kcmd.h revision 7c478bd95313f5f23a4c958a745db2134aa03244
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2002 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#ifndef _KCMD_H
#define _KCMD_H
#pragma ident "%Z%%M% %I% %E% SMI"
#ifdef __cplusplus
extern "C" {
#endif
#define OPTS_FORWARD_CREDS 0x00000002
#define OPTS_FORWARDABLE_CREDS 0x00000001
#define SERVER 0
#define CLIENT 1
enum kcmd_proto {
/*
* Old protocol: DES encryption only. No subkeys.
* No protection for cleartext length. No ivec supplied.
* OOB hacks used for rlogin. Checksum may be omitted at
* connection startup.
*/
KCMD_OLD_PROTOCOL = 1,
/*
* New protocol: Any encryption scheme. Client-generated
* subkey required. Prepend cleartext-length to cleartext
* data (but don't include it in count). Starting ivec defined,
* chained. In-band signalling. Checksum required.
*/
KCMD_NEW_PROTOCOL,
/*
* Hack: Get credentials, and use the old protocol iff the session
* key type is single-DES.
*/
KCMD_PROTOCOL_COMPAT_HACK,
/* Using Kerberos version 4. */
KCMD_V4_PROTOCOL,
KCMD_UNKNOWN_PROTOCOL
};
#define SOCK_FAMILY(ss) ((ss).ss_family)
#define SOCK_PORT(ss) ((ss).ss_family == AF_INET6 ? \
((struct sockaddr_in6 *)&(ss))->sin6_port : \
((struct sockaddr_in *)&(ss))->sin_port)
#define SOCK_ADDR(ss) ((ss).ss_family == AF_INET6 ? \
(void *)&((struct sockaddr_in6 *)&(ss))->sin6_addr : \
(void *)&((struct sockaddr_in *)&(ss))->sin_addr)
#define SET_SOCK_FAMILY(ss, family) (SOCK_FAMILY(ss) = (family))
#define SET_SOCK_PORT(ss, port) \
((ss).ss_family == AF_INET6 ? \
(((struct sockaddr_in6 *)&(ss))->sin6_port = (port)) : \
(((struct sockaddr_in *)&(ss))->sin_port = (port)))
#define SET_SOCK_ADDR4(ss, addr) ((void)(sock_set_inaddr(&(ss), (addr))))
#define SET_SOCK_ADDR_ANY(ss) \
((void) ((ss).ss_family == AF_INET6 ? \
(void) (((struct sockaddr_in6 *)&(ss))->sin6_addr = in6addr_any) : \
(void) (((struct sockaddr_in *)&(ss))->sin_addr.s_addr = \
htonl(INADDR_ANY))))
/*
* Prototypes for functions in 'kcmd.c'
*/
char *strsave(char *sp);
int kcmd(int *sock, char **ahost, ushort_t rport, char *locuser,
char *remuser, char *cmd, int *fd2p, char *service, char *realm,
krb5_context bsd_context, krb5_auth_context *authconp,
krb5_creds **cred, krb5_int32 *seqno, krb5_int32 *server_seqno,
krb5_flags authopts,
int anyport, enum kcmd_proto *kcmd_proto);
krb5_error_code rd_and_store_for_creds(krb5_context context,
krb5_auth_context auth_context,
krb5_data *inbuf,
krb5_ticket *ticket,
char *lusername,
krb5_ccache *ccache);
void init_encrypt(int, krb5_context, enum kcmd_proto,
krb5_data *, krb5_data *,
int, krb5_encrypt_block *);
int desread(int, char *, int, int);
int deswrite(int, char *, int, int);
#ifdef __cplusplus
}
#endif
#endif /* _KCMD_H */