1153838Sdfr/* 2153838Sdfr * Copyright (C) The Internet Society (2000). All Rights Reserved. 3153838Sdfr * 4153838Sdfr * This document and translations of it may be copied and furnished to 5153838Sdfr * others, and derivative works that comment on or otherwise explain it 6153838Sdfr * or assist in its implementation may be prepared, copied, published 7153838Sdfr * and distributed, in whole or in part, without restriction of any 8153838Sdfr * kind, provided that the above copyright notice and this paragraph are 9153838Sdfr * included on all such copies and derivative works. However, this 10153838Sdfr * document itself may not be modified in any way, such as by removing 11153838Sdfr * the copyright notice or references to the Internet Society or other 12153838Sdfr * Internet organizations, except as needed for the purpose of 13153838Sdfr * developing Internet standards in which case the procedures for 14153838Sdfr * copyrights defined in the Internet Standards process must be 15153838Sdfr * followed, or as required to translate it into languages other than 16153838Sdfr * English. 17153838Sdfr * 18153838Sdfr * The limited permissions granted above are perpetual and will not be 19153838Sdfr * revoked by the Internet Society or its successors or assigns. 20153838Sdfr * 21153838Sdfr * This document and the information contained herein is provided on an 22153838Sdfr * "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 23153838Sdfr * TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 24153838Sdfr * BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 25153838Sdfr * HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 26153838Sdfr * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 27153838Sdfr * 28153838Sdfr * $FreeBSD$ 29153838Sdfr */ 30153838Sdfr 31153838Sdfr#ifndef _GSSAPI_GSSAPI_H_ 32153838Sdfr#define _GSSAPI_GSSAPI_H_ 33153838Sdfr 34239061Sdfr#include <sys/cdefs.h> 35239061Sdfr#include <sys/_types.h> 36153838Sdfr 37239061Sdfr#ifndef _SIZE_T_DECLARED 38239061Sdfrtypedef __size_t size_t; 39239061Sdfr#define _SIZE_T_DECLARED 40239061Sdfr#endif 41153838Sdfr 42178828Sdfr#ifndef _SSIZE_T_DECLARED 43178828Sdfrtypedef __ssize_t ssize_t; 44178828Sdfr#define _SSIZE_T_DECLARED 45178828Sdfr#endif 46178828Sdfr 47252409Shrs/* Compatibility with Heimdal 1.5.1 */ 48252409Shrs#ifndef GSSAPI_CPP_START 49252409Shrs#ifdef __cplusplus 50252409Shrs#define GSSAPI_CPP_START extern "C" { 51252409Shrs#define GSSAPI_CPP_END } 52252409Shrs#else 53252409Shrs#define GSSAPI_CPP_START 54252409Shrs#define GSSAPI_CPP_END 55252409Shrs#endif 56252409Shrs#endif 57252409Shrs 58252409Shrs/* Compatibility with Heimdal 1.5.1 */ 59252409Shrs#ifndef BUILD_GSSAPI_LIB 60252409Shrs#define GSSAPI_LIB_FUNCTION 61252409Shrs#define GSSAPI_LIB_CALL 62252409Shrs#define GSSAPI_LIB_VARIABLE 63252409Shrs#endif 64252409Shrs 65252409Shrs/* Compatibility with Heimdal 1.5.1 */ 66252409Shrs#ifndef GSSAPI_DEPRECATED_FUNCTION 67252409Shrs#if defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 ))) 68252409Shrs#define GSSAPI_DEPRECATED_FUNCTION(X) __attribute__((deprecated)) 69252409Shrs#else 70252409Shrs#define GSSAPI_DEPRECATED_FUNCTION(X) 71252409Shrs#endif 72252409Shrs#endif 73252409Shrs 74153838Sdfr#if 0 75153838Sdfr/* 76153838Sdfr * If the platform supports the xom.h header file, it should be 77153838Sdfr * included here. 78153838Sdfr */ 79153838Sdfr#include <xom.h> 80153838Sdfr#endif 81153838Sdfr 82153838Sdfr 83153838Sdfr/* 84153838Sdfr * Now define the three implementation-dependent types. 85153838Sdfr */ 86153838Sdfrtypedef struct _gss_ctx_id_t *gss_ctx_id_t; 87153838Sdfrtypedef struct _gss_cred_id_t *gss_cred_id_t; 88153838Sdfrtypedef struct _gss_name_t *gss_name_t; 89153838Sdfr 90153838Sdfr/* 91153838Sdfr * The following type must be defined as the smallest natural 92153838Sdfr * unsigned integer supported by the platform that has at least 93153838Sdfr * 32 bits of precision. 94153838Sdfr */ 95239061Sdfrtypedef __uint32_t gss_uint32; 96153838Sdfr 97153838Sdfr 98153838Sdfr#ifdef OM_STRING 99153838Sdfr/* 100153838Sdfr * We have included the xom.h header file. Verify that OM_uint32 101153838Sdfr * is defined correctly. 102153838Sdfr */ 103153838Sdfr 104153838Sdfr#if sizeof(gss_uint32) != sizeof(OM_uint32) 105153838Sdfr#error Incompatible definition of OM_uint32 from xom.h 106153838Sdfr#endif 107153838Sdfr 108153838Sdfrtypedef OM_object_identifier gss_OID_desc, *gss_OID; 109153838Sdfr 110153838Sdfr#else 111153838Sdfr 112153838Sdfr/* 113153838Sdfr * We can't use X/Open definitions, so roll our own. 114153838Sdfr */ 115153838Sdfr 116153838Sdfrtypedef gss_uint32 OM_uint32; 117239061Sdfrtypedef __uint64_t OM_uint64; 118153838Sdfr 119153838Sdfrtypedef struct gss_OID_desc_struct { 120153838Sdfr OM_uint32 length; 121153838Sdfr void *elements; 122153838Sdfr} gss_OID_desc, *gss_OID; 123153838Sdfr 124153838Sdfr#endif 125153838Sdfr 126153838Sdfrtypedef struct gss_OID_set_desc_struct { 127153838Sdfr size_t count; 128153838Sdfr gss_OID elements; 129153838Sdfr} gss_OID_set_desc, *gss_OID_set; 130153838Sdfr 131153838Sdfrtypedef struct gss_buffer_desc_struct { 132153838Sdfr size_t length; 133153838Sdfr void *value; 134153838Sdfr} gss_buffer_desc, *gss_buffer_t; 135153838Sdfr 136153838Sdfrtypedef struct gss_channel_bindings_struct { 137153838Sdfr OM_uint32 initiator_addrtype; 138153838Sdfr gss_buffer_desc initiator_address; 139153838Sdfr OM_uint32 acceptor_addrtype; 140153838Sdfr gss_buffer_desc acceptor_address; 141153838Sdfr gss_buffer_desc application_data; 142153838Sdfr} *gss_channel_bindings_t; 143153838Sdfr 144153838Sdfr/* 145153838Sdfr * For now, define a QOP-type as an OM_uint32 146153838Sdfr */ 147153838Sdfrtypedef OM_uint32 gss_qop_t; 148153838Sdfr 149153838Sdfrtypedef int gss_cred_usage_t; 150153838Sdfr 151153838Sdfr/* 152153838Sdfr * Flag bits for context-level services. 153153838Sdfr */ 154153838Sdfr#define GSS_C_DELEG_FLAG 1 155153838Sdfr#define GSS_C_MUTUAL_FLAG 2 156153838Sdfr#define GSS_C_REPLAY_FLAG 4 157153838Sdfr#define GSS_C_SEQUENCE_FLAG 8 158153838Sdfr#define GSS_C_CONF_FLAG 16 159153838Sdfr#define GSS_C_INTEG_FLAG 32 160153838Sdfr#define GSS_C_ANON_FLAG 64 161153838Sdfr#define GSS_C_PROT_READY_FLAG 128 162153838Sdfr#define GSS_C_TRANS_FLAG 256 163153838Sdfr 164153838Sdfr/* 165153838Sdfr * Credential usage options 166153838Sdfr */ 167153838Sdfr#define GSS_C_BOTH 0 168153838Sdfr#define GSS_C_INITIATE 1 169153838Sdfr#define GSS_C_ACCEPT 2 170153838Sdfr 171153838Sdfr/* 172153838Sdfr * Status code types for gss_display_status 173153838Sdfr */ 174153838Sdfr#define GSS_C_GSS_CODE 1 175153838Sdfr#define GSS_C_MECH_CODE 2 176153838Sdfr 177153838Sdfr/* 178153838Sdfr * The constant definitions for channel-bindings address families 179153838Sdfr */ 180153838Sdfr#define GSS_C_AF_UNSPEC 0 181153838Sdfr#define GSS_C_AF_LOCAL 1 182153838Sdfr#define GSS_C_AF_INET 2 183153838Sdfr#define GSS_C_AF_IMPLINK 3 184153838Sdfr#define GSS_C_AF_PUP 4 185153838Sdfr#define GSS_C_AF_CHAOS 5 186153838Sdfr#define GSS_C_AF_NS 6 187153838Sdfr#define GSS_C_AF_NBS 7 188153838Sdfr#define GSS_C_AF_ECMA 8 189153838Sdfr#define GSS_C_AF_DATAKIT 9 190153838Sdfr#define GSS_C_AF_CCITT 10 191153838Sdfr#define GSS_C_AF_SNA 11 192153838Sdfr#define GSS_C_AF_DECnet 12 193153838Sdfr#define GSS_C_AF_DLI 13 194153838Sdfr#define GSS_C_AF_LAT 14 195153838Sdfr#define GSS_C_AF_HYLINK 15 196153838Sdfr#define GSS_C_AF_APPLETALK 16 197153838Sdfr#define GSS_C_AF_BSC 17 198153838Sdfr#define GSS_C_AF_DSS 18 199153838Sdfr#define GSS_C_AF_OSI 19 200153838Sdfr#define GSS_C_AF_X25 21 201153838Sdfr#define GSS_C_AF_NULLADDR 255 202153838Sdfr 203153838Sdfr/* 204153838Sdfr * Various Null values 205153838Sdfr */ 206153838Sdfr#define GSS_C_NO_NAME ((gss_name_t) 0) 207153838Sdfr#define GSS_C_NO_BUFFER ((gss_buffer_t) 0) 208153838Sdfr#define GSS_C_NO_OID ((gss_OID) 0) 209153838Sdfr#define GSS_C_NO_OID_SET ((gss_OID_set) 0) 210153838Sdfr#define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0) 211153838Sdfr#define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0) 212153838Sdfr#define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0) 213153838Sdfr#define GSS_C_EMPTY_BUFFER {0, NULL} 214153838Sdfr 215153838Sdfr/* 216153838Sdfr * Some alternate names for a couple of the above 217153838Sdfr * values. These are defined for V1 compatibility. 218153838Sdfr */ 219153838Sdfr#define GSS_C_NULL_OID GSS_C_NO_OID 220153838Sdfr#define GSS_C_NULL_OID_SET GSS_C_NO_OID_SET 221153838Sdfr 222153838Sdfr/* 223153838Sdfr * Define the default Quality of Protection for per-message 224153838Sdfr * services. Note that an implementation that offers multiple 225153838Sdfr * levels of QOP may define GSS_C_QOP_DEFAULT to be either zero 226153838Sdfr * (as done here) to mean "default protection", or to a specific 227153838Sdfr * explicit QOP value. However, a value of 0 should always be 228153838Sdfr * interpreted by a GSS-API implementation as a request for the 229153838Sdfr * default protection level. 230153838Sdfr */ 231153838Sdfr#define GSS_C_QOP_DEFAULT 0 232153838Sdfr 233153838Sdfr/* 234153838Sdfr * Expiration time of 2^32-1 seconds means infinite lifetime for a 235153838Sdfr * credential or security context 236153838Sdfr */ 237153838Sdfr#define GSS_C_INDEFINITE 0xfffffffful 238153838Sdfr 239153838Sdfr/* 240153838Sdfr * The implementation must reserve static storage for a 241153838Sdfr * gss_OID_desc object containing the value 242153838Sdfr * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 243153838Sdfr * "\x01\x02\x01\x01"}, 244153838Sdfr * corresponding to an object-identifier value of 245153838Sdfr * {iso(1) member-body(2) United States(840) mit(113554) 246153838Sdfr * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant 247153838Sdfr * GSS_C_NT_USER_NAME should be initialized to point 248153838Sdfr * to that gss_OID_desc. 249153838Sdfr */ 250153838Sdfrextern gss_OID GSS_C_NT_USER_NAME; 251153838Sdfr 252153838Sdfr/* 253153838Sdfr * The implementation must reserve static storage for a 254153838Sdfr * gss_OID_desc object containing the value 255153838Sdfr * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 256153838Sdfr * "\x01\x02\x01\x02"}, 257153838Sdfr * corresponding to an object-identifier value of 258153838Sdfr * {iso(1) member-body(2) United States(840) mit(113554) 259153838Sdfr * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}. 260153838Sdfr * The constant GSS_C_NT_MACHINE_UID_NAME should be 261153838Sdfr * initialized to point to that gss_OID_desc. 262153838Sdfr */ 263153838Sdfrextern gss_OID GSS_C_NT_MACHINE_UID_NAME; 264153838Sdfr 265153838Sdfr/* 266153838Sdfr * The implementation must reserve static storage for a 267153838Sdfr * gss_OID_desc object containing the value 268153838Sdfr * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 269153838Sdfr * "\x01\x02\x01\x03"}, 270153838Sdfr * corresponding to an object-identifier value of 271153838Sdfr * {iso(1) member-body(2) United States(840) mit(113554) 272153838Sdfr * infosys(1) gssapi(2) generic(1) string_uid_name(3)}. 273153838Sdfr * The constant GSS_C_NT_STRING_UID_NAME should be 274153838Sdfr * initialized to point to that gss_OID_desc. 275153838Sdfr */ 276153838Sdfrextern gss_OID GSS_C_NT_STRING_UID_NAME; 277153838Sdfr 278153838Sdfr/* 279153838Sdfr * The implementation must reserve static storage for a 280153838Sdfr * gss_OID_desc object containing the value 281153838Sdfr * {6, (void *)"\x2b\x06\x01\x05\x06\x02"}, 282153838Sdfr * corresponding to an object-identifier value of 283153838Sdfr * {iso(1) org(3) dod(6) internet(1) security(5) 284153838Sdfr * nametypes(6) gss-host-based-services(2)). The constant 285153838Sdfr * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point 286153838Sdfr * to that gss_OID_desc. This is a deprecated OID value, and 287153838Sdfr * implementations wishing to support hostbased-service names 288153838Sdfr * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID, 289153838Sdfr * defined below, to identify such names; 290153838Sdfr * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym 291153838Sdfr * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input 292153838Sdfr * parameter, but should not be emitted by GSS-API 293153838Sdfr * implementations 294153838Sdfr */ 295153838Sdfrextern gss_OID GSS_C_NT_HOSTBASED_SERVICE_X; 296153838Sdfr 297153838Sdfr/* 298153838Sdfr * The implementation must reserve static storage for a 299153838Sdfr * gss_OID_desc object containing the value 300153838Sdfr * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" 301153838Sdfr * "\x01\x02\x01\x04"}, corresponding to an 302153838Sdfr * object-identifier value of {iso(1) member-body(2) 303153838Sdfr * Unites States(840) mit(113554) infosys(1) gssapi(2) 304153838Sdfr * generic(1) service_name(4)}. The constant 305153838Sdfr * GSS_C_NT_HOSTBASED_SERVICE should be initialized 306153838Sdfr * to point to that gss_OID_desc. 307153838Sdfr */ 308153838Sdfrextern gss_OID GSS_C_NT_HOSTBASED_SERVICE; 309153838Sdfr 310153838Sdfr/* 311153838Sdfr * The implementation must reserve static storage for a 312153838Sdfr * gss_OID_desc object containing the value 313153838Sdfr * {6, (void *)"\x2b\x06\01\x05\x06\x03"}, 314153838Sdfr * corresponding to an object identifier value of 315153838Sdfr * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 316153838Sdfr * 6(nametypes), 3(gss-anonymous-name)}. The constant 317153838Sdfr * and GSS_C_NT_ANONYMOUS should be initialized to point 318153838Sdfr * to that gss_OID_desc. 319153838Sdfr */ 320153838Sdfrextern gss_OID GSS_C_NT_ANONYMOUS; 321153838Sdfr 322153838Sdfr 323153838Sdfr/* 324153838Sdfr * The implementation must reserve static storage for a 325153838Sdfr * gss_OID_desc object containing the value 326153838Sdfr * {6, (void *)"\x2b\x06\x01\x05\x06\x04"}, 327153838Sdfr * corresponding to an object-identifier value of 328153838Sdfr * {1(iso), 3(org), 6(dod), 1(internet), 5(security), 329153838Sdfr * 6(nametypes), 4(gss-api-exported-name)}. The constant 330153838Sdfr * GSS_C_NT_EXPORT_NAME should be initialized to point 331153838Sdfr * to that gss_OID_desc. 332153838Sdfr */ 333153838Sdfrextern gss_OID GSS_C_NT_EXPORT_NAME; 334153838Sdfr 335153838Sdfr/* 336153838Sdfr * This name form shall be represented by the Object Identifier {iso(1) 337153838Sdfr * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 338153838Sdfr * krb5(2) krb5_name(1)}. The recommended symbolic name for this type 339153838Sdfr * is "GSS_KRB5_NT_PRINCIPAL_NAME". 340153838Sdfr */ 341153838Sdfrextern gss_OID GSS_KRB5_NT_PRINCIPAL_NAME; 342153838Sdfr 343153838Sdfr/* 344153838Sdfr * This name form shall be represented by the Object Identifier {iso(1) 345153838Sdfr * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 346153838Sdfr * generic(1) user_name(1)}. The recommended symbolic name for this 347153838Sdfr * type is "GSS_KRB5_NT_USER_NAME". 348153838Sdfr */ 349153838Sdfrextern gss_OID GSS_KRB5_NT_USER_NAME; 350153838Sdfr 351153838Sdfr/* 352153838Sdfr * This name form shall be represented by the Object Identifier {iso(1) 353153838Sdfr * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 354153838Sdfr * generic(1) machine_uid_name(2)}. The recommended symbolic name for 355153838Sdfr * this type is "GSS_KRB5_NT_MACHINE_UID_NAME". 356153838Sdfr */ 357153838Sdfrextern gss_OID GSS_KRB5_NT_MACHINE_UID_NAME; 358153838Sdfr 359153838Sdfr/* 360153838Sdfr * This name form shall be represented by the Object Identifier {iso(1) 361153838Sdfr * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) 362153838Sdfr * generic(1) string_uid_name(3)}. The recommended symbolic name for 363153838Sdfr * this type is "GSS_KRB5_NT_STRING_UID_NAME". 364153838Sdfr */ 365153838Sdfrextern gss_OID GSS_KRB5_NT_STRING_UID_NAME; 366153838Sdfr 367153838Sdfr/* Major status codes */ 368153838Sdfr 369153838Sdfr#define GSS_S_COMPLETE 0 370153838Sdfr 371153838Sdfr/* 372153838Sdfr * Some "helper" definitions to make the status code macros obvious. 373153838Sdfr */ 374153838Sdfr#define GSS_C_CALLING_ERROR_OFFSET 24 375153838Sdfr#define GSS_C_ROUTINE_ERROR_OFFSET 16 376153838Sdfr#define GSS_C_SUPPLEMENTARY_OFFSET 0 377153838Sdfr#define GSS_C_CALLING_ERROR_MASK 0377ul 378153838Sdfr#define GSS_C_ROUTINE_ERROR_MASK 0377ul 379153838Sdfr#define GSS_C_SUPPLEMENTARY_MASK 0177777ul 380153838Sdfr 381153838Sdfr/* 382153838Sdfr * The macros that test status codes for error conditions. 383153838Sdfr * Note that the GSS_ERROR() macro has changed slightly from 384153838Sdfr * the V1 GSS-API so that it now evaluates its argument 385153838Sdfr * only once. 386153838Sdfr */ 387153838Sdfr#define GSS_CALLING_ERROR(x) \ 388153838Sdfr (x & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET)) 389153838Sdfr#define GSS_ROUTINE_ERROR(x) \ 390153838Sdfr (x & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)) 391153838Sdfr#define GSS_SUPPLEMENTARY_INFO(x) \ 392153838Sdfr (x & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET)) 393153838Sdfr#define GSS_ERROR(x) \ 394153838Sdfr (x & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) | \ 395153838Sdfr (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))) 396153838Sdfr 397153838Sdfr/* 398153838Sdfr * Now the actual status code definitions 399153838Sdfr */ 400153838Sdfr 401153838Sdfr/* 402153838Sdfr * Calling errors: 403153838Sdfr */ 404153838Sdfr#define GSS_S_CALL_INACCESSIBLE_READ \ 405153838Sdfr(1ul << GSS_C_CALLING_ERROR_OFFSET) 406153838Sdfr#define GSS_S_CALL_INACCESSIBLE_WRITE \ 407153838Sdfr(2ul << GSS_C_CALLING_ERROR_OFFSET) 408153838Sdfr#define GSS_S_CALL_BAD_STRUCTURE \ 409153838Sdfr(3ul << GSS_C_CALLING_ERROR_OFFSET) 410153838Sdfr 411153838Sdfr/* 412153838Sdfr * Routine errors: 413153838Sdfr */ 414153838Sdfr#define GSS_S_BAD_MECH (1ul << GSS_C_ROUTINE_ERROR_OFFSET) 415153838Sdfr#define GSS_S_BAD_NAME (2ul << GSS_C_ROUTINE_ERROR_OFFSET) 416153838Sdfr#define GSS_S_BAD_NAMETYPE (3ul << GSS_C_ROUTINE_ERROR_OFFSET) 417153838Sdfr#define GSS_S_BAD_BINDINGS (4ul << GSS_C_ROUTINE_ERROR_OFFSET) 418153838Sdfr#define GSS_S_BAD_STATUS (5ul << GSS_C_ROUTINE_ERROR_OFFSET) 419153838Sdfr#define GSS_S_BAD_SIG (6ul << GSS_C_ROUTINE_ERROR_OFFSET) 420153838Sdfr#define GSS_S_BAD_MIC GSS_S_BAD_SIG 421153838Sdfr#define GSS_S_NO_CRED (7ul << GSS_C_ROUTINE_ERROR_OFFSET) 422153838Sdfr#define GSS_S_NO_CONTEXT (8ul << GSS_C_ROUTINE_ERROR_OFFSET) 423153838Sdfr#define GSS_S_DEFECTIVE_TOKEN (9ul << GSS_C_ROUTINE_ERROR_OFFSET) 424153838Sdfr#define GSS_S_DEFECTIVE_CREDENTIAL (10ul << GSS_C_ROUTINE_ERROR_OFFSET) 425153838Sdfr#define GSS_S_CREDENTIALS_EXPIRED (11ul << GSS_C_ROUTINE_ERROR_OFFSET) 426153838Sdfr#define GSS_S_CONTEXT_EXPIRED (12ul << GSS_C_ROUTINE_ERROR_OFFSET) 427153838Sdfr#define GSS_S_FAILURE (13ul << GSS_C_ROUTINE_ERROR_OFFSET) 428153838Sdfr#define GSS_S_BAD_QOP (14ul << GSS_C_ROUTINE_ERROR_OFFSET) 429153838Sdfr#define GSS_S_UNAUTHORIZED (15ul << GSS_C_ROUTINE_ERROR_OFFSET) 430153838Sdfr#define GSS_S_UNAVAILABLE (16ul << GSS_C_ROUTINE_ERROR_OFFSET) 431153838Sdfr#define GSS_S_DUPLICATE_ELEMENT (17ul << GSS_C_ROUTINE_ERROR_OFFSET) 432153838Sdfr#define GSS_S_NAME_NOT_MN (18ul << GSS_C_ROUTINE_ERROR_OFFSET) 433153838Sdfr 434153838Sdfr/* 435153838Sdfr * Supplementary info bits: 436153838Sdfr */ 437153838Sdfr#define GSS_S_CONTINUE_NEEDED \ 438153838Sdfr (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 0)) 439153838Sdfr#define GSS_S_DUPLICATE_TOKEN \ 440153838Sdfr (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 1)) 441153838Sdfr#define GSS_S_OLD_TOKEN \ 442153838Sdfr (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 2)) 443153838Sdfr#define GSS_S_UNSEQ_TOKEN \ 444153838Sdfr (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 3)) 445153838Sdfr#define GSS_S_GAP_TOKEN \ 446153838Sdfr (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 4)) 447153838Sdfr 448179033Sdfr__BEGIN_DECLS 449179033Sdfr 450153838Sdfr/* 451153838Sdfr * Finally, function prototypes for the GSS-API routines. 452153838Sdfr */ 453153838SdfrOM_uint32 gss_acquire_cred 454153838Sdfr (OM_uint32 *, /* minor_status */ 455153838Sdfr const gss_name_t, /* desired_name */ 456153838Sdfr OM_uint32, /* time_req */ 457153838Sdfr const gss_OID_set, /* desired_mechs */ 458153838Sdfr gss_cred_usage_t, /* cred_usage */ 459153838Sdfr gss_cred_id_t *, /* output_cred_handle */ 460153838Sdfr gss_OID_set *, /* actual_mechs */ 461153838Sdfr OM_uint32 * /* time_rec */ 462153838Sdfr ); 463153838Sdfr 464153838SdfrOM_uint32 gss_release_cred 465153838Sdfr (OM_uint32 *, /* minor_status */ 466153838Sdfr gss_cred_id_t * /* cred_handle */ 467153838Sdfr ); 468153838Sdfr 469153838SdfrOM_uint32 gss_init_sec_context 470153838Sdfr (OM_uint32 *, /* minor_status */ 471153838Sdfr const gss_cred_id_t, /* initiator_cred_handle */ 472153838Sdfr gss_ctx_id_t *, /* context_handle */ 473153838Sdfr const gss_name_t, /* target_name */ 474153838Sdfr const gss_OID, /* mech_type */ 475153838Sdfr OM_uint32, /* req_flags */ 476153838Sdfr OM_uint32, /* time_req */ 477153838Sdfr const gss_channel_bindings_t, 478153838Sdfr /* input_chan_bindings */ 479153838Sdfr const gss_buffer_t, /* input_token */ 480153838Sdfr gss_OID *, /* actual_mech_type */ 481153838Sdfr gss_buffer_t, /* output_token */ 482153838Sdfr OM_uint32 *, /* ret_flags */ 483153838Sdfr OM_uint32 * /* time_rec */ 484153838Sdfr ); 485153838Sdfr 486153838SdfrOM_uint32 gss_accept_sec_context 487153838Sdfr (OM_uint32 *, /* minor_status */ 488153838Sdfr gss_ctx_id_t *, /* context_handle */ 489153838Sdfr const gss_cred_id_t, /* acceptor_cred_handle */ 490153838Sdfr const gss_buffer_t, /* input_token_buffer */ 491153838Sdfr const gss_channel_bindings_t, 492153838Sdfr /* input_chan_bindings */ 493153838Sdfr gss_name_t *, /* src_name */ 494153838Sdfr gss_OID *, /* mech_type */ 495153838Sdfr gss_buffer_t, /* output_token */ 496153838Sdfr OM_uint32 *, /* ret_flags */ 497153838Sdfr OM_uint32 *, /* time_rec */ 498153838Sdfr gss_cred_id_t * /* delegated_cred_handle */ 499153838Sdfr ); 500153838Sdfr 501153838SdfrOM_uint32 gss_process_context_token 502153838Sdfr (OM_uint32 *, /* minor_status */ 503153838Sdfr const gss_ctx_id_t, /* context_handle */ 504153838Sdfr const gss_buffer_t /* token_buffer */ 505153838Sdfr ); 506153838Sdfr 507153838SdfrOM_uint32 gss_delete_sec_context 508153838Sdfr (OM_uint32 *, /* minor_status */ 509153838Sdfr gss_ctx_id_t *, /* context_handle */ 510153838Sdfr gss_buffer_t /* output_token */ 511153838Sdfr ); 512153838Sdfr 513153838SdfrOM_uint32 gss_context_time 514153838Sdfr (OM_uint32 *, /* minor_status */ 515153838Sdfr const gss_ctx_id_t, /* context_handle */ 516153838Sdfr OM_uint32 * /* time_rec */ 517153838Sdfr ); 518153838Sdfr 519153838SdfrOM_uint32 gss_get_mic 520153838Sdfr (OM_uint32 *, /* minor_status */ 521153838Sdfr const gss_ctx_id_t, /* context_handle */ 522153838Sdfr gss_qop_t, /* qop_req */ 523153838Sdfr const gss_buffer_t, /* message_buffer */ 524153838Sdfr gss_buffer_t /* message_token */ 525153838Sdfr ); 526153838Sdfr 527153838SdfrOM_uint32 gss_verify_mic 528153838Sdfr (OM_uint32 *, /* minor_status */ 529153838Sdfr const gss_ctx_id_t, /* context_handle */ 530153838Sdfr const gss_buffer_t, /* message_buffer */ 531153838Sdfr const gss_buffer_t, /* token_buffer */ 532153838Sdfr gss_qop_t * /* qop_state */ 533153838Sdfr ); 534153838Sdfr 535153838SdfrOM_uint32 gss_wrap 536153838Sdfr (OM_uint32 *, /* minor_status */ 537153838Sdfr const gss_ctx_id_t, /* context_handle */ 538153838Sdfr int, /* conf_req_flag */ 539153838Sdfr gss_qop_t, /* qop_req */ 540153838Sdfr const gss_buffer_t, /* input_message_buffer */ 541153838Sdfr int *, /* conf_state */ 542153838Sdfr gss_buffer_t /* output_message_buffer */ 543153838Sdfr ); 544153838Sdfr 545153838SdfrOM_uint32 gss_unwrap 546153838Sdfr (OM_uint32 *, /* minor_status */ 547153838Sdfr const gss_ctx_id_t, /* context_handle */ 548153838Sdfr const gss_buffer_t, /* input_message_buffer */ 549153838Sdfr gss_buffer_t, /* output_message_buffer */ 550153838Sdfr int *, /* conf_state */ 551153838Sdfr gss_qop_t * /* qop_state */ 552153838Sdfr ); 553153838Sdfr 554153838SdfrOM_uint32 gss_display_status 555153838Sdfr (OM_uint32 *, /* minor_status */ 556153838Sdfr OM_uint32, /* status_value */ 557153838Sdfr int, /* status_type */ 558153838Sdfr const gss_OID, /* mech_type */ 559153838Sdfr OM_uint32 *, /* message_context */ 560153838Sdfr gss_buffer_t /* status_string */ 561153838Sdfr ); 562153838Sdfr 563153838SdfrOM_uint32 gss_indicate_mechs 564153838Sdfr (OM_uint32 *, /* minor_status */ 565153838Sdfr gss_OID_set * /* mech_set */ 566153838Sdfr ); 567153838Sdfr 568153838SdfrOM_uint32 gss_compare_name 569153838Sdfr (OM_uint32 *, /* minor_status */ 570153838Sdfr const gss_name_t, /* name1 */ 571153838Sdfr const gss_name_t, /* name2 */ 572153838Sdfr int * /* name_equal */ 573153838Sdfr ); 574153838Sdfr 575153838SdfrOM_uint32 gss_display_name 576153838Sdfr (OM_uint32 *, /* minor_status */ 577153838Sdfr const gss_name_t, /* input_name */ 578153838Sdfr gss_buffer_t, /* output_name_buffer */ 579153838Sdfr gss_OID * /* output_name_type */ 580153838Sdfr ); 581153838Sdfr 582153838SdfrOM_uint32 gss_import_name 583153838Sdfr (OM_uint32 *, /* minor_status */ 584153838Sdfr const gss_buffer_t, /* input_name_buffer */ 585153838Sdfr const gss_OID, /* input_name_type */ 586153838Sdfr gss_name_t * /* output_name */ 587153838Sdfr ); 588153838Sdfr 589153838SdfrOM_uint32 gss_export_name 590153838Sdfr (OM_uint32 *, /* minor_status */ 591153838Sdfr const gss_name_t, /* input_name */ 592153838Sdfr gss_buffer_t /* exported_name */ 593153838Sdfr ); 594153838Sdfr 595153838SdfrOM_uint32 gss_release_name 596153838Sdfr (OM_uint32 *, /* minor_status */ 597153838Sdfr gss_name_t * /* input_name */ 598153838Sdfr ); 599153838Sdfr 600153838SdfrOM_uint32 gss_release_buffer 601153838Sdfr (OM_uint32 *, /* minor_status */ 602153838Sdfr gss_buffer_t /* buffer */ 603153838Sdfr ); 604153838Sdfr 605153838SdfrOM_uint32 gss_release_oid_set 606153838Sdfr (OM_uint32 *, /* minor_status */ 607153838Sdfr gss_OID_set * /* set */ 608153838Sdfr ); 609153838Sdfr 610153838SdfrOM_uint32 gss_inquire_cred 611153838Sdfr (OM_uint32 *, /* minor_status */ 612153838Sdfr const gss_cred_id_t, /* cred_handle */ 613153838Sdfr gss_name_t *, /* name */ 614153838Sdfr OM_uint32 *, /* lifetime */ 615153838Sdfr gss_cred_usage_t *, /* cred_usage */ 616153838Sdfr gss_OID_set * /* mechanisms */ 617153838Sdfr ); 618153838Sdfr 619153838SdfrOM_uint32 gss_inquire_context ( 620153838Sdfr OM_uint32 *, /* minor_status */ 621153838Sdfr const gss_ctx_id_t, /* context_handle */ 622153838Sdfr gss_name_t *, /* src_name */ 623153838Sdfr gss_name_t *, /* targ_name */ 624153838Sdfr OM_uint32 *, /* lifetime_rec */ 625153838Sdfr gss_OID *, /* mech_type */ 626153838Sdfr OM_uint32 *, /* ctx_flags */ 627153838Sdfr int *, /* locally_initiated */ 628153838Sdfr int * /* open */ 629153838Sdfr ); 630153838Sdfr 631153838SdfrOM_uint32 gss_wrap_size_limit ( 632153838Sdfr OM_uint32 *, /* minor_status */ 633153838Sdfr const gss_ctx_id_t, /* context_handle */ 634153838Sdfr int, /* conf_req_flag */ 635153838Sdfr gss_qop_t, /* qop_req */ 636153838Sdfr OM_uint32, /* req_output_size */ 637153838Sdfr OM_uint32 * /* max_input_size */ 638153838Sdfr ); 639153838Sdfr 640153838SdfrOM_uint32 gss_add_cred ( 641153838Sdfr OM_uint32 *, /* minor_status */ 642153838Sdfr const gss_cred_id_t, /* input_cred_handle */ 643153838Sdfr const gss_name_t, /* desired_name */ 644153838Sdfr const gss_OID, /* desired_mech */ 645153838Sdfr gss_cred_usage_t, /* cred_usage */ 646153838Sdfr OM_uint32, /* initiator_time_req */ 647153838Sdfr OM_uint32, /* acceptor_time_req */ 648153838Sdfr gss_cred_id_t *, /* output_cred_handle */ 649153838Sdfr gss_OID_set *, /* actual_mechs */ 650153838Sdfr OM_uint32 *, /* initiator_time_rec */ 651153838Sdfr OM_uint32 * /* acceptor_time_rec */ 652153838Sdfr ); 653153838Sdfr 654153838SdfrOM_uint32 gss_inquire_cred_by_mech ( 655153838Sdfr OM_uint32 *, /* minor_status */ 656153838Sdfr const gss_cred_id_t, /* cred_handle */ 657153838Sdfr const gss_OID, /* mech_type */ 658153838Sdfr gss_name_t *, /* name */ 659153838Sdfr OM_uint32 *, /* initiator_lifetime */ 660153838Sdfr OM_uint32 *, /* acceptor_lifetime */ 661153838Sdfr gss_cred_usage_t * /* cred_usage */ 662153838Sdfr ); 663153838Sdfr 664153838SdfrOM_uint32 gss_export_sec_context ( 665153838Sdfr OM_uint32 *, /* minor_status */ 666153838Sdfr gss_ctx_id_t *, /* context_handle */ 667153838Sdfr gss_buffer_t /* interprocess_token */ 668153838Sdfr ); 669153838Sdfr 670153838SdfrOM_uint32 gss_import_sec_context ( 671153838Sdfr OM_uint32 *, /* minor_status */ 672153838Sdfr const gss_buffer_t, /* interprocess_token */ 673153838Sdfr gss_ctx_id_t * /* context_handle */ 674153838Sdfr ); 675153838Sdfr 676153838SdfrOM_uint32 gss_create_empty_oid_set ( 677153838Sdfr OM_uint32 *, /* minor_status */ 678153838Sdfr gss_OID_set * /* oid_set */ 679153838Sdfr ); 680153838Sdfr 681153838SdfrOM_uint32 gss_add_oid_set_member ( 682153838Sdfr OM_uint32 *, /* minor_status */ 683153838Sdfr const gss_OID, /* member_oid */ 684153838Sdfr gss_OID_set * /* oid_set */ 685153838Sdfr ); 686153838Sdfr 687153838SdfrOM_uint32 gss_test_oid_set_member ( 688153838Sdfr OM_uint32 *, /* minor_status */ 689153838Sdfr const gss_OID, /* member */ 690153838Sdfr const gss_OID_set, /* set */ 691153838Sdfr int * /* present */ 692153838Sdfr ); 693153838Sdfr 694153838SdfrOM_uint32 gss_inquire_names_for_mech ( 695153838Sdfr OM_uint32 *, /* minor_status */ 696153838Sdfr const gss_OID, /* mechanism */ 697153838Sdfr gss_OID_set * /* name_types */ 698153838Sdfr ); 699153838Sdfr 700153838SdfrOM_uint32 gss_inquire_mechs_for_name ( 701153838Sdfr OM_uint32 *, /* minor_status */ 702153838Sdfr const gss_name_t, /* input_name */ 703153838Sdfr gss_OID_set * /* mech_types */ 704153838Sdfr ); 705153838Sdfr 706153838SdfrOM_uint32 gss_canonicalize_name ( 707153838Sdfr OM_uint32 *, /* minor_status */ 708153838Sdfr const gss_name_t, /* input_name */ 709153838Sdfr const gss_OID, /* mech_type */ 710153838Sdfr gss_name_t * /* output_name */ 711153838Sdfr ); 712153838Sdfr 713153838SdfrOM_uint32 gss_duplicate_name ( 714153838Sdfr OM_uint32 *, /* minor_status */ 715153838Sdfr const gss_name_t, /* src_name */ 716153838Sdfr gss_name_t * /* dest_name */ 717153838Sdfr ); 718153838Sdfr 719153838Sdfr/* 720153838Sdfr * The following routines are obsolete variants of gss_get_mic, 721153838Sdfr * gss_verify_mic, gss_wrap and gss_unwrap. They should be 722153838Sdfr * provided by GSS-API V2 implementations for backwards 723153838Sdfr * compatibility with V1 applications. Distinct entrypoints 724153838Sdfr * (as opposed to #defines) should be provided, both to allow 725153838Sdfr * GSS-API V1 applications to link against GSS-API V2 implementations, 726153838Sdfr * and to retain the slight parameter type differences between the 727153838Sdfr * obsolete versions of these routines and their current forms. 728153838Sdfr */ 729153838Sdfr 730153838SdfrOM_uint32 gss_sign 731153838Sdfr (OM_uint32 *, /* minor_status */ 732153838Sdfr gss_ctx_id_t, /* context_handle */ 733153838Sdfr int, /* qop_req */ 734153838Sdfr gss_buffer_t, /* message_buffer */ 735153838Sdfr gss_buffer_t /* message_token */ 736153838Sdfr ); 737153838Sdfr 738153838Sdfr 739153838SdfrOM_uint32 gss_verify 740153838Sdfr (OM_uint32 *, /* minor_status */ 741153838Sdfr gss_ctx_id_t, /* context_handle */ 742153838Sdfr gss_buffer_t, /* message_buffer */ 743153838Sdfr gss_buffer_t, /* token_buffer */ 744153838Sdfr int * /* qop_state */ 745153838Sdfr ); 746153838Sdfr 747153838SdfrOM_uint32 gss_seal 748153838Sdfr (OM_uint32 *, /* minor_status */ 749153838Sdfr gss_ctx_id_t, /* context_handle */ 750153838Sdfr int, /* conf_req_flag */ 751153838Sdfr int, /* qop_req */ 752153838Sdfr gss_buffer_t, /* input_message_buffer */ 753153838Sdfr int *, /* conf_state */ 754153838Sdfr gss_buffer_t /* output_message_buffer */ 755153838Sdfr ); 756153838Sdfr 757153838Sdfr 758153838SdfrOM_uint32 gss_unseal 759153838Sdfr (OM_uint32 *, /* minor_status */ 760153838Sdfr gss_ctx_id_t, /* context_handle */ 761153838Sdfr gss_buffer_t, /* input_message_buffer */ 762153838Sdfr gss_buffer_t, /* output_message_buffer */ 763153838Sdfr int *, /* conf_state */ 764153838Sdfr int * /* qop_state */ 765153838Sdfr ); 766153838Sdfr 767153838Sdfr/* 768178828Sdfr * Other extensions and helper functions. 769153838Sdfr */ 770153838Sdfr 771178828Sdfrint gss_oid_equal 772178828Sdfr (const gss_OID, /* first OID to compare */ 773178828Sdfr const gss_OID /* second OID to compare */ 774153838Sdfr ); 775153838Sdfr 776178828SdfrOM_uint32 gss_release_oid 777178828Sdfr (OM_uint32 *, /* minor status */ 778178828Sdfr gss_OID * /* oid to free */ 779153838Sdfr ); 780153838Sdfr 781178828SdfrOM_uint32 gss_decapsulate_token 782178828Sdfr (const gss_buffer_t, /* mechanism independent token */ 783178828Sdfr gss_OID, /* desired mechanism */ 784229781Suqs gss_buffer_t /* decapsulated mechanism dependent token */ 785153838Sdfr ); 786153838Sdfr 787178828SdfrOM_uint32 gss_encapsulate_token 788229781Suqs (const gss_buffer_t, /* mechanism dependent token */ 789178828Sdfr gss_OID, /* desired mechanism */ 790178828Sdfr gss_buffer_t /* encapsulated mechanism independent token */ 791178828Sdfr ); 792178828Sdfr 793178828SdfrOM_uint32 gss_duplicate_oid 794178828Sdfr (OM_uint32 *, /* minor status */ 795178828Sdfr const gss_OID, /* oid to copy */ 796178828Sdfr gss_OID * /* result */ 797178828Sdfr ); 798178828Sdfr 799178828SdfrOM_uint32 gss_oid_to_str 800178828Sdfr (OM_uint32 *, /* minor status */ 801178828Sdfr gss_OID, /* oid to convert */ 802178828Sdfr gss_buffer_t /* buffer to contain string */ 803178828Sdfr ); 804178828Sdfr 805178828Sdfrtypedef struct gss_buffer_set_desc_struct { 806178828Sdfr size_t count; 807178828Sdfr gss_buffer_desc *elements; 808178828Sdfr} gss_buffer_set_desc, *gss_buffer_set_t; 809178828Sdfr 810178828Sdfr#define GSS_C_NO_BUFFER_SET ((gss_buffer_set_t) 0) 811178828Sdfr 812178828SdfrOM_uint32 gss_create_empty_buffer_set 813178828Sdfr (OM_uint32 *, /* minor status */ 814178828Sdfr gss_buffer_set_t * /* location for new buffer set */ 815178828Sdfr ); 816178828Sdfr 817178828SdfrOM_uint32 gss_add_buffer_set_member 818178828Sdfr (OM_uint32 *, /* minor status */ 819178828Sdfr gss_buffer_t, /* buffer to add */ 820178828Sdfr gss_buffer_set_t * /* set to add to */ 821178828Sdfr ); 822178828Sdfr 823178828SdfrOM_uint32 gss_release_buffer_set 824178828Sdfr (OM_uint32 *, /* minor status */ 825178828Sdfr gss_buffer_set_t * /* set to release */ 826178828Sdfr ); 827178828Sdfr 828178828SdfrOM_uint32 gss_inquire_sec_context_by_oid 829178828Sdfr (OM_uint32 *, /* minor_status */ 830178828Sdfr const gss_ctx_id_t, /* context_handle */ 831178828Sdfr const gss_OID, /* desired_object */ 832178828Sdfr gss_buffer_set_t * /* result */ 833178828Sdfr ); 834178828Sdfr 835178828SdfrOM_uint32 gss_inquire_cred_by_oid 836178828Sdfr (OM_uint32 *, /* minor_status */ 837178828Sdfr const gss_cred_id_t, /* cred_handle */ 838178828Sdfr const gss_OID, /* desired_object */ 839178828Sdfr gss_buffer_set_t * /* result */ 840178828Sdfr ); 841178828Sdfr 842178828SdfrOM_uint32 gss_set_sec_context_option 843178828Sdfr (OM_uint32 *, /* minor status */ 844178828Sdfr gss_ctx_id_t *, /* context */ 845178828Sdfr const gss_OID, /* option to set */ 846178828Sdfr const gss_buffer_t /* option value */ 847178828Sdfr ); 848178828Sdfr 849178828SdfrOM_uint32 gss_set_cred_option 850178828Sdfr (OM_uint32 *, /* minor status */ 851178828Sdfr gss_cred_id_t *, /* cred */ 852178828Sdfr const gss_OID, /* option to set */ 853178828Sdfr const gss_buffer_t /* option value */ 854178828Sdfr ); 855178828Sdfr 856178828SdfrOM_uint32 gss_pseudo_random 857178828Sdfr (OM_uint32 *, /* minor status */ 858178828Sdfr gss_ctx_id_t, /* context handle */ 859178828Sdfr int prf_key, /* XXX */ 860178828Sdfr const gss_buffer_t, /* data to seed generator */ 861178828Sdfr ssize_t, /* amount of data required */ 862178828Sdfr gss_buffer_t /* buffer for result */ 863178828Sdfr ); 864178828Sdfr 865181344Sdfr#ifdef _UID_T_DECLARED 866181344SdfrOM_uint32 gss_pname_to_uid 867181344Sdfr (OM_uint32 *, /* minor status */ 868181344Sdfr const gss_name_t pname, /* principal name */ 869181344Sdfr const gss_OID mech, /* mechanism to query */ 870181344Sdfr uid_t *uidp /* pointer to UID for result */ 871181344Sdfr ); 872181344Sdfr#endif 873181344Sdfr 874179033Sdfr__END_DECLS 875179033Sdfr 876153838Sdfr#endif /* _GSSAPI_GSSAPI_H_ */ 877