2 * Copyright 1993 by OpenVision Technologies, Inc.
4 * Permission to use, copy, modify, distribute, and sell this software
5 * and its documentation for any purpose is hereby granted without fee,
6 * provided that the above copyright notice appears in all copies and
7 * that both that copyright notice and this permission notice appear in
8 * supporting documentation, and that the name of OpenVision not be used
9 * in advertising or publicity pertaining to distribution of the software
10 * without specific, written prior permission. OpenVision makes no
11 * representations about the suitability of this software for any
12 * purpose. It is provided "as is" without express or implied warranty.
14 * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
15 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
16 * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR
17 * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
18 * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
19 * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
20 * PERFORMANCE OF THIS SOFTWARE.
26 /* for general config: */
27 #include "k5-config.h"
29 /* for prototype-related config: */
30 #include "base-defs.h"
37 * First, define the platform-dependent types.
39 typedef krb5_ui_4 OM_uint32;
40 typedef void FAR * gss_name_t;
41 typedef void FAR * gss_cred_id_t;
42 typedef void FAR * gss_ctx_id_t;
45 * Note that a platform supporting the xom.h X/Open header file
46 * may make use of that header for the definitions of OM_uint32
47 * and the structure to which gss_OID_desc equates.
50 typedef struct gss_OID_desc_struct {
53 } gss_OID_desc, FAR *gss_OID;
55 typedef const gss_OID_desc FAR * const const_gss_OID;
57 typedef struct gss_OID_set_desc_struct {
60 } gss_OID_set_desc, FAR *gss_OID_set;
62 typedef struct gss_buffer_desc_struct {
65 } gss_buffer_desc, FAR *gss_buffer_t;
67 typedef struct gss_channel_bindings_struct {
68 OM_uint32 initiator_addrtype;
69 gss_buffer_desc initiator_address;
70 OM_uint32 acceptor_addrtype;
71 gss_buffer_desc acceptor_address;
72 gss_buffer_desc application_data;
73 } FAR *gss_channel_bindings_t;
77 * Six independent flags each of which indicates that a context
78 * supports a specific service option.
80 #define GSS_C_DELEG_FLAG 1
81 #define GSS_C_MUTUAL_FLAG 2
82 #define GSS_C_REPLAY_FLAG 4
83 #define GSS_C_SEQUENCE_FLAG 8
84 #define GSS_C_CONF_FLAG 16
85 #define GSS_C_INTEG_FLAG 32
89 * Credential usage options
92 #define GSS_C_INITIATE 1
93 #define GSS_C_ACCEPT 2
96 * Status code types for gss_display_status
98 #define GSS_C_GSS_CODE 1
99 #define GSS_C_MECH_CODE 2
102 * The constant definitions for channel-bindings address families
104 #define GSS_C_AF_UNSPEC 0
105 #define GSS_C_AF_LOCAL 1
106 #define GSS_C_AF_INET 2
107 #define GSS_C_AF_IMPLINK 3
108 #define GSS_C_AF_PUP 4
109 #define GSS_C_AF_CHAOS 5
110 #define GSS_C_AF_NS 6
111 #define GSS_C_AF_NBS 7
112 #define GSS_C_AF_ECMA 8
113 #define GSS_C_AF_DATAKIT 9
114 #define GSS_C_AF_CCITT 10
115 #define GSS_C_AF_SNA 11
116 #define GSS_C_AF_DECnet 12
117 #define GSS_C_AF_DLI 13
118 #define GSS_C_AF_LAT 14
119 #define GSS_C_AF_HYLINK 15
120 #define GSS_C_AF_APPLETALK 16
121 #define GSS_C_AF_BSC 17
122 #define GSS_C_AF_DSS 18
123 #define GSS_C_AF_OSI 19
124 #define GSS_C_AF_X25 21
126 #define GSS_C_AF_NULLADDR 255
128 #define GSS_C_NO_BUFFER ((gss_buffer_t) 0)
129 #define GSS_C_NULL_OID ((gss_OID) 0)
130 #define GSS_C_NULL_OID_SET ((gss_OID_set) 0)
131 #define GSS_C_NO_NAME ((gss_name_t) 0)
132 #define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0)
133 #define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0)
134 #define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0)
135 #define GSS_C_EMPTY_BUFFER {0, NULL}
138 * Define the default Quality of Protection for per-message
139 * services. Note that an implementation that offers multiple
140 * levels of QOP may either reserve a value (for example zero,
141 * as assumed here) to mean "default protection", or alternatively
142 * may simply equate GSS_C_QOP_DEFAULT to a specific explicit QOP
145 #define GSS_C_QOP_DEFAULT 0
148 * Expiration time of 2^32-1 seconds means infinite lifetime for a
149 * credential or security context
151 #define GSS_C_INDEFINITE 0xffffffff
154 /* Major status codes */
156 #define GSS_S_COMPLETE 0
159 * Some "helper" definitions to make the status code macros obvious.
161 #define GSS_C_CALLING_ERROR_OFFSET 24
162 #define GSS_C_ROUTINE_ERROR_OFFSET 16
163 #define GSS_C_SUPPLEMENTARY_OFFSET 0
164 #define GSS_C_CALLING_ERROR_MASK 0377
165 #define GSS_C_ROUTINE_ERROR_MASK 0377
166 #define GSS_C_SUPPLEMENTARY_MASK 0177777
169 * The macros that test status codes for error conditions
171 #define GSS_CALLING_ERROR(x) \
172 ((x) & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET))
173 #define GSS_ROUTINE_ERROR(x) \
174 ((x) & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))
175 #define GSS_SUPPLEMENTARY_INFO(x) \
176 ((x) & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET))
177 #define GSS_ERROR(x) \
178 ((GSS_CALLING_ERROR(x) != 0) || (GSS_ROUTINE_ERROR(x) != 0))
180 /* XXXX these are not part of the GSSAPI C bindings! (but should be) */
182 #define GSS_CALLING_ERROR_FIELD(x) \
183 (((x) >> GSS_C_CALLING_ERROR_OFFSET) & GSS_C_CALLING_ERROR_MASK)
184 #define GSS_ROUTINE_ERROR_FIELD(x) \
185 (((x) >> GSS_C_ROUTINE_ERROR_OFFSET) & GSS_C_ROUTINE_ERROR_MASK)
186 #define GSS_SUPPLEMENTARY_INFO_FIELD(x) \
187 (((x) >> GSS_C_SUPPLEMENTARY_OFFSET) & GSS_C_SUPPLEMENTARY_MASK)
190 * Now the actual status code definitions
196 #define GSS_S_CALL_INACCESSIBLE_READ \
197 (1 << GSS_C_CALLING_ERROR_OFFSET)
198 #define GSS_S_CALL_INACCESSIBLE_WRITE \
199 (2 << GSS_C_CALLING_ERROR_OFFSET)
200 #define GSS_S_CALL_BAD_STRUCTURE \
201 (3 << GSS_C_CALLING_ERROR_OFFSET)
206 #define GSS_S_BAD_MECH (1 << GSS_C_ROUTINE_ERROR_OFFSET)
207 #define GSS_S_BAD_NAME (2 << GSS_C_ROUTINE_ERROR_OFFSET)
208 #define GSS_S_BAD_NAMETYPE (3 << GSS_C_ROUTINE_ERROR_OFFSET)
209 #define GSS_S_BAD_BINDINGS (4 << GSS_C_ROUTINE_ERROR_OFFSET)
210 #define GSS_S_BAD_STATUS (5 << GSS_C_ROUTINE_ERROR_OFFSET)
211 #define GSS_S_BAD_SIG (6 << GSS_C_ROUTINE_ERROR_OFFSET)
212 #define GSS_S_NO_CRED (7 << GSS_C_ROUTINE_ERROR_OFFSET)
213 #define GSS_S_NO_CONTEXT (8 << GSS_C_ROUTINE_ERROR_OFFSET)
214 #define GSS_S_DEFECTIVE_TOKEN (9 << GSS_C_ROUTINE_ERROR_OFFSET)
215 #define GSS_S_DEFECTIVE_CREDENTIAL (10 << GSS_C_ROUTINE_ERROR_OFFSET)
216 #define GSS_S_CREDENTIALS_EXPIRED (11 << GSS_C_ROUTINE_ERROR_OFFSET)
217 #define GSS_S_CONTEXT_EXPIRED (12 << GSS_C_ROUTINE_ERROR_OFFSET)
218 #define GSS_S_FAILURE (13 << GSS_C_ROUTINE_ERROR_OFFSET)
219 /* XXXX This is a necessary evil until the spec is fixed */
220 #define GSS_S_CRED_UNAVAIL GSS_S_FAILURE
223 * Supplementary info bits:
225 #define GSS_S_CONTINUE_NEEDED (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 0))
226 #define GSS_S_DUPLICATE_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 1))
227 #define GSS_S_OLD_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 2))
228 #define GSS_S_UNSEQ_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 3))
232 * Finally, function prototypes for the GSSAPI routines.
235 OM_uint32 INTERFACE gss_acquire_cred
236 PROTOTYPE( (OM_uint32 FAR *, /* minor_status */
237 gss_name_t, /* desired_name */
238 OM_uint32, /* time_req */
239 gss_OID_set, /* desired_mechs */
240 int, /* cred_usage */
241 gss_cred_id_t FAR *,/* output_cred_handle */
242 gss_OID_set FAR *, /* actual_mechs */
243 OM_uint32 FAR * /* time_rec */
246 OM_uint32 INTERFACE gss_release_cred
247 PROTOTYPE( (OM_uint32 FAR *, /* minor_status */
248 gss_cred_id_t FAR * /* cred_handle */
251 OM_uint32 INTERFACE gss_init_sec_context
252 PROTOTYPE( (OM_uint32 FAR *, /* minor_status */
253 gss_cred_id_t, /* claimant_cred_handle */
254 gss_ctx_id_t FAR *, /* context_handle */
255 gss_name_t, /* target_name */
256 const_gss_OID, /* mech_type */
258 OM_uint32, /* time_req */
259 gss_channel_bindings_t,
260 /* input_chan_bindings */
261 gss_buffer_t, /* input_token */
262 gss_OID FAR *, /* actual_mech_type */
263 gss_buffer_t, /* output_token */
264 int FAR *, /* ret_flags */
265 OM_uint32 FAR * /* time_rec */
268 OM_uint32 INTERFACE gss_accept_sec_context
269 PROTOTYPE( (OM_uint32 FAR *, /* minor_status */
270 gss_ctx_id_t FAR *, /* context_handle */
271 gss_cred_id_t, /* verifier_cred_handle */
272 gss_buffer_t, /* input_token_buffer */
273 gss_channel_bindings_t,
274 /* input_chan_bindings */
275 gss_name_t FAR *, /* src_name */
276 gss_OID FAR *, /* mech_type */
277 gss_buffer_t, /* output_token */
278 int FAR *, /* ret_flags */
279 OM_uint32 FAR *, /* time_rec */
280 gss_cred_id_t FAR * /* delegated_cred_handle */
283 OM_uint32 INTERFACE gss_process_context_token
284 PROTOTYPE( (OM_uint32 FAR *, /* minor_status */
285 gss_ctx_id_t, /* context_handle */
286 gss_buffer_t /* token_buffer */
289 OM_uint32 INTERFACE gss_delete_sec_context
290 PROTOTYPE( (OM_uint32 FAR *, /* minor_status */
291 gss_ctx_id_t FAR *, /* context_handle */
292 gss_buffer_t /* output_token */
295 OM_uint32 INTERFACE gss_context_time
296 PROTOTYPE( (OM_uint32 FAR *, /* minor_status */
297 gss_ctx_id_t, /* context_handle */
298 OM_uint32 FAR * /* time_rec */
301 OM_uint32 INTERFACE gss_sign
302 PROTOTYPE( (OM_uint32 FAR *, /* minor_status */
303 gss_ctx_id_t, /* context_handle */
305 gss_buffer_t, /* message_buffer */
306 gss_buffer_t /* message_token */
309 OM_uint32 INTERFACE gss_verify
310 PROTOTYPE( (OM_uint32 FAR *, /* minor_status */
311 gss_ctx_id_t, /* context_handle */
312 gss_buffer_t, /* message_buffer */
313 gss_buffer_t, /* token_buffer */
314 int FAR * /* qop_state */
317 OM_uint32 INTERFACE gss_seal
318 PROTOTYPE( (OM_uint32 FAR *, /* minor_status */
319 gss_ctx_id_t, /* context_handle */
320 int, /* conf_req_flag */
322 gss_buffer_t, /* input_message_buffer */
323 int FAR *, /* conf_state */
324 gss_buffer_t /* output_message_buffer */
327 OM_uint32 INTERFACE gss_unseal
328 PROTOTYPE( (OM_uint32 FAR *, /* minor_status */
329 gss_ctx_id_t, /* context_handle */
330 gss_buffer_t, /* input_message_buffer */
331 gss_buffer_t, /* output_message_buffer */
332 int FAR *, /* conf_state */
333 int FAR * /* qop_state */
336 OM_uint32 INTERFACE gss_display_status
337 PROTOTYPE( (OM_uint32 FAR *, /* minor_status */
338 OM_uint32, /* status_value */
339 int, /* status_type */
340 const_gss_OID, /* mech_type */
341 int FAR *, /* message_context */
342 gss_buffer_t /* status_string */
345 OM_uint32 INTERFACE gss_indicate_mechs
346 PROTOTYPE( (OM_uint32 FAR *, /* minor_status */
347 gss_OID_set FAR * /* mech_set */
350 OM_uint32 INTERFACE gss_compare_name
351 PROTOTYPE( (OM_uint32 FAR *, /* minor_status */
352 gss_name_t, /* name1 */
353 gss_name_t, /* name2 */
354 int FAR * /* name_equal */
357 OM_uint32 INTERFACE gss_display_name
358 PROTOTYPE( (OM_uint32 FAR *, /* minor_status */
359 gss_name_t, /* input_name */
360 gss_buffer_t, /* output_name_buffer */
361 gss_OID FAR * /* output_name_type */
364 OM_uint32 INTERFACE gss_import_name
365 PROTOTYPE( (OM_uint32 FAR *, /* minor_status */
366 gss_buffer_t, /* input_name_buffer */
367 const_gss_OID, /* input_name_type */
368 gss_name_t FAR * /* output_name */
371 OM_uint32 INTERFACE gss_release_name
372 PROTOTYPE( (OM_uint32 FAR *, /* minor_status */
373 gss_name_t FAR * /* input_name */
376 OM_uint32 INTERFACE gss_release_buffer
377 PROTOTYPE( (OM_uint32 FAR *, /* minor_status */
378 gss_buffer_t /* buffer */
381 OM_uint32 INTERFACE gss_release_oid_set
382 PROTOTYPE( (OM_uint32 FAR *, /* minor_status */
383 gss_OID_set FAR * /* set */
386 OM_uint32 INTERFACE gss_inquire_cred
387 PROTOTYPE( (OM_uint32 FAR *, /* minor_status */
388 gss_cred_id_t, /* cred_handle */
389 gss_name_t FAR *, /* name */
390 OM_uint32 FAR *, /* lifetime */
391 int FAR *, /* cred_usage */
392 gss_OID_set FAR * /* mechanisms */
395 OM_uint32 INTERFACE gss_inquire_context
396 PROTOTYPE( (OM_uint32 FAR *, /* minor_status */
397 gss_ctx_id_t, /* context_handle */
398 gss_name_t FAR *, /* initiator_name */
399 gss_name_t FAR *, /* acceptor_name */
400 OM_uint32 FAR *, /* lifetime_rec */
401 gss_OID FAR *, /* mech_type */
402 int FAR *, /* ret_flags */
403 int FAR * /* locally_initiated */
407 #endif /* _GSSAPI_H_ */