1/* This is a generated file */ 2#ifndef __gssapi_apple_h__ 3#define __gssapi_apple_h__ 4 5#include <stdarg.h> 6 7#ifdef __cplusplus 8extern "C" { 9#endif 10 11#ifndef GSS_LIB 12#ifndef GSS_LIB_FUNCTION 13#if defined(_WIN32) 14#define GSS_LIB_FUNCTION __declspec(dllimport) 15#define GSS_LIB_CALL __stdcall 16#define GSS_LIB_VARIABLE __declspec(dllimport) 17#else 18#define GSS_LIB_FUNCTION 19#define GSS_LIB_CALL 20#define GSS_LIB_VARIABLE 21#endif 22#endif 23#endif 24/** 25 * Returns a GSS credential for a given UUID if the credential exists. 26 * 27 * @param uuid the UUID of the credential to fetch 28 * 29 * @returns a gss_cred_id_t, normal CoreFoundaton rules for rules 30 * applies so the CFUUIDRef needs to be released with either CFRelease() or gss_release_name(). 31 * 32 * @ingroup gssapi 33 */ 34gss_cred_id_t GSSAPI_LIB_FUNCTION 35GSSCreateCredentialFromUUID (CFUUIDRef /*uuid*/) __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0); 36 37/** 38 * Create a GSS name from a buffer and type. 39 * 40 * @param name name buffer describing a credential, can be either a CFDataRef or CFStringRef of a name. 41 * @param name_type on OID of the GSS_C_NT_* OIDs constants specifiy the name type. 42 * @param error if an error happen, this may be set to a CFErrorRef describing the failure futher. 43 * 44 * @returns returns gss_name_t or NULL on failure. Must be freed using gss_release_name() or CFRelease(). Follows CoreFoundation Create/Copy rule. 45 * 46 * @ingroup gssapi 47 */ 48gss_name_t 49GSSCreateName ( 50 CFTypeRef /*name*/, 51 gss_const_OID /*name_type*/, 52 CFErrorRef */*error*/) __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0); 53 54/** 55 * Copy the name describing the credential 56 * 57 * @param cred the credential to get the name from 58 * 59 * @returns returns gss_name_t or NULL on failure. Must be freed using gss_release_name() or CFRelease(). Follows CoreFoundation Create/Copy rule. 60 * 61 * @ingroup gssapi 62 */ 63gss_name_t 64GSSCredentialCopyName (gss_cred_id_t /*cred*/) __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0); 65 66/** 67 * Returns a copy of the UUID of the GSS credential 68 * 69 * @param credential credential 70 * 71 * @returns CFUUIDRef that can be used to turn into a credential, 72 * normal CoreFoundaton rules for rules applies so the CFUUIDRef needs 73 * to be released. 74 * 75 * @ingroup gssapi 76 */ 77CFUUIDRef 78GSSCredentialCopyUUID (gss_cred_id_t /*cred*/) __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0); 79 80/** 81 * Return the lifetime (in seconds) left of the credential. 82 * 83 * @param cred the credential to get the name from 84 * 85 * @returns the lifetime of the credentials. 0 on failure and 86 * GSS_C_INDEFINITE on credentials that never expire. 87 * 88 * @ingroup gssapi 89 */ 90OM_uint32 91GSSCredentialGetLifetime (gss_cred_id_t /*cred*/) __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0); 92 93/** 94 * Returns a string that is suitable for displaying to user, must not 95 * be used for verify subjects on an ACLs. 96 * 97 * @param name to get a display strings from 98 * 99 * @returns a string that is printable. Follows CoreFoundation Create/Copy rule. 100 * 101 * @ingroup gssapi 102 */ 103CFStringRef 104GSSNameCreateDisplayString (gss_name_t /*name*/) __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0); 105 106/** 107 * The credential can be validated by adding kGSSICVerifyCredential to the attributes with any value. 108 */ 109OM_uint32 GSSAPI_LIB_FUNCTION 110gss_aapl_change_password ( 111 const gss_name_t /*name*/, 112 gss_const_OID /*mech*/, 113 CFDictionaryRef /*attributes*/, 114 CFErrorRef */*error*/) __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_6_0); 115 116/** 117 * Acquire a new initial credentials using long term credentials (password, certificate). 118 * 119 * Credentials acquired should be free-ed with gss_release_cred() or 120 * destroyed with (removed from storage) gss_destroy_cred(). 121 * 122 * Some mechanism types can not directly acquire or validate 123 * credential (for example PK-U2U, SCRAM, NTLM or IAKERB), for those 124 * mechanisms its instead the gss_init_sec_context() that will either acquire or 125 * force validation of the credential. 126 * 127 * This function is blocking and should not be used on threads used for UI updates. 128 * 129 * @param desired_name name to use to acquire credential. Import the name using gss_import_name(). The type of the name has to be supported by the desired_mech used. 130 * 131 * @param mech mechanism to use to acquire credential. GSS_C_NO_OID is not valid input and a mechanism must be selected. For example GSS_KRB5_MECHANISM, GSS_NTLM_MECHNISM or any other mechanisms supported by the implementation. See gss_indicate_mechs(). 132 * 133 * @param attributes CFDictionary that contains how to acquire the credential, see below for examples 134 * 135 * @param output_cred_handle the resulting credential handle, value is set to GSS_C_NO_CREDENTIAL on failure. 136 * 137 * @param error an CFErrorRef returned in case of an error, that needs to be released with CFRelease() by the caller, input can be NULL. 138 * 139 * @returns a gss_error code, see the CFErrorRef passed back in error for the failure message. 140 * 141 * attributes must contains one of the following keys 142 * * kGSSICPassword - CFStringRef password 143 * * kGSSICCertificate - SecIdentityRef to the certificate to use with PKINIT/PKU2U 144 * 145 * optional keys 146 * * kGSSCredentialUsage - one of kGSS_C_INITIATE, kGSS_C_ACCEPT, kGSS_C_BOTH, default if not given is kGSS_C_INITIATE 147 * * kGSSICVerifyCredential - validate the credential with a trusted source that there was no MITM 148 * * kGSSICLKDCHostname - CFStringRef hostname of LKDC hostname 149 * * kGSSICKerberosCacheName - CFStringRef name of cache that will be created (including type) 150 * * kGSSICAppIdentifierACL - CFArrayRef[CFStringRef] prefix of bundle ID allowed to access this credential 151 * 152 * 153 * 154 * @ingroup gssapi 155 */ 156OM_uint32 GSSAPI_LIB_FUNCTION 157gss_aapl_initial_cred ( 158 const gss_name_t /*desired_name*/, 159 gss_const_OID /*desired_mech*/, 160 CFDictionaryRef /*attributes*/, 161 gss_cred_id_t * /*output_cred_handle*/, 162 CFErrorRef */*error*/) __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0); 163 164#ifdef __cplusplus 165} 166#endif 167 168#endif /* __gssapi_apple_h__ */ 169