summaryrefslogtreecommitdiff
path: root/source3/librpc/crypto/gse.h
diff options
context:
space:
mode:
authorSimo Sorce <idra@samba.org>2010-09-01 11:58:33 -0400
committerGünther Deschner <gd@samba.org>2010-09-23 10:36:54 -0700
commit0e5eb82a6f29e33ca2cafe0ed7103395837b3fc0 (patch)
treeb451c24a267ab7817a3d19245abc800968b39a1a /source3/librpc/crypto/gse.h
parentffdfcfb514c1a0849ba334ae6b9b00d3ad3c2227 (diff)
downloadsamba-0e5eb82a6f29e33ca2cafe0ed7103395837b3fc0.tar.gz
samba-0e5eb82a6f29e33ca2cafe0ed7103395837b3fc0.tar.bz2
samba-0e5eb82a6f29e33ca2cafe0ed7103395837b3fc0.zip
s3-dcerpc: move crypto stuff in /librpc/crypto
Signed-off-by: Günther Deschner <gd@samba.org>
Diffstat (limited to 'source3/librpc/crypto/gse.h')
-rw-r--r--source3/librpc/crypto/gse.h77
1 files changed, 77 insertions, 0 deletions
diff --git a/source3/librpc/crypto/gse.h b/source3/librpc/crypto/gse.h
new file mode 100644
index 0000000000..6f8b6735ad
--- /dev/null
+++ b/source3/librpc/crypto/gse.h
@@ -0,0 +1,77 @@
+/*
+ * GSSAPI Security Extensions
+ * RPC Pipe client routines
+ * Copyright (C) Simo Sorce 2010.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef _GSE_H_
+#define _GSE_H_
+
+struct gse_context;
+
+#ifndef GSS_C_DCE_STYLE
+#define GSS_C_DCE_STYLE 0x1000
+#endif
+
+NTSTATUS gse_init_client(TALLOC_CTX *mem_ctx,
+ enum dcerpc_AuthType auth_type,
+ enum dcerpc_AuthLevel auth_level,
+ const char *ccache_name,
+ const char *server,
+ const char *service,
+ const char *username,
+ const char *password,
+ uint32_t add_gss_c_flags,
+ struct gse_context **_gse_ctx);
+NTSTATUS gse_get_client_auth_token(TALLOC_CTX *mem_ctx,
+ struct gse_context *gse_ctx,
+ DATA_BLOB *token_in,
+ DATA_BLOB *token_out);
+
+NTSTATUS gse_init_server(TALLOC_CTX *mem_ctx,
+ enum dcerpc_AuthType auth_type,
+ enum dcerpc_AuthLevel auth_level,
+ uint32_t add_gss_c_flags,
+ const char *server,
+ const char *keytab,
+ struct gse_context **_gse_ctx);
+NTSTATUS gse_get_server_auth_token(TALLOC_CTX *mem_ctx,
+ struct gse_context *gse_ctx,
+ DATA_BLOB *token_in,
+ DATA_BLOB *token_out);
+NTSTATUS gse_verify_server_auth_flags(struct gse_context *gse_ctx);
+
+bool gse_require_more_processing(struct gse_context *gse_ctx);
+DATA_BLOB gse_get_session_key(TALLOC_CTX *mem_ctx,
+ struct gse_context *gse_ctx);
+NTSTATUS gse_get_client_name(struct gse_context *gse_ctx,
+ TALLOC_CTX *mem_ctx, char **client_name);
+NTSTATUS gse_get_authz_data(struct gse_context *gse_ctx,
+ TALLOC_CTX *mem_ctx, DATA_BLOB *pac);
+NTSTATUS gse_get_authtime(struct gse_context *gse_ctx, time_t *authtime);
+
+size_t gse_get_signature_length(struct gse_context *gse_ctx,
+ int seal, size_t payload_size);
+NTSTATUS gse_seal(TALLOC_CTX *mem_ctx, struct gse_context *gse_ctx,
+ DATA_BLOB *data, DATA_BLOB *signature);
+NTSTATUS gse_unseal(TALLOC_CTX *mem_ctx, struct gse_context *gse_ctx,
+ DATA_BLOB *data, DATA_BLOB *signature);
+NTSTATUS gse_sign(TALLOC_CTX *mem_ctx, struct gse_context *gse_ctx,
+ DATA_BLOB *data, DATA_BLOB *signature);
+NTSTATUS gse_sigcheck(TALLOC_CTX *mem_ctx, struct gse_context *gse_ctx,
+ DATA_BLOB *data, DATA_BLOB *signature);
+
+#endif /* _GSE_H_ */