xref: /minix3/crypto/external/bsd/heimdal/dist/lib/gssapi/krb5/gsskrb5_locl.h (revision ebfedea0ce5bbe81e252ddf32d732e40fb633fae) 
1*ebfedea0SLionel Sambuc /*	$NetBSD: gsskrb5_locl.h,v 1.1.1.2 2011/04/14 14:08:26 elric Exp $	*/
2*ebfedea0SLionel Sambuc 
3*ebfedea0SLionel Sambuc /*
4*ebfedea0SLionel Sambuc  * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
5*ebfedea0SLionel Sambuc  * (Royal Institute of Technology, Stockholm, Sweden).
6*ebfedea0SLionel Sambuc  * All rights reserved.
7*ebfedea0SLionel Sambuc  *
8*ebfedea0SLionel Sambuc  * Redistribution and use in source and binary forms, with or without
9*ebfedea0SLionel Sambuc  * modification, are permitted provided that the following conditions
10*ebfedea0SLionel Sambuc  * are met:
11*ebfedea0SLionel Sambuc  *
12*ebfedea0SLionel Sambuc  * 1. Redistributions of source code must retain the above copyright
13*ebfedea0SLionel Sambuc  *    notice, this list of conditions and the following disclaimer.
14*ebfedea0SLionel Sambuc  *
15*ebfedea0SLionel Sambuc  * 2. Redistributions in binary form must reproduce the above copyright
16*ebfedea0SLionel Sambuc  *    notice, this list of conditions and the following disclaimer in the
17*ebfedea0SLionel Sambuc  *    documentation and/or other materials provided with the distribution.
18*ebfedea0SLionel Sambuc  *
19*ebfedea0SLionel Sambuc  * 3. Neither the name of the Institute nor the names of its contributors
20*ebfedea0SLionel Sambuc  *    may be used to endorse or promote products derived from this software
21*ebfedea0SLionel Sambuc  *    without specific prior written permission.
22*ebfedea0SLionel Sambuc  *
23*ebfedea0SLionel Sambuc  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24*ebfedea0SLionel Sambuc  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25*ebfedea0SLionel Sambuc  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26*ebfedea0SLionel Sambuc  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27*ebfedea0SLionel Sambuc  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28*ebfedea0SLionel Sambuc  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29*ebfedea0SLionel Sambuc  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30*ebfedea0SLionel Sambuc  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31*ebfedea0SLionel Sambuc  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32*ebfedea0SLionel Sambuc  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33*ebfedea0SLionel Sambuc  * SUCH DAMAGE.
34*ebfedea0SLionel Sambuc  */
35*ebfedea0SLionel Sambuc 
36*ebfedea0SLionel Sambuc /* Id */
37*ebfedea0SLionel Sambuc 
38*ebfedea0SLionel Sambuc #ifndef GSSKRB5_LOCL_H
39*ebfedea0SLionel Sambuc #define GSSKRB5_LOCL_H
40*ebfedea0SLionel Sambuc 
41*ebfedea0SLionel Sambuc #include <config.h>
42*ebfedea0SLionel Sambuc 
43*ebfedea0SLionel Sambuc #include <krb5_locl.h>
44*ebfedea0SLionel Sambuc #include <gkrb5_err.h>
45*ebfedea0SLionel Sambuc #include <gssapi/gssapi.h>
46*ebfedea0SLionel Sambuc #include <gssapi_mech.h>
47*ebfedea0SLionel Sambuc #include <gssapi/gssapi_krb5.h>
48*ebfedea0SLionel Sambuc #include <assert.h>
49*ebfedea0SLionel Sambuc 
50*ebfedea0SLionel Sambuc #include "cfx.h"
51*ebfedea0SLionel Sambuc 
52*ebfedea0SLionel Sambuc /*
53*ebfedea0SLionel Sambuc  *
54*ebfedea0SLionel Sambuc  */
55*ebfedea0SLionel Sambuc 
56*ebfedea0SLionel Sambuc struct gss_msg_order;
57*ebfedea0SLionel Sambuc 
58*ebfedea0SLionel Sambuc typedef struct gsskrb5_ctx {
59*ebfedea0SLionel Sambuc   struct krb5_auth_context_data *auth_context;
60*ebfedea0SLionel Sambuc   struct krb5_auth_context_data *deleg_auth_context;
61*ebfedea0SLionel Sambuc   krb5_principal source, target;
62*ebfedea0SLionel Sambuc #define IS_DCE_STYLE(ctx) (((ctx)->flags & GSS_C_DCE_STYLE) != 0)
63*ebfedea0SLionel Sambuc   OM_uint32 flags;
64*ebfedea0SLionel Sambuc   enum { LOCAL = 1, OPEN = 2,
65*ebfedea0SLionel Sambuc 	 COMPAT_OLD_DES3 = 4,
66*ebfedea0SLionel Sambuc          COMPAT_OLD_DES3_SELECTED = 8,
67*ebfedea0SLionel Sambuc 	 ACCEPTOR_SUBKEY = 16,
68*ebfedea0SLionel Sambuc 	 RETRIED = 32,
69*ebfedea0SLionel Sambuc 	 CLOSE_CCACHE = 64,
70*ebfedea0SLionel Sambuc 	 IS_CFX = 128
71*ebfedea0SLionel Sambuc   } more_flags;
72*ebfedea0SLionel Sambuc   enum gss_ctx_id_t_state {
73*ebfedea0SLionel Sambuc       /* initiator states */
74*ebfedea0SLionel Sambuc       INITIATOR_START,
75*ebfedea0SLionel Sambuc       INITIATOR_RESTART,
76*ebfedea0SLionel Sambuc       INITIATOR_WAIT_FOR_MUTAL,
77*ebfedea0SLionel Sambuc       INITIATOR_READY,
78*ebfedea0SLionel Sambuc       /* acceptor states */
79*ebfedea0SLionel Sambuc       ACCEPTOR_START,
80*ebfedea0SLionel Sambuc       ACCEPTOR_WAIT_FOR_DCESTYLE,
81*ebfedea0SLionel Sambuc       ACCEPTOR_READY
82*ebfedea0SLionel Sambuc   } state;
83*ebfedea0SLionel Sambuc   krb5_creds *kcred;
84*ebfedea0SLionel Sambuc   krb5_ccache ccache;
85*ebfedea0SLionel Sambuc   struct krb5_ticket *ticket;
86*ebfedea0SLionel Sambuc   OM_uint32 lifetime;
87*ebfedea0SLionel Sambuc   HEIMDAL_MUTEX ctx_id_mutex;
88*ebfedea0SLionel Sambuc   struct gss_msg_order *order;
89*ebfedea0SLionel Sambuc   krb5_keyblock *service_keyblock;
90*ebfedea0SLionel Sambuc   krb5_data fwd_data;
91*ebfedea0SLionel Sambuc   krb5_crypto crypto;
92*ebfedea0SLionel Sambuc } *gsskrb5_ctx;
93*ebfedea0SLionel Sambuc 
94*ebfedea0SLionel Sambuc typedef struct {
95*ebfedea0SLionel Sambuc   krb5_principal principal;
96*ebfedea0SLionel Sambuc   int cred_flags;
97*ebfedea0SLionel Sambuc #define GSS_CF_DESTROY_CRED_ON_RELEASE	1
98*ebfedea0SLionel Sambuc #define GSS_CF_NO_CI_FLAGS		2
99*ebfedea0SLionel Sambuc   struct krb5_keytab_data *keytab;
100*ebfedea0SLionel Sambuc   OM_uint32 lifetime;
101*ebfedea0SLionel Sambuc   gss_cred_usage_t usage;
102*ebfedea0SLionel Sambuc   gss_OID_set mechanisms;
103*ebfedea0SLionel Sambuc   struct krb5_ccache_data *ccache;
104*ebfedea0SLionel Sambuc   HEIMDAL_MUTEX cred_id_mutex;
105*ebfedea0SLionel Sambuc   krb5_enctype *enctypes;
106*ebfedea0SLionel Sambuc } *gsskrb5_cred;
107*ebfedea0SLionel Sambuc 
108*ebfedea0SLionel Sambuc typedef struct Principal *gsskrb5_name;
109*ebfedea0SLionel Sambuc 
110*ebfedea0SLionel Sambuc /*
111*ebfedea0SLionel Sambuc  *
112*ebfedea0SLionel Sambuc  */
113*ebfedea0SLionel Sambuc 
114*ebfedea0SLionel Sambuc extern krb5_keytab _gsskrb5_keytab;
115*ebfedea0SLionel Sambuc extern HEIMDAL_MUTEX gssapi_keytab_mutex;
116*ebfedea0SLionel Sambuc 
117*ebfedea0SLionel Sambuc /*
118*ebfedea0SLionel Sambuc  * Prototypes
119*ebfedea0SLionel Sambuc  */
120*ebfedea0SLionel Sambuc 
121*ebfedea0SLionel Sambuc #include <gsskrb5-private.h>
122*ebfedea0SLionel Sambuc 
123*ebfedea0SLionel Sambuc #define GSSAPI_KRB5_INIT(ctx) do {				\
124*ebfedea0SLionel Sambuc     krb5_error_code kret_gss_init;				\
125*ebfedea0SLionel Sambuc     if((kret_gss_init = _gsskrb5_init (ctx)) != 0) {		\
126*ebfedea0SLionel Sambuc 	*minor_status = kret_gss_init;				\
127*ebfedea0SLionel Sambuc 	return GSS_S_FAILURE;					\
128*ebfedea0SLionel Sambuc     }								\
129*ebfedea0SLionel Sambuc } while (0)
130*ebfedea0SLionel Sambuc 
131*ebfedea0SLionel Sambuc /* sec_context flags */
132*ebfedea0SLionel Sambuc 
133*ebfedea0SLionel Sambuc #define SC_LOCAL_ADDRESS  0x01
134*ebfedea0SLionel Sambuc #define SC_REMOTE_ADDRESS 0x02
135*ebfedea0SLionel Sambuc #define SC_KEYBLOCK	  0x04
136*ebfedea0SLionel Sambuc #define SC_LOCAL_SUBKEY	  0x08
137*ebfedea0SLionel Sambuc #define SC_REMOTE_SUBKEY  0x10
138*ebfedea0SLionel Sambuc 
139*ebfedea0SLionel Sambuc /* type to signal that that dns canon maybe should be done */
140*ebfedea0SLionel Sambuc #define MAGIC_HOSTBASED_NAME_TYPE 4711
141*ebfedea0SLionel Sambuc 
142*ebfedea0SLionel Sambuc #endif
143