PageRenderTime 33ms CodeModel.GetById 9ms app.highlight 18ms RepoModel.GetById 1ms app.codeStats 1ms

/include/gssapi/gssapi.h

https://bitbucket.org/freebsd/freebsd-head/
C++ Header | 849 lines | 509 code | 112 blank | 228 comment | 1 complexity | 683bb369194cc3d297a8761c453d4992 MD5 | raw file
  1/*
  2 * Copyright (C) The Internet Society (2000).  All Rights Reserved.
  3 *
  4 * This document and translations of it may be copied and furnished to
  5 * others, and derivative works that comment on or otherwise explain it
  6 * or assist in its implementation may be prepared, copied, published
  7 * and distributed, in whole or in part, without restriction of any
  8 * kind, provided that the above copyright notice and this paragraph are
  9 * included on all such copies and derivative works.  However, this
 10 * document itself may not be modified in any way, such as by removing
 11 * the copyright notice or references to the Internet Society or other
 12 * Internet organizations, except as needed for the purpose of
 13 * developing Internet standards in which case the procedures for
 14 * copyrights defined in the Internet Standards process must be
 15 * followed, or as required to translate it into languages other than
 16 * English.
 17 *
 18 * The limited permissions granted above are perpetual and will not be
 19 * revoked by the Internet Society or its successors or assigns.
 20 *
 21 * This document and the information contained herein is provided on an
 22 * "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
 23 * TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
 24 * BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
 25 * HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
 26 * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
 27 *
 28 * $FreeBSD$
 29 */
 30
 31#ifndef _GSSAPI_GSSAPI_H_
 32#define _GSSAPI_GSSAPI_H_
 33
 34#include <sys/cdefs.h>
 35#include <sys/_types.h>
 36
 37#ifndef _SIZE_T_DECLARED
 38typedef	__size_t	size_t;
 39#define	_SIZE_T_DECLARED
 40#endif
 41
 42#ifndef _SSIZE_T_DECLARED
 43typedef	__ssize_t	ssize_t;
 44#define	_SSIZE_T_DECLARED
 45#endif
 46
 47#if 0
 48/*
 49 * If the platform supports the xom.h header file, it should be
 50 * included here.
 51 */
 52#include <xom.h>
 53#endif
 54
 55
 56/*
 57 * Now define the three implementation-dependent types.
 58 */
 59typedef struct _gss_ctx_id_t *gss_ctx_id_t;
 60typedef struct _gss_cred_id_t *gss_cred_id_t;
 61typedef struct _gss_name_t *gss_name_t;
 62
 63/*
 64 * The following type must be defined as the smallest natural
 65 * unsigned integer supported by the platform that has at least
 66 * 32 bits of precision.
 67 */
 68typedef __uint32_t gss_uint32;
 69
 70
 71#ifdef OM_STRING
 72/*
 73 * We have included the xom.h header file.  Verify that OM_uint32
 74 * is defined correctly.
 75 */
 76
 77#if sizeof(gss_uint32) != sizeof(OM_uint32)
 78#error Incompatible definition of OM_uint32 from xom.h
 79#endif
 80
 81typedef OM_object_identifier gss_OID_desc, *gss_OID;
 82
 83#else
 84
 85/*
 86 * We can't use X/Open definitions, so roll our own.
 87 */
 88
 89typedef gss_uint32 OM_uint32;
 90typedef __uint64_t OM_uint64;
 91
 92typedef struct gss_OID_desc_struct {
 93  OM_uint32 length;
 94  void      *elements;
 95} gss_OID_desc, *gss_OID;
 96
 97#endif
 98
 99typedef struct gss_OID_set_desc_struct  {
100  size_t     count;
101  gss_OID    elements;
102} gss_OID_set_desc, *gss_OID_set;
103
104typedef struct gss_buffer_desc_struct {
105  size_t length;
106  void *value;
107} gss_buffer_desc, *gss_buffer_t;
108
109typedef struct gss_channel_bindings_struct {
110  OM_uint32 initiator_addrtype;
111  gss_buffer_desc initiator_address;
112  OM_uint32 acceptor_addrtype;
113  gss_buffer_desc acceptor_address;
114  gss_buffer_desc application_data;
115} *gss_channel_bindings_t;
116
117/*
118 * For now, define a QOP-type as an OM_uint32
119 */
120typedef OM_uint32 gss_qop_t;
121
122typedef int gss_cred_usage_t;
123
124/*
125 * Flag bits for context-level services.
126 */
127#define GSS_C_DELEG_FLAG      1
128#define GSS_C_MUTUAL_FLAG     2
129#define GSS_C_REPLAY_FLAG     4
130#define GSS_C_SEQUENCE_FLAG   8
131#define GSS_C_CONF_FLAG       16
132#define GSS_C_INTEG_FLAG      32
133#define GSS_C_ANON_FLAG       64
134#define GSS_C_PROT_READY_FLAG 128
135#define GSS_C_TRANS_FLAG      256
136
137/*
138 * Credential usage options
139 */
140#define GSS_C_BOTH     0
141#define GSS_C_INITIATE 1
142#define GSS_C_ACCEPT   2
143
144/*
145 * Status code types for gss_display_status
146 */
147#define GSS_C_GSS_CODE  1
148#define GSS_C_MECH_CODE 2
149
150/*
151 * The constant definitions for channel-bindings address families
152 */
153#define GSS_C_AF_UNSPEC     0
154#define GSS_C_AF_LOCAL      1
155#define GSS_C_AF_INET       2
156#define GSS_C_AF_IMPLINK    3
157#define GSS_C_AF_PUP        4
158#define GSS_C_AF_CHAOS      5
159#define GSS_C_AF_NS         6
160#define GSS_C_AF_NBS        7
161#define GSS_C_AF_ECMA       8
162#define GSS_C_AF_DATAKIT    9
163#define GSS_C_AF_CCITT      10
164#define GSS_C_AF_SNA        11
165#define GSS_C_AF_DECnet     12
166#define GSS_C_AF_DLI        13
167#define GSS_C_AF_LAT        14
168#define GSS_C_AF_HYLINK     15
169#define GSS_C_AF_APPLETALK  16
170#define GSS_C_AF_BSC        17
171#define GSS_C_AF_DSS        18
172#define GSS_C_AF_OSI        19
173#define GSS_C_AF_X25        21
174#define GSS_C_AF_NULLADDR   255
175
176/*
177 * Various Null values
178 */
179#define GSS_C_NO_NAME ((gss_name_t) 0)
180#define GSS_C_NO_BUFFER ((gss_buffer_t) 0)
181#define GSS_C_NO_OID ((gss_OID) 0)
182#define GSS_C_NO_OID_SET ((gss_OID_set) 0)
183#define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0)
184#define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0)
185#define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0)
186#define GSS_C_EMPTY_BUFFER {0, NULL}
187
188/*
189 * Some alternate names for a couple of the above
190 * values.  These are defined for V1 compatibility.
191 */
192#define GSS_C_NULL_OID GSS_C_NO_OID
193#define GSS_C_NULL_OID_SET GSS_C_NO_OID_SET
194
195/*
196 * Define the default Quality of Protection for per-message
197 * services.  Note that an implementation that offers multiple
198 * levels of QOP may define GSS_C_QOP_DEFAULT to be either zero
199 * (as done here) to mean "default protection", or to a specific
200 * explicit QOP value.  However, a value of 0 should always be
201 * interpreted by a GSS-API implementation as a request for the
202 * default protection level.
203 */
204#define GSS_C_QOP_DEFAULT 0
205
206/*
207 * Expiration time of 2^32-1 seconds means infinite lifetime for a
208 * credential or security context
209 */
210#define GSS_C_INDEFINITE 0xfffffffful
211
212/*
213 * The implementation must reserve static storage for a
214 * gss_OID_desc object containing the value
215 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
216 * "\x01\x02\x01\x01"},
217 * corresponding to an object-identifier value of
218 * {iso(1) member-body(2) United States(840) mit(113554)
219 * infosys(1) gssapi(2) generic(1) user_name(1)}.  The constant
220 * GSS_C_NT_USER_NAME should be initialized to point
221 * to that gss_OID_desc.
222 */
223extern gss_OID GSS_C_NT_USER_NAME;
224
225/*
226 * The implementation must reserve static storage for a
227 * gss_OID_desc object containing the value
228 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
229 *              "\x01\x02\x01\x02"},
230 * corresponding to an object-identifier value of
231 * {iso(1) member-body(2) United States(840) mit(113554)
232 * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}.
233 * The constant GSS_C_NT_MACHINE_UID_NAME should be
234 * initialized to point to that gss_OID_desc.
235 */
236extern gss_OID GSS_C_NT_MACHINE_UID_NAME;
237
238/*
239 * The implementation must reserve static storage for a
240 * gss_OID_desc object containing the value
241 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
242 *              "\x01\x02\x01\x03"},
243 * corresponding to an object-identifier value of
244 * {iso(1) member-body(2) United States(840) mit(113554)
245 * infosys(1) gssapi(2) generic(1) string_uid_name(3)}.
246 * The constant GSS_C_NT_STRING_UID_NAME should be
247 * initialized to point to that gss_OID_desc.
248 */
249extern gss_OID GSS_C_NT_STRING_UID_NAME;
250
251/*
252 * The implementation must reserve static storage for a
253 * gss_OID_desc object containing the value
254 * {6, (void *)"\x2b\x06\x01\x05\x06\x02"},
255 * corresponding to an object-identifier value of
256 * {iso(1) org(3) dod(6) internet(1) security(5)
257 * nametypes(6) gss-host-based-services(2)).  The constant
258 * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point
259 * to that gss_OID_desc.  This is a deprecated OID value, and
260 * implementations wishing to support hostbased-service names
261 * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID,
262 * defined below, to identify such names;
263 * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym
264 * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input
265 * parameter, but should not be emitted by GSS-API
266 * implementations
267 */
268extern gss_OID GSS_C_NT_HOSTBASED_SERVICE_X;
269
270/*
271 * The implementation must reserve static storage for a
272 * gss_OID_desc object containing the value
273 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
274 *              "\x01\x02\x01\x04"}, corresponding to an
275 * object-identifier value of {iso(1) member-body(2)
276 * Unites States(840) mit(113554) infosys(1) gssapi(2)
277 * generic(1) service_name(4)}.  The constant
278 * GSS_C_NT_HOSTBASED_SERVICE should be initialized
279 * to point to that gss_OID_desc.
280 */
281extern gss_OID GSS_C_NT_HOSTBASED_SERVICE;
282
283/*
284 * The implementation must reserve static storage for a
285 * gss_OID_desc object containing the value
286 * {6, (void *)"\x2b\x06\01\x05\x06\x03"},
287 * corresponding to an object identifier value of
288 * {1(iso), 3(org), 6(dod), 1(internet), 5(security),
289 * 6(nametypes), 3(gss-anonymous-name)}.  The constant
290 * and GSS_C_NT_ANONYMOUS should be initialized to point
291 * to that gss_OID_desc.
292 */
293extern gss_OID GSS_C_NT_ANONYMOUS;
294
295
296/*
297 * The implementation must reserve static storage for a
298 * gss_OID_desc object containing the value
299 * {6, (void *)"\x2b\x06\x01\x05\x06\x04"},
300 * corresponding to an object-identifier value of
301 * {1(iso), 3(org), 6(dod), 1(internet), 5(security),
302 * 6(nametypes), 4(gss-api-exported-name)}.  The constant
303 * GSS_C_NT_EXPORT_NAME should be initialized to point
304 * to that gss_OID_desc.
305 */
306extern gss_OID GSS_C_NT_EXPORT_NAME;
307
308/*
309 *   This name form shall be represented by the Object Identifier {iso(1)
310 *   member-body(2) United States(840) mit(113554) infosys(1) gssapi(2)
311 *   krb5(2) krb5_name(1)}.  The recommended symbolic name for this type
312 *   is "GSS_KRB5_NT_PRINCIPAL_NAME".
313 */
314extern gss_OID GSS_KRB5_NT_PRINCIPAL_NAME;
315
316/*
317 * This name form shall be represented by the Object Identifier {iso(1)
318 * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2)
319 * generic(1) user_name(1)}.  The recommended symbolic name for this
320 * type is "GSS_KRB5_NT_USER_NAME".
321 */
322extern gss_OID GSS_KRB5_NT_USER_NAME;
323
324/*
325 * This name form shall be represented by the Object Identifier {iso(1)
326 * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2)
327 * generic(1) machine_uid_name(2)}.  The recommended symbolic name for
328 * this type is "GSS_KRB5_NT_MACHINE_UID_NAME".
329 */
330extern gss_OID GSS_KRB5_NT_MACHINE_UID_NAME;
331
332/*
333 * This name form shall be represented by the Object Identifier {iso(1)
334 * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2)
335 * generic(1) string_uid_name(3)}.  The recommended symbolic name for
336 * this type is "GSS_KRB5_NT_STRING_UID_NAME".
337 */
338extern gss_OID GSS_KRB5_NT_STRING_UID_NAME;
339
340/* Major status codes */
341
342#define GSS_S_COMPLETE 0
343
344/*
345 * Some "helper" definitions to make the status code macros obvious.
346 */
347#define GSS_C_CALLING_ERROR_OFFSET 24
348#define GSS_C_ROUTINE_ERROR_OFFSET 16
349#define GSS_C_SUPPLEMENTARY_OFFSET 0
350#define GSS_C_CALLING_ERROR_MASK 0377ul
351#define GSS_C_ROUTINE_ERROR_MASK 0377ul
352#define GSS_C_SUPPLEMENTARY_MASK 0177777ul
353
354/*
355 * The macros that test status codes for error conditions.
356 * Note that the GSS_ERROR() macro has changed slightly from
357 * the V1 GSS-API so that it now evaluates its argument
358 * only once.
359 */
360#define GSS_CALLING_ERROR(x) \
361 (x & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET))
362#define GSS_ROUTINE_ERROR(x) \
363 (x & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))
364#define GSS_SUPPLEMENTARY_INFO(x) \
365 (x & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET))
366#define GSS_ERROR(x) \
367 (x & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) | \
368       (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)))
369
370/*
371 * Now the actual status code definitions
372 */
373
374/*
375 * Calling errors:
376 */
377#define GSS_S_CALL_INACCESSIBLE_READ \
378(1ul << GSS_C_CALLING_ERROR_OFFSET)
379#define GSS_S_CALL_INACCESSIBLE_WRITE \
380(2ul << GSS_C_CALLING_ERROR_OFFSET)
381#define GSS_S_CALL_BAD_STRUCTURE \
382(3ul << GSS_C_CALLING_ERROR_OFFSET)
383
384/*
385 * Routine errors:
386 */
387#define GSS_S_BAD_MECH             (1ul << GSS_C_ROUTINE_ERROR_OFFSET)
388#define GSS_S_BAD_NAME             (2ul << GSS_C_ROUTINE_ERROR_OFFSET)
389#define GSS_S_BAD_NAMETYPE         (3ul << GSS_C_ROUTINE_ERROR_OFFSET)
390#define GSS_S_BAD_BINDINGS         (4ul << GSS_C_ROUTINE_ERROR_OFFSET)
391#define GSS_S_BAD_STATUS           (5ul << GSS_C_ROUTINE_ERROR_OFFSET)
392#define GSS_S_BAD_SIG              (6ul << GSS_C_ROUTINE_ERROR_OFFSET)
393#define GSS_S_BAD_MIC		   GSS_S_BAD_SIG
394#define GSS_S_NO_CRED              (7ul << GSS_C_ROUTINE_ERROR_OFFSET)
395#define GSS_S_NO_CONTEXT           (8ul << GSS_C_ROUTINE_ERROR_OFFSET)
396#define GSS_S_DEFECTIVE_TOKEN      (9ul << GSS_C_ROUTINE_ERROR_OFFSET)
397#define GSS_S_DEFECTIVE_CREDENTIAL (10ul << GSS_C_ROUTINE_ERROR_OFFSET)
398#define GSS_S_CREDENTIALS_EXPIRED  (11ul << GSS_C_ROUTINE_ERROR_OFFSET)
399#define GSS_S_CONTEXT_EXPIRED      (12ul << GSS_C_ROUTINE_ERROR_OFFSET)
400#define GSS_S_FAILURE              (13ul << GSS_C_ROUTINE_ERROR_OFFSET)
401#define GSS_S_BAD_QOP              (14ul << GSS_C_ROUTINE_ERROR_OFFSET)
402#define GSS_S_UNAUTHORIZED         (15ul << GSS_C_ROUTINE_ERROR_OFFSET)
403#define GSS_S_UNAVAILABLE          (16ul << GSS_C_ROUTINE_ERROR_OFFSET)
404#define GSS_S_DUPLICATE_ELEMENT    (17ul << GSS_C_ROUTINE_ERROR_OFFSET)
405#define GSS_S_NAME_NOT_MN          (18ul << GSS_C_ROUTINE_ERROR_OFFSET)
406
407/*
408 * Supplementary info bits:
409 */
410#define GSS_S_CONTINUE_NEEDED \
411	 (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 0))
412#define GSS_S_DUPLICATE_TOKEN \
413	 (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 1))
414#define GSS_S_OLD_TOKEN \
415	 (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 2))
416#define GSS_S_UNSEQ_TOKEN \
417	 (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 3))
418#define GSS_S_GAP_TOKEN \
419	 (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 4))
420
421__BEGIN_DECLS
422
423/*
424 * Finally, function prototypes for the GSS-API routines.
425 */
426OM_uint32 gss_acquire_cred
427	      (OM_uint32 *,            /* minor_status */
428	       const gss_name_t,       /* desired_name */
429	       OM_uint32,              /* time_req */
430	       const gss_OID_set,      /* desired_mechs */
431	       gss_cred_usage_t,       /* cred_usage */
432	       gss_cred_id_t *,        /* output_cred_handle */
433	       gss_OID_set *,          /* actual_mechs */
434	       OM_uint32 *             /* time_rec */
435	      );
436
437OM_uint32 gss_release_cred
438	      (OM_uint32 *,            /* minor_status */
439	       gss_cred_id_t *         /* cred_handle */
440	      );
441
442OM_uint32 gss_init_sec_context
443	      (OM_uint32 *,            /* minor_status */
444	       const gss_cred_id_t,    /* initiator_cred_handle */
445	       gss_ctx_id_t *,         /* context_handle */
446	       const gss_name_t,       /* target_name */
447	       const gss_OID,          /* mech_type */
448	       OM_uint32,              /* req_flags */
449	       OM_uint32,              /* time_req */
450	       const gss_channel_bindings_t,
451				       /* input_chan_bindings */
452	       const gss_buffer_t,     /* input_token */
453	       gss_OID *,              /* actual_mech_type */
454	       gss_buffer_t,           /* output_token */
455	       OM_uint32 *,            /* ret_flags */
456	       OM_uint32 *             /* time_rec */
457	      );
458
459OM_uint32 gss_accept_sec_context
460	      (OM_uint32 *,            /* minor_status */
461	       gss_ctx_id_t *,         /* context_handle */
462	       const gss_cred_id_t,    /* acceptor_cred_handle */
463	       const gss_buffer_t,     /* input_token_buffer */
464	       const gss_channel_bindings_t,
465				       /* input_chan_bindings */
466	       gss_name_t *,           /* src_name */
467	       gss_OID *,              /* mech_type */
468	       gss_buffer_t,           /* output_token */
469	       OM_uint32 *,            /* ret_flags */
470	       OM_uint32 *,            /* time_rec */
471	       gss_cred_id_t *         /* delegated_cred_handle */
472	      );
473
474OM_uint32 gss_process_context_token
475	      (OM_uint32 *,            /* minor_status */
476	       const gss_ctx_id_t,     /* context_handle */
477	       const gss_buffer_t      /* token_buffer */
478	      );
479
480OM_uint32 gss_delete_sec_context
481	      (OM_uint32 *,            /* minor_status */
482	       gss_ctx_id_t *,         /* context_handle */
483	       gss_buffer_t            /* output_token */
484	      );
485
486OM_uint32 gss_context_time
487	      (OM_uint32 *,            /* minor_status */
488	       const gss_ctx_id_t,     /* context_handle */
489	       OM_uint32 *             /* time_rec */
490	      );
491
492OM_uint32 gss_get_mic
493	      (OM_uint32 *,            /* minor_status */
494	       const gss_ctx_id_t,     /* context_handle */
495	       gss_qop_t,              /* qop_req */
496	       const gss_buffer_t,     /* message_buffer */
497	       gss_buffer_t            /* message_token */
498	      );
499
500OM_uint32 gss_verify_mic
501	      (OM_uint32 *,            /* minor_status */
502	       const gss_ctx_id_t,     /* context_handle */
503	       const gss_buffer_t,     /* message_buffer */
504	       const gss_buffer_t,     /* token_buffer */
505	       gss_qop_t *             /* qop_state */
506	      );
507
508OM_uint32 gss_wrap
509	      (OM_uint32 *,            /* minor_status */
510	       const gss_ctx_id_t,     /* context_handle */
511	       int,                    /* conf_req_flag */
512	       gss_qop_t,              /* qop_req */
513	       const gss_buffer_t,     /* input_message_buffer */
514	       int *,                  /* conf_state */
515	       gss_buffer_t            /* output_message_buffer */
516	      );
517
518OM_uint32 gss_unwrap
519	      (OM_uint32 *,            /* minor_status */
520	       const gss_ctx_id_t,     /* context_handle */
521	       const gss_buffer_t,     /* input_message_buffer */
522	       gss_buffer_t,           /* output_message_buffer */
523	       int *,                  /* conf_state */
524	       gss_qop_t *             /* qop_state */
525	      );
526
527OM_uint32 gss_display_status
528	      (OM_uint32 *,            /* minor_status */
529	       OM_uint32,              /* status_value */
530	       int,                    /* status_type */
531	       const gss_OID,          /* mech_type */
532	       OM_uint32 *,            /* message_context */
533	       gss_buffer_t            /* status_string */
534	      );
535
536OM_uint32 gss_indicate_mechs
537	      (OM_uint32 *,            /* minor_status */
538	       gss_OID_set *           /* mech_set */
539	      );
540
541OM_uint32 gss_compare_name
542	      (OM_uint32 *,            /* minor_status */
543	       const gss_name_t,       /* name1 */
544	       const gss_name_t,       /* name2 */
545	       int *                   /* name_equal */
546	      );
547
548OM_uint32 gss_display_name
549	      (OM_uint32 *,            /* minor_status */
550	       const gss_name_t,       /* input_name */
551	       gss_buffer_t,           /* output_name_buffer */
552	       gss_OID *               /* output_name_type */
553	      );
554
555OM_uint32 gss_import_name
556	      (OM_uint32 *,            /* minor_status */
557	       const gss_buffer_t,     /* input_name_buffer */
558	       const gss_OID,          /* input_name_type */
559	       gss_name_t *            /* output_name */
560	      );
561
562OM_uint32 gss_export_name
563	      (OM_uint32 *,            /* minor_status */
564	       const gss_name_t,       /* input_name */
565	       gss_buffer_t            /* exported_name */
566	      );
567
568OM_uint32 gss_release_name
569	      (OM_uint32 *,            /* minor_status */
570	       gss_name_t *            /* input_name */
571	      );
572
573OM_uint32 gss_release_buffer
574	      (OM_uint32 *,            /* minor_status */
575	       gss_buffer_t            /* buffer */
576	      );
577
578OM_uint32 gss_release_oid_set
579	      (OM_uint32 *,            /* minor_status */
580	       gss_OID_set *           /* set */
581	      );
582
583OM_uint32 gss_inquire_cred
584	      (OM_uint32 *,            /* minor_status */
585	       const gss_cred_id_t,    /* cred_handle */
586	       gss_name_t *,           /* name */
587	       OM_uint32 *,            /* lifetime */
588	       gss_cred_usage_t *,     /* cred_usage */
589	       gss_OID_set *           /* mechanisms */
590	      );
591
592OM_uint32 gss_inquire_context (
593	       OM_uint32 *,            /* minor_status */
594	       const gss_ctx_id_t,     /* context_handle */
595	       gss_name_t *,           /* src_name */
596	       gss_name_t *,           /* targ_name */
597	       OM_uint32 *,            /* lifetime_rec */
598	       gss_OID *,              /* mech_type */
599	       OM_uint32 *,            /* ctx_flags */
600	       int *,                  /* locally_initiated */
601	       int *                   /* open */
602	      );
603
604OM_uint32 gss_wrap_size_limit (
605	       OM_uint32 *,            /* minor_status */
606	       const gss_ctx_id_t,     /* context_handle */
607	       int,                    /* conf_req_flag */
608	       gss_qop_t,              /* qop_req */
609	       OM_uint32,              /* req_output_size */
610	       OM_uint32 *             /* max_input_size */
611	      );
612
613OM_uint32 gss_add_cred (
614	       OM_uint32 *,            /* minor_status */
615	       const gss_cred_id_t,    /* input_cred_handle */
616	       const gss_name_t,       /* desired_name */
617	       const gss_OID,          /* desired_mech */
618	       gss_cred_usage_t,       /* cred_usage */
619	       OM_uint32,              /* initiator_time_req */
620	       OM_uint32,              /* acceptor_time_req */
621	       gss_cred_id_t *,        /* output_cred_handle */
622	       gss_OID_set *,          /* actual_mechs */
623	       OM_uint32 *,            /* initiator_time_rec */
624	       OM_uint32 *             /* acceptor_time_rec */
625	      );
626
627OM_uint32 gss_inquire_cred_by_mech (
628	       OM_uint32 *,            /* minor_status */
629	       const gss_cred_id_t,    /* cred_handle */
630	       const gss_OID,          /* mech_type */
631	       gss_name_t *,           /* name */
632	       OM_uint32 *,            /* initiator_lifetime */
633	       OM_uint32 *,            /* acceptor_lifetime */
634	       gss_cred_usage_t *      /* cred_usage */
635	      );
636
637OM_uint32 gss_export_sec_context (
638	       OM_uint32 *,            /* minor_status */
639	       gss_ctx_id_t *,         /* context_handle */
640	       gss_buffer_t            /* interprocess_token */
641	      );
642
643OM_uint32 gss_import_sec_context (
644	       OM_uint32 *,            /* minor_status */
645	       const gss_buffer_t,     /* interprocess_token */
646	       gss_ctx_id_t *          /* context_handle */
647	      );
648
649OM_uint32 gss_create_empty_oid_set (
650	       OM_uint32 *,            /* minor_status */
651	       gss_OID_set *           /* oid_set */
652	      );
653
654OM_uint32 gss_add_oid_set_member (
655	       OM_uint32 *,            /* minor_status */
656	       const gss_OID,          /* member_oid */
657	       gss_OID_set *           /* oid_set */
658	      );
659
660OM_uint32 gss_test_oid_set_member (
661	       OM_uint32 *,            /* minor_status */
662	       const gss_OID,          /* member */
663	       const gss_OID_set,      /* set */
664	       int *                   /* present */
665	      );
666
667OM_uint32 gss_inquire_names_for_mech (
668	       OM_uint32 *,            /* minor_status */
669	       const gss_OID,          /* mechanism */
670	       gss_OID_set *           /* name_types */
671	      );
672
673OM_uint32 gss_inquire_mechs_for_name (
674	       OM_uint32 *,            /* minor_status */
675	       const gss_name_t,       /* input_name */
676	       gss_OID_set *           /* mech_types */
677	      );
678
679OM_uint32 gss_canonicalize_name (
680	       OM_uint32 *,            /* minor_status */
681	       const gss_name_t,       /* input_name */
682	       const gss_OID,          /* mech_type */
683	       gss_name_t *            /* output_name */
684	      );
685
686OM_uint32 gss_duplicate_name (
687	       OM_uint32 *,            /* minor_status */
688	       const gss_name_t,       /* src_name */
689	       gss_name_t *            /* dest_name */
690	      );
691
692/*
693 * The following routines are obsolete variants of gss_get_mic,
694 * gss_verify_mic, gss_wrap and gss_unwrap.  They should be
695 * provided by GSS-API V2 implementations for backwards
696 * compatibility with V1 applications.  Distinct entrypoints
697 * (as opposed to #defines) should be provided, both to allow
698 * GSS-API V1 applications to link against GSS-API V2 implementations,
699 * and to retain the slight parameter type differences between the
700 * obsolete versions of these routines and their current forms.
701 */
702
703OM_uint32 gss_sign
704	      (OM_uint32 *,       /* minor_status */
705	       gss_ctx_id_t,      /* context_handle */
706	       int,               /* qop_req */
707	       gss_buffer_t,      /* message_buffer */
708	       gss_buffer_t       /* message_token */
709	      );
710
711
712OM_uint32 gss_verify
713	      (OM_uint32 *,       /* minor_status */
714	       gss_ctx_id_t,      /* context_handle */
715	       gss_buffer_t,      /* message_buffer */
716	       gss_buffer_t,      /* token_buffer */
717	       int *              /* qop_state */
718	      );
719
720OM_uint32 gss_seal
721	      (OM_uint32 *,       /* minor_status */
722	       gss_ctx_id_t,      /* context_handle */
723	       int,               /* conf_req_flag */
724	       int,               /* qop_req */
725	       gss_buffer_t,      /* input_message_buffer */
726	       int *,             /* conf_state */
727	       gss_buffer_t       /* output_message_buffer */
728	      );
729
730
731OM_uint32 gss_unseal
732	      (OM_uint32 *,       /* minor_status */
733	       gss_ctx_id_t,      /* context_handle */
734	       gss_buffer_t,      /* input_message_buffer */
735	       gss_buffer_t,      /* output_message_buffer */
736	       int *,             /* conf_state */
737	       int *              /* qop_state */
738	      );
739
740/*
741 * Other extensions and helper functions.
742 */
743
744int gss_oid_equal
745	      (const gss_OID,	  /* first OID to compare */
746	       const gss_OID	  /* second OID to compare */
747	      );
748
749OM_uint32 gss_release_oid
750	      (OM_uint32 *,	  /* minor status */
751	       gss_OID *	  /* oid to free */
752	      );
753
754OM_uint32 gss_decapsulate_token
755	      (const gss_buffer_t,  /* mechanism independent token */
756	       gss_OID,		 /* desired mechanism */
757	       gss_buffer_t	 /* decapsulated mechanism dependent token */
758	      );
759
760OM_uint32 gss_encapsulate_token
761	      (const gss_buffer_t,  /* mechanism dependent token */
762	       gss_OID,		 /* desired mechanism */
763	       gss_buffer_t	 /* encapsulated mechanism independent token */
764	      );
765
766OM_uint32 gss_duplicate_oid
767              (OM_uint32 *,	/* minor status */
768	       const gss_OID,	/* oid to copy */
769	       gss_OID *	/* result */
770	      );
771
772OM_uint32 gss_oid_to_str
773	      (OM_uint32 *,	/* minor status */
774	       gss_OID,		/* oid to convert */
775	       gss_buffer_t	/* buffer to contain string */
776	      );
777
778typedef struct gss_buffer_set_desc_struct  {
779  size_t	count;
780  gss_buffer_desc *elements;
781} gss_buffer_set_desc, *gss_buffer_set_t;
782
783#define GSS_C_NO_BUFFER_SET ((gss_buffer_set_t) 0)
784
785OM_uint32 gss_create_empty_buffer_set
786	      (OM_uint32 *,		/* minor status */
787	       gss_buffer_set_t *	/* location for new buffer set */
788	      );
789
790OM_uint32 gss_add_buffer_set_member
791	      (OM_uint32 *,		/* minor status */
792	       gss_buffer_t,		/* buffer to add */
793	       gss_buffer_set_t *	/* set to add to */
794	      );
795
796OM_uint32 gss_release_buffer_set
797	      (OM_uint32 *,		/* minor status */
798	       gss_buffer_set_t *	/* set to release */
799	      );
800
801OM_uint32 gss_inquire_sec_context_by_oid
802	      (OM_uint32 *,		/* minor_status */
803	       const gss_ctx_id_t,	/* context_handle */
804	       const gss_OID,		/* desired_object */
805	       gss_buffer_set_t *	/* result */
806	      );
807
808OM_uint32 gss_inquire_cred_by_oid
809	      (OM_uint32 *,		/* minor_status */
810	       const gss_cred_id_t,	/* cred_handle */
811	       const gss_OID,		/* desired_object */
812	       gss_buffer_set_t *	/* result */
813	      );
814
815OM_uint32 gss_set_sec_context_option
816	      (OM_uint32 *,		/* minor status */
817	       gss_ctx_id_t *,		/* context */
818	       const gss_OID,		/* option to set */
819	       const gss_buffer_t	/* option value */
820	      );
821
822OM_uint32 gss_set_cred_option
823	      (OM_uint32 *,		/* minor status */
824	       gss_cred_id_t *,		/* cred */
825	       const gss_OID,		/* option to set */
826	       const gss_buffer_t	/* option value */
827	      );
828
829OM_uint32 gss_pseudo_random
830	      (OM_uint32 *,		/* minor status */
831	       gss_ctx_id_t,		/* context handle */
832	       int prf_key,		/* XXX */
833	       const gss_buffer_t,	/* data to seed generator */
834	       ssize_t,			/* amount of data required */
835	       gss_buffer_t		/* buffer for result */
836	      );
837
838#ifdef _UID_T_DECLARED
839OM_uint32 gss_pname_to_uid
840	      (OM_uint32 *,		/* minor status */
841	       const gss_name_t pname,	/* principal name */
842	       const gss_OID mech,	/* mechanism to query */
843	       uid_t *uidp		/* pointer to UID for result */
844	      );
845#endif
846
847__END_DECLS
848
849#endif /* _GSSAPI_GSSAPI_H_ */