/* [<][>][^][v][top][bottom][index][help] */
1 /*
2 * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 /* $Id$ */
35
36 #ifndef GSSAPI_GSSAPI_H_
37 #define GSSAPI_GSSAPI_H_
38
39 /*
40 * First, include stddef.h to get size_t defined.
41 */
42 #include <stddef.h>
43
44 #include <krb5-types.h>
45
46 #ifndef BUILD_GSSAPI_LIB
47 #if defined(_WIN32)
48 #define GSSAPI_LIB_FUNCTION _stdcall __declspec(dllimport)
49 #define GSSAPI_LIB_VARIABLE __declspec(dllimport)
50 #else
51 #define GSSAPI_LIB_FUNCTION
52 #define GSSAPI_LIB_VARIABLE
53 #endif
54 #endif
55
56 /*
57 * Now define the three implementation-dependent types.
58 */
59
60 typedef uint32_t OM_uint32;
61 typedef uint64_t OM_uint64;
62
63 typedef uint32_t gss_uint32;
64
65 struct gss_name_t_desc_struct;
66 typedef struct gss_name_t_desc_struct *gss_name_t;
67
68 struct gss_ctx_id_t_desc_struct;
69 typedef struct gss_ctx_id_t_desc_struct *gss_ctx_id_t;
70
71 typedef struct gss_OID_desc_struct {
72 OM_uint32 length;
73 void *elements;
74 } gss_OID_desc, *gss_OID;
75
76 typedef struct gss_OID_set_desc_struct {
77 size_t count;
78 gss_OID elements;
79 } gss_OID_set_desc, *gss_OID_set;
80
81 typedef int gss_cred_usage_t;
82
83 struct gss_cred_id_t_desc_struct;
84 typedef struct gss_cred_id_t_desc_struct *gss_cred_id_t;
85
86 typedef struct gss_buffer_desc_struct {
87 size_t length;
88 void *value;
89 } gss_buffer_desc, *gss_buffer_t;
90
91 typedef struct gss_channel_bindings_struct {
92 OM_uint32 initiator_addrtype;
93 gss_buffer_desc initiator_address;
94 OM_uint32 acceptor_addrtype;
95 gss_buffer_desc acceptor_address;
96 gss_buffer_desc application_data;
97 } *gss_channel_bindings_t;
98
99 /* GGF extension data types */
100 typedef struct gss_buffer_set_desc_struct {
101 size_t count;
102 gss_buffer_desc *elements;
103 } gss_buffer_set_desc, *gss_buffer_set_t;
104
105 /*
106 * For now, define a QOP-type as an OM_uint32
107 */
108 typedef OM_uint32 gss_qop_t;
109
110 /*
111 * Flag bits for context-level services.
112 */
113 #define GSS_C_DELEG_FLAG 1
114 #define GSS_C_MUTUAL_FLAG 2
115 #define GSS_C_REPLAY_FLAG 4
116 #define GSS_C_SEQUENCE_FLAG 8
117 #define GSS_C_CONF_FLAG 16
118 #define GSS_C_INTEG_FLAG 32
119 #define GSS_C_ANON_FLAG 64
120 #define GSS_C_PROT_READY_FLAG 128
121 #define GSS_C_TRANS_FLAG 256
122
123 #define GSS_C_DCE_STYLE 4096
124 #define GSS_C_IDENTIFY_FLAG 8192
125 #define GSS_C_EXTENDED_ERROR_FLAG 16384
126 #define GSS_C_DELEG_POLICY_FLAG 32768
127
128 /*
129 * Credential usage options
130 */
131 #define GSS_C_BOTH 0
132 #define GSS_C_INITIATE 1
133 #define GSS_C_ACCEPT 2
134
135 /*
136 * Status code types for gss_display_status
137 */
138 #define GSS_C_GSS_CODE 1
139 #define GSS_C_MECH_CODE 2
140
141 /*
142 * The constant definitions for channel-bindings address families
143 */
144 #define GSS_C_AF_UNSPEC 0
145 #define GSS_C_AF_LOCAL 1
146 #define GSS_C_AF_INET 2
147 #define GSS_C_AF_IMPLINK 3
148 #define GSS_C_AF_PUP 4
149 #define GSS_C_AF_CHAOS 5
150 #define GSS_C_AF_NS 6
151 #define GSS_C_AF_NBS 7
152 #define GSS_C_AF_ECMA 8
153 #define GSS_C_AF_DATAKIT 9
154 #define GSS_C_AF_CCITT 10
155 #define GSS_C_AF_SNA 11
156 #define GSS_C_AF_DECnet 12
157 #define GSS_C_AF_DLI 13
158 #define GSS_C_AF_LAT 14
159 #define GSS_C_AF_HYLINK 15
160 #define GSS_C_AF_APPLETALK 16
161 #define GSS_C_AF_BSC 17
162 #define GSS_C_AF_DSS 18
163 #define GSS_C_AF_OSI 19
164 #define GSS_C_AF_X25 21
165 #define GSS_C_AF_INET6 24
166
167 #define GSS_C_AF_NULLADDR 255
168
169 /*
170 * Various Null values
171 */
172 #define GSS_C_NO_NAME ((gss_name_t) 0)
173 #define GSS_C_NO_BUFFER ((gss_buffer_t) 0)
174 #define GSS_C_NO_BUFFER_SET ((gss_buffer_set_t) 0)
175 #define GSS_C_NO_OID ((gss_OID) 0)
176 #define GSS_C_NO_OID_SET ((gss_OID_set) 0)
177 #define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0)
178 #define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0)
179 #define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0)
180 #define GSS_C_EMPTY_BUFFER {0, NULL}
181
182 /*
183 * Some alternate names for a couple of the above
184 * values. These are defined for V1 compatibility.
185 */
186 #define GSS_C_NULL_OID GSS_C_NO_OID
187 #define GSS_C_NULL_OID_SET GSS_C_NO_OID_SET
188
189 /*
190 * Define the default Quality of Protection for per-message
191 * services. Note that an implementation that offers multiple
192 * levels of QOP may define GSS_C_QOP_DEFAULT to be either zero
193 * (as done here) to mean "default protection", or to a specific
194 * explicit QOP value. However, a value of 0 should always be
195 * interpreted by a GSSAPI implementation as a request for the
196 * default protection level.
197 */
198 #define GSS_C_QOP_DEFAULT 0
199
200 #define GSS_KRB5_CONF_C_QOP_DES 0x0100
201 #define GSS_KRB5_CONF_C_QOP_DES3_KD 0x0200
202
203 /*
204 * Expiration time of 2^32-1 seconds means infinite lifetime for a
205 * credential or security context
206 */
207 #define GSS_C_INDEFINITE 0xfffffffful
208
209 #ifdef __cplusplus
210 extern "C" {
211 #endif
212
213 /*
214 * The implementation must reserve static storage for a
215 * gss_OID_desc object containing the value
216 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
217 * "\x01\x02\x01\x01"},
218 * corresponding to an object-identifier value of
219 * {iso(1) member-body(2) United States(840) mit(113554)
220 * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant
221 * GSS_C_NT_USER_NAME should be initialized to point
222 * to that gss_OID_desc.
223 */
224 extern GSSAPI_LIB_VARIABLE gss_OID GSS_C_NT_USER_NAME;
225
226 /*
227 * The implementation must reserve static storage for a
228 * gss_OID_desc object containing the value
229 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
230 * "\x01\x02\x01\x02"},
231 * corresponding to an object-identifier value of
232 * {iso(1) member-body(2) United States(840) mit(113554)
233 * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}.
234 * The constant GSS_C_NT_MACHINE_UID_NAME should be
235 * initialized to point to that gss_OID_desc.
236 */
237 extern GSSAPI_LIB_VARIABLE gss_OID GSS_C_NT_MACHINE_UID_NAME;
238
239 /*
240 * The implementation must reserve static storage for a
241 * gss_OID_desc object containing the value
242 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
243 * "\x01\x02\x01\x03"},
244 * corresponding to an object-identifier value of
245 * {iso(1) member-body(2) United States(840) mit(113554)
246 * infosys(1) gssapi(2) generic(1) string_uid_name(3)}.
247 * The constant GSS_C_NT_STRING_UID_NAME should be
248 * initialized to point to that gss_OID_desc.
249 */
250 extern GSSAPI_LIB_VARIABLE gss_OID GSS_C_NT_STRING_UID_NAME;
251
252 /*
253 * The implementation must reserve static storage for a
254 * gss_OID_desc object containing the value
255 * {6, (void *)"\x2b\x06\x01\x05\x06\x02"},
256 * corresponding to an object-identifier value of
257 * {iso(1) org(3) dod(6) internet(1) security(5)
258 * nametypes(6) gss-host-based-services(2)). The constant
259 * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point
260 * to that gss_OID_desc. This is a deprecated OID value, and
261 * implementations wishing to support hostbased-service names
262 * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID,
263 * defined below, to identify such names;
264 * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym
265 * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input
266 * parameter, but should not be emitted by GSS-API
267 * implementations
268 */
269 extern GSSAPI_LIB_VARIABLE gss_OID GSS_C_NT_HOSTBASED_SERVICE_X;
270
271 /*
272 * The implementation must reserve static storage for a
273 * gss_OID_desc object containing the value
274 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
275 * "\x01\x02\x01\x04"}, corresponding to an
276 * object-identifier value of {iso(1) member-body(2)
277 * Unites States(840) mit(113554) infosys(1) gssapi(2)
278 * generic(1) service_name(4)}. The constant
279 * GSS_C_NT_HOSTBASED_SERVICE should be initialized
280 * to point to that gss_OID_desc.
281 */
282 extern GSSAPI_LIB_VARIABLE gss_OID GSS_C_NT_HOSTBASED_SERVICE;
283
284 /*
285 * The implementation must reserve static storage for a
286 * gss_OID_desc object containing the value
287 * {6, (void *)"\x2b\x06\01\x05\x06\x03"},
288 * corresponding to an object identifier value of
289 * {1(iso), 3(org), 6(dod), 1(internet), 5(security),
290 * 6(nametypes), 3(gss-anonymous-name)}. The constant
291 * and GSS_C_NT_ANONYMOUS should be initialized to point
292 * to that gss_OID_desc.
293 */
294 extern GSSAPI_LIB_VARIABLE gss_OID GSS_C_NT_ANONYMOUS;
295
296 /*
297 * The implementation must reserve static storage for a
298 * gss_OID_desc object containing the value
299 * {6, (void *)"\x2b\x06\x01\x05\x06\x04"},
300 * corresponding to an object-identifier value of
301 * {1(iso), 3(org), 6(dod), 1(internet), 5(security),
302 * 6(nametypes), 4(gss-api-exported-name)}. The constant
303 * GSS_C_NT_EXPORT_NAME should be initialized to point
304 * to that gss_OID_desc.
305 */
306 extern GSSAPI_LIB_VARIABLE gss_OID GSS_C_NT_EXPORT_NAME;
307
308 /*
309 * Digest mechanism
310 */
311
312 extern GSSAPI_LIB_VARIABLE gss_OID GSS_SASL_DIGEST_MD5_MECHANISM;
313
314 /*
315 * NTLM mechanism
316 */
317
318 extern GSSAPI_LIB_VARIABLE gss_OID GSS_NTLM_MECHANISM;
319
320 /* Major status codes */
321
322 #define GSS_S_COMPLETE 0
323
324 /*
325 * Some "helper" definitions to make the status code macros obvious.
326 */
327 #define GSS_C_CALLING_ERROR_OFFSET 24
328 #define GSS_C_ROUTINE_ERROR_OFFSET 16
329 #define GSS_C_SUPPLEMENTARY_OFFSET 0
330 #define GSS_C_CALLING_ERROR_MASK 0377ul
331 #define GSS_C_ROUTINE_ERROR_MASK 0377ul
332 #define GSS_C_SUPPLEMENTARY_MASK 0177777ul
333
334 /*
335 * The macros that test status codes for error conditions.
336 * Note that the GSS_ERROR() macro has changed slightly from
337 * the V1 GSSAPI so that it now evaluates its argument
338 * only once.
339 */
340 #define GSS_CALLING_ERROR(x) \
341 (x & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET))
342 #define GSS_ROUTINE_ERROR(x) \
343 (x & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))
344 #define GSS_SUPPLEMENTARY_INFO(x) \
345 (x & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET))
346 #define GSS_ERROR(x) \
347 (x & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) | \
348 (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)))
349
350 /*
351 * Now the actual status code definitions
352 */
353
354 /*
355 * Calling errors:
356 */
357 #define GSS_S_CALL_INACCESSIBLE_READ \
358 (1ul << GSS_C_CALLING_ERROR_OFFSET)
359 #define GSS_S_CALL_INACCESSIBLE_WRITE \
360 (2ul << GSS_C_CALLING_ERROR_OFFSET)
361 #define GSS_S_CALL_BAD_STRUCTURE \
362 (3ul << GSS_C_CALLING_ERROR_OFFSET)
363
364 /*
365 * Routine errors:
366 */
367 #define GSS_S_BAD_MECH (1ul << GSS_C_ROUTINE_ERROR_OFFSET)
368 #define GSS_S_BAD_NAME (2ul << GSS_C_ROUTINE_ERROR_OFFSET)
369 #define GSS_S_BAD_NAMETYPE (3ul << GSS_C_ROUTINE_ERROR_OFFSET)
370
371 #define GSS_S_BAD_BINDINGS (4ul << GSS_C_ROUTINE_ERROR_OFFSET)
372 #define GSS_S_BAD_STATUS (5ul << GSS_C_ROUTINE_ERROR_OFFSET)
373 #define GSS_S_BAD_SIG (6ul << GSS_C_ROUTINE_ERROR_OFFSET)
374 #define GSS_S_BAD_MIC GSS_S_BAD_SIG
375 #define GSS_S_NO_CRED (7ul << GSS_C_ROUTINE_ERROR_OFFSET)
376 #define GSS_S_NO_CONTEXT (8ul << GSS_C_ROUTINE_ERROR_OFFSET)
377 #define GSS_S_DEFECTIVE_TOKEN (9ul << GSS_C_ROUTINE_ERROR_OFFSET)
378 #define GSS_S_DEFECTIVE_CREDENTIAL (10ul << GSS_C_ROUTINE_ERROR_OFFSET)
379 #define GSS_S_CREDENTIALS_EXPIRED (11ul << GSS_C_ROUTINE_ERROR_OFFSET)
380 #define GSS_S_CONTEXT_EXPIRED (12ul << GSS_C_ROUTINE_ERROR_OFFSET)
381 #define GSS_S_FAILURE (13ul << GSS_C_ROUTINE_ERROR_OFFSET)
382 #define GSS_S_BAD_QOP (14ul << GSS_C_ROUTINE_ERROR_OFFSET)
383 #define GSS_S_UNAUTHORIZED (15ul << GSS_C_ROUTINE_ERROR_OFFSET)
384 #define GSS_S_UNAVAILABLE (16ul << GSS_C_ROUTINE_ERROR_OFFSET)
385 #define GSS_S_DUPLICATE_ELEMENT (17ul << GSS_C_ROUTINE_ERROR_OFFSET)
386 #define GSS_S_NAME_NOT_MN (18ul << GSS_C_ROUTINE_ERROR_OFFSET)
387
388 /*
389 * Supplementary info bits:
390 */
391 #define GSS_S_CONTINUE_NEEDED (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 0))
392 #define GSS_S_DUPLICATE_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 1))
393 #define GSS_S_OLD_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 2))
394 #define GSS_S_UNSEQ_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 3))
395 #define GSS_S_GAP_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 4))
396
397 /*
398 * Finally, function prototypes for the GSS-API routines.
399 */
400
401 OM_uint32 GSSAPI_LIB_FUNCTION gss_acquire_cred
402 (OM_uint32 * /*minor_status*/,
403 const gss_name_t /*desired_name*/,
404 OM_uint32 /*time_req*/,
405 const gss_OID_set /*desired_mechs*/,
406 gss_cred_usage_t /*cred_usage*/,
407 gss_cred_id_t * /*output_cred_handle*/,
408 gss_OID_set * /*actual_mechs*/,
409 OM_uint32 * /*time_rec*/
410 );
411
412 OM_uint32 GSSAPI_LIB_FUNCTION gss_release_cred
413 (OM_uint32 * /*minor_status*/,
414 gss_cred_id_t * /*cred_handle*/
415 );
416
417 OM_uint32 GSSAPI_LIB_FUNCTION gss_init_sec_context
418 (OM_uint32 * /*minor_status*/,
419 const gss_cred_id_t /*initiator_cred_handle*/,
420 gss_ctx_id_t * /*context_handle*/,
421 const gss_name_t /*target_name*/,
422 const gss_OID /*mech_type*/,
423 OM_uint32 /*req_flags*/,
424 OM_uint32 /*time_req*/,
425 const gss_channel_bindings_t /*input_chan_bindings*/,
426 const gss_buffer_t /*input_token*/,
427 gss_OID * /*actual_mech_type*/,
428 gss_buffer_t /*output_token*/,
429 OM_uint32 * /*ret_flags*/,
430 OM_uint32 * /*time_rec*/
431 );
432
433 OM_uint32 GSSAPI_LIB_FUNCTION gss_accept_sec_context
434 (OM_uint32 * /*minor_status*/,
435 gss_ctx_id_t * /*context_handle*/,
436 const gss_cred_id_t /*acceptor_cred_handle*/,
437 const gss_buffer_t /*input_token_buffer*/,
438 const gss_channel_bindings_t /*input_chan_bindings*/,
439 gss_name_t * /*src_name*/,
440 gss_OID * /*mech_type*/,
441 gss_buffer_t /*output_token*/,
442 OM_uint32 * /*ret_flags*/,
443 OM_uint32 * /*time_rec*/,
444 gss_cred_id_t * /*delegated_cred_handle*/
445 );
446
447 OM_uint32 GSSAPI_LIB_FUNCTION gss_process_context_token
448 (OM_uint32 * /*minor_status*/,
449 const gss_ctx_id_t /*context_handle*/,
450 const gss_buffer_t /*token_buffer*/
451 );
452
453 OM_uint32 GSSAPI_LIB_FUNCTION gss_delete_sec_context
454 (OM_uint32 * /*minor_status*/,
455 gss_ctx_id_t * /*context_handle*/,
456 gss_buffer_t /*output_token*/
457 );
458
459 OM_uint32 GSSAPI_LIB_FUNCTION gss_context_time
460 (OM_uint32 * /*minor_status*/,
461 const gss_ctx_id_t /*context_handle*/,
462 OM_uint32 * /*time_rec*/
463 );
464
465 OM_uint32 GSSAPI_LIB_FUNCTION gss_get_mic
466 (OM_uint32 * /*minor_status*/,
467 const gss_ctx_id_t /*context_handle*/,
468 gss_qop_t /*qop_req*/,
469 const gss_buffer_t /*message_buffer*/,
470 gss_buffer_t /*message_token*/
471 );
472
473 OM_uint32 GSSAPI_LIB_FUNCTION gss_verify_mic
474 (OM_uint32 * /*minor_status*/,
475 const gss_ctx_id_t /*context_handle*/,
476 const gss_buffer_t /*message_buffer*/,
477 const gss_buffer_t /*token_buffer*/,
478 gss_qop_t * /*qop_state*/
479 );
480
481 OM_uint32 GSSAPI_LIB_FUNCTION gss_wrap
482 (OM_uint32 * /*minor_status*/,
483 const gss_ctx_id_t /*context_handle*/,
484 int /*conf_req_flag*/,
485 gss_qop_t /*qop_req*/,
486 const gss_buffer_t /*input_message_buffer*/,
487 int * /*conf_state*/,
488 gss_buffer_t /*output_message_buffer*/
489 );
490
491 OM_uint32 GSSAPI_LIB_FUNCTION gss_unwrap
492 (OM_uint32 * /*minor_status*/,
493 const gss_ctx_id_t /*context_handle*/,
494 const gss_buffer_t /*input_message_buffer*/,
495 gss_buffer_t /*output_message_buffer*/,
496 int * /*conf_state*/,
497 gss_qop_t * /*qop_state*/
498 );
499
500 OM_uint32 GSSAPI_LIB_FUNCTION gss_display_status
501 (OM_uint32 * /*minor_status*/,
502 OM_uint32 /*status_value*/,
503 int /*status_type*/,
504 const gss_OID /*mech_type*/,
505 OM_uint32 * /*message_context*/,
506 gss_buffer_t /*status_string*/
507 );
508
509 OM_uint32 GSSAPI_LIB_FUNCTION gss_indicate_mechs
510 (OM_uint32 * /*minor_status*/,
511 gss_OID_set * /*mech_set*/
512 );
513
514 OM_uint32 GSSAPI_LIB_FUNCTION gss_compare_name
515 (OM_uint32 * /*minor_status*/,
516 const gss_name_t /*name1*/,
517 const gss_name_t /*name2*/,
518 int * /*name_equal*/
519 );
520
521 OM_uint32 GSSAPI_LIB_FUNCTION gss_display_name
522 (OM_uint32 * /*minor_status*/,
523 const gss_name_t /*input_name*/,
524 gss_buffer_t /*output_name_buffer*/,
525 gss_OID * /*output_name_type*/
526 );
527
528 OM_uint32 GSSAPI_LIB_FUNCTION gss_import_name
529 (OM_uint32 * /*minor_status*/,
530 const gss_buffer_t /*input_name_buffer*/,
531 const gss_OID /*input_name_type*/,
532 gss_name_t * /*output_name*/
533 );
534
535 OM_uint32 GSSAPI_LIB_FUNCTION gss_export_name
536 (OM_uint32 * /*minor_status*/,
537 const gss_name_t /*input_name*/,
538 gss_buffer_t /*exported_name*/
539 );
540
541 OM_uint32 GSSAPI_LIB_FUNCTION gss_release_name
542 (OM_uint32 * /*minor_status*/,
543 gss_name_t * /*input_name*/
544 );
545
546 OM_uint32 GSSAPI_LIB_FUNCTION gss_release_buffer
547 (OM_uint32 * /*minor_status*/,
548 gss_buffer_t /*buffer*/
549 );
550
551 OM_uint32 GSSAPI_LIB_FUNCTION gss_release_oid_set
552 (OM_uint32 * /*minor_status*/,
553 gss_OID_set * /*set*/
554 );
555
556 OM_uint32 GSSAPI_LIB_FUNCTION gss_inquire_cred
557 (OM_uint32 * /*minor_status*/,
558 const gss_cred_id_t /*cred_handle*/,
559 gss_name_t * /*name*/,
560 OM_uint32 * /*lifetime*/,
561 gss_cred_usage_t * /*cred_usage*/,
562 gss_OID_set * /*mechanisms*/
563 );
564
565 OM_uint32 GSSAPI_LIB_FUNCTION gss_inquire_context (
566 OM_uint32 * /*minor_status*/,
567 const gss_ctx_id_t /*context_handle*/,
568 gss_name_t * /*src_name*/,
569 gss_name_t * /*targ_name*/,
570 OM_uint32 * /*lifetime_rec*/,
571 gss_OID * /*mech_type*/,
572 OM_uint32 * /*ctx_flags*/,
573 int * /*locally_initiated*/,
574 int * /*open_context*/
575 );
576
577 OM_uint32 GSSAPI_LIB_FUNCTION gss_wrap_size_limit (
578 OM_uint32 * /*minor_status*/,
579 const gss_ctx_id_t /*context_handle*/,
580 int /*conf_req_flag*/,
581 gss_qop_t /*qop_req*/,
582 OM_uint32 /*req_output_size*/,
583 OM_uint32 * /*max_input_size*/
584 );
585
586 OM_uint32 GSSAPI_LIB_FUNCTION gss_add_cred (
587 OM_uint32 * /*minor_status*/,
588 const gss_cred_id_t /*input_cred_handle*/,
589 const gss_name_t /*desired_name*/,
590 const gss_OID /*desired_mech*/,
591 gss_cred_usage_t /*cred_usage*/,
592 OM_uint32 /*initiator_time_req*/,
593 OM_uint32 /*acceptor_time_req*/,
594 gss_cred_id_t * /*output_cred_handle*/,
595 gss_OID_set * /*actual_mechs*/,
596 OM_uint32 * /*initiator_time_rec*/,
597 OM_uint32 * /*acceptor_time_rec*/
598 );
599
600 OM_uint32 GSSAPI_LIB_FUNCTION gss_inquire_cred_by_mech (
601 OM_uint32 * /*minor_status*/,
602 const gss_cred_id_t /*cred_handle*/,
603 const gss_OID /*mech_type*/,
604 gss_name_t * /*name*/,
605 OM_uint32 * /*initiator_lifetime*/,
606 OM_uint32 * /*acceptor_lifetime*/,
607 gss_cred_usage_t * /*cred_usage*/
608 );
609
610 OM_uint32 GSSAPI_LIB_FUNCTION gss_export_sec_context (
611 OM_uint32 * /*minor_status*/,
612 gss_ctx_id_t * /*context_handle*/,
613 gss_buffer_t /*interprocess_token*/
614 );
615
616 OM_uint32 GSSAPI_LIB_FUNCTION gss_import_sec_context (
617 OM_uint32 * /*minor_status*/,
618 const gss_buffer_t /*interprocess_token*/,
619 gss_ctx_id_t * /*context_handle*/
620 );
621
622 OM_uint32 GSSAPI_LIB_FUNCTION gss_create_empty_oid_set (
623 OM_uint32 * /*minor_status*/,
624 gss_OID_set * /*oid_set*/
625 );
626
627 OM_uint32 GSSAPI_LIB_FUNCTION gss_add_oid_set_member (
628 OM_uint32 * /*minor_status*/,
629 const gss_OID /*member_oid*/,
630 gss_OID_set * /*oid_set*/
631 );
632
633 OM_uint32 GSSAPI_LIB_FUNCTION gss_test_oid_set_member (
634 OM_uint32 * /*minor_status*/,
635 const gss_OID /*member*/,
636 const gss_OID_set /*set*/,
637 int * /*present*/
638 );
639
640 OM_uint32 GSSAPI_LIB_FUNCTION gss_inquire_names_for_mech (
641 OM_uint32 * /*minor_status*/,
642 const gss_OID /*mechanism*/,
643 gss_OID_set * /*name_types*/
644 );
645
646 OM_uint32 GSSAPI_LIB_FUNCTION gss_inquire_mechs_for_name (
647 OM_uint32 * /*minor_status*/,
648 const gss_name_t /*input_name*/,
649 gss_OID_set * /*mech_types*/
650 );
651
652 OM_uint32 GSSAPI_LIB_FUNCTION gss_canonicalize_name (
653 OM_uint32 * /*minor_status*/,
654 const gss_name_t /*input_name*/,
655 const gss_OID /*mech_type*/,
656 gss_name_t * /*output_name*/
657 );
658
659 OM_uint32 GSSAPI_LIB_FUNCTION gss_duplicate_name (
660 OM_uint32 * /*minor_status*/,
661 const gss_name_t /*src_name*/,
662 gss_name_t * /*dest_name*/
663 );
664
665 OM_uint32 GSSAPI_LIB_FUNCTION gss_duplicate_oid (
666 OM_uint32 * /* minor_status */,
667 gss_OID /* src_oid */,
668 gss_OID * /* dest_oid */
669 );
670
671 OM_uint32 GSSAPI_LIB_FUNCTION
672 gss_release_oid
673 (OM_uint32 * /*minor_status*/,
674 gss_OID * /* oid */
675 );
676
677 OM_uint32 GSSAPI_LIB_FUNCTION
678 gss_oid_to_str(
679 OM_uint32 * /*minor_status*/,
680 gss_OID /* oid */,
681 gss_buffer_t /* str */
682 );
683
684 OM_uint32 GSSAPI_LIB_FUNCTION
685 gss_inquire_sec_context_by_oid(
686 OM_uint32 * minor_status,
687 const gss_ctx_id_t context_handle,
688 const gss_OID desired_object,
689 gss_buffer_set_t *data_set
690 );
691
692 OM_uint32 GSSAPI_LIB_FUNCTION
693 gss_set_sec_context_option (OM_uint32 *minor_status,
694 gss_ctx_id_t *context_handle,
695 const gss_OID desired_object,
696 const gss_buffer_t value);
697
698 OM_uint32 GSSAPI_LIB_FUNCTION
699 gss_set_cred_option (OM_uint32 *minor_status,
700 gss_cred_id_t *cred_handle,
701 const gss_OID object,
702 const gss_buffer_t value);
703
704 int GSSAPI_LIB_FUNCTION
705 gss_oid_equal(const gss_OID a, const gss_OID b);
706
707 OM_uint32 GSSAPI_LIB_FUNCTION
708 gss_create_empty_buffer_set
709 (OM_uint32 * minor_status,
710 gss_buffer_set_t *buffer_set);
711
712 OM_uint32 GSSAPI_LIB_FUNCTION
713 gss_add_buffer_set_member
714 (OM_uint32 * minor_status,
715 const gss_buffer_t member_buffer,
716 gss_buffer_set_t *buffer_set);
717
718 OM_uint32 GSSAPI_LIB_FUNCTION
719 gss_release_buffer_set
720 (OM_uint32 * minor_status,
721 gss_buffer_set_t *buffer_set);
722
723 OM_uint32 GSSAPI_LIB_FUNCTION
724 gss_inquire_cred_by_oid(OM_uint32 *minor_status,
725 const gss_cred_id_t cred_handle,
726 const gss_OID desired_object,
727 gss_buffer_set_t *data_set);
728
729 /*
730 * RFC 4401
731 */
732
733 #define GSS_C_PRF_KEY_FULL 0
734 #define GSS_C_PRF_KEY_PARTIAL 1
735
736 OM_uint32 GSSAPI_LIB_FUNCTION
737 gss_pseudo_random
738 (OM_uint32 *minor_status,
739 gss_ctx_id_t context,
740 int prf_key,
741 const gss_buffer_t prf_in,
742 ssize_t desired_output_len,
743 gss_buffer_t prf_out
744 );
745
746 /*
747 * The following routines are obsolete variants of gss_get_mic,
748 * gss_verify_mic, gss_wrap and gss_unwrap. They should be
749 * provided by GSSAPI V2 implementations for backwards
750 * compatibility with V1 applications. Distinct entrypoints
751 * (as opposed to #defines) should be provided, both to allow
752 * GSSAPI V1 applications to link against GSSAPI V2 implementations,
753 * and to retain the slight parameter type differences between the
754 * obsolete versions of these routines and their current forms.
755 */
756
757 OM_uint32 GSSAPI_LIB_FUNCTION gss_sign
758 (OM_uint32 * /*minor_status*/,
759 gss_ctx_id_t /*context_handle*/,
760 int /*qop_req*/,
761 gss_buffer_t /*message_buffer*/,
762 gss_buffer_t /*message_token*/
763 );
764
765 OM_uint32 GSSAPI_LIB_FUNCTION gss_verify
766 (OM_uint32 * /*minor_status*/,
767 gss_ctx_id_t /*context_handle*/,
768 gss_buffer_t /*message_buffer*/,
769 gss_buffer_t /*token_buffer*/,
770 int * /*qop_state*/
771 );
772
773 OM_uint32 GSSAPI_LIB_FUNCTION gss_seal
774 (OM_uint32 * /*minor_status*/,
775 gss_ctx_id_t /*context_handle*/,
776 int /*conf_req_flag*/,
777 int /*qop_req*/,
778 gss_buffer_t /*input_message_buffer*/,
779 int * /*conf_state*/,
780 gss_buffer_t /*output_message_buffer*/
781 );
782
783 OM_uint32 GSSAPI_LIB_FUNCTION gss_unseal
784 (OM_uint32 * /*minor_status*/,
785 gss_ctx_id_t /*context_handle*/,
786 gss_buffer_t /*input_message_buffer*/,
787 gss_buffer_t /*output_message_buffer*/,
788 int * /*conf_state*/,
789 int * /*qop_state*/
790 );
791
792 /*
793 *
794 */
795
796 OM_uint32 GSSAPI_LIB_FUNCTION
797 gss_encapsulate_token(gss_buffer_t /* input_token */,
798 gss_OID /* oid */,
799 gss_buffer_t /* output_token */);
800
801 OM_uint32 GSSAPI_LIB_FUNCTION
802 gss_decapsulate_token(gss_buffer_t /* input_token */,
803 gss_OID /* oid */,
804 gss_buffer_t /* output_token */);
805
806
807
808 #ifdef __cplusplus
809 }
810 #endif
811
812 #include <gssapi/gssapi_krb5.h>
813 #include <gssapi/gssapi_spnego.h>
814
815 #endif /* GSSAPI_GSSAPI_H_ */