]> asedeno.scripts.mit.edu Git - PuTTY.git/blob - pgssapi.h
projects / PuTTY.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
first pass
[PuTTY.git] / pgssapi.h
1 #ifndef PUTTY_PGSSAPI_H
2 #define PUTTY_PGSSAPI_H
3
4 #include "putty.h"
5
6 #ifndef NO_GSSAPI
7
8 /*
9  * On Unix, if we're statically linking against GSSAPI, we leave the
10  * declaration of all this lot to the official header. If we're
11  * dynamically linking, we declare it ourselves, because that avoids
12  * us needing the official header at compile time.
13  *
14  * However, we still need the function pointer types, because even
15  * with statically linked GSSAPI we use the ssh_gss_library wrapper.
16  */
17 #ifdef STATIC_GSSAPI
18 #include <gssapi/gssapi.h>
19 typedef gss_OID const_gss_OID;         /* for our prototypes below */
20 #else /* STATIC_GSSAPI */
21
22 /*******************************************************************************
23  *  GSSAPI Definitions, taken from RFC 2744
24  ******************************************************************************/
25
26 /* GSSAPI Type Definitions */
27 typedef uint32 OM_uint32;
28
29 typedef struct gss_OID_desc_struct {
30     OM_uint32 length;
31     void *elements;
32 } gss_OID_desc;
33 typedef const gss_OID_desc *const_gss_OID;
34 typedef gss_OID_desc *gss_OID;
35
36 typedef struct gss_OID_set_desc_struct  {
37     size_t  count;
38     gss_OID elements;
39 } gss_OID_set_desc;
40 typedef const gss_OID_set_desc *const_gss_OID_set;
41 typedef gss_OID_set_desc *gss_OID_set;
42
43 typedef struct gss_buffer_desc_struct {
44     size_t length;
45     void *value;
46 } gss_buffer_desc, *gss_buffer_t;
47
48 typedef struct gss_channel_bindings_struct {
49     OM_uint32 initiator_addrtype;
50     gss_buffer_desc initiator_address;
51     OM_uint32 acceptor_addrtype;
52     gss_buffer_desc acceptor_address;
53     gss_buffer_desc application_data;
54 } *gss_channel_bindings_t;
55
56 typedef void * gss_ctx_id_t;
57 typedef void * gss_name_t;
58 typedef void * gss_cred_id_t;
59
60 typedef OM_uint32 gss_qop_t;
61
62 /* Flag bits for context-level services. */
63
64 #define GSS_C_DELEG_FLAG      1
65 #define GSS_C_MUTUAL_FLAG     2
66 #define GSS_C_REPLAY_FLAG     4
67 #define GSS_C_SEQUENCE_FLAG   8
68 #define GSS_C_CONF_FLAG       16
69 #define GSS_C_INTEG_FLAG      32
70 #define GSS_C_ANON_FLAG       64
71 #define GSS_C_PROT_READY_FLAG 128
72 #define GSS_C_TRANS_FLAG      256
73
74 /* Credential usage options */
75 #define GSS_C_BOTH     0
76 #define GSS_C_INITIATE 1
77 #define GSS_C_ACCEPT   2
78
79 /* Status code types for gss_display_status */
80 #define GSS_C_GSS_CODE  1
81 #define GSS_C_MECH_CODE 2
82
83 /* The constant definitions for channel-bindings address families */
84 #define GSS_C_AF_UNSPEC     0
85 #define GSS_C_AF_LOCAL      1
86 #define GSS_C_AF_INET       2
87 #define GSS_C_AF_IMPLINK    3
88 #define GSS_C_AF_PUP        4
89 #define GSS_C_AF_CHAOS      5
90 #define GSS_C_AF_NS         6
91 #define GSS_C_AF_NBS        7
92 #define GSS_C_AF_ECMA       8
93 #define GSS_C_AF_DATAKIT    9
94 #define GSS_C_AF_CCITT      10
95 #define GSS_C_AF_SNA        11
96 #define GSS_C_AF_DECnet     12
97 #define GSS_C_AF_DLI        13
98 #define GSS_C_AF_LAT        14
99 #define GSS_C_AF_HYLINK     15
100 #define GSS_C_AF_APPLETALK  16
101 #define GSS_C_AF_BSC        17
102 #define GSS_C_AF_DSS        18
103 #define GSS_C_AF_OSI        19
104 #define GSS_C_AF_X25        21
105
106 #define GSS_C_AF_NULLADDR   255
107
108 /* Various Null values */
109 #define GSS_C_NO_NAME ((gss_name_t) 0)
110 #define GSS_C_NO_BUFFER ((gss_buffer_t) 0)
111 #define GSS_C_NO_OID ((gss_OID) 0)
112 #define GSS_C_NO_OID_SET ((gss_OID_set) 0)
113 #define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0)
114 #define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0)
115 #define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0)
116 #define GSS_C_EMPTY_BUFFER {0, NULL}
117
118 /* Major status codes */
119 #define GSS_S_COMPLETE 0
120
121 /* Some "helper" definitions to make the status code macros obvious. */
122 #define GSS_C_CALLING_ERROR_OFFSET 24
123 #define GSS_C_ROUTINE_ERROR_OFFSET 16
124
125 #define GSS_C_SUPPLEMENTARY_OFFSET 0
126 #define GSS_C_CALLING_ERROR_MASK 0377ul
127 #define GSS_C_ROUTINE_ERROR_MASK 0377ul
128 #define GSS_C_SUPPLEMENTARY_MASK 0177777ul
129
130 /*
131  * The macros that test status codes for error conditions.
132  * Note that the GSS_ERROR() macro has changed slightly from
133  * the V1 GSS-API so that it now evaluates its argument
134  * only once.
135  */
136 #define GSS_CALLING_ERROR(x)                                            \
137     (x & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET))
138 #define GSS_ROUTINE_ERROR(x)                                            \
139     (x & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))
140 #define GSS_SUPPLEMENTARY_INFO(x)                                       \
141     (x & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET))
142 #define GSS_ERROR(x)                                                    \
143     (x & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) |    \
144           (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)))
145
146 /* Now the actual status code definitions */
147
148 /* Calling errors: */
149 #define GSS_S_CALL_INACCESSIBLE_READ            \
150     (1ul << GSS_C_CALLING_ERROR_OFFSET)
151 #define GSS_S_CALL_INACCESSIBLE_WRITE           \
152     (2ul << GSS_C_CALLING_ERROR_OFFSET)
153 #define GSS_S_CALL_BAD_STRUCTURE                \
154     (3ul << GSS_C_CALLING_ERROR_OFFSET)
155
156 /* Routine errors: */
157 #define GSS_S_BAD_MECH             (1ul <<                      \
158                                     GSS_C_ROUTINE_ERROR_OFFSET)
159 #define GSS_S_BAD_NAME             (2ul <<                      \
160                                     GSS_C_ROUTINE_ERROR_OFFSET)
161 #define GSS_S_BAD_NAMETYPE         (3ul <<                      \
162                                     GSS_C_ROUTINE_ERROR_OFFSET)
163 #define GSS_S_BAD_BINDINGS         (4ul <<                      \
164                                     GSS_C_ROUTINE_ERROR_OFFSET)
165 #define GSS_S_BAD_STATUS           (5ul <<                      \
166                                     GSS_C_ROUTINE_ERROR_OFFSET)
167 #define GSS_S_BAD_SIG              (6ul <<                      \
168                                     GSS_C_ROUTINE_ERROR_OFFSET)
169 #define GSS_S_BAD_MIC GSS_S_BAD_SIG
170 #define GSS_S_NO_CRED              (7ul <<                      \
171                                     GSS_C_ROUTINE_ERROR_OFFSET)
172 #define GSS_S_NO_CONTEXT           (8ul <<                      \
173                                     GSS_C_ROUTINE_ERROR_OFFSET)
174 #define GSS_S_DEFECTIVE_TOKEN      (9ul <<                      \
175                                     GSS_C_ROUTINE_ERROR_OFFSET)
176 #define GSS_S_DEFECTIVE_CREDENTIAL (10ul <<                     \
177                                     GSS_C_ROUTINE_ERROR_OFFSET)
178 #define GSS_S_CREDENTIALS_EXPIRED  (11ul <<                     \
179                                     GSS_C_ROUTINE_ERROR_OFFSET)
180 #define GSS_S_CONTEXT_EXPIRED      (12ul <<                     \
181                                     GSS_C_ROUTINE_ERROR_OFFSET)
182 #define GSS_S_FAILURE              (13ul <<                     \
183                                     GSS_C_ROUTINE_ERROR_OFFSET)
184 #define GSS_S_BAD_QOP              (14ul <<                     \
185                                     GSS_C_ROUTINE_ERROR_OFFSET)
186 #define GSS_S_UNAUTHORIZED         (15ul <<                     \
187                                     GSS_C_ROUTINE_ERROR_OFFSET)
188 #define GSS_S_UNAVAILABLE          (16ul <<                     \
189                                     GSS_C_ROUTINE_ERROR_OFFSET)
190 #define GSS_S_DUPLICATE_ELEMENT    (17ul <<                     \
191                                     GSS_C_ROUTINE_ERROR_OFFSET)
192 #define GSS_S_NAME_NOT_MN          (18ul <<                     \
193                                     GSS_C_ROUTINE_ERROR_OFFSET)
194
195 /* Supplementary info bits: */
196 #define GSS_S_CONTINUE_NEEDED                                           \
197                            (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 0))
198 #define GSS_S_DUPLICATE_TOKEN                                           \
199                            (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 1))
200 #define GSS_S_OLD_TOKEN                                                 \
201                            (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 2))
202 #define GSS_S_UNSEQ_TOKEN                                               \
203                            (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 3))
204 #define GSS_S_GAP_TOKEN                                                 \
205                            (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 4))
206
207 extern const_gss_OID GSS_C_NT_USER_NAME;
208 extern const_gss_OID GSS_C_NT_MACHINE_UID_NAME;
209 extern const_gss_OID GSS_C_NT_STRING_UID_NAME;
210 extern const_gss_OID GSS_C_NT_HOSTBASED_SERVICE_X;
211 extern const_gss_OID GSS_C_NT_HOSTBASED_SERVICE;
212 extern const_gss_OID GSS_C_NT_ANONYMOUS;
213 extern const_gss_OID GSS_C_NT_EXPORT_NAME;
214
215 #endif /* STATIC_GSSAPI */
216
217 extern const gss_OID GSS_MECH_KRB5;
218
219 /* GSSAPI functions we use.
220  * TODO: Replace with all GSSAPI functions from RFC?
221  */
222
223 /* Calling convention, just in case we need one. */
224 #ifndef GSS_CC
225 #define GSS_CC
226 #endif /*GSS_CC*/
227
228 typedef OM_uint32 (GSS_CC *t_gss_release_cred)
229             (OM_uint32                    * /*minor_status*/,
230              gss_cred_id_t                * /*cred_handle*/);
231
232 typedef OM_uint32 (GSS_CC *t_gss_init_sec_context)
233             (OM_uint32                    * /*minor_status*/,
234              const gss_cred_id_t            /*initiator_cred_handle*/,
235              gss_ctx_id_t                 * /*context_handle*/,
236              const gss_name_t               /*target_name*/,
237              const gss_OID                  /*mech_type*/,
238              OM_uint32                      /*req_flags*/,
239              OM_uint32                      /*time_req*/,
240              const gss_channel_bindings_t   /*input_chan_bindings*/,
241              const gss_buffer_t             /*input_token*/,
242              gss_OID                      * /*actual_mech_type*/,
243              gss_buffer_t                   /*output_token*/,
244              OM_uint32                    * /*ret_flags*/,
245              OM_uint32                    * /*time_rec*/);
246
247 typedef OM_uint32 (GSS_CC *t_gss_delete_sec_context)
248             (OM_uint32                    * /*minor_status*/,
249              gss_ctx_id_t                 * /*context_handle*/,
250              gss_buffer_t                   /*output_token*/);
251
252 typedef OM_uint32 (GSS_CC *t_gss_get_mic)
253             (OM_uint32                    * /*minor_status*/,
254              const gss_ctx_id_t             /*context_handle*/,
255              gss_qop_t                      /*qop_req*/,
256              const gss_buffer_t             /*message_buffer*/,
257              gss_buffer_t                   /*msg_token*/);
258
259 typedef OM_uint32 (GSS_CC *t_gss_display_status)
260             (OM_uint32                   * /*minor_status*/,
261              OM_uint32                     /*status_value*/,
262              int                           /*status_type*/,
263              const gss_OID                 /*mech_type*/,
264              OM_uint32                   * /*message_context*/,
265              gss_buffer_t                  /*status_string*/);
266
267
268 typedef OM_uint32 (GSS_CC *t_gss_import_name)
269             (OM_uint32                   * /*minor_status*/,
270              const gss_buffer_t            /*input_name_buffer*/,
271              const_gss_OID                 /*input_name_type*/,
272              gss_name_t                  * /*output_name*/);
273
274
275 typedef OM_uint32 (GSS_CC *t_gss_release_name)
276             (OM_uint32                   * /*minor_status*/,
277              gss_name_t                  * /*name*/);
278
279 typedef OM_uint32 (GSS_CC *t_gss_release_buffer)
280             (OM_uint32                   * /*minor_status*/,
281              gss_buffer_t                  /*buffer*/);
282
283 struct gssapi_functions {
284     t_gss_delete_sec_context delete_sec_context;
285     t_gss_display_status display_status;
286     t_gss_get_mic get_mic;
287     t_gss_import_name import_name;
288     t_gss_init_sec_context init_sec_context;
289     t_gss_release_buffer release_buffer;
290     t_gss_release_cred release_cred;
291     t_gss_release_name release_name;
292 };
293
294 #endif /* NO_GSSAPI */
295
296 #endif /* PUTTY_PGSSAPI_H */
local copy of git://git.tartarus.org/simon/putty.git