1/* 2 * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6/* 7 * Copyright 1993 by OpenVision Technologies, Inc. 8 * 9 * Permission to use, copy, modify, distribute, and sell this software 10 * and its documentation for any purpose is hereby granted without fee, 11 * provided that the above copyright notice appears in all copies and 12 * that both that copyright notice and this permission notice appear in 13 * supporting documentation, and that the name of OpenVision not be used 14 * in advertising or publicity pertaining to distribution of the software 15 * without specific, written prior permission. OpenVision makes no 16 * representations about the suitability of this software for any 17 * purpose. It is provided "as is" without express or implied warranty. 18 * 19 * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, 20 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO 21 * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR 22 * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF 23 * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR 24 * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 25 * PERFORMANCE OF THIS SOFTWARE. 26 */ 27 28#ifndef _GSSAPI_H_ 29#define _GSSAPI_H_ 30 31#pragma ident "%Z%%M% %I% %E% SMI" 32 33#ifdef __cplusplus 34extern "C" { 35#endif 36 37 38/* 39 * First, include sys/types.h to get size_t defined. 40 */ 41#include <sys/types.h> 42 43/* 44 * If the platform supports the xom.h header file, it should be 45 * included here. 46 */ 47#ifdef HAVE_XOM_H 48#include <xom.h> 49#endif 50 51/* 52 * Now define the three implementation-dependent types. 53 */ 54struct gss_ctx_id; 55struct gss_cred_id; 56struct gss_name; 57 58typedef struct gss_ctx_id *gss_ctx_id_t; 59typedef struct gss_cred_id *gss_cred_id_t; 60typedef struct gss_name *gss_name_t; 61 62/* 63 * The following type must be defined as the smallest natural 64 * unsigned integer supported by the platform that has at least 65 * 32 bits of precision. 66 */ 67typedef unsigned int gss_uint32; 68typedef int gss_int32; 69 70 71#ifdef OM_STRING 72/* 73 * We have included the xom.h header file. Verify that OM_uint32 74 * is defined correctly. 75 */ 76 77#if sizeof (gss_uint32) != sizeof (OM_uint32) 78#error Incompatible definition of OM_uint32 from xom.h 79#endif 80 81typedef OM_object_identifier gss_OID_desc, *gss_OID; 82 83#else 84 85 86 87/* 88 * We can't use X/Open definitions, so roll our own. 89 */ 90 91typedef gss_uint32 OM_uint32; 92 93typedef struct gss_OID_desc_struct { 94 OM_uint32 length; 95 void*elements; 96} gss_OID_desc, *gss_OID; 97 98#endif 99 100typedef struct gss_OID_set_desc_struct { 101 size_t count; 102 gss_OID elements; 103} gss_OID_set_desc, *gss_OID_set; 104 105#ifdef _SYSCALL32 106typedef struct gss_OID_desc_struct32 { 107 OM_uint32 length; 108 caddr32_t elements; 109} gss_OID_desc32, *gss_OID32; 110#endif /* _SYSCALL32 */ 111 112typedef struct gss_buffer_desc_struct { 113 size_t length; 114 void *value; 115} gss_buffer_desc, *gss_buffer_t; 116 117typedef struct gss_channel_bindings_struct { 118 OM_uint32 initiator_addrtype; 119 gss_buffer_desc initiator_address; 120 OM_uint32 acceptor_addrtype; 121 gss_buffer_desc acceptor_address; 122 gss_buffer_desc application_data; 123} *gss_channel_bindings_t; 124 125/* 126 * For now, define a QOP-type as an OM_uint32 127 */ 128typedef OM_uint32 gss_qop_t; 129typedef int gss_cred_usage_t; 130 131/* 132 * Flag bits for context-level services. 133 */ 134#define GSS_C_DELEG_FLAG 1 135#define GSS_C_MUTUAL_FLAG 2 136#define GSS_C_REPLAY_FLAG 4 137#define GSS_C_SEQUENCE_FLAG 8 138#define GSS_C_CONF_FLAG 16 139#define GSS_C_INTEG_FLAG 32 140#define GSS_C_ANON_FLAG 64 141#define GSS_C_PROT_READY_FLAG 128 142#define GSS_C_TRANS_FLAG 256 143 144/* 145 * Credential usage options 146 */ 147#define GSS_C_BOTH 0 148#define GSS_C_INITIATE 1 149#define GSS_C_ACCEPT 2 150 151/* 152 * Status code types for gss_display_status 153 */ 154#define GSS_C_GSS_CODE 1 155#define GSS_C_MECH_CODE 2 156 157/* 158 * The constant definitions for channel-bindings address families 159 */ 160#define GSS_C_AF_UNSPEC 0 161#define GSS_C_AF_LOCAL 1 162#define GSS_C_AF_INET 2 163#define GSS_C_AF_IMPLINK 3 164#define GSS_C_AF_PUP 4 165#define GSS_C_AF_CHAOS 5 166#define GSS_C_AF_NS 6 167#define GSS_C_AF_NBS 7 168#define GSS_C_AF_ECMA 8 169#define GSS_C_AF_DATAKIT 9 170#define GSS_C_AF_CCITT 10 171#define GSS_C_AF_SNA 11 172#define GSS_C_AF_DECnet 12 173#define GSS_C_AF_DLI 13 174#define GSS_C_AF_LAT 14 175#define GSS_C_AF_HYLINK 15 176#define GSS_C_AF_APPLETALK 16 177#define GSS_C_AF_BSC 17 178#define GSS_C_AF_DSS 18 179#define GSS_C_AF_OSI 19 180#define GSS_C_AF_X25 21 181 182#define GSS_C_AF_NULLADDR 255 183 184/* 185 * Various Null values 186 */ 187#define GSS_C_NO_NAME ((gss_name_t) 0) 188#define GSS_C_NO_BUFFER ((gss_buffer_t) 0) 189#define GSS_C_NO_OID ((gss_OID) 0) 190#define GSS_C_NO_OID_SET ((gss_OID_set) 0) 191#define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0) 192#define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0) 193#define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0) 194#define GSS_C_EMPTY_BUFFER {0, NULL} 195 196/* 197 * Some alternate names for a couple of the above 198 * values. These are defined for V1 compatibility. 199 */ 200#define GSS_C_NULL_OID GSS_C_NO_OID 201#define GSS_C_NULL_OID_SET GSS_C_NO_OID_SET 202 203/* 204 * Define the default Quality of Protection for per-message 205 * services. Note that an implementation that offers multiple 206 * levels of QOP may define GSS_C_QOP_DEFAULT to be either zero 207 * (as done here) to mean "default protection", or to a specific 208 * explicit QOP value. However, a value of 0 should always be 209 * interpreted by a GSSAPI implementation as a request for the 210 * default protection level. 211 */ 212#define GSS_C_QOP_DEFAULT 0 213 214/* 215 * Expiration time of 2^32-1 seconds means infinite lifetime for a 216 * credential or security context 217 */ 218#define GSS_C_INDEFINITE ((OM_uint32) 0xfffffffful) 219 220/* 221 * The implementation must reserve static storage for a 222 * gss_OID_desc object containing the value 223 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 224 * "\x01\x02\x01\x01"}, 225 * corresponding to an object-identifier value of 226 * {iso(1) member-body(2) United States(840) mit(113554) 227 * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant 228 * GSS_C_NT_USER_NAME should be initialized to point 229 * to that gss_OID_desc. 230 */ 231extern const gss_OID GSS_C_NT_USER_NAME; 232 233/* 234 * The implementation must reserve static storage for a 235 * gss_OID_desc object containing the value 236 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 237 * "\x01\x02\x01\x02"}, 238 * corresponding to an object-identifier value of 239 * {iso(1) member-body(2) United States(840) mit(113554) 240 * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}. 241 * The constant GSS_C_NT_MACHINE_UID_NAME should be 242 * initialized to point to that gss_OID_desc. 243 */ 244extern const gss_OID GSS_C_NT_MACHINE_UID_NAME; 245 246/* 247 * The implementation must reserve static storage for a 248 * gss_OID_desc object containing the value 249 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 250 * "\x01\x02\x01\x03"}, 251 * corresponding to an object-identifier value of 252 * {iso(1) member-body(2) United States(840) mit(113554) 253 * infosys(1) gssapi(2) generic(1) string_uid_name(3)}. 254 * The constant GSS_C_NT_STRING_UID_NAME should be 255 * initialized to point to that gss_OID_desc. 256 */ 257extern const gss_OID GSS_C_NT_STRING_UID_NAME; 258 259/* 260 * The implementation must reserve static storage for a 261 * gss_OID_desc object containing the value 262 * {6, (void *)"\x2b\x06\x01\x05\x06\x02"}, 263 * corresponding to an object-identifier value of 264 * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 265 * 6(nametypes), 2(gss-host-based-services)}. The constant 266 * GSS_C_NT_HOSTBASED_SERVICE should be initialized to point 267 * to that gss_OID_desc. 268 */ 269extern const gss_OID GSS_C_NT_HOSTBASED_SERVICE; 270 271/* 272 * The implementation must reserve static storage for a 273 * gss_OID_desc object containing the value 274 * {6, (void *)"\x2b\x06\01\x05\x06\x03"}, 275 * corresponding to an object identifier value of 276 * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 277 * 6(nametypes), 3(gss-anonymous-name)}. The constant 278 * and GSS_C_NT_ANONYMOUS should be initialized to point 279 * to that gss_OID_desc. 280 */ 281extern const gss_OID GSS_C_NT_ANONYMOUS; 282 283/* 284 * The implementation must reserve static storage for a 285 * gss_OID_desc object containing the value 286 * {6, (void *)"\x2b\x06\x01\x05\x06\x04"}, 287 * corresponding to an object-identifier value of 288 * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 289 * 6(nametypes), 4(gss-api-exported-name)}. The constant 290 * GSS_C_NT_EXPORT_NAME should be initialized to point 291 * to that gss_OID_desc. 292 */ 293extern const gss_OID GSS_C_NT_EXPORT_NAME; 294 295 296/* Major status codes */ 297 298#define GSS_S_COMPLETE 0 299 300/* 301 * Some "helper" definitions to make the status code macros obvious. 302 */ 303#define GSS_C_CALLING_ERROR_OFFSET 24 304#define GSS_C_ROUTINE_ERROR_OFFSET 16 305#define GSS_C_SUPPLEMENTARY_OFFSET 0 306#define GSS_C_CALLING_ERROR_MASK ((OM_uint32) 0377ul) 307#define GSS_C_ROUTINE_ERROR_MASK ((OM_uint32) 0377ul) 308#define GSS_C_SUPPLEMENTARY_MASK ((OM_uint32) 0177777ul) 309 310/* 311 * The macros that test status codes for error conditions. 312 * Note that the GSS_ERROR() macro has changed slightly from 313 * the V1 GSSAPI so that it now evaluates its argument 314 * only once. 315 */ 316#define GSS_CALLING_ERROR(x) \ 317 ((x) & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET)) 318#define GSS_ROUTINE_ERROR(x) \ 319 ((x) & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)) 320#define GSS_SUPPLEMENTARY_INFO(x) \ 321 ((x) & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET)) 322#define GSS_ERROR(x) \ 323 ((x) & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) | \ 324 (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))) 325 326/* 327 * Now the actual status code definitions 328 */ 329 330/* 331 * Calling errors: 332 */ 333#define GSS_S_CALL_INACCESSIBLE_READ \ 334 (((OM_uint32) 1ul) << GSS_C_CALLING_ERROR_OFFSET) 335#define GSS_S_CALL_INACCESSIBLE_WRITE \ 336 (((OM_uint32) 2ul) << GSS_C_CALLING_ERROR_OFFSET) 337#define GSS_S_CALL_BAD_STRUCTURE \ 338 (((OM_uint32) 3ul) << GSS_C_CALLING_ERROR_OFFSET) 339 340/* 341 * Routine errors: 342 */ 343#define GSS_S_BAD_MECH (((OM_uint32) 1ul) << GSS_C_ROUTINE_ERROR_OFFSET) 344#define GSS_S_BAD_NAME (((OM_uint32) 2ul) << GSS_C_ROUTINE_ERROR_OFFSET) 345#define GSS_S_BAD_NAMETYPE (((OM_uint32) 3ul) << GSS_C_ROUTINE_ERROR_OFFSET) 346#define GSS_S_BAD_BINDINGS (((OM_uint32) 4ul) << GSS_C_ROUTINE_ERROR_OFFSET) 347#define GSS_S_BAD_STATUS (((OM_uint32) 5ul) << GSS_C_ROUTINE_ERROR_OFFSET) 348#define GSS_S_BAD_SIG (((OM_uint32) 6ul) << GSS_C_ROUTINE_ERROR_OFFSET) 349#define GSS_S_BAD_MIC GSS_S_BAD_SIG 350#define GSS_S_NO_CRED (((OM_uint32) 7ul) << GSS_C_ROUTINE_ERROR_OFFSET) 351#define GSS_S_NO_CONTEXT (((OM_uint32) 8ul) << GSS_C_ROUTINE_ERROR_OFFSET) 352#define GSS_S_DEFECTIVE_TOKEN (((OM_uint32) 9ul) << GSS_C_ROUTINE_ERROR_OFFSET) 353#define GSS_S_DEFECTIVE_CREDENTIAL \ 354 (((OM_uint32) 10ul) << GSS_C_ROUTINE_ERROR_OFFSET) 355#define GSS_S_CREDENTIALS_EXPIRED \ 356 (((OM_uint32) 11ul) << GSS_C_ROUTINE_ERROR_OFFSET) 357#define GSS_S_CONTEXT_EXPIRED \ 358 (((OM_uint32) 12ul) << GSS_C_ROUTINE_ERROR_OFFSET) 359#define GSS_S_FAILURE (((OM_uint32) 13ul) << GSS_C_ROUTINE_ERROR_OFFSET) 360#define GSS_S_BAD_QOP (((OM_uint32) 14ul) << GSS_C_ROUTINE_ERROR_OFFSET) 361#define GSS_S_UNAUTHORIZED (((OM_uint32) 15ul) << GSS_C_ROUTINE_ERROR_OFFSET) 362#define GSS_S_UNAVAILABLE (((OM_uint32) 16ul) << GSS_C_ROUTINE_ERROR_OFFSET) 363#define GSS_S_DUPLICATE_ELEMENT \ 364 (((OM_uint32) 17ul) << GSS_C_ROUTINE_ERROR_OFFSET) 365#define GSS_S_NAME_NOT_MN (((OM_uint32) 18ul) << GSS_C_ROUTINE_ERROR_OFFSET) 366 367/* 368 * Supplementary info bits: 369 */ 370#define GSS_S_CONTINUE_NEEDED (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 0)) 371#define GSS_S_DUPLICATE_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 1)) 372#define GSS_S_OLD_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 2)) 373#define GSS_S_UNSEQ_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 3)) 374#define GSS_S_GAP_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 4)) 375 376 377/* 378 * Finally, function prototypes for the GSS-API routines. 379 */ 380 381OM_uint32 gss_acquire_cred( 382 OM_uint32 *, /* minor_status */ 383 const gss_name_t, /* desired_name */ 384 OM_uint32, /* time_req */ 385 const gss_OID_set, /* desired_mechs */ 386 gss_cred_usage_t, /* cred_usage */ 387 gss_cred_id_t *, /* output_cred_handle */ 388 gss_OID_set *, /* actual_mechs */ 389 OM_uint32 * /* time_rec */ 390); 391 392OM_uint32 gss_release_cred( 393 OM_uint32 *, /* minor_status */ 394 gss_cred_id_t * /* cred_handle */ 395); 396 397OM_uint32 gss_init_sec_context( 398 OM_uint32 *, /* minor_status */ 399 const gss_cred_id_t, /* initiator_cred_handle */ 400 gss_ctx_id_t *, /* context_handle */ 401 const gss_name_t, /* target_name */ 402 const gss_OID, /* mech_type */ 403 OM_uint32, /* req_flags */ 404 OM_uint32, /* time_req */ 405 gss_channel_bindings_t, /* input_chan_bindings */ 406 const gss_buffer_t, /* input_token */ 407 gss_OID *, /* actual_mech_type */ 408 gss_buffer_t, /* output_token */ 409 OM_uint32 *, /* ret_flags */ 410 OM_uint32 * /* time_rec */ 411); 412 413OM_uint32 gss_accept_sec_context( 414 OM_uint32 *, /* minor_status */ 415 gss_ctx_id_t *, /* context_handle */ 416 const gss_cred_id_t, /* acceptor_cred_handle */ 417 const gss_buffer_t, /* input_token_buffer */ 418 const gss_channel_bindings_t, /* input_chan_bindings */ 419 gss_name_t *, /* src_name */ 420 gss_OID *, /* mech_type */ 421 gss_buffer_t, /* output_token */ 422 OM_uint32 *, /* ret_flags */ 423 OM_uint32 *, /* time_rec */ 424 gss_cred_id_t * /* delegated_cred_handle */ 425); 426 427OM_uint32 gss_process_context_token( 428 OM_uint32 *, /* minor_status */ 429 const gss_ctx_id_t, /* context_handle */ 430 const gss_buffer_t /* token_buffer */ 431); 432 433OM_uint32 gss_delete_sec_context( 434 OM_uint32 *, /* minor_status */ 435 gss_ctx_id_t *, /* context_handle */ 436 gss_buffer_t /* output_token */ 437); 438 439OM_uint32 gss_context_time( 440 OM_uint32 *, /* minor_status */ 441 const gss_ctx_id_t, /* context_handle */ 442 OM_uint32 * /* time_rec */ 443); 444 445OM_uint32 gss_get_mic( 446 OM_uint32 *, /* minor_status */ 447 const gss_ctx_id_t, /* context_handle */ 448 gss_qop_t, /* qop_req */ 449 const gss_buffer_t, /* message_buffer */ 450 gss_buffer_t /* message_token */ 451); 452 453OM_uint32 gss_verify_mic( 454 OM_uint32 *, /* minor_status */ 455 const gss_ctx_id_t, /* context_handle */ 456 const gss_buffer_t, /* message_buffer */ 457 const gss_buffer_t, /* token_buffer */ 458 gss_qop_t * /* qop_state */ 459); 460 461OM_uint32 gss_wrap( 462 OM_uint32 *, /* minor_status */ 463 const gss_ctx_id_t, /* context_handle */ 464 int, /* conf_req_flag */ 465 gss_qop_t, /* qop_req */ 466 const gss_buffer_t, /* input_message_buffer */ 467 int *, /* conf_state */ 468 gss_buffer_t /* output_message_buffer */ 469); 470 471OM_uint32 gss_unwrap( 472 OM_uint32 *, /* minor_status */ 473 const gss_ctx_id_t, /* context_handle */ 474 const gss_buffer_t, /* input_message_buffer */ 475 gss_buffer_t, /* output_message_buffer */ 476 int *, /* conf_state */ 477 gss_qop_t * /* qop_state */ 478); 479 480OM_uint32 gss_display_status( 481 OM_uint32 *, /* minor_status */ 482 OM_uint32, /* status_value */ 483 int, /* status_type */ 484 const gss_OID, /* mech_type */ 485 OM_uint32 *, /* message_context */ 486 gss_buffer_t /* status_string */ 487); 488 489OM_uint32 gss_indicate_mechs( 490 OM_uint32 *, /* minor_status */ 491 gss_OID_set * /* mech_set */ 492); 493 494OM_uint32 gss_compare_name( 495 OM_uint32 *, /* minor_status */ 496 const gss_name_t, /* name1 */ 497 const gss_name_t, /* name2 */ 498 int * /* name_equal */ 499); 500 501OM_uint32 gss_display_name( 502 OM_uint32 *, /* minor_status */ 503 const gss_name_t, /* input_name */ 504 gss_buffer_t, /* output_name_buffer */ 505 gss_OID * /* output_name_type */ 506); 507 508OM_uint32 gss_import_name( 509 OM_uint32 *, /* minor_status */ 510 const gss_buffer_t, /* input_name_buffer */ 511 const gss_OID, /* input_name_type */ 512 gss_name_t * /* output_name */ 513); 514 515OM_uint32 gss_export_name( 516 OM_uint32 *, /* minor_status */ 517 const gss_name_t, /* input_name */ 518 gss_buffer_t /* exported_name */ 519); 520 521OM_uint32 gss_release_name( 522 OM_uint32 *, /* minor_status */ 523 gss_name_t * /* input_name */ 524); 525 526OM_uint32 gss_release_buffer( 527 OM_uint32 *, /* minor_status */ 528 gss_buffer_t /* buffer */ 529); 530 531OM_uint32 gss_release_oid_set( 532 OM_uint32 *, /* minor_status */ 533 gss_OID_set * /* set */ 534); 535 536OM_uint32 gss_inquire_cred( 537 OM_uint32 *, /* minor_status */ 538 const gss_cred_id_t, /* cred_handle */ 539 gss_name_t *, /* name */ 540 OM_uint32 *, /* lifetime */ 541 gss_cred_usage_t *, /* cred_usage */ 542 gss_OID_set * /* mechanisms */ 543); 544 545OM_uint32 gss_inquire_context( 546 OM_uint32 *, /* minor_status */ 547 const gss_ctx_id_t, /* context_handle */ 548 gss_name_t *, /* src_name */ 549 gss_name_t *, /* targ_name */ 550 OM_uint32 *, /* lifetime_rec */ 551 gss_OID *, /* mech_type */ 552 OM_uint32 *, /* ctx_flags */ 553 int *, /* locally_initiated */ 554 int * /* open */ 555); 556 557OM_uint32 gss_wrap_size_limit( 558 OM_uint32 *, /* minor_status */ 559 const gss_ctx_id_t, /* context_handle */ 560 int, /* conf_req_flag */ 561 gss_qop_t, /* qop_req */ 562 OM_uint32, /* req_output_size */ 563 OM_uint32 * /* max_input_size */ 564); 565 566OM_uint32 gss_add_cred( 567 OM_uint32 *, /* minor_status */ 568 const gss_cred_id_t, /* input_cred_handle */ 569 const gss_name_t, /* desired_name */ 570 const gss_OID, /* desired_mech */ 571 gss_cred_usage_t, /* cred_usage */ 572 OM_uint32, /* initiator_time_req */ 573 OM_uint32, /* acceptor_time_req */ 574 gss_cred_id_t *, /* output_cred_handle */ 575 gss_OID_set *, /* actual_mechs */ 576 OM_uint32 *, /* initiator_time_rec */ 577 OM_uint32 * /* acceptor_time_rec */ 578); 579 580OM_uint32 gss_store_cred( 581 OM_uint32 *, /* minor_status */ 582 const gss_cred_id_t, /* input_cred */ 583 gss_cred_usage_t, /* cred_usage */ 584 const gss_OID, /* desired_mech */ 585 OM_uint32, /* overwrite_cred */ 586 OM_uint32, /* default_cred */ 587 gss_OID_set *, /* elements_stored */ 588 gss_cred_usage_t * /* cred_usage_stored */ 589); 590 591OM_uint32 gss_inquire_cred_by_mech( 592 OM_uint32 *, /* minor_status */ 593 const gss_cred_id_t, /* cred_handle */ 594 const gss_OID, /* mech_type */ 595 gss_name_t *, /* name */ 596 OM_uint32 *, /* initiator_lifetime */ 597 OM_uint32 *, /* acceptor_lifetime */ 598 gss_cred_usage_t * /* cred_usage */ 599); 600 601OM_uint32 gss_export_sec_context( 602 OM_uint32 *, /* minor_status */ 603 gss_ctx_id_t *, /* context_handle */ 604 gss_buffer_t /* interprocess_token */ 605); 606 607OM_uint32 gss_import_sec_context( 608 OM_uint32 *, /* minor_status */ 609 const gss_buffer_t, /* interprocess_token */ 610 gss_ctx_id_t * /* context_handle */ 611); 612 613OM_uint32 gss_create_empty_oid_set( 614 OM_uint32 *, /* minor_status */ 615 gss_OID_set * /* oid_set */ 616); 617 618OM_uint32 gss_add_oid_set_member( 619 OM_uint32 *, /* minor_status */ 620 const gss_OID, /* member_oid */ 621 gss_OID_set * /* oid_set */ 622); 623 624OM_uint32 gss_test_oid_set_member( 625 OM_uint32 *, /* minor_status */ 626 const gss_OID, /* member */ 627 const gss_OID_set, /* set */ 628 int * /* present */ 629); 630 631OM_uint32 gss_inquire_names_for_mech( 632 OM_uint32 *, /* minor_status */ 633 const gss_OID, /* mechanism */ 634 gss_OID_set * /* name_types */ 635); 636 637OM_uint32 gss_inquire_mechs_for_name( 638 OM_uint32 *, /* minor_status */ 639 const gss_name_t, /* input_name */ 640 gss_OID_set * /* mech_types */ 641); 642 643OM_uint32 gss_canonicalize_name( 644 OM_uint32 *, /* minor_status */ 645 const gss_name_t, /* input_name */ 646 const gss_OID, /* mech_type */ 647 gss_name_t * /* output_name */ 648); 649 650OM_uint32 gss_duplicate_name( 651 OM_uint32 *, /* minor_status */ 652 const gss_name_t, /* src_name */ 653 gss_name_t * /* dest_name */ 654); 655 656 657OM_uint32 gss_release_oid( 658 OM_uint32 *, /* minor_status */ 659 gss_OID * /* oid */ 660); 661 662OM_uint32 gss_str_to_oid( 663 OM_uint32 *, /* minor_status */ 664 const gss_buffer_t, /* oid_str */ 665 gss_OID * /* oid */ 666); 667 668OM_uint32 gss_oid_to_str( 669 OM_uint32 *, /* minor_status */ 670 const gss_OID, /* oid */ 671 gss_buffer_t /* oid_str */ 672); 673 674 675/* 676 * The following routines are obsolete variants of gss_get_mic, 677 * gss_verify_mic, gss_wrap and gss_unwrap. They should be 678 * provided by GSSAPI V2 implementations for backwards 679 * compatibility with V1 applications. Distinct entrypoints 680 * (as opposed to #defines) should be provided, both to allow 681 * GSSAPI V1 applications to link against GSSAPI V2 implementations, 682 * and to retain the slight parameter type differences between the 683 * obsolete versions of these routines and their current forms. 684 */ 685 686OM_uint32 gss_sign( 687 OM_uint32 *, /* minor_status */ 688 gss_ctx_id_t, /* context_handle */ 689 int, /* qop_req */ 690 gss_buffer_t, /* message_buffer */ 691 gss_buffer_t /* message_token */ 692); 693 694OM_uint32 gss_verify( 695 OM_uint32 *, /* minor_status */ 696 gss_ctx_id_t, /* context_handle */ 697 gss_buffer_t, /* message_buffer */ 698 gss_buffer_t, /* token_buffer */ 699 int * /* qop_state */ 700); 701 702OM_uint32 gss_seal( 703 OM_uint32 *, /* minor_status */ 704 gss_ctx_id_t, /* context_handle */ 705 int, /* conf_req_flag */ 706 int, /* qop_req */ 707 gss_buffer_t, /* input_message_buffer */ 708 int *, /* conf_state */ 709 gss_buffer_t /* output_message_buffer */ 710); 711 712OM_uint32 gss_unseal( 713 OM_uint32 *, /* minor_status */ 714 gss_ctx_id_t, /* context_handle */ 715 gss_buffer_t, /* input_message_buffer */ 716 gss_buffer_t, /* output_message_buffer */ 717 int *, /* conf_state */ 718 int * /* qop_state */ 719); 720 721 722#ifdef _KERNEL /* For kernel */ 723 724#include <rpc/types.h> 725 726void kgss_free_oid(gss_OID oid); 727 728OM_uint32 kgss_acquire_cred( 729 OM_uint32 *, 730 const gss_name_t, 731 OM_uint32, 732 const gss_OID_set, 733 int, 734 gss_cred_id_t *, 735 gss_OID_set *, 736 OM_uint32 *, 737 uid_t); 738 739OM_uint32 kgss_add_cred( 740 OM_uint32 *, 741 gss_cred_id_t, 742 gss_name_t, 743 gss_OID, 744 int, 745 int, 746 int, 747 gss_OID_set *, 748 OM_uint32 *, 749 OM_uint32 *, 750 uid_t); 751 752OM_uint32 kgss_release_cred( 753 OM_uint32 *, 754 gss_cred_id_t *, 755 uid_t); 756 757OM_uint32 kgss_init_sec_context( 758 OM_uint32 *, 759 const gss_cred_id_t, 760 gss_ctx_id_t *, 761 const gss_name_t, 762 const gss_OID, 763 int, 764 OM_uint32, 765 const gss_channel_bindings_t, 766 const gss_buffer_t, 767 gss_OID *, 768 gss_buffer_t, 769 int *, 770 OM_uint32 *, 771 uid_t); 772 773OM_uint32 kgss_accept_sec_context( 774 OM_uint32 *, 775 gss_ctx_id_t *, 776 const gss_cred_id_t, 777 const gss_buffer_t, 778 const gss_channel_bindings_t, 779 const gss_buffer_t, 780 gss_OID *, 781 gss_buffer_t, 782 int *, 783 OM_uint32 *, 784 gss_cred_id_t *, 785 uid_t); 786 787OM_uint32 kgss_process_context_token( 788 OM_uint32 *, 789 const gss_ctx_id_t, 790 const gss_buffer_t, 791 uid_t); 792 793OM_uint32 kgss_delete_sec_context( 794 OM_uint32 *, 795 gss_ctx_id_t *, 796 gss_buffer_t); 797 798OM_uint32 kgss_export_sec_context( 799 OM_uint32 *, 800 const gss_ctx_id_t, 801 gss_buffer_t); 802 803OM_uint32 kgss_import_sec_context( 804 OM_uint32 *, 805 const gss_buffer_t, 806 gss_ctx_id_t); 807 808OM_uint32 kgss_context_time( 809 OM_uint32 *, 810 const gss_ctx_id_t, 811 OM_uint32 *, 812 uid_t); 813 814OM_uint32 kgss_sign( 815 OM_uint32 *, 816 const gss_ctx_id_t, 817 int, 818 const gss_buffer_t, 819 gss_buffer_t); 820 821 822OM_uint32 kgss_verify( 823 OM_uint32 *, 824 const gss_ctx_id_t, 825 const gss_buffer_t, 826 const gss_buffer_t, 827 int *); 828 829OM_uint32 kgss_seal( 830 OM_uint32 *, 831 const gss_ctx_id_t, 832 int, 833 int, 834 const gss_buffer_t, 835 int *, 836 gss_buffer_t); 837 838OM_uint32 kgss_unseal( 839 OM_uint32 *, 840 const gss_ctx_id_t, 841 const gss_buffer_t, 842 gss_buffer_t, 843 int *, 844 int *); 845 846OM_uint32 kgss_display_status( 847 OM_uint32 *, 848 OM_uint32, 849 int, 850 const gss_OID, 851 int *, 852 gss_buffer_t, 853 uid_t); 854 855OM_uint32 kgss_indicate_mechs( 856 OM_uint32 *, 857 gss_OID_set *, 858 uid_t); 859 860OM_uint32 kgss_inquire_cred( 861 OM_uint32 *, 862 const gss_cred_id_t, 863 gss_name_t *, 864 OM_uint32 *, 865 int *, 866 gss_OID_set *, 867 uid_t); 868 869OM_uint32 kgss_inquire_cred_by_mech( 870 OM_uint32 *, 871 gss_cred_id_t, 872 gss_OID, 873 uid_t); 874 875 876#endif /* if _KERNEL */ 877 878#ifdef __cplusplus 879} 880#endif 881 882#endif /* _GSSAPI_H_ */ 883