kcmd.h revision 6536:5f08fe7feaf4 
1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22/*
23 * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
24 * Use is subject to license terms.
25 */
26
27#ifndef	_KCMD_H
28#define	_KCMD_H
29
30#pragma ident	"%Z%%M%	%I%	%E% SMI"
31
32#ifdef	__cplusplus
33extern "C" {
34#endif
35
36#define	OPTS_FORWARD_CREDS		0x00000002
37#define	OPTS_FORWARDABLE_CREDS		0x00000001
38
39#define	SERVER	0
40#define	CLIENT	1
41
42enum kcmd_proto {
43	/*
44	 * Old protocol: DES encryption only.  No subkeys.
45	 * No protection for cleartext length.  No ivec supplied.
46	 * OOB hacks used for rlogin.  Checksum may be omitted at
47	 * connection startup.
48	 */
49	KCMD_OLD_PROTOCOL = 1,
50	/*
51	 * New protocol: Any encryption scheme.  Client-generated
52	 * subkey required.  Prepend cleartext-length to cleartext
53	 * data (but don't include it in count).  Starting ivec defined,
54	 * chained.  In-band signalling.  Checksum required.
55	 */
56	KCMD_NEW_PROTOCOL,
57
58	/*
59	 * Hack: Get credentials, and use the old protocol iff the session
60	 * key type is single-DES.
61	 */
62	KCMD_PROTOCOL_COMPAT_HACK,
63	/* Using Kerberos version 4.  */
64	KCMD_V4_PROTOCOL,
65	KCMD_UNKNOWN_PROTOCOL
66};
67
68#define	SOCK_FAMILY(ss) ((ss).ss_family)
69
70#define	SOCK_PORT(ss) ((ss).ss_family == AF_INET6 ? \
71((struct sockaddr_in6 *)&(ss))->sin6_port : \
72((struct sockaddr_in *)&(ss))->sin_port)
73
74#define	SOCK_ADDR(ss) ((ss).ss_family == AF_INET6 ? \
75(void *)&((struct sockaddr_in6 *)&(ss))->sin6_addr : \
76(void *)&((struct sockaddr_in *)&(ss))->sin_addr)
77
78#define	SET_SOCK_FAMILY(ss, family) (SOCK_FAMILY(ss) = (family))
79
80#define	SET_SOCK_PORT(ss, port) \
81	((ss).ss_family == AF_INET6 ? \
82	(((struct sockaddr_in6 *)&(ss))->sin6_port = (port)) : \
83	(((struct sockaddr_in *)&(ss))->sin_port = (port)))
84
85#define	SET_SOCK_ADDR4(ss, addr) ((void)(sock_set_inaddr(&(ss), (addr))))
86
87#define	SET_SOCK_ADDR_ANY(ss) \
88	((void) ((ss).ss_family == AF_INET6 ? \
89	(void) (((struct sockaddr_in6 *)&(ss))->sin6_addr = in6addr_any) : \
90	(void) (((struct sockaddr_in *)&(ss))->sin_addr.s_addr = \
91	htonl(INADDR_ANY))))
92
93/*
94 * Prototypes for functions in 'kcmd.c'
95 */
96char *strsave(char *sp);
97
98int kcmd(int *sock, char **ahost, ushort_t rport, char *locuser,
99	char *remuser, char *cmd, int *fd2p, char *service, char *realm,
100	krb5_context bsd_context, krb5_auth_context *authconp,
101	krb5_creds **cred, krb5_int32 *seqno, krb5_int32 *server_seqno,
102	krb5_flags authopts,
103	int anyport, enum kcmd_proto *kcmd_proto);
104
105void init_encrypt(int, krb5_context, enum kcmd_proto,
106			krb5_data *, krb5_data *,
107			int, krb5_encrypt_block *);
108
109int desread(int, char *, int, int);
110int deswrite(int, char *, int, int);
111
112#ifdef	__cplusplus
113}
114#endif
115
116#endif /* _KCMD_H */
117