1/* This is a generated file */ 2#ifndef __gssapi_protos_h__ 3#define __gssapi_protos_h__ 4 5#include <stdarg.h> 6 7#ifndef HEIMDAL_PRINTF_ATTRIBUTE 8#if defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 ))) 9#define HEIMDAL_PRINTF_ATTRIBUTE(x) __attribute__((format x)) 10#else 11#define HEIMDAL_PRINTF_ATTRIBUTE(x) 12#endif 13#endif 14 15#ifdef __cplusplus 16extern "C" { 17#endif 18 19#ifndef GSS_LIB 20#ifndef GSS_LIB_FUNCTION 21#if defined(_WIN32) 22#define GSS_LIB_FUNCTION __declspec(dllimport) 23#define GSS_LIB_CALL __stdcall 24#define GSS_LIB_VARIABLE __declspec(dllimport) 25#else 26#define GSS_LIB_FUNCTION 27#define GSS_LIB_CALL 28#define GSS_LIB_VARIABLE 29#endif 30#endif 31#endif 32/** 33 * @page internalVSmechname Internal names and mechanism names 34 * @section gssapi_api_INvsMN Name forms 35 * 36 * There are two forms of name in GSS-API, Internal form and 37 * Contiguous string ("flat") form. gss_export_name() and 38 * gss_import_name() can be used to convert between the two forms. 39 * 40 * - The contiguous string form is described by an oid specificing the 41 * type and an octet string. A special form of the contiguous 42 * string form is the exported name object. The exported name 43 * defined for each mechanism, is something that can be stored and 44 * complared later. The exported name is what should be used for 45 * ACLs comparisons. 46 * 47 * - The Internal form 48 * 49 * There is also special form of the Internal Name (IN), and that is 50 * the Mechanism Name (MN). In the mechanism name all the generic 51 * information is stripped of and only contain the information for 52 * one mechanism. In GSS-API some function return MN and some 53 * require MN as input. Each of these function is marked up as such. 54 * 55 * 56 * Describe relationship between import_name, canonicalize_name, 57 * export_name and friends. 58 */ 59 60GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 61gss_accept_sec_context ( 62 OM_uint32 *minor_status, 63 gss_ctx_id_t *context_handle, 64 const gss_cred_id_t acceptor_cred_handle, 65 const gss_buffer_t input_token, 66 const gss_channel_bindings_t input_chan_bindings, 67 gss_name_t *src_name, 68 gss_OID *mech_type, 69 gss_buffer_t output_token, 70 OM_uint32 *ret_flags, 71 OM_uint32 *time_rec, 72 gss_cred_id_t *delegated_cred_handle) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 73 74GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 75gss_acquire_cred ( 76 OM_uint32 *minor_status, 77 const gss_name_t desired_name, 78 OM_uint32 time_req, 79 const gss_OID_set desired_mechs, 80 gss_cred_usage_t cred_usage, 81 gss_cred_id_t *output_cred_handle, 82 gss_OID_set *actual_mechs, 83 OM_uint32 *time_rec) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 84 85GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 86gss_acquire_cred_with_password ( 87 OM_uint32 *minor_status, 88 const gss_name_t desired_name, 89 const gss_buffer_t password, 90 OM_uint32 time_req, 91 const gss_OID_set desired_mechs, 92 gss_cred_usage_t cred_usage, 93 gss_cred_id_t *output_cred_handle, 94 gss_OID_set *actual_mechs, 95 OM_uint32 *time_rec) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 96 97GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 98gss_add_buffer_set_member ( 99 OM_uint32 * minor_status, 100 const gss_buffer_t member_buffer, 101 gss_buffer_set_t *buffer_set) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 102 103GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 104gss_add_cred ( 105 OM_uint32 *minor_status, 106 const gss_cred_id_t input_cred_handle, 107 const gss_name_t desired_name, 108 const gss_OID desired_mech, 109 gss_cred_usage_t cred_usage, 110 OM_uint32 initiator_time_req, 111 OM_uint32 acceptor_time_req, 112 gss_cred_id_t *output_cred_handle, 113 gss_OID_set *actual_mechs, 114 OM_uint32 *initiator_time_rec, 115 OM_uint32 *acceptor_time_rec) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 116 117/** 118 * Add a oid to the oid set, function does not make a copy of the oid, 119 * so the pointer to member_oid needs to be stable for the whole time 120 * oid_set is used. 121 * 122 * If there is a duplicate member of the oid, the new member is not 123 * added to to the set. 124 * 125 * @param minor_status minor status code. 126 * @param member_oid member to add to the oid set 127 * @param oid_set oid set to add the member too 128 * 129 * @returns a gss_error code, see gss_display_status() about printing 130 * the error code. 131 * 132 * @ingroup gssapi 133 */ 134 135GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 136gss_add_oid_set_member ( 137 OM_uint32 * minor_status, 138 gss_const_OID member_oid, 139 gss_OID_set * oid_set) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 140 141/** 142 * gss_canonicalize_name takes a Internal Name (IN) and converts in into a 143 * mechanism specific Mechanism Name (MN). 144 * 145 * The input name may multiple name, or generic name types. 146 * 147 * If the input_name if of the GSS_C_NT_USER_NAME, and the Kerberos 148 * mechanism is specified, the resulting MN type is a 149 * GSS_KRB5_NT_PRINCIPAL_NAME. 150 * 151 * For more information about @ref internalVSmechname. 152 * 153 * @param minor_status minor status code. 154 * @param input_name name to covert, unchanged by gss_canonicalize_name(). 155 * @param mech_type the type to convert Name too. 156 * @param output_name the resulting type, release with 157 * gss_release_name(), independent of input_name. 158 * 159 * @returns a gss_error code, see gss_display_status() about printing 160 * the error code. 161 * 162 * @ingroup gssapi 163 */ 164 165GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 166gss_canonicalize_name ( 167 OM_uint32 *minor_status, 168 const gss_name_t input_name, 169 const gss_OID mech_type, 170 gss_name_t *output_name) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 171 172GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 173gss_compare_name ( 174 OM_uint32 *minor_status, 175 const gss_name_t name1_arg, 176 const gss_name_t name2_arg, 177 int *name_equal) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 178 179GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 180gss_context_time ( 181 OM_uint32 *minor_status, 182 const gss_ctx_id_t context_handle, 183 OM_uint32 *time_rec) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 184 185GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 186gss_create_empty_buffer_set ( 187 OM_uint32 * minor_status, 188 gss_buffer_set_t *buffer_set) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 189 190GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 191gss_create_empty_oid_set ( 192 OM_uint32 *minor_status, 193 gss_OID_set *oid_set) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 194 195GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 196gss_decapsulate_token ( 197 gss_const_buffer_t input_token, 198 gss_const_OID oid, 199 gss_buffer_t output_token) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 200 201GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 202gss_delete_sec_context ( 203 OM_uint32 *minor_status, 204 gss_ctx_id_t *context_handle, 205 gss_buffer_t output_token) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 206 207/** 208 * Destroy a credential 209 * 210 * gss_release_cred() frees the memory, gss_destroy_cred() removes the credentials from memory/disk and then call gss_release_cred() on the credential. 211 * 212 * @param min_stat minor status code 213 * @param cred_handle credentail to destory 214 * 215 * @returns a gss_error code, see gss_display_status() about printing 216 * the error code. 217 * 218 * @ingroup gssapi 219 */ 220 221OM_uint32 GSSAPI_LIB_FUNCTION 222gss_destroy_cred ( 223 OM_uint32 *min_stat, 224 gss_cred_id_t *cred_handle) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 225 226/** 227 * Return names and descriptions of mech attributes 228 * 229 * @param minor_status minor status code 230 * @param mech_attr attributes wanted 231 * @param name name of attribute 232 * @param short_desc short description 233 * @param long_desc long description 234 * 235 * @return returns GSS_S_COMPLETE or an error code. 236 */ 237 238GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 239gss_display_mech_attr ( 240 OM_uint32 * minor_status, 241 gss_const_OID mech_attr, 242 gss_buffer_t name, 243 gss_buffer_t short_desc, 244 gss_buffer_t long_desc) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 245 246/** 247 * Create a representstion of a name suitable for display 248 * 249 * A name that is useful to print to user, not suitable for 250 * authorization. For authorization use gss_authorize_localname(), or 251 * gss_userok(). 252 * 253 * @param minor_status minor status code returned 254 * @param input_name name to be converted into a name 255 * @param output_name_buffer output buffer with name, must be released with gss_release_buffer() on success. 256 * @param output_name_type type OID of then name 257 * 258 * @returns GSS major status code 259 * 260 * @ingroup gssapi 261 */ 262 263GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 264gss_display_name ( 265 OM_uint32 *minor_status, 266 const gss_name_t input_name, 267 gss_buffer_t output_name_buffer, 268 gss_OID *output_name_type) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 269 270GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 271gss_display_status ( 272 OM_uint32 *minor_status, 273 OM_uint32 status_value, 274 int status_type, 275 const gss_OID mech_type, 276 OM_uint32 *message_content, 277 gss_buffer_t status_string) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 278 279GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 280gss_duplicate_name ( 281 OM_uint32 *minor_status, 282 const gss_name_t src_name, 283 gss_name_t *dest_name) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 284 285GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 286gss_duplicate_oid ( 287 OM_uint32 *minor_status, 288 gss_OID src_oid, 289 gss_OID *dest_oid ) __OSX_AVAILABLE_BUT_DEPRECATED_MSG(__MAC_10_7, __MAC_10_9, __IPHONE_5_0, __IPHONE_7_0, "Not standardised"); 290 291GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 292gss_encapsulate_token ( 293 gss_const_buffer_t input_token, 294 gss_const_OID oid, 295 gss_buffer_t output_token) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 296 297GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 298gss_export_cred ( 299 OM_uint32 * minor_status, 300 gss_cred_id_t cred_handle, 301 gss_buffer_t token) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 302 303GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 304gss_export_name ( 305 OM_uint32 *minor_status, 306 const gss_name_t input_name, 307 gss_buffer_t exported_name) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 308 309GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 310gss_export_sec_context ( 311 OM_uint32 *minor_status, 312 gss_ctx_id_t *context_handle, 313 gss_buffer_t interprocess_token) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 314 315GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 316gss_get_mic ( 317 OM_uint32 *minor_status, 318 const gss_ctx_id_t context_handle, 319 gss_qop_t qop_req, 320 const gss_buffer_t message_buffer, 321 gss_buffer_t message_token) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 322 323GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 324gss_import_cred ( 325 OM_uint32 * minor_status, 326 gss_buffer_t token, 327 gss_cred_id_t * cred_handle) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 328 329/** 330 * Import a name internal or mechanism name 331 * 332 * Type of name and their format: 333 * - GSS_C_NO_OID 334 * - GSS_C_NT_USER_NAME 335 * - GSS_C_NT_HOSTBASED_SERVICE 336 * - GSS_C_NT_EXPORT_NAME 337 * - GSS_C_NT_ANONYMOUS 338 * - GSS_KRB5_NT_PRINCIPAL_NAME 339 * 340 * For more information about @ref internalVSmechname. 341 * 342 * @param minor_status minor status code 343 * @param input_name_buffer import name buffer 344 * @param input_name_type type of the import name buffer 345 * @param output_name the resulting type, release with 346 * gss_release_name(), independent of input_name 347 * 348 * @returns a gss_error code, see gss_display_status() about printing 349 * the error code. 350 * 351 * @ingroup gssapi 352 */ 353 354GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 355gss_import_name ( 356 OM_uint32 *minor_status, 357 const gss_buffer_t input_name_buffer, 358 gss_const_OID input_name_type, 359 gss_name_t *output_name) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 360 361/** 362 * If we can't find a mechanism name for the name, we fail though. 363 */ 364 365GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 366gss_import_sec_context ( 367 OM_uint32 *minor_status, 368 const gss_buffer_t interprocess_token, 369 gss_ctx_id_t *context_handle) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 370 371GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 372gss_indicate_mechs ( 373 OM_uint32 *minor_status, 374 gss_OID_set *mech_set) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 375 376/** 377 * Return set of mechanism that fullfill the criteria 378 * 379 * @return returns GSS_S_COMPLETE or an error code. 380 */ 381 382GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 383gss_indicate_mechs_by_attrs ( 384 OM_uint32 * minor_status, 385 gss_const_OID_set desired_mech_attrs, 386 gss_const_OID_set except_mech_attrs, 387 gss_const_OID_set critical_mech_attrs, 388 gss_OID_set *mechs) __OSX_AVAILABLE_STARTING(__MAC_10_10, __IPHONE_8_0); 389 390/** 391 * As the initiator build a context with an acceptor. 392 * 393 * This function is blocking and should not be used on threads blocking UI updates. 394 * 395 * Returns in the major 396 * - GSS_S_COMPLETE - if the context if build 397 * - GSS_S_CONTINUE_NEEDED - if the caller needs to continue another 398 * round of gss_i nit_sec_context 399 * - error code - any other error code 400 * 401 * @param minor_status minor status code. 402 * 403 * @param initiator_cred_handle the credential to use when building 404 * the context, if GSS_C_NO_CREDENTIAL is passed, the default 405 * credential for the mechanism will be used. 406 * 407 * @param context_handle a pointer to a context handle, will be 408 * returned as long as there is not an error. 409 * 410 * @param target_name the target name of acceptor, created using 411 * gss_import_name(). The name is can be of any name types the 412 * mechanism supports, check supported name types with 413 * gss_inquire_names_for_mech(). 414 * 415 * @param input_mech_type mechanism type to use, if GSS_C_NO_OID is 416 * used, Kerberos (GSS_KRB5_MECHANISM) will be tried. Other 417 * available mechanism are listed in the @ref gssapi_mechs_intro 418 * section. 419 * 420 * @param req_flags flags using when building the context, see @ref 421 * gssapi_context_flags 422 * 423 * @param time_req time requested this context should be valid in 424 * seconds, common used value is GSS_C_INDEFINITE 425 * 426 * @param input_chan_bindings Channel bindings used, if not exepected 427 * otherwise, used GSS_C_NO_CHANNEL_BINDINGS 428 * 429 * @param input_token input token sent from the acceptor, for the 430 * initial packet the buffer of { NULL, 0 } should be used. 431 * 432 * @param actual_mech_type the actual mech used, MUST NOT be freed 433 * since it pointing to static memory. 434 * 435 * @param output_token if there is an output token, regardless of 436 * complete, continue_needed, or error it should be sent to the 437 * acceptor 438 * 439 * @param ret_flags return what flags was negotitated, caller should 440 * check if they are accetable. For example, if 441 * GSS_C_MUTUAL_FLAG was negotiated with the acceptor or not. 442 * 443 * @param time_rec amount of time this context is valid for 444 * 445 * @returns a gss_error code, see gss_display_status() about printing 446 * the error code. 447 * 448 * @ingroup gssapi 449 */ 450 451GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 452gss_init_sec_context ( 453 OM_uint32 * minor_status, 454 const gss_cred_id_t initiator_cred_handle, 455 gss_ctx_id_t * context_handle, 456 const gss_name_t target_name, 457 const gss_OID input_mech_type, 458 OM_uint32 req_flags, 459 OM_uint32 time_req, 460 const gss_channel_bindings_t input_chan_bindings, 461 const gss_buffer_t input_token, 462 gss_OID * actual_mech_type, 463 gss_buffer_t output_token, 464 OM_uint32 * ret_flags, 465 OM_uint32 * time_rec) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 466 467/** 468 * List support attributes for a mech and/or all mechanisms. 469 * 470 * @param minor_status minor status code 471 * @param mech given together with mech_attr will return the list of 472 * attributes for mechanism, can optionally be GSS_C_NO_OID. 473 * @param mech_attr see mech parameter, can optionally be NULL, 474 * release with gss_release_oid_set(). 475 * @param known_mech_attrs all attributes for mechanisms supported, 476 * release with gss_release_oid_set(). 477 * 478 * @ingroup gssapi 479 */ 480 481GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 482gss_inquire_attrs_for_mech ( 483 OM_uint32 * minor_status, 484 gss_const_OID mech, 485 gss_OID_set *mech_attr, 486 gss_OID_set *known_mech_attrs) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 487 488GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 489gss_inquire_context ( 490 OM_uint32 *minor_status, 491 const gss_ctx_id_t context_handle, 492 gss_name_t *src_name, 493 gss_name_t *targ_name, 494 OM_uint32 *lifetime_rec, 495 gss_OID *mech_type, 496 OM_uint32 *ctx_flags, 497 int *locally_initiated, 498 int *xopen) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 499 500GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 501gss_inquire_cred ( 502 OM_uint32 *minor_status, 503 const gss_cred_id_t cred_handle, 504 gss_name_t *name_ret, 505 OM_uint32 *lifetime, 506 gss_cred_usage_t *cred_usage, 507 gss_OID_set *mechanisms) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 508 509GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 510gss_inquire_cred_by_mech ( 511 OM_uint32 *minor_status, 512 const gss_cred_id_t cred_handle, 513 const gss_OID mech_type, 514 gss_name_t *cred_name, 515 OM_uint32 *initiator_lifetime, 516 OM_uint32 *acceptor_lifetime, 517 gss_cred_usage_t *cred_usage) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 518 519GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 520gss_inquire_cred_by_oid ( 521 OM_uint32 *minor_status, 522 const gss_cred_id_t cred_handle, 523 const gss_OID desired_object, 524 gss_buffer_set_t *data_set) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 525 526/** 527 * Find a mech for a sasl name 528 * 529 * @param minor_status minor status code 530 * @param sasl_mech_name sasl mech name 531 * @param mech_type mech type 532 * 533 * @return returns GSS_S_COMPLETE or an error code. 534 */ 535 536GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 537gss_inquire_mech_for_saslname ( 538 OM_uint32 *minor_status, 539 const gss_buffer_t sasl_mech_name, 540 gss_OID *mech_type) __OSX_AVAILABLE_STARTING(__MAC_10_10, __IPHONE_8_0); 541 542GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 543gss_inquire_mechs_for_name ( 544 OM_uint32 *minor_status, 545 const gss_name_t input_name, 546 gss_OID_set *mech_types) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 547 548GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 549gss_inquire_name ( 550 OM_uint32 *minor_status, 551 gss_name_t input_name, 552 int *name_is_MN, 553 gss_OID *MN_mech, 554 gss_buffer_set_t *attrs) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 555 556GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 557gss_inquire_names_for_mech ( 558 OM_uint32 *minor_status, 559 gss_const_OID mechanism, 560 gss_OID_set *name_types) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 561 562/** 563 * Returns different protocol names and description of the mechanism. 564 * 565 * @param minor_status minor status code 566 * @param desired_mech mech list query 567 * @param sasl_mech_name SASL GS2 protocol name 568 * @param mech_name gssapi protocol name 569 * @param mech_description description of gssapi mech 570 * 571 * @return returns GSS_S_COMPLETE or a error code. 572 * 573 * @ingroup gssapi 574 */ 575 576GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 577gss_inquire_saslname_for_mech ( 578 OM_uint32 *minor_status, 579 const gss_OID desired_mech, 580 gss_buffer_t sasl_mech_name, 581 gss_buffer_t mech_name, 582 gss_buffer_t mech_description) __OSX_AVAILABLE_STARTING(__MAC_10_10, __IPHONE_8_0); 583 584GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 585gss_inquire_sec_context_by_oid ( 586 OM_uint32 *minor_status, 587 const gss_ctx_id_t context_handle, 588 const gss_OID desired_object, 589 gss_buffer_set_t *data_set) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 590 591/** 592 * Iterate over all credentials 593 * 594 * @param min_stat set to minor status in case of an error 595 * @param flags flags argument, no flags currently defined, pass in 0 (zero) 596 * @param mech the mechanism type of credentials to iterate over, by passing in GSS_C_NO_OID, the function will iterate over all credentails 597 * @param useriter block that will be called on each gss_cred_id_t, when NULL is passed the list is completed. Must free the credential with gss_release_cred(). 598 * 599 * @ingroup gssapi 600 */ 601 602#ifdef __BLOCKS__ 603OM_uint32 GSSAPI_LIB_FUNCTION 604gss_iter_creds ( 605 OM_uint32 *min_stat, 606 OM_uint32 flags, 607 gss_const_OID mech, 608 void (^useriter)(gss_iter_OID, gss_cred_id_t)) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 609#endif /* __BLOCKS__ */ 610 611/** 612 * Iterate over all credentials 613 * 614 * @param min_stat set to minor status in case of an error 615 * @param flags flags argument, no flags currently defined, pass in 0 (zero) 616 * @param mech the mechanism type of credentials to iterate over, by passing in GSS_C_NO_OID, the function will iterate over all credentails 617 * @param userctx user context passed to the useriter funcion 618 * @param useriter function that will be called on each gss_cred_id_t, when NULL is passed the list is completed. Must free the credential with gss_release_cred(). 619 * 620 * @ingroup gssapi 621 */ 622 623OM_uint32 GSSAPI_LIB_FUNCTION 624gss_iter_creds_f ( 625 OM_uint32 *min_stat, 626 OM_uint32 flags, 627 gss_const_OID mech, 628 void * userctx, 629 void (*useriter)(void *, gss_iter_OID, gss_cred_id_t)) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 630 631GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 632gss_krb5_ccache_name ( 633 OM_uint32 *minor_status, 634 const char *name, 635 const char **out_name) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 636 637GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 638gss_krb5_copy_ccache ( 639 OM_uint32 *minor_status, 640 gss_cred_id_t cred, 641 struct krb5_ccache_data *out) __OSX_AVAILABLE_BUT_DEPRECATED_MSG(__MAC_10_7, __MAC_10_9, __IPHONE_5_0, __IPHONE_7_0, "Use gss_export_cred"); 642 643GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 644gss_krb5_export_lucid_sec_context ( 645 OM_uint32 *minor_status, 646 gss_ctx_id_t *context_handle, 647 OM_uint32 version, 648 void **rctx) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 649 650GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 651gss_krb5_free_lucid_sec_context ( 652 OM_uint32 *minor_status, 653 void *c) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 654 655GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 656gss_krb5_set_allowable_enctypes ( 657 OM_uint32 *minor_status, 658 gss_cred_id_t cred, 659 OM_uint32 num_enctypes, 660 int32_t *enctypes) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 661 662/** 663 * Compare two GSS-API OIDs with each other. 664 * 665 * GSS_C_NO_OID matches nothing, not even it-self. 666 * 667 * @param a first oid to compare 668 * @param b second oid to compare 669 * 670 * @return non-zero when both oid are the same OID, zero when they are 671 * not the same. 672 * 673 * @ingroup gssapi 674 */ 675 676GSSAPI_LIB_FUNCTION int GSSAPI_LIB_CALL 677gss_oid_equal ( 678 gss_const_OID a, 679 gss_const_OID b) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 680 681/** 682 * Turn an mech OID into an name 683 * 684 * Try to turn a OID into a mechanism name. If a matching OID can't be 685 * found, this function will return NULL. 686 * 687 * The caller must free the oid_str buffer with gss_release_buffer() 688 * when done with the string. 689 * 690 * @param minor_status an minor status code 691 * @param oid an oid 692 * @param oid_str buffer that will point to a NUL terminated string that is the numreric OID 693 * 694 * @returns a gss major status code 695 * 696 * @ingroup gssapi 697 */ 698 699GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 700gss_oid_to_str ( 701 OM_uint32 *minor_status, 702 gss_OID oid, 703 gss_buffer_t oid_str) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 704 705GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 706gss_process_context_token ( 707 OM_uint32 *minor_status, 708 const gss_ctx_id_t context_handle, 709 const gss_buffer_t token_buffer) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 710 711GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 712gss_pseudo_random ( 713 OM_uint32 *minor_status, 714 gss_ctx_id_t context, 715 int prf_key, 716 const gss_buffer_t prf_in, 717 ssize_t desired_output_len, 718 gss_buffer_t prf_out) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 719 720GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 721gss_release_buffer ( 722 OM_uint32 *minor_status, 723 gss_buffer_t buffer) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 724 725GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 726gss_release_buffer_set ( 727 OM_uint32 * minor_status, 728 gss_buffer_set_t *buffer_set) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 729 730/** 731 * Release a credentials 732 * 733 * Its ok to release the GSS_C_NO_CREDENTIAL/NULL credential, it will 734 * return a GSS_S_COMPLETE error code. On return cred_handle is set ot 735 * GSS_C_NO_CREDENTIAL. 736 * 737 * Example: 738 * 739 * @code 740 * gss_cred_id_t cred = GSS_C_NO_CREDENTIAL; 741 * major = gss_release_cred(&minor, &cred); 742 * @endcode 743 * 744 * @param minor_status minor status return code, mech specific 745 * @param cred_handle a pointer to the credential too release 746 * 747 * @return an gssapi error code 748 * 749 * @ingroup gssapi 750 */ 751 752GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 753gss_release_cred ( 754 OM_uint32 *minor_status, 755 gss_cred_id_t *cred_handle) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 756 757/** 758 * Free a name 759 * 760 * import_name can point to NULL or be NULL, or a pointer to a 761 * gss_name_t structure. If it was a pointer to gss_name_t, the 762 * pointer will be set to NULL on success and failure. 763 * 764 * @param minor_status minor status code 765 * @param input_name name to free 766 * 767 * @returns a gss_error code, see gss_display_status() about printing 768 * the error code. 769 * 770 * @ingroup gssapi 771 */ 772 773GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 774gss_release_name ( 775 OM_uint32 *minor_status, 776 gss_name_t *input_name) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 777 778/** 779 * Release a gss_OID 780 * 781 * This function should never be used, this is since many of the 782 * gss_OID objects passed around are stack and data objected that are 783 * not free-able. 784 * 785 * The function tries to find internal OIDs that are static and avoid 786 * trying to free them. 787 * 788 * One could guess that gss_name_to_oid() might return an allocated 789 * OID. In this implementation it wont, so there is no need to call 790 * gss_release_oid(). 791 * 792 * @param minor_status minor status code returned 793 * @param oid oid to be released/freed. 794 * 795 * @returns GSS major status code 796 * 797 * @ingroup gssapi 798 */ 799 800GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 801gss_release_oid ( 802 OM_uint32 *minor_status, 803 gss_OID *oid) __OSX_AVAILABLE_BUT_DEPRECATED_MSG(__MAC_10_7, __MAC_10_9, __IPHONE_5_0, __IPHONE_7_0, "Not standardised and not safe to call for most gss_OIDs"); 804 805GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 806gss_release_oid_set ( 807 OM_uint32 *minor_status, 808 gss_OID_set *set) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 809 810GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 811gss_seal ( 812 OM_uint32 *minor_status, 813 gss_ctx_id_t context_handle, 814 int conf_req_flag, 815 int qop_req, 816 gss_buffer_t input_message_buffer, 817 int *conf_state, 818 gss_buffer_t output_message_buffer) __OSX_AVAILABLE_BUT_DEPRECATED_MSG(__MAC_10_7, __MAC_10_9, __IPHONE_5_0, __IPHONE_7_0, "Use gss_wrap"); 819 820GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 821gss_set_cred_option ( 822 OM_uint32 *minor_status, 823 gss_cred_id_t *cred_handle, 824 const gss_OID object, 825 const gss_buffer_t value) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 826 827GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 828gss_set_sec_context_option ( 829 OM_uint32 *minor_status, 830 gss_ctx_id_t *context_handle, 831 const gss_OID object, 832 const gss_buffer_t value) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 833 834GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 835gss_sign ( 836 OM_uint32 *minor_status, 837 gss_ctx_id_t context_handle, 838 int qop_req, 839 gss_buffer_t message_buffer, 840 gss_buffer_t message_token) __OSX_AVAILABLE_BUT_DEPRECATED_MSG(__MAC_10_7, __MAC_10_9, __IPHONE_5_0, __IPHONE_7_0, "Use gss_get_mic"); 841 842GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 843gss_test_oid_set_member ( 844 OM_uint32 *minor_status, 845 gss_const_OID member, 846 const gss_OID_set set, 847 int *present) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 848 849GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 850gss_unseal ( 851 OM_uint32 *minor_status, 852 gss_ctx_id_t context_handle, 853 gss_buffer_t input_message_buffer, 854 gss_buffer_t output_message_buffer, 855 int *conf_state, 856 int *qop_state) __OSX_AVAILABLE_BUT_DEPRECATED_MSG(__MAC_10_7, __MAC_10_9, __IPHONE_5_0, __IPHONE_7_0, "Use gss_unwrap"); 857 858GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 859gss_unwrap ( 860 OM_uint32 *minor_status, 861 const gss_ctx_id_t context_handle, 862 const gss_buffer_t input_message_buffer, 863 gss_buffer_t output_message_buffer, 864 int *conf_state, 865 gss_qop_t *qop_state) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 866 867GSSAPI_LIB_FUNCTION int GSSAPI_LIB_CALL 868gss_userok ( 869 const gss_name_t name, 870 const char *user) __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0); 871 872GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 873gss_verify ( 874 OM_uint32 *minor_status, 875 gss_ctx_id_t context_handle, 876 gss_buffer_t message_buffer, 877 gss_buffer_t token_buffer, 878 int *qop_state) __OSX_AVAILABLE_BUT_DEPRECATED_MSG(__MAC_10_7, __MAC_10_9, __IPHONE_5_0, __IPHONE_7_0, "Use gss_verify_mic"); 879 880GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 881gss_verify_mic ( 882 OM_uint32 *minor_status, 883 const gss_ctx_id_t context_handle, 884 const gss_buffer_t message_buffer, 885 const gss_buffer_t token_buffer, 886 gss_qop_t *qop_state) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 887 888/** 889 * Wrap a message using either confidentiality (encryption + 890 * signature) or sealing (signature). 891 * 892 * @param minor_status minor status code. 893 * @param context_handle context handle. 894 * @param conf_req_flag if non zero, confidentiality is requestd. 895 * @param qop_req type of protection needed, in most cases it GSS_C_QOP_DEFAULT should be passed in. 896 * @param input_message_buffer messages to wrap 897 * @param conf_state returns non zero if confidentiality was honoured. 898 * @param output_message_buffer the resulting buffer, release with gss_release_buffer(). 899 * 900 * @ingroup gssapi 901 */ 902 903GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 904gss_wrap ( 905 OM_uint32 *minor_status, 906 const gss_ctx_id_t context_handle, 907 int conf_req_flag, 908 gss_qop_t qop_req, 909 const gss_buffer_t input_message_buffer, 910 int *conf_state, 911 gss_buffer_t output_message_buffer) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 912 913GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 914gss_wrap_size_limit ( 915 OM_uint32 *minor_status, 916 const gss_ctx_id_t context_handle, 917 int conf_req_flag, 918 gss_qop_t qop_req, 919 OM_uint32 req_output_size, 920 OM_uint32 *max_input_size) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 921 922GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 923gsskrb5_extract_authz_data_from_sec_context ( 924 OM_uint32 *minor_status, 925 gss_ctx_id_t context_handle, 926 int ad_type, 927 gss_buffer_t ad_data) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 928 929GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 930gsskrb5_register_acceptor_identity (const char *identity) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 931 932GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL 933krb5_gss_register_acceptor_identity (const char *identity) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 934 935#ifdef __cplusplus 936} 937#endif 938 939#endif /* __gssapi_protos_h__ */ 940