kerberosgss.h 2.58 KB
Newer Older
Guido Günther's avatar
Guido Günther committed
1
/**
2
 * Copyright (c) 2006-2013 Apple Inc. All rights reserved.
Guido Günther's avatar
Guido Günther committed
3 4 5 6 7 8 9 10 11 12 13 14 15 16
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 **/

17 18 19
#include <gssapi/gssapi.h>
#include <gssapi/gssapi_generic.h>
#include <gssapi/gssapi_krb5.h>
20 21 22
#ifdef GSSAPI_EXT
  #include <gssapi/gssapi_ext.h>
#endif
Guido Günther's avatar
Guido Günther committed
23 24
#define krb5_get_err_text(context,code) error_message(code)

25 26 27
#define AUTH_GSS_ERROR      -1
#define AUTH_GSS_COMPLETE    1
#define AUTH_GSS_CONTINUE    0
Guido Günther's avatar
Guido Günther committed
28

29 30 31 32
#define GSS_AUTH_P_NONE         1
#define GSS_AUTH_P_INTEGRITY    2
#define GSS_AUTH_P_PRIVACY      4

Guido Günther's avatar
Guido Günther committed
33
typedef struct {
34 35
    gss_ctx_id_t     context;
    gss_name_t       server_name;
36
    gss_OID          mech_oid;
37
    long int         gss_flags;
38
    gss_cred_id_t    client_creds;
39 40
    char*            username;
    char*            response;
41
    int              responseConf;
Guido Günther's avatar
Guido Günther committed
42 43 44
} gss_client_state;

typedef struct {
45 46 47 48 49 50
    gss_ctx_id_t     context;
    gss_name_t       server_name;
    gss_name_t       client_name;
    gss_cred_id_t    server_creds;
    gss_cred_id_t    client_creds;
    char*            username;
51
    char*            targetname;
52
    char*            response;
Guido Günther's avatar
Guido Günther committed
53 54
} gss_server_state;

55 56
char* server_principal_details(const char* service, const char* hostname);

57
int authenticate_gss_client_init(const char* service, const char* principal, long int gss_flags, gss_OID mech_oid, gss_client_state* state);
Guido Günther's avatar
Guido Günther committed
58 59
int authenticate_gss_client_clean(gss_client_state *state);
int authenticate_gss_client_step(gss_client_state *state, const char *challenge);
60
int authenticate_gss_client_unwrap(gss_client_state* state, const char* challenge);
61
int authenticate_gss_client_wrap(gss_client_state* state, const char* challenge, const char* user, int protect);
62 63 64 65
#ifdef GSSAPI_EXT
  int authenticate_gss_client_wrap_iov(gss_client_state* state, const char* challenge, int protect, int *pad_len);
  int authenticate_gss_client_unwrap_iov(gss_client_state* state, const char* challenge);
#endif
66
int authenticate_gss_server_init(const char* service, gss_server_state* state);
Guido Günther's avatar
Guido Günther committed
67 68
int authenticate_gss_server_clean(gss_server_state *state);
int authenticate_gss_server_step(gss_server_state *state, const char *challenge);