mechglueP.h revision 7c478bd95313f5f23a4c958a745db2134aa03244
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
/*
* This header contains the private mechglue definitions.
*/
#ifndef _MECHGLUEP_H
#define _MECHGLUEP_H
#pragma ident "%Z%%M% %I% %E% SMI"
#include <gssapi/gssapi_ext.h>
#ifdef __cplusplus
extern "C" {
#endif
/*
* derived types for passing context and credential handles
* between gssd and kernel
*/
typedef unsigned int gssd_ctx_id_t;
typedef unsigned int gssd_cred_id_t;
/*
* Array of context IDs typed by mechanism OID
*/
typedef struct gss_union_ctx_id_t {
/*
* Generic GSSAPI names. A name can either be a generic name, or a
* mechanism specific name....
*/
typedef struct gss_union_name_t {
/*
* These last two fields are only filled in for mechanism
* names.
*/
/*
* Structure for holding list of mechanism-specific name types
*/
typedef struct gss_mech_spec_name_t {
/*
* Credential auxiliary info, used in the credential structure
*/
typedef struct gss_union_cred_auxinfo {
int cred_usage;
/*
* Set of Credentials typed on mechanism OID
*/
typedef struct gss_union_cred_t {
int count;
typedef OM_uint32 (*gss_acquire_cred_with_password_sfct)(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_name_t, /* desired_name */
const gss_buffer_t, /* password */
OM_uint32, /* time_req */
const gss_OID_set, /* desired_mechs */
int, /* cred_usage */
gss_cred_id_t *, /* output_cred_handle */
gss_OID_set *, /* actual_mechs */
OM_uint32 * /* time_rec */
/* */);
/*
* This is the definition of the mechs_array struct, which is used to
* define the mechs array table. This table is used to indirectly
* access mechanism specific versions of the gssapi routines through
* the routines in the glue module (gssd_mech_glue.c)
*
* This contains all of the functions defined in gssapi.h except for
* gss_release_buffer() and gss_release_oid_set(), which I am
* assuming, for now, to be equal across mechanisms.
*/
typedef struct gss_config {
void * context;
#ifdef _KERNEL
struct gss_config *next;
#endif
#ifndef _KERNEL
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_name_t, /* desired_name */
OM_uint32, /* time_req */
const gss_OID_set, /* desired_mechs */
int, /* cred_usage */
gss_cred_id_t *, /* output_cred_handle */
gss_OID_set *, /* actual_mechs */
OM_uint32 * /* time_rec */
/* */);
(
void *, /* context */
OM_uint32 *, /* minor_status */
gss_cred_id_t * /* cred_handle */
/* */);
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_cred_id_t, /* claimant_cred_handle */
gss_ctx_id_t *, /* context_handle */
const gss_name_t, /* target_name */
const gss_OID, /* mech_type */
OM_uint32, /* req_flags */
OM_uint32, /* time_req */
const gss_channel_bindings_t, /* input_chan_bindings */
const gss_buffer_t, /* input_token */
gss_OID*, /* actual_mech_type */
gss_buffer_t, /* output_token */
OM_uint32 *, /* ret_flags */
OM_uint32 * /* time_rec */
/* */);
(
void *, /* context */
OM_uint32 *, /* minor_status */
gss_ctx_id_t *, /* context_handle */
const gss_cred_id_t, /* verifier_cred_handle */
const gss_buffer_t, /* input_token_buffer */
const gss_channel_bindings_t, /* input_chan_bindings */
gss_name_t *, /* src_name */
gss_OID*, /* mech_type */
gss_buffer_t, /* output_token */
OM_uint32 *, /* ret_flags */
OM_uint32 *, /* time_rec */
gss_cred_id_t * /* delegated_cred_handle */
/* */);
/* EXPORT DELETE START */ /* CRYPT DELETE START */
#endif /* ! _KERNEL */
/*
* Note: there are two gss_unseal's in here. Make any changes to both.
*/
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_ctx_id_t, /* context_handle */
const gss_buffer_t, /* input_message_buffer */
gss_buffer_t, /* output_message_buffer */
int *, /* conf_state */
int * /* qop_state */
#ifdef _KERNEL
/* */, OM_uint32
#endif
/* */);
#ifndef _KERNEL
/* EXPORT DELETE END */ /* CRYPT DELETE END */
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_ctx_id_t, /* context_handle */
const gss_buffer_t /* token_buffer */
/* */);
#endif /* ! _KERNEL */
(
void *, /* context */
OM_uint32 *, /* minor_status */
gss_ctx_id_t *, /* context_handle */
gss_buffer_t /* output_token */
#ifdef _KERNEL
/* */, OM_uint32
#endif
/* */);
#ifndef _KERNEL
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_ctx_id_t, /* context_handle */
OM_uint32 * /* time_rec */
/* */);
(
void *, /* context */
OM_uint32 *, /* minor_status */
OM_uint32, /* status_value */
int, /* status_type */
const gss_OID, /* mech_type */
OM_uint32 *, /* message_context */
gss_buffer_t /* status_string */
/* */);
(
void *, /* context */
OM_uint32 *, /* minor_status */
gss_OID_set * /* mech_set */
/* */);
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_name_t, /* name1 */
const gss_name_t, /* name2 */
int * /* name_equal */
/* */);
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_name_t, /* input_name */
gss_buffer_t, /* output_name_buffer */
gss_OID* /* output_name_type */
/* */);
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_buffer_t, /* input_name_buffer */
const gss_OID, /* input_name_type */
gss_name_t * /* output_name */
/* */);
(
void *, /* context */
OM_uint32 *, /* minor_status */
gss_name_t * /* input_name */
/* */);
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_cred_id_t, /* cred_handle */
gss_name_t *, /* name */
OM_uint32 *, /* lifetime */
int *, /* cred_usage */
gss_OID_set * /* mechanisms */
/* */);
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_cred_id_t, /* input_cred_handle */
const gss_name_t, /* desired_name */
const gss_OID, /* desired_mech */
gss_cred_usage_t, /* cred_usage */
OM_uint32, /* initiator_time_req */
OM_uint32, /* acceptor_time_req */
gss_cred_id_t *, /* output_cred_handle */
gss_OID_set *, /* actual_mechs */
OM_uint32 *, /* initiator_time_rec */
OM_uint32 * /* acceptor_time_rec */
/* */);
/* EXPORT DELETE START */ /* CRYPT DELETE START */
#endif /* ! _KERNEL */
/*
* Note: there are two gss_seal's in here. Make any changes to both.
*/
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_ctx_id_t, /* context_handle */
int, /* conf_req_flag */
int, /* qop_req */
const gss_buffer_t, /* input_message_buffer */
int *, /* conf_state */
gss_buffer_t /* output_message_buffer */
#ifdef _KERNEL
/* */, OM_uint32
#endif
/* */);
#ifndef _KERNEL
/* EXPORT DELETE END */ /* CRYPT DELETE END */
(
void *, /* context */
OM_uint32 *, /* minor_status */
gss_ctx_id_t *, /* context_handle */
gss_buffer_t /* interprocess_token */
/* */);
#endif /* ! _KERNEL */
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_buffer_t, /* interprocess_token */
gss_ctx_id_t * /* context_handle */
/* */);
#ifndef _KERNEL
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_cred_id_t, /* cred_handle */
const gss_OID, /* mech_type */
gss_name_t *, /* name */
OM_uint32 *, /* initiator_lifetime */
OM_uint32 *, /* acceptor_lifetime */
gss_cred_usage_t * /* cred_usage */
/* */);
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_OID, /* mechanism */
gss_OID_set * /* name_types */
/* */);
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_ctx_id_t, /* context_handle */
gss_name_t *, /* src_name */
gss_name_t *, /* targ_name */
OM_uint32 *, /* lifetime_rec */
gss_OID *, /* mech_type */
OM_uint32 *, /* ctx_flags */
int *, /* locally_initiated */
int * /* open */
/* */);
(
void *, /* context */
OM_uint32 *, /* minor_status */
gss_OID * /* OID */
/* */);
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_ctx_id_t, /* context_handle */
int, /* conf_req_flag */
gss_qop_t, /* qop_req */
OM_uint32, /* req_output_size */
OM_uint32 * /* max_input_size */
/* */);
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_name_t, /* pname */
uid_t * /* uid */
/* */);
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_name_t, /* pname */
const char *, /* local user */
int * /* user ok? */
/* */);
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_name_t, /* input_name */
gss_buffer_t /* exported_name */
/* */);
#endif /* ! _KERNEL */
/* EXPORT DELETE START */
/* CRYPT DELETE START */
/*
* This block comment is Sun Proprietary: Need-To-Know.
* What we are doing is leaving the seal and unseal entry points
* in an obvious place before sign and unsign for the Domestic customer
* of the Solaris Source Product. The Domestic customer of the Solaris Source
* Product will have to deal with the problem of creating exportable libgss
* binaries.
* In the binary product that Sun builds, these entry points are elsewhere,
* and bracketed with special comments so that the CRYPT_SRC and EXPORT_SRC
* targets delete them.
*/
#if 0
/* CRYPT DELETE END */
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_ctx_id_t, /* context_handle */
int, /* conf_req_flag */
int, /* qop_req */
const gss_buffer_t, /* input_message_buffer */
int *, /* conf_state */
gss_buffer_t /* output_message_buffer */
#ifdef _KERNEL
/* */, OM_uint32
#endif
/* */);
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_ctx_id_t, /* context_handle */
const gss_buffer_t, /* input_message_buffer */
gss_buffer_t, /* output_message_buffer */
int *, /* conf_state */
int * /* qop_state */
#ifdef _KERNEL
/* */, OM_uint32
#endif
/* */);
/* CRYPT DELETE START */
#endif /* 0 */
/* CRYPT DELETE END */
/* EXPORT DELETE END */
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_ctx_id_t, /* context_handle */
int, /* qop_req */
const gss_buffer_t, /* message_buffer */
gss_buffer_t /* message_token */
#ifdef _KERNEL
/* */, OM_uint32
#endif
/* */);
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_ctx_id_t, /* context_handle */
const gss_buffer_t, /* message_buffer */
const gss_buffer_t, /* token_buffer */
int * /* qop_state */
#ifdef _KERNEL
/* */, OM_uint32
#endif
/* */);
#ifndef _KERNEL
(
void *, /* context */
OM_uint32 *, /* minor_status */
const gss_cred_id_t, /* input_cred */
gss_cred_usage_t, /* cred_usage */
const gss_OID, /* desired_mech */
OM_uint32, /* overwrite_cred */
OM_uint32, /* default_cred */
gss_OID_set *, /* elements_stored */
gss_cred_usage_t * /* cred_usage_stored */
/* */);
#endif
} *gss_mechanism;
#ifndef _KERNEL
/* This structure MUST NOT be used by any code outside libgss */
typedef struct gss_config_ext {
#endif /* _KERNEL */
/*
* In the user space we use a wrapper structure to encompass the
* mechanism entry points. The wrapper contain the mechanism
* entry points and other data which is only relevant to the gss-api
* layer. In the kernel we use only the gss_config strucutre because
* the kernal does not cantain any of the extra gss-api specific data.
*/
#ifndef _KERNEL
typedef struct gss_mech_config {
char *kmodName; /* kernel module name */
char *uLibName; /* user library name */
char *mechNameStr; /* mechanism string name */
char *optionStr; /* optional mech parameters */
void *dl_handle; /* RTLD object handle for the mech */
} *gss_mech_info;
#endif
#ifndef _KERNEL
/*
* Internal mechglue routines
*/
char *__gss_get_kmodName(const gss_OID);
char *__gss_get_modOptions(const gss_OID);
const gss_name_t, gss_buffer_t);
gss_name_t *);
OM_uint32 *, /* minor_status */
gss_mechanism, /* mech */
gss_name_t, /* internal_name */
gss_name_t * /* external_name */
);
const gss_union_cred_t, /* union_cred */
const gss_OID /* mech_type */
);
const gss_buffer_t, /* src buffer */
gss_buffer_t *, /* destination buffer */
int /* NULL terminate buffer ? */
);
OM_uint32 *, /* minor_status */
gss_OID * /* oid */
);
OM_uint32 *, /* minor_status */
const gss_OID, /* oid */
gss_OID * /* new_oid */
);
OM_uint32 *, /* minor_status */
gss_OID_set * /* oid_set */
);
OM_uint32 *, /* minor_status */
const gss_OID, /* member_oid */
gss_OID_set * /* oid_set */
);
OM_uint32 *, /* minor_status */
const gss_OID, /* member */
const gss_OID_set, /* set */
int * /* present */
);
OM_uint32 *, /* minor_status */
const gss_OID, /* oid */
gss_buffer_t /* oid_str */
);
OM_uint32 *, /* minor_status */
const gss_buffer_t, /* oid_str */
gss_OID * /* oid */
);
OM_uint32 *, /* minor_status */
const gss_OID_set_desc *, /* oid set */
gss_OID_set * /* new oid set */
);
#endif
#ifdef _KERNEL
#ifndef _KRB5_H
/* These macros are defined for Kerberos in krb5.h, and have priority */
#endif /* _KRB5_H */
#endif /* _KERNEL */
struct kgss_cred {
};
struct kgss_ctx {
#ifdef _KERNEL
#endif /* _KERNEL */
};
#define KGSS_CTX_TO_GSSD_CTX(ctx) \
#define KGSS_CTX_TO_GSSD_CTXV(ctx) \
#ifdef _KERNEL
#define KCTX_TO_CTX(ctx) \
/* EXPORT DELETE START */
/* EXPORT DELETE END */
#else /* !_KERNEL */
#define KGSS_CRED_ALLOC() (struct kgss_cred *) \
#endif /* _KERNEL */
#ifdef __cplusplus
}
#endif
#endif /* _MECHGLUEP_H */