1 0 stevel /* 2 0 stevel * CDDL HEADER START 3 0 stevel * 4 0 stevel * The contents of this file are subject to the terms of the 5 10598 Glenn * Common Development and Distribution License (the "License"). 6 10598 Glenn * You may not use this file except in compliance with the License. 7 0 stevel * 8 0 stevel * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 0 stevel * or http://www.opensolaris.org/os/licensing. 10 0 stevel * See the License for the specific language governing permissions 11 0 stevel * and limitations under the License. 12 0 stevel * 13 0 stevel * When distributing Covered Code, include this CDDL HEADER in each 14 0 stevel * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 0 stevel * If applicable, add the following below this CDDL HEADER, with the 16 0 stevel * fields enclosed by brackets "[]" replaced with your own identifying 17 0 stevel * information: Portions Copyright [yyyy] [name of copyright owner] 18 0 stevel * 19 0 stevel * CDDL HEADER END 20 0 stevel */ 21 0 stevel /* 22 10598 Glenn * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 0 stevel * Use is subject to license terms. 24 0 stevel * 25 0 stevel * Private extensions and utilities to the GSS-API. 26 0 stevel * These are not part of the GSS-API specification 27 0 stevel * but may be useful to GSS-API users. 28 0 stevel */ 29 0 stevel 30 0 stevel #ifndef _GSSAPI_EXT_H 31 0 stevel #define _GSSAPI_EXT_H 32 0 stevel 33 0 stevel #include <gssapi/gssapi.h> 34 0 stevel #ifdef _KERNEL 35 0 stevel #include <sys/systm.h> 36 0 stevel #else 37 0 stevel #include <strings.h> 38 0 stevel #endif 39 0 stevel 40 0 stevel 41 0 stevel #ifdef __cplusplus 42 0 stevel extern "C" { 43 0 stevel #endif 44 0 stevel 45 0 stevel /* MACRO for comparison of gss_OID's */ 46 0 stevel #define g_OID_equal(o1, o2) \ 47 0 stevel (((o1)->length == (o2)->length) && \ 48 0 stevel (memcmp((o1)->elements, (o2)->elements, (int)(o1)->length) == 0)) 49 0 stevel 50 0 stevel 51 0 stevel /* 52 0 stevel * MACRO for copying of OIDs - memory must already be allocated 53 0 stevel * o2 is copied to o1 54 0 stevel */ 55 0 stevel #define g_OID_copy(o1, o2) \ 56 0 stevel bcopy((o2)->elements, (o1)->elements, (o2)->length);\ 57 0 stevel (o1)->length = (o2)->length; 58 0 stevel 59 0 stevel 60 0 stevel /* MACRO to check if input buffer is valid */ 61 0 stevel #define GSS_EMPTY_BUFFER(buf) ((buf) == NULL ||\ 62 0 stevel (buf)->value == NULL || (buf)->length == 0) 63 0 stevel 64 0 stevel 65 0 stevel /* 66 0 stevel * GSSAPI Extension functions -- these functions aren't 67 0 stevel * in the GSSAPI specification, but are provided in our 68 0 stevel * GSS library. 69 0 stevel */ 70 0 stevel 71 0 stevel #ifndef _KERNEL 72 0 stevel 73 0 stevel /* 74 0 stevel * qop configuration file handling. 75 0 stevel */ 76 0 stevel #define MAX_QOP_NUM_PAIRS 128 77 0 stevel #define MAX_QOPS_PER_MECH 128 78 0 stevel 79 0 stevel typedef struct _qop_num { 80 0 stevel char *qop; 81 0 stevel OM_uint32 num; 82 0 stevel char *mech; 83 0 stevel } qop_num; 84 0 stevel 85 0 stevel OM_uint32 86 0 stevel __gss_qop_to_num( 87 0 stevel char *qop, /* input qop string */ 88 0 stevel char *mech, /* input mech string */ 89 0 stevel OM_uint32 *num /* output qop num */ 90 0 stevel ); 91 0 stevel 92 0 stevel OM_uint32 93 0 stevel __gss_num_to_qop( 94 0 stevel char *mech, /* input mech string */ 95 0 stevel OM_uint32 num, /* input qop num */ 96 0 stevel char **qop /* output qop name */ 97 0 stevel ); 98 0 stevel 99 0 stevel OM_uint32 100 0 stevel __gss_get_mech_info( 101 0 stevel char *mech, /* input mech string */ 102 0 stevel char **qops /* buffer for return qops */ 103 0 stevel ); 104 0 stevel 105 0 stevel OM_uint32 106 0 stevel __gss_mech_qops( 107 0 stevel char *mech, /* input mech */ 108 0 stevel qop_num *mech_qops, /* mech qops buffer */ 109 0 stevel int *numqops /* buffer to return numqops */ 110 0 stevel ); 111 0 stevel 112 0 stevel OM_uint32 113 0 stevel __gss_mech_to_oid( 114 0 stevel const char *mech, /* mechanism string name */ 115 0 stevel gss_OID *oid /* mechanism oid */ 116 0 stevel ); 117 0 stevel 118 0 stevel const char * 119 0 stevel __gss_oid_to_mech( 120 0 stevel const gss_OID oid /* mechanism oid */ 121 0 stevel ); 122 0 stevel 123 0 stevel OM_uint32 124 0 stevel __gss_get_mechanisms( 125 0 stevel char *mechArray[], /* array to populate with mechs */ 126 0 stevel int arrayLen /* length of passed in array */ 127 0 stevel ); 128 0 stevel 129 0 stevel OM_uint32 130 0 stevel __gss_get_mech_type( 131 0 stevel gss_OID oid, /* mechanism oid */ 132 0 stevel const gss_buffer_t token /* token */ 133 0 stevel ); 134 0 stevel 135 0 stevel OM_uint32 136 0 stevel __gss_userok( 137 0 stevel OM_uint32 *, /* minor status */ 138 0 stevel const gss_name_t, /* remote user principal name */ 139 0 stevel const char *, /* local unix user name */ 140 0 stevel int *); /* remote principal ok to login w/out pw? */ 141 0 stevel 142 0 stevel OM_uint32 143 0 stevel gsscred_expname_to_unix_cred( 144 0 stevel const gss_buffer_t, /* export name */ 145 0 stevel uid_t *, /* uid out */ 146 0 stevel gid_t *, /* gid out */ 147 0 stevel gid_t *[], /* gid array out */ 148 0 stevel int *); /* gid array length */ 149 0 stevel 150 0 stevel OM_uint32 151 0 stevel gsscred_name_to_unix_cred( 152 0 stevel const gss_name_t, /* gss name */ 153 0 stevel const gss_OID, /* mechanim type */ 154 0 stevel uid_t *, /* uid out */ 155 0 stevel gid_t *, /* gid out */ 156 0 stevel gid_t *[], /* gid array out */ 157 0 stevel int *); /* gid array length */ 158 0 stevel 159 0 stevel 160 0 stevel /* 161 0 stevel * The following function will be used to resolve group 162 0 stevel * ids from a UNIX uid. 163 0 stevel */ 164 0 stevel OM_uint32 165 0 stevel gss_get_group_info( 166 0 stevel const uid_t, /* entity UNIX uid */ 167 0 stevel gid_t *, /* gid out */ 168 0 stevel gid_t *[], /* gid array */ 169 0 stevel int *); /* length of the gid array */ 170 0 stevel 171 0 stevel 172 0 stevel 173 0 stevel OM_uint32 174 0 stevel gss_acquire_cred_with_password( 175 0 stevel OM_uint32 * minor_status, 176 0 stevel const gss_name_t desired_name, 177 0 stevel const gss_buffer_t password, 178 0 stevel OM_uint32 time_req, 179 0 stevel const gss_OID_set desired_mechs, 180 0 stevel int cred_usage, 181 0 stevel gss_cred_id_t *output_cred_handle, 182 0 stevel gss_OID_set * actual_mechs, 183 0 stevel OM_uint32 * time_rec); 184 0 stevel 185 0 stevel OM_uint32 186 0 stevel gss_add_cred_with_password( 187 0 stevel OM_uint32 *minor_status, 188 0 stevel const gss_cred_id_t input_cred_handle, 189 0 stevel const gss_name_t desired_name, 190 0 stevel const gss_OID desired_mech, 191 0 stevel const gss_buffer_t password, 192 0 stevel gss_cred_usage_t cred_usage, 193 0 stevel OM_uint32 initiator_time_req, 194 0 stevel OM_uint32 acceptor_time_req, 195 0 stevel gss_cred_id_t *output_cred_handle, 196 0 stevel gss_OID_set *actual_mechs, 197 0 stevel OM_uint32 *initiator_time_rec, 198 0 stevel OM_uint32 *acceptor_time_rec); 199 0 stevel 200 10598 Glenn /* 201 10598 Glenn * Returns a buffer set with the first member containing the 202 10598 Glenn * session key for SSPI compatibility. The optional second 203 10598 Glenn * member contains an OID identifying the session key type. 204 10598 Glenn */ 205 10598 Glenn extern const gss_OID GSS_C_INQ_SSPI_SESSION_KEY; 206 10598 Glenn 207 0 stevel #else /* _KERNEL */ 208 0 stevel 209 0 stevel OM_uint32 210 0 stevel kgsscred_expname_to_unix_cred( 211 0 stevel const gss_buffer_t expName, 212 0 stevel uid_t *uidOut, 213 0 stevel gid_t *gidOut, 214 0 stevel gid_t *gids[], 215 0 stevel int *gidsLen, 216 0 stevel uid_t uid); 217 0 stevel 218 0 stevel OM_uint32 219 0 stevel kgsscred_name_to_unix_cred( 220 0 stevel const gss_name_t intName, 221 0 stevel const gss_OID mechType, 222 0 stevel uid_t *uidOut, 223 0 stevel gid_t *gidOut, 224 0 stevel gid_t *gids[], 225 0 stevel int *gidsLen, 226 0 stevel uid_t uid); 227 0 stevel 228 0 stevel OM_uint32 229 0 stevel kgss_get_group_info( 230 0 stevel const uid_t puid, 231 0 stevel gid_t *gidOut, 232 0 stevel gid_t *gids[], 233 0 stevel int *gidsLen, 234 0 stevel uid_t uid); 235 0 stevel #endif 236 0 stevel 237 10598 Glenn /* 238 10598 Glenn * GGF extensions 239 10598 Glenn */ 240 10598 Glenn typedef struct gss_buffer_set_desc_struct { 241 10598 Glenn size_t count; 242 10598 Glenn gss_buffer_desc *elements; 243 10598 Glenn } gss_buffer_set_desc, *gss_buffer_set_t; 244 10598 Glenn 245 10598 Glenn #define GSS_C_NO_BUFFER_SET ((gss_buffer_set_t)0) 246 10598 Glenn 247 10598 Glenn OM_uint32 gss_create_empty_buffer_set 248 10598 Glenn (OM_uint32 *, /* minor_status */ 249 10598 Glenn gss_buffer_set_t *); /* buffer_set */ 250 10598 Glenn 251 10598 Glenn OM_uint32 gss_add_buffer_set_member 252 10598 Glenn (OM_uint32 *, /* minor_status */ 253 10598 Glenn const gss_buffer_t, /* member_buffer */ 254 10598 Glenn gss_buffer_set_t *); /* buffer_set */ 255 10598 Glenn 256 10598 Glenn OM_uint32 gss_release_buffer_set 257 10598 Glenn (OM_uint32 *, /* minor_status */ 258 10598 Glenn gss_buffer_set_t *); /* buffer_set */ 259 10598 Glenn 260 10598 Glenn OM_uint32 gss_inquire_sec_context_by_oid 261 10598 Glenn (OM_uint32 *, /* minor_status */ 262 10598 Glenn const gss_ctx_id_t, /* context_handle */ 263 10598 Glenn const gss_OID, /* desired_object */ 264 10598 Glenn gss_buffer_set_t *); /* data_set */ 265 0 stevel 266 0 stevel #ifdef __cplusplus 267 0 stevel } 268 0 stevel #endif 269 0 stevel 270 0 stevel #endif /* _GSSAPI_EXT_H */ 271
Indexes created Wed Nov 25 14:57:20 UTC 2009
Terms of Use |
Privacy |
Trademarks |
Copyright Policy |
Site Guidelines |
Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
Copyright © 1995-2008 Sun Microsystems, Inc.