summaryrefslogtreecommitdiff
path: root/source4/heimdal/lib/gssapi/gssapi_locl.h
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2006-11-07 06:59:56 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:25:03 -0500
commit3c1e780ec7e16dc6667402bbc65708bf9a5c062f (patch)
tree2102bb577ea9f00751b8c869b0a5c756fc2ae8e5 /source4/heimdal/lib/gssapi/gssapi_locl.h
parent8b91594e0936bbaedf5430406fcf8df3ea406c10 (diff)
downloadsamba-3c1e780ec7e16dc6667402bbc65708bf9a5c062f.tar.gz
samba-3c1e780ec7e16dc6667402bbc65708bf9a5c062f.tar.bz2
samba-3c1e780ec7e16dc6667402bbc65708bf9a5c062f.zip
r19604: This is a massive commit, and I appologise in advance for it's size.
This merges Samba4 with lorikeet-heimdal, which itself has been tracking Heimdal CVS for the past couple of weeks. This is such a big change because Heimdal reorganised it's internal structures, with the mechglue merge, and because many of our 'wishes' have been granted: we now have DCE_STYLE GSSAPI, send_to_kdc hooks and many other features merged into the mainline code. We have adapted to upstream's choice of API in these cases. In gensec_gssapi and gensec_krb5, we either expect a valid PAC, or NO PAC. This matches windows behavour. We also have an option to require the PAC to be present (which allows us to automate the testing of this code). This also includes a restructure of how the kerberos dependencies are handled, due to the fallout of the merge. Andrew Bartlett (This used to be commit 4826f1735197c2a471d771495e6d4c1051b4c471)
Diffstat (limited to 'source4/heimdal/lib/gssapi/gssapi_locl.h')
-rw-r--r--source4/heimdal/lib/gssapi/gssapi_locl.h315
1 files changed, 0 insertions, 315 deletions
diff --git a/source4/heimdal/lib/gssapi/gssapi_locl.h b/source4/heimdal/lib/gssapi/gssapi_locl.h
deleted file mode 100644
index 81169a8500..0000000000
--- a/source4/heimdal/lib/gssapi/gssapi_locl.h
+++ /dev/null
@@ -1,315 +0,0 @@
-/*
- * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: gssapi_locl.h,v 1.45 2006/05/04 11:56:14 lha Exp $ */
-
-#ifndef GSSAPI_LOCL_H
-#define GSSAPI_LOCL_H
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#include <krb5_locl.h>
-#include <gssapi.h>
-#include <assert.h>
-
-#include "cfx.h"
-#include "arcfour.h"
-
-#include "spnego_asn1.h"
-
-/*
- *
- */
-
-struct gss_msg_order;
-
-typedef struct gss_ctx_id_t_desc_struct {
- struct krb5_auth_context_data *auth_context;
- gss_name_t source, target;
- enum gss_ctx_id_t_state {
- INITIATOR_START = 1, INITIATOR_WAIT_FOR_MUTAL = 2, INITIATOR_READY= 3,
- ACCEPTOR_START = 11, ACCEPTOR_WAIT_FOR_DCESTYLE = 12, ACCEPTOR_READY = 13
- } state;
- OM_uint32 flags;
- enum {LOCAL = 1,
- OPEN = 2,
- COMPAT_OLD_DES3 = 4,
- COMPAT_OLD_DES3_SELECTED = 8,
- ACCEPTOR_SUBKEY = 16
- } more_flags;
- struct krb5_ticket *ticket;
- krb5_keyblock *service_keyblock;
- krb5_data fwd_data;
- OM_uint32 lifetime;
- HEIMDAL_MUTEX ctx_id_mutex;
- struct gss_msg_order *order;
-} gss_ctx_id_t_desc;
-
-typedef struct gss_cred_id_t_desc_struct {
- gss_name_t principal;
- int cred_flags;
-#define GSS_CF_DESTROY_CRED_ON_RELEASE 1
- struct krb5_keytab_data *keytab;
- OM_uint32 lifetime;
- gss_cred_usage_t usage;
- gss_OID_set mechanisms;
- struct krb5_ccache_data *ccache;
- HEIMDAL_MUTEX cred_id_mutex;
-} gss_cred_id_t_desc;
-
-/*
- *
- */
-
-extern krb5_context gssapi_krb5_context;
-
-extern krb5_keytab gssapi_krb5_keytab;
-extern HEIMDAL_MUTEX gssapi_keytab_mutex;
-
-struct gssapi_thr_context {
- HEIMDAL_MUTEX mutex;
- char *error_string;
-};
-
-/*
- * Prototypes
- */
-
-krb5_error_code gssapi_krb5_init (void);
-
-krb5_error_code gssapi_krb5_init_ev (void *);
-
-#define GSSAPI_KRB5_INIT() do { \
- krb5_error_code kret_gss_init; \
- if((kret_gss_init = gssapi_krb5_init ()) != 0) { \
- *minor_status = kret_gss_init; \
- return GSS_S_FAILURE; \
- } \
-} while (0)
-
-struct gssapi_thr_context *
-gssapi_get_thread_context(int);
-
-OM_uint32
-_gsskrb5_create_ctx(
- OM_uint32 * minor_status,
- gss_ctx_id_t * context_handle,
- const gss_channel_bindings_t input_chan_bindings,
- enum gss_ctx_id_t_state state);
-
-void
-gsskrb5_is_cfx(gss_ctx_id_t, int *);
-
-OM_uint32
-gssapi_krb5_create_8003_checksum (
- OM_uint32 *minor_status,
- const gss_channel_bindings_t input_chan_bindings,
- OM_uint32 flags,
- const krb5_data *fwd_data,
- Checksum *result);
-
-OM_uint32
-gssapi_krb5_verify_8003_checksum (
- OM_uint32 *minor_status,
- const gss_channel_bindings_t input_chan_bindings,
- const Checksum *cksum,
- OM_uint32 *flags,
- krb5_data *fwd_data);
-
-void
-_gssapi_encap_length (size_t data_len,
- size_t *len,
- size_t *total_len,
- const gss_OID mech);
-
-void
-gssapi_krb5_encap_length (size_t data_len,
- size_t *len,
- size_t *total_len,
- const gss_OID mech);
-
-
-
-OM_uint32
-_gssapi_encapsulate(OM_uint32 *minor_status,
- const krb5_data *in_data,
- gss_buffer_t output_token,
- const gss_OID mech);
-
-
-OM_uint32
-gssapi_krb5_encapsulate(OM_uint32 *minor_status,
- const krb5_data *in_data,
- gss_buffer_t output_token,
- const u_char *type,
- const gss_OID mech);
-
-OM_uint32
-gssapi_krb5_decapsulate(OM_uint32 *minor_status,
- gss_buffer_t input_token_buffer,
- krb5_data *out_data,
- const char *type,
- gss_OID oid);
-
-u_char *
-gssapi_krb5_make_header (u_char *p,
- size_t len,
- const u_char *type,
- const gss_OID mech);
-
-u_char *
-_gssapi_make_mech_header(u_char *p,
- size_t len,
- const gss_OID mech);
-
-OM_uint32
-_gssapi_verify_mech_header(u_char **str,
- size_t total_len,
- gss_OID oid);
-
-OM_uint32
-gssapi_krb5_verify_header(u_char **str,
- size_t total_len,
- const u_char *type,
- gss_OID oid);
-
-OM_uint32
-_gssapi_decapsulate(OM_uint32 *minor_status,
- gss_buffer_t input_token_buffer,
- krb5_data *out_data,
- const gss_OID mech);
-
-
-ssize_t
-gssapi_krb5_get_mech (const u_char *, size_t, const u_char **);
-
-OM_uint32
-_gssapi_verify_pad(gss_buffer_t, size_t, size_t *);
-
-OM_uint32
-gss_verify_mic_internal(OM_uint32 * minor_status,
- const gss_ctx_id_t context_handle,
- const gss_buffer_t message_buffer,
- const gss_buffer_t token_buffer,
- gss_qop_t * qop_state,
- char * type);
-
-OM_uint32
-gss_krb5_get_subkey(const gss_ctx_id_t context_handle,
- krb5_keyblock **key);
-
-krb5_error_code
-gss_address_to_krb5addr(OM_uint32 gss_addr_type,
- gss_buffer_desc *gss_addr,
- int16_t port,
- krb5_address *address);
-
-/* sec_context flags */
-
-#define SC_LOCAL_ADDRESS 0x01
-#define SC_REMOTE_ADDRESS 0x02
-#define SC_KEYBLOCK 0x04
-#define SC_LOCAL_SUBKEY 0x08
-#define SC_REMOTE_SUBKEY 0x10
-
-int
-gss_oid_equal(const gss_OID a, const gss_OID b);
-
-void
-gssapi_krb5_clear_status (void);
-
-void
-gssapi_krb5_set_status (const char *fmt, ...);
-
-void
-gssapi_krb5_set_error_string (void);
-
-char *
-gssapi_krb5_get_error_string (void);
-
-OM_uint32
-_gss_DES3_get_mic_compat(OM_uint32 *, gss_ctx_id_t);
-
-OM_uint32
-_gss_spnego_require_mechlist_mic(OM_uint32 *, gss_ctx_id_t, krb5_boolean *);
-
-krb5_error_code
-_gss_check_compat(OM_uint32 *, gss_name_t, const char *,
- krb5_boolean *, krb5_boolean);
-
-OM_uint32
-gssapi_lifetime_left(OM_uint32 *, OM_uint32, OM_uint32 *);
-
-OM_uint32
-_gssapi_krb5_ccache_lifetime(OM_uint32 *, krb5_ccache,
- krb5_principal, OM_uint32 *);
-
-/* sequence */
-
-OM_uint32
-_gssapi_msg_order_create(OM_uint32 *, struct gss_msg_order **,
- OM_uint32, OM_uint32, OM_uint32, int);
-OM_uint32
-_gssapi_msg_order_destroy(struct gss_msg_order **);
-
-OM_uint32
-_gssapi_msg_order_check(struct gss_msg_order *, OM_uint32);
-
-OM_uint32
-_gssapi_msg_order_f(OM_uint32);
-
-OM_uint32
-_gssapi_msg_order_import(OM_uint32 *, krb5_storage *,
- struct gss_msg_order **);
-
-krb5_error_code
-_gssapi_msg_order_export(krb5_storage *, struct gss_msg_order *);
-
-
-/* 8003 */
-
-krb5_error_code
-gssapi_encode_om_uint32(OM_uint32, u_char *);
-
-krb5_error_code
-gssapi_encode_be_om_uint32(OM_uint32, u_char *);
-
-krb5_error_code
-gssapi_decode_om_uint32(const void *, OM_uint32 *);
-
-krb5_error_code
-gssapi_decode_be_om_uint32(const void *, OM_uint32 *);
-
-#endif
generated by cgit (git 2.34.1) at 2024-08-28 10:35:01 +0000