OpenCores
URL https://opencores.org/ocsvn/openrisc/openrisc/trunk

Subversion Repositories openrisc

[/] [openrisc/] [trunk/] [gnu-old/] [newlib-1.17.0/] [newlib/] [libc/] [sys/] [linux/] [include/] [rpc/] [auth.h] - Blame information for rev 816

Details | Compare with Previous | View Log

Line No. Rev Author Line
1 148 jeremybenn
/*      $NetBSD: auth.h,v 1.15 2000/06/02 22:57:55 fvdl Exp $   */
2
 
3
/*
4
 * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
5
 * unrestricted use provided that this legend is included on all tape
6
 * media and as a part of the software program in whole or part.  Users
7
 * may copy or modify Sun RPC without charge, but are not authorized
8
 * to license or distribute it to anyone else except as part of a product or
9
 * program developed by the user.
10
 *
11
 * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
12
 * WARRANTIES OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR
13
 * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
14
 *
15
 * Sun RPC is provided with no support and without any obligation on the
16
 * part of Sun Microsystems, Inc. to assist in its use, correction,
17
 * modification or enhancement.
18
 *
19
 * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
20
 * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
21
 * OR ANY PART THEREOF.
22
 *
23
 * In no event will Sun Microsystems, Inc. be liable for any lost revenue
24
 * or profits or other special, indirect and consequential damages, even if
25
 * Sun has been advised of the possibility of such damages.
26
 *
27
 * Sun Microsystems, Inc.
28
 * 2550 Garcia Avenue
29
 * Mountain View, California  94043
30
 *
31
 *      from: @(#)auth.h 1.17 88/02/08 SMI
32
 *      from: @(#)auth.h        2.3 88/08/07 4.0 RPCSRC
33
 *      from: @(#)auth.h        1.43    98/02/02 SMI
34
 * $FreeBSD: src/include/rpc/auth.h,v 1.19 2002/03/23 17:24:55 imp Exp $
35
 */
36
 
37
/*
38
 * auth.h, Authentication interface.
39
 *
40
 * Copyright (C) 1984, Sun Microsystems, Inc.
41
 *
42
 * The data structures are completely opaque to the client.  The client
43
 * is required to pass a AUTH * to routines that create rpc
44
 * "sessions".
45
 */
46
 
47
#ifndef _RPC_AUTH_H
48
#define _RPC_AUTH_H
49
#include <rpc/xdr.h>
50
#include <rpc/clnt_stat.h>
51
#include <sys/cdefs.h>
52
#include <sys/socket.h>
53
 
54
#define MAX_AUTH_BYTES  400
55
#define MAXNETNAMELEN   255     /* maximum length of network user's name */
56
 
57
/*
58
 *  Client side authentication/security data
59
 */
60
 
61
typedef struct sec_data {
62
        u_int   secmod;         /* security mode number e.g. in nfssec.conf */
63
        u_int   rpcflavor;      /* rpc flavors:AUTH_UNIX,AUTH_DES,RPCSEC_GSS */
64
        int     flags;          /* AUTH_F_xxx flags */
65
        caddr_t data;           /* opaque data per flavor */
66
} sec_data_t;
67
 
68
#ifdef _SYSCALL32_IMPL
69
struct sec_data32 {
70
        uint32_t secmod;        /* security mode number e.g. in nfssec.conf */
71
        uint32_t rpcflavor;     /* rpc flavors:AUTH_UNIX,AUTH_DES,RPCSEC_GSS */
72
        int32_t flags;          /* AUTH_F_xxx flags */
73
        caddr32_t data;         /* opaque data per flavor */
74
};
75
#endif /* _SYSCALL32_IMPL */
76
 
77
/*
78
 * AUTH_DES flavor specific data from sec_data opaque data field.
79
 * AUTH_KERB has the same structure.
80
 */
81
typedef struct des_clnt_data {
82
        struct netbuf   syncaddr;       /* time sync addr */
83
        struct knetconfig *knconf;      /* knetconfig info that associated */
84
                                        /* with the syncaddr. */
85
        char            *netname;       /* server's netname */
86
        int             netnamelen;     /* server's netname len */
87
} dh_k4_clntdata_t;
88
 
89
#ifdef _SYSCALL32_IMPL
90
struct des_clnt_data32 {
91
        struct netbuf32 syncaddr;       /* time sync addr */
92
        caddr32_t knconf;               /* knetconfig info that associated */
93
                                        /* with the syncaddr. */
94
        caddr32_t netname;              /* server's netname */
95
        int32_t netnamelen;             /* server's netname len */
96
};
97
#endif /* _SYSCALL32_IMPL */
98
 
99
#ifdef KERBEROS
100
/*
101
 * flavor specific data to hold the data for AUTH_DES/AUTH_KERB(v4)
102
 * in sec_data->data opaque field.
103
 */
104
typedef struct krb4_svc_data {
105
        int             window;         /* window option value */
106
} krb4_svcdata_t;
107
 
108
typedef struct krb4_svc_data    des_svcdata_t;
109
#endif /* KERBEROS */
110
 
111
/*
112
 * authentication/security specific flags
113
 */
114
#define AUTH_F_RPCTIMESYNC      0x001   /* use RPC to do time sync */
115
#define AUTH_F_TRYNONE          0x002   /* allow fall back to AUTH_NONE */
116
 
117
 
118
/*
119
 * Status returned from authentication check
120
 */
121
enum auth_stat {
122
        AUTH_OK=0,
123
        /*
124
         * failed at remote end
125
         */
126
        AUTH_BADCRED=1,                 /* bogus credentials (seal broken) */
127
        AUTH_REJECTEDCRED=2,            /* client should begin new session */
128
        AUTH_BADVERF=3,                 /* bogus verifier (seal broken) */
129
        AUTH_REJECTEDVERF=4,            /* verifier expired or was replayed */
130
        AUTH_TOOWEAK=5,                 /* rejected due to security reasons */
131
        /*
132
         * failed locally
133
        */
134
        AUTH_INVALIDRESP=6,             /* bogus response verifier */
135
        AUTH_FAILED=7                   /* some unknown reason */
136
#ifdef KERBEROS
137
        /*
138
         * kerberos errors
139
         */
140
        ,
141
        AUTH_KERB_GENERIC = 8,          /* kerberos generic error */
142
        AUTH_TIMEEXPIRE = 9,            /* time of credential expired */
143
        AUTH_TKT_FILE = 10,             /* something wrong with ticket file */
144
        AUTH_DECODE = 11,                       /* can't decode authenticator */
145
        AUTH_NET_ADDR = 12              /* wrong net address in ticket */
146
#endif /* KERBEROS */
147
};
148
 
149
union des_block {
150
        struct {
151
                uint32_t high;
152
                uint32_t low;
153
        } key;
154
        char c[8];
155
};
156
typedef union des_block des_block;
157
__BEGIN_DECLS
158
extern bool_t xdr_des_block(XDR *, des_block *);
159
__END_DECLS
160
 
161
/*
162
 * Authentication info.  Opaque to client.
163
 */
164
struct opaque_auth {
165
        enum_t  oa_flavor;              /* flavor of auth */
166
        caddr_t oa_base;                /* address of more auth stuff */
167
        u_int   oa_length;              /* not to exceed MAX_AUTH_BYTES */
168
};
169
 
170
 
171
/*
172
 * Auth handle, interface to client side authenticators.
173
 */
174
typedef struct __auth {
175
        struct  opaque_auth     ah_cred;
176
        struct  opaque_auth     ah_verf;
177
        union   des_block       ah_key;
178
        struct auth_ops {
179
                void    (*ah_nextverf) (struct __auth *);
180
                /* nextverf & serialize */
181
                int     (*ah_marshal) (struct __auth *, XDR *);
182
                /* validate verifier */
183
                int     (*ah_validate) (struct __auth *,
184
                            struct opaque_auth *);
185
                /* refresh credentials */
186
                int     (*ah_refresh) (struct __auth *, void *);
187
                /* destroy this structure */
188
                void    (*ah_destroy) (struct __auth *);
189
        } *ah_ops;
190
        void *ah_private;
191
} AUTH;
192
 
193
 
194
/*
195
 * Authentication ops.
196
 * The ops and the auth handle provide the interface to the authenticators.
197
 *
198
 * AUTH *auth;
199
 * XDR  *xdrs;
200
 * struct opaque_auth verf;
201
 */
202
#define AUTH_NEXTVERF(auth)             \
203
                ((*((auth)->ah_ops->ah_nextverf))(auth))
204
#define auth_nextverf(auth)             \
205
                ((*((auth)->ah_ops->ah_nextverf))(auth))
206
 
207
#define AUTH_MARSHALL(auth, xdrs)       \
208
                ((*((auth)->ah_ops->ah_marshal))(auth, xdrs))
209
#define auth_marshall(auth, xdrs)       \
210
                ((*((auth)->ah_ops->ah_marshal))(auth, xdrs))
211
 
212
#define AUTH_VALIDATE(auth, verfp)      \
213
                ((*((auth)->ah_ops->ah_validate))((auth), verfp))
214
#define auth_validate(auth, verfp)      \
215
                ((*((auth)->ah_ops->ah_validate))((auth), verfp))
216
 
217
#define AUTH_REFRESH(auth, msg)         \
218
                ((*((auth)->ah_ops->ah_refresh))(auth, msg))
219
#define auth_refresh(auth, msg)         \
220
                ((*((auth)->ah_ops->ah_refresh))(auth, msg))
221
 
222
#define AUTH_DESTROY(auth)              \
223
                ((*((auth)->ah_ops->ah_destroy))(auth))
224
#define auth_destroy(auth)              \
225
                ((*((auth)->ah_ops->ah_destroy))(auth))
226
 
227
 
228
__BEGIN_DECLS
229
extern struct opaque_auth _null_auth;
230
__END_DECLS
231
 
232
/*
233
 * These are the various implementations of client side authenticators.
234
 */
235
 
236
/*
237
 * System style authentication
238
 * AUTH *authunix_create(machname, uid, gid, len, aup_gids)
239
 *      char *machname;
240
 *      int uid;
241
 *      int gid;
242
 *      int len;
243
 *      int *aup_gids;
244
 */
245
__BEGIN_DECLS
246
extern AUTH *authunix_create(char *, int, int, int,
247
    int *);
248
extern AUTH *authunix_create_default(void);     /* takes no parameters */
249
extern AUTH *authnone_create(void);             /* takes no parameters */
250
__END_DECLS
251
/*
252
 * DES style authentication
253
 * AUTH *authsecdes_create(servername, window, timehost, ckey)
254
 *      char *servername;               - network name of server
255
 *      u_int window;                   - time to live
256
 *      const char *timehost;                   - optional hostname to sync with
257
 *      des_block *ckey;                - optional conversation key to use
258
 */
259
__BEGIN_DECLS
260
extern AUTH *authdes_create (char *, u_int, struct sockaddr *, des_block *);
261
extern AUTH *authdes_seccreate (const char *, const u_int, const  char *,
262
    const  des_block *);
263
__END_DECLS
264
 
265
__BEGIN_DECLS
266
extern bool_t xdr_opaque_auth           (XDR *, struct opaque_auth *);
267
__END_DECLS
268
 
269
#define authsys_create(c,i1,i2,i3,ip) authunix_create((c),(i1),(i2),(i3),(ip))
270
#define authsys_create_default() authunix_create_default()
271
 
272
/*
273
 * Netname manipulation routines.
274
 */
275
__BEGIN_DECLS
276
extern int getnetname(char *);
277
extern int host2netname(char *, const char *, const char *);
278
extern int user2netname(char *, const uid_t, const char *);
279
extern int netname2user(char *, uid_t *, gid_t *, int *, gid_t *);
280
extern int netname2host(char *, char *, const int);
281
extern void passwd2des ( char *, char * );
282
__END_DECLS
283
 
284
/*
285
 *
286
 * These routines interface to the keyserv daemon
287
 *
288
 */
289
__BEGIN_DECLS
290
extern int key_decryptsession(const char *, des_block *);
291
extern int key_encryptsession(const char *, des_block *);
292
extern int key_gendes(des_block *);
293
extern int key_setsecret(const char *);
294
extern int key_secretkey_is_set(void);
295
__END_DECLS
296
 
297
/*
298
 * Publickey routines.
299
 */
300
__BEGIN_DECLS
301
extern int getpublickey (const char *, char *);
302
extern int getpublicandprivatekey (char *, char *);
303
extern int getsecretkey (char *, char *, char *);
304
__END_DECLS
305
 
306
#ifdef KERBEROS
307
/*
308
 * Kerberos style authentication
309
 * AUTH *authkerb_seccreate(service, srv_inst, realm, window, timehost, status)
310
 *      const char *service;                    - service name
311
 *      const char *srv_inst;                   - server instance
312
 *      const char *realm;                      - server realm
313
 *      const u_int window;                     - time to live
314
 *      const char *timehost;                   - optional hostname to sync with
315
 *      int *status;                            - kerberos status returned
316
 */
317
__BEGIN_DECLS
318
extern AUTH     *authkerb_seccreate(const char *, const char *, const  char *,
319
                    const u_int, const char *, int *);
320
__END_DECLS
321
 
322
/*
323
 * Map a kerberos credential into a unix cred.
324
 *
325
 *      authkerb_getucred(rqst, uid, gid, grouplen, groups)
326
 *      const struct svc_req *rqst;             - request pointer
327
 *      uid_t *uid;
328
 *      gid_t *gid;
329
 *      short *grouplen;
330
 *      int *groups;
331
 *
332
 */
333
__BEGIN_DECLS
334
extern int      authkerb_getucred(/* struct svc_req *, uid_t *, gid_t *,
335
                    short *, int * */);
336
__END_DECLS
337
#endif /* KERBEROS */
338
 
339
__BEGIN_DECLS
340
struct svc_req;
341
struct rpc_msg;
342
enum auth_stat _svcauth_null (struct svc_req *, struct rpc_msg *);
343
enum auth_stat _svcauth_short (struct svc_req *, struct rpc_msg *);
344
enum auth_stat _svcauth_unix (struct svc_req *, struct rpc_msg *);
345
__END_DECLS
346
 
347
#define AUTH_NONE       0                /* no authentication */
348
#define AUTH_NULL       0                /* backward compatibility */
349
#define AUTH_SYS        1               /* unix style (uid, gids) */
350
#define AUTH_UNIX       AUTH_SYS
351
#define AUTH_SHORT      2               /* short hand unix style */
352
#define AUTH_DH         3               /* for Diffie-Hellman mechanism */
353
#define AUTH_DES        AUTH_DH         /* for backward compatibility */
354
#define AUTH_KERB       4               /* kerberos style */
355
 
356
#endif /* !_RPC_AUTH_H */

powered by: WebSVN 2.1.0

© copyright 1999-2024 OpenCores.org, equivalent to Oliscience, all rights reserved. OpenCores®, registered trademark.