1 /* 2 auth_gss.h 3 4 Copyright (c) 2000 The Regents of the University of Michigan. 5 All rights reserved. 6 7 Copyright (c) 2000 Dug Song <dugsong@UMICH.EDU>. 8 All rights reserved, all wrongs reversed. 9 10 Redistribution and use in source and binary forms, with or without 11 modification, are permitted provided that the following conditions 12 are met: 13 14 1. Redistributions of source code must retain the above copyright 15 notice, this list of conditions and the following disclaimer. 16 2. Redistributions in binary form must reproduce the above copyright 17 notice, this list of conditions and the following disclaimer in the 18 documentation and/or other materials provided with the distribution. 19 3. Neither the name of the University nor the names of its 20 contributors may be used to endorse or promote products derived 21 from this software without specific prior written permission. 22 23 THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 24 WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 25 MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 26 DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 27 FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 28 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 29 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 30 BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 31 LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 32 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 35 */ 36 37 /* NFSv4.1 client for Windows 38 * Copyright � 2012 The Regents of the University of Michigan 39 * 40 * Olga Kornievskaia <aglo@umich.edu> 41 * Casey Bodley <cbodley@umich.edu> 42 * 43 * This library is free software; you can redistribute it and/or modify it 44 * under the terms of the GNU Lesser General Public License as published by 45 * the Free Software Foundation; either version 2.1 of the License, or (at 46 * your option) any later version. 47 * 48 * This library is distributed in the hope that it will be useful, but 49 * without any warranty; without even the implied warranty of merchantability 50 * or fitness for a particular purpose. See the GNU Lesser General Public 51 * License for more details. 52 * 53 * You should have received a copy of the GNU Lesser General Public License 54 * along with this library; if not, write to the Free Software Foundation, 55 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 56 */ 57 58 #ifndef _TIRPC_AUTH_GSS_H 59 #define _TIRPC_AUTH_GSS_H 60 61 #include <rpc/clnt.h> 62 #define SECURITY_WIN32 63 #include <sspi.h> 64 65 /* RPCSEC_GSS control procedures. */ 66 typedef enum { 67 RPCSEC_GSS_DATA = 0, 68 RPCSEC_GSS_INIT = 1, 69 RPCSEC_GSS_CONTINUE_INIT = 2, 70 RPCSEC_GSS_DESTROY = 3 71 } rpc_gss_proc_t; 72 73 /* RPCSEC_GSS services. */ 74 typedef enum { 75 RPCSEC_GSS_SVC_NONE = 1, 76 RPCSEC_GSS_SVC_INTEGRITY = 2, 77 RPCSEC_GSS_SVC_PRIVACY = 3 78 } rpc_gss_svc_t; 79 80 #define RPCSEC_GSS_VERSION 1 81 82 /* RPCSEC_GSS security triple. */ 83 struct rpc_gss_sec { 84 gss_OID mech; /* mechanism */ 85 gss_qop_t qop; /* quality of protection */ 86 rpc_gss_svc_t svc; /* service */ 87 gss_cred_id_t cred; /* cred handle */ 88 u_int req_flags; /* req flags for init_sec_context */ 89 }; 90 91 /* Private data required for kernel implementation */ 92 struct authgss_private_data { 93 gss_ctx_id_t pd_ctx; /* Session context handle */ 94 gss_buffer_desc pd_ctx_hndl; /* Credentials context handle */ 95 u_int pd_seq_win; /* Sequence window */ 96 }; 97 98 #define g_OID_equal(o1, o2) \ 99 (((o1)->length == (o2)->length) && \ 100 ((o1)->elements != 0) && ((o2)->elements != 0) && \ 101 (memcmp((o1)->elements, (o2)->elements, (int) (o1)->length) == 0)) 102 103 /* from kerberos source, gssapi_krb5.c */ 104 extern gss_OID_desc krb5oid; 105 extern gss_OID_desc spkm3oid; 106 107 /* Credentials. */ 108 struct rpc_gss_cred { 109 u_int gc_v; /* version */ 110 rpc_gss_proc_t gc_proc; /* control procedure */ 111 u_int gc_seq; /* sequence number */ 112 rpc_gss_svc_t gc_svc; /* service */ 113 gss_buffer_desc gc_ctx; /* context handle */ 114 }; 115 116 /* Context creation response. */ 117 struct rpc_gss_init_res { 118 gss_buffer_desc gr_ctx; /* context handle */ 119 u_int gr_major; /* major status */ 120 u_int gr_minor; /* minor status */ 121 u_int gr_win; /* sequence window */ 122 gss_buffer_desc gr_token; /* token */ 123 }; 124 125 /* Maximum sequence number value. */ 126 #define MAXSEQ 0x80000000 127 128 #ifdef __REACTOS__ 129 #ifndef __BEGIN_DECLS 130 #define __BEGIN_DECLS 131 #define __END_DECLS 132 #endif 133 #endif 134 135 /* Prototypes. */ 136 __BEGIN_DECLS 137 bool_t xdr_rpc_gss_cred __P((XDR *xdrs, struct rpc_gss_cred *p)); 138 bool_t xdr_rpc_gss_init_args __P((XDR *xdrs, gss_buffer_desc *p)); 139 bool_t xdr_rpc_gss_init_res __P((XDR *xdrs, struct rpc_gss_init_res *p)); 140 bool_t xdr_rpc_gss_data __P((XDR *xdrs, xdrproc_t xdr_func, 141 caddr_t xdr_ptr, gss_ctx_id_t ctx, 142 gss_qop_t qop, rpc_gss_svc_t svc, 143 u_int seq)); 144 145 AUTH *authgss_create __P((CLIENT *, gss_name_t, 146 struct rpc_gss_sec *)); 147 AUTH *authgss_create_default __P((CLIENT *, char *, struct rpc_gss_sec *)); 148 bool_t authgss_service __P((AUTH *auth, int svc)); 149 bool_t authgss_get_private_data __P((AUTH *auth, 150 struct authgss_private_data *)); 151 152 void log_debug __P((const char *fmt, ...)); 153 void log_status __P((char *m, OM_uint32 major, 154 OM_uint32 minor)); 155 void log_hexdump __P((const u_char *buf, int len, int offset)); 156 157 __END_DECLS 158 159 #endif /* !_TIRPC_AUTH_GSS_H */ 160