10Sstevel@tonic-gate /* 2*10598SGlenn.Barry@Sun.COM * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 30Sstevel@tonic-gate * Use is subject to license terms. 40Sstevel@tonic-gate */ 50Sstevel@tonic-gate 60Sstevel@tonic-gate /* 70Sstevel@tonic-gate * Copyright 1993 by OpenVision Technologies, Inc. 80Sstevel@tonic-gate * 90Sstevel@tonic-gate * Permission to use, copy, modify, distribute, and sell this software 100Sstevel@tonic-gate * and its documentation for any purpose is hereby granted without fee, 110Sstevel@tonic-gate * provided that the above copyright notice appears in all copies and 120Sstevel@tonic-gate * that both that copyright notice and this permission notice appear in 130Sstevel@tonic-gate * supporting documentation, and that the name of OpenVision not be used 140Sstevel@tonic-gate * in advertising or publicity pertaining to distribution of the software 150Sstevel@tonic-gate * without specific, written prior permission. OpenVision makes no 160Sstevel@tonic-gate * representations about the suitability of this software for any 170Sstevel@tonic-gate * purpose. It is provided "as is" without express or implied warranty. 180Sstevel@tonic-gate * 190Sstevel@tonic-gate * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, 200Sstevel@tonic-gate * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO 210Sstevel@tonic-gate * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR 220Sstevel@tonic-gate * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF 230Sstevel@tonic-gate * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR 240Sstevel@tonic-gate * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 250Sstevel@tonic-gate * PERFORMANCE OF THIS SOFTWARE. 260Sstevel@tonic-gate */ 270Sstevel@tonic-gate 280Sstevel@tonic-gate #include <mechglueP.h> 290Sstevel@tonic-gate 300Sstevel@tonic-gate /* 310Sstevel@tonic-gate * See krb5/gssapi_krb5.c for a description of the algorithm for 320Sstevel@tonic-gate * encoding an object identifier. 330Sstevel@tonic-gate */ 340Sstevel@tonic-gate 350Sstevel@tonic-gate /* 360Sstevel@tonic-gate * The OID of user_name is(gss_nt_user_name, GSS_C_NT_USER_NAME): 370Sstevel@tonic-gate * iso(1) member-body(2) US(840) mit(113554) infosys(1) gssapi(2) 380Sstevel@tonic-gate * generic(1) user_name(1) = 1.2.840.113554.1.2.1.1 390Sstevel@tonic-gate * machine_uid_name(gss_nt_machine_uid_name, GSS_C_NT_MACHINE_UID_NAME): 400Sstevel@tonic-gate * iso(1) member-body(2) US(840) mit(113554) infosys(1) gssapi(2) 410Sstevel@tonic-gate * generic(1) machine_uid_name(2) = 1.2.840.113554.1.2.1.2 420Sstevel@tonic-gate * string_uid_name(gss_nt_string_uid_name,GSS_C_NT_STRING_UID_NAME): 430Sstevel@tonic-gate * iso(1) member-body(2) US(840) mit(113554) infosys(1) gssapi(2) 440Sstevel@tonic-gate * generic(1) string_uid_name(3) = 1.2.840.113554.1.2.1.3 450Sstevel@tonic-gate * service_name(gss_nt_service_name): 460Sstevel@tonic-gate * iso(1) member-body(2) US(840) mit(113554) infosys(1) gssapi(2) 470Sstevel@tonic-gate * generic(1) service_name(4) = 1.2.840.113554.1.2.1.4 480Sstevel@tonic-gate * hostbased_service_name(GSS_C_NT_HOSTBASED_SERVICE) 490Sstevel@tonic-gate * iso(1) org(3) dod(6) 1(internet) 5(security) 6(nametypes) 500Sstevel@tonic-gate * 2(gss-host-based-services) == 1.3.6.1.5.6.2 510Sstevel@tonic-gate * anonymous_name(GSS_C_NT_ANONYMOUS) 520Sstevel@tonic-gate * iso(1) org(3) dod(6) 1(internet) 5(security) 6(nametypes) 530Sstevel@tonic-gate * 3(anonymous) = 1.3.6.1.5.6.3 540Sstevel@tonic-gate * export_name(GSS_C_NT_EXPORT) 550Sstevel@tonic-gate * iso(1) org(3) dod(6) 1(internet) 5(security) 6(nametypes) 560Sstevel@tonic-gate * 4(export) = 1.3.6.1.5.6.4 570Sstevel@tonic-gate */ 580Sstevel@tonic-gate 590Sstevel@tonic-gate static const gss_OID_desc oids[] = { 600Sstevel@tonic-gate {10, "\052\206\110\206\367\022\001\002\001\001"}, 610Sstevel@tonic-gate {10, "\052\206\110\206\367\022\001\002\001\002"}, 620Sstevel@tonic-gate {10, "\052\206\110\206\367\022\001\002\001\003"}, 630Sstevel@tonic-gate {10, "\052\206\110\206\367\022\001\002\001\004"}, 640Sstevel@tonic-gate {6, "\053\006\001\005\006\002"}, 650Sstevel@tonic-gate {6, "\053\006\001\005\006\003"}, 660Sstevel@tonic-gate {6, "\053\006\001\005\006\004"}, 67*10598SGlenn.Barry@Sun.COM {11, "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x05\x05"}, 68*10598SGlenn.Barry@Sun.COM 690Sstevel@tonic-gate }; 700Sstevel@tonic-gate 710Sstevel@tonic-gate const gss_OID_desc * const gss_nt_user_name = oids+0; 720Sstevel@tonic-gate const gss_OID_desc * const gss_nt_machine_uid_name = oids+1; 730Sstevel@tonic-gate const gss_OID_desc * const gss_nt_string_uid_name = oids+2; 740Sstevel@tonic-gate const gss_OID_desc * const gss_nt_service_name = oids+3; 750Sstevel@tonic-gate /* XXXXX These are needed for Kerberos */ 760Sstevel@tonic-gate const gss_OID_desc * const gss_nt_service_name_v2 = oids+4; 770Sstevel@tonic-gate const gss_OID_desc * const gss_nt_exported_name = oids+6; 780Sstevel@tonic-gate 790Sstevel@tonic-gate 800Sstevel@tonic-gate /* 810Sstevel@tonic-gate * These are added to reflect definitions in the 820Sstevel@tonic-gate * gss c-bindings spec. 830Sstevel@tonic-gate */ 840Sstevel@tonic-gate 850Sstevel@tonic-gate /* 860Sstevel@tonic-gate * The use of the following defines are preferred over the above defines. 870Sstevel@tonic-gate * This is because the following are the only ones defined 880Sstevel@tonic-gate * in GSS-API Specs. 890Sstevel@tonic-gate */ 900Sstevel@tonic-gate const gss_OID GSS_C_NT_USER_NAME = (gss_OID)oids+0; 910Sstevel@tonic-gate const gss_OID GSS_C_NT_MACHINE_UID_NAME = (gss_OID)oids+1; 920Sstevel@tonic-gate const gss_OID GSS_C_NT_STRING_UID_NAME = (gss_OID)oids+2; 930Sstevel@tonic-gate const gss_OID GSS_C_NT_HOSTBASED_SERVICE = (gss_OID)oids+4; 940Sstevel@tonic-gate const gss_OID GSS_C_NT_ANONYMOUS = (gss_OID)oids+5; 950Sstevel@tonic-gate const gss_OID GSS_C_NT_EXPORT_NAME = (gss_OID)oids+6; 96*10598SGlenn.Barry@Sun.COM const gss_OID GSS_C_INQ_SSPI_SESSION_KEY = (gss_OID)oids+7; 97