1/*-
2 * Copyright (c) 2008 Isilon Inc http://www.isilon.com/
3 * Authors: Doug Rabson <dfr@rabson.org>
4 * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org>
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 *    notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 *    notice, this list of conditions and the following disclaimer in the
13 *    documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 * SUCH DAMAGE.
26 */
27
28/* $FreeBSD$ */
29
30#ifdef RPC_HDR
31
32%#ifdef _KERNEL
33%#include <kgssapi/gssapi.h>
34%#else
35%#include <gssapi/gssapi.h>
36%#endif
37
38%extern bool_t xdr_gss_buffer_desc(XDR *xdrs, gss_buffer_desc *buf);
39%extern bool_t xdr_gss_OID_desc(XDR *xdrs, gss_OID_desc *oid);
40%extern bool_t xdr_gss_OID(XDR *xdrs, gss_OID *oidp);
41%extern bool_t xdr_gss_OID_set_desc(XDR *xdrs, gss_OID_set_desc *set);
42%extern bool_t xdr_gss_OID_set(XDR *xdrs, gss_OID_set *setp);
43%extern bool_t xdr_gss_channel_bindings_t(XDR *xdrs, gss_channel_bindings_t *chp);
44
45#endif
46
47typedef uint64_t gssd_ctx_id_t;
48typedef uint64_t gssd_cred_id_t;
49typedef uint64_t gssd_name_t;
50
51struct init_sec_context_res {
52	uint32_t	major_status;
53	uint32_t	minor_status;
54	gssd_ctx_id_t	ctx;
55	gss_OID		actual_mech_type;
56	gss_buffer_desc output_token;
57	uint32_t	ret_flags;
58	uint32_t	time_rec;
59};
60
61struct init_sec_context_args {
62	uint32_t	uid;
63	gssd_cred_id_t	cred;
64	gssd_ctx_id_t	ctx;
65	gssd_name_t	name;
66	gss_OID		mech_type;
67	uint32_t	req_flags;
68	uint32_t	time_req;
69	gss_channel_bindings_t input_chan_bindings;
70	gss_buffer_desc input_token;
71};
72
73struct accept_sec_context_res {
74	uint32_t	major_status;
75	uint32_t	minor_status;
76	gssd_ctx_id_t	ctx;
77	gssd_name_t	src_name;
78	gss_OID		mech_type;
79	gss_buffer_desc	output_token;
80	uint32_t	ret_flags;
81	uint32_t	time_rec;
82	gssd_cred_id_t	delegated_cred_handle;
83};
84
85struct accept_sec_context_args {
86	gssd_ctx_id_t	ctx;
87	gssd_cred_id_t	cred;
88	gss_buffer_desc	input_token;
89	gss_channel_bindings_t input_chan_bindings;
90};
91
92struct delete_sec_context_res {
93	uint32_t	major_status;
94	uint32_t	minor_status;
95	gss_buffer_desc	output_token;
96};
97
98struct delete_sec_context_args {
99	gssd_ctx_id_t	ctx;
100};
101
102enum sec_context_format {
103	KGSS_HEIMDAL_0_6,
104	KGSS_HEIMDAL_1_1
105};
106
107struct export_sec_context_res {
108	uint32_t	major_status;
109	uint32_t	minor_status;
110	enum sec_context_format format;
111	gss_buffer_desc	interprocess_token;
112};
113
114struct export_sec_context_args {
115       gssd_ctx_id_t	ctx;
116};
117
118struct import_name_res {
119	uint32_t	major_status;
120	uint32_t	minor_status;
121	gssd_name_t	output_name;
122};
123
124struct import_name_args {
125	gss_buffer_desc	input_name_buffer;
126	gss_OID		input_name_type;
127};
128
129struct canonicalize_name_res {
130	uint32_t	major_status;
131	uint32_t	minor_status;
132	gssd_name_t	output_name;
133};
134
135struct canonicalize_name_args {
136	gssd_name_t	input_name;
137	gss_OID		mech_type;
138};
139
140struct export_name_res {
141	uint32_t	major_status;
142	uint32_t	minor_status;
143	gss_buffer_desc	exported_name;
144};
145
146struct export_name_args {
147	gssd_name_t	input_name;
148};
149
150struct release_name_res {
151	uint32_t	major_status;
152	uint32_t	minor_status;
153};
154
155struct release_name_args {
156	gssd_name_t	input_name;
157};
158
159struct pname_to_uid_res {
160	uint32_t	major_status;
161	uint32_t	minor_status;
162	uint32_t	uid;
163	uint32_t	gid;
164	uint32_t	gidlist<>;
165};
166
167struct pname_to_uid_args {
168       gssd_name_t	pname;
169       gss_OID		mech;
170};
171
172struct acquire_cred_res {
173	uint32_t	major_status;
174	uint32_t	minor_status;
175	gssd_cred_id_t	output_cred;
176	gss_OID_set	actual_mechs;
177	uint32_t	time_rec;
178};
179
180struct acquire_cred_args {
181	uint32_t	uid;
182	gssd_name_t	desired_name;
183	uint32_t	time_req;
184	gss_OID_set	desired_mechs;
185	int		cred_usage;
186};
187
188struct set_cred_option_res {
189	uint32_t	major_status;
190	uint32_t	minor_status;
191};
192
193struct set_cred_option_args {
194       gssd_cred_id_t	cred;
195       gss_OID		option_name;
196       gss_buffer_desc	option_value;
197};
198
199struct release_cred_res {
200	uint32_t	major_status;
201	uint32_t	minor_status;
202};
203
204struct release_cred_args {
205	gssd_cred_id_t	cred;
206};
207
208struct display_status_res {
209	uint32_t	major_status;
210	uint32_t	minor_status;
211	uint32_t	message_context;
212	gss_buffer_desc	status_string;
213};
214
215struct display_status_args {
216       uint32_t		status_value;
217       int		status_type;
218       gss_OID		mech_type;
219       uint32_t		message_context;
220};
221
222program GSSD {
223	version GSSDVERS {
224		void GSSD_NULL(void) = 0;
225
226		init_sec_context_res
227		GSSD_INIT_SEC_CONTEXT(init_sec_context_args) = 1;
228
229		accept_sec_context_res
230		GSSD_ACCEPT_SEC_CONTEXT(accept_sec_context_args) = 2;
231
232		delete_sec_context_res
233		GSSD_DELETE_SEC_CONTEXT(delete_sec_context_args) = 3;
234
235		export_sec_context_res
236		GSSD_EXPORT_SEC_CONTEXT(export_sec_context_args) = 4;
237
238		import_name_res
239		GSSD_IMPORT_NAME(import_name_args) = 5;
240
241		canonicalize_name_res
242		GSSD_CANONICALIZE_NAME(canonicalize_name_args) = 6;
243
244		export_name_res
245		GSSD_EXPORT_NAME(export_name_args) = 7;
246
247		release_name_res
248		GSSD_RELEASE_NAME(release_name_args) = 8;
249
250		pname_to_uid_res
251		GSSD_PNAME_TO_UID(pname_to_uid_args) = 9;
252
253		acquire_cred_res
254		GSSD_ACQUIRE_CRED(acquire_cred_args) = 10;
255
256		set_cred_option_res
257		GSSD_SET_CRED_OPTION(set_cred_option_args) = 11;
258
259		release_cred_res
260		GSSD_RELEASE_CRED(release_cred_args) = 12;
261
262		display_status_res
263		GSSD_DISPLAY_STATUS(display_status_args) = 13;
264	} = 1;
265} = 0x40677373;
266