfr const gss_cred_id_t, /* acceptor_cred_handle */ 465153838Sdfr const gss_buffer_t, /* input_token_buffer */ 466153838Sdfr const gss_channel_bindings_t, 467153838Sdfr /* input_chan_bindings */ 468153838Sdfr gss_name_t *, /* src_name */ 469153838Sdfr gss_OID *, /* mech_type */ 470153838Sdfr gss_buffer_t, /* output_token */ 471153838Sdfr OM_uint32 *, /* ret_flags */ 472153838Sdfr OM_uint32 *, /* time_rec */ 473153838Sdfr gss_cred_id_t * /* delegated_cred_handle */ 474153838Sdfr ); 475153838Sdfr 476153838SdfrOM_uint32 gss_process_context_token 477153838Sdfr (OM_uint32 *, /* minor_status */ 478153838Sdfr const gss_ctx_id_t, /* context_handle */ 479153838Sdfr const gss_buffer_t /* token_buffer */ 480153838Sdfr ); 481153838Sdfr 482153838SdfrOM_uint32 gss_delete_sec_context 483153838Sdfr (OM_uint32 *, /* minor_status */ 484153838Sdfr gss_ctx_id_t *, /* context_handle */ 485153838Sdfr gss_buffer_t /* output_token */ 486153838Sdfr ); 487153838Sdfr 488153838SdfrOM_uint32 gss_context_time 489153838Sdfr (OM_uint32 *, /* minor_status */ 490153838Sdfr const gss_ctx_id_t, /* context_handle */ 491153838Sdfr OM_uint32 * /* time_rec */ 492153838Sdfr ); 493153838Sdfr 494153838SdfrOM_uint32 gss_get_mic 495153838Sdfr (OM_uint32 *, /* minor_status */ 496153838Sdfr const gss_ctx_id_t, /* context_handle */ 497153838Sdfr gss_qop_t, /* qop_req */ 498153838Sdfr const gss_buffer_t, /* message_buffer */ 499153838Sdfr gss_buffer_t /* message_token */ 500153838Sdfr ); 501153838Sdfr 502153838SdfrOM_uint32 gss_verify_mic 503153838Sdfr (OM_uint32 *, /* minor_status */ 504153838Sdfr const gss_ctx_id_t, /* context_handle */ 505153838Sdfr const gss_buffer_t, /* message_buffer */ 506153838Sdfr const gss_buffer_t, /* token_buffer */ 507153838Sdfr gss_qop_t * /* qop_state */ 508153838Sdfr ); 509153838Sdfr 510153838SdfrOM_uint32 gss_wrap 511153838Sdfr (OM_uint32 *, /* minor_status */ 512153838Sdfr const gss_ctx_id_t, /* context_handle */ 513153838Sdfr int, /* conf_req_flag */ 514153838Sdfr gss_qop_t, /* qop_req */ 515153838Sdfr const gss_buffer_t, /* input_message_buffer */ 516153838Sdfr int *, /* conf_state */ 517153838Sdfr gss_buffer_t /* output_message_buffer */ 518153838Sdfr ); 519153838Sdfr 520153838SdfrOM_uint32 gss_unwrap 521153838Sdfr (OM_uint32 *, /* minor_status */ 522153838Sdfr const gss_ctx_id_t, /* context_handle */ 523153838Sdfr const gss_buffer_t, /* input_message_buffer */ 524153838Sdfr gss_buffer_t, /* output_message_buffer */ 525153838Sdfr int *, /* conf_state */ 526153838Sdfr gss_qop_t * /* qop_state */ 527153838Sdfr ); 528153838Sdfr 529153838SdfrOM_uint32 gss_display_status 530153838Sdfr (OM_uint32 *, /* minor_status */ 531153838Sdfr OM_uint32, /* status_value */ 532153838Sdfr int, /* status_type */ 533153838Sdfr const gss_OID, /* mech_type */ 534153838Sdfr OM_uint32 *, /* message_context */ 535153838Sdfr gss_buffer_t /* status_string */ 536153838Sdfr ); 537153838Sdfr 538153838SdfrOM_uint32 gss_indicate_mechs 539153838Sdfr (OM_uint32 *, /* minor_status */ 540153838Sdfr gss_OID_set * /* mech_set */ 541153838Sdfr ); 542153838Sdfr 543153838SdfrOM_uint32 gss_compare_name 544153838Sdfr (OM_uint32 *, /* minor_status */ 545153838Sdfr const gss_name_t, /* name1 */ 546153838Sdfr const gss_name_t, /* name2 */ 547153838Sdfr int * /* name_equal */ 548153838Sdfr ); 549153838Sdfr 550153838SdfrOM_uint32 gss_display_name 551153838Sdfr (OM_uint32 *, /* minor_status */ 552153838Sdfr const gss_name_t, /* input_name */ 553153838Sdfr gss_buffer_t, /* output_name_buffer */ 554153838Sdfr gss_OID * /* output_name_type */ 555153838Sdfr ); 556153838Sdfr 557153838SdfrOM_uint32 gss_import_name 558153838Sdfr (OM_uint32 *, /* minor_status */ 559153838Sdfr const gss_buffer_t, /* input_name_buffer */ 560153838Sdfr const gss_OID, /* input_name_type */ 561153838Sdfr gss_name_t * /* output_name */ 562153838Sdfr ); 563153838Sdfr 564153838SdfrOM_uint32 gss_export_name 565153838Sdfr (OM_uint32 *, /* minor_status */ 566153838Sdfr const gss_name_t, /* input_name */ 567153838Sdfr gss_buffer_t /* exported_name */ 568153838Sdfr ); 569153838Sdfr 570153838SdfrOM_uint32 gss_release_name 571153838Sdfr (OM_uint32 *, /* minor_status */ 572153838Sdfr gss_name_t * /* input_name */ 573153838Sdfr ); 574153838Sdfr 575153838SdfrOM_uint32 gss_release_buffer 576153838Sdfr (OM_uint32 *, /* minor_status */ 577153838Sdfr gss_buffer_t /* buffer */ 578153838Sdfr ); 579153838Sdfr 580153838SdfrOM_uint32 gss_release_oid_set 581153838Sdfr (OM_uint32 *, /* minor_status */ 582153838Sdfr gss_OID_set * /* set */ 583153838Sdfr ); 584153838Sdfr 585153838SdfrOM_uint32 gss_inquire_cred 586153838Sdfr (OM_uint32 *, /* minor_status */ 587153838Sdfr const gss_cred_id_t, /* cred_handle */ 588153838Sdfr gss_name_t *, /* name */ 589153838Sdfr OM_uint32 *, /* lifetime */ 590153838Sdfr gss_cred_usage_t *, /* cred_usage */ 591153838Sdfr gss_OID_set * /* mechanisms */ 592153838Sdfr ); 593153838Sdfr 594153838SdfrOM_uint32 gss_inquire_context ( 595153838Sdfr OM_uint32 *, /* minor_status */ 596153838Sdfr const gss_ctx_id_t, /* context_handle */ 597153838Sdfr gss_name_t *, /* src_name */ 598153838Sdfr gss_name_t *, /* targ_name */ 599153838Sdfr OM_uint32 *, /* lifetime_rec */ 600153838Sdfr gss_OID *, /* mech_type */ 601153838Sdfr OM_uint32 *, /* ctx_flags */ 602153838Sdfr int *, /* locally_initiated */ 603153838Sdfr int * /* open */ 604153838Sdfr ); 605153838Sdfr 606153838SdfrOM_uint32 gss_wrap_size_limit ( 607153838Sdfr OM_uint32 *, /* minor_status */ 608153838Sdfr const gss_ctx_id_t, /* context_handle */ 609153838Sdfr int, /* conf_req_flag */ 610153838Sdfr gss_qop_t, /* qop_req */ 611153838Sdfr OM_uint32, /* req_output_size */ 612153838Sdfr OM_uint32 * /* max_input_size */ 613153838Sdfr ); 614153838Sdfr 615153838SdfrOM_uint32 gss_add_cred ( 616153838Sdfr OM_uint32 *, /* minor_status */ 617153838Sdfr const gss_cred_id_t, /* input_cred_handle */ 618153838Sdfr const gss_name_t, /* desired_name */ 619153838Sdfr const gss_OID, /* desired_mech */ 620153838Sdfr gss_cred_usage_t, /* cred_usage */ 621153838Sdfr OM_uint32, /* initiator_time_req */ 622153838Sdfr OM_uint32, /* acceptor_time_req */ 623153838Sdfr gss_cred_id_t *, /* output_cred_handle */ 624153838Sdfr gss_OID_set *, /* actual_mechs */ 625153838Sdfr OM_uint32 *, /* initiator_time_rec */ 626153838Sdfr OM_uint32 * /* acceptor_time_rec */ 627153838Sdfr ); 628153838Sdfr 629153838SdfrOM_uint32 gss_inquire_cred_by_mech ( 630153838Sdfr OM_uint32 *, /* minor_status */ 631153838Sdfr const gss_cred_id_t, /* cred_handle */ 632153838Sdfr const gss_OID, /* mech_type */ 633153838Sdfr gss_name_t *, /* name */ 634153838Sdfr OM_uint32 *, /* initiator_lifetime */ 635153838Sdfr OM_uint32 *, /* acceptor_lifetime */ 636153838Sdfr gss_cred_usage_t * /* cred_usage */ 637153838Sdfr ); 638153838Sdfr 639153838SdfrOM_uint32 gss_export_sec_context ( 640153838Sdfr OM_uint32 *, /* minor_status */ 641153838Sdfr gss_ctx_id_t *, /* context_handle */ 642153838Sdfr gss_buffer_t /* interprocess_token */ 643153838Sdfr ); 644153838Sdfr 645153838SdfrOM_uint32 gss_import_sec_context ( 646153838Sdfr OM_uint32 *, /* minor_status */ 647153838Sdfr const gss_buffer_t, /* interprocess_token */ 648153838Sdfr gss_ctx_id_t * /* context_handle */ 649153838Sdfr ); 650153838Sdfr 651153838SdfrOM_uint32 gss_create_empty_oid_set ( 652153838Sdfr OM_uint32 *, /* minor_status */ 653153838Sdfr gss_OID_set * /* oid_set */ 654153838Sdfr ); 655153838Sdfr 656153838SdfrOM_uint32 gss_add_oid_set_member ( 657153838Sdfr OM_uint32 *, /* minor_status */ 658153838Sdfr const gss_OID, /* member_oid */ 659153838Sdfr gss_OID_set * /* oid_set */ 660153838Sdfr ); 661153838Sdfr 662153838SdfrOM_uint32 gss_test_oid_set_member ( 663153838Sdfr OM_uint32 *, /* minor_status */ 664153838Sdfr const gss_OID, /* member */ 665153838Sdfr const gss_OID_set, /* set */ 666153838Sdfr int * /* present */ 667153838Sdfr ); 668153838Sdfr 669153838SdfrOM_uint32 gss_inquire_names_for_mech ( 670153838Sdfr OM_uint32 *, /* minor_status */ 671153838Sdfr const gss_OID, /* mechanism */ 672153838Sdfr gss_OID_set * /* name_types */ 673153838Sdfr ); 674153838Sdfr 675153838SdfrOM_uint32 gss_inquire_mechs_for_name ( 676153838Sdfr OM_uint32 *, /* minor_status */ 677153838Sdfr const gss_name_t, /* input_name */ 678153838Sdfr gss_OID_set * /* mech_types */ 679153838Sdfr ); 680153838Sdfr 681153838SdfrOM_uint32 gss_canonicalize_name ( 682153838Sdfr OM_uint32 *, /* minor_status */ 683153838Sdfr const gss_name_t, /* input_name */ 684153838Sdfr const gss_OID, /* mech_type */ 685153838Sdfr gss_name_t * /* output_name */ 686153838Sdfr ); 687153838Sdfr 688153838SdfrOM_uint32 gss_duplicate_name ( 689153838Sdfr OM_uint32 *, /* minor_status */ 690153838Sdfr const gss_name_t, /* src_name */ 691153838Sdfr gss_name_t * /* dest_name */ 692153838Sdfr ); 693153838Sdfr 694153838Sdfr/* 695153838Sdfr * The following routines are obsolete variants of gss_get_mic, 696153838Sdfr * gss_verify_mic, gss_wrap and gss_unwrap. They should be 697153838Sdfr * provided by GSS-API V2 implementations for backwards 698153838Sdfr * compatibility with V1 applications. Distinct entrypoints 699153838Sdfr * (as opposed to #defines) should be provided, both to allow 700153838Sdfr * GSS-API V1 applications to link against GSS-API V2 implementations, 701153838Sdfr * and to retain the slight parameter type differences between the 702153838Sdfr * obsolete versions of these routines and their current forms. 703153838Sdfr */ 704153838Sdfr 705153838SdfrOM_uint32 gss_sign 706153838Sdfr (OM_uint32 *, /* minor_status */ 707153838Sdfr gss_ctx_id_t, /* context_handle */ 708153838Sdfr int, /* qop_req */ 709153838Sdfr gss_buffer_t, /* message_buffer */ 710153838Sdfr gss_buffer_t /* message_token */ 711153838Sdfr ); 712153838Sdfr 713153838Sdfr 714153838SdfrOM_uint32 gss_verify 715153838Sdfr (OM_uint32 *, /* minor_status */ 716153838Sdfr gss_ctx_id_t, /* context_handle */ 717153838Sdfr gss_buffer_t, /* message_buffer */ 718153838Sdfr gss_buffer_t, /* token_buffer */ 719153838Sdfr int * /* qop_state */ 720153838Sdfr ); 721153838Sdfr 722153838SdfrOM_uint32 gss_seal 723153838Sdfr (OM_uint32 *, /* minor_status */ 724153838Sdfr gss_ctx_id_t, /* context_handle */ 725153838Sdfr int, /* conf_req_flag */ 726153838Sdfr int, /* qop_req */ 727153838Sdfr gss_buffer_t, /* input_message_buffer */ 728153838Sdfr int *, /* conf_state */ 729153838Sdfr gss_buffer_t /* output_message_buffer */ 730153838Sdfr ); 731153838Sdfr 732153838Sdfr 733153838SdfrOM_uint32 gss_unseal 734153838Sdfr (OM_uint32 *, /* minor_status */ 735153838Sdfr gss_ctx_id_t, /* context_handle */ 736153838Sdfr gss_buffer_t, /* input_message_buffer */ 737153838Sdfr gss_buffer_t, /* output_message_buffer */ 738153838Sdfr int *, /* conf_state */ 739153838Sdfr int * /* qop_state */ 740153838Sdfr ); 741153838Sdfr 742153838Sdfr/* 743178828Sdfr * Other extensions and helper functions. 744153838Sdfr */ 745153838Sdfr 746178828Sdfrint gss_oid_equal 747178828Sdfr (const gss_OID, /* first OID to compare */ 748178828Sdfr const gss_OID /* second OID to compare */ 749153838Sdfr ); 750153838Sdfr 751178828SdfrOM_uint32 gss_release_oid 752178828Sdfr (OM_uint32 *, /* minor status */ 753178828Sdfr gss_OID * /* oid to free */ 754153838Sdfr ); 755153838Sdfr 756178828SdfrOM_uint32 gss_decapsulate_token 757178828Sdfr (const gss_buffer_t, /* mechanism independent token */ 758178828Sdfr gss_OID, /* desired mechanism */ 759178828Sdfr gss_buffer_t /* decapsulated mechanism dependant token */ 760153838Sdfr ); 761153838Sdfr 762178828SdfrOM_uint32 gss_encapsulate_token 763178828Sdfr (const gss_buffer_t, /* mechanism dependant token */ 764178828Sdfr gss_OID, /* desired mechanism */ 765178828Sdfr gss_buffer_t /* encapsulated mechanism independent token */ 766178828Sdfr ); 767178828Sdfr 768178828SdfrOM_uint32 gss_duplicate_oid 769178828Sdfr (OM_uint32 *, /* minor status */ 770178828Sdfr const gss_OID, /* oid to copy */ 771178828Sdfr gss_OID * /* result */ 772178828Sdfr ); 773178828Sdfr 774178828SdfrOM_uint32 gss_oid_to_str 775178828Sdfr (OM_uint32 *, /* minor status */ 776178828Sdfr gss_OID, /* oid to convert */ 777178828Sdfr gss_buffer_t /* buffer to contain string */ 778178828Sdfr ); 779178828Sdfr 780178828Sdfrtypedef struct gss_buffer_set_desc_struct { 781178828Sdfr size_t count; 782178828Sdfr gss_buffer_desc *elements; 783178828Sdfr} gss_buffer_set_desc, *gss_buffer_set_t; 784178828Sdfr 785178828Sdfr#define GSS_C_NO_BUFFER_SET ((gss_buffer_set_t) 0) 786178828Sdfr 787178828SdfrOM_uint32 gss_create_empty_buffer_set 788178828Sdfr (OM_uint32 *, /* minor status */ 789178828Sdfr gss_buffer_set_t * /* location for new buffer set */ 790178828Sdfr ); 791178828Sdfr 792178828SdfrOM_uint32 gss_add_buffer_set_member 793178828Sdfr (OM_uint32 *, /* minor status */ 794178828Sdfr gss_buffer_t, /* buffer to add */ 795178828Sdfr gss_buffer_set_t * /* set to add to */ 796178828Sdfr ); 797178828Sdfr 798178828SdfrOM_uint32 gss_release_buffer_set 799178828Sdfr (OM_uint32 *, /* minor status */ 800178828Sdfr gss_buffer_set_t * /* set to release */ 801178828Sdfr ); 802178828Sdfr 803178828SdfrOM_uint32 gss_inquire_sec_context_by_oid 804178828Sdfr (OM_uint32 *, /* minor_status */ 805178828Sdfr const gss_ctx_id_t, /* context_handle */ 806178828Sdfr const gss_OID, /* desired_object */ 807178828Sdfr gss_buffer_set_t * /* result */ 808178828Sdfr ); 809178828Sdfr 810178828SdfrOM_uint32 gss_inquire_cred_by_oid 811178828Sdfr (OM_uint32 *, /* minor_status */ 812178828Sdfr const gss_cred_id_t, /* cred_handle */ 813178828Sdfr const gss_OID, /* desired_object */ 814178828Sdfr gss_buffer_set_t * /* result */ 815178828Sdfr ); 816178828Sdfr 817178828SdfrOM_uint32 gss_set_sec_context_option 818178828Sdfr (OM_uint32 *, /* minor status */ 819178828Sdfr gss_ctx_id_t *, /* context */ 820178828Sdfr const gss_OID, /* option to set */ 821178828Sdfr const gss_buffer_t /* option value */ 822178828Sdfr ); 823178828Sdfr 824178828SdfrOM_uint32 gss_set_cred_option 825178828Sdfr (OM_uint32 *, /* minor status */ 826178828Sdfr gss_cred_id_t *, /* cred */ 827178828Sdfr const gss_OID, /* option to set */ 828178828Sdfr const gss_buffer_t /* option value */ 829178828Sdfr ); 830178828Sdfr 831178828SdfrOM_uint32 gss_pseudo_random 832178828Sdfr (OM_uint32 *, /* minor status */ 833178828Sdfr gss_ctx_id_t, /* context handle */ 834178828Sdfr int prf_key, /* XXX */ 835178828Sdfr const gss_buffer_t, /* data to seed generator */ 836178828Sdfr ssize_t, /* amount of data required */ 837178828Sdfr gss_buffer_t /* buffer for result */ 838178828Sdfr ); 839178828Sdfr 840181344Sdfr#ifdef _UID_T_DECLARED 841181344SdfrOM_uint32 gss_pname_to_uid 842181344Sdfr (OM_uint32 *, /* minor status */ 843181344Sdfr const gss_name_t pname, /* principal name */ 844181344Sdfr const gss_OID mech, /* mechanism to query */ 845181344Sdfr uid_t *uidp /* pointer to UID for result */ 846181344Sdfr ); 847181344Sdfr#endif 848181344Sdfr 849179033Sdfr__END_DECLS 850179033Sdfr 851153838Sdfr#endif /* _GSSAPI_GSSAPI_H_ */ 852