From 0e5eb82a6f29e33ca2cafe0ed7103395837b3fc0 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Wed, 1 Sep 2010 11:58:33 -0400 Subject: s3-dcerpc: move crypto stuff in /librpc/crypto MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Günther Deschner --- source3/librpc/crypto/gse.h | 77 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 77 insertions(+) create mode 100644 source3/librpc/crypto/gse.h (limited to 'source3/librpc/crypto/gse.h') diff --git a/source3/librpc/crypto/gse.h b/source3/librpc/crypto/gse.h new file mode 100644 index 0000000000..6f8b6735ad --- /dev/null +++ b/source3/librpc/crypto/gse.h @@ -0,0 +1,77 @@ +/* + * GSSAPI Security Extensions + * RPC Pipe client routines + * Copyright (C) Simo Sorce 2010. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#ifndef _GSE_H_ +#define _GSE_H_ + +struct gse_context; + +#ifndef GSS_C_DCE_STYLE +#define GSS_C_DCE_STYLE 0x1000 +#endif + +NTSTATUS gse_init_client(TALLOC_CTX *mem_ctx, + enum dcerpc_AuthType auth_type, + enum dcerpc_AuthLevel auth_level, + const char *ccache_name, + const char *server, + const char *service, + const char *username, + const char *password, + uint32_t add_gss_c_flags, + struct gse_context **_gse_ctx); +NTSTATUS gse_get_client_auth_token(TALLOC_CTX *mem_ctx, + struct gse_context *gse_ctx, + DATA_BLOB *token_in, + DATA_BLOB *token_out); + +NTSTATUS gse_init_server(TALLOC_CTX *mem_ctx, + enum dcerpc_AuthType auth_type, + enum dcerpc_AuthLevel auth_level, + uint32_t add_gss_c_flags, + const char *server, + const char *keytab, + struct gse_context **_gse_ctx); +NTSTATUS gse_get_server_auth_token(TALLOC_CTX *mem_ctx, + struct gse_context *gse_ctx, + DATA_BLOB *token_in, + DATA_BLOB *token_out); +NTSTATUS gse_verify_server_auth_flags(struct gse_context *gse_ctx); + +bool gse_require_more_processing(struct gse_context *gse_ctx); +DATA_BLOB gse_get_session_key(TALLOC_CTX *mem_ctx, + struct gse_context *gse_ctx); +NTSTATUS gse_get_client_name(struct gse_context *gse_ctx, + TALLOC_CTX *mem_ctx, char **client_name); +NTSTATUS gse_get_authz_data(struct gse_context *gse_ctx, + TALLOC_CTX *mem_ctx, DATA_BLOB *pac); +NTSTATUS gse_get_authtime(struct gse_context *gse_ctx, time_t *authtime); + +size_t gse_get_signature_length(struct gse_context *gse_ctx, + int seal, size_t payload_size); +NTSTATUS gse_seal(TALLOC_CTX *mem_ctx, struct gse_context *gse_ctx, + DATA_BLOB *data, DATA_BLOB *signature); +NTSTATUS gse_unseal(TALLOC_CTX *mem_ctx, struct gse_context *gse_ctx, + DATA_BLOB *data, DATA_BLOB *signature); +NTSTATUS gse_sign(TALLOC_CTX *mem_ctx, struct gse_context *gse_ctx, + DATA_BLOB *data, DATA_BLOB *signature); +NTSTATUS gse_sigcheck(TALLOC_CTX *mem_ctx, struct gse_context *gse_ctx, + DATA_BLOB *data, DATA_BLOB *signature); + +#endif /* _GSE_H_ */ -- cgit