« back to all changes in this revision
Viewing changes to globus_gss_assist.h
- browse files at revision 1
- compare with another revision
- download diff
- download tarball
- view history from revision 1
- Committer: Bazaar Package Importer
- Author(s): Mattias Ellert
- Date: 2009-04-18 20:17:33 UTC
- Revision ID: james.westby@ubuntu.com-20090418201733-xl4r26mgda1shx4q
Tags: upstream-4.0
ImportĀ upstreamĀ versionĀ 4.0
- files added:
- autom4te.cache
- doxygen
- pkgdata
- programs
- win32
added
removed
globus_gss_assist.h
1
/*
2
* Copyright 1999-2006 University of Chicago
3
*
4
* Licensed under the Apache License, Version 2.0 (the "License");
5
* you may not use this file except in compliance with the License.
6
* You may obtain a copy of the License at
7
*
8
* http://www.apache.org/licenses/LICENSE-2.0
9
*
10
* Unless required by applicable law or agreed to in writing, software
11
* distributed under the License is distributed on an "AS IS" BASIS,
12
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
* See the License for the specific language governing permissions and
14
* limitations under the License.
15
*/
16
17
#ifndef GLOBUS_DONT_DOCUMENT_INTERNAL
18
/**
19
* @file globus_gss_assist.h
20
* GSS Assist Header
21
*
22
* $RCSfile: globus_gss_assist.h,v $
23
* $Revision: 1.13 $
24
* $Date $
25
*/
26
#endif
27
28
#ifndef _GLOBUS_GSS_ASSIST_H
29
#define _GLOBUS_GSS_ASSIST_H
30
31
#ifndef EXTERN_C_BEGIN
32
# ifdef __cplusplus
33
# define EXTERN_C_BEGIN extern "C" {
34
# define EXTERN_C_END }
35
# else
36
# define EXTERN_C_BEGIN
37
# define EXTERN_C_END
38
# endif
39
#endif
40
41
EXTERN_C_BEGIN
42
43
#include "gssapi.h"
44
#include <stdio.h>
45
#include <stdlib.h>
46
47
/**
48
* @defgroup globus_gsi_gss_assist_activation Activation
49
*
50
* Globus GSI GSS Assist uses standard Globus module activation and
51
* deactivation. Before any Globus GSS Assist functions are called,
52
* the following function must be called:
53
*
54
* @code
55
* globus_module_activate(GLOBUS_GSI_GSS_ASSIST_MODULE);
56
* @endcode
57
*
58
* This function returns GLOBUS_SUCCESS if Globus GSI GSS Assist was
59
* successfully initialized, and you are therefore allowed to
60
* call GSS Assist functions. Otherwise, an error code is returned,
61
* and GSS Assist functions should not be subsequently called.
62
* This function may be called multiple times.
63
*
64
* To deactivate Globus GSS Assist, the following function must be called:
65
*
66
* @code
67
* globus_module_deactivate(GLOBUS_GSI_GSS_ASSIST_MODULE)
68
* @endcode
69
*
70
* This function should be called once for each time Globus GSI GSS Assist
71
* was activated.
72
*/
73
74
/**
75
* Module descriptor
76
* @ingroup globus_gsi_gss_assist_activation
77
* @hideinitializer
78
*/
79
#define GLOBUS_GSI_GSS_ASSIST_MODULE (&globus_i_gsi_gss_assist_module)
80
81
extern
82
globus_module_descriptor_t globus_i_gsi_gss_assist_module;
83
84
/**
85
* @defgroup globus_gsi_gss_assist Utility Functions
86
*
87
* Utility functions for GSSAPI
88
*/
89
#define _GASL(s) globus_common_i18n_get_string( \
90
GLOBUS_GSI_GSS_ASSIST_MODULE, \
91
s)
92
#include "globus_gss_assist_constants.h"
93
94
95
#define GLOBUS_GSS_ASSIST_TOKEN_ERR_MALLOC 1
96
#define GLOBUS_GSS_ASSIST_TOKEN_ERR_BAD_SIZE 2
97
#define GLOBUS_GSS_ASSIST_TOKEN_EOF 3
98
#define GLOBUS_GSS_ASSIST_TOKEN_NOT_FOUND 4
99
100
/* for kerberos v5.1.0.5 compatability we need this */
101
#ifndef GSS_C_NO_NAME
102
#define GSS_C_NO_NAME ((gss_name_t *) 0)
103
#define GSS_ASSIST_KRB5_HACK
104
#endif
105
106
/* for the globus_gss_assist_ex flags: */
107
108
#define GLOBUS_GSS_ASSIST_EX_SEND_WITHOUT_LENGTH 1
109
110
typedef struct globus_gss_assist_ex_st
111
{
112
void * arg;
113
int flags;
114
} globus_gss_assist_ex;
115
116
/*
117
* Get and send gss tokens using verious methods
118
* These are used by the gss_assist_init_sec_context
119
* gss_assist_accept_sec_context, gss_assist_get_unwrap
120
* and gss_assist_wrap_send
121
* Arg depends on the method being used,
122
* FILE * for a fd, socket * for the nexus version
123
* You may provide your own versions as well.
124
* The _ex versions accept a globus_gss_assist_ex structure
125
* which has in addition the arg, some flags.
126
*/
127
extern int
128
globus_gss_assist_token_get_fd(
129
void * arg,
130
void ** bufp,
131
size_t * sizep);
132
133
extern int
134
globus_gss_assist_token_send_fd(
135
void * arg,
136
void * buf,
137
size_t size);
138
139
extern int
140
globus_gss_assist_token_send_fd_ex(
141
void * arg,
142
void * buf,
143
size_t size);
144
145
extern int
146
globus_gss_assist_token_send_fd_without_length(
147
void * arg,
148
void * buf,
149
size_t size);
150
151
extern int
152
globus_gss_assist_token_get_nexus(
153
void * arg,
154
void ** bufp,
155
size_t * sizep);
156
157
extern int
158
globus_gss_assist_token_send_nexus(
159
void * arg,
160
void * bufp,
161
size_t sizep);
162
163
extern int
164
globus_gss_assist_token_send_nexus_ex(
165
void * arg,
166
void * bufp,
167
size_t sizep);
168
169
extern int
170
globus_gss_assist_token_send_nexus_without_length(
171
void * arg,
172
void * bufp,
173
size_t sizep);
174
175
/*
176
* globus_gss_assist_acquire_cred, assist with the gss_acquire_cred
177
*/
178
extern OM_uint32
179
globus_gss_assist_acquire_cred(
180
OM_uint32 *, /* minor_status */
181
gss_cred_usage_t, /* cred_usage */
182
gss_cred_id_t * /* output_cred_handle */);
183
184
/*
185
* globus_gss_assist_acquire_cred_ext, assist with the gss_acquire_cred
186
*/
187
extern OM_uint32
188
globus_gss_assist_acquire_cred_ext(
189
OM_uint32 *, /* minor_status */
190
char *, /* desired_name_char */
191
OM_uint32, /* time_req */
192
const gss_OID_set, /* desired_mechs */
193
gss_cred_usage_t, /* cred_usage */
194
gss_cred_id_t *, /* output_cred_handle */
195
gss_OID_set *, /* actual_mechs */
196
OM_uint32 * /* time_rec */);
197
198
/*
199
* gss_assist_accept_sec_context - takes care of looping
200
* over multiple tokens using the get and send tokens
201
* routines
202
*/
203
extern OM_uint32
204
globus_gss_assist_accept_sec_context(
205
OM_uint32 *, /* minor_status */
206
gss_ctx_id_t *, /* context_handle */
207
const gss_cred_id_t, /* acceptor_cred_handle */
208
char **, /* src_name as char ** */
209
OM_uint32 *, /* ret_flags */
210
int *, /* user_to_user_flag */
211
int *, /* token_status */
212
gss_cred_id_t *, /* delegated_cred_handle */
213
int (* get_token)(void *, void **, size_t *),
214
void * get_context,
215
int (* send_token)(void *, void *, size_t),
216
void * send_context);
217
218
/*
219
* globus_gss_assist_accept_sec_context_async - async version of
220
* globus_gss_assist_accept_sec_context().
221
*/
222
extern OM_uint32
223
globus_gss_assist_accept_sec_context_async(
224
OM_uint32 * minor_status,
225
gss_ctx_id_t * context_handle,
226
const gss_cred_id_t cred_handle,
227
char ** src_name_char,
228
OM_uint32 * ret_flags,
229
int * user_to_user_flag,
230
void * input_buffer,
231
size_t input_buffer_len,
232
void ** output_bufferp,
233
size_t * output_buffer_lenp,
234
gss_cred_id_t * delegated_cred_handle);
235
236
/*
237
* globus_gss_assist_init_sec_context - takes care of looping
238
* over multiple tokens using the get and send tokens
239
* routines
240
*/
241
extern OM_uint32
242
globus_gss_assist_init_sec_context(
243
OM_uint32 *, /* minor_status */
244
const gss_cred_id_t, /* initiator_cred_handle */
245
gss_ctx_id_t *, /* context_handle */
246
char *, /* target_name as char * */
247
OM_uint32, /* req_flags */
248
OM_uint32 *, /* ret_flags */
249
int *, /* token_status */
250
int (* get_token)(void *, void **, size_t *),
251
void * get_arg,
252
int (* send_token)(void *, void *, size_t),
253
void * send_arg);
254
255
/*
256
* globus_gss_assist_init_sec_context_async - async version of
257
* globus_gss_assist_init_sec_context().
258
*/
259
extern OM_uint32
260
globus_gss_assist_init_sec_context_async(
261
OM_uint32 * minor_status,
262
const gss_cred_id_t cred_handle,
263
gss_ctx_id_t * context_handle,
264
char * target_name_char,
265
OM_uint32 req_flags,
266
OM_uint32 * ret_flags,
267
void * input_buffer,
268
size_t input_buffer_len,
269
void ** output_bufferp,
270
size_t * output_buffer_lenp);
271
272
/*
273
* globus_gss_assist_display_status - used gss_display_status
274
*/
275
extern OM_uint32
276
globus_gss_assist_display_status(
277
FILE *, /* where to print */
278
char *, /* comment */
279
OM_uint32, /* major_status */
280
OM_uint32, /* minor_status */
281
int /* token_status */);
282
283
extern OM_uint32
284
globus_gss_assist_display_status_str(
285
char **, /* string returned with newlines */
286
char *, /* comment */
287
OM_uint32, /* major_status */
288
OM_uint32, /* minor_status */
289
int /* token_status */);
290
291
/*
292
* globus_gss_assist_wrap_send - used to wrap a
293
* simple message and send it
294
*/
295
extern OM_uint32
296
globus_gss_assist_wrap_send(
297
OM_uint32 * minor_status,
298
const gss_ctx_id_t context_handle,
299
char * data,
300
size_t length,
301
int * token_status,
302
int (*gss_assist_send_token)(void *, void *, size_t),
303
void * gss_assist_send_context,
304
FILE * fperr);
305
306
/*
307
* globus_gss_assist_get_unwrap - used to get and unwrap a message
308
*/
309
extern OM_uint32
310
globus_gss_assist_get_unwrap(
311
OM_uint32 * minor_status,
312
const gss_ctx_id_t context_handle,
313
char ** data,
314
size_t * length,
315
int * token_status,
316
int (*gss_assist_get_token)(void *, void **, size_t *),
317
void * gss_assist_get_context,
318
FILE * fperr);
319
320
/*
321
* globus_gss_assist_will_handle_restrictions - used to tell openssl
322
* that the application will deal with the restrictions extension
323
*/
324
OM_uint32
325
globus_gss_assist_will_handle_restrictions(
326
OM_uint32 * minor_status,
327
gss_ctx_id_t * context_handle);
328
329
330
/*
331
* globus_gss_assist_import_sec_context - read a security context
332
*/
333
extern OM_uint32
334
globus_gss_assist_export_sec_context(
335
OM_uint32 * minor_status,
336
gss_ctx_id_t * context_handle,
337
int * token_status,
338
int fdp,
339
FILE * fperr);
340
341
/*
342
* globus_gss_assist_import_sec_context - read a security context
343
*/
344
extern OM_uint32
345
globus_gss_assist_import_sec_context(
346
OM_uint32 * minor_status,
347
gss_ctx_id_t * context_handle,
348
int * token_status,
349
int fdp,
350
FILE * fperr);
351
352
353
globus_result_t
354
globus_gss_assist_authorization_host_name(
355
char * hostname,
356
gss_name_t * authorization_hostname);
357
358
/*
359
* globus_gss_assist_gridmap - used to map a
360
* src_name to a local userid
361
* This is not really part of authentication,
362
* but rather authorization.
363
*/
364
extern int
365
globus_gss_assist_gridmap(
366
char * globusidp,
367
char ** useridp);
368
369
extern int
370
globus_gss_assist_userok(
371
char * globusid,
372
char * userid);
373
374
extern int
375
globus_gss_assist_map_local_user(
376
char * local_user,
377
char ** globusidp);
378
379
globus_result_t
380
globus_gss_assist_lookup_all_globusid(
381
char * username,
382
char ** dns[],
383
int * dn_count);
384
385
globus_result_t
386
globus_gss_assist_map_and_authorize(
387
gss_ctx_id_t context,
388
char * service,
389
char * desired_identity,
390
char * identity_buffer,
391
unsigned int identity_buffer_length);
392
393
394
395
#define GlobusGssAssistFreeDNArray(dn_a) \
396
{ \
397
int __ctr = 0; \
398
while(dn_a[__ctr] != NULL) \
399
{ \
400
free(dn_a[__ctr]); \
401
__ctr++; \
402
} \
403
free(dn_a); \
404
}
405
406
407
EXTERN_C_END
408
409
#endif /* _GLOBUS_GSS_ASSIST_H */
Loggerhead is a web-based interface for Breezy
Version: 2.0.1