src/lib/gssapi/mechglue/mglueP.h

   1 /* #ident  "@(#)mglueP.h 1.2     96/01/18 SMI" */
   2
   3 /*
   4  * This header contains the private mechglue definitions.
   5  *
   6  * Copyright (c) 1995, by Sun Microsystems, Inc.
   7  * All rights reserved.
   8  */
   9
  10 #ifndef _GSS_MECHGLUEP_H
  11 #define _GSS_MECHGLUEP_H
  12
  13 #include "autoconf.h"
  14 #include "mechglue.h"
  15 #include "gssapiP_generic.h"
  16
  17 #define g_OID_copy(o1, o2)                                      \
  18 do {                                                            \
  19         memcpy((o1)->elements, (o2)->elements, (o2)->length);   \
  20         (o1)->length = (o2)->length;                            \
  21 } while (0)
  22
  23 #define GSS_EMPTY_BUFFER(buf)   ((buf) == NULL ||\
  24         (buf)->value == NULL || (buf)->length == 0)
  25
  26 /*
  27  * Array of context IDs typed by mechanism OID
  28  */
  29 typedef struct gss_union_ctx_id_t {
  30         gss_OID                 mech_type;
  31         gss_ctx_id_t            internal_ctx_id;
  32 } gss_union_ctx_id_desc, *gss_union_ctx_id_t;
  33
  34 /*
  35  * Generic GSSAPI names.  A name can either be a generic name, or a
  36  * mechanism specific name....
  37  */
  38 typedef struct gss_union_name_t {
  39         gss_OID                 name_type;
  40         gss_buffer_t            external_name;
  41         /*
  42          * These last two fields are only filled in for mechanism
  43          * names.
  44          */
  45         gss_OID                 mech_type;
  46         gss_name_t              mech_name;
  47 } gss_union_name_desc, *gss_union_name_t;
  48
  49 /*
  50  * Structure for holding list of mechanism-specific name types
  51  */
  52 typedef struct gss_mech_spec_name_t {
  53     gss_OID     name_type;
  54     gss_OID     mech;
  55     struct gss_mech_spec_name_t *next, *prev;
  56 } gss_mech_spec_name_desc, *gss_mech_spec_name;
  57
  58 /*
  59  * Credential auxiliary info, used in the credential structure
  60  */
  61 typedef struct gss_union_cred_auxinfo {
  62         gss_buffer_desc         name;
  63         gss_OID                 name_type;
  64         OM_uint32               creation_time;
  65         OM_uint32               time_rec;
  66         int                     cred_usage;
  67 } gss_union_cred_auxinfo;
  68
  69 /*
  70  * Set of Credentials typed on mechanism OID
  71  */
  72 typedef struct gss_union_cred_t {
  73         int                     count;
  74         gss_OID                 mechs_array;
  75         gss_cred_id_t           *cred_array;
  76         gss_union_cred_auxinfo  auxinfo;
  77 } gss_union_cred_desc, *gss_union_cred_t;
  78
  79 /********************************************************/
  80 /* The Mechanism Dispatch Table -- a mechanism needs to */
  81 /* define one of these and provide a function to return */
  82 /* it to initialize the GSSAPI library                  */
  83
  84 /*
  85  * This is the definition of the mechs_array struct, which is used to
  86  * define the mechs array table. This table is used to indirectly
  87  * access mechanism specific versions of the gssapi routines through
  88  * the routines in the glue module (gssd_mech_glue.c)
  89  *
  90  * This contants all of the functions defined in gssapi.h except for
  91  * gss_release_buffer() and gss_release_oid_set(), which I am
  92  * assuming, for now, to be equal across mechanisms.
  93  */
  94
  95 typedef struct gss_config {
  96     OM_uint32       priority;
  97     char *          mechNameStr;
  98     gss_OID_desc    mech_type;
  99     void *          context;
 100     OM_uint32       (*gss_acquire_cred)
 101         (
 102                     void*,              /* context */
 103                     OM_uint32*,         /* minor_status */
 104                     gss_name_t,         /* desired_name */
 105                     OM_uint32,          /* time_req */
 106                     gss_OID_set,        /* desired_mechs */
 107                     int,                /* cred_usage */
 108                     gss_cred_id_t*,     /* output_cred_handle */
 109                     gss_OID_set*,       /* actual_mechs */
 110                     OM_uint32*          /* time_rec */
 111                     );
 112     OM_uint32       (*gss_release_cred)
 113         (
 114                     void*,              /* context */
 115                     OM_uint32*,         /* minor_status */
 116                     gss_cred_id_t*      /* cred_handle */
 117                     );
 118     OM_uint32       (*gss_init_sec_context)
 119         (
 120                     void*,                      /* context */
 121                     OM_uint32*,                 /* minor_status */
 122                     gss_cred_id_t,              /* claimant_cred_handle */
 123                     gss_ctx_id_t*,              /* context_handle */
 124                     gss_name_t,                 /* target_name */
 125                     gss_OID,                    /* mech_type */
 126                     OM_uint32,                  /* req_flags */
 127                     OM_uint32,                  /* time_req */
 128                     gss_channel_bindings_t,     /* input_chan_bindings */
 129                     gss_buffer_t,               /* input_token */
 130                     gss_OID*,                   /* actual_mech_type */
 131                     gss_buffer_t,               /* output_token */
 132                     OM_uint32*,                 /* ret_flags */
 133                     OM_uint32*                  /* time_rec */
 134                     );
 135     OM_uint32       (*gss_accept_sec_context)
 136         (
 137                     void*,                      /* context */
 138                     OM_uint32*,                 /* minor_status */
 139                     gss_ctx_id_t*,              /* context_handle */
 140                     gss_cred_id_t,              /* verifier_cred_handle */
 141                     gss_buffer_t,               /* input_token_buffer */
 142                     gss_channel_bindings_t,     /* input_chan_bindings */
 143                     gss_name_t*,                /* src_name */
 144                     gss_OID*,                   /* mech_type */
 145                     gss_buffer_t,               /* output_token */
 146                     OM_uint32*,                 /* ret_flags */
 147                     OM_uint32*,                 /* time_rec */
 148                     gss_cred_id_t*              /* delegated_cred_handle */
 149                     );
 150     OM_uint32       (*gss_process_context_token)
 151         (
 152                     void*,              /* context */
 153                     OM_uint32*,         /* minor_status */
 154                     gss_ctx_id_t,       /* context_handle */
 155                     gss_buffer_t        /* token_buffer */
 156                     );
 157     OM_uint32       (*gss_delete_sec_context)
 158         (
 159                     void*,              /* context */
 160                     OM_uint32*,         /* minor_status */
 161                     gss_ctx_id_t*,      /* context_handle */
 162                     gss_buffer_t        /* output_token */
 163                     );
 164     OM_uint32       (*gss_context_time)
 165         (
 166                     void*,              /* context */
 167                     OM_uint32*,         /* minor_status */
 168                     gss_ctx_id_t,       /* context_handle */
 169                     OM_uint32*          /* time_rec */
 170                     );
 171     OM_uint32       (*gss_sign)
 172         (
 173                     void*,              /* context */
 174                     OM_uint32*,         /* minor_status */
 175                     gss_ctx_id_t,       /* context_handle */
 176                     int,                /* qop_req */
 177                     gss_buffer_t,       /* message_buffer */
 178                     gss_buffer_t        /* message_token */
 179                     );
 180     OM_uint32       (*gss_verify)
 181         (
 182                     void*,              /* context */
 183                     OM_uint32*,         /* minor_status */
 184                     gss_ctx_id_t,       /* context_handle */
 185                     gss_buffer_t,       /* message_buffer */
 186                     gss_buffer_t,       /* token_buffer */
 187                     int*                /* qop_state */
 188                     );
 189     OM_uint32       (*gss_seal)
 190         (
 191                     void*,              /* context */
 192                     OM_uint32*,         /* minor_status */
 193                     gss_ctx_id_t,       /* context_handle */
 194                     int,                /* conf_req_flag */
 195                     int,                /* qop_req */
 196                     gss_buffer_t,       /* input_message_buffer */
 197                     int*,               /* conf_state */
 198                     gss_buffer_t        /* output_message_buffer */
 199                     );
 200     OM_uint32       (*gss_unseal)
 201         (
 202                     void*,              /* context */
 203                     OM_uint32*,         /* minor_status */
 204                     gss_ctx_id_t,       /* context_handle */
 205                     gss_buffer_t,       /* input_message_buffer */
 206                     gss_buffer_t,       /* output_message_buffer */
 207                     int*,               /* conf_state */
 208                     int*                /* qop_state */
 209                     );
 210     OM_uint32       (*gss_display_status)
 211         (
 212                     void*,              /* context */
 213                     OM_uint32*,         /* minor_status */
 214                     OM_uint32,          /* status_value */
 215                     int,                /* status_type */
 216                     gss_OID,            /* mech_type */
 217                     OM_uint32*,         /* message_context */
 218                     gss_buffer_t        /* status_string */
 219                     );
 220     OM_uint32       (*gss_indicate_mechs)
 221         (
 222                     void*,              /* context */
 223                     OM_uint32*,         /* minor_status */
 224                     gss_OID_set*        /* mech_set */
 225                     );
 226     OM_uint32       (*gss_compare_name)
 227         (
 228                     void*,              /* context */
 229                     OM_uint32*,         /* minor_status */
 230                     gss_name_t,         /* name1 */
 231                     gss_name_t,         /* name2 */
 232                     int*                /* name_equal */
 233                     );
 234     OM_uint32       (*gss_display_name)
 235         (
 236                     void*,              /* context */
 237                     OM_uint32*,         /* minor_status */
 238                     gss_name_t,         /* input_name */
 239                     gss_buffer_t,       /* output_name_buffer */
 240                     gss_OID*            /* output_name_type */
 241                     );
 242     OM_uint32       (*gss_import_name)
 243         (
 244                     void*,              /* context */
 245                     OM_uint32*,         /* minor_status */
 246                     gss_buffer_t,       /* input_name_buffer */
 247                     gss_OID,            /* input_name_type */
 248                     gss_name_t*         /* output_name */
 249                     );
 250     OM_uint32       (*gss_release_name)
 251         (
 252                     void*,              /* context */
 253                     OM_uint32*,         /* minor_status */
 254                     gss_name_t*         /* input_name */
 255                     );
 256     OM_uint32       (*gss_inquire_cred)
 257         (
 258                     void*,                      /* context */
 259                     OM_uint32 *,                /* minor_status */
 260                     gss_cred_id_t,              /* cred_handle */
 261                     gss_name_t *,               /* name */
 262                     OM_uint32 *,                /* lifetime */
 263                     int *,                      /* cred_usage */
 264                     gss_OID_set *               /* mechanisms */
 265                     );
 266     OM_uint32       (*gss_add_cred)
 267         (
 268                     void*,              /* context */
 269                     OM_uint32 *,        /* minor_status */
 270                     gss_cred_id_t,      /* input_cred_handle */
 271                     gss_name_t,         /* desired_name */
 272                     gss_OID,            /* desired_mech */
 273                     gss_cred_usage_t,   /* cred_usage */
 274                     OM_uint32,          /* initiator_time_req */
 275                     OM_uint32,          /* acceptor_time_req */
 276                     gss_cred_id_t *,    /* output_cred_handle */
 277                     gss_OID_set *,      /* actual_mechs */
 278                     OM_uint32 *,        /* initiator_time_rec */
 279                     OM_uint32 *         /* acceptor_time_rec */
 280                     );
 281     OM_uint32       (*gss_export_sec_context)
 282         (
 283                     void*,              /* context */
 284                     OM_uint32 *,        /* minor_status */
 285                     gss_ctx_id_t *,     /* context_handle */
 286                     gss_buffer_t        /* interprocess_token */
 287                     );
 288     OM_uint32       (*gss_import_sec_context)
 289         (
 290                     void *,             /* context */
 291                     OM_uint32 *,        /* minor_status */
 292                     gss_buffer_t,       /* interprocess_token */
 293                     gss_ctx_id_t *      /* context_handle */
 294                     );
 295     OM_uint32       (*gss_inquire_cred_by_mech)
 296         (
 297                     void *,             /* context */
 298                     OM_uint32 *,        /* minor_status */
 299                     gss_cred_id_t,      /* cred_handle */
 300                     gss_OID,            /* mech_type */
 301                     gss_name_t *,       /* name */
 302                     OM_uint32 *,        /* initiator_lifetime */
 303                     OM_uint32 *,        /* acceptor_lifetime */
 304                     gss_cred_usage_t *  /* cred_usage */
 305                     );
 306     OM_uint32       (*gss_inquire_names_for_mech)
 307         (
 308                     void *,             /* context */
 309                     OM_uint32 *,        /* minor_status */
 310                     gss_OID,            /* mechanism */
 311                     gss_OID_set *       /* name_types */
 312                     );
 313     OM_uint32   (*gss_inquire_context)
 314         (
 315                     void *,             /* context */
 316                     OM_uint32 *,        /* minor_status */
 317                     gss_ctx_id_t,       /* context_handle */
 318                     gss_name_t *,       /* src_name */
 319                     gss_name_t *,       /* targ_name */
 320                     OM_uint32 *,        /* lifetime_rec */
 321                     gss_OID *,          /* mech_type */
 322                     OM_uint32 *,        /* ctx_flags */
 323                     int *,              /* locally_initiated */
 324                     int *               /* open */
 325                     );
 326     OM_uint32       (*gss_internal_release_oid)
 327         (
 328                     void *,             /* context */
 329                     OM_uint32 *,        /* minor_status */
 330                     gss_OID *           /* OID */
 331          );
 332     OM_uint32        (*gss_wrap_size_limit)
 333         (
 334                     void *,             /* context */
 335                     OM_uint32 *,        /* minor_status */
 336                     gss_ctx_id_t,       /* context_handle */
 337                     int,                /* conf_req_flag */
 338                     gss_qop_t,          /* qop_req */
 339                     OM_uint32,          /* req_output_size */
 340                     OM_uint32 *         /* max_input_size */
 341          );
 342     int              (*pname_to_uid)
 343         (
 344                     void *,             /* context */
 345                     char *,             /* pname */
 346                     gss_OID,            /* name type */
 347                     gss_OID,            /* mech type */
 348                     uid_t *             /* uid */
 349                     );
 350         OM_uint32               (*gssint_userok)
 351         (
 352                     void *,             /* context */
 353                     OM_uint32 *,        /* minor_status */
 354                     const gss_name_t,   /* pname */
 355                     const char *,       /* local user */
 356                     int *               /* user ok? */
 357         /* */);
 358         OM_uint32               (*gss_export_name)
 359         (
 360                 void *,                 /* context */
 361                 OM_uint32 *,            /* minor_status */
 362                 const gss_name_t,       /* input_name */
 363                 gss_buffer_t            /* exported_name */
 364         /* */);
 365         OM_uint32       (*gss_store_cred)
 366         (
 367                 void *,                 /* context */
 368                 OM_uint32 *,            /* minor_status */
 369                 const gss_cred_id_t,    /* input_cred */
 370                 gss_cred_usage_t,       /* cred_usage */
 371                 const gss_OID,          /* desired_mech */
 372                 OM_uint32,              /* overwrite_cred */
 373                 OM_uint32,              /* default_cred */
 374                 gss_OID_set *,          /* elements_stored */
 375                 gss_cred_usage_t *      /* cred_usage_stored */
 376         /* */);
 377 } *gss_mechanism;
 378
 379 /*
 380  * In the user space we use a wrapper structure to encompass the
 381  * mechanism entry points.  The wrapper contain the mechanism
 382  * entry points and other data which is only relevant to the gss-api
 383  * layer.  In the kernel we use only the gss_config strucutre because
 384  * the kernal does not cantain any of the extra gss-api specific data.
 385  */
 386 typedef struct gss_mech_config {
 387         char *kmodName;                 /* kernel module name */
 388         char *uLibName;                 /* user library name */
 389         char *mechNameStr;              /* mechanism string name */
 390         char *optionStr;                /* optional mech parameters */
 391         void *dl_handle;                /* RTLD object handle for the mech */
 392         gss_OID mech_type;              /* mechanism oid */
 393         gss_mechanism mech;             /* mechanism initialization struct */
 394         struct gss_mech_config *next;   /* next element in the list */
 395 } *gss_mech_info;
 396
 397 /********************************************************/
 398 /* Internal mechglue routines */
 399
 400 int gssint_mechglue_init(void);
 401 void gssint_mechglue_fini(void);
 402
 403 gss_mechanism gssint_get_mechanism (gss_OID);
 404 OM_uint32 gssint_get_mech_type (gss_OID, gss_buffer_t);
 405 char *gssint_get_kmodName(const gss_OID);
 406 char *gssint_get_modOptions(const gss_OID);
 407 OM_uint32 gssint_import_internal_name (OM_uint32 *, gss_OID, gss_union_name_t,
 408                                       gss_name_t *);
 409 OM_uint32 gssint_export_internal_name(OM_uint32 *, const gss_OID,
 410         const gss_name_t, gss_buffer_t);
 411 OM_uint32 gssint_display_internal_name (OM_uint32 *, gss_OID, gss_name_t,
 412                                        gss_buffer_t, gss_OID *);
 413 OM_uint32 gssint_release_internal_name (OM_uint32 *, gss_OID, gss_name_t *);
 414
 415 OM_uint32 gssint_convert_name_to_union_name
 416           (OM_uint32 *,         /* minor_status */
 417            gss_mechanism,       /* mech */
 418            gss_name_t,          /* internal_name */
 419            gss_name_t *         /* external_name */
 420            );
 421 gss_cred_id_t gssint_get_mechanism_cred
 422           (gss_union_cred_t,    /* union_cred */
 423            gss_OID              /* mech_type */
 424            );
 425
 426 OM_uint32 gssint_create_copy_buffer(
 427         const gss_buffer_t,     /* src buffer */
 428         gss_buffer_t *,         /* destination buffer */
 429         int                     /* NULL terminate buffer ? */
 430 );
 431
 432 OM_uint32 gssint_copy_oid_set(
 433         OM_uint32 *,                    /* minor_status */
 434         const gss_OID_set_desc *,       /* oid set */
 435         gss_OID_set *                   /* new oid set */
 436 );
 437
 438 gss_OID gss_find_mechanism_from_name_type (gss_OID); /* name_type */
 439
 440 OM_uint32 gss_add_mech_name_type
 441            (OM_uint32 *,        /* minor_status */
 442             gss_OID,            /* name_type */
 443             gss_OID             /* mech */
 444                );
 445
 446 /*
 447  * Sun extensions to GSS-API v2
 448  */
 449
 450 OM_uint32
 451 gssint_mech_to_oid(
 452         const char *mech,               /* mechanism string name */
 453         gss_OID *oid                    /* mechanism oid */
 454 );
 455
 456 const char *
 457 gssint_oid_to_mech(
 458         const gss_OID oid               /* mechanism oid */
 459 );
 460
 461 OM_uint32
 462 gssint_get_mechanisms(
 463         char *mechArray[],              /* array to populate with mechs */
 464         int arrayLen                    /* length of passed in array */
 465 );
 466
 467 OM_uint32
 468 gss_store_cred(
 469         OM_uint32 *,            /* minor_status */
 470         const gss_cred_id_t,    /* input_cred_handle */
 471         gss_cred_usage_t,       /* cred_usage */
 472         const gss_OID,          /* desired_mech */
 473         OM_uint32,              /* overwrite_cred */
 474         OM_uint32,              /* default_cred */
 475         gss_OID_set *,          /* elements_stored */
 476         gss_cred_usage_t *      /* cred_usage_stored */
 477 );
 478
 479 int
 480 gssint_get_der_length(
 481         unsigned char **,       /* buf */
 482         unsigned int,           /* buf_len */
 483         unsigned int *          /* bytes */
 484 );
 485
 486 unsigned int
 487 gssint_der_length_size(unsigned int /* len */);
 488
 489 int
 490 gssint_put_der_length(
 491         unsigned int,           /* length */
 492         unsigned char **,       /* buf */
 493         unsigned int            /* max_len */
 494 );
 495
 496 #endif /* _GSS_MECHGLUEP_H */