#ifndef _GSS_MECHGLUEP_H
#define _GSS_MECHGLUEP_H
#if 0
#include "autoconf.h"
#endif
#ifndef GSS_DLLIMP
#define GSS_DLLIMP
#endif
#include <gssapi/gssapi_ext.h>
#if 0
#include "gssapiP_generic.h"
#endif
#ifdef _KERNEL
#include <rpc/rpc.h>
#endif
#ifndef g_OID_copy
#define g_OID_copy(o1, o2) \
do { \
memcpy((o1)->elements, (o2)->elements, (o2)->length); \
(o1)->length = (o2)->length; \
} while (0)
#endif
#define GSS_EMPTY_BUFFER(buf) ((buf) == NULL ||\
(buf)->value == NULL || (buf)->length == 0)
typedef struct gss_union_ctx_id_t {
gss_OID mech_type;
gss_ctx_id_t internal_ctx_id;
} gss_union_ctx_id_desc, *gss_union_ctx_id_t;
typedef struct gss_name_struct {
struct gss_name_struct *loopback;
gss_OID name_type;
gss_buffer_t external_name;
gss_OID mech_type;
gss_name_t mech_name;
} gss_union_name_desc, *gss_union_name_t;
typedef struct gss_mech_spec_name_t {
gss_OID name_type;
gss_OID mech;
struct gss_mech_spec_name_t *next, *prev;
} gss_mech_spec_name_desc, *gss_mech_spec_name;
typedef struct gss_union_cred_auxinfo {
gss_buffer_desc name;
gss_OID name_type;
OM_uint32 creation_time;
OM_uint32 time_rec;
int cred_usage;
} gss_union_cred_auxinfo;
typedef struct gss_union_cred_t {
int count;
gss_OID mechs_array;
gss_cred_id_t *cred_array;
gss_union_cred_auxinfo auxinfo;
} gss_union_cred_desc, *gss_union_cred_t;
typedef OM_uint32 (*gss_acquire_cred_with_password_sfct)(
void *,
OM_uint32 *,
const gss_name_t,
const gss_buffer_t,
OM_uint32,
const gss_OID_set,
int,
gss_cred_id_t *,
gss_OID_set *,
OM_uint32 *
);
#if 0
#define GSSINT_CHK_LOOP(p) (!((p) != NULL && (p)->loopback == (p)))
#else
#define GSSINT_CHK_LOOP(p) ((p) == NULL)
#endif
typedef struct gss_config {
#if 0
OM_uint32 priority;
char * mechNameStr;
#endif
gss_OID_desc mech_type;
void * context;
#ifdef _KERNEL
struct gss_config *next;
bool_t uses_kmod;
#endif
#ifndef _KERNEL
OM_uint32 (*gss_acquire_cred)
(
void *,
OM_uint32 *,
const gss_name_t,
OM_uint32,
const gss_OID_set,
int,
gss_cred_id_t *,
gss_OID_set *,
OM_uint32 *
);
OM_uint32 (*gss_release_cred)
(
void *,
OM_uint32 *,
gss_cred_id_t *
);
OM_uint32 (*gss_init_sec_context)
(
void *,
OM_uint32 *,
const gss_cred_id_t,
gss_ctx_id_t *,
const gss_name_t,
const gss_OID,
OM_uint32,
OM_uint32,
const gss_channel_bindings_t,
const gss_buffer_t,
gss_OID*,
gss_buffer_t,
OM_uint32 *,
OM_uint32 *
);
OM_uint32 (*gss_accept_sec_context)
(
void *,
OM_uint32 *,
gss_ctx_id_t *,
const gss_cred_id_t,
const gss_buffer_t,
const gss_channel_bindings_t,
gss_name_t *,
gss_OID*,
gss_buffer_t,
OM_uint32 *,
OM_uint32 *,
gss_cred_id_t *
);
#endif
OM_uint32 (*gss_unseal)
(
void *,
OM_uint32 *,
const gss_ctx_id_t,
const gss_buffer_t,
gss_buffer_t,
int *,
int *
#ifdef _KERNEL
, OM_uint32
#endif
);
#ifndef _KERNEL
OM_uint32 (*gss_process_context_token)
(
void *,
OM_uint32 *,
const gss_ctx_id_t,
const gss_buffer_t
);
#endif
OM_uint32 (*gss_delete_sec_context)
(
void *,
OM_uint32 *,
gss_ctx_id_t *,
gss_buffer_t
#ifdef _KERNEL
, OM_uint32
#endif
);
#ifndef _KERNEL
OM_uint32 (*gss_context_time)
(
void *,
OM_uint32 *,
const gss_ctx_id_t,
OM_uint32 *
);
OM_uint32 (*gss_display_status)
(
void *,
OM_uint32 *,
OM_uint32,
int,
const gss_OID,
OM_uint32 *,
gss_buffer_t
);
OM_uint32 (*gss_indicate_mechs)
(
void *,
OM_uint32 *,
gss_OID_set *
);
OM_uint32 (*gss_compare_name)
(
void *,
OM_uint32 *,
const gss_name_t,
const gss_name_t,
int *
);
OM_uint32 (*gss_display_name)
(
void *,
OM_uint32 *,
const gss_name_t,
gss_buffer_t,
gss_OID*
);
OM_uint32 (*gss_import_name)
(
void *,
OM_uint32 *,
const gss_buffer_t,
const gss_OID,
gss_name_t *
);
OM_uint32 (*gss_release_name)
(
void *,
OM_uint32 *,
gss_name_t *
);
OM_uint32 (*gss_inquire_cred)
(
void *,
OM_uint32 *,
const gss_cred_id_t,
gss_name_t *,
OM_uint32 *,
int *,
gss_OID_set *
);
OM_uint32 (*gss_add_cred)
(
void *,
OM_uint32 *,
const gss_cred_id_t,
const gss_name_t,
const gss_OID,
gss_cred_usage_t,
OM_uint32,
OM_uint32,
gss_cred_id_t *,
gss_OID_set *,
OM_uint32 *,
OM_uint32 *
);
#endif
OM_uint32 (*gss_seal)
(
void *,
OM_uint32 *,
const gss_ctx_id_t,
int,
int,
const gss_buffer_t,
int *,
gss_buffer_t
#ifdef _KERNEL
, OM_uint32
#endif
);
#ifndef _KERNEL
OM_uint32 (*gss_export_sec_context)
(
void *,
OM_uint32 *,
gss_ctx_id_t *,
gss_buffer_t
);
#endif
OM_uint32 (*gss_import_sec_context)
(
void *,
OM_uint32 *,
const gss_buffer_t,
gss_ctx_id_t *
);
#ifndef _KERNEL
OM_uint32 (*gss_inquire_cred_by_mech)
(
void *,
OM_uint32 *,
const gss_cred_id_t,
const gss_OID,
gss_name_t *,
OM_uint32 *,
OM_uint32 *,
gss_cred_usage_t *
);
OM_uint32 (*gss_inquire_names_for_mech)
(
void *,
OM_uint32 *,
const gss_OID,
gss_OID_set *
);
OM_uint32 (*gss_inquire_context)
(
void *,
OM_uint32 *,
const gss_ctx_id_t,
gss_name_t *,
gss_name_t *,
OM_uint32 *,
gss_OID *,
OM_uint32 *,
int *,
int *
);
OM_uint32 (*gss_internal_release_oid)
(
void *,
OM_uint32 *,
gss_OID *
);
OM_uint32 (*gss_wrap_size_limit)
(
void *,
OM_uint32 *,
const gss_ctx_id_t,
int,
gss_qop_t,
OM_uint32,
OM_uint32 *
);
OM_uint32 (*pname_to_uid)
(
void *,
OM_uint32 *,
const gss_name_t,
uid_t *
);
OM_uint32 (*__gss_userok)
(
void *,
OM_uint32 *,
const gss_name_t,
const char *,
int *
);
OM_uint32 (*gss_export_name)
(
void *,
OM_uint32 *,
const gss_name_t,
gss_buffer_t
);
#endif
OM_uint32 (*gss_sign)
(
void *,
OM_uint32 *,
const gss_ctx_id_t,
int,
const gss_buffer_t,
gss_buffer_t
#ifdef _KERNEL
, OM_uint32
#endif
);
OM_uint32 (*gss_verify)
(
void *,
OM_uint32 *,
const gss_ctx_id_t,
const gss_buffer_t,
const gss_buffer_t,
int *
#ifdef _KERNEL
, OM_uint32
#endif
);
#ifndef _KERNEL
OM_uint32 (*gss_store_cred)
(
void *,
OM_uint32 *,
const gss_cred_id_t,
gss_cred_usage_t,
const gss_OID,
OM_uint32,
OM_uint32,
gss_OID_set *,
gss_cred_usage_t *
);
OM_uint32 (*gss_inquire_sec_context_by_oid)
(
OM_uint32 *,
const gss_ctx_id_t,
const gss_OID,
gss_buffer_set_t *
);
#endif
} *gss_mechanism;
#ifndef _KERNEL
typedef struct gss_config_ext {
gss_acquire_cred_with_password_sfct gss_acquire_cred_with_password;
} *gss_mechanism_ext;
#endif
typedef struct gss_mech_config {
char *kmodName;
char *uLibName;
char *mechNameStr;
char *optionStr;
void *dl_handle;
gss_OID mech_type;
gss_mechanism mech;
#ifndef _KERNEL
gss_mechanism_ext mech_ext;
#endif
struct gss_mech_config *next;
} *gss_mech_info;
gss_mechanism __gss_get_mechanism(const gss_OID);
#ifndef _KERNEL
gss_mechanism_ext __gss_get_mechanism_ext(const gss_OID);
#endif
char *__gss_get_kmodName(const gss_OID);
char *__gss_get_modOptions(const gss_OID);
OM_uint32 __gss_import_internal_name(OM_uint32 *, const gss_OID,
gss_union_name_t, gss_name_t *);
OM_uint32 __gss_export_internal_name(OM_uint32 *, const gss_OID,
const gss_name_t, gss_buffer_t);
OM_uint32 __gss_display_internal_name(OM_uint32 *, const gss_OID,
const gss_name_t, gss_buffer_t, gss_OID *);
OM_uint32 __gss_release_internal_name(OM_uint32 *, const gss_OID,
gss_name_t *);
OM_uint32 gssint_delete_internal_sec_context (OM_uint32 *, gss_OID,
gss_ctx_id_t *, gss_buffer_t);
OM_uint32 __gss_convert_name_to_union_name(
OM_uint32 *,
gss_mechanism,
gss_name_t,
gss_name_t *
);
gss_cred_id_t __gss_get_mechanism_cred(
const gss_union_cred_t,
const gss_OID
);
int gssint_mechglue_init(void);
void gssint_mechglue_fini(void);
gss_mechanism gssint_get_mechanism (gss_OID);
OM_uint32 gssint_get_mech_type (gss_OID, gss_buffer_t);
char *gssint_get_kmodName(const gss_OID);
char *gssint_get_modOptions(const gss_OID);
OM_uint32 gssint_import_internal_name (OM_uint32 *, gss_OID, gss_union_name_t,
gss_name_t *);
OM_uint32 gssint_export_internal_name(OM_uint32 *, const gss_OID,
const gss_name_t, gss_buffer_t);
OM_uint32 gssint_display_internal_name (OM_uint32 *, gss_OID, gss_name_t,
gss_buffer_t, gss_OID *);
OM_uint32 gssint_release_internal_name (OM_uint32 *, gss_OID, gss_name_t *);
OM_uint32 gssint_convert_name_to_union_name
(OM_uint32 *,
gss_mechanism,
gss_name_t,
gss_name_t *
);
gss_cred_id_t gssint_get_mechanism_cred
(gss_union_cred_t,
gss_OID
);
OM_uint32 gssint_create_copy_buffer(
const gss_buffer_t,
gss_buffer_t *,
int
);
OM_uint32 gssint_copy_oid_set(
OM_uint32 *,
const gss_OID_set_desc *,
gss_OID_set *
);
OM_uint32 gss_copy_oid_set(
OM_uint32 *,
const gss_OID_set_desc *,
gss_OID_set *
);
gss_OID gss_find_mechanism_from_name_type (gss_OID);
OM_uint32 gss_add_mech_name_type
(OM_uint32 *,
gss_OID,
gss_OID
);
OM_uint32
gssint_mech_to_oid(
const char *mech,
gss_OID *oid
);
const char *
gssint_oid_to_mech(
const gss_OID oid
);
OM_uint32
gssint_get_mechanisms(
char *mechArray[],
int arrayLen
);
OM_uint32
gss_store_cred(
OM_uint32 *,
const gss_cred_id_t,
gss_cred_usage_t,
const gss_OID,
OM_uint32,
OM_uint32,
gss_OID_set *,
gss_cred_usage_t *
);
int
gssint_get_der_length(
unsigned char **,
unsigned int,
unsigned int *
);
unsigned int
gssint_der_length_size(unsigned int );
int
gssint_put_der_length(
unsigned int,
unsigned char **,
unsigned int
);
typedef unsigned int gssd_ctx_id_t;
typedef unsigned int gssd_cred_id_t;
#define GSSD_NO_CONTEXT ((gssd_ctx_id_t)0)
#define GSSD_NO_CREDENTIAL ((gssd_cred_id_t)0)
#ifdef _KERNEL
#ifndef _KRB5_H
#define MALLOC(n) kmem_alloc((n), KM_SLEEP)
#define FREE(x, n) kmem_free((x), (n))
#endif
gss_mechanism __kgss_get_mechanism(gss_OID);
void __kgss_add_mechanism(gss_mechanism);
#endif
struct kgss_cred {
gssd_cred_id_t gssd_cred;
OM_uint32 gssd_cred_verifier;
};
#define KCRED_TO_KGSS_CRED(cred) ((struct kgss_cred *)(cred))
#define KCRED_TO_CRED(cred) (KCRED_TO_KGSS_CRED(cred)->gssd_cred)
#define KCRED_TO_CREDV(cred) (KCRED_TO_KGSS_CRED(cred)->gssd_cred_verifier)
struct kgss_ctx {
gssd_ctx_id_t gssd_ctx;
#ifdef _KERNEL
gss_ctx_id_t gssd_i_ctx;
bool_t ctx_imported;
gss_mechanism mech;
#endif
OM_uint32 gssd_ctx_verifier;
};
#define KCTX_TO_KGSS_CTX(ctx) ((struct kgss_ctx *)(ctx))
#define KCTX_TO_CTX_IMPORTED(ctx) (KCTX_TO_KGSS_CTX(ctx)->ctx_imported)
#define KCTX_TO_GSSD_CTX(ctx) (KCTX_TO_KGSS_CTX(ctx)->gssd_ctx)
#define KCTX_TO_CTXV(ctx) (KCTX_TO_KGSS_CTX(ctx)->gssd_ctx_verifier)
#define KCTX_TO_MECH(ctx) (KCTX_TO_KGSS_CTX(ctx)->mech)
#define KCTX_TO_PRIVATE(ctx) (KCTX_TO_MECH(ctx)->context)
#define KGSS_CTX_TO_GSSD_CTX(ctx) \
(((ctx) == GSS_C_NO_CONTEXT) ? (gssd_ctx_id_t)(uintptr_t)(ctx) : \
KCTX_TO_GSSD_CTX(ctx))
#define KGSS_CTX_TO_GSSD_CTXV(ctx) \
(((ctx) == GSS_C_NO_CONTEXT) ? (0) : KCTX_TO_CTXV(ctx))
#ifdef _KERNEL
#define KCTX_TO_I_CTX(ctx) (KCTX_TO_KGSS_CTX(ctx)->gssd_i_ctx)
#define KCTX_TO_CTX(ctx) \
((KCTX_TO_CTX_IMPORTED(ctx) == FALSE) ? (ctx) : \
KCTX_TO_I_CTX(ctx))
#define KGSS_CRED_ALLOC() kmem_zalloc(sizeof (struct kgss_cred), \
KM_SLEEP)
#define KGSS_CRED_FREE(cred) kmem_free(cred, sizeof (struct kgss_cred))
#define KGSS_ALLOC() kmem_zalloc(sizeof (struct kgss_ctx), KM_SLEEP)
#define KGSS_FREE(ctx) kmem_free(ctx, sizeof (struct kgss_ctx))
#define KGSS_SIGN(minor_st, ctx, qop, msg, tkn) \
(*(KCTX_TO_MECH(ctx)->gss_sign))(KCTX_TO_PRIVATE(ctx), minor_st, \
KCTX_TO_CTX(ctx), qop, msg, tkn, KCTX_TO_CTXV(ctx))
#define KGSS_VERIFY(minor_st, ctx, msg, tkn, qop) \
(*(KCTX_TO_MECH(ctx)->gss_verify))(KCTX_TO_PRIVATE(ctx), minor_st,\
KCTX_TO_CTX(ctx), msg, tkn, qop, KCTX_TO_CTXV(ctx))
#define KGSS_DELETE_SEC_CONTEXT(minor_st, ctx, int_ctx_id, tkn) \
(*(KCTX_TO_MECH(ctx)->gss_delete_sec_context))(KCTX_TO_PRIVATE(ctx),\
minor_st, int_ctx_id, tkn, KCTX_TO_CTXV(ctx))
#define KGSS_IMPORT_SEC_CONTEXT(minor_st, tkn, ctx, int_ctx_id) \
(*(KCTX_TO_MECH(ctx)->gss_import_sec_context))(KCTX_TO_PRIVATE(ctx),\
minor_st, tkn, int_ctx_id)
#define KGSS_SEAL(minor_st, ctx, conf_req, qop, msg, conf_state, tkn) \
(*(KCTX_TO_MECH(ctx)->gss_seal))(KCTX_TO_PRIVATE(ctx), minor_st, \
KCTX_TO_CTX(ctx), conf_req, qop, msg, conf_state, tkn,\
KCTX_TO_CTXV(ctx))
#define KGSS_UNSEAL(minor_st, ctx, msg, tkn, conf, qop) \
(*(KCTX_TO_MECH(ctx)->gss_unseal))(KCTX_TO_PRIVATE(ctx), minor_st,\
KCTX_TO_CTX(ctx), msg, tkn, conf, qop, \
KCTX_TO_CTXV(ctx))
#define KGSS_INIT_CONTEXT(ctx) krb5_init_context(ctx)
#define KGSS_RELEASE_OID(minor_st, oid) krb5_gss_release_oid(minor_st, oid)
extern OM_uint32 kgss_release_oid(OM_uint32 *, gss_OID *);
#else
#define KGSS_INIT_CONTEXT(ctx) krb5_gss_init_context(ctx)
#define KGSS_RELEASE_OID(minor_st, oid) gss_release_oid(minor_st, oid)
#define KCTX_TO_CTX(ctx) (KCTX_TO_KGSS_CTX(ctx)->gssd_ctx)
#define MALLOC(n) malloc(n)
#define FREE(x, n) free(x)
#define KGSS_CRED_ALLOC() (struct kgss_cred *) \
MALLOC(sizeof (struct kgss_cred))
#define KGSS_CRED_FREE(cred) free(cred)
#define KGSS_ALLOC() (struct kgss_ctx *)MALLOC(sizeof (struct kgss_ctx))
#define KGSS_FREE(ctx) free(ctx)
#define KGSS_SIGN(minor_st, ctx, qop, msg, tkn) \
kgss_sign_wrapped(minor_st, \
KCTX_TO_CTX(ctx), qop, msg, tkn, KCTX_TO_CTXV(ctx))
#define KGSS_VERIFY(minor_st, ctx, msg, tkn, qop) \
kgss_verify_wrapped(minor_st,\
KCTX_TO_CTX(ctx), msg, tkn, qop, KCTX_TO_CTXV(ctx))
#define KGSS_SEAL(minor_st, ctx, conf_req, qop, msg, conf_state, tkn) \
kgss_seal_wrapped(minor_st, \
KCTX_TO_CTX(ctx), conf_req, qop, msg, conf_state, tkn, \
KCTX_TO_CTXV(ctx))
#define KGSS_UNSEAL(minor_st, ctx, msg, tkn, conf, qop) \
kgss_unseal_wrapped(minor_st,\
KCTX_TO_CTX(ctx), msg, tkn, conf, qop, \
KCTX_TO_CTXV(ctx))
#endif
OM_uint32 generic_gss_release_buffer
(OM_uint32*,
gss_buffer_t
);
OM_uint32 generic_gss_release_oid_set
(OM_uint32*,
gss_OID_set*
);
OM_uint32 generic_gss_release_oid
(OM_uint32*,
gss_OID*
);
OM_uint32 generic_gss_copy_oid
(OM_uint32 *,
gss_OID_desc * const,
gss_OID *
);
OM_uint32 generic_gss_create_empty_oid_set
(OM_uint32 *,
gss_OID_set *
);
OM_uint32 generic_gss_add_oid_set_member
(OM_uint32 *,
gss_OID_desc * const,
gss_OID_set *
);
OM_uint32 generic_gss_test_oid_set_member
(OM_uint32 *,
gss_OID_desc * const,
gss_OID_set,
int *
);
OM_uint32 generic_gss_oid_to_str
(OM_uint32 *,
gss_OID_desc * const,
gss_buffer_t
);
OM_uint32 generic_gss_str_to_oid
(OM_uint32 *,
gss_buffer_t,
gss_OID *
);
OM_uint32
generic_gss_oid_compose(
OM_uint32 *,
const char *,
size_t,
int,
gss_OID_desc *);
OM_uint32
generic_gss_oid_decompose(
OM_uint32 *,
const char *,
size_t,
gss_OID_desc *,
int *);
OM_uint32 generic_gss_create_empty_buffer_set
(OM_uint32 * ,
gss_buffer_set_t * );
OM_uint32 generic_gss_add_buffer_set_member
(OM_uint32 * ,
const gss_buffer_t ,
gss_buffer_set_t * );
OM_uint32 generic_gss_release_buffer_set
(OM_uint32 * ,
gss_buffer_set_t * );
#ifdef _KERNEL
#define map_error(MINORP, MECH)
#define map_errcode(MINORP)
#else
#define map_error(MINORP, MECH) \
(*(MINORP) = gssint_mecherrmap_map(*(MINORP), &(MECH)->mech_type))
#define map_error_oid(MINORP, MECHOID) \
(*(MINORP) = gssint_mecherrmap_map(*(MINORP), (MECHOID)))
#define map_errcode(MINORP) \
(*(MINORP) = gssint_mecherrmap_map_errcode(*(MINORP)))
#endif
#endif
