[BACK]Return to gssapi.h CVS log [TXT][DIR] Up to [cvs.NetBSD.org] / src / external / mpl / bind / dist / lib / dns / include / dst

Annotation of src/external/mpl/bind/dist/lib/dns/include/dst/gssapi.h, Revision 1.2.2.3

1.2.2.3 ! pgoyette    1: /*     $NetBSD: gssapi.h,v 1.2.2.2 2018/09/06 06:55:01 pgoyette Exp $  */
1.2.2.2   pgoyette    2:
                      3: /*
                      4:  * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
                      5:  *
                      6:  * This Source Code Form is subject to the terms of the Mozilla Public
                      7:  * License, v. 2.0. If a copy of the MPL was not distributed with this
                      8:  * file, You can obtain one at http://mozilla.org/MPL/2.0/.
                      9:  *
                     10:  * See the COPYRIGHT file distributed with this work for additional
                     11:  * information regarding copyright ownership.
                     12:  */
                     13:
                     14:
                     15: #ifndef DST_GSSAPI_H
                     16: #define DST_GSSAPI_H 1
                     17:
                     18: /*! \file dst/gssapi.h */
                     19:
1.2.2.3 ! pgoyette   20: #include <inttypes.h>
        !            21: #include <stdbool.h>
        !            22:
1.2.2.2   pgoyette   23: #include <isc/formatcheck.h>
                     24: #include <isc/lang.h>
                     25: #include <isc/platform.h>
                     26: #include <isc/types.h>
                     27: #include <dns/types.h>
                     28:
                     29: #ifdef GSSAPI
                     30: #ifdef WIN32
                     31: /*
                     32:  * MSVC does not like macros in #include lines.
                     33:  */
                     34: #include <gssapi/gssapi.h>
                     35: #include <gssapi/gssapi_krb5.h>
                     36: #else
                     37: #include ISC_PLATFORM_GSSAPIHEADER
                     38: #ifdef ISC_PLATFORM_GSSAPI_KRB5_HEADER
                     39: #include ISC_PLATFORM_GSSAPI_KRB5_HEADER
                     40: #endif
                     41: #endif
                     42: #ifndef GSS_SPNEGO_MECHANISM
                     43: #define GSS_SPNEGO_MECHANISM ((void*)0)
                     44: #endif
                     45: #endif
                     46:
                     47: ISC_LANG_BEGINDECLS
                     48:
                     49: /***
                     50:  *** Types
                     51:  ***/
                     52:
                     53: /***
                     54:  *** Functions
                     55:  ***/
                     56:
                     57: isc_result_t
1.2.2.3 ! pgoyette   58: dst_gssapi_acquirecred(const dns_name_t *name, bool initiate,
1.2.2.2   pgoyette   59:                       gss_cred_id_t *cred);
                     60: /*
                     61:  *     Acquires GSS credentials.
                     62:  *
                     63:  *     Requires:
                     64:  *     'name'      is a valid name, preferably one known by the GSS provider
                     65:  *     'initiate'  indicates whether the credentials are for initiating or
                     66:  *                 accepting contexts
                     67:  *      'cred'      is a pointer to NULL, which will be allocated with the
                     68:  *                 credential handle.  Call dst_gssapi_releasecred to free
                     69:  *                 the memory.
                     70:  *
                     71:  *     Returns:
                     72:  *             ISC_R_SUCCESS msg was successfully updated to include the
                     73:  *                                   query to be sent
                     74:  *             other             an error occurred while building the message
                     75:  */
                     76:
                     77: isc_result_t
                     78: dst_gssapi_releasecred(gss_cred_id_t *cred);
                     79: /*
                     80:  *     Releases GSS credentials.  Calling this function does release the
                     81:  *  memory allocated for the credential in dst_gssapi_acquirecred()
                     82:  *
                     83:  *     Requires:
                     84:  *      'mctx'  is a valid memory context
                     85:  *      'cred'  is a pointer to the credential to be released
                     86:  *
                     87:  *     Returns:
                     88:  *             ISC_R_SUCCESS   credential was released successfully
                     89:  *             other           an error occurred while releaseing
                     90:  *                             the credential
                     91:  */
                     92:
                     93: isc_result_t
                     94: dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken,
                     95:                   isc_buffer_t *outtoken, gss_ctx_id_t *gssctx,
                     96:                   isc_mem_t *mctx, char **err_message);
                     97: /*
                     98:  *     Initiates a GSS context.
                     99:  *
                    100:  *     Requires:
                    101:  *     'name'     is a valid name, preferably one known by the GSS
                    102:  *     provider
                    103:  *     'intoken'  is a token received from the acceptor, or NULL if
                    104:  *                there isn't one
                    105:  *     'outtoken' is a buffer to receive the token generated by
                    106:  *                gss_init_sec_context() to be sent to the acceptor
                    107:  *      'context'  is a pointer to a valid gss_ctx_id_t
                    108:  *                 (which may have the value GSS_C_NO_CONTEXT)
                    109:  *
                    110:  *     Returns:
                    111:  *             ISC_R_SUCCESS   msg was successfully updated to include the
                    112:  *                             query to be sent
                    113:  *             other           an error occurred while building the message
                    114:  *             *err_message    optional error message
                    115:  */
                    116:
                    117: isc_result_t
                    118: dst_gssapi_acceptctx(gss_cred_id_t cred,
                    119:                     const char *gssapi_keytab,
                    120:                     isc_region_t *intoken, isc_buffer_t **outtoken,
                    121:                     gss_ctx_id_t *context, dns_name_t *principal,
                    122:                     isc_mem_t *mctx);
                    123: /*
                    124:  *     Accepts a GSS context.
                    125:  *
                    126:  *     Requires:
                    127:  *     'mctx'     is a valid memory context
                    128:  *      'cred'     is the acceptor's valid GSS credential handle
                    129:  *     'intoken'  is a token received from the initiator
                    130:  *     'outtoken' is a pointer a buffer pointer used to return the token
                    131:  *                generated by gss_accept_sec_context() to be sent to the
                    132:  *                initiator
                    133:  *      'context'  is a valid pointer to receive the generated context handle.
                    134:  *                 On the initial call, it should be a pointer to NULL, which
                    135:  *                will be allocated as a gss_ctx_id_t.  Subsequent calls
                    136:  *                should pass in the handle generated on the first call.
                    137:  *                Call dst_gssapi_releasecred to delete the context and free
                    138:  *                the memory.
                    139:  *
                    140:  *     Requires:
                    141:  *             'outtoken' to != NULL && *outtoken == NULL.
                    142:  *
                    143:  *     Returns:
                    144:  *             ISC_R_SUCCESS   msg was successfully updated to include the
                    145:  *                             query to be sent
                    146:  *             DNS_R_CONTINUE  transaction still in progress
                    147:  *             other           an error occurred while building the message
                    148:  */
                    149:
                    150: isc_result_t
                    151: dst_gssapi_deletectx(isc_mem_t *mctx, gss_ctx_id_t *gssctx);
                    152: /*
                    153:  *     Destroys a GSS context.  This function deletes the context from the GSS
                    154:  *     provider and then frees the memory used by the context pointer.
                    155:  *
                    156:  *     Requires:
                    157:  *      'mctx'    is a valid memory context
                    158:  *     'context' is a valid GSS context
                    159:  *
                    160:  *     Returns:
                    161:  *             ISC_R_SUCCESS
                    162:  */
                    163:
                    164:
                    165: void
                    166: gss_log(int level, const char *fmt, ...)
                    167: ISC_FORMAT_PRINTF(2, 3);
                    168: /*
                    169:  * Logging function for GSS.
                    170:  *
                    171:  *  Requires
                    172:  *      'level' is the log level to be used, as an integer
                    173:  *      'fmt'   is a printf format specifier
                    174:  */
                    175:
                    176: char *
1.2.2.3 ! pgoyette  177: gss_error_tostring(uint32_t major, uint32_t minor,
1.2.2.2   pgoyette  178:                   char *buf, size_t buflen);
                    179: /*
                    180:  *     Render a GSS major status/minor status pair into a string
                    181:  *
                    182:  *     Requires:
                    183:  *      'major' is a GSS major status code
                    184:  *     'minor' is a GSS minor status code
                    185:  *
                    186:  *     Returns:
                    187:  *             A string containing the text representation of the error codes.
                    188:  *             Users should copy the string if they wish to keep it.
                    189:  */
                    190:
1.2.2.3 ! pgoyette  191: bool
1.2.2.2   pgoyette  192: dst_gssapi_identitymatchesrealmkrb5(const dns_name_t *signer,
                    193:                                    const dns_name_t *name,
1.2.2.3 ! pgoyette  194:                                    const dns_name_t *realm,
        !           195:                                    bool subdomain);
1.2.2.2   pgoyette  196: /*
                    197:  *     Compare a "signer" (in the format of a Kerberos-format Kerberos5
                    198:  *     principal: host/example.com@EXAMPLE.COM) to the realm name stored
                    199:  *     in "name" (which represents the realm name).
                    200:  *
                    201:  */
                    202:
1.2.2.3 ! pgoyette  203: bool
1.2.2.2   pgoyette  204: dst_gssapi_identitymatchesrealmms(const dns_name_t *signer,
                    205:                                  const dns_name_t *name,
1.2.2.3 ! pgoyette  206:                                  const dns_name_t *realm,
        !           207:                                  bool subdomain);
1.2.2.2   pgoyette  208: /*
                    209:  *     Compare a "signer" (in the format of a Kerberos-format Kerberos5
                    210:  *     principal: host/example.com@EXAMPLE.COM) to the realm name stored
                    211:  *     in "name" (which represents the realm name).
                    212:  *
                    213:  */
                    214:
                    215: ISC_LANG_ENDDECLS
                    216:
                    217: #endif /* DST_GSSAPI_H */

CVSweb <webmaster@jp.NetBSD.org>