1/*-
2 * Copyright (c) 2008 Isilon Inc http://www.isilon.com/
3 * Authors: Doug Rabson <dfr@rabson.org>
4 * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org>
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 *    notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 *    notice, this list of conditions and the following disclaimer in the
13 *    documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 * SUCH DAMAGE.
26 */
27
28
29#ifdef RPC_HDR
30
31%#ifdef _KERNEL
32%#include <kgssapi/gssapi.h>
33%#else
34%#include <gssapi/gssapi.h>
35%#include <netdb.h>
36%#endif
37
38%extern bool_t xdr_gss_buffer_desc(XDR *xdrs, gss_buffer_desc *buf);
39%extern bool_t xdr_gss_OID_desc(XDR *xdrs, gss_OID_desc *oid);
40%extern bool_t xdr_gss_OID(XDR *xdrs, gss_OID *oidp);
41%extern bool_t xdr_gss_OID_set_desc(XDR *xdrs, gss_OID_set_desc *set);
42%extern bool_t xdr_gss_OID_set(XDR *xdrs, gss_OID_set *setp);
43%extern bool_t xdr_gss_channel_bindings_t(XDR *xdrs, gss_channel_bindings_t *chp);
44
45#endif
46
47typedef uint64_t gssd_ctx_id_t;
48typedef uint64_t gssd_cred_id_t;
49typedef uint64_t gssd_name_t;
50
51struct init_sec_context_res {
52	uint32_t	major_status;
53	uint32_t	minor_status;
54	gssd_ctx_id_t	ctx;
55	gss_OID		actual_mech_type;
56	gss_buffer_desc output_token;
57	uint32_t	ret_flags;
58	uint32_t	time_rec;
59};
60
61struct init_sec_context_args {
62	uint32_t	uid;
63	gssd_cred_id_t	cred;
64	gssd_ctx_id_t	ctx;
65	gssd_name_t	name;
66	gss_OID		mech_type;
67	uint32_t	req_flags;
68	uint32_t	time_req;
69	gss_channel_bindings_t input_chan_bindings;
70	gss_buffer_desc input_token;
71};
72
73struct accept_sec_context_res {
74	uint32_t	major_status;
75	uint32_t	minor_status;
76	gssd_ctx_id_t	ctx;
77	gssd_name_t	src_name;
78	gss_OID		mech_type;
79	gss_buffer_desc	output_token;
80	uint32_t	ret_flags;
81	uint32_t	time_rec;
82	gssd_cred_id_t	delegated_cred_handle;
83};
84
85struct accept_sec_context_args {
86	gssd_ctx_id_t	ctx;
87	gssd_cred_id_t	cred;
88	gss_buffer_desc	input_token;
89	gss_channel_bindings_t input_chan_bindings;
90};
91
92struct delete_sec_context_res {
93	uint32_t	major_status;
94	uint32_t	minor_status;
95	gss_buffer_desc	output_token;
96};
97
98struct delete_sec_context_args {
99	gssd_ctx_id_t	ctx;
100};
101
102enum sec_context_format {
103	KGSS_HEIMDAL_0_6,
104	KGSS_HEIMDAL_1_1
105};
106
107struct export_sec_context_res {
108	uint32_t	major_status;
109	uint32_t	minor_status;
110	enum sec_context_format format;
111	gss_buffer_desc	interprocess_token;
112};
113
114struct export_sec_context_args {
115       gssd_ctx_id_t	ctx;
116};
117
118struct import_name_res {
119	uint32_t	major_status;
120	uint32_t	minor_status;
121	gssd_name_t	output_name;
122};
123
124struct import_name_args {
125	gss_buffer_desc	input_name_buffer;
126	gss_OID		input_name_type;
127};
128
129struct canonicalize_name_res {
130	uint32_t	major_status;
131	uint32_t	minor_status;
132	gssd_name_t	output_name;
133};
134
135struct canonicalize_name_args {
136	gssd_name_t	input_name;
137	gss_OID		mech_type;
138};
139
140struct export_name_res {
141	uint32_t	major_status;
142	uint32_t	minor_status;
143	gss_buffer_desc	exported_name;
144};
145
146struct export_name_args {
147	gssd_name_t	input_name;
148};
149
150struct release_name_res {
151	uint32_t	major_status;
152	uint32_t	minor_status;
153};
154
155struct release_name_args {
156	gssd_name_t	input_name;
157};
158
159struct pname_to_uid_res {
160	uint32_t	major_status;
161	uint32_t	minor_status;
162	uint32_t	uid;
163	uint32_t	gid;
164	uint32_t	gidlist<>;
165};
166
167struct pname_to_uid_args {
168       gssd_name_t	pname;
169       gss_OID		mech;
170};
171
172struct acquire_cred_res {
173	uint32_t	major_status;
174	uint32_t	minor_status;
175	gssd_cred_id_t	output_cred;
176	gss_OID_set	actual_mechs;
177	uint32_t	time_rec;
178};
179
180struct acquire_cred_args {
181	uint32_t	uid;
182	gssd_name_t	desired_name;
183	uint32_t	time_req;
184	gss_OID_set	desired_mechs;
185	int		cred_usage;
186};
187
188struct set_cred_option_res {
189	uint32_t	major_status;
190	uint32_t	minor_status;
191};
192
193struct set_cred_option_args {
194       gssd_cred_id_t	cred;
195       gss_OID		option_name;
196       gss_buffer_desc	option_value;
197};
198
199struct release_cred_res {
200	uint32_t	major_status;
201	uint32_t	minor_status;
202};
203
204struct release_cred_args {
205	gssd_cred_id_t	cred;
206};
207
208struct display_status_res {
209	uint32_t	major_status;
210	uint32_t	minor_status;
211	uint32_t	message_context;
212	gss_buffer_desc	status_string;
213};
214
215struct display_status_args {
216       uint32_t		status_value;
217       int		status_type;
218       gss_OID		mech_type;
219       uint32_t		message_context;
220};
221
222struct ip_to_dns_res {
223	uint32_t	major_status;
224	uint32_t	minor_status;
225	char		dns_name<NI_MAXHOST>;
226};
227
228struct ip_to_dns_args {
229	char		ip_addr<NI_MAXHOST>;
230};
231
232program GSSD {
233	version GSSDVERS {
234		void GSSD_NULL(void) = 0;
235
236		init_sec_context_res
237		GSSD_INIT_SEC_CONTEXT(init_sec_context_args) = 1;
238
239		accept_sec_context_res
240		GSSD_ACCEPT_SEC_CONTEXT(accept_sec_context_args) = 2;
241
242		delete_sec_context_res
243		GSSD_DELETE_SEC_CONTEXT(delete_sec_context_args) = 3;
244
245		export_sec_context_res
246		GSSD_EXPORT_SEC_CONTEXT(export_sec_context_args) = 4;
247
248		import_name_res
249		GSSD_IMPORT_NAME(import_name_args) = 5;
250
251		canonicalize_name_res
252		GSSD_CANONICALIZE_NAME(canonicalize_name_args) = 6;
253
254		export_name_res
255		GSSD_EXPORT_NAME(export_name_args) = 7;
256
257		release_name_res
258		GSSD_RELEASE_NAME(release_name_args) = 8;
259
260		pname_to_uid_res
261		GSSD_PNAME_TO_UID(pname_to_uid_args) = 9;
262
263		acquire_cred_res
264		GSSD_ACQUIRE_CRED(acquire_cred_args) = 10;
265
266		set_cred_option_res
267		GSSD_SET_CRED_OPTION(set_cred_option_args) = 11;
268
269		release_cred_res
270		GSSD_RELEASE_CRED(release_cred_args) = 12;
271
272		display_status_res
273		GSSD_DISPLAY_STATUS(display_status_args) = 13;
274
275		ip_to_dns_res
276		GSSD_IP_TO_DNS(ip_to_dns_args) = 14;
277	} = 1;
278} = 0x40677373;
279