1/* -*- mode: c; indent-tabs-mode: nil -*- */ 2/* 3 * Copyright 1993 by OpenVision Technologies, Inc. 4 * 5 * Permission to use, copy, modify, distribute, and sell this software 6 * and its documentation for any purpose is hereby granted without fee, 7 * provided that the above copyright notice appears in all copies and 8 * that both that copyright notice and this permission notice appear in 9 * supporting documentation, and that the name of OpenVision not be used 10 * in advertising or publicity pertaining to distribution of the software 11 * without specific, written prior permission. OpenVision makes no 12 * representations about the suitability of this software for any 13 * purpose. It is provided "as is" without express or implied warranty. 14 * 15 * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, 16 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO 17 * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR 18 * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF 19 * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR 20 * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 21 * PERFORMANCE OF THIS SOFTWARE. 22 */ 23 24#ifndef _GSSAPI_H_ 25#define _GSSAPI_H_ 26 27/* 28 * Determine platform-dependent configuration. 29 */ 30 31#if defined(__MACH__) && defined(__APPLE__) 32# include <TargetConditionals.h> 33# if TARGET_RT_MAC_CFM 34# error "Use KfM 4.0 SDK headers for CFM compilation." 35# endif 36#endif 37 38#ifdef __cplusplus 39extern "C" { 40#endif /* __cplusplus */ 41 42#if defined(TARGET_OS_MAC) && TARGET_OS_MAC 43# pragma pack(push,2) 44#endif 45 46#if defined(_MSDOS) || defined(_WIN32) 47#include <win-mac.h> 48#endif 49 50#ifndef KRB5_CALLCONV 51#define KRB5_CALLCONV 52#define KRB5_CALLCONV_C 53#endif 54 55#include <stdint.h> 56 57/* 58 * First, include stddef.h to get size_t defined. 59 */ 60#include <stddef.h> 61 62/* 63 * POSIX says that sys/types.h is where size_t is defined. 64 */ 65#include <sys/types.h> 66 67/* 68 * $Id$ 69 */ 70 71/* 72 * First, define the three platform-dependent pointer types. 73 */ 74 75struct gss_name_struct; 76typedef struct gss_name_struct * gss_name_t; 77 78struct gss_cred_id_struct; 79typedef struct gss_cred_id_struct * gss_cred_id_t; 80 81struct gss_ctx_id_struct; 82typedef struct gss_ctx_id_struct * gss_ctx_id_t; 83 84/* 85 * The following type must be defined as the smallest natural unsigned integer 86 * supported by the platform that has at least 32 bits of precision. 87 */ 88typedef uint32_t gss_uint32; 89typedef int32_t gss_int32; 90 91#ifdef OM_STRING 92/* 93 * We have included the xom.h header file. Use the definition for 94 * OM_object identifier. 95 */ 96typedef OM_object_identifier gss_OID_desc, *gss_OID; 97#else /* OM_STRING */ 98/* 99 * We can't use X/Open definitions, so roll our own. 100 */ 101typedef gss_uint32 OM_uint32; 102 103typedef struct gss_OID_desc_struct { 104 OM_uint32 length; 105 void *elements; 106} gss_OID_desc, *gss_OID; 107#endif /* OM_STRING */ 108 109typedef struct gss_OID_set_desc_struct { 110 size_t count; 111 gss_OID elements; 112} gss_OID_set_desc, *gss_OID_set; 113 114typedef struct gss_buffer_desc_struct { 115 size_t length; 116 void *value; 117} gss_buffer_desc, *gss_buffer_t; 118 119typedef struct gss_channel_bindings_struct { 120 OM_uint32 initiator_addrtype; 121 gss_buffer_desc initiator_address; 122 OM_uint32 acceptor_addrtype; 123 gss_buffer_desc acceptor_address; 124 gss_buffer_desc application_data; 125} *gss_channel_bindings_t; 126 127/* 128 * For now, define a QOP-type as an OM_uint32 (pending resolution of ongoing 129 * discussions). 130 */ 131typedef OM_uint32 gss_qop_t; 132typedef int gss_cred_usage_t; 133 134/* 135 * Flag bits for context-level services. 136 */ 137#define GSS_C_DELEG_FLAG 1 138#define GSS_C_MUTUAL_FLAG 2 139#define GSS_C_REPLAY_FLAG 4 140#define GSS_C_SEQUENCE_FLAG 8 141#define GSS_C_CONF_FLAG 16 142#define GSS_C_INTEG_FLAG 32 143#define GSS_C_ANON_FLAG 64 144#define GSS_C_PROT_READY_FLAG 128 145#define GSS_C_TRANS_FLAG 256 146#define GSS_C_DELEG_POLICY_FLAG 32768 147 148/* 149 * Credential usage options 150 */ 151#define GSS_C_BOTH 0 152#define GSS_C_INITIATE 1 153#define GSS_C_ACCEPT 2 154 155/* 156 * Status code types for gss_display_status 157 */ 158#define GSS_C_GSS_CODE 1 159#define GSS_C_MECH_CODE 2 160 161/* 162 * The constant definitions for channel-bindings address families 163 */ 164#define GSS_C_AF_UNSPEC 0 165#define GSS_C_AF_LOCAL 1 166#define GSS_C_AF_INET 2 167#define GSS_C_AF_IMPLINK 3 168#define GSS_C_AF_PUP 4 169#define GSS_C_AF_CHAOS 5 170#define GSS_C_AF_NS 6 171#define GSS_C_AF_NBS 7 172#define GSS_C_AF_ECMA 8 173#define GSS_C_AF_DATAKIT 9 174#define GSS_C_AF_CCITT 10 175#define GSS_C_AF_SNA 11 176#define GSS_C_AF_DECnet 12 177#define GSS_C_AF_DLI 13 178#define GSS_C_AF_LAT 14 179#define GSS_C_AF_HYLINK 15 180#define GSS_C_AF_APPLETALK 16 181#define GSS_C_AF_BSC 17 182#define GSS_C_AF_DSS 18 183#define GSS_C_AF_OSI 19 184#define GSS_C_AF_NETBIOS 20 185#define GSS_C_AF_X25 21 186 187#define GSS_C_AF_NULLADDR 255 188 189/* 190 * Various Null values. 191 */ 192#define GSS_C_NO_NAME ((gss_name_t) 0) 193#define GSS_C_NO_BUFFER ((gss_buffer_t) 0) 194#define GSS_C_NO_OID ((gss_OID) 0) 195#define GSS_C_NO_OID_SET ((gss_OID_set) 0) 196#define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0) 197#define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0) 198#define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0) 199#define GSS_C_EMPTY_BUFFER {0, NULL} 200 201/* 202 * Some alternate names for a couple of the above values. These are defined 203 * for V1 compatibility. 204 */ 205#define GSS_C_NULL_OID GSS_C_NO_OID 206#define GSS_C_NULL_OID_SET GSS_C_NO_OID_SET 207 208/* 209 * Define the default Quality of Protection for per-message services. Note 210 * that an implementation that offers multiple levels of QOP may either reserve 211 * a value (for example zero, as assumed here) to mean "default protection", or 212 * alternatively may simply equate GSS_C_QOP_DEFAULT to a specific explicit 213 * QOP value. However a value of 0 should always be interpreted by a GSSAPI 214 * implementation as a request for the default protection level. 215 */ 216#define GSS_C_QOP_DEFAULT 0 217 218/* 219 * Expiration time of 2^32-1 seconds means infinite lifetime for a 220 * credential or security context 221 */ 222#define GSS_C_INDEFINITE ((OM_uint32) 0xfffffffful) 223 224 225/* Major status codes */ 226 227#define GSS_S_COMPLETE 0 228 229/* 230 * Some "helper" definitions to make the status code macros obvious. 231 */ 232#define GSS_C_CALLING_ERROR_OFFSET 24 233#define GSS_C_ROUTINE_ERROR_OFFSET 16 234#define GSS_C_SUPPLEMENTARY_OFFSET 0 235#define GSS_C_CALLING_ERROR_MASK ((OM_uint32) 0377ul) 236#define GSS_C_ROUTINE_ERROR_MASK ((OM_uint32) 0377ul) 237#define GSS_C_SUPPLEMENTARY_MASK ((OM_uint32) 0177777ul) 238 239/* 240 * The macros that test status codes for error conditions. Note that the 241 * GSS_ERROR() macro has changed slightly from the V1 GSSAPI so that it now 242 * evaluates its argument only once. 243 */ 244#define GSS_CALLING_ERROR(x) \ 245 ((x) & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET)) 246#define GSS_ROUTINE_ERROR(x) \ 247 ((x) & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)) 248#define GSS_SUPPLEMENTARY_INFO(x) \ 249 ((x) & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET)) 250#define GSS_ERROR(x) \ 251 ((x) & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) | \ 252 (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))) 253 254/* 255 * Now the actual status code definitions 256 */ 257 258/* 259 * Calling errors: 260 */ 261#define GSS_S_CALL_INACCESSIBLE_READ \ 262 (((OM_uint32) 1ul) << GSS_C_CALLING_ERROR_OFFSET) 263#define GSS_S_CALL_INACCESSIBLE_WRITE \ 264 (((OM_uint32) 2ul) << GSS_C_CALLING_ERROR_OFFSET) 265#define GSS_S_CALL_BAD_STRUCTURE \ 266 (((OM_uint32) 3ul) << GSS_C_CALLING_ERROR_OFFSET) 267 268/* 269 * Routine errors: 270 */ 271#define GSS_S_BAD_MECH (((OM_uint32) 1ul) << GSS_C_ROUTINE_ERROR_OFFSET) 272#define GSS_S_BAD_NAME (((OM_uint32) 2ul) << GSS_C_ROUTINE_ERROR_OFFSET) 273#define GSS_S_BAD_NAMETYPE (((OM_uint32) 3ul) << GSS_C_ROUTINE_ERROR_OFFSET) 274#define GSS_S_BAD_BINDINGS (((OM_uint32) 4ul) << GSS_C_ROUTINE_ERROR_OFFSET) 275#define GSS_S_BAD_STATUS (((OM_uint32) 5ul) << GSS_C_ROUTINE_ERROR_OFFSET) 276#define GSS_S_BAD_SIG (((OM_uint32) 6ul) << GSS_C_ROUTINE_ERROR_OFFSET) 277#define GSS_S_BAD_MIC GSS_S_BAD_SIG 278#define GSS_S_NO_CRED (((OM_uint32) 7ul) << GSS_C_ROUTINE_ERROR_OFFSET) 279#define GSS_S_NO_CONTEXT (((OM_uint32) 8ul) << GSS_C_ROUTINE_ERROR_OFFSET) 280#define GSS_S_DEFECTIVE_TOKEN (((OM_uint32) 9ul) << GSS_C_ROUTINE_ERROR_OFFSET) 281#define GSS_S_DEFECTIVE_CREDENTIAL \ 282 (((OM_uint32) 10ul) << GSS_C_ROUTINE_ERROR_OFFSET) 283#define GSS_S_CREDENTIALS_EXPIRED \ 284 (((OM_uint32) 11ul) << GSS_C_ROUTINE_ERROR_OFFSET) 285#define GSS_S_CONTEXT_EXPIRED \ 286 (((OM_uint32) 12ul) << GSS_C_ROUTINE_ERROR_OFFSET) 287#define GSS_S_FAILURE (((OM_uint32) 13ul) << GSS_C_ROUTINE_ERROR_OFFSET) 288#define GSS_S_BAD_QOP (((OM_uint32) 14ul) << GSS_C_ROUTINE_ERROR_OFFSET) 289#define GSS_S_UNAUTHORIZED (((OM_uint32) 15ul) << GSS_C_ROUTINE_ERROR_OFFSET) 290#define GSS_S_UNAVAILABLE (((OM_uint32) 16ul) << GSS_C_ROUTINE_ERROR_OFFSET) 291#define GSS_S_DUPLICATE_ELEMENT \ 292 (((OM_uint32) 17ul) << GSS_C_ROUTINE_ERROR_OFFSET) 293#define GSS_S_NAME_NOT_MN \ 294 (((OM_uint32) 18ul) << GSS_C_ROUTINE_ERROR_OFFSET) 295#define GSS_S_BAD_MECH_ATTR \ 296 (((OM_uint32) 19ul) << GSS_C_ROUTINE_ERROR_OFFSET) 297 298/* 299 * Supplementary info bits: 300 */ 301#define GSS_S_CONTINUE_NEEDED (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 0)) 302#define GSS_S_DUPLICATE_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 1)) 303#define GSS_S_OLD_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 2)) 304#define GSS_S_UNSEQ_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 3)) 305#define GSS_S_GAP_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 4)) 306 307 308/* 309 * Finally, function prototypes for the GSSAPI routines. 310 */ 311 312#if defined (_WIN32) && defined (_MSC_VER) 313# ifdef GSS_DLL_FILE 314# define GSS_DLLIMP __declspec(dllexport) 315# else 316# define GSS_DLLIMP __declspec(dllimport) 317# endif 318#else 319# define GSS_DLLIMP 320#endif 321 322/* Reserved static storage for GSS_oids. Comments are quotes from RFC 2744. 323 * 324 * The implementation must reserve static storage for a 325 * gss_OID_desc object containing the value 326 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x01"}, 327 * corresponding to an object-identifier value of 328 * {iso(1) member-body(2) United States(840) mit(113554) 329 * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant 330 * GSS_C_NT_USER_NAME should be initialized to point 331 * to that gss_OID_desc. 332 */ 333GSS_DLLIMP extern gss_OID GSS_C_NT_USER_NAME; 334 335/* 336 * The implementation must reserve static storage for a 337 * gss_OID_desc object containing the value 338 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x02"}, 339 * corresponding to an object-identifier value of 340 * {iso(1) member-body(2) United States(840) mit(113554) 341 * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}. 342 * The constant GSS_C_NT_MACHINE_UID_NAME should be 343 * initialized to point to that gss_OID_desc. 344 */ 345GSS_DLLIMP extern gss_OID GSS_C_NT_MACHINE_UID_NAME; 346 347/* 348 * The implementation must reserve static storage for a 349 * gss_OID_desc object containing the value 350 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x03"}, 351 * corresponding to an object-identifier value of 352 * {iso(1) member-body(2) United States(840) mit(113554) 353 * infosys(1) gssapi(2) generic(1) string_uid_name(3)}. 354 * The constant GSS_C_NT_STRING_UID_NAME should be 355 * initialized to point to that gss_OID_desc. 356 */ 357GSS_DLLIMP extern gss_OID GSS_C_NT_STRING_UID_NAME; 358 359/* 360 * The implementation must reserve static storage for a 361 * gss_OID_desc object containing the value 362 * {6, (void *)"\x2b\x06\x01\x05\x06\x02"}, 363 * corresponding to an object-identifier value of 364 * {iso(1) org(3) dod(6) internet(1) security(5) 365 * nametypes(6) gss-host-based-services(2)). The constant 366 * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point 367 * to that gss_OID_desc. This is a deprecated OID value, and 368 * implementations wishing to support hostbased-service names 369 * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID, 370 * defined below, to identify such names; 371 * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym 372 * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input 373 * parameter, but should not be emitted by GSS-API 374 * implementations 375 */ 376GSS_DLLIMP extern gss_OID GSS_C_NT_HOSTBASED_SERVICE_X; 377 378/* 379 * The implementation must reserve static storage for a 380 * gss_OID_desc object containing the value 381 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 382 * "\x01\x02\x01\x04"}, corresponding to an 383 * object-identifier value of {iso(1) member-body(2) 384 * Unites States(840) mit(113554) infosys(1) gssapi(2) 385 * generic(1) service_name(4)}. The constant 386 * GSS_C_NT_HOSTBASED_SERVICE should be initialized 387 * to point to that gss_OID_desc. 388 */ 389GSS_DLLIMP extern gss_OID GSS_C_NT_HOSTBASED_SERVICE; 390 391/* 392 * The implementation must reserve static storage for a 393 * gss_OID_desc object containing the value 394 * {6, (void *)"\x2b\x06\01\x05\x06\x03"}, 395 * corresponding to an object identifier value of 396 * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 397 * 6(nametypes), 3(gss-anonymous-name)}. The constant 398 * and GSS_C_NT_ANONYMOUS should be initialized to point 399 * to that gss_OID_desc. 400 */ 401GSS_DLLIMP extern gss_OID GSS_C_NT_ANONYMOUS; 402 403 404/* 405 * The implementation must reserve static storage for a 406 * gss_OID_desc object containing the value 407 * {6, (void *)"\x2b\x06\x01\x05\x06\x04"}, 408 * corresponding to an object-identifier value of 409 * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 410 * 6(nametypes), 4(gss-api-exported-name)}. The constant 411 * GSS_C_NT_EXPORT_NAME should be initialized to point 412 * to that gss_OID_desc. 413 */ 414GSS_DLLIMP extern gss_OID GSS_C_NT_EXPORT_NAME; 415 416/* Function Prototypes */ 417 418OM_uint32 KRB5_CALLCONV 419gss_acquire_cred( 420 OM_uint32 *, /* minor_status */ 421 gss_name_t, /* desired_name */ 422 OM_uint32, /* time_req */ 423 gss_OID_set, /* desired_mechs */ 424 gss_cred_usage_t, /* cred_usage */ 425 gss_cred_id_t *, /* output_cred_handle */ 426 gss_OID_set *, /* actual_mechs */ 427 OM_uint32 *); /* time_rec */ 428 429OM_uint32 KRB5_CALLCONV 430gss_release_cred( 431 OM_uint32 *, /* minor_status */ 432 gss_cred_id_t *); /* cred_handle */ 433 434OM_uint32 KRB5_CALLCONV 435gss_init_sec_context( 436 OM_uint32 *, /* minor_status */ 437 gss_cred_id_t, /* claimant_cred_handle */ 438 gss_ctx_id_t *, /* context_handle */ 439 gss_name_t, /* target_name */ 440 gss_OID, /* mech_type (used to be const) */ 441 OM_uint32, /* req_flags */ 442 OM_uint32, /* time_req */ 443 gss_channel_bindings_t, /* input_chan_bindings */ 444 gss_buffer_t, /* input_token */ 445 gss_OID *, /* actual_mech_type */ 446 gss_buffer_t, /* output_token */ 447 OM_uint32 *, /* ret_flags */ 448 OM_uint32 *); /* time_rec */ 449 450OM_uint32 KRB5_CALLCONV 451gss_accept_sec_context( 452 OM_uint32 *, /* minor_status */ 453 gss_ctx_id_t *, /* context_handle */ 454 gss_cred_id_t, /* acceptor_cred_handle */ 455 gss_buffer_t, /* input_token_buffer */ 456 gss_channel_bindings_t, /* input_chan_bindings */ 457 gss_name_t *, /* src_name */ 458 gss_OID *, /* mech_type */ 459 gss_buffer_t, /* output_token */ 460 OM_uint32 *, /* ret_flags */ 461 OM_uint32 *, /* time_rec */ 462 gss_cred_id_t *); /* delegated_cred_handle */ 463 464OM_uint32 KRB5_CALLCONV 465gss_process_context_token( 466 OM_uint32 *, /* minor_status */ 467 gss_ctx_id_t, /* context_handle */ 468 gss_buffer_t); /* token_buffer */ 469 470 471OM_uint32 KRB5_CALLCONV 472gss_delete_sec_context( 473 OM_uint32 *, /* minor_status */ 474 gss_ctx_id_t *, /* context_handle */ 475 gss_buffer_t); /* output_token */ 476 477 478OM_uint32 KRB5_CALLCONV 479gss_context_time( 480 OM_uint32 *, /* minor_status */ 481 gss_ctx_id_t, /* context_handle */ 482 OM_uint32 *); /* time_rec */ 483 484 485/* New for V2 */ 486OM_uint32 KRB5_CALLCONV 487gss_get_mic( 488 OM_uint32 *, /* minor_status */ 489 gss_ctx_id_t, /* context_handle */ 490 gss_qop_t, /* qop_req */ 491 gss_buffer_t, /* message_buffer */ 492 gss_buffer_t); /* message_token */ 493 494 495/* New for V2 */ 496OM_uint32 KRB5_CALLCONV 497gss_verify_mic(OM_uint32 *, /* minor_status */ 498 gss_ctx_id_t, /* context_handle */ 499 gss_buffer_t, /* message_buffer */ 500 gss_buffer_t, /* message_token */ 501 gss_qop_t * /* qop_state */ 502); 503 504/* New for V2 */ 505OM_uint32 KRB5_CALLCONV 506gss_wrap( 507 OM_uint32 *, /* minor_status */ 508 gss_ctx_id_t, /* context_handle */ 509 int, /* conf_req_flag */ 510 gss_qop_t, /* qop_req */ 511 gss_buffer_t, /* input_message_buffer */ 512 int *, /* conf_state */ 513 gss_buffer_t); /* output_message_buffer */ 514 515 516/* New for V2 */ 517OM_uint32 KRB5_CALLCONV 518gss_unwrap( 519 OM_uint32 *, /* minor_status */ 520 gss_ctx_id_t, /* context_handle */ 521 gss_buffer_t, /* input_message_buffer */ 522 gss_buffer_t, /* output_message_buffer */ 523 int *, /* conf_state */ 524 gss_qop_t *); /* qop_state */ 525 526 527OM_uint32 KRB5_CALLCONV 528gss_display_status( 529 OM_uint32 *, /* minor_status */ 530 OM_uint32, /* status_value */ 531 int, /* status_type */ 532 gss_OID, /* mech_type (used to be const) */ 533 OM_uint32 *, /* message_context */ 534 gss_buffer_t); /* status_string */ 535 536 537OM_uint32 KRB5_CALLCONV 538gss_indicate_mechs( 539 OM_uint32 *, /* minor_status */ 540 gss_OID_set *); /* mech_set */ 541 542 543OM_uint32 KRB5_CALLCONV 544gss_compare_name( 545 OM_uint32 *, /* minor_status */ 546 gss_name_t, /* name1 */ 547 gss_name_t, /* name2 */ 548 int *); /* name_equal */ 549 550 551OM_uint32 KRB5_CALLCONV 552gss_display_name( 553 OM_uint32 *, /* minor_status */ 554 gss_name_t, /* input_name */ 555 gss_buffer_t, /* output_name_buffer */ 556 gss_OID *); /* output_name_type */ 557 558 559OM_uint32 KRB5_CALLCONV 560gss_import_name( 561 OM_uint32 *, /* minor_status */ 562 gss_buffer_t, /* input_name_buffer */ 563 gss_OID, /* input_name_type(used to be const) */ 564 gss_name_t *); /* output_name */ 565 566OM_uint32 KRB5_CALLCONV 567gss_release_name( 568 OM_uint32 *, /* minor_status */ 569 gss_name_t *); /* input_name */ 570 571OM_uint32 KRB5_CALLCONV 572gss_release_buffer( 573 OM_uint32 *, /* minor_status */ 574 gss_buffer_t); /* buffer */ 575 576OM_uint32 KRB5_CALLCONV 577gss_release_oid_set( 578 OM_uint32 *, /* minor_status */ 579 gss_OID_set *); /* set */ 580 581OM_uint32 KRB5_CALLCONV 582gss_inquire_cred( 583 OM_uint32 *, /* minor_status */ 584 gss_cred_id_t, /* cred_handle */ 585 gss_name_t *, /* name */ 586 OM_uint32 *, /* lifetime */ 587 gss_cred_usage_t *, /* cred_usage */ 588 gss_OID_set *); /* mechanisms */ 589 590/* Last argument new for V2 */ 591OM_uint32 KRB5_CALLCONV 592gss_inquire_context( 593 OM_uint32 *, /* minor_status */ 594 gss_ctx_id_t, /* context_handle */ 595 gss_name_t *, /* src_name */ 596 gss_name_t *, /* targ_name */ 597 OM_uint32 *, /* lifetime_rec */ 598 gss_OID *, /* mech_type */ 599 OM_uint32 *, /* ctx_flags */ 600 int *, /* locally_initiated */ 601 int *); /* open */ 602 603/* New for V2 */ 604OM_uint32 KRB5_CALLCONV 605gss_wrap_size_limit( 606 OM_uint32 *, /* minor_status */ 607 gss_ctx_id_t, /* context_handle */ 608 int, /* conf_req_flag */ 609 gss_qop_t, /* qop_req */ 610 OM_uint32, /* req_output_size */ 611 OM_uint32 *); /* max_input_size */ 612 613/* New for V2 */ 614OM_uint32 KRB5_CALLCONV 615gss_import_name_object( 616 OM_uint32 *, /* minor_status */ 617 void *, /* input_name */ 618 gss_OID, /* input_name_type */ 619 gss_name_t *); /* output_name */ 620 621/* New for V2 */ 622OM_uint32 KRB5_CALLCONV 623gss_export_name_object( 624 OM_uint32 *, /* minor_status */ 625 gss_name_t, /* input_name */ 626 gss_OID, /* desired_name_type */ 627 void **); /* output_name */ 628 629/* New for V2 */ 630OM_uint32 KRB5_CALLCONV 631gss_add_cred( 632 OM_uint32 *, /* minor_status */ 633 gss_cred_id_t, /* input_cred_handle */ 634 gss_name_t, /* desired_name */ 635 gss_OID, /* desired_mech */ 636 gss_cred_usage_t, /* cred_usage */ 637 OM_uint32, /* initiator_time_req */ 638 OM_uint32, /* acceptor_time_req */ 639 gss_cred_id_t *, /* output_cred_handle */ 640 gss_OID_set *, /* actual_mechs */ 641 OM_uint32 *, /* initiator_time_rec */ 642 OM_uint32 *); /* acceptor_time_rec */ 643 644/* New for V2 */ 645OM_uint32 KRB5_CALLCONV 646gss_inquire_cred_by_mech( 647 OM_uint32 *, /* minor_status */ 648 gss_cred_id_t, /* cred_handle */ 649 gss_OID, /* mech_type */ 650 gss_name_t *, /* name */ 651 OM_uint32 *, /* initiator_lifetime */ 652 OM_uint32 *, /* acceptor_lifetime */ 653 gss_cred_usage_t *); /* cred_usage */ 654 655/* New for V2 */ 656OM_uint32 KRB5_CALLCONV 657gss_export_sec_context( 658 OM_uint32 *, /* minor_status */ 659 gss_ctx_id_t *, /* context_handle */ 660 gss_buffer_t); /* interprocess_token */ 661 662/* New for V2 */ 663OM_uint32 KRB5_CALLCONV 664gss_import_sec_context( 665 OM_uint32 *, /* minor_status */ 666 gss_buffer_t, /* interprocess_token */ 667 gss_ctx_id_t *); /* context_handle */ 668 669/* New for V2 */ 670OM_uint32 KRB5_CALLCONV 671gss_release_oid( 672 OM_uint32 *, /* minor_status */ 673 gss_OID *); /* oid */ 674 675/* New for V2 */ 676OM_uint32 KRB5_CALLCONV 677gss_create_empty_oid_set( 678 OM_uint32 *, /* minor_status */ 679 gss_OID_set *); /* oid_set */ 680 681/* New for V2 */ 682OM_uint32 KRB5_CALLCONV 683gss_add_oid_set_member( 684 OM_uint32 *, /* minor_status */ 685 gss_OID, /* member_oid */ 686 gss_OID_set *); /* oid_set */ 687 688/* New for V2 */ 689OM_uint32 KRB5_CALLCONV 690gss_test_oid_set_member( 691 OM_uint32 *, /* minor_status */ 692 gss_OID, /* member */ 693 gss_OID_set, /* set */ 694 int *); /* present */ 695 696/* New for V2 */ 697OM_uint32 KRB5_CALLCONV 698gss_str_to_oid( 699 OM_uint32 *, /* minor_status */ 700 gss_buffer_t, /* oid_str */ 701 gss_OID *); /* oid */ 702 703/* New for V2 */ 704OM_uint32 KRB5_CALLCONV 705gss_oid_to_str( 706 OM_uint32 *, /* minor_status */ 707 gss_OID, /* oid */ 708 gss_buffer_t); /* oid_str */ 709 710/* New for V2 */ 711OM_uint32 KRB5_CALLCONV 712gss_inquire_names_for_mech( 713 OM_uint32 *, /* minor_status */ 714 gss_OID, /* mechanism */ 715 gss_OID_set *); /* name_types */ 716 717/* New for V2 */ 718OM_uint32 KRB5_CALLCONV 719gss_inquire_mechs_for_name( 720 OM_uint32 *, /* minor_status */ 721 const gss_name_t, /* input_name */ 722 gss_OID_set *); /* mech_types */ 723 724/* 725 * The following routines are obsolete variants of gss_get_mic, gss_wrap, 726 * gss_verify_mic and gss_unwrap. They should be provided by GSSAPI V2 727 * implementations for backwards compatibility with V1 applications. Distinct 728 * entrypoints (as opposed to #defines) should be provided, to allow GSSAPI 729 * V1 applications to link against GSSAPI V2 implementations. 730 */ 731OM_uint32 KRB5_CALLCONV 732gss_sign( 733 OM_uint32 *, /* minor_status */ 734 gss_ctx_id_t, /* context_handle */ 735 int, /* qop_req */ 736 gss_buffer_t, /* message_buffer */ 737 gss_buffer_t); /* message_token */ 738 739OM_uint32 KRB5_CALLCONV 740gss_verify( 741 OM_uint32 *, /* minor_status */ 742 gss_ctx_id_t, /* context_handle */ 743 gss_buffer_t, /* message_buffer */ 744 gss_buffer_t, /* token_buffer */ 745 int *); /* qop_state */ 746 747OM_uint32 KRB5_CALLCONV 748gss_seal( 749 OM_uint32 *, /* minor_status */ 750 gss_ctx_id_t, /* context_handle */ 751 int, /* conf_req_flag */ 752 int, /* qop_req */ 753 gss_buffer_t, /* input_message_buffer */ 754 int *, /* conf_state */ 755 gss_buffer_t); /* output_message_buffer */ 756 757OM_uint32 KRB5_CALLCONV 758gss_unseal( 759 OM_uint32 *, /* minor_status */ 760 gss_ctx_id_t, /* context_handle */ 761 gss_buffer_t, /* input_message_buffer */ 762 gss_buffer_t, /* output_message_buffer */ 763 int *, /* conf_state */ 764 int *); /* qop_state */ 765 766/* New for V2 */ 767OM_uint32 KRB5_CALLCONV 768gss_export_name( 769 OM_uint32 *, /* minor_status */ 770 const gss_name_t, /* input_name */ 771 gss_buffer_t); /* exported_name */ 772 773/* New for V2 */ 774OM_uint32 KRB5_CALLCONV 775gss_duplicate_name( 776 OM_uint32 *, /* minor_status */ 777 const gss_name_t, /* input_name */ 778 gss_name_t *); /* dest_name */ 779 780/* New for V2 */ 781OM_uint32 KRB5_CALLCONV 782gss_canonicalize_name( 783 OM_uint32 *, /* minor_status */ 784 const gss_name_t, /* input_name */ 785 const gss_OID, /* mech_type */ 786 gss_name_t *); /* output_name */ 787 788/* RFC 4401 */ 789 790#define GSS_C_PRF_KEY_FULL 0 791#define GSS_C_PRF_KEY_PARTIAL 1 792 793OM_uint32 KRB5_CALLCONV 794gss_pseudo_random( 795 OM_uint32 *, /* minor_status */ 796 gss_ctx_id_t, /* context */ 797 int, /* prf_key */ 798 const gss_buffer_t, /* prf_in */ 799 ssize_t, /* desired_output_len */ 800 gss_buffer_t); /* prf_out */ 801 802OM_uint32 KRB5_CALLCONV 803gss_store_cred( 804 OM_uint32 *, /* minor_status */ 805 const gss_cred_id_t,/* input_cred_handle */ 806 gss_cred_usage_t, /* input_usage */ 807 const gss_OID, /* desired_mech */ 808 OM_uint32, /* overwrite_cred */ 809 OM_uint32, /* default_cred */ 810 gss_OID_set *, /* elements_stored */ 811 gss_cred_usage_t *);/* cred_usage_stored */ 812 813OM_uint32 KRB5_CALLCONV 814gss_set_neg_mechs( 815 OM_uint32 *, /* minor_status */ 816 gss_cred_id_t, /* cred_handle */ 817 const gss_OID_set); /* mech_set */ 818 819#if defined(TARGET_OS_MAC) && TARGET_OS_MAC 820# pragma pack(pop) 821#endif 822 823#ifdef __cplusplus 824} 825#endif 826 827/* XXXX these are not part of the GSSAPI C bindings! (but should be) */ 828 829#define GSS_CALLING_ERROR_FIELD(x) \ 830 (((x) >> GSS_C_CALLING_ERROR_OFFSET) & GSS_C_CALLING_ERROR_MASK) 831#define GSS_ROUTINE_ERROR_FIELD(x) \ 832 (((x) >> GSS_C_ROUTINE_ERROR_OFFSET) & GSS_C_ROUTINE_ERROR_MASK) 833#define GSS_SUPPLEMENTARY_INFO_FIELD(x) \ 834 (((x) >> GSS_C_SUPPLEMENTARY_OFFSET) & GSS_C_SUPPLEMENTARY_MASK) 835 836/* XXXX This is a necessary evil until the spec is fixed */ 837#define GSS_S_CRED_UNAVAIL GSS_S_FAILURE 838 839/* 840 * RFC 5587 841 */ 842typedef const gss_buffer_desc *gss_const_buffer_t; 843typedef const struct gss_channel_bindings_struct *gss_const_channel_bindings_t; 844typedef const struct gss_ctx_id_struct *gss_const_ctx_id_t; 845typedef const struct gss_cred_id_struct *gss_const_cred_id_t; 846typedef const struct gss_name_struct *gss_const_name_t; 847typedef const gss_OID_desc *gss_const_OID; 848typedef const gss_OID_set_desc *gss_const_OID_set; 849 850OM_uint32 KRB5_CALLCONV 851gss_indicate_mechs_by_attrs( 852 OM_uint32 *, /* minor_status */ 853 gss_const_OID_set, /* desired_mech_attrs */ 854 gss_const_OID_set, /* except_mech_attrs */ 855 gss_const_OID_set, /* critical_mech_attrs */ 856 gss_OID_set *); /* mechs */ 857 858OM_uint32 KRB5_CALLCONV 859gss_inquire_attrs_for_mech( 860 OM_uint32 *, /* minor_status */ 861 gss_const_OID, /* mech */ 862 gss_OID_set *, /* mech_attrs */ 863 gss_OID_set *); /* known_mech_attrs */ 864 865OM_uint32 KRB5_CALLCONV 866gss_display_mech_attr( 867 OM_uint32 *, /* minor_status */ 868 gss_const_OID, /* mech_attr */ 869 gss_buffer_t, /* name */ 870 gss_buffer_t, /* short_desc */ 871 gss_buffer_t); /* long_desc */ 872 873GSS_DLLIMP extern gss_const_OID GSS_C_MA_MECH_CONCRETE; 874GSS_DLLIMP extern gss_const_OID GSS_C_MA_MECH_PSEUDO; 875GSS_DLLIMP extern gss_const_OID GSS_C_MA_MECH_COMPOSITE; 876GSS_DLLIMP extern gss_const_OID GSS_C_MA_MECH_NEGO; 877GSS_DLLIMP extern gss_const_OID GSS_C_MA_MECH_GLUE; 878GSS_DLLIMP extern gss_const_OID GSS_C_MA_NOT_MECH; 879GSS_DLLIMP extern gss_const_OID GSS_C_MA_DEPRECATED; 880GSS_DLLIMP extern gss_const_OID GSS_C_MA_NOT_DFLT_MECH; 881GSS_DLLIMP extern gss_const_OID GSS_C_MA_ITOK_FRAMED; 882GSS_DLLIMP extern gss_const_OID GSS_C_MA_AUTH_INIT; 883GSS_DLLIMP extern gss_const_OID GSS_C_MA_AUTH_TARG; 884GSS_DLLIMP extern gss_const_OID GSS_C_MA_AUTH_INIT_INIT; 885GSS_DLLIMP extern gss_const_OID GSS_C_MA_AUTH_TARG_INIT; 886GSS_DLLIMP extern gss_const_OID GSS_C_MA_AUTH_INIT_ANON; 887GSS_DLLIMP extern gss_const_OID GSS_C_MA_AUTH_TARG_ANON; 888GSS_DLLIMP extern gss_const_OID GSS_C_MA_DELEG_CRED; 889GSS_DLLIMP extern gss_const_OID GSS_C_MA_INTEG_PROT; 890GSS_DLLIMP extern gss_const_OID GSS_C_MA_CONF_PROT; 891GSS_DLLIMP extern gss_const_OID GSS_C_MA_MIC; 892GSS_DLLIMP extern gss_const_OID GSS_C_MA_WRAP; 893GSS_DLLIMP extern gss_const_OID GSS_C_MA_PROT_READY; 894GSS_DLLIMP extern gss_const_OID GSS_C_MA_REPLAY_DET; 895GSS_DLLIMP extern gss_const_OID GSS_C_MA_OOS_DET; 896GSS_DLLIMP extern gss_const_OID GSS_C_MA_CBINDINGS; 897GSS_DLLIMP extern gss_const_OID GSS_C_MA_PFS; 898GSS_DLLIMP extern gss_const_OID GSS_C_MA_COMPRESS; 899GSS_DLLIMP extern gss_const_OID GSS_C_MA_CTX_TRANS; 900 901/* 902 * RFC 5801 903 */ 904OM_uint32 KRB5_CALLCONV 905gss_inquire_saslname_for_mech( 906 OM_uint32 *, /* minor_status */ 907 const gss_OID, /* desired_mech */ 908 gss_buffer_t, /* sasl_mech_name */ 909 gss_buffer_t, /* mech_name */ 910 gss_buffer_t /* mech_description */ 911); 912 913OM_uint32 KRB5_CALLCONV 914gss_inquire_mech_for_saslname( 915 OM_uint32 *, /* minor_status */ 916 const gss_buffer_t, /* sasl_mech_name */ 917 gss_OID * /* mech_type */ 918); 919 920#endif /* _GSSAPI_H_ */ 921