auth.h revision 299742 
1/*
2 * auth.h :  shared stuff internal to the subr library.
3 *
4 * ====================================================================
5 *    Licensed to the Apache Software Foundation (ASF) under one
6 *    or more contributor license agreements.  See the NOTICE file
7 *    distributed with this work for additional information
8 *    regarding copyright ownership.  The ASF licenses this file
9 *    to you under the Apache License, Version 2.0 (the
10 *    "License"); you may not use this file except in compliance
11 *    with the License.  You may obtain a copy of the License at
12 *
13 *      http://www.apache.org/licenses/LICENSE-2.0
14 *
15 *    Unless required by applicable law or agreed to in writing,
16 *    software distributed under the License is distributed on an
17 *    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
18 *    KIND, either express or implied.  See the License for the
19 *    specific language governing permissions and limitations
20 *    under the License.
21 * ====================================================================
22 */
23
24#ifndef SVN_LIBSVN_SUBR_AUTH_H
25#define SVN_LIBSVN_SUBR_AUTH_H
26
27#ifdef __cplusplus
28extern "C" {
29#endif /* __cplusplus */
30
31#include "svn_auth.h"
32
33/* Helper for svn_config_{read|write}_auth_data.  Return a path to a
34   file within ~/.subversion/auth/ that holds CRED_KIND credentials
35   within REALMSTRING.  If no path is available *PATH will be set to
36   NULL. */
37svn_error_t *
38svn_auth__file_path(const char **path,
39                    const char *cred_kind,
40                    const char *realmstring,
41                    const char *config_dir,
42                    apr_pool_t *pool);
43
44#if (defined(WIN32) && !defined(__MINGW32__)) || defined(DOXYGEN)
45/**
46 * Set @a *provider to an authentication provider of type @c
47 * svn_auth_cred_simple_t that gets/sets information from the user's
48 * ~/.subversion configuration directory.  Allocate @a *provider in
49 * @a pool.
50 *
51 * This is like svn_auth_get_simple_provider(), except that, when
52 * running on Window 2000 or newer (or any other Windows version that
53 * includes the CryptoAPI), the provider encrypts the password before
54 * storing it to disk. On earlier versions of Windows, the provider
55 * does nothing.
56 *
57 * @note This function is only available on Windows.
58 *
59 * @note An administrative password reset may invalidate the account's
60 * secret key. This function will detect that situation and behave as
61 * if the password were not cached at all.
62 */
63void
64svn_auth__get_windows_simple_provider(svn_auth_provider_object_t **provider,
65                                      apr_pool_t *pool);
66
67/**
68 * Set @a *provider to an authentication provider of type @c
69 * svn_auth_cred_ssl_client_cert_pw_t that gets/sets information from the
70 * user's ~/.subversion configuration directory.  Allocate @a *provider in
71 * @a pool.
72 *
73 * This is like svn_auth_get_ssl_client_cert_pw_file_provider(), except that
74 * when running on Window 2000 or newer, the provider encrypts the password
75 * before storing it to disk. On earlier versions of Windows, the provider
76 * does nothing.
77 *
78 * @note This function is only available on Windows.
79 *
80 * @note An administrative password reset may invalidate the account's
81 * secret key. This function will detect that situation and behave as
82 * if the password were not cached at all.
83 */
84void
85svn_auth__get_windows_ssl_client_cert_pw_provider(
86  svn_auth_provider_object_t **provider,
87  apr_pool_t *pool);
88
89/**
90 * Set @a *provider to an authentication provider of type @c
91 * svn_auth_cred_ssl_server_trust_t, allocated in @a pool.
92 *
93 * This provider automatically validates ssl server certificates with
94 * the CryptoApi, like Internet Explorer and the Windows network API do.
95 * This allows the rollout of root certificates via Windows Domain
96 * policies, instead of Subversion specific configuration.
97 *
98 * @note This function is only available on Windows.
99 */
100void
101svn_auth__get_windows_ssl_server_trust_provider(
102  svn_auth_provider_object_t **provider,
103  apr_pool_t *pool);
104#endif /* WIN32 && !__MINGW32__ || DOXYGEN */
105
106#if defined(DARWIN) || defined(DOXYGEN)
107/**
108 * Set @a *provider to an authentication provider of type @c
109 * svn_auth_cred_simple_t that gets/sets information from the user's
110 * ~/.subversion configuration directory.  Allocate @a *provider in
111 * @a pool.
112 *
113 * This is like svn_auth_get_simple_provider(), except that the
114 * password is stored in the Mac OS KeyChain.
115 *
116 * @note This function is only available on Mac OS 10.2 and higher.
117 */
118void
119svn_auth__get_keychain_simple_provider(svn_auth_provider_object_t **provider,
120                                      apr_pool_t *pool);
121
122/**
123 * Set @a *provider to an authentication provider of type @c
124 * svn_auth_cred_ssl_client_cert_pw_t that gets/sets information from the
125 * user's ~/.subversion configuration directory.  Allocate @a *provider in
126 * @a pool.
127 *
128 * This is like svn_auth_get_ssl_client_cert_pw_file_provider(), except
129 * that the password is stored in the Mac OS KeyChain.
130 *
131 * @note This function is only available on Mac OS 10.2 and higher.
132 */
133void
134svn_auth__get_keychain_ssl_client_cert_pw_provider(
135  svn_auth_provider_object_t **provider,
136  apr_pool_t *pool);
137#endif /* DARWIN || DOXYGEN */
138
139#if !defined(WIN32) || defined(DOXYGEN)
140/**
141 * Set @a *provider to an authentication provider of type @c
142 * svn_auth_cred_simple_t that gets/sets information from the user's
143 * ~/.subversion configuration directory.
144 *
145 * This is like svn_client_get_simple_provider(), except that the
146 * password is obtained from gpg_agent, which will keep it in
147 * a memory cache.
148 *
149 * Allocate @a *provider in @a pool.
150 *
151 * @note This function actually works only on systems with
152 * GNU Privacy Guard installed.
153 */
154void
155svn_auth__get_gpg_agent_simple_provider
156    (svn_auth_provider_object_t **provider,
157     apr_pool_t *pool);
158#endif /* !defined(WIN32) || defined(DOXYGEN) */
159
160/**
161 * Set @a *provider to a dummy provider of type @c
162 * svn_auth_cred_simple_t that never returns or stores any
163 * credentials.
164 */
165void
166svn_auth__get_dummmy_simple_provider(svn_auth_provider_object_t **provider,
167                                     apr_pool_t *pool);
168
169#ifdef __cplusplus
170}
171#endif /* __cplusplus */
172
173#endif /* SVN_LIBSVN_SUBR_AUTH_H */
174