From: Theodore Tso <tytso@mit.edu>
Date: Thu, 30 May 1991 18:10:30 +0000 (+0000)
Subject: Initial revision
X-Git-Tag: krb5-1.0-beta1~39
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=38e0f7df74f5845903baa1e166504646dae9d6e6;p=krb5.git

Initial revision

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@2131 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/lib/gssapi/gssapi.h b/src/lib/gssapi/gssapi.h
new file mode 100644
index 000000000..929ea3b78
--- /dev/null
+++ b/src/lib/gssapi/gssapi.h
@@ -0,0 +1,324 @@
+/*
+ * gssapi.h --- header file for the Kerberos 5 GSS API layer
+ */
+
+#include <krb5/krb5.h>
+#include <krb5/osconf.h>
+#include <krb5/ext-proto.h>
+#include <krb5/los-proto.h>
+#include <krb5/func-proto.h>
+#include <com_err.h>
+
+typedef unsigned int	OM_uint32;
+typedef unsigned short	OM_uint16;
+
+typedef struct gss_buffer_desc_struct {
+	size_t	length;
+	void	*value;
+} gss_buffer_desc, *gss_buffer_t;
+
+typedef struct gss_OID_desc {
+	OM_uint32	length;
+	void	*elements;
+} *gss_OID;
+
+typedef struct gss_OID_set_desc {
+	OM_uint32	count;
+	struct gss_OID_desc	*elements;
+} *gss_OID_set;
+
+typedef struct gss_ctx_id_desc {
+	gss_OID		mech_type;
+	int		state;
+	int		flags;		/* gss_init_sec_context flags */
+	krb5_boolean	am_client; 	/* True if I am the client */
+	krb5_principal	me;
+	krb5_principal	him;		/* Principal of the other side */
+	krb5_address	my_address;
+	krb5_address	his_address;
+	krb5_keyblock	*session_key;
+	krb5_rcache	rcache;
+	krb5_int32	my_seq_num;
+	krb5_int32	his_seq_num;
+	krb5_int32	cusec;		/* Client usec portion */
+	krb5_timestamp	ctime;		/* Client sec portion */
+} *gss_ctx_id_t;
+
+/* structure for address */
+typedef struct channel_bindings_struct {
+    OM_uint32		sender_addrtype;
+    gss_buffer_desc	sender_address;
+    OM_uint32		receiver_addrtype;
+    gss_buffer_desc	receiver_address;
+    gss_buffer_desc	appl_specific;
+} gss_channel_bindings;
+
+#define	GSS_ADDRTYPE_INET	0x0002
+#define	GSS_ADDRTYPE_CHAOS	0x0005
+#define	GSS_ADDRTYPE_XNS	0x0006
+#define	GSS_ADDRTYPE_ISO	0x0007
+#define GSS_ADDRTYPE_DDP	0x0010
+
+#define GSS_KRB_STATE_DOWN	1
+#define GSS_KRB_STATE_MUTWAIT	2
+#define GSS_KRB_STATE_UP	3
+
+typedef krb5_principal gss_name_t;
+
+typedef struct gss_cred_id_desc {
+	krb5_principal		principal;
+	gss_OID			mech_type;
+	int			cred_flags;
+	/* Client information */
+	krb5_ccache		ccache;
+	/* Server information */
+	krb5_kvno 		kvno;
+	krb5_keyblock		srvtab;
+} gss_cred_id_t;
+
+#define GSS_KRB_HAS_CCACHE	0x0001
+#define GSS_KRB_HAS_SRVTAB	0x0002
+
+/*
+ * Optional parameters
+ */
+
+#define GSS_C_NO_BUFFER		((gss_buffer_t) 0)
+#define GSS_C_NULL_OID	       	((gss_OID) 0)
+#define GSS_C_NULL_OID_SET	((gss_OID_set) 0)
+#define GSS_C_NO_CREDENTIAL	(gss_default_credentials)
+
+/*
+ * Indefinite time
+ */
+#define GSS_TIME_REC_INDEFINITE 2147483647
+
+/*
+ * Token format:
+ *
+ * Byte 0:	GSS API Implementation Version (currently 1)
+ * Byte 1:	Mechanism Identifier (currently 1 means Kerberos V5)
+ * Byte 2:	Token type
+ * Byte 3:	Reserved
+ * Byte 4--n:	Mechanism/Token information
+ */
+
+#define GSS_API_IMPL_VERSION	1
+
+#define GSS_API_KRB5_TYPE	1
+
+/* Token types */
+#define GSS_API_KRB5_REQ	1
+#define GSS_API_KRB5_REP	2
+#define GSS_API_KRB5_SAFE	3
+#define GSS_API_KRB5_PRIV	4
+#define GSS_API_KRB5_SIGN	5
+#define GSS_API_KRB5_ERROR	6
+#define GSS_API_KRB5_SHUTDOWN	31
+
+/*
+ * Calling errors
+ */
+#define GSS_S_CALL_INACCESSIBLE_READ	(1 << 24)
+#define GSS_S_CALL_INACCESSIBLE_WRITE	(2 << 24)
+#define GSS_S_CALL_BAD_STRUCTURE	(3 << 24)
+
+/*
+ * Routine Errors
+ */
+#define GSS_S_BAD_MECH			(1 << 16)
+#define GSS_S_BAD_NAME			(2 << 16)
+#define GSS_S_BAD_NAMETYPE		(3 << 16)
+#define GSS_S_BAD_BINDINGS		(4 << 16)
+#define GSS_S_BAD_STATUS		(5 << 16)
+#define GSS_S_BAD_SIG			(6 << 16)
+#define GSS_S_NO_CRED			(7 << 16)
+#define GSS_S_NO_CONTEXT		(8 << 16)
+#define GSS_S_DEFECTIVE_TOKEN		(9 << 16)
+#define GSS_S_DEFECTIVE_CREDENTIAL	(10 << 16)
+#define GSS_S_CREDENTIALS_EXPIRED	(11 << 16)
+#define GSS_S_CONTEXT_EXPIRED		(12 << 16)
+#define GSS_S_FAILURE			(13 << 16)
+
+/*
+ * Supplementary Status Bits
+ */
+#define GSS_S_CONTINUE_NEEDED	(1 << 0)
+#define GSS_S_DUPLICATE_TOKEN	(1 << 1)
+#define GSS_S_OLD_TOKEN		(1 << 2)
+#define GSS_S_UNSEQ_TOKEN	(1 << 3)
+
+#define GSS_S_COMPLETE		0
+
+/*
+ * Macros to break apart a return code
+ */
+
+#define gss_calling_error(r) 		((r) & 0xff000000)
+#define gss_routine_error(r) 		((r) & 0x00ff0000)
+#define gss_supplementary_info(r)	((r) & 0x0000ffff)
+
+/*
+ * gss_init_sec_context flags
+ */
+#define GSS_C_DELEG_FLAG	0x0001
+#define GSS_C_MUTUAL_FLAG	0x0002
+#define GSS_C_REPLAY_FLAG	0x0004
+#define GSS_C_SEQUENCE_FLAG	0x0008
+#define GSS_C_CONF_FLAG		0x0010
+
+/*
+ * Values for qop_req
+ */
+#define GSS_C_QOP_DEFAULT	0
+
+/*
+ * OID declarations
+ */
+extern struct gss_OID_desc gss_OID_krb5;
+extern struct gss_OID_desc gss_OID_krb5_name;
+
+/*
+ * Function declaragions, generated by mkptypes
+ */
+/* ac_cred.c */
+OM_uint32 gss_acquire_cred PROTOTYPE((OM_uint32 *minor_status,
+				      gss_name_t desired_name,
+				      OM_uint32 time_req,
+				      gss_OID_set desired_mechs,
+				      int cred_usage,
+				      gss_cred_id_t *output_cred_handle,
+				      gss_OID_set *actual_mechs,
+				      OM_uint32 *time_rec)); 
+
+/* acc_sec.c */
+OM_uint32 gss_accept_sec_context PROTOTYPE((OM_uint32 *minor_status,
+					    gss_ctx_id_t *context_handle,
+					    gss_cred_id_t verifier_cred_handle,
+					    gss_buffer_t input_token,
+					    gss_channel_bindings channel,
+					    gss_name_t *src_name,
+					    gss_OID *mech_type,
+					    gss_buffer_t output_token,
+					    int *ret_flags,
+					    OM_uint32 *time_rec,
+					    gss_cred_id_t *delegated_cred_handle));
+
+/* check_tok.c */
+OM_uint32 gss_check_token PROTOTYPE((OM_uint32 *minor_status,
+				     gss_buffer_t input_token,
+				     unsigned int mechanism,
+				     unsigned int type));
+
+/* cmp_name.c */
+OM_uint32 gss_compare_name PROTOTYPE((OM_uint32 *minor_status,
+				      gss_name_t name1,
+				      gss_name_t name2,
+				      int *name_equal));
+
+/* comp_oid.c */
+int gss_compare_OID PROTOTYPE((gss_OID oid1,
+			       gss_OID oid2));
+
+/* dsp_name.c */
+OM_uint32 gss_display_name PROTOTYPE((OM_uint32 *minor_status,
+				      gss_name_t input_name,
+				      gss_buffer_t output_name_buffer));
+
+/* imp_name.c */
+OM_uint32 gss_import_name PROTOTYPE((OM_uint32 *minor_status,
+				     gss_buffer_t input_name_buffer,
+				     gss_OID input_name_type,
+				     gss_name_t *output_name));
+OM_uint32 gss_service_import_name PROTOTYPE((OM_uint32 *minor_status,
+					     gss_buffer_t input_name_buffer,
+					     gss_name_t *output_name));
+
+/* ind_mechs.c */
+OM_uint32 gss_indicate_mechs PROTOTYPE((OM_uint32 *minor_status,
+					gss_OID_set *mech_set));
+
+/* init_sec.c */
+OM_uint32 gss_init_sec_context PROTOTYPE((OM_uint32 *minor_status,
+					  gss_cred_id_t claimant_cred_handle,
+					  gss_ctx_id_t *context_handle,
+					  gss_name_t target_name,
+					  gss_OID mech_type,
+					  int req_flags,
+					  int time_req,
+					  gss_channel_bindings channel,
+					  gss_buffer_t input_token,
+					  gss_OID *actual_mech_type,
+					  gss_buffer_t output_token,
+					  int *ret_flags,
+					  OM_uint32 *time_rec));
+
+/* make_tok.c */
+OM_uint32 gss_make_token PROTOTYPE((OM_uint32 *minor_status,
+				    unsigned int mechanism,
+				    unsigned int type,
+				    size_t length,
+				    void *data,
+				    gss_buffer_t output_token));
+
+/* rel_buffer.c */
+OM_uint32 gss_release_buffer PROTOTYPE((OM_uint32 *minor_status,
+					gss_buffer_t buffer));
+
+/* rel_cred.c */
+OM_uint32 gss_release_cred PROTOTYPE((OM_uint32 *minor_status,
+				      gss_cred_id_t *cred_handle));
+
+/* rel_name.c */
+OM_uint32 gss_release_name PROTOTYPE((OM_uint32 *minor_status,
+				      gss_name_t *name));
+
+/* rel_oidset.c */
+OM_uint32 gss_release_oid_set PROTOTYPE((OM_uint32 *minor_status,
+					 gss_OID_set set));
+
+/* rel_sec.c */
+OM_uint32 gss_release_security_context PROTOTYPE((OM_uint32 *minor_status,
+						  gss_ctx_id_t context));
+
+/* seal.c */
+OM_uint32 gss_seal PROTOTYPE((OM_uint32 *minor_status,
+			      gss_ctx_id_t context,
+			      int conf_req_flag,
+			      int qop_req,
+			      gss_buffer_t input_message_buffer,
+			      int *conf_state,
+			      gss_buffer_t output_message_buffer));
+OM_uint32 gss_sign PROTOTYPE((OM_uint32 *minor_status,
+			      gss_ctx_id_t context,
+			      int qop_req,
+			      gss_buffer_t input_message_buffer,
+			      gss_buffer_t output_message_buffer));
+
+/* sign.c */
+OM_uint32 gss_sign PROTOTYPE((OM_uint32 *minor_status,
+			      gss_ctx_id_t context,
+			      int qop_req,
+			      gss_buffer_t input_message_buffer,
+			      gss_buffer_t output_message_buffer));
+
+/* unseal.c */
+OM_uint32 gss_unseal PROTOTYPE((OM_uint32 *minor_status,
+				gss_ctx_id_t context,
+				gss_buffer_t input_message_buffer,
+				gss_buffer_t output_message_buffer,
+				int *conf_state,
+				int *qop_state));
+OM_uint32 gss_verify PROTOTYPE((OM_uint32 *minor_status,
+				gss_ctx_id_t context,
+				gss_buffer_t message_buffer,
+				gss_buffer_t token_buffer,
+				int *qop_state));
+
+/* verify.c */
+OM_uint32 gss_verify PROTOTYPE((OM_uint32 *minor_status,
+				gss_ctx_id_t context,
+				gss_buffer_t message_buffer,
+				gss_buffer_t token_buffer,
+				int *qop_state));
+