oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
Files
f8b51d6727da168a5bccd987440f10e8339a6160
heimdal/lib/gssapi/spnego/spnego_locl.h
Love Hörnquist Åstrand 3db3b74783 reimplement gss_spnego_inquire_names_for_mech 
add support function _gss_spnego_supported_mechs


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17810 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-07-06 19:31:24 +00:00

465 lines
15 KiB
C
Raw Blame History

/*
* Copyright (c) 2004, PADL Software Pty Ltd.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of PADL Software nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/* $Id$ */
#ifndef SPNEGO_LOCL_H
#define SPNEGO_LOCL_H
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#ifdef HAVE_PTHREAD_H
#include <pthread.h>
#endif
#include <gssapi_spnego.h>
#include <gssapi.h>
#include <assert.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <ctype.h>
#include <heim_threads.h>
#include "spnego_asn1.h"
#include <der.h>
#include <asn1_err.h>
#include <gssapi_mech.h>
#define ALLOC(X, N) (X) = calloc((N), sizeof(*(X)))
typedef struct {
gss_cred_id_t negotiated_cred_id;
} *gssspnego_cred;
typedef struct {
MechTypeList initiator_mech_types;
gss_OID preferred_mech_type;
gss_OID negotiated_mech_type;
gss_ctx_id_t negotiated_ctx_id;
OM_uint32 mech_flags;
OM_uint32 mech_time_rec;
gss_name_t mech_src_name;
gss_cred_id_t delegated_cred_id;
int open : 1;
int local : 1;
int require_mic : 1;
int verified_mic : 1;
HEIMDAL_MUTEX ctx_id_mutex;
} *gssspnego_ctx;
OM_uint32
_gss_spnego_encode_response(OM_uint32 *, const NegTokenResp *,
gss_buffer_t, u_char **);
OM_uint32
_gss_spnego_indicate_mechtypelist (OM_uint32 *, int,
const gssspnego_cred cred_handle,
MechTypeList *,
gss_OID *preferred_mech);
OM_uint32 _gss_spnego_alloc_sec_context (OM_uint32 *,
gss_ctx_id_t *);
/*
* NB: caller must acquire ctx_id_mutex before
* calling _gss_spnego_delete_sec_context()
*/
OM_uint32 _gss_spnego_delete_sec_context (OM_uint32 *, gss_ctx_id_t *, gss_buffer_t);
OM_uint32 _gss_spnego_require_mechlist_mic(OM_uint32 *, gssspnego_ctx, int *);
OM_uint32 gss_spnego_internal_release_oid(OM_uint32 *minor_status, gss_OID *OID);
int _gss_spnego_add_mech_type(gss_OID, int, MechTypeList *);
OM_uint32 _gss_spnego_select_mech(OM_uint32 *, MechType *, gss_OID *);
OM_uint32 _gss_spnego_alloc_cred(OM_uint32 *, gss_cred_id_t, gss_cred_id_t *);
OM_uint32 _gss_spnego_release_cred(OM_uint32 *, gss_cred_id_t *);
OM_uint32 _gss_spnego_supported_mechs(OM_uint32 *, gss_OID_set *);
/*
* Finally, function prototypes for the GSS-API routines.
*/
OM_uint32 gss_spnego_acquire_cred
(OM_uint32 * /*minor_status*/,
const gss_name_t /*desired_name*/,
OM_uint32 /*time_req*/,
const gss_OID_set /*desired_mechs*/,
gss_cred_usage_t /*cred_usage*/,
gss_cred_id_t * /*output_cred_handle*/,
gss_OID_set * /*actual_mechs*/,
OM_uint32 * /*time_rec*/
);
OM_uint32 gss_spnego_release_cred
(OM_uint32 * /*minor_status*/,
gss_cred_id_t * /*cred_handle*/
);
OM_uint32 gss_spnego_init_sec_context
(OM_uint32 * /*minor_status*/,
const gss_cred_id_t /*initiator_cred_handle*/,
gss_ctx_id_t * /*context_handle*/,
const gss_name_t /*target_name*/,
const gss_OID /*mech_type*/,
OM_uint32 /*req_flags*/,
OM_uint32 /*time_req*/,
const gss_channel_bindings_t /*input_chan_bindings*/,
const gss_buffer_t /*input_token*/,
gss_OID * /*actual_mech_type*/,
gss_buffer_t /*output_token*/,
OM_uint32 * /*ret_flags*/,
OM_uint32 * /*time_rec*/
);
OM_uint32 gss_spnego_accept_sec_context
(OM_uint32 * /*minor_status*/,
gss_ctx_id_t * /*context_handle*/,
const gss_cred_id_t /*acceptor_cred_handle*/,
const gss_buffer_t /*input_token_buffer*/,
const gss_channel_bindings_t /*input_chan_bindings*/,
gss_name_t * /*src_name*/,
gss_OID * /*mech_type*/,
gss_buffer_t /*output_token*/,
OM_uint32 * /*ret_flags*/,
OM_uint32 * /*time_rec*/,
gss_cred_id_t * /*delegated_cred_handle*/
);
OM_uint32 gss_spnego_process_context_token
(OM_uint32 * /*minor_status*/,
const gss_ctx_id_t /*context_handle*/,
const gss_buffer_t /*token_buffer*/
);
OM_uint32 gss_spnego_delete_sec_context
(OM_uint32 * /*minor_status*/,
gss_ctx_id_t * /*context_handle*/,
gss_buffer_t /*output_token*/
);
OM_uint32 gss_spnego_context_time
(OM_uint32 * /*minor_status*/,
const gss_ctx_id_t /*context_handle*/,
OM_uint32 * /*time_rec*/
);
OM_uint32 gss_spnego_get_mic
(OM_uint32 * /*minor_status*/,
const gss_ctx_id_t /*context_handle*/,
gss_qop_t /*qop_req*/,
const gss_buffer_t /*message_buffer*/,
gss_buffer_t /*message_token*/
);
OM_uint32 gss_spnego_verify_mic
(OM_uint32 * /*minor_status*/,
const gss_ctx_id_t /*context_handle*/,
const gss_buffer_t /*message_buffer*/,
const gss_buffer_t /*token_buffer*/,
gss_qop_t * /*qop_state*/
);
OM_uint32 gss_spnego_wrap
(OM_uint32 * /*minor_status*/,
const gss_ctx_id_t /*context_handle*/,
int /*conf_req_flag*/,
gss_qop_t /*qop_req*/,
const gss_buffer_t /*input_message_buffer*/,
int * /*conf_state*/,
gss_buffer_t /*output_message_buffer*/
);
OM_uint32 gss_spnego_unwrap
(OM_uint32 * /*minor_status*/,
const gss_ctx_id_t /*context_handle*/,
const gss_buffer_t /*input_message_buffer*/,
gss_buffer_t /*output_message_buffer*/,
int * /*conf_state*/,
gss_qop_t * /*qop_state*/
);
OM_uint32 gss_spnego_display_status
(OM_uint32 * /*minor_status*/,
OM_uint32 /*status_value*/,
int /*status_type*/,
const gss_OID /*mech_type*/,
OM_uint32 * /*message_context*/,
gss_buffer_t /*status_string*/
);
OM_uint32 gss_spnego_inquire_names_for_mech (
OM_uint32 * minor_status,
const gss_OID mechanism,
gss_OID_set * name_types
);
OM_uint32 gss_spnego_compare_name
(OM_uint32 * /*minor_status*/,
const gss_name_t /*name1*/,
const gss_name_t /*name2*/,
int * /*name_equal*/
);
OM_uint32 gss_spnego_display_name
(OM_uint32 * /*minor_status*/,
const gss_name_t /*input_name*/,
gss_buffer_t /*output_name_buffer*/,
gss_OID * /*output_name_type*/
);
OM_uint32 gss_spnego_import_name
(OM_uint32 * /*minor_status*/,
const gss_buffer_t /*input_name_buffer*/,
const gss_OID /*input_name_type*/,
gss_name_t * /*output_name*/
);
OM_uint32 gss_spnego_export_name
(OM_uint32 * /*minor_status*/,
const gss_name_t /*input_name*/,
gss_buffer_t /*exported_name*/
);
OM_uint32 gss_spnego_release_name
(OM_uint32 * /*minor_status*/,
gss_name_t * /*input_name*/
);
OM_uint32 gss_spnego_release_buffer
(OM_uint32 * /*minor_status*/,
gss_buffer_t /*buffer*/
);
OM_uint32 gss_spnego_release_oid_set
(OM_uint32 * /*minor_status*/,
gss_OID_set * /*set*/
);
OM_uint32 gss_spnego_inquire_cred
(OM_uint32 * /*minor_status*/,
const gss_cred_id_t /*cred_handle*/,
gss_name_t * /*name*/,
OM_uint32 * /*lifetime*/,
gss_cred_usage_t * /*cred_usage*/,
gss_OID_set * /*mechanisms*/
);
OM_uint32 gss_spnego_inquire_context (
OM_uint32 * /*minor_status*/,
const gss_ctx_id_t /*context_handle*/,
gss_name_t * /*src_name*/,
gss_name_t * /*targ_name*/,
OM_uint32 * /*lifetime_rec*/,
gss_OID * /*mech_type*/,
OM_uint32 * /*ctx_flags*/,
int * /*locally_initiated*/,
int * /*open_context*/
);
OM_uint32 gss_spnego_wrap_size_limit (
OM_uint32 * /*minor_status*/,
const gss_ctx_id_t /*context_handle*/,
int /*conf_req_flag*/,
gss_qop_t /*qop_req*/,
OM_uint32 /*req_output_size*/,
OM_uint32 * /*max_input_size*/
);
OM_uint32 gss_spnego_add_cred (
OM_uint32 * /*minor_status*/,
const gss_cred_id_t /*input_cred_handle*/,
const gss_name_t /*desired_name*/,
const gss_OID /*desired_mech*/,
gss_cred_usage_t /*cred_usage*/,
OM_uint32 /*initiator_time_req*/,
OM_uint32 /*acceptor_time_req*/,
gss_cred_id_t * /*output_cred_handle*/,
gss_OID_set * /*actual_mechs*/,
OM_uint32 * /*initiator_time_rec*/,
OM_uint32 * /*acceptor_time_rec*/
);
OM_uint32 gss_spnego_inquire_cred_by_mech (
OM_uint32 * /*minor_status*/,
const gss_cred_id_t /*cred_handle*/,
const gss_OID /*mech_type*/,
gss_name_t * /*name*/,
OM_uint32 * /*initiator_lifetime*/,
OM_uint32 * /*acceptor_lifetime*/,
gss_cred_usage_t * /*cred_usage*/
);
OM_uint32 gss_spnego_export_sec_context (
OM_uint32 * /*minor_status*/,
gss_ctx_id_t * /*context_handle*/,
gss_buffer_t /*interprocess_token*/
);
OM_uint32 gss_spnego_import_sec_context (
OM_uint32 * /*minor_status*/,
const gss_buffer_t /*interprocess_token*/,
gss_ctx_id_t * /*context_handle*/
);
OM_uint32 gss_spnego_create_empty_oid_set (
OM_uint32 * /*minor_status*/,
gss_OID_set * /*oid_set*/
);
OM_uint32 gss_spnego_add_oid_set_member (
OM_uint32 * /*minor_status*/,
const gss_OID /*member_oid*/,
gss_OID_set * /*oid_set*/
);
OM_uint32 gss_spnego_test_oid_set_member (
OM_uint32 * /*minor_status*/,
const gss_OID /*member*/,
const gss_OID_set /*set*/,
int * /*present*/
);
OM_uint32 gss_spnego_inquire_mechs_for_name (
OM_uint32 * /*minor_status*/,
const gss_name_t /*input_name*/,
gss_OID_set * /*mech_types*/
);
OM_uint32 gss_spnego_duplicate_name (
OM_uint32 * /*minor_status*/,
const gss_name_t /*src_name*/,
gss_name_t * /*dest_name*/
);
OM_uint32 gss_spnego_canonicalize_name (
OM_uint32 * minor_status,
const gss_name_t src_name,
const gss_OID mech_type,
gss_name_t * dest_name
);
/*
* The following routines are obsolete variants of gss_get_mic,
* gss_verify_mic, gss_wrap and gss_unwrap. They should be
* provided by GSSAPI V2 implementations for backwards
* compatibility with V1 applications. Distinct entrypoints
* (as opposed to #defines) should be provided, both to allow
* GSSAPI V1 applications to link against GSSAPI V2 implementations,
* and to retain the slight parameter type differences between the
* obsolete versions of these routines and their current forms.
*/
OM_uint32 gss_spnego_sign
(OM_uint32 * /*minor_status*/,
gss_ctx_id_t /*context_handle*/,
int /*qop_req*/,
gss_buffer_t /*message_buffer*/,
gss_buffer_t /*message_token*/
);
OM_uint32 gss_spnego_verify
(OM_uint32 * /*minor_status*/,
gss_ctx_id_t /*context_handle*/,
gss_buffer_t /*message_buffer*/,
gss_buffer_t /*token_buffer*/,
int * /*qop_state*/
);
OM_uint32 gss_spnego_seal
(OM_uint32 * /*minor_status*/,
gss_ctx_id_t /*context_handle*/,
int /*conf_req_flag*/,
int /*qop_req*/,
gss_buffer_t /*input_message_buffer*/,
int * /*conf_state*/,
gss_buffer_t /*output_message_buffer*/
);
OM_uint32 gss_spnego_unseal
(OM_uint32 * /*minor_status*/,
gss_ctx_id_t /*context_handle*/,
gss_buffer_t /*input_message_buffer*/,
gss_buffer_t /*output_message_buffer*/,
int * /*conf_state*/,
int * /*qop_state*/
);
#if 0
OM_uint32 gss_spnego_unwrap_ex
(OM_uint32 * /*minor_status*/,
const gss_ctx_id_t /*context_handle*/,
const gss_buffer_t /*token_header_buffer*/,
const gss_buffer_t /*associated_data_buffer*/,
const gss_buffer_t /*input_message_buffer*/,
gss_buffer_t /*output_message_buffer*/,
int * /*conf_state*/,
gss_qop_t * /*qop_state*/);
OM_uint32 gss_spnego_wrap_ex
(OM_uint32 * /*minor_status*/,
const gss_ctx_id_t /*context_handle*/,
int /*conf_req_flag*/,
gss_qop_t /*qop_req*/,
const gss_buffer_t /*associated_data_buffer*/,
const gss_buffer_t /*input_message_buffer*/,
int * /*conf_state*/,
gss_buffer_t /*output_token_buffer*/,
gss_buffer_t /*output_message_buffer*/
);
OM_uint32 gss_spnego_complete_auth_token
(OM_uint32 * /*minor_status*/,
const gss_ctx_id_t /*context_handle*/,
gss_buffer_t /*input_message_buffer*/);
#endif
OM_uint32 gss_spnego_inquire_sec_context_by_oid
(OM_uint32 * /*minor_status*/,
const gss_ctx_id_t /*context_handle*/,
const gss_OID /*desired_object*/,
gss_buffer_set_t */*data_set*/);
OM_uint32 gss_spnego_inquire_cred_by_oid
(OM_uint32 * /*minor_status*/,
const gss_cred_id_t /*cred_handle*/,
const gss_OID /*desired_object*/,
gss_buffer_set_t */*data_set*/);
OM_uint32 gss_spnego_set_sec_context_option
(OM_uint32 * /*minor_status*/,
gss_ctx_id_t * /*cred_handle*/,
const gss_OID /*desired_object*/,
const gss_buffer_t /*value*/);
#endif /* SPNEGO_LOCL_H */
Reference in New Issue View Git Blame Copy Permalink