8 #define SSH2_GSS_OIDTYPE 0x06
9 typedef void *Ssh_gss_ctx;
11 typedef enum Ssh_gss_stat {
13 SSH_GSS_S_CONTINUE_NEEDED,
15 SSH_GSS_BAD_HOST_NAME,
19 #define SSH_GSS_S_COMPLETE SSH_GSS_OK
21 #define SSH_GSS_CLEAR_BUF(buf) do { \
23 (*buf).value = NULL; \
26 typedef gss_buffer_desc Ssh_gss_buf;
27 typedef gss_name_t Ssh_gss_name;
29 /* Functions, provided by either wingss.c or sshgssc.c */
31 struct ssh_gss_library;
34 * Do startup-time initialisation for using GSSAPI. This should
35 * correctly initialise the array of struct ssh_gss_library declared
38 * Must be callable multiple times (since the most convenient place
39 * to call it _from_ is the ssh.c setup code), and should harmlessly
40 * return success if already initialised.
42 void ssh_gss_init(void);
45 * Fills in buf with a string describing the GSSAPI mechanism in
46 * use. buf->data is not dynamically allocated.
48 typedef Ssh_gss_stat (*t_ssh_gss_indicate_mech)(struct ssh_gss_library *lib,
52 * Converts a name such as a hostname into a GSSAPI internal form,
53 * which is placed in "out". The result should be freed by
54 * ssh_gss_release_name().
56 typedef Ssh_gss_stat (*t_ssh_gss_import_name)(struct ssh_gss_library *lib,
57 char *in, Ssh_gss_name *out);
60 * Frees the contents of an Ssh_gss_name structure filled in by
61 * ssh_gss_import_name().
63 typedef Ssh_gss_stat (*t_ssh_gss_release_name)(struct ssh_gss_library *lib,
67 * The main GSSAPI security context setup function. The "out"
68 * parameter will need to be freed by ssh_gss_free_tok.
70 typedef Ssh_gss_stat (*t_ssh_gss_init_sec_context)
71 (struct ssh_gss_library *lib,
72 Ssh_gss_ctx *ctx, Ssh_gss_name name, int delegate,
73 Ssh_gss_buf *in, Ssh_gss_buf *out);
76 * Frees the contents of an Ssh_gss_buf filled in by
77 * ssh_gss_init_sec_context(). Do not accidentally call this on
78 * something filled in by ssh_gss_get_mic() (which requires a
79 * different free function) or something filled in by any other
82 typedef Ssh_gss_stat (*t_ssh_gss_free_tok)(struct ssh_gss_library *lib,
86 * Acquires the credentials to perform authentication in the first
87 * place. Needs to be freed by ssh_gss_release_cred().
89 typedef Ssh_gss_stat (*t_ssh_gss_acquire_cred)(struct ssh_gss_library *lib,
93 * Frees the contents of an Ssh_gss_ctx filled in by
94 * ssh_gss_acquire_cred().
96 typedef Ssh_gss_stat (*t_ssh_gss_release_cred)(struct ssh_gss_library *lib,
100 * Gets a MIC for some input data. "out" needs to be freed by
101 * ssh_gss_free_mic().
103 typedef Ssh_gss_stat (*t_ssh_gss_get_mic)(struct ssh_gss_library *lib,
104 Ssh_gss_ctx ctx, Ssh_gss_buf *in,
108 * Frees the contents of an Ssh_gss_buf filled in by
109 * ssh_gss_get_mic(). Do not accidentally call this on something
110 * filled in by ssh_gss_init_sec_context() (which requires a
111 * different free function) or something filled in by any other
114 typedef Ssh_gss_stat (*t_ssh_gss_free_mic)(struct ssh_gss_library *lib,
118 * Return an error message after authentication failed. The
119 * message string is returned in "buf", with buf->len giving the
120 * number of characters of printable message text and buf->data
121 * containing one more character which is a trailing NUL.
122 * buf->data should be manually freed by the caller.
124 typedef Ssh_gss_stat (*t_ssh_gss_display_status)(struct ssh_gss_library *lib,
125 Ssh_gss_ctx, Ssh_gss_buf *buf);
127 struct ssh_gss_library {
129 * Identifying number in the enumeration used by the
130 * configuration code to specify a preference order.
135 * Filled in at initialisation time, if there's anything
136 * interesting to say about how GSSAPI was initialised (e.g.
137 * which of a number of alternative libraries was used).
139 const char *gsslogmsg;
142 * Function pointers implementing the SSH wrapper layer on top
143 * of GSSAPI. (Defined in sshgssc, typically, though Windows
144 * provides an alternative layer to sit on top of the annoyingly
147 t_ssh_gss_indicate_mech indicate_mech;
148 t_ssh_gss_import_name import_name;
149 t_ssh_gss_release_name release_name;
150 t_ssh_gss_init_sec_context init_sec_context;
151 t_ssh_gss_free_tok free_tok;
152 t_ssh_gss_acquire_cred acquire_cred;
153 t_ssh_gss_release_cred release_cred;
154 t_ssh_gss_get_mic get_mic;
155 t_ssh_gss_free_mic free_mic;
156 t_ssh_gss_display_status display_status;
159 * Additional data for the wrapper layers.
162 struct gssapi_functions gssapi;
164 * The SSPI wrappers don't need to store their Windows API
165 * function pointers in this structure, because there can't
166 * be more than one set of them available.
171 extern struct ssh_gss_library ssh_gss_libraries[];
172 extern int n_ssh_gss_libraries;
174 #endif /* NO_GSSAPI */
176 #endif /*PUTTY_SSHGSS_H*/