/* [<][>][^][v][top][bottom][index][help] */
DEFINITIONS
This source file includes following definitions.
- gsskrb5_set_send_to_kdc
1 /*
2 * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 /* $Id$ */
35
36 #ifndef GSSAPI_KRB5_H_
37 #define GSSAPI_KRB5_H_
38
39 #include <gssapi/gssapi.h>
40
41 #ifdef __cplusplus
42 extern "C" {
43 #endif
44
45 #if !defined(__GNUC__) && !defined(__attribute__)
46 #define __attribute__(x)
47 #endif
48
49 #ifndef GSSKRB5_FUNCTION_DEPRECATED
50 #define GSSKRB5_FUNCTION_DEPRECATED __attribute__((deprecated))
51 #endif
52
53
54 /*
55 * This is for kerberos5 names.
56 */
57
58 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_NT_PRINCIPAL_NAME;
59 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_NT_USER_NAME;
60 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_NT_MACHINE_UID_NAME;
61 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_NT_STRING_UID_NAME;
62
63 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_MECHANISM;
64
65 /* for compatibility with MIT api */
66
67 #define gss_mech_krb5 GSS_KRB5_MECHANISM
68 #define gss_krb5_nt_general_name GSS_KRB5_NT_PRINCIPAL_NAME
69
70 /* Extensions set contexts options */
71 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_COPY_CCACHE_X;
72 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_COMPAT_DES3_MIC_X;
73 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X;
74 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_SET_DNS_CANONICALIZE_X;
75 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_SEND_TO_KDC_X;
76 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_SET_DEFAULT_REALM_X;
77 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_CCACHE_NAME_X;
78 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_SET_TIME_OFFSET_X;
79 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_GET_TIME_OFFSET_X;
80 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_PLUGIN_REGISTER_X;
81 /* Extensions inquire context */
82 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_GET_TKT_FLAGS_X;
83 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_X;
84 extern GSSAPI_LIB_VARIABLE gss_OID GSS_C_PEER_HAS_UPDATED_SPNEGO;
85 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_EXPORT_LUCID_CONTEXT_X;
86 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_EXPORT_LUCID_CONTEXT_V1_X;
87 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_GET_SUBKEY_X;
88 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_GET_INITIATOR_SUBKEY_X;
89 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_GET_ACCEPTOR_SUBKEY_X;
90 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_GET_AUTHTIME_X;
91 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_GET_SERVICE_KEYBLOCK_X;
92 /* Extensions creds */
93 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_IMPORT_CRED_X;
94 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X;
95 extern GSSAPI_LIB_VARIABLE gss_OID GSS_KRB5_CRED_NO_CI_FLAGS_X;
96
97 /*
98 * kerberos mechanism specific functions
99 */
100
101 struct krb5_keytab_data;
102 struct krb5_ccache_data;
103 struct Principal;
104
105 OM_uint32 GSSAPI_LIB_FUNCTION
106 gss_krb5_ccache_name(OM_uint32 * /*minor_status*/,
107 const char * /*name */,
108 const char ** /*out_name */);
109
110 OM_uint32 GSSAPI_LIB_FUNCTION gsskrb5_register_acceptor_identity
111 (const char */*identity*/);
112
113 OM_uint32 GSSAPI_LIB_FUNCTION krb5_gss_register_acceptor_identity
114 (const char */*identity*/);
115
116 OM_uint32 GSSAPI_LIB_FUNCTION gss_krb5_copy_ccache
117 (OM_uint32 */*minor*/,
118 gss_cred_id_t /*cred*/,
119 struct krb5_ccache_data */*out*/);
120
121 OM_uint32 GSSAPI_LIB_FUNCTION
122 gss_krb5_import_cred(OM_uint32 */*minor*/,
123 struct krb5_ccache_data * /*in*/,
124 struct Principal * /*keytab_principal*/,
125 struct krb5_keytab_data * /*keytab*/,
126 gss_cred_id_t */*out*/);
127
128 OM_uint32 GSSAPI_LIB_FUNCTION gss_krb5_get_tkt_flags
129 (OM_uint32 */*minor*/,
130 gss_ctx_id_t /*context_handle*/,
131 OM_uint32 */*tkt_flags*/);
132
133 OM_uint32 GSSAPI_LIB_FUNCTION
134 gsskrb5_extract_authz_data_from_sec_context
135 (OM_uint32 * /*minor_status*/,
136 gss_ctx_id_t /*context_handle*/,
137 int /*ad_type*/,
138 gss_buffer_t /*ad_data*/);
139
140 OM_uint32 GSSAPI_LIB_FUNCTION
141 gsskrb5_set_dns_canonicalize(int);
142
143 struct gsskrb5_send_to_kdc {
144 void *func;
145 void *ptr;
146 };
147
148 OM_uint32 GSSAPI_LIB_FUNCTION
149 gsskrb5_set_send_to_kdc(struct gsskrb5_send_to_kdc *)
/* [<][>][^][v][top][bottom][index][help] */
150 GSSKRB5_FUNCTION_DEPRECATED;
151
152 OM_uint32 GSSAPI_LIB_FUNCTION
153 gsskrb5_set_default_realm(const char *);
154
155 OM_uint32 GSSAPI_LIB_FUNCTION
156 gsskrb5_extract_authtime_from_sec_context(OM_uint32 *, gss_ctx_id_t, time_t *);
157
158 struct EncryptionKey;
159
160 OM_uint32 GSSAPI_LIB_FUNCTION
161 gsskrb5_extract_service_keyblock(OM_uint32 *minor_status,
162 gss_ctx_id_t context_handle,
163 struct EncryptionKey **out);
164 OM_uint32 GSSAPI_LIB_FUNCTION
165 gsskrb5_get_initiator_subkey(OM_uint32 *minor_status,
166 gss_ctx_id_t context_handle,
167 struct EncryptionKey **out);
168 OM_uint32 GSSAPI_LIB_FUNCTION
169 gsskrb5_get_subkey(OM_uint32 *minor_status,
170 gss_ctx_id_t context_handle,
171 struct EncryptionKey **out);
172
173 OM_uint32 GSSAPI_LIB_FUNCTION
174 gsskrb5_set_time_offset(int);
175
176 OM_uint32 GSSAPI_LIB_FUNCTION
177 gsskrb5_get_time_offset(int *);
178
179 struct gsskrb5_krb5_plugin {
180 int type;
181 char *name;
182 void *symbol;
183 };
184
185 OM_uint32 GSSAPI_LIB_FUNCTION
186 gsskrb5_plugin_register(struct gsskrb5_krb5_plugin *);
187
188
189 /*
190 * Lucid - NFSv4 interface to GSS-API KRB5 to expose key material to
191 * do GSS content token handling in-kernel.
192 */
193
194 typedef struct gss_krb5_lucid_key {
195 OM_uint32 type;
196 OM_uint32 length;
197 void * data;
198 } gss_krb5_lucid_key_t;
199
200 typedef struct gss_krb5_rfc1964_keydata {
201 OM_uint32 sign_alg;
202 OM_uint32 seal_alg;
203 gss_krb5_lucid_key_t ctx_key;
204 } gss_krb5_rfc1964_keydata_t;
205
206 typedef struct gss_krb5_cfx_keydata {
207 OM_uint32 have_acceptor_subkey;
208 gss_krb5_lucid_key_t ctx_key;
209 gss_krb5_lucid_key_t acceptor_subkey;
210 } gss_krb5_cfx_keydata_t;
211
212 typedef struct gss_krb5_lucid_context_v1 {
213 OM_uint32 version;
214 OM_uint32 initiate;
215 OM_uint32 endtime;
216 OM_uint64 send_seq;
217 OM_uint64 recv_seq;
218 OM_uint32 protocol;
219 gss_krb5_rfc1964_keydata_t rfc1964_kd;
220 gss_krb5_cfx_keydata_t cfx_kd;
221 } gss_krb5_lucid_context_v1_t;
222
223 typedef struct gss_krb5_lucid_context_version {
224 OM_uint32 version; /* Structure version number */
225 } gss_krb5_lucid_context_version_t;
226
227 /*
228 * Function declarations
229 */
230
231 OM_uint32 GSSAPI_LIB_FUNCTION
232 gss_krb5_export_lucid_sec_context(OM_uint32 *minor_status,
233 gss_ctx_id_t *context_handle,
234 OM_uint32 version,
235 void **kctx);
236
237
238 OM_uint32 GSSAPI_LIB_FUNCTION
239 gss_krb5_free_lucid_sec_context(OM_uint32 *minor_status,
240 void *kctx);
241
242
243 OM_uint32 GSSAPI_LIB_FUNCTION
244 gss_krb5_set_allowable_enctypes(OM_uint32 *minor_status,
245 gss_cred_id_t cred,
246 OM_uint32 num_enctypes,
247 int32_t *enctypes);
248
249 #ifdef __cplusplus
250 }
251 #endif
252
253 #endif /* GSSAPI_SPNEGO_H_ */