root/source4/auth/gensec/gensec_gssapi.h

/* [<][>][^][v][top][bottom][index][help] */

INCLUDED FROM


   1 /* 
   2    Unix SMB/CIFS implementation.
   3 
   4    Kerberos backend for GENSEC
   5    
   6    Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004-2005
   7    Copyright (C) Stefan Metzmacher <metze@samba.org> 2004-2005
   8 
   9    This program is free software; you can redistribute it and/or modify
  10    it under the terms of the GNU General Public License as published by
  11    the Free Software Foundation; either version 3 of the License, or
  12    (at your option) any later version.
  13    
  14    This program is distributed in the hope that it will be useful,
  15    but WITHOUT ANY WARRANTY; without even the implied warranty of
  16    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17    GNU General Public License for more details.
  18 
  19    
  20    You should have received a copy of the GNU General Public License
  21    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  22 */
  23 
  24 /* This structure described here, so the RPC-PAC test can get at the PAC provided */
  25 
  26 enum gensec_gssapi_sasl_state 
  27 {
  28         STAGE_GSS_NEG,
  29         STAGE_SASL_SSF_NEG,
  30         STAGE_SASL_SSF_ACCEPT,
  31         STAGE_DONE
  32 };
  33 
  34 #define NEG_SEAL 0x4
  35 #define NEG_SIGN 0x2
  36 #define NEG_NONE 0x1
  37 
  38 struct gensec_gssapi_state {
  39         gss_ctx_id_t gssapi_context;
  40         struct gss_channel_bindings_struct *input_chan_bindings;
  41         gss_name_t server_name;
  42         gss_name_t client_name;
  43         OM_uint32 want_flags, got_flags;
  44         gss_OID gss_oid;
  45 
  46         DATA_BLOB session_key;
  47         DATA_BLOB pac;
  48 
  49         struct smb_krb5_context *smb_krb5_context;
  50         struct gssapi_creds_container *client_cred;
  51         struct gssapi_creds_container *server_cred;
  52         gss_krb5_lucid_context_v1_t *lucid;
  53 
  54         gss_cred_id_t delegated_cred_handle;
  55 
  56         bool sasl; /* We have two different mechs in this file: One
  57                     * for SASL wrapped GSSAPI and another for normal
  58                     * GSSAPI */
  59         enum gensec_gssapi_sasl_state sasl_state;
  60         uint8_t sasl_protection; /* What was negotiated at the SASL
  61                                   * layer, independent of the GSSAPI
  62                                   * layer... */
  63 
  64         size_t max_wrap_buf_size;
  65         int gss_exchange_count;
  66         size_t sig_size;
  67 };
  68 

/* [<][>][^][v][top][bottom][index][help] */