1 /* 2 KClient.h -- Application interface for KClient 3 4 � Copyright 1994,95 by Project Mandarin Inc. 5 6 Initial coding 8/94 Peter Bosanko. 7 Added new routines 8/95 PCB 8 Moved some constants 9 from krbdriver.h 10 11 ======================================================================== 12 DES and Kerberos portions of this file are... 13 ======================================================================== 14 15 Copyright (C) 1989 by the Massachusetts Institute of Technology 16 17 Export of this software from the United States of America is assumed 18 to require a specific license from the United States Government. 19 It is the responsibility of any person or organization contemplating 20 export to obtain such a license before exporting. 21 22 WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 23 distribute this software and its documentation for any purpose and 24 without fee is hereby granted, provided that the above copyright 25 notice appear in all copies and that both that copyright notice and 26 this permission notice appear in supporting documentation, and that 27 the name of M.I.T. not be used in advertising or publicity pertaining 28 to distribution of the software without specific, written prior 29 permission. M.I.T. makes no representations about the suitability of 30 this software for any purpose. It is provided "as is" without express 31 or implied warranty. 32 33 */ 34 35 #ifndef _KCLIENT_ 36 #define _KCLIENT_ 37 38 #ifndef _TYPES_ 39 #include <Types.h> 40 #endif 41 42 /* Error codes */ 43 44 enum { 45 cKrbCorruptedFile = -1024, /* couldn't find a needed resource */ 46 cKrbNoKillIO, /* can't killIO because all calls sync */ 47 cKrbBadSelector, /* csCode passed doesn't select a recognized function */ 48 cKrbCantClose, /* we must always remain open */ 49 cKrbMapDoesntExist, /* tried to access a map that doesn't exist (index too large, 50 or criteria doesn't match anything) */ 51 cKrbSessDoesntExist, /* tried to access a session that doesn't exist */ 52 cKrbCredsDontExist, /* tried to access credentials that don't exist */ 53 cKrbTCPunavailable, /* couldn't open MacTCP driver */ 54 cKrbUserCancelled, /* user cancelled a log in operation */ 55 cKrbConfigurationErr, /* Kerberos Preference file is not configured properly */ 56 cKrbServerRejected, /* A server rejected our ticket */ 57 cKrbServerImposter, /* Server appears to be a phoney */ 58 cKrbServerRespIncomplete, /* Server response is not complete */ 59 cKrbNotLoggedIn, /* Returned by cKrbGetUserName if user is not logged in */ 60 cKrbOldDriver, /* old version of the driver */ 61 cKrbDriverInUse, /* driver is not reentrant */ 62 cKrbAppInBkgnd, /* driver won't put up password dialog when in background */ 63 cKrbInvalidSession, /* invalid structure passed to KClient/KServer routine */ 64 cKrbOptionNotDefined, /* returned from GetOption */ 65 66 cKrbKerberosErrBlock = -20000 /* start of block of 256 kerberos error numbers */ 67 }; 68 69 #define LARGEST_DRIVER_ERROR cKrbOptionNotDefined 70 71 typedef char KClientErrString[64]; 72 73 enum { KClientLoggedIn, KClientNotLoggedIn }; 74 75 /* Different kerberos name formats (for KServerGetUserName) */ 76 enum { 77 KClientLocalName, /* Don't specify realm */ 78 KClientCommonName, /* Only specify realm if it isn't local */ 79 KClientFullName /* Always specify realm */ 80 }; 81 82 /* Options */ 83 enum { 84 kclientOptionSaveName = 1, 85 kclientOptionSynchTime, 86 kclientOptionShowMenu, 87 kclientOptionInstalled_1_6 88 }; 89 90 struct KClientKey { 91 unsigned char keyBytes[8]; 92 }; 93 typedef struct KClientKey KClientKey; 94 95 struct KClientSessionInfo { 96 char sessionBytes[256]; 97 }; 98 typedef struct KClientSessionInfo KClientSessionInfo; 99 typedef KClientSessionInfo *KClientSessionPtr; 100 101 /* Defines for obsolete function names */ 102 #define KClientInitSession KClientNewSession 103 #define KClientVerifySendAuth KClientVerifyReplyTicket 104 105 /************************************/ 106 /* Some includes from des.h & krb.h */ 107 /************************************/ 108 #if defined(powerc) || defined(__powerc) 109 #pragma options align=mac68k 110 #endif 111 112 #ifndef DES_DEFS 113 114 typedef unsigned char des_cblock[8]; /* crypto-block size */ 115 116 /* Key schedule */ 117 typedef struct des_ks_struct { des_cblock _; } des_key_schedule[16]; 118 119 #endif /* DES_DEFS */ 120 121 #ifndef KRB_DEFS 122 123 #define C_Block des_cblock 124 #define Key_schedule des_key_schedule 125 126 /* The maximum sizes for aname, realm, sname, and instance +1 */ 127 #define ANAME_SZ 40 128 #define REALM_SZ 40 129 #define SNAME_SZ 40 130 #define INST_SZ 40 131 132 /* Definition of text structure used to pass text around */ 133 #define MAX_KTXT_LEN 1250 134 135 struct ktext { 136 long length; /* Length of the text */ 137 unsigned char dat[MAX_KTXT_LEN]; /* The data itself */ 138 unsigned long mbz; /* zero to catch runaway strings */ 139 }; 140 141 typedef struct ktext *KTEXT; 142 typedef struct ktext KTEXT_ST; 143 144 struct credentials { 145 char service[ANAME_SZ]; /* Service name */ 146 char instance[INST_SZ]; /* Instance */ 147 char realm[REALM_SZ]; /* Auth domain */ 148 C_Block session; /* Session key */ 149 long lifetime; /* Lifetime */ 150 long kvno; /* Key version number */ 151 KTEXT_ST ticket_st; /* The ticket itself */ 152 long issue_date; /* The issue time */ 153 char pname[ANAME_SZ]; /* Principal's name */ 154 char pinst[INST_SZ]; /* Principal's instance */ 155 }; 156 157 typedef struct credentials CREDENTIALS; 158 159 /* Structure definition for rd_private_msg and rd_safe_msg */ 160 161 struct msg_dat { 162 unsigned char *app_data; /* pointer to appl data */ 163 unsigned long app_length; /* length of appl data */ 164 unsigned long hash; /* hash to lookup replay */ 165 long swap; /* swap bytes? */ 166 long time_sec; /* msg timestamp seconds */ 167 unsigned char time_5ms; /* msg timestamp 5ms units */ 168 }; 169 170 typedef struct msg_dat MSG_DAT; 171 172 typedef unsigned long u_long; 173 typedef unsigned short u_short; 174 175 #define KRB_PASSWORD_SERVICE "changepw.kerberos" 176 177 #endif /* KRB_DEFS */ 178 179 #if defined(powerc) || defined(__powerc) 180 #pragma options align=reset 181 #endif 182 183 #ifdef __cplusplus 184 extern "C" { 185 #endif 186 187 /* 188 * call into des ecb_encrypt 189 */ 190 /* created by n3liw+@cmu.edu to support SASL, need to be able to specify checksum */ 191 int KClient_des_ecb_encrypt(KClientSessionInfo *session,des_cblock v1,des_cblock v2,int do_encrypt); 192 193 /* 194 * call into des pcbc_encrypt 195 */ 196 /* created by n3liw+@cmu.edu to support SASL, need to be able to specify checksum */ 197 int KClient_des_pcbc_encrypt(KClientSessionInfo *session,des_cblock v1,des_cblock v2,long len,int do_encrypt); 198 199 OSErr KClientNewSession(KClientSessionInfo *session, unsigned long lAddr,unsigned short lPort,unsigned long fAddr,unsigned short fPort); 200 201 OSErr KClientDisposeSession(KClientSessionInfo *session); 202 203 /* created by n3liw+@cmu.edu to support SASL, need to be able to specify checksum */ 204 OSErr KClientGetTicketForServiceFull(KClientSessionInfo *session, char *service,void *buf,unsigned long *buflen,long cks); 205 206 OSErr KClientGetTicketForService(KClientSessionInfo *session, char *service,void *buf,unsigned long *buflen); 207 208 OSErr KClientLogin( KClientSessionInfo *session, KClientKey *privateKey ); 209 210 OSErr KClientSetPrompt( KClientSessionInfo *session, char *prompt ); 211 212 OSErr KClientPasswordLogin( KClientSessionInfo *session, char *password, KClientKey *privateKey ); 213 214 OSErr KClientPasswordToKey( char *password, KClientKey *privateKey ); 215 216 OSErr KClientKeyLogin( KClientSessionInfo *session, KClientKey *privateKey ); 217 218 OSErr KClientLogout( void ); 219 220 short KClientStatus( void ); 221 222 OSErr KClientVersion( short *majorVersion, short *minorVersion, char *versionString ); 223 224 OSErr KClientGetUserName(char *user); 225 226 OSErr KClientGetSessionUserName(KClientSessionInfo *session, char *user, short nameType); 227 228 OSErr KClientSetUserName(char *user); 229 230 OSErr KClientCacheInitialTicket(KClientSessionInfo *session, char *service); 231 232 OSErr KClientGetSessionKey(KClientSessionInfo *session, KClientKey *sessionKey); 233 234 OSErr KClientMakeSendAuth(KClientSessionInfo *session, char *service,void *buf,unsigned long *buflen,long checksum, char *applicationVersion); 235 236 OSErr KClientVerifyReplyTicket(KClientSessionInfo *session, void *buf,unsigned long *buflen ); 237 238 OSErr KClientEncrypt(KClientSessionInfo *session, void *buf,unsigned long buflen,void *encryptBuf,unsigned long *encryptLength); 239 240 OSErr KClientDecrypt(KClientSessionInfo *session, void *buf,unsigned long buflen,unsigned long *decryptOffset,unsigned long *decryptLength); 241 242 void KClientErrorText(OSErr err, char *text); 243 244 245 /* KServer calls */ 246 247 OSErr KServerNewSession( KClientSessionInfo *session, char *service, 248 unsigned long lAddr,unsigned short lPort,unsigned long fAddr,unsigned short fPort); 249 250 OSErr KServerVerifyTicket( KClientSessionInfo *session, void *buf, char *keyFileName ); 251 252 OSErr KServerGetReplyTicket( KClientSessionInfo *session, void *buf, unsigned long *buflen ); 253 254 OSErr KServerGetKey( KClientSessionInfo *session, KClientKey *privateKey, char *service, long version, char *filename ); 255 256 OSErr KServerAddKey( KClientSessionInfo *session, KClientKey *privateKey, char *service, long version, char *filename ); 257 258 OSErr KServerGetSessionTimeRemaining( KClientSessionInfo *session, long *seconds ); 259 260 /* Configuration routines */ 261 262 OSErr KClientGetLocalRealm( char *realm ); 263 264 OSErr KClientSetLocalRealm( char *realm ); 265 266 OSErr KClientGetRealm( char *host, char *realm ); 267 268 OSErr KClientAddRealmMap( char *host, char *realm ); 269 270 OSErr KClientDeleteRealmMap( char *host ); 271 272 OSErr KClientGetNthRealmMap( long n, char *host, char *realm ); 273 274 OSErr KClientGetNthServer( long n, char *host, char *realm, Boolean admin ); 275 276 OSErr KClientAddServerMap( char *host, char *realm, Boolean admin ); 277 278 OSErr KClientDeleteServerMap( char *host, char *realm ); 279 280 OSErr KClientGetNthServerMap( long n, char *host, char *realm, Boolean *admin ); 281 282 OSErr KClientGetNthServerPort( long n, short *port ); 283 284 OSErr KClientSetNthServerPort( long n, short port ); 285 286 OSErr KClientGetNumSessions( long *n ); 287 288 OSErr KClientGetNthSession( long n, char *name, char *instance, char *realm ); 289 290 OSErr KClientDeleteSession( char *name, char *instance, char *realm ); 291 292 OSErr KClientGetCredentials( char *name, char *instance, char *realm, CREDENTIALS *cred ); 293 294 OSErr KClientAddCredentials( char *name, char *instance, char *realm, CREDENTIALS *cred ); 295 296 OSErr KClientDeleteCredentials( char *name, char *instance, char *realm, 297 char *sname, char *sinstance, char *srealm ); 298 299 300 OSErr KClientGetNumCredentials( long *n, char *name, char *instance, char *realm ); 301 302 OSErr KClientGetNthCredential( long n, char *name, char *instance, char *realm, 303 char *sname, char *sinstance, char *srealm ); 304 305 OSErr KClientAddSpecial( char *service, char *name ); 306 307 OSErr KClientDeleteSpecial( char *service ); 308 309 OSErr KClientGetNumSpecials( long *n ); 310 311 OSErr KClientGetNthSpecial( long n, char *name, char *service ); 312 313 OSErr KClientSetOption( short option, void *value ); 314 315 OSErr KClientGetOption( short option, void *value ); 316 317 #ifdef __cplusplus 318 } 319 #endif 320 321 #endif