2 * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 /* $Id: gssapi.h,v 1.26.2.2 2003/05/07 11:12:21 lha Exp $ */
40 * First, include stddef.h to get size_t defined.
44 #include <krb5-types.h>
47 * Now define the three implementation-dependent types.
50 typedef u_int32_t OM_uint32;
52 typedef u_int32_t gss_uint32;
55 * This is to avoid having to include <krb5.h>
58 struct krb5_auth_context_data;
62 /* typedef void *gss_name_t; */
64 typedef struct Principal *gss_name_t;
66 typedef struct gss_ctx_id_t_desc_struct {
67 struct krb5_auth_context_data *auth_context;
68 gss_name_t source, target;
70 enum { LOCAL = 1, OPEN = 2,
71 COMPAT_OLD_DES3 = 4, COMPAT_OLD_DES3_SELECTED = 8 } more_flags;
72 struct krb5_ticket *ticket;
76 typedef gss_ctx_id_t_desc *gss_ctx_id_t;
78 typedef struct gss_OID_desc_struct {
81 } gss_OID_desc, *gss_OID;
83 typedef struct gss_OID_set_desc_struct {
86 } gss_OID_set_desc, *gss_OID_set;
88 struct krb5_keytab_data;
90 struct krb5_ccache_data;
92 typedef int gss_cred_usage_t;
94 typedef struct gss_cred_id_t_desc_struct {
96 struct krb5_keytab_data *keytab;
98 gss_cred_usage_t usage;
99 gss_OID_set mechanisms;
100 struct krb5_ccache_data *ccache;
101 } gss_cred_id_t_desc;
103 typedef gss_cred_id_t_desc *gss_cred_id_t;
105 typedef struct gss_buffer_desc_struct {
108 } gss_buffer_desc, *gss_buffer_t;
110 typedef struct gss_channel_bindings_struct {
111 OM_uint32 initiator_addrtype;
112 gss_buffer_desc initiator_address;
113 OM_uint32 acceptor_addrtype;
114 gss_buffer_desc acceptor_address;
115 gss_buffer_desc application_data;
116 } *gss_channel_bindings_t;
119 * For now, define a QOP-type as an OM_uint32
121 typedef OM_uint32 gss_qop_t;
124 * Flag bits for context-level services.
126 #define GSS_C_DELEG_FLAG 1
127 #define GSS_C_MUTUAL_FLAG 2
128 #define GSS_C_REPLAY_FLAG 4
129 #define GSS_C_SEQUENCE_FLAG 8
130 #define GSS_C_CONF_FLAG 16
131 #define GSS_C_INTEG_FLAG 32
132 #define GSS_C_ANON_FLAG 64
133 #define GSS_C_PROT_READY_FLAG 128
134 #define GSS_C_TRANS_FLAG 256
137 * Credential usage options
140 #define GSS_C_INITIATE 1
141 #define GSS_C_ACCEPT 2
144 * Status code types for gss_display_status
146 #define GSS_C_GSS_CODE 1
147 #define GSS_C_MECH_CODE 2
150 * The constant definitions for channel-bindings address families
152 #define GSS_C_AF_UNSPEC 0
153 #define GSS_C_AF_LOCAL 1
154 #define GSS_C_AF_INET 2
155 #define GSS_C_AF_IMPLINK 3
156 #define GSS_C_AF_PUP 4
157 #define GSS_C_AF_CHAOS 5
158 #define GSS_C_AF_NS 6
159 #define GSS_C_AF_NBS 7
160 #define GSS_C_AF_ECMA 8
161 #define GSS_C_AF_DATAKIT 9
162 #define GSS_C_AF_CCITT 10
163 #define GSS_C_AF_SNA 11
164 #define GSS_C_AF_DECnet 12
165 #define GSS_C_AF_DLI 13
166 #define GSS_C_AF_LAT 14
167 #define GSS_C_AF_HYLINK 15
168 #define GSS_C_AF_APPLETALK 16
169 #define GSS_C_AF_BSC 17
170 #define GSS_C_AF_DSS 18
171 #define GSS_C_AF_OSI 19
172 #define GSS_C_AF_X25 21
173 #define GSS_C_AF_INET6 24
175 #define GSS_C_AF_NULLADDR 255
178 * Various Null values
180 #define GSS_C_NO_NAME ((gss_name_t) 0)
181 #define GSS_C_NO_BUFFER ((gss_buffer_t) 0)
182 #define GSS_C_NO_OID ((gss_OID) 0)
183 #define GSS_C_NO_OID_SET ((gss_OID_set) 0)
184 #define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0)
185 #define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0)
186 #define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0)
187 #define GSS_C_EMPTY_BUFFER {0, NULL}
190 * Some alternate names for a couple of the above
191 * values. These are defined for V1 compatibility.
193 #define GSS_C_NULL_OID GSS_C_NO_OID
194 #define GSS_C_NULL_OID_SET GSS_C_NO_OID_SET
197 * Define the default Quality of Protection for per-message
198 * services. Note that an implementation that offers multiple
199 * levels of QOP may define GSS_C_QOP_DEFAULT to be either zero
200 * (as done here) to mean "default protection", or to a specific
201 * explicit QOP value. However, a value of 0 should always be
202 * interpreted by a GSSAPI implementation as a request for the
203 * default protection level.
205 #define GSS_C_QOP_DEFAULT 0
207 #define GSS_KRB5_CONF_C_QOP_DES 0x0100
208 #define GSS_KRB5_CONF_C_QOP_DES3_KD 0x0200
211 * Expiration time of 2^32-1 seconds means infinite lifetime for a
212 * credential or security context
214 #define GSS_C_INDEFINITE 0xfffffffful
221 * The implementation must reserve static storage for a
222 * gss_OID_desc object containing the value
223 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
224 * "\x01\x02\x01\x01"},
225 * corresponding to an object-identifier value of
226 * {iso(1) member-body(2) United States(840) mit(113554)
227 * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant
228 * GSS_C_NT_USER_NAME should be initialized to point
229 * to that gss_OID_desc.
231 extern gss_OID GSS_C_NT_USER_NAME;
234 * The implementation must reserve static storage for a
235 * gss_OID_desc object containing the value
236 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
237 * "\x01\x02\x01\x02"},
238 * corresponding to an object-identifier value of
239 * {iso(1) member-body(2) United States(840) mit(113554)
240 * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}.
241 * The constant GSS_C_NT_MACHINE_UID_NAME should be
242 * initialized to point to that gss_OID_desc.
244 extern gss_OID GSS_C_NT_MACHINE_UID_NAME;
247 * The implementation must reserve static storage for a
248 * gss_OID_desc object containing the value
249 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
250 * "\x01\x02\x01\x03"},
251 * corresponding to an object-identifier value of
252 * {iso(1) member-body(2) United States(840) mit(113554)
253 * infosys(1) gssapi(2) generic(1) string_uid_name(3)}.
254 * The constant GSS_C_NT_STRING_UID_NAME should be
255 * initialized to point to that gss_OID_desc.
257 extern gss_OID GSS_C_NT_STRING_UID_NAME;
260 * The implementation must reserve static storage for a
261 * gss_OID_desc object containing the value
262 * {6, (void *)"\x2b\x06\x01\x05\x06\x02"},
263 * corresponding to an object-identifier value of
264 * {iso(1) org(3) dod(6) internet(1) security(5)
265 * nametypes(6) gss-host-based-services(2)). The constant
266 * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point
267 * to that gss_OID_desc. This is a deprecated OID value, and
268 * implementations wishing to support hostbased-service names
269 * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID,
270 * defined below, to identify such names;
271 * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym
272 * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input
273 * parameter, but should not be emitted by GSS-API
276 extern gss_OID GSS_C_NT_HOSTBASED_SERVICE_X;
279 * The implementation must reserve static storage for a
280 * gss_OID_desc object containing the value
281 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
282 * "\x01\x02\x01\x04"}, corresponding to an
283 * object-identifier value of {iso(1) member-body(2)
284 * Unites States(840) mit(113554) infosys(1) gssapi(2)
285 * generic(1) service_name(4)}. The constant
286 * GSS_C_NT_HOSTBASED_SERVICE should be initialized
287 * to point to that gss_OID_desc.
289 extern gss_OID GSS_C_NT_HOSTBASED_SERVICE;
292 * The implementation must reserve static storage for a
293 * gss_OID_desc object containing the value
294 * {6, (void *)"\x2b\x06\01\x05\x06\x03"},
295 * corresponding to an object identifier value of
296 * {1(iso), 3(org), 6(dod), 1(internet), 5(security),
297 * 6(nametypes), 3(gss-anonymous-name)}. The constant
298 * and GSS_C_NT_ANONYMOUS should be initialized to point
299 * to that gss_OID_desc.
301 extern gss_OID GSS_C_NT_ANONYMOUS;
304 * The implementation must reserve static storage for a
305 * gss_OID_desc object containing the value
306 * {6, (void *)"\x2b\x06\x01\x05\x06\x04"},
307 * corresponding to an object-identifier value of
308 * {1(iso), 3(org), 6(dod), 1(internet), 5(security),
309 * 6(nametypes), 4(gss-api-exported-name)}. The constant
310 * GSS_C_NT_EXPORT_NAME should be initialized to point
311 * to that gss_OID_desc.
313 extern gss_OID GSS_C_NT_EXPORT_NAME;
316 * This if for kerberos5 names.
319 extern gss_OID GSS_KRB5_NT_PRINCIPAL_NAME;
320 extern gss_OID GSS_KRB5_NT_USER_NAME;
321 extern gss_OID GSS_KRB5_NT_MACHINE_UID_NAME;
322 extern gss_OID GSS_KRB5_NT_STRING_UID_NAME;
324 extern gss_OID GSS_KRB5_MECHANISM;
326 /* for compatibility with MIT api */
328 #define gss_mech_krb5 GSS_KRB5_MECHANISM
330 /* Major status codes */
332 #define GSS_S_COMPLETE 0
335 * Some "helper" definitions to make the status code macros obvious.
337 #define GSS_C_CALLING_ERROR_OFFSET 24
338 #define GSS_C_ROUTINE_ERROR_OFFSET 16
339 #define GSS_C_SUPPLEMENTARY_OFFSET 0
340 #define GSS_C_CALLING_ERROR_MASK 0377ul
341 #define GSS_C_ROUTINE_ERROR_MASK 0377ul
342 #define GSS_C_SUPPLEMENTARY_MASK 0177777ul
345 * The macros that test status codes for error conditions.
346 * Note that the GSS_ERROR() macro has changed slightly from
347 * the V1 GSSAPI so that it now evaluates its argument
350 #define GSS_CALLING_ERROR(x) \
351 (x & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET))
352 #define GSS_ROUTINE_ERROR(x) \
353 (x & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))
354 #define GSS_SUPPLEMENTARY_INFO(x) \
355 (x & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET))
356 #define GSS_ERROR(x) \
357 (x & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) | \
358 (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)))
361 * Now the actual status code definitions
367 #define GSS_S_CALL_INACCESSIBLE_READ \
368 (1ul << GSS_C_CALLING_ERROR_OFFSET)
369 #define GSS_S_CALL_INACCESSIBLE_WRITE \
370 (2ul << GSS_C_CALLING_ERROR_OFFSET)
371 #define GSS_S_CALL_BAD_STRUCTURE \
372 (3ul << GSS_C_CALLING_ERROR_OFFSET)
377 #define GSS_S_BAD_MECH (1ul << GSS_C_ROUTINE_ERROR_OFFSET)
378 #define GSS_S_BAD_NAME (2ul << GSS_C_ROUTINE_ERROR_OFFSET)
379 #define GSS_S_BAD_NAMETYPE (3ul << GSS_C_ROUTINE_ERROR_OFFSET)
381 #define GSS_S_BAD_BINDINGS (4ul << GSS_C_ROUTINE_ERROR_OFFSET)
382 #define GSS_S_BAD_STATUS (5ul << GSS_C_ROUTINE_ERROR_OFFSET)
383 #define GSS_S_BAD_SIG (6ul << GSS_C_ROUTINE_ERROR_OFFSET)
384 #define GSS_S_BAD_MIC GSS_S_BAD_SIG
385 #define GSS_S_NO_CRED (7ul << GSS_C_ROUTINE_ERROR_OFFSET)
386 #define GSS_S_NO_CONTEXT (8ul << GSS_C_ROUTINE_ERROR_OFFSET)
387 #define GSS_S_DEFECTIVE_TOKEN (9ul << GSS_C_ROUTINE_ERROR_OFFSET)
388 #define GSS_S_DEFECTIVE_CREDENTIAL (10ul << GSS_C_ROUTINE_ERROR_OFFSET)
389 #define GSS_S_CREDENTIALS_EXPIRED (11ul << GSS_C_ROUTINE_ERROR_OFFSET)
390 #define GSS_S_CONTEXT_EXPIRED (12ul << GSS_C_ROUTINE_ERROR_OFFSET)
391 #define GSS_S_FAILURE (13ul << GSS_C_ROUTINE_ERROR_OFFSET)
392 #define GSS_S_BAD_QOP (14ul << GSS_C_ROUTINE_ERROR_OFFSET)
393 #define GSS_S_UNAUTHORIZED (15ul << GSS_C_ROUTINE_ERROR_OFFSET)
394 #define GSS_S_UNAVAILABLE (16ul << GSS_C_ROUTINE_ERROR_OFFSET)
395 #define GSS_S_DUPLICATE_ELEMENT (17ul << GSS_C_ROUTINE_ERROR_OFFSET)
396 #define GSS_S_NAME_NOT_MN (18ul << GSS_C_ROUTINE_ERROR_OFFSET)
399 * Supplementary info bits:
401 #define GSS_S_CONTINUE_NEEDED (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 0))
402 #define GSS_S_DUPLICATE_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 1))
403 #define GSS_S_OLD_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 2))
404 #define GSS_S_UNSEQ_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 3))
405 #define GSS_S_GAP_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 4))
410 * 4.1.1. Non-Kerberos-specific codes
413 #define GSS_KRB5_S_G_BAD_SERVICE_NAME 1
414 /* "No @ in SERVICE-NAME name string" */
415 #define GSS_KRB5_S_G_BAD_STRING_UID 2
416 /* "STRING-UID-NAME contains nondigits" */
417 #define GSS_KRB5_S_G_NOUSER 3
418 /* "UID does not resolve to username" */
419 #define GSS_KRB5_S_G_VALIDATE_FAILED 4
420 /* "Validation error" */
421 #define GSS_KRB5_S_G_BUFFER_ALLOC 5
422 /* "Couldn't allocate gss_buffer_t data" */
423 #define GSS_KRB5_S_G_BAD_MSG_CTX 6
424 /* "Message context invalid" */
425 #define GSS_KRB5_S_G_WRONG_SIZE 7
426 /* "Buffer is the wrong size" */
427 #define GSS_KRB5_S_G_BAD_USAGE 8
428 /* "Credential usage type is unknown" */
429 #define GSS_KRB5_S_G_UNKNOWN_QOP 9
430 /* "Unknown quality of protection specified" */
433 * 4.1.2. Kerberos-specific-codes
436 #define GSS_KRB5_S_KG_CCACHE_NOMATCH 10
437 /* "Principal in credential cache does not match desired name" */
438 #define GSS_KRB5_S_KG_KEYTAB_NOMATCH 11
439 /* "No principal in keytab matches desired name" */
440 #define GSS_KRB5_S_KG_TGT_MISSING 12
441 /* "Credential cache has no TGT" */
442 #define GSS_KRB5_S_KG_NO_SUBKEY 13
443 /* "Authenticator has no subkey" */
444 #define GSS_KRB5_S_KG_CONTEXT_ESTABLISHED 14
445 /* "Context is already fully established" */
446 #define GSS_KRB5_S_KG_BAD_SIGN_TYPE 15
447 /* "Unknown signature type in token" */
448 #define GSS_KRB5_S_KG_BAD_LENGTH 16
449 /* "Invalid field length in token" */
450 #define GSS_KRB5_S_KG_CTX_INCOMPLETE 17
451 /* "Attempt to use incomplete security context" */
454 * Finally, function prototypes for the GSS-API routines.
457 OM_uint32 gss_acquire_cred
458 (OM_uint32 * /*minor_status*/,
459 const gss_name_t /*desired_name*/,
460 OM_uint32 /*time_req*/,
461 const gss_OID_set /*desired_mechs*/,
462 gss_cred_usage_t /*cred_usage*/,
463 gss_cred_id_t * /*output_cred_handle*/,
464 gss_OID_set * /*actual_mechs*/,
465 OM_uint32 * /*time_rec*/
468 OM_uint32 gss_release_cred
469 (OM_uint32 * /*minor_status*/,
470 gss_cred_id_t * /*cred_handle*/
473 OM_uint32 gss_init_sec_context
474 (OM_uint32 * /*minor_status*/,
475 const gss_cred_id_t /*initiator_cred_handle*/,
476 gss_ctx_id_t * /*context_handle*/,
477 const gss_name_t /*target_name*/,
478 const gss_OID /*mech_type*/,
479 OM_uint32 /*req_flags*/,
480 OM_uint32 /*time_req*/,
481 const gss_channel_bindings_t /*input_chan_bindings*/,
482 const gss_buffer_t /*input_token*/,
483 gss_OID * /*actual_mech_type*/,
484 gss_buffer_t /*output_token*/,
485 OM_uint32 * /*ret_flags*/,
486 OM_uint32 * /*time_rec*/
489 OM_uint32 gss_accept_sec_context
490 (OM_uint32 * /*minor_status*/,
491 gss_ctx_id_t * /*context_handle*/,
492 const gss_cred_id_t /*acceptor_cred_handle*/,
493 const gss_buffer_t /*input_token_buffer*/,
494 const gss_channel_bindings_t /*input_chan_bindings*/,
495 gss_name_t * /*src_name*/,
496 gss_OID * /*mech_type*/,
497 gss_buffer_t /*output_token*/,
498 OM_uint32 * /*ret_flags*/,
499 OM_uint32 * /*time_rec*/,
500 gss_cred_id_t * /*delegated_cred_handle*/
503 OM_uint32 gss_process_context_token
504 (OM_uint32 * /*minor_status*/,
505 const gss_ctx_id_t /*context_handle*/,
506 const gss_buffer_t /*token_buffer*/
509 OM_uint32 gss_delete_sec_context
510 (OM_uint32 * /*minor_status*/,
511 gss_ctx_id_t * /*context_handle*/,
512 gss_buffer_t /*output_token*/
515 OM_uint32 gss_context_time
516 (OM_uint32 * /*minor_status*/,
517 const gss_ctx_id_t /*context_handle*/,
518 OM_uint32 * /*time_rec*/
521 OM_uint32 gss_get_mic
522 (OM_uint32 * /*minor_status*/,
523 const gss_ctx_id_t /*context_handle*/,
524 gss_qop_t /*qop_req*/,
525 const gss_buffer_t /*message_buffer*/,
526 gss_buffer_t /*message_token*/
529 OM_uint32 gss_verify_mic
530 (OM_uint32 * /*minor_status*/,
531 const gss_ctx_id_t /*context_handle*/,
532 const gss_buffer_t /*message_buffer*/,
533 const gss_buffer_t /*token_buffer*/,
534 gss_qop_t * /*qop_state*/
538 (OM_uint32 * /*minor_status*/,
539 const gss_ctx_id_t /*context_handle*/,
540 int /*conf_req_flag*/,
541 gss_qop_t /*qop_req*/,
542 const gss_buffer_t /*input_message_buffer*/,
543 int * /*conf_state*/,
544 gss_buffer_t /*output_message_buffer*/
548 (OM_uint32 * /*minor_status*/,
549 const gss_ctx_id_t /*context_handle*/,
550 const gss_buffer_t /*input_message_buffer*/,
551 gss_buffer_t /*output_message_buffer*/,
552 int * /*conf_state*/,
553 gss_qop_t * /*qop_state*/
556 OM_uint32 gss_display_status
557 (OM_uint32 * /*minor_status*/,
558 OM_uint32 /*status_value*/,
560 const gss_OID /*mech_type*/,
561 OM_uint32 * /*message_context*/,
562 gss_buffer_t /*status_string*/
565 OM_uint32 gss_indicate_mechs
566 (OM_uint32 * /*minor_status*/,
567 gss_OID_set * /*mech_set*/
570 OM_uint32 gss_compare_name
571 (OM_uint32 * /*minor_status*/,
572 const gss_name_t /*name1*/,
573 const gss_name_t /*name2*/,
577 OM_uint32 gss_display_name
578 (OM_uint32 * /*minor_status*/,
579 const gss_name_t /*input_name*/,
580 gss_buffer_t /*output_name_buffer*/,
581 gss_OID * /*output_name_type*/
584 OM_uint32 gss_import_name
585 (OM_uint32 * /*minor_status*/,
586 const gss_buffer_t /*input_name_buffer*/,
587 const gss_OID /*input_name_type*/,
588 gss_name_t * /*output_name*/
591 OM_uint32 gss_export_name
592 (OM_uint32 * /*minor_status*/,
593 const gss_name_t /*input_name*/,
594 gss_buffer_t /*exported_name*/
597 OM_uint32 gss_release_name
598 (OM_uint32 * /*minor_status*/,
599 gss_name_t * /*input_name*/
602 OM_uint32 gss_release_buffer
603 (OM_uint32 * /*minor_status*/,
604 gss_buffer_t /*buffer*/
607 OM_uint32 gss_release_oid_set
608 (OM_uint32 * /*minor_status*/,
609 gss_OID_set * /*set*/
612 OM_uint32 gss_inquire_cred
613 (OM_uint32 * /*minor_status*/,
614 const gss_cred_id_t /*cred_handle*/,
615 gss_name_t * /*name*/,
616 OM_uint32 * /*lifetime*/,
617 gss_cred_usage_t * /*cred_usage*/,
618 gss_OID_set * /*mechanisms*/
621 OM_uint32 gss_inquire_context (
622 OM_uint32 * /*minor_status*/,
623 const gss_ctx_id_t /*context_handle*/,
624 gss_name_t * /*src_name*/,
625 gss_name_t * /*targ_name*/,
626 OM_uint32 * /*lifetime_rec*/,
627 gss_OID * /*mech_type*/,
628 OM_uint32 * /*ctx_flags*/,
629 int * /*locally_initiated*/,
630 int * /*open_context*/
633 OM_uint32 gss_wrap_size_limit (
634 OM_uint32 * /*minor_status*/,
635 const gss_ctx_id_t /*context_handle*/,
636 int /*conf_req_flag*/,
637 gss_qop_t /*qop_req*/,
638 OM_uint32 /*req_output_size*/,
639 OM_uint32 * /*max_input_size*/
642 OM_uint32 gss_add_cred (
643 OM_uint32 * /*minor_status*/,
644 const gss_cred_id_t /*input_cred_handle*/,
645 const gss_name_t /*desired_name*/,
646 const gss_OID /*desired_mech*/,
647 gss_cred_usage_t /*cred_usage*/,
648 OM_uint32 /*initiator_time_req*/,
649 OM_uint32 /*acceptor_time_req*/,
650 gss_cred_id_t * /*output_cred_handle*/,
651 gss_OID_set * /*actual_mechs*/,
652 OM_uint32 * /*initiator_time_rec*/,
653 OM_uint32 * /*acceptor_time_rec*/
656 OM_uint32 gss_inquire_cred_by_mech (
657 OM_uint32 * /*minor_status*/,
658 const gss_cred_id_t /*cred_handle*/,
659 const gss_OID /*mech_type*/,
660 gss_name_t * /*name*/,
661 OM_uint32 * /*initiator_lifetime*/,
662 OM_uint32 * /*acceptor_lifetime*/,
663 gss_cred_usage_t * /*cred_usage*/
666 OM_uint32 gss_export_sec_context (
667 OM_uint32 * /*minor_status*/,
668 gss_ctx_id_t * /*context_handle*/,
669 gss_buffer_t /*interprocess_token*/
672 OM_uint32 gss_import_sec_context (
673 OM_uint32 * /*minor_status*/,
674 const gss_buffer_t /*interprocess_token*/,
675 gss_ctx_id_t * /*context_handle*/
678 OM_uint32 gss_create_empty_oid_set (
679 OM_uint32 * /*minor_status*/,
680 gss_OID_set * /*oid_set*/
683 OM_uint32 gss_add_oid_set_member (
684 OM_uint32 * /*minor_status*/,
685 const gss_OID /*member_oid*/,
686 gss_OID_set * /*oid_set*/
689 OM_uint32 gss_test_oid_set_member (
690 OM_uint32 * /*minor_status*/,
691 const gss_OID /*member*/,
692 const gss_OID_set /*set*/,
696 OM_uint32 gss_inquire_names_for_mech (
697 OM_uint32 * /*minor_status*/,
698 const gss_OID /*mechanism*/,
699 gss_OID_set * /*name_types*/
702 OM_uint32 gss_inquire_mechs_for_name (
703 OM_uint32 * /*minor_status*/,
704 const gss_name_t /*input_name*/,
705 gss_OID_set * /*mech_types*/
708 OM_uint32 gss_canonicalize_name (
709 OM_uint32 * /*minor_status*/,
710 const gss_name_t /*input_name*/,
711 const gss_OID /*mech_type*/,
712 gss_name_t * /*output_name*/
715 OM_uint32 gss_duplicate_name (
716 OM_uint32 * /*minor_status*/,
717 const gss_name_t /*src_name*/,
718 gss_name_t * /*dest_name*/
722 * The following routines are obsolete variants of gss_get_mic,
723 * gss_verify_mic, gss_wrap and gss_unwrap. They should be
724 * provided by GSSAPI V2 implementations for backwards
725 * compatibility with V1 applications. Distinct entrypoints
726 * (as opposed to #defines) should be provided, both to allow
727 * GSSAPI V1 applications to link against GSSAPI V2 implementations,
728 * and to retain the slight parameter type differences between the
729 * obsolete versions of these routines and their current forms.
733 (OM_uint32 * /*minor_status*/,
734 gss_ctx_id_t /*context_handle*/,
736 gss_buffer_t /*message_buffer*/,
737 gss_buffer_t /*message_token*/
741 (OM_uint32 * /*minor_status*/,
742 gss_ctx_id_t /*context_handle*/,
743 gss_buffer_t /*message_buffer*/,
744 gss_buffer_t /*token_buffer*/,
749 (OM_uint32 * /*minor_status*/,
750 gss_ctx_id_t /*context_handle*/,
751 int /*conf_req_flag*/,
753 gss_buffer_t /*input_message_buffer*/,
754 int * /*conf_state*/,
755 gss_buffer_t /*output_message_buffer*/
759 (OM_uint32 * /*minor_status*/,
760 gss_ctx_id_t /*context_handle*/,
761 gss_buffer_t /*input_message_buffer*/,
762 gss_buffer_t /*output_message_buffer*/,
763 int * /*conf_state*/,
768 * kerberos mechanism specific functions
771 OM_uint32 gsskrb5_register_acceptor_identity
772 (const char */*identity*/);
774 OM_uint32 gss_krb5_copy_ccache
775 (OM_uint32 */*minor*/,
776 gss_cred_id_t /*cred*/,
777 struct krb5_ccache_data */*out*/);
779 #define GSS_C_KRB5_COMPAT_DES3_MIC 1
782 gss_krb5_compat_des3_mic(OM_uint32 *, gss_ctx_id_t, int);
788 #endif /* GSSAPI_H_ */
projects / dragonfly.git / blob