1/*- 2 * Copyright (c) 2005 Doug Rabson 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * 26 * $FreeBSD$ 27 */ 28 29#include <unistd.h> 30#include <sys/queue.h> 31 32typedef OM_uint32 _gss_acquire_cred_t 33 (OM_uint32 *, /* minor_status */ 34 const gss_name_t, /* desired_name */ 35 OM_uint32, /* time_req */ 36 const gss_OID_set, /* desired_mechs */ 37 gss_cred_usage_t, /* cred_usage */ 38 gss_cred_id_t *, /* output_cred_handle */ 39 gss_OID_set *, /* actual_mechs */ 40 OM_uint32 * /* time_rec */ 41 ); 42 43typedef OM_uint32 _gss_release_cred_t 44 (OM_uint32 *, /* minor_status */ 45 gss_cred_id_t * /* cred_handle */ 46 ); 47 48typedef OM_uint32 _gss_init_sec_context_t 49 (OM_uint32 *, /* minor_status */ 50 const gss_cred_id_t, /* initiator_cred_handle */ 51 gss_ctx_id_t *, /* context_handle */ 52 const gss_name_t, /* target_name */ 53 const gss_OID, /* mech_type */ 54 OM_uint32, /* req_flags */ 55 OM_uint32, /* time_req */ 56 const gss_channel_bindings_t, 57 /* input_chan_bindings */ 58 const gss_buffer_t, /* input_token */ 59 gss_OID *, /* actual_mech_type */ 60 gss_buffer_t, /* output_token */ 61 OM_uint32 *, /* ret_flags */ 62 OM_uint32 * /* time_rec */ 63 ); 64 65typedef OM_uint32 _gss_accept_sec_context_t 66 (OM_uint32 *, /* minor_status */ 67 gss_ctx_id_t *, /* context_handle */ 68 const gss_cred_id_t, /* acceptor_cred_handle */ 69 const gss_buffer_t, /* input_token_buffer */ 70 const gss_channel_bindings_t, 71 /* input_chan_bindings */ 72 gss_name_t *, /* src_name */ 73 gss_OID *, /* mech_type */ 74 gss_buffer_t, /* output_token */ 75 OM_uint32 *, /* ret_flags */ 76 OM_uint32 *, /* time_rec */ 77 gss_cred_id_t * /* delegated_cred_handle */ 78 ); 79 80typedef OM_uint32 _gss_process_context_token_t 81 (OM_uint32 *, /* minor_status */ 82 const gss_ctx_id_t, /* context_handle */ 83 const gss_buffer_t /* token_buffer */ 84 ); 85 86typedef OM_uint32 _gss_delete_sec_context_t 87 (OM_uint32 *, /* minor_status */ 88 gss_ctx_id_t *, /* context_handle */ 89 gss_buffer_t /* output_token */ 90 ); 91 92typedef OM_uint32 _gss_context_time_t 93 (OM_uint32 *, /* minor_status */ 94 const gss_ctx_id_t, /* context_handle */ 95 OM_uint32 * /* time_rec */ 96 ); 97 98typedef OM_uint32 _gss_get_mic_t 99 (OM_uint32 *, /* minor_status */ 100 const gss_ctx_id_t, /* context_handle */ 101 gss_qop_t, /* qop_req */ 102 const gss_buffer_t, /* message_buffer */ 103 gss_buffer_t /* message_token */ 104 ); 105 106typedef OM_uint32 _gss_verify_mic_t 107 (OM_uint32 *, /* minor_status */ 108 const gss_ctx_id_t, /* context_handle */ 109 const gss_buffer_t, /* message_buffer */ 110 const gss_buffer_t, /* token_buffer */ 111 gss_qop_t * /* qop_state */ 112 ); 113 114typedef OM_uint32 _gss_wrap_t 115 (OM_uint32 *, /* minor_status */ 116 const gss_ctx_id_t, /* context_handle */ 117 int, /* conf_req_flag */ 118 gss_qop_t, /* qop_req */ 119 const gss_buffer_t, /* input_message_buffer */ 120 int *, /* conf_state */ 121 gss_buffer_t /* output_message_buffer */ 122 ); 123 124typedef OM_uint32 _gss_unwrap_t 125 (OM_uint32 *, /* minor_status */ 126 const gss_ctx_id_t, /* context_handle */ 127 const gss_buffer_t, /* input_message_buffer */ 128 gss_buffer_t, /* output_message_buffer */ 129 int *, /* conf_state */ 130 gss_qop_t * /* qop_state */ 131 ); 132 133typedef OM_uint32 _gss_display_status_t 134 (OM_uint32 *, /* minor_status */ 135 OM_uint32, /* status_value */ 136 int, /* status_type */ 137 const gss_OID, /* mech_type */ 138 OM_uint32 *, /* message_context */ 139 gss_buffer_t /* status_string */ 140 ); 141 142typedef OM_uint32 _gss_indicate_mechs_t 143 (OM_uint32 *, /* minor_status */ 144 gss_OID_set * /* mech_set */ 145 ); 146 147typedef OM_uint32 _gss_compare_name_t 148 (OM_uint32 *, /* minor_status */ 149 const gss_name_t, /* name1 */ 150 const gss_name_t, /* name2 */ 151 int * /* name_equal */ 152 ); 153 154typedef OM_uint32 _gss_display_name_t 155 (OM_uint32 *, /* minor_status */ 156 const gss_name_t, /* input_name */ 157 gss_buffer_t, /* output_name_buffer */ 158 gss_OID * /* output_name_type */ 159 ); 160 161typedef OM_uint32 _gss_import_name_t 162 (OM_uint32 *, /* minor_status */ 163 const gss_buffer_t, /* input_name_buffer */ 164 const gss_OID, /* input_name_type */ 165 gss_name_t * /* output_name */ 166 ); 167 168typedef OM_uint32 _gss_export_name_t 169 (OM_uint32 *, /* minor_status */ 170 const gss_name_t, /* input_name */ 171 gss_buffer_t /* exported_name */ 172 ); 173 174typedef OM_uint32 _gss_release_name_t 175 (OM_uint32 *, /* minor_status */ 176 gss_name_t * /* input_name */ 177 ); 178 179typedef OM_uint32 _gss_inquire_cred_t 180 (OM_uint32 *, /* minor_status */ 181 const gss_cred_id_t, /* cred_handle */ 182 gss_name_t *, /* name */ 183 OM_uint32 *, /* lifetime */ 184 gss_cred_usage_t *, /* cred_usage */ 185 gss_OID_set * /* mechanisms */ 186 ); 187 188typedef OM_uint32 _gss_inquire_context_t 189 (OM_uint32 *, /* minor_status */ 190 const gss_ctx_id_t, /* context_handle */ 191 gss_name_t *, /* src_name */ 192 gss_name_t *, /* targ_name */ 193 OM_uint32 *, /* lifetime_rec */ 194 gss_OID *, /* mech_type */ 195 OM_uint32 *, /* ctx_flags */ 196 int *, /* locally_initiated */ 197 int * /* open */ 198 ); 199 200typedef OM_uint32 _gss_wrap_size_limit_t 201 (OM_uint32 *, /* minor_status */ 202 const gss_ctx_id_t, /* context_handle */ 203 int, /* conf_req_flag */ 204 gss_qop_t, /* qop_req */ 205 OM_uint32, /* req_output_size */ 206 OM_uint32 * /* max_input_size */ 207 ); 208 209typedef OM_uint32 _gss_add_cred_t ( 210 OM_uint32 *, /* minor_status */ 211 const gss_cred_id_t, /* input_cred_handle */ 212 const gss_name_t, /* desired_name */ 213 const gss_OID, /* desired_mech */ 214 gss_cred_usage_t, /* cred_usage */ 215 OM_uint32, /* initiator_time_req */ 216 OM_uint32, /* acceptor_time_req */ 217 gss_cred_id_t *, /* output_cred_handle */ 218 gss_OID_set *, /* actual_mechs */ 219 OM_uint32 *, /* initiator_time_rec */ 220 OM_uint32 * /* acceptor_time_rec */ 221 ); 222 223typedef OM_uint32 _gss_inquire_cred_by_mech_t ( 224 OM_uint32 *, /* minor_status */ 225 const gss_cred_id_t, /* cred_handle */ 226 const gss_OID, /* mech_type */ 227 gss_name_t *, /* name */ 228 OM_uint32 *, /* initiator_lifetime */ 229 OM_uint32 *, /* acceptor_lifetime */ 230 gss_cred_usage_t * /* cred_usage */ 231 ); 232 233typedef OM_uint32 _gss_export_sec_context_t ( 234 OM_uint32 *, /* minor_status */ 235 gss_ctx_id_t *, /* context_handle */ 236 gss_buffer_t /* interprocess_token */ 237 ); 238 239typedef OM_uint32 _gss_import_sec_context_t ( 240 OM_uint32 *, /* minor_status */ 241 const gss_buffer_t, /* interprocess_token */ 242 gss_ctx_id_t * /* context_handle */ 243 ); 244 245typedef OM_uint32 _gss_inquire_names_for_mech_t ( 246 OM_uint32 *, /* minor_status */ 247 const gss_OID, /* mechanism */ 248 gss_OID_set * /* name_types */ 249 ); 250 251typedef OM_uint32 _gss_inquire_mechs_for_name_t ( 252 OM_uint32 *, /* minor_status */ 253 const gss_name_t, /* input_name */ 254 gss_OID_set * /* mech_types */ 255 ); 256 257typedef OM_uint32 _gss_canonicalize_name_t ( 258 OM_uint32 *, /* minor_status */ 259 const gss_name_t, /* input_name */ 260 const gss_OID, /* mech_type */ 261 gss_name_t * /* output_name */ 262 ); 263 264typedef OM_uint32 _gss_duplicate_name_t ( 265 OM_uint32 *, /* minor_status */ 266 const gss_name_t, /* src_name */ 267 gss_name_t * /* dest_name */ 268 ); 269 270typedef OM_uint32 _gss_inquire_sec_context_by_oid 271 (OM_uint32 *, /* minor_status */ 272 const gss_ctx_id_t, /* context_handle */ 273 const gss_OID, /* desired_object */ 274 gss_buffer_set_t * /* result */ 275 ); 276 277typedef OM_uint32 _gss_inquire_cred_by_oid 278 (OM_uint32 *, /* bminor_status */ 279 const gss_cred_id_t, /* cred_handle, */ 280 const gss_OID, /* desired_object */ 281 gss_buffer_set_t * /* data_set */ 282 ); 283 284typedef OM_uint32 _gss_set_sec_context_option 285 (OM_uint32 *, /* minor status */ 286 gss_ctx_id_t *, /* context */ 287 const gss_OID, /* option to set */ 288 const gss_buffer_t /* option value */ 289 ); 290 291typedef OM_uint32 _gss_set_cred_option 292 (OM_uint32 *, /* minor status */ 293 gss_cred_id_t *, /* cred */ 294 const gss_OID, /* option to set */ 295 const gss_buffer_t /* option value */ 296 ); 297 298typedef OM_uint32 _gss_pseudo_random 299 (OM_uint32 *, /* minor status */ 300 gss_ctx_id_t, /* context */ 301 int, /* PRF key */ 302 const gss_buffer_t, /* PRF input */ 303 ssize_t, /* desired output length */ 304 gss_buffer_t /* PRF output */ 305 ); 306 307typedef OM_uint32 _gss_pname_to_uid 308 (OM_uint32 *, /* minor status */ 309 gss_name_t pname, /* principal name */ 310 gss_OID mech, /* mechanism to query */ 311 uid_t *uidp /* pointer to UID for result */ 312 ); 313 314struct _gss_mech_switch { 315 SLIST_ENTRY(_gss_mech_switch) gm_link; 316 const char *gm_name_prefix; 317 gss_OID_desc gm_mech_oid; 318 void *gm_so; 319 _gss_acquire_cred_t *gm_acquire_cred; 320 _gss_release_cred_t *gm_release_cred; 321 _gss_init_sec_context_t *gm_init_sec_context; 322 _gss_accept_sec_context_t *gm_accept_sec_context; 323 _gss_process_context_token_t *gm_process_context_token; 324 _gss_delete_sec_context_t *gm_delete_sec_context; 325 _gss_context_time_t *gm_context_time; 326 _gss_get_mic_t *gm_get_mic; 327 _gss_verify_mic_t *gm_verify_mic; 328 _gss_wrap_t *gm_wrap; 329 _gss_unwrap_t *gm_unwrap; 330 _gss_display_status_t *gm_display_status; 331 _gss_indicate_mechs_t *gm_indicate_mechs; 332 _gss_compare_name_t *gm_compare_name; 333 _gss_display_name_t *gm_display_name; 334 _gss_import_name_t *gm_import_name; 335 _gss_export_name_t *gm_export_name; 336 _gss_release_name_t *gm_release_name; 337 _gss_inquire_cred_t *gm_inquire_cred; 338 _gss_inquire_context_t *gm_inquire_context; 339 _gss_wrap_size_limit_t *gm_wrap_size_limit; 340 _gss_add_cred_t *gm_add_cred; 341 _gss_inquire_cred_by_mech_t *gm_inquire_cred_by_mech; 342 _gss_export_sec_context_t *gm_export_sec_context; 343 _gss_import_sec_context_t *gm_import_sec_context; 344 _gss_inquire_names_for_mech_t *gm_inquire_names_for_mech; 345 _gss_inquire_mechs_for_name_t *gm_inquire_mechs_for_name; 346 _gss_canonicalize_name_t *gm_canonicalize_name; 347 _gss_duplicate_name_t *gm_duplicate_name; 348 _gss_inquire_sec_context_by_oid *gm_inquire_sec_context_by_oid; 349 _gss_inquire_cred_by_oid *gm_inquire_cred_by_oid; 350 _gss_set_sec_context_option *gm_set_sec_context_option; 351 _gss_set_cred_option *gm_set_cred_option; 352 _gss_pseudo_random *gm_pseudo_random; 353 _gss_pname_to_uid *gm_pname_to_uid; 354}; 355SLIST_HEAD(_gss_mech_switch_list, _gss_mech_switch); 356extern struct _gss_mech_switch_list _gss_mechs; 357extern gss_OID_set _gss_mech_oids; 358 359extern void _gss_load_mech(void); 360extern struct _gss_mech_switch *_gss_find_mech_switch(gss_OID); 361extern void _gss_mg_error(struct _gss_mech_switch *m, OM_uint32 maj, 362 OM_uint32 min); 363extern void _gss_mg_collect_error(gss_OID mech, OM_uint32 maj, OM_uint32 min); 364