1 /*
2  * auth.h :  shared stuff internal to the subr library.
3  *
4  * ====================================================================
5  *    Licensed to the Apache Software Foundation (ASF) under one
6  *    or more contributor license agreements.  See the NOTICE file
7  *    distributed with this work for additional information
8  *    regarding copyright ownership.  The ASF licenses this file
9  *    to you under the Apache License, Version 2.0 (the
10  *    "License"); you may not use this file except in compliance
11  *    with the License.  You may obtain a copy of the License at
12  *
13  *      http://www.apache.org/licenses/LICENSE-2.0
14  *
15  *    Unless required by applicable law or agreed to in writing,
16  *    software distributed under the License is distributed on an
17  *    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
18  *    KIND, either express or implied.  See the License for the
19  *    specific language governing permissions and limitations
20  *    under the License.
21  * ====================================================================
22  */
23 
24 #ifndef SVN_LIBSVN_SUBR_AUTH_H
25 #define SVN_LIBSVN_SUBR_AUTH_H
26 
27 #ifdef __cplusplus
28 extern "C" {
29 #endif /* __cplusplus */
30 
31 #include "svn_auth.h"
32 
33 /* Helper for svn_config_{read|write}_auth_data.  Return a path to a
34    file within ~/.subversion/auth/ that holds CRED_KIND credentials
35    within REALMSTRING.  If no path is available *PATH will be set to
36    NULL. */
37 svn_error_t *
38 svn_auth__file_path(const char **path,
39                     const char *cred_kind,
40                     const char *realmstring,
41                     const char *config_dir,
42                     apr_pool_t *pool);
43 
44 #if (defined(WIN32) && !defined(__MINGW32__)) || defined(DOXYGEN)
45 /**
46  * Set @a *provider to an authentication provider of type @c
47  * svn_auth_cred_simple_t that gets/sets information from the user's
48  * ~/.subversion configuration directory.  Allocate @a *provider in
49  * @a pool.
50  *
51  * This is like svn_auth_get_simple_provider(), except that, when
52  * running on Window 2000 or newer (or any other Windows version that
53  * includes the CryptoAPI), the provider encrypts the password before
54  * storing it to disk. On earlier versions of Windows, the provider
55  * does nothing.
56  *
57  * @note This function is only available on Windows.
58  *
59  * @note An administrative password reset may invalidate the account's
60  * secret key. This function will detect that situation and behave as
61  * if the password were not cached at all.
62  */
63 void
64 svn_auth__get_windows_simple_provider(svn_auth_provider_object_t **provider,
65                                       apr_pool_t *pool);
66 
67 /**
68  * Set @a *provider to an authentication provider of type @c
69  * svn_auth_cred_ssl_client_cert_pw_t that gets/sets information from the
70  * user's ~/.subversion configuration directory.  Allocate @a *provider in
71  * @a pool.
72  *
73  * This is like svn_auth_get_ssl_client_cert_pw_file_provider(), except that
74  * when running on Window 2000 or newer, the provider encrypts the password
75  * before storing it to disk. On earlier versions of Windows, the provider
76  * does nothing.
77  *
78  * @note This function is only available on Windows.
79  *
80  * @note An administrative password reset may invalidate the account's
81  * secret key. This function will detect that situation and behave as
82  * if the password were not cached at all.
83  */
84 void
85 svn_auth__get_windows_ssl_client_cert_pw_provider(
86   svn_auth_provider_object_t **provider,
87   apr_pool_t *pool);
88 
89 /**
90  * Set @a *provider to an authentication provider of type @c
91  * svn_auth_cred_ssl_server_trust_t, allocated in @a pool.
92  *
93  * This provider automatically validates ssl server certificates with
94  * the CryptoApi, like Internet Explorer and the Windows network API do.
95  * This allows the rollout of root certificates via Windows Domain
96  * policies, instead of Subversion specific configuration.
97  *
98  * @note This function is only available on Windows.
99  */
100 void
101 svn_auth__get_windows_ssl_server_trust_provider(
102   svn_auth_provider_object_t **provider,
103   apr_pool_t *pool);
104 #endif /* WIN32 && !__MINGW32__ || DOXYGEN */
105 
106 #if defined(DARWIN) || defined(DOXYGEN)
107 /**
108  * Set @a *provider to an authentication provider of type @c
109  * svn_auth_cred_simple_t that gets/sets information from the user's
110  * ~/.subversion configuration directory.  Allocate @a *provider in
111  * @a pool.
112  *
113  * This is like svn_auth_get_simple_provider(), except that the
114  * password is stored in the Mac OS KeyChain.
115  *
116  * @note This function is only available on Mac OS 10.2 and higher.
117  */
118 void
119 svn_auth__get_keychain_simple_provider(svn_auth_provider_object_t **provider,
120                                       apr_pool_t *pool);
121 
122 /**
123  * Set @a *provider to an authentication provider of type @c
124  * svn_auth_cred_ssl_client_cert_pw_t that gets/sets information from the
125  * user's ~/.subversion configuration directory.  Allocate @a *provider in
126  * @a pool.
127  *
128  * This is like svn_auth_get_ssl_client_cert_pw_file_provider(), except
129  * that the password is stored in the Mac OS KeyChain.
130  *
131  * @note This function is only available on Mac OS 10.2 and higher.
132  */
133 void
134 svn_auth__get_keychain_ssl_client_cert_pw_provider(
135   svn_auth_provider_object_t **provider,
136   apr_pool_t *pool);
137 #endif /* DARWIN || DOXYGEN */
138 
139 #if !defined(WIN32) || defined(DOXYGEN)
140 /**
141  * Set @a *provider to an authentication provider of type @c
142  * svn_auth_cred_simple_t that gets/sets information from the user's
143  * ~/.subversion configuration directory.
144  *
145  * This is like svn_client_get_simple_provider(), except that the
146  * password is obtained from gpg_agent, which will keep it in
147  * a memory cache.
148  *
149  * Allocate @a *provider in @a pool.
150  *
151  * @note This function actually works only on systems with
152  * GNU Privacy Guard installed.
153  */
154 void
155 svn_auth__get_gpg_agent_simple_provider
156     (svn_auth_provider_object_t **provider,
157      apr_pool_t *pool);
158 #endif /* !defined(WIN32) || defined(DOXYGEN) */
159 
160 /**
161  * Set @a *provider to a dummy provider of type @c
162  * svn_auth_cred_simple_t that never returns or stores any
163  * credentials.
164  */
165 void
166 svn_auth__get_dummmy_simple_provider(svn_auth_provider_object_t **provider,
167                                      apr_pool_t *pool);
168 
169 #ifdef __cplusplus
170 }
171 #endif /* __cplusplus */
172 
173 #endif /* SVN_LIBSVN_SUBR_AUTH_H */
174