2 * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 #ifndef GSSAPI_GSSAPI_H_
37 #define GSSAPI_GSSAPI_H_
40 * First, include stddef.h to get size_t defined.
44 #include <krb5-types.h>
46 #ifndef BUILD_GSSAPI_LIB
48 #define GSSAPI_LIB_FUNCTION __declspec(dllimport)
49 #define GSSAPI_LIB_CALL __stdcall
50 #define GSSAPI_LIB_VARIABLE __declspec(dllimport)
52 #define GSSAPI_LIB_FUNCTION
53 #define GSSAPI_LIB_CALL
54 #define GSSAPI_LIB_VARIABLE
58 #ifndef GSSAPI_DEPRECATED
59 #if defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 )))
60 #define GSSAPI_DEPRECATED __attribute__((deprecated))
61 #elif defined(_MSC_VER)
62 #define GSSAPI_DEPRECATED __declspec(deprecated)
64 #define GSSAPI_DEPRECATED
69 #define GSSAPI_CPP_START extern "C" {
70 #define GSSAPI_CPP_END }
72 #define GSSAPI_CPP_START
73 #define GSSAPI_CPP_END
77 #define GSSAPI_CALLCONV __stdcall
79 #define GSSAPI_CALLCONV
83 * Now define the three implementation-dependent types.
86 typedef uint32_t OM_uint32;
87 typedef uint64_t OM_uint64;
89 typedef uint32_t gss_uint32;
91 struct gss_name_t_desc_struct;
92 typedef struct gss_name_t_desc_struct *gss_name_t;
93 typedef const struct gss_name_t_desc_struct *gss_const_name_t;
95 struct gss_ctx_id_t_desc_struct;
96 typedef struct gss_ctx_id_t_desc_struct *gss_ctx_id_t;
97 typedef const struct gss_ctx_id_t_desc_struct gss_const_ctx_id_t;
99 typedef struct gss_OID_desc_struct {
102 } gss_OID_desc, *gss_OID;
103 typedef const gss_OID_desc * gss_const_OID;
105 typedef struct gss_OID_set_desc_struct {
108 } gss_OID_set_desc, *gss_OID_set;
109 typedef const gss_OID_set_desc * gss_const_OID_set;
111 typedef int gss_cred_usage_t;
113 struct gss_cred_id_t_desc_struct;
114 typedef struct gss_cred_id_t_desc_struct *gss_cred_id_t;
115 typedef const struct gss_cred_id_t_desc_struct *gss_const_cred_id_t;
117 typedef struct gss_buffer_desc_struct {
120 } gss_buffer_desc, *gss_buffer_t;
121 typedef const gss_buffer_desc * gss_const_buffer_t;
123 typedef struct gss_channel_bindings_struct {
124 OM_uint32 initiator_addrtype;
125 gss_buffer_desc initiator_address;
126 OM_uint32 acceptor_addrtype;
127 gss_buffer_desc acceptor_address;
128 gss_buffer_desc application_data;
129 } *gss_channel_bindings_t;
130 typedef const struct gss_channel_bindings_struct *gss_const_channel_bindings_t;
132 /* GGF extension data types */
133 typedef struct gss_buffer_set_desc_struct {
135 gss_buffer_desc *elements;
136 } gss_buffer_set_desc, *gss_buffer_set_t;
138 typedef struct gss_iov_buffer_desc_struct {
140 gss_buffer_desc buffer;
141 } gss_iov_buffer_desc, *gss_iov_buffer_t;
144 * For now, define a QOP-type as an OM_uint32
146 typedef OM_uint32 gss_qop_t;
151 * Flag bits for context-level services.
153 #define GSS_C_DELEG_FLAG 1
154 #define GSS_C_MUTUAL_FLAG 2
155 #define GSS_C_REPLAY_FLAG 4
156 #define GSS_C_SEQUENCE_FLAG 8
157 #define GSS_C_CONF_FLAG 16
158 #define GSS_C_INTEG_FLAG 32
159 #define GSS_C_ANON_FLAG 64
160 #define GSS_C_PROT_READY_FLAG 128
161 #define GSS_C_TRANS_FLAG 256
163 #define GSS_C_DCE_STYLE 4096
164 #define GSS_C_IDENTIFY_FLAG 8192
165 #define GSS_C_EXTENDED_ERROR_FLAG 16384
166 #define GSS_C_DELEG_POLICY_FLAG 32768
169 * Credential usage options
172 #define GSS_C_INITIATE 1
173 #define GSS_C_ACCEPT 2
176 * Status code types for gss_display_status
178 #define GSS_C_GSS_CODE 1
179 #define GSS_C_MECH_CODE 2
182 * The constant definitions for channel-bindings address families
184 #define GSS_C_AF_UNSPEC 0
185 #define GSS_C_AF_LOCAL 1
186 #define GSS_C_AF_INET 2
187 #define GSS_C_AF_IMPLINK 3
188 #define GSS_C_AF_PUP 4
189 #define GSS_C_AF_CHAOS 5
190 #define GSS_C_AF_NS 6
191 #define GSS_C_AF_NBS 7
192 #define GSS_C_AF_ECMA 8
193 #define GSS_C_AF_DATAKIT 9
194 #define GSS_C_AF_CCITT 10
195 #define GSS_C_AF_SNA 11
196 #define GSS_C_AF_DECnet 12
197 #define GSS_C_AF_DLI 13
198 #define GSS_C_AF_LAT 14
199 #define GSS_C_AF_HYLINK 15
200 #define GSS_C_AF_APPLETALK 16
201 #define GSS_C_AF_BSC 17
202 #define GSS_C_AF_DSS 18
203 #define GSS_C_AF_OSI 19
204 #define GSS_C_AF_X25 21
205 #define GSS_C_AF_INET6 24
207 #define GSS_C_AF_NULLADDR 255
210 * Various Null values
212 #define GSS_C_NO_NAME ((gss_name_t) 0)
213 #define GSS_C_NO_BUFFER ((gss_buffer_t) 0)
214 #define GSS_C_NO_BUFFER_SET ((gss_buffer_set_t) 0)
215 #define GSS_C_NO_OID ((gss_OID) 0)
216 #define GSS_C_NO_OID_SET ((gss_OID_set) 0)
217 #define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0)
218 #define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0)
219 #define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0)
220 #define GSS_C_EMPTY_BUFFER {0, NULL}
221 #define GSS_C_NO_IOV_BUFFER ((gss_iov_buffer_t)0)
224 * Some alternate names for a couple of the above
225 * values. These are defined for V1 compatibility.
227 #define GSS_C_NULL_OID GSS_C_NO_OID
228 #define GSS_C_NULL_OID_SET GSS_C_NO_OID_SET
231 * Define the default Quality of Protection for per-message
232 * services. Note that an implementation that offers multiple
233 * levels of QOP may define GSS_C_QOP_DEFAULT to be either zero
234 * (as done here) to mean "default protection", or to a specific
235 * explicit QOP value. However, a value of 0 should always be
236 * interpreted by a GSSAPI implementation as a request for the
237 * default protection level.
239 #define GSS_C_QOP_DEFAULT 0
241 #define GSS_KRB5_CONF_C_QOP_DES 0x0100
242 #define GSS_KRB5_CONF_C_QOP_DES3_KD 0x0200
245 * Expiration time of 2^32-1 seconds means infinite lifetime for a
246 * credential or security context
248 #define GSS_C_INDEFINITE 0xfffffffful
251 * Type of gss_wrap_iov()/gss_unwrap_iov().
254 #define GSS_IOV_BUFFER_TYPE_EMPTY 0
255 #define GSS_IOV_BUFFER_TYPE_DATA 1
256 #define GSS_IOV_BUFFER_TYPE_HEADER 2
257 #define GSS_IOV_BUFFER_TYPE_MECH_PARAMS 3
259 #define GSS_IOV_BUFFER_TYPE_TRAILER 7
260 #define GSS_IOV_BUFFER_TYPE_PADDING 9
261 #define GSS_IOV_BUFFER_TYPE_STREAM 10
262 #define GSS_IOV_BUFFER_TYPE_SIGN_ONLY 11
264 #define GSS_IOV_BUFFER_TYPE_FLAG_MASK 0xffff0000
265 #define GSS_IOV_BUFFER_TYPE_FLAG_ALLOCATE 0x00010000
266 #define GSS_IOV_BUFFER_TYPE_FLAG_ALLOCATED 0x00020000
268 #define GSS_IOV_BUFFER_TYPE(_t) ((_t) & ~GSS_IOV_BUFFER_TYPE_FLAG_MASK)
269 #define GSS_IOV_BUFFER_FLAGS(_t) ((_t) & GSS_IOV_BUFFER_TYPE_FLAG_MASK)
273 #include <gssapi/gssapi_oid.h>
276 * The implementation must reserve static storage for a
277 * gss_OID_desc object containing the value
278 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
279 * "\x01\x02\x01\x01"},
280 * corresponding to an object-identifier value of
281 * {iso(1) member-body(2) United States(840) mit(113554)
282 * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant
283 * GSS_C_NT_USER_NAME should be initialized to point
284 * to that gss_OID_desc.
286 extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_nt_user_name_oid_desc;
287 #define GSS_C_NT_USER_NAME (&__gss_c_nt_user_name_oid_desc)
290 * The implementation must reserve static storage for a
291 * gss_OID_desc object containing the value
292 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
293 * "\x01\x02\x01\x02"},
294 * corresponding to an object-identifier value of
295 * {iso(1) member-body(2) United States(840) mit(113554)
296 * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}.
297 * The constant GSS_C_NT_MACHINE_UID_NAME should be
298 * initialized to point to that gss_OID_desc.
300 extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_nt_machine_uid_name_oid_desc;
301 #define GSS_C_NT_MACHINE_UID_NAME (&__gss_c_nt_machine_uid_name_oid_desc)
304 * The implementation must reserve static storage for a
305 * gss_OID_desc object containing the value
306 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
307 * "\x01\x02\x01\x03"},
308 * corresponding to an object-identifier value of
309 * {iso(1) member-body(2) United States(840) mit(113554)
310 * infosys(1) gssapi(2) generic(1) string_uid_name(3)}.
311 * The constant GSS_C_NT_STRING_UID_NAME should be
312 * initialized to point to that gss_OID_desc.
314 extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_nt_string_uid_name_oid_desc;
315 #define GSS_C_NT_STRING_UID_NAME (&__gss_c_nt_string_uid_name_oid_desc)
318 * The implementation must reserve static storage for a
319 * gss_OID_desc object containing the value
320 * {6, (void *)"\x2b\x06\x01\x05\x06\x02"},
321 * corresponding to an object-identifier value of
322 * {iso(1) org(3) dod(6) internet(1) security(5)
323 * nametypes(6) gss-host-based-services(2)). The constant
324 * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point
325 * to that gss_OID_desc. This is a deprecated OID value, and
326 * implementations wishing to support hostbased-service names
327 * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID,
328 * defined below, to identify such names;
329 * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym
330 * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input
331 * parameter, but should not be emitted by GSS-API
334 extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_nt_hostbased_service_x_oid_desc;
335 #define GSS_C_NT_HOSTBASED_SERVICE_X (&__gss_c_nt_hostbased_service_x_oid_desc)
338 * The implementation must reserve static storage for a
339 * gss_OID_desc object containing the value
340 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
341 * "\x01\x02\x01\x04"}, corresponding to an
342 * object-identifier value of {iso(1) member-body(2)
343 * Unites States(840) mit(113554) infosys(1) gssapi(2)
344 * generic(1) service_name(4)}. The constant
345 * GSS_C_NT_HOSTBASED_SERVICE should be initialized
346 * to point to that gss_OID_desc.
348 extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_nt_hostbased_service_oid_desc;
349 #define GSS_C_NT_HOSTBASED_SERVICE (&__gss_c_nt_hostbased_service_oid_desc)
352 * The implementation must reserve static storage for a
353 * gss_OID_desc object containing the value
354 * {6, (void *)"\x2b\x06\01\x05\x06\x03"},
355 * corresponding to an object identifier value of
356 * {1(iso), 3(org), 6(dod), 1(internet), 5(security),
357 * 6(nametypes), 3(gss-anonymous-name)}. The constant
358 * and GSS_C_NT_ANONYMOUS should be initialized to point
359 * to that gss_OID_desc.
361 extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_nt_anonymous_oid_desc;
362 #define GSS_C_NT_ANONYMOUS (&__gss_c_nt_anonymous_oid_desc)
365 * The implementation must reserve static storage for a
366 * gss_OID_desc object containing the value
367 * {6, (void *)"\x2b\x06\x01\x05\x06\x04"},
368 * corresponding to an object-identifier value of
369 * {1(iso), 3(org), 6(dod), 1(internet), 5(security),
370 * 6(nametypes), 4(gss-api-exported-name)}. The constant
371 * GSS_C_NT_EXPORT_NAME should be initialized to point
372 * to that gss_OID_desc.
374 extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_nt_export_name_oid_desc;
375 #define GSS_C_NT_EXPORT_NAME (&__gss_c_nt_export_name_oid_desc)
377 /* Major status codes */
379 #define GSS_S_COMPLETE 0
382 * Some "helper" definitions to make the status code macros obvious.
384 #define GSS_C_CALLING_ERROR_OFFSET 24
385 #define GSS_C_ROUTINE_ERROR_OFFSET 16
386 #define GSS_C_SUPPLEMENTARY_OFFSET 0
387 #define GSS_C_CALLING_ERROR_MASK 0377ul
388 #define GSS_C_ROUTINE_ERROR_MASK 0377ul
389 #define GSS_C_SUPPLEMENTARY_MASK 0177777ul
392 * The macros that test status codes for error conditions.
393 * Note that the GSS_ERROR() macro has changed slightly from
394 * the V1 GSSAPI so that it now evaluates its argument
397 #define GSS_CALLING_ERROR(x) \
398 (x & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET))
399 #define GSS_ROUTINE_ERROR(x) \
400 (x & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))
401 #define GSS_SUPPLEMENTARY_INFO(x) \
402 (x & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET))
403 #define GSS_ERROR(x) \
404 (x & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) | \
405 (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)))
408 * Now the actual status code definitions
414 #define GSS_S_CALL_INACCESSIBLE_READ \
415 (1ul << GSS_C_CALLING_ERROR_OFFSET)
416 #define GSS_S_CALL_INACCESSIBLE_WRITE \
417 (2ul << GSS_C_CALLING_ERROR_OFFSET)
418 #define GSS_S_CALL_BAD_STRUCTURE \
419 (3ul << GSS_C_CALLING_ERROR_OFFSET)
424 #define GSS_S_BAD_MECH (1ul << GSS_C_ROUTINE_ERROR_OFFSET)
425 #define GSS_S_BAD_NAME (2ul << GSS_C_ROUTINE_ERROR_OFFSET)
426 #define GSS_S_BAD_NAMETYPE (3ul << GSS_C_ROUTINE_ERROR_OFFSET)
428 #define GSS_S_BAD_BINDINGS (4ul << GSS_C_ROUTINE_ERROR_OFFSET)
429 #define GSS_S_BAD_STATUS (5ul << GSS_C_ROUTINE_ERROR_OFFSET)
430 #define GSS_S_BAD_SIG (6ul << GSS_C_ROUTINE_ERROR_OFFSET)
431 #define GSS_S_BAD_MIC GSS_S_BAD_SIG
432 #define GSS_S_NO_CRED (7ul << GSS_C_ROUTINE_ERROR_OFFSET)
433 #define GSS_S_NO_CONTEXT (8ul << GSS_C_ROUTINE_ERROR_OFFSET)
434 #define GSS_S_DEFECTIVE_TOKEN (9ul << GSS_C_ROUTINE_ERROR_OFFSET)
435 #define GSS_S_DEFECTIVE_CREDENTIAL (10ul << GSS_C_ROUTINE_ERROR_OFFSET)
436 #define GSS_S_CREDENTIALS_EXPIRED (11ul << GSS_C_ROUTINE_ERROR_OFFSET)
437 #define GSS_S_CONTEXT_EXPIRED (12ul << GSS_C_ROUTINE_ERROR_OFFSET)
438 #define GSS_S_FAILURE (13ul << GSS_C_ROUTINE_ERROR_OFFSET)
439 #define GSS_S_BAD_QOP (14ul << GSS_C_ROUTINE_ERROR_OFFSET)
440 #define GSS_S_UNAUTHORIZED (15ul << GSS_C_ROUTINE_ERROR_OFFSET)
441 #define GSS_S_UNAVAILABLE (16ul << GSS_C_ROUTINE_ERROR_OFFSET)
442 #define GSS_S_DUPLICATE_ELEMENT (17ul << GSS_C_ROUTINE_ERROR_OFFSET)
443 #define GSS_S_NAME_NOT_MN (18ul << GSS_C_ROUTINE_ERROR_OFFSET)
444 #define GSS_S_BAD_MECH_ATTR (19ul << GSS_C_ROUTINE_ERROR_OFFSET)
447 * Supplementary info bits:
449 #define GSS_S_CONTINUE_NEEDED (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 0))
450 #define GSS_S_DUPLICATE_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 1))
451 #define GSS_S_OLD_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 2))
452 #define GSS_S_UNSEQ_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 3))
453 #define GSS_S_GAP_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 4))
456 * Finally, function prototypes for the GSS-API routines.
459 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_acquire_cred
460 (OM_uint32 * /*minor_status*/,
461 const gss_name_t /*desired_name*/,
462 OM_uint32 /*time_req*/,
463 const gss_OID_set /*desired_mechs*/,
464 gss_cred_usage_t /*cred_usage*/,
465 gss_cred_id_t * /*output_cred_handle*/,
466 gss_OID_set * /*actual_mechs*/,
467 OM_uint32 * /*time_rec*/
470 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_cred
471 (OM_uint32 * /*minor_status*/,
472 gss_cred_id_t * /*cred_handle*/
475 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_init_sec_context
476 (OM_uint32 * /*minor_status*/,
477 const gss_cred_id_t /*initiator_cred_handle*/,
478 gss_ctx_id_t * /*context_handle*/,
479 const gss_name_t /*target_name*/,
480 const gss_OID /*mech_type*/,
481 OM_uint32 /*req_flags*/,
482 OM_uint32 /*time_req*/,
483 const gss_channel_bindings_t /*input_chan_bindings*/,
484 const gss_buffer_t /*input_token*/,
485 gss_OID * /*actual_mech_type*/,
486 gss_buffer_t /*output_token*/,
487 OM_uint32 * /*ret_flags*/,
488 OM_uint32 * /*time_rec*/
491 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_accept_sec_context
492 (OM_uint32 * /*minor_status*/,
493 gss_ctx_id_t * /*context_handle*/,
494 const gss_cred_id_t /*acceptor_cred_handle*/,
495 const gss_buffer_t /*input_token_buffer*/,
496 const gss_channel_bindings_t /*input_chan_bindings*/,
497 gss_name_t * /*src_name*/,
498 gss_OID * /*mech_type*/,
499 gss_buffer_t /*output_token*/,
500 OM_uint32 * /*ret_flags*/,
501 OM_uint32 * /*time_rec*/,
502 gss_cred_id_t * /*delegated_cred_handle*/
505 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_process_context_token
506 (OM_uint32 * /*minor_status*/,
507 const gss_ctx_id_t /*context_handle*/,
508 const gss_buffer_t /*token_buffer*/
511 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_delete_sec_context
512 (OM_uint32 * /*minor_status*/,
513 gss_ctx_id_t * /*context_handle*/,
514 gss_buffer_t /*output_token*/
517 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_context_time
518 (OM_uint32 * /*minor_status*/,
519 const gss_ctx_id_t /*context_handle*/,
520 OM_uint32 * /*time_rec*/
523 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_get_mic
524 (OM_uint32 * /*minor_status*/,
525 const gss_ctx_id_t /*context_handle*/,
526 gss_qop_t /*qop_req*/,
527 const gss_buffer_t /*message_buffer*/,
528 gss_buffer_t /*message_token*/
531 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_verify_mic
532 (OM_uint32 * /*minor_status*/,
533 const gss_ctx_id_t /*context_handle*/,
534 const gss_buffer_t /*message_buffer*/,
535 const gss_buffer_t /*token_buffer*/,
536 gss_qop_t * /*qop_state*/
539 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_wrap
540 (OM_uint32 * /*minor_status*/,
541 const gss_ctx_id_t /*context_handle*/,
542 int /*conf_req_flag*/,
543 gss_qop_t /*qop_req*/,
544 const gss_buffer_t /*input_message_buffer*/,
545 int * /*conf_state*/,
546 gss_buffer_t /*output_message_buffer*/
549 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_unwrap
550 (OM_uint32 * /*minor_status*/,
551 const gss_ctx_id_t /*context_handle*/,
552 const gss_buffer_t /*input_message_buffer*/,
553 gss_buffer_t /*output_message_buffer*/,
554 int * /*conf_state*/,
555 gss_qop_t * /*qop_state*/
558 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_display_status
559 (OM_uint32 * /*minor_status*/,
560 OM_uint32 /*status_value*/,
562 const gss_OID /*mech_type*/,
563 OM_uint32 * /*message_context*/,
564 gss_buffer_t /*status_string*/
567 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_indicate_mechs
568 (OM_uint32 * /*minor_status*/,
569 gss_OID_set * /*mech_set*/
572 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_compare_name
573 (OM_uint32 * /*minor_status*/,
574 const gss_name_t /*name1*/,
575 const gss_name_t /*name2*/,
579 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_display_name
580 (OM_uint32 * /*minor_status*/,
581 const gss_name_t /*input_name*/,
582 gss_buffer_t /*output_name_buffer*/,
583 gss_OID * /*output_name_type*/
586 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_import_name
587 (OM_uint32 * /*minor_status*/,
588 const gss_buffer_t /*input_name_buffer*/,
589 const gss_OID /*input_name_type*/,
590 gss_name_t * /*output_name*/
593 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_export_name
594 (OM_uint32 * /*minor_status*/,
595 const gss_name_t /*input_name*/,
596 gss_buffer_t /*exported_name*/
599 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_name
600 (OM_uint32 * /*minor_status*/,
601 gss_name_t * /*input_name*/
604 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_buffer
605 (OM_uint32 * /*minor_status*/,
606 gss_buffer_t /*buffer*/
609 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_oid_set
610 (OM_uint32 * /*minor_status*/,
611 gss_OID_set * /*set*/
614 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_cred
615 (OM_uint32 * /*minor_status*/,
616 const gss_cred_id_t /*cred_handle*/,
617 gss_name_t * /*name*/,
618 OM_uint32 * /*lifetime*/,
619 gss_cred_usage_t * /*cred_usage*/,
620 gss_OID_set * /*mechanisms*/
623 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_context (
624 OM_uint32 * /*minor_status*/,
625 const gss_ctx_id_t /*context_handle*/,
626 gss_name_t * /*src_name*/,
627 gss_name_t * /*targ_name*/,
628 OM_uint32 * /*lifetime_rec*/,
629 gss_OID * /*mech_type*/,
630 OM_uint32 * /*ctx_flags*/,
631 int * /*locally_initiated*/,
632 int * /*open_context*/
635 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_wrap_size_limit (
636 OM_uint32 * /*minor_status*/,
637 const gss_ctx_id_t /*context_handle*/,
638 int /*conf_req_flag*/,
639 gss_qop_t /*qop_req*/,
640 OM_uint32 /*req_output_size*/,
641 OM_uint32 * /*max_input_size*/
644 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_add_cred (
645 OM_uint32 * /*minor_status*/,
646 const gss_cred_id_t /*input_cred_handle*/,
647 const gss_name_t /*desired_name*/,
648 const gss_OID /*desired_mech*/,
649 gss_cred_usage_t /*cred_usage*/,
650 OM_uint32 /*initiator_time_req*/,
651 OM_uint32 /*acceptor_time_req*/,
652 gss_cred_id_t * /*output_cred_handle*/,
653 gss_OID_set * /*actual_mechs*/,
654 OM_uint32 * /*initiator_time_rec*/,
655 OM_uint32 * /*acceptor_time_rec*/
658 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_cred_by_mech (
659 OM_uint32 * /*minor_status*/,
660 const gss_cred_id_t /*cred_handle*/,
661 const gss_OID /*mech_type*/,
662 gss_name_t * /*name*/,
663 OM_uint32 * /*initiator_lifetime*/,
664 OM_uint32 * /*acceptor_lifetime*/,
665 gss_cred_usage_t * /*cred_usage*/
668 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_export_sec_context (
669 OM_uint32 * /*minor_status*/,
670 gss_ctx_id_t * /*context_handle*/,
671 gss_buffer_t /*interprocess_token*/
674 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_import_sec_context (
675 OM_uint32 * /*minor_status*/,
676 const gss_buffer_t /*interprocess_token*/,
677 gss_ctx_id_t * /*context_handle*/
680 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_create_empty_oid_set (
681 OM_uint32 * /*minor_status*/,
682 gss_OID_set * /*oid_set*/
685 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_add_oid_set_member (
686 OM_uint32 * /*minor_status*/,
687 const gss_OID /*member_oid*/,
688 gss_OID_set * /*oid_set*/
691 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_test_oid_set_member (
692 OM_uint32 * /*minor_status*/,
693 const gss_OID /*member*/,
694 const gss_OID_set /*set*/,
698 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_names_for_mech (
699 OM_uint32 * /*minor_status*/,
700 const gss_OID /*mechanism*/,
701 gss_OID_set * /*name_types*/
704 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_mechs_for_name (
705 OM_uint32 * /*minor_status*/,
706 const gss_name_t /*input_name*/,
707 gss_OID_set * /*mech_types*/
710 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_canonicalize_name (
711 OM_uint32 * /*minor_status*/,
712 const gss_name_t /*input_name*/,
713 const gss_OID /*mech_type*/,
714 gss_name_t * /*output_name*/
717 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_duplicate_name (
718 OM_uint32 * /*minor_status*/,
719 const gss_name_t /*src_name*/,
720 gss_name_t * /*dest_name*/
723 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_duplicate_oid (
724 OM_uint32 * /* minor_status */,
725 gss_OID /* src_oid */,
726 gss_OID * /* dest_oid */
729 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
731 (OM_uint32 * /*minor_status*/,
735 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
737 OM_uint32 * /*minor_status*/,
739 gss_buffer_t /* str */
742 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
743 gss_inquire_sec_context_by_oid(
744 OM_uint32 * minor_status,
745 const gss_ctx_id_t context_handle,
746 const gss_OID desired_object,
747 gss_buffer_set_t *data_set
750 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
751 gss_set_sec_context_option (OM_uint32 *minor_status,
752 gss_ctx_id_t *context_handle,
753 const gss_OID desired_object,
754 const gss_buffer_t value);
756 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
757 gss_set_cred_option (OM_uint32 *minor_status,
758 gss_cred_id_t *cred_handle,
759 const gss_OID object,
760 const gss_buffer_t value);
762 GSSAPI_LIB_FUNCTION int GSSAPI_LIB_CALL
763 gss_oid_equal(gss_const_OID a, gss_const_OID b);
765 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
766 gss_create_empty_buffer_set
767 (OM_uint32 * minor_status,
768 gss_buffer_set_t *buffer_set);
770 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
771 gss_add_buffer_set_member
772 (OM_uint32 * minor_status,
773 const gss_buffer_t member_buffer,
774 gss_buffer_set_t *buffer_set);
776 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
777 gss_release_buffer_set
778 (OM_uint32 * minor_status,
779 gss_buffer_set_t *buffer_set);
781 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
782 gss_inquire_cred_by_oid(OM_uint32 *minor_status,
783 const gss_cred_id_t cred_handle,
784 const gss_OID desired_object,
785 gss_buffer_set_t *data_set);
791 #define GSS_C_PRF_KEY_FULL 0
792 #define GSS_C_PRF_KEY_PARTIAL 1
794 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
796 (OM_uint32 *minor_status,
797 gss_ctx_id_t context,
799 const gss_buffer_t prf_in,
800 ssize_t desired_output_len,
804 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
805 gss_store_cred(OM_uint32 * /* minor_status */,
806 gss_cred_id_t /* input_cred_handle */,
807 gss_cred_usage_t /* cred_usage */,
808 const gss_OID /* desired_mech */,
809 OM_uint32 /* overwrite_cred */,
810 OM_uint32 /* default_cred */,
811 gss_OID_set * /* elements_stored */,
812 gss_cred_usage_t * /* cred_usage_stored */);
820 size_t header; /**< size of header */
821 size_t trailer; /**< size of trailer */
822 size_t max_msg_size; /**< maximum message size */
823 size_t buffers; /**< extra GSS_IOV_BUFFER_TYPE_EMPTY buffer to pass */
824 size_t blocksize; /**< Specificed optimal size of messages, also
825 is the maximum padding size
826 (GSS_IOV_BUFFER_TYPE_PADDING) */
827 } gss_context_stream_sizes;
829 extern gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_attr_stream_sizes_oid_desc;
830 #define GSS_C_ATTR_STREAM_SIZES (&__gss_c_attr_stream_sizes_oid_desc)
833 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
834 gss_context_query_attributes(OM_uint32 * /* minor_status */,
835 const gss_ctx_id_t /* context_handle */,
836 const gss_OID /* attribute */,
840 * The following routines are obsolete variants of gss_get_mic,
841 * gss_verify_mic, gss_wrap and gss_unwrap. They should be
842 * provided by GSSAPI V2 implementations for backwards
843 * compatibility with V1 applications. Distinct entrypoints
844 * (as opposed to #defines) should be provided, both to allow
845 * GSSAPI V1 applications to link against GSSAPI V2 implementations,
846 * and to retain the slight parameter type differences between the
847 * obsolete versions of these routines and their current forms.
850 GSSAPI_DEPRECATED GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_sign
851 (OM_uint32 * /*minor_status*/,
852 gss_ctx_id_t /*context_handle*/,
854 gss_buffer_t /*message_buffer*/,
855 gss_buffer_t /*message_token*/
858 GSSAPI_DEPRECATED GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_verify
859 (OM_uint32 * /*minor_status*/,
860 gss_ctx_id_t /*context_handle*/,
861 gss_buffer_t /*message_buffer*/,
862 gss_buffer_t /*token_buffer*/,
866 GSSAPI_DEPRECATED GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_seal
867 (OM_uint32 * /*minor_status*/,
868 gss_ctx_id_t /*context_handle*/,
869 int /*conf_req_flag*/,
871 gss_buffer_t /*input_message_buffer*/,
872 int * /*conf_state*/,
873 gss_buffer_t /*output_message_buffer*/
876 GSSAPI_DEPRECATED GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_unseal
877 (OM_uint32 * /*minor_status*/,
878 gss_ctx_id_t /*context_handle*/,
879 gss_buffer_t /*input_message_buffer*/,
880 gss_buffer_t /*output_message_buffer*/,
881 int * /*conf_state*/,
889 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
890 gss_encapsulate_token(const gss_buffer_t /* input_token */,
891 const gss_OID /* oid */,
892 gss_buffer_t /* output_token */);
894 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
895 gss_decapsulate_token(const gss_buffer_t /* input_token */,
896 const gss_OID /* oid */,
897 gss_buffer_t /* output_token */);
909 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
910 gss_wrap_iov(OM_uint32 *, gss_ctx_id_t, int, gss_qop_t, int *,
911 gss_iov_buffer_desc *, int);
914 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
915 gss_unwrap_iov(OM_uint32 *, gss_ctx_id_t, int *, gss_qop_t *,
916 gss_iov_buffer_desc *, int);
918 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
919 gss_wrap_iov_length(OM_uint32 *, gss_ctx_id_t, int, gss_qop_t, int *,
920 gss_iov_buffer_desc *, int);
922 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
923 gss_release_iov_buffer(OM_uint32 *, gss_iov_buffer_desc *, int);
926 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
927 gss_export_cred(OM_uint32 * /* minor_status */,
928 gss_cred_id_t /* cred_handle */,
929 gss_buffer_t /* cred_token */);
931 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
932 gss_import_cred(OM_uint32 * /* minor_status */,
933 gss_buffer_t /* cred_token */,
934 gss_cred_id_t * /* cred_handle */);
940 GSSAPI_LIB_FUNCTION int GSSAPI_LIB_CALL
941 gss_mo_set(gss_const_OID mech, gss_const_OID option,
942 int enable, gss_buffer_t value);
944 GSSAPI_LIB_FUNCTION int GSSAPI_LIB_CALL
945 gss_mo_get(gss_const_OID mech, gss_const_OID option, gss_buffer_t value);
947 GSSAPI_LIB_FUNCTION void GSSAPI_LIB_CALL
948 gss_mo_list(gss_const_OID mech, gss_OID_set *options);
950 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
951 gss_mo_name(gss_const_OID mech, gss_const_OID options, gss_buffer_t name);
954 * SASL glue functions and mech inquire
957 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
958 gss_inquire_saslname_for_mech(OM_uint32 *minor_status,
959 const gss_OID desired_mech,
960 gss_buffer_t sasl_mech_name,
961 gss_buffer_t mech_name,
962 gss_buffer_t mech_description);
964 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
965 gss_inquire_mech_for_saslname(OM_uint32 *minor_status,
966 const gss_buffer_t sasl_mech_name,
969 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
970 gss_indicate_mechs_by_attrs(OM_uint32 * minor_status,
971 gss_const_OID_set desired_mech_attrs,
972 gss_const_OID_set except_mech_attrs,
973 gss_const_OID_set critical_mech_attrs,
976 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
977 gss_inquire_attrs_for_mech(OM_uint32 * minor_status,
979 gss_OID_set *mech_attr,
980 gss_OID_set *known_mech_attrs);
982 GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
983 gss_display_mech_attr(OM_uint32 * minor_status,
984 gss_const_OID mech_attr,
986 gss_buffer_t short_desc,
987 gss_buffer_t long_desc);
994 GSSAPI_LIB_FUNCTION const char * GSSAPI_LIB_CALL
995 gss_oid_to_name(gss_const_OID oid);
997 GSSAPI_LIB_FUNCTION gss_OID GSSAPI_LIB_CALL
998 gss_name_to_oid(const char *name);
1002 #endif /* GSSAPI_GSSAPI_H_ */
git.samba.org / metze / samba / wip.git / blob