2 * Copyright (C) The Internet Society (2000). All Rights Reserved.
4 * This document and translations of it may be copied and furnished to
5 * others, and derivative works that comment on or otherwise explain it
6 * or assist in its implementation may be prepared, copied, published
7 * and distributed, in whole or in part, without restriction of any
8 * kind, provided that the above copyright notice and this paragraph are
9 * included on all such copies and derivative works. However, this
10 * document itself may not be modified in any way, such as by removing
11 * the copyright notice or references to the Internet Society or other
12 * Internet organizations, except as needed for the purpose of
13 * developing Internet standards in which case the procedures for
14 * copyrights defined in the Internet Standards process must be
15 * followed, or as required to translate it into languages other than
18 * The limited permissions granted above are perpetual and will not be
19 * revoked by the Internet Society or its successors or assigns.
21 * This document and the information contained herein is provided on an
22 * "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
23 * TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
24 * BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
25 * HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
26 * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
31 #ifndef _GSSAPI_GSSAPI_H_
32 #define _GSSAPI_GSSAPI_H_
34 #include <sys/cdefs.h>
35 #include <sys/_types.h>
37 #ifndef _SIZE_T_DECLARED
38 typedef __size_t size_t;
39 #define _SIZE_T_DECLARED
42 #ifndef _SSIZE_T_DECLARED
43 typedef __ssize_t ssize_t;
44 #define _SSIZE_T_DECLARED
47 /* Compatibility with Heimdal 1.5.1 */
48 #ifndef GSSAPI_CPP_START
50 #define GSSAPI_CPP_START extern "C" {
51 #define GSSAPI_CPP_END }
53 #define GSSAPI_CPP_START
54 #define GSSAPI_CPP_END
58 /* Compatibility with Heimdal 1.5.1 */
59 #ifndef BUILD_GSSAPI_LIB
60 #define GSSAPI_LIB_FUNCTION
61 #define GSSAPI_LIB_CALL
62 #define GSSAPI_LIB_VARIABLE
65 /* Compatibility with Heimdal 1.5.1 */
66 #ifndef GSSAPI_DEPRECATED_FUNCTION
67 #if defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 )))
68 #define GSSAPI_DEPRECATED_FUNCTION(X) __attribute__((deprecated))
70 #define GSSAPI_DEPRECATED_FUNCTION(X)
76 * If the platform supports the xom.h header file, it should be
84 * Now define the three implementation-dependent types.
86 typedef struct _gss_ctx_id_t *gss_ctx_id_t;
87 typedef struct _gss_cred_id_t *gss_cred_id_t;
88 typedef struct _gss_name_t *gss_name_t;
91 * The following type must be defined as the smallest natural
92 * unsigned integer supported by the platform that has at least
93 * 32 bits of precision.
95 typedef __uint32_t gss_uint32;
100 * We have included the xom.h header file. Verify that OM_uint32
101 * is defined correctly.
104 #if sizeof(gss_uint32) != sizeof(OM_uint32)
105 #error Incompatible definition of OM_uint32 from xom.h
108 typedef OM_object_identifier gss_OID_desc, *gss_OID;
113 * We can't use X/Open definitions, so roll our own.
116 typedef gss_uint32 OM_uint32;
117 typedef __uint64_t OM_uint64;
119 typedef struct gss_OID_desc_struct {
122 } gss_OID_desc, *gss_OID;
126 typedef struct gss_OID_set_desc_struct {
129 } gss_OID_set_desc, *gss_OID_set;
131 typedef struct gss_buffer_desc_struct {
134 } gss_buffer_desc, *gss_buffer_t;
136 typedef struct gss_channel_bindings_struct {
137 OM_uint32 initiator_addrtype;
138 gss_buffer_desc initiator_address;
139 OM_uint32 acceptor_addrtype;
140 gss_buffer_desc acceptor_address;
141 gss_buffer_desc application_data;
142 } *gss_channel_bindings_t;
145 * For now, define a QOP-type as an OM_uint32
147 typedef OM_uint32 gss_qop_t;
149 typedef int gss_cred_usage_t;
152 * Flag bits for context-level services.
154 #define GSS_C_DELEG_FLAG 1
155 #define GSS_C_MUTUAL_FLAG 2
156 #define GSS_C_REPLAY_FLAG 4
157 #define GSS_C_SEQUENCE_FLAG 8
158 #define GSS_C_CONF_FLAG 16
159 #define GSS_C_INTEG_FLAG 32
160 #define GSS_C_ANON_FLAG 64
161 #define GSS_C_PROT_READY_FLAG 128
162 #define GSS_C_TRANS_FLAG 256
165 * Credential usage options
168 #define GSS_C_INITIATE 1
169 #define GSS_C_ACCEPT 2
172 * Status code types for gss_display_status
174 #define GSS_C_GSS_CODE 1
175 #define GSS_C_MECH_CODE 2
178 * The constant definitions for channel-bindings address families
180 #define GSS_C_AF_UNSPEC 0
181 #define GSS_C_AF_LOCAL 1
182 #define GSS_C_AF_INET 2
183 #define GSS_C_AF_IMPLINK 3
184 #define GSS_C_AF_PUP 4
185 #define GSS_C_AF_CHAOS 5
186 #define GSS_C_AF_NS 6
187 #define GSS_C_AF_NBS 7
188 #define GSS_C_AF_ECMA 8
189 #define GSS_C_AF_DATAKIT 9
190 #define GSS_C_AF_CCITT 10
191 #define GSS_C_AF_SNA 11
192 #define GSS_C_AF_DECnet 12
193 #define GSS_C_AF_DLI 13
194 #define GSS_C_AF_LAT 14
195 #define GSS_C_AF_HYLINK 15
196 #define GSS_C_AF_APPLETALK 16
197 #define GSS_C_AF_BSC 17
198 #define GSS_C_AF_DSS 18
199 #define GSS_C_AF_OSI 19
200 #define GSS_C_AF_X25 21
201 #define GSS_C_AF_NULLADDR 255
204 * Various Null values
206 #define GSS_C_NO_NAME ((gss_name_t) 0)
207 #define GSS_C_NO_BUFFER ((gss_buffer_t) 0)
208 #define GSS_C_NO_OID ((gss_OID) 0)
209 #define GSS_C_NO_OID_SET ((gss_OID_set) 0)
210 #define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0)
211 #define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0)
212 #define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0)
213 #define GSS_C_EMPTY_BUFFER {0, NULL}
216 * Some alternate names for a couple of the above
217 * values. These are defined for V1 compatibility.
219 #define GSS_C_NULL_OID GSS_C_NO_OID
220 #define GSS_C_NULL_OID_SET GSS_C_NO_OID_SET
223 * Define the default Quality of Protection for per-message
224 * services. Note that an implementation that offers multiple
225 * levels of QOP may define GSS_C_QOP_DEFAULT to be either zero
226 * (as done here) to mean "default protection", or to a specific
227 * explicit QOP value. However, a value of 0 should always be
228 * interpreted by a GSS-API implementation as a request for the
229 * default protection level.
231 #define GSS_C_QOP_DEFAULT 0
234 * Expiration time of 2^32-1 seconds means infinite lifetime for a
235 * credential or security context
237 #define GSS_C_INDEFINITE 0xfffffffful
240 * The implementation must reserve static storage for a
241 * gss_OID_desc object containing the value
242 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
243 * "\x01\x02\x01\x01"},
244 * corresponding to an object-identifier value of
245 * {iso(1) member-body(2) United States(840) mit(113554)
246 * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant
247 * GSS_C_NT_USER_NAME should be initialized to point
248 * to that gss_OID_desc.
250 extern gss_OID GSS_C_NT_USER_NAME;
253 * The implementation must reserve static storage for a
254 * gss_OID_desc object containing the value
255 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
256 * "\x01\x02\x01\x02"},
257 * corresponding to an object-identifier value of
258 * {iso(1) member-body(2) United States(840) mit(113554)
259 * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}.
260 * The constant GSS_C_NT_MACHINE_UID_NAME should be
261 * initialized to point to that gss_OID_desc.
263 extern gss_OID GSS_C_NT_MACHINE_UID_NAME;
266 * The implementation must reserve static storage for a
267 * gss_OID_desc object containing the value
268 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
269 * "\x01\x02\x01\x03"},
270 * corresponding to an object-identifier value of
271 * {iso(1) member-body(2) United States(840) mit(113554)
272 * infosys(1) gssapi(2) generic(1) string_uid_name(3)}.
273 * The constant GSS_C_NT_STRING_UID_NAME should be
274 * initialized to point to that gss_OID_desc.
276 extern gss_OID GSS_C_NT_STRING_UID_NAME;
279 * The implementation must reserve static storage for a
280 * gss_OID_desc object containing the value
281 * {6, (void *)"\x2b\x06\x01\x05\x06\x02"},
282 * corresponding to an object-identifier value of
283 * {iso(1) org(3) dod(6) internet(1) security(5)
284 * nametypes(6) gss-host-based-services(2)). The constant
285 * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point
286 * to that gss_OID_desc. This is a deprecated OID value, and
287 * implementations wishing to support hostbased-service names
288 * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID,
289 * defined below, to identify such names;
290 * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym
291 * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input
292 * parameter, but should not be emitted by GSS-API
295 extern gss_OID GSS_C_NT_HOSTBASED_SERVICE_X;
298 * The implementation must reserve static storage for a
299 * gss_OID_desc object containing the value
300 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
301 * "\x01\x02\x01\x04"}, corresponding to an
302 * object-identifier value of {iso(1) member-body(2)
303 * Unites States(840) mit(113554) infosys(1) gssapi(2)
304 * generic(1) service_name(4)}. The constant
305 * GSS_C_NT_HOSTBASED_SERVICE should be initialized
306 * to point to that gss_OID_desc.
308 extern gss_OID GSS_C_NT_HOSTBASED_SERVICE;
311 * The implementation must reserve static storage for a
312 * gss_OID_desc object containing the value
313 * {6, (void *)"\x2b\x06\01\x05\x06\x03"},
314 * corresponding to an object identifier value of
315 * {1(iso), 3(org), 6(dod), 1(internet), 5(security),
316 * 6(nametypes), 3(gss-anonymous-name)}. The constant
317 * and GSS_C_NT_ANONYMOUS should be initialized to point
318 * to that gss_OID_desc.
320 extern gss_OID GSS_C_NT_ANONYMOUS;
324 * The implementation must reserve static storage for a
325 * gss_OID_desc object containing the value
326 * {6, (void *)"\x2b\x06\x01\x05\x06\x04"},
327 * corresponding to an object-identifier value of
328 * {1(iso), 3(org), 6(dod), 1(internet), 5(security),
329 * 6(nametypes), 4(gss-api-exported-name)}. The constant
330 * GSS_C_NT_EXPORT_NAME should be initialized to point
331 * to that gss_OID_desc.
333 extern gss_OID GSS_C_NT_EXPORT_NAME;
336 * This name form shall be represented by the Object Identifier {iso(1)
337 * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2)
338 * krb5(2) krb5_name(1)}. The recommended symbolic name for this type
339 * is "GSS_KRB5_NT_PRINCIPAL_NAME".
341 extern gss_OID GSS_KRB5_NT_PRINCIPAL_NAME;
344 * This name form shall be represented by the Object Identifier {iso(1)
345 * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2)
346 * generic(1) user_name(1)}. The recommended symbolic name for this
347 * type is "GSS_KRB5_NT_USER_NAME".
349 extern gss_OID GSS_KRB5_NT_USER_NAME;
352 * This name form shall be represented by the Object Identifier {iso(1)
353 * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2)
354 * generic(1) machine_uid_name(2)}. The recommended symbolic name for
355 * this type is "GSS_KRB5_NT_MACHINE_UID_NAME".
357 extern gss_OID GSS_KRB5_NT_MACHINE_UID_NAME;
360 * This name form shall be represented by the Object Identifier {iso(1)
361 * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2)
362 * generic(1) string_uid_name(3)}. The recommended symbolic name for
363 * this type is "GSS_KRB5_NT_STRING_UID_NAME".
365 extern gss_OID GSS_KRB5_NT_STRING_UID_NAME;
367 /* Major status codes */
369 #define GSS_S_COMPLETE 0
372 * Some "helper" definitions to make the status code macros obvious.
374 #define GSS_C_CALLING_ERROR_OFFSET 24
375 #define GSS_C_ROUTINE_ERROR_OFFSET 16
376 #define GSS_C_SUPPLEMENTARY_OFFSET 0
377 #define GSS_C_CALLING_ERROR_MASK 0377ul
378 #define GSS_C_ROUTINE_ERROR_MASK 0377ul
379 #define GSS_C_SUPPLEMENTARY_MASK 0177777ul
382 * The macros that test status codes for error conditions.
383 * Note that the GSS_ERROR() macro has changed slightly from
384 * the V1 GSS-API so that it now evaluates its argument
387 #define GSS_CALLING_ERROR(x) \
388 (x & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET))
389 #define GSS_ROUTINE_ERROR(x) \
390 (x & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))
391 #define GSS_SUPPLEMENTARY_INFO(x) \
392 (x & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET))
393 #define GSS_ERROR(x) \
394 (x & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) | \
395 (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)))
398 * Now the actual status code definitions
404 #define GSS_S_CALL_INACCESSIBLE_READ \
405 (1ul << GSS_C_CALLING_ERROR_OFFSET)
406 #define GSS_S_CALL_INACCESSIBLE_WRITE \
407 (2ul << GSS_C_CALLING_ERROR_OFFSET)
408 #define GSS_S_CALL_BAD_STRUCTURE \
409 (3ul << GSS_C_CALLING_ERROR_OFFSET)
414 #define GSS_S_BAD_MECH (1ul << GSS_C_ROUTINE_ERROR_OFFSET)
415 #define GSS_S_BAD_NAME (2ul << GSS_C_ROUTINE_ERROR_OFFSET)
416 #define GSS_S_BAD_NAMETYPE (3ul << GSS_C_ROUTINE_ERROR_OFFSET)
417 #define GSS_S_BAD_BINDINGS (4ul << GSS_C_ROUTINE_ERROR_OFFSET)
418 #define GSS_S_BAD_STATUS (5ul << GSS_C_ROUTINE_ERROR_OFFSET)
419 #define GSS_S_BAD_SIG (6ul << GSS_C_ROUTINE_ERROR_OFFSET)
420 #define GSS_S_BAD_MIC GSS_S_BAD_SIG
421 #define GSS_S_NO_CRED (7ul << GSS_C_ROUTINE_ERROR_OFFSET)
422 #define GSS_S_NO_CONTEXT (8ul << GSS_C_ROUTINE_ERROR_OFFSET)
423 #define GSS_S_DEFECTIVE_TOKEN (9ul << GSS_C_ROUTINE_ERROR_OFFSET)
424 #define GSS_S_DEFECTIVE_CREDENTIAL (10ul << GSS_C_ROUTINE_ERROR_OFFSET)
425 #define GSS_S_CREDENTIALS_EXPIRED (11ul << GSS_C_ROUTINE_ERROR_OFFSET)
426 #define GSS_S_CONTEXT_EXPIRED (12ul << GSS_C_ROUTINE_ERROR_OFFSET)
427 #define GSS_S_FAILURE (13ul << GSS_C_ROUTINE_ERROR_OFFSET)
428 #define GSS_S_BAD_QOP (14ul << GSS_C_ROUTINE_ERROR_OFFSET)
429 #define GSS_S_UNAUTHORIZED (15ul << GSS_C_ROUTINE_ERROR_OFFSET)
430 #define GSS_S_UNAVAILABLE (16ul << GSS_C_ROUTINE_ERROR_OFFSET)
431 #define GSS_S_DUPLICATE_ELEMENT (17ul << GSS_C_ROUTINE_ERROR_OFFSET)
432 #define GSS_S_NAME_NOT_MN (18ul << GSS_C_ROUTINE_ERROR_OFFSET)
435 * Supplementary info bits:
437 #define GSS_S_CONTINUE_NEEDED \
438 (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 0))
439 #define GSS_S_DUPLICATE_TOKEN \
440 (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 1))
441 #define GSS_S_OLD_TOKEN \
442 (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 2))
443 #define GSS_S_UNSEQ_TOKEN \
444 (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 3))
445 #define GSS_S_GAP_TOKEN \
446 (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 4))
451 * Finally, function prototypes for the GSS-API routines.
453 OM_uint32 gss_acquire_cred
454 (OM_uint32 *, /* minor_status */
455 const gss_name_t, /* desired_name */
456 OM_uint32, /* time_req */
457 const gss_OID_set, /* desired_mechs */
458 gss_cred_usage_t, /* cred_usage */
459 gss_cred_id_t *, /* output_cred_handle */
460 gss_OID_set *, /* actual_mechs */
461 OM_uint32 * /* time_rec */
464 OM_uint32 gss_release_cred
465 (OM_uint32 *, /* minor_status */
466 gss_cred_id_t * /* cred_handle */
469 OM_uint32 gss_init_sec_context
470 (OM_uint32 *, /* minor_status */
471 const gss_cred_id_t, /* initiator_cred_handle */
472 gss_ctx_id_t *, /* context_handle */
473 const gss_name_t, /* target_name */
474 const gss_OID, /* mech_type */
475 OM_uint32, /* req_flags */
476 OM_uint32, /* time_req */
477 const gss_channel_bindings_t,
478 /* input_chan_bindings */
479 const gss_buffer_t, /* input_token */
480 gss_OID *, /* actual_mech_type */
481 gss_buffer_t, /* output_token */
482 OM_uint32 *, /* ret_flags */
483 OM_uint32 * /* time_rec */
486 OM_uint32 gss_accept_sec_context
487 (OM_uint32 *, /* minor_status */
488 gss_ctx_id_t *, /* context_handle */
489 const gss_cred_id_t, /* acceptor_cred_handle */
490 const gss_buffer_t, /* input_token_buffer */
491 const gss_channel_bindings_t,
492 /* input_chan_bindings */
493 gss_name_t *, /* src_name */
494 gss_OID *, /* mech_type */
495 gss_buffer_t, /* output_token */
496 OM_uint32 *, /* ret_flags */
497 OM_uint32 *, /* time_rec */
498 gss_cred_id_t * /* delegated_cred_handle */
501 OM_uint32 gss_process_context_token
502 (OM_uint32 *, /* minor_status */
503 const gss_ctx_id_t, /* context_handle */
504 const gss_buffer_t /* token_buffer */
507 OM_uint32 gss_delete_sec_context
508 (OM_uint32 *, /* minor_status */
509 gss_ctx_id_t *, /* context_handle */
510 gss_buffer_t /* output_token */
513 OM_uint32 gss_context_time
514 (OM_uint32 *, /* minor_status */
515 const gss_ctx_id_t, /* context_handle */
516 OM_uint32 * /* time_rec */
519 OM_uint32 gss_get_mic
520 (OM_uint32 *, /* minor_status */
521 const gss_ctx_id_t, /* context_handle */
522 gss_qop_t, /* qop_req */
523 const gss_buffer_t, /* message_buffer */
524 gss_buffer_t /* message_token */
527 OM_uint32 gss_verify_mic
528 (OM_uint32 *, /* minor_status */
529 const gss_ctx_id_t, /* context_handle */
530 const gss_buffer_t, /* message_buffer */
531 const gss_buffer_t, /* token_buffer */
532 gss_qop_t * /* qop_state */
536 (OM_uint32 *, /* minor_status */
537 const gss_ctx_id_t, /* context_handle */
538 int, /* conf_req_flag */
539 gss_qop_t, /* qop_req */
540 const gss_buffer_t, /* input_message_buffer */
541 int *, /* conf_state */
542 gss_buffer_t /* output_message_buffer */
546 (OM_uint32 *, /* minor_status */
547 const gss_ctx_id_t, /* context_handle */
548 const gss_buffer_t, /* input_message_buffer */
549 gss_buffer_t, /* output_message_buffer */
550 int *, /* conf_state */
551 gss_qop_t * /* qop_state */
554 OM_uint32 gss_display_status
555 (OM_uint32 *, /* minor_status */
556 OM_uint32, /* status_value */
557 int, /* status_type */
558 const gss_OID, /* mech_type */
559 OM_uint32 *, /* message_context */
560 gss_buffer_t /* status_string */
563 OM_uint32 gss_indicate_mechs
564 (OM_uint32 *, /* minor_status */
565 gss_OID_set * /* mech_set */
568 OM_uint32 gss_compare_name
569 (OM_uint32 *, /* minor_status */
570 const gss_name_t, /* name1 */
571 const gss_name_t, /* name2 */
572 int * /* name_equal */
575 OM_uint32 gss_display_name
576 (OM_uint32 *, /* minor_status */
577 const gss_name_t, /* input_name */
578 gss_buffer_t, /* output_name_buffer */
579 gss_OID * /* output_name_type */
582 OM_uint32 gss_import_name
583 (OM_uint32 *, /* minor_status */
584 const gss_buffer_t, /* input_name_buffer */
585 const gss_OID, /* input_name_type */
586 gss_name_t * /* output_name */
589 OM_uint32 gss_export_name
590 (OM_uint32 *, /* minor_status */
591 const gss_name_t, /* input_name */
592 gss_buffer_t /* exported_name */
595 OM_uint32 gss_release_name
596 (OM_uint32 *, /* minor_status */
597 gss_name_t * /* input_name */
600 OM_uint32 gss_release_buffer
601 (OM_uint32 *, /* minor_status */
602 gss_buffer_t /* buffer */
605 OM_uint32 gss_release_oid_set
606 (OM_uint32 *, /* minor_status */
607 gss_OID_set * /* set */
610 OM_uint32 gss_inquire_cred
611 (OM_uint32 *, /* minor_status */
612 const gss_cred_id_t, /* cred_handle */
613 gss_name_t *, /* name */
614 OM_uint32 *, /* lifetime */
615 gss_cred_usage_t *, /* cred_usage */
616 gss_OID_set * /* mechanisms */
619 OM_uint32 gss_inquire_context (
620 OM_uint32 *, /* minor_status */
621 const gss_ctx_id_t, /* context_handle */
622 gss_name_t *, /* src_name */
623 gss_name_t *, /* targ_name */
624 OM_uint32 *, /* lifetime_rec */
625 gss_OID *, /* mech_type */
626 OM_uint32 *, /* ctx_flags */
627 int *, /* locally_initiated */
631 OM_uint32 gss_wrap_size_limit (
632 OM_uint32 *, /* minor_status */
633 const gss_ctx_id_t, /* context_handle */
634 int, /* conf_req_flag */
635 gss_qop_t, /* qop_req */
636 OM_uint32, /* req_output_size */
637 OM_uint32 * /* max_input_size */
640 OM_uint32 gss_add_cred (
641 OM_uint32 *, /* minor_status */
642 const gss_cred_id_t, /* input_cred_handle */
643 const gss_name_t, /* desired_name */
644 const gss_OID, /* desired_mech */
645 gss_cred_usage_t, /* cred_usage */
646 OM_uint32, /* initiator_time_req */
647 OM_uint32, /* acceptor_time_req */
648 gss_cred_id_t *, /* output_cred_handle */
649 gss_OID_set *, /* actual_mechs */
650 OM_uint32 *, /* initiator_time_rec */
651 OM_uint32 * /* acceptor_time_rec */
654 OM_uint32 gss_inquire_cred_by_mech (
655 OM_uint32 *, /* minor_status */
656 const gss_cred_id_t, /* cred_handle */
657 const gss_OID, /* mech_type */
658 gss_name_t *, /* name */
659 OM_uint32 *, /* initiator_lifetime */
660 OM_uint32 *, /* acceptor_lifetime */
661 gss_cred_usage_t * /* cred_usage */
664 OM_uint32 gss_export_sec_context (
665 OM_uint32 *, /* minor_status */
666 gss_ctx_id_t *, /* context_handle */
667 gss_buffer_t /* interprocess_token */
670 OM_uint32 gss_import_sec_context (
671 OM_uint32 *, /* minor_status */
672 const gss_buffer_t, /* interprocess_token */
673 gss_ctx_id_t * /* context_handle */
676 OM_uint32 gss_create_empty_oid_set (
677 OM_uint32 *, /* minor_status */
678 gss_OID_set * /* oid_set */
681 OM_uint32 gss_add_oid_set_member (
682 OM_uint32 *, /* minor_status */
683 const gss_OID, /* member_oid */
684 gss_OID_set * /* oid_set */
687 OM_uint32 gss_test_oid_set_member (
688 OM_uint32 *, /* minor_status */
689 const gss_OID, /* member */
690 const gss_OID_set, /* set */
694 OM_uint32 gss_inquire_names_for_mech (
695 OM_uint32 *, /* minor_status */
696 const gss_OID, /* mechanism */
697 gss_OID_set * /* name_types */
700 OM_uint32 gss_inquire_mechs_for_name (
701 OM_uint32 *, /* minor_status */
702 const gss_name_t, /* input_name */
703 gss_OID_set * /* mech_types */
706 OM_uint32 gss_canonicalize_name (
707 OM_uint32 *, /* minor_status */
708 const gss_name_t, /* input_name */
709 const gss_OID, /* mech_type */
710 gss_name_t * /* output_name */
713 OM_uint32 gss_duplicate_name (
714 OM_uint32 *, /* minor_status */
715 const gss_name_t, /* src_name */
716 gss_name_t * /* dest_name */
720 * The following routines are obsolete variants of gss_get_mic,
721 * gss_verify_mic, gss_wrap and gss_unwrap. They should be
722 * provided by GSS-API V2 implementations for backwards
723 * compatibility with V1 applications. Distinct entrypoints
724 * (as opposed to #defines) should be provided, both to allow
725 * GSS-API V1 applications to link against GSS-API V2 implementations,
726 * and to retain the slight parameter type differences between the
727 * obsolete versions of these routines and their current forms.
731 (OM_uint32 *, /* minor_status */
732 gss_ctx_id_t, /* context_handle */
734 gss_buffer_t, /* message_buffer */
735 gss_buffer_t /* message_token */
740 (OM_uint32 *, /* minor_status */
741 gss_ctx_id_t, /* context_handle */
742 gss_buffer_t, /* message_buffer */
743 gss_buffer_t, /* token_buffer */
744 int * /* qop_state */
748 (OM_uint32 *, /* minor_status */
749 gss_ctx_id_t, /* context_handle */
750 int, /* conf_req_flag */
752 gss_buffer_t, /* input_message_buffer */
753 int *, /* conf_state */
754 gss_buffer_t /* output_message_buffer */
759 (OM_uint32 *, /* minor_status */
760 gss_ctx_id_t, /* context_handle */
761 gss_buffer_t, /* input_message_buffer */
762 gss_buffer_t, /* output_message_buffer */
763 int *, /* conf_state */
764 int * /* qop_state */
768 * Other extensions and helper functions.
772 (const gss_OID, /* first OID to compare */
773 const gss_OID /* second OID to compare */
776 OM_uint32 gss_release_oid
777 (OM_uint32 *, /* minor status */
778 gss_OID * /* oid to free */
781 OM_uint32 gss_decapsulate_token
782 (const gss_buffer_t, /* mechanism independent token */
783 gss_OID, /* desired mechanism */
784 gss_buffer_t /* decapsulated mechanism dependent token */
787 OM_uint32 gss_encapsulate_token
788 (const gss_buffer_t, /* mechanism dependent token */
789 gss_OID, /* desired mechanism */
790 gss_buffer_t /* encapsulated mechanism independent token */
793 OM_uint32 gss_duplicate_oid
794 (OM_uint32 *, /* minor status */
795 const gss_OID, /* oid to copy */
796 gss_OID * /* result */
799 OM_uint32 gss_oid_to_str
800 (OM_uint32 *, /* minor status */
801 gss_OID, /* oid to convert */
802 gss_buffer_t /* buffer to contain string */
805 typedef struct gss_buffer_set_desc_struct {
807 gss_buffer_desc *elements;
808 } gss_buffer_set_desc, *gss_buffer_set_t;
810 #define GSS_C_NO_BUFFER_SET ((gss_buffer_set_t) 0)
812 OM_uint32 gss_create_empty_buffer_set
813 (OM_uint32 *, /* minor status */
814 gss_buffer_set_t * /* location for new buffer set */
817 OM_uint32 gss_add_buffer_set_member
818 (OM_uint32 *, /* minor status */
819 gss_buffer_t, /* buffer to add */
820 gss_buffer_set_t * /* set to add to */
823 OM_uint32 gss_release_buffer_set
824 (OM_uint32 *, /* minor status */
825 gss_buffer_set_t * /* set to release */
828 OM_uint32 gss_inquire_sec_context_by_oid
829 (OM_uint32 *, /* minor_status */
830 const gss_ctx_id_t, /* context_handle */
831 const gss_OID, /* desired_object */
832 gss_buffer_set_t * /* result */
835 OM_uint32 gss_inquire_cred_by_oid
836 (OM_uint32 *, /* minor_status */
837 const gss_cred_id_t, /* cred_handle */
838 const gss_OID, /* desired_object */
839 gss_buffer_set_t * /* result */
842 OM_uint32 gss_set_sec_context_option
843 (OM_uint32 *, /* minor status */
844 gss_ctx_id_t *, /* context */
845 const gss_OID, /* option to set */
846 const gss_buffer_t /* option value */
849 OM_uint32 gss_set_cred_option
850 (OM_uint32 *, /* minor status */
851 gss_cred_id_t *, /* cred */
852 const gss_OID, /* option to set */
853 const gss_buffer_t /* option value */
856 OM_uint32 gss_pseudo_random
857 (OM_uint32 *, /* minor status */
858 gss_ctx_id_t, /* context handle */
859 int prf_key, /* XXX */
860 const gss_buffer_t, /* data to seed generator */
861 ssize_t, /* amount of data required */
862 gss_buffer_t /* buffer for result */
865 #ifdef _UID_T_DECLARED
866 OM_uint32 gss_pname_to_uid
867 (OM_uint32 *, /* minor status */
868 const gss_name_t pname, /* principal name */
869 const gss_OID mech, /* mechanism to query */
870 uid_t *uidp /* pointer to UID for result */
876 #endif /* _GSSAPI_GSSAPI_H_ */