OpenCores
URL https://opencores.org/ocsvn/openrisc/openrisc/trunk

Subversion Repositories openrisc

[/] [openrisc/] [trunk/] [gnu-stable/] [newlib-1.18.0/] [newlib/] [libc/] [sys/] [linux/] [include/] [rpc/] [auth.h] - Blame information for rev 859

Go to most recent revision | Details | Compare with Previous | View Log

Line No. Rev Author Line
1 207 jeremybenn 
/*      $NetBSD: auth.h,v 1.15 2000/06/02 22:57:55 fvdl Exp $   */
2 
 
3 
/*
4 
 * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
5 
 * unrestricted use provided that this legend is included on all tape
6 
 * media and as a part of the software program in whole or part.  Users
7 
 * may copy or modify Sun RPC without charge, but are not authorized
8 
 * to license or distribute it to anyone else except as part of a product or
9 
 * program developed by the user.
10 
 *
11 
 * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
12 
 * WARRANTIES OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR
13 
 * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
14 
 *
15 
 * Sun RPC is provided with no support and without any obligation on the
16 
 * part of Sun Microsystems, Inc. to assist in its use, correction,
17 
 * modification or enhancement.
18 
 *
19 
 * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
20 
 * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
21 
 * OR ANY PART THEREOF.
22 
 *
23 
 * In no event will Sun Microsystems, Inc. be liable for any lost revenue
24 
 * or profits or other special, indirect and consequential damages, even if
25 
 * Sun has been advised of the possibility of such damages.
26 
 *
27 
 * Sun Microsystems, Inc.
28 
 * 2550 Garcia Avenue
29 
 * Mountain View, California  94043
30 
 *
31 
 *      from: @(#)auth.h 1.17 88/02/08 SMI
32 
 *      from: @(#)auth.h        2.3 88/08/07 4.0 RPCSRC
33 
 *      from: @(#)auth.h        1.43    98/02/02 SMI
34 
 * $FreeBSD: src/include/rpc/auth.h,v 1.19 2002/03/23 17:24:55 imp Exp $
35 
 */
36 
 
37 
/*
38 
 * auth.h, Authentication interface.
39 
 *
40 
 * Copyright (C) 1984, Sun Microsystems, Inc.
41 
 *
42 
 * The data structures are completely opaque to the client.  The client
43 
 * is required to pass a AUTH * to routines that create rpc
44 
 * "sessions".
45 
 */
46 
 
47 
#ifndef _RPC_AUTH_H
48 
#define _RPC_AUTH_H
49 
#include <rpc/xdr.h>
50 
#include <rpc/clnt_stat.h>
51 
#include <sys/cdefs.h>
52 
#include <sys/socket.h>
53 
 
54 
#define MAX_AUTH_BYTES  400
55 
#define MAXNETNAMELEN   255     /* maximum length of network user's name */
56 
 
57 
/*
58 
 *  Client side authentication/security data
59 
 */
60 
 
61 
typedef struct sec_data {
62 
        u_int   secmod;         /* security mode number e.g. in nfssec.conf */
63 
        u_int   rpcflavor;      /* rpc flavors:AUTH_UNIX,AUTH_DES,RPCSEC_GSS */
64 
        int     flags;          /* AUTH_F_xxx flags */
65 
        caddr_t data;           /* opaque data per flavor */
66 
} sec_data_t;
67 
 
68 
#ifdef _SYSCALL32_IMPL
69 
struct sec_data32 {
70 
        uint32_t secmod;        /* security mode number e.g. in nfssec.conf */
71 
        uint32_t rpcflavor;     /* rpc flavors:AUTH_UNIX,AUTH_DES,RPCSEC_GSS */
72 
        int32_t flags;          /* AUTH_F_xxx flags */
73 
        caddr32_t data;         /* opaque data per flavor */
74 
};
75 
#endif /* _SYSCALL32_IMPL */
76 
 
77 
/*
78 
 * AUTH_DES flavor specific data from sec_data opaque data field.
79 
 * AUTH_KERB has the same structure.
80 
 */
81 
typedef struct des_clnt_data {
82 
        struct netbuf   syncaddr;       /* time sync addr */
83 
        struct knetconfig *knconf;      /* knetconfig info that associated */
84 
                                        /* with the syncaddr. */
85 
        char            *netname;       /* server's netname */
86 
        int             netnamelen;     /* server's netname len */
87 
} dh_k4_clntdata_t;
88 
 
89 
#ifdef _SYSCALL32_IMPL
90 
struct des_clnt_data32 {
91 
        struct netbuf32 syncaddr;       /* time sync addr */
92 
        caddr32_t knconf;               /* knetconfig info that associated */
93 
                                        /* with the syncaddr. */
94 
        caddr32_t netname;              /* server's netname */
95 
        int32_t netnamelen;             /* server's netname len */
96 
};
97 
#endif /* _SYSCALL32_IMPL */
98 
 
99 
#ifdef KERBEROS
100 
/*
101 
 * flavor specific data to hold the data for AUTH_DES/AUTH_KERB(v4)
102 
 * in sec_data->data opaque field.
103 
 */
104 
typedef struct krb4_svc_data {
105 
        int             window;         /* window option value */
106 
} krb4_svcdata_t;
107 
 
108 
typedef struct krb4_svc_data    des_svcdata_t;
109 
#endif /* KERBEROS */
110 
 
111 
/*
112 
 * authentication/security specific flags
113 
 */
114 
#define AUTH_F_RPCTIMESYNC      0x001   /* use RPC to do time sync */
115 
#define AUTH_F_TRYNONE          0x002   /* allow fall back to AUTH_NONE */
116 
 
117 
 
118 
/*
119 
 * Status returned from authentication check
120 
 */
121 
enum auth_stat {
122 
        AUTH_OK=0,
123 
        /*
124 
         * failed at remote end
125 
         */
126 
        AUTH_BADCRED=1,                 /* bogus credentials (seal broken) */
127 
        AUTH_REJECTEDCRED=2,            /* client should begin new session */
128 
        AUTH_BADVERF=3,                 /* bogus verifier (seal broken) */
129 
        AUTH_REJECTEDVERF=4,            /* verifier expired or was replayed */
130 
        AUTH_TOOWEAK=5,                 /* rejected due to security reasons */
131 
        /*
132 
         * failed locally
133 
        */
134 
        AUTH_INVALIDRESP=6,             /* bogus response verifier */
135 
        AUTH_FAILED=7                   /* some unknown reason */
136 
#ifdef KERBEROS
137 
        /*
138 
         * kerberos errors
139 
         */
140 
        ,
141 
        AUTH_KERB_GENERIC = 8,          /* kerberos generic error */
142 
        AUTH_TIMEEXPIRE = 9,            /* time of credential expired */
143 
        AUTH_TKT_FILE = 10,             /* something wrong with ticket file */
144 
        AUTH_DECODE = 11,                       /* can't decode authenticator */
145 
        AUTH_NET_ADDR = 12              /* wrong net address in ticket */
146 
#endif /* KERBEROS */
147 
};
148 
 
149 
union des_block {
150 
        struct {
151 
                uint32_t high;
152 
                uint32_t low;
153 
        } key;
154 
        char c[8];
155 
};
156 
typedef union des_block des_block;
157 
__BEGIN_DECLS
158 
extern bool_t xdr_des_block(XDR *, des_block *);
159 
__END_DECLS
160 
 
161 
/*
162 
 * Authentication info.  Opaque to client.
163 
 */
164 
struct opaque_auth {
165 
        enum_t  oa_flavor;              /* flavor of auth */
166 
        caddr_t oa_base;                /* address of more auth stuff */
167 
        u_int   oa_length;              /* not to exceed MAX_AUTH_BYTES */
168 
};
169 
 
170 
 
171 
/*
172 
 * Auth handle, interface to client side authenticators.
173 
 */
174 
typedef struct __auth {
175 
        struct  opaque_auth     ah_cred;
176 
        struct  opaque_auth     ah_verf;
177 
        union   des_block       ah_key;
178 
        struct auth_ops {
179 
                void    (*ah_nextverf) (struct __auth *);
180 
                /* nextverf & serialize */
181 
                int     (*ah_marshal) (struct __auth *, XDR *);
182 
                /* validate verifier */
183 
                int     (*ah_validate) (struct __auth *,
184 
                            struct opaque_auth *);
185 
                /* refresh credentials */
186 
                int     (*ah_refresh) (struct __auth *, void *);
187 
                /* destroy this structure */
188 
                void    (*ah_destroy) (struct __auth *);
189 
        } *ah_ops;
190 
        void *ah_private;
191 
} AUTH;
192 
 
193 
 
194 
/*
195 
 * Authentication ops.
196 
 * The ops and the auth handle provide the interface to the authenticators.
197 
 *
198 
 * AUTH *auth;
199 
 * XDR  *xdrs;
200 
 * struct opaque_auth verf;
201 
 */
202 
#define AUTH_NEXTVERF(auth)             \
203 
                ((*((auth)->ah_ops->ah_nextverf))(auth))
204 
#define auth_nextverf(auth)             \
205 
                ((*((auth)->ah_ops->ah_nextverf))(auth))
206 
 
207 
#define AUTH_MARSHALL(auth, xdrs)       \
208 
                ((*((auth)->ah_ops->ah_marshal))(auth, xdrs))
209 
#define auth_marshall(auth, xdrs)       \
210 
                ((*((auth)->ah_ops->ah_marshal))(auth, xdrs))
211 
 
212 
#define AUTH_VALIDATE(auth, verfp)      \
213 
                ((*((auth)->ah_ops->ah_validate))((auth), verfp))
214 
#define auth_validate(auth, verfp)      \
215 
                ((*((auth)->ah_ops->ah_validate))((auth), verfp))
216 
 
217 
#define AUTH_REFRESH(auth, msg)         \
218 
                ((*((auth)->ah_ops->ah_refresh))(auth, msg))
219 
#define auth_refresh(auth, msg)         \
220 
                ((*((auth)->ah_ops->ah_refresh))(auth, msg))
221 
 
222 
#define AUTH_DESTROY(auth)              \
223 
                ((*((auth)->ah_ops->ah_destroy))(auth))
224 
#define auth_destroy(auth)              \
225 
                ((*((auth)->ah_ops->ah_destroy))(auth))
226 
 
227 
 
228 
__BEGIN_DECLS
229 
extern struct opaque_auth _null_auth;
230 
__END_DECLS
231 
 
232 
/*
233 
 * These are the various implementations of client side authenticators.
234 
 */
235 
 
236 
/*
237 
 * System style authentication
238 
 * AUTH *authunix_create(machname, uid, gid, len, aup_gids)
239 
 *      char *machname;
240 
 *      int uid;
241 
 *      int gid;
242 
 *      int len;
243 
 *      int *aup_gids;
244 
 */
245 
__BEGIN_DECLS
246 
extern AUTH *authunix_create(char *, int, int, int,
247 
    int *);
248 
extern AUTH *authunix_create_default(void);     /* takes no parameters */
249 
extern AUTH *authnone_create(void);             /* takes no parameters */
250 
__END_DECLS
251 
/*
252 
 * DES style authentication
253 
 * AUTH *authsecdes_create(servername, window, timehost, ckey)
254 
 *      char *servername;               - network name of server
255 
 *      u_int window;                   - time to live
256 
 *      const char *timehost;                   - optional hostname to sync with
257 
 *      des_block *ckey;                - optional conversation key to use
258 
 */
259 
__BEGIN_DECLS
260 
extern AUTH *authdes_create (char *, u_int, struct sockaddr *, des_block *);
261 
extern AUTH *authdes_seccreate (const char *, const u_int, const  char *,
262 
    const  des_block *);
263 
__END_DECLS
264 
 
265 
__BEGIN_DECLS
266 
extern bool_t xdr_opaque_auth           (XDR *, struct opaque_auth *);
267 
__END_DECLS
268 
 
269 
#define authsys_create(c,i1,i2,i3,ip) authunix_create((c),(i1),(i2),(i3),(ip))
270 
#define authsys_create_default() authunix_create_default()
271 
 
272 
/*
273 
 * Netname manipulation routines.
274 
 */
275 
__BEGIN_DECLS
276 
extern int getnetname(char *);
277 
extern int host2netname(char *, const char *, const char *);
278 
extern int user2netname(char *, const uid_t, const char *);
279 
extern int netname2user(char *, uid_t *, gid_t *, int *, gid_t *);
280 
extern int netname2host(char *, char *, const int);
281 
extern void passwd2des ( char *, char * );
282 
__END_DECLS
283 
 
284 
/*
285 
 *
286 
 * These routines interface to the keyserv daemon
287 
 *
288 
 */
289 
__BEGIN_DECLS
290 
extern int key_decryptsession(const char *, des_block *);
291 
extern int key_encryptsession(const char *, des_block *);
292 
extern int key_gendes(des_block *);
293 
extern int key_setsecret(const char *);
294 
extern int key_secretkey_is_set(void);
295 
__END_DECLS
296 
 
297 
/*
298 
 * Publickey routines.
299 
 */
300 
__BEGIN_DECLS
301 
extern int getpublickey (const char *, char *);
302 
extern int getpublicandprivatekey (char *, char *);
303 
extern int getsecretkey (char *, char *, char *);
304 
__END_DECLS
305 
 
306 
#ifdef KERBEROS
307 
/*
308 
 * Kerberos style authentication
309 
 * AUTH *authkerb_seccreate(service, srv_inst, realm, window, timehost, status)
310 
 *      const char *service;                    - service name
311 
 *      const char *srv_inst;                   - server instance
312 
 *      const char *realm;                      - server realm
313 
 *      const u_int window;                     - time to live
314 
 *      const char *timehost;                   - optional hostname to sync with
315 
 *      int *status;                            - kerberos status returned
316 
 */
317 
__BEGIN_DECLS
318 
extern AUTH     *authkerb_seccreate(const char *, const char *, const  char *,
319 
                    const u_int, const char *, int *);
320 
__END_DECLS
321 
 
322 
/*
323 
 * Map a kerberos credential into a unix cred.
324 
 *
325 
 *      authkerb_getucred(rqst, uid, gid, grouplen, groups)
326 
 *      const struct svc_req *rqst;             - request pointer
327 
 *      uid_t *uid;
328 
 *      gid_t *gid;
329 
 *      short *grouplen;
330 
 *      int *groups;
331 
 *
332 
 */
333 
__BEGIN_DECLS
334 
extern int      authkerb_getucred(/* struct svc_req *, uid_t *, gid_t *,
335 
                    short *, int * */);
336 
__END_DECLS
337 
#endif /* KERBEROS */
338 
 
339 
__BEGIN_DECLS
340 
struct svc_req;
341 
struct rpc_msg;
342 
enum auth_stat _svcauth_null (struct svc_req *, struct rpc_msg *);
343 
enum auth_stat _svcauth_short (struct svc_req *, struct rpc_msg *);
344 
enum auth_stat _svcauth_unix (struct svc_req *, struct rpc_msg *);
345 
__END_DECLS
346 
 
347 
#define AUTH_NONE       0                /* no authentication */
348 
#define AUTH_NULL       0                /* backward compatibility */
349 
#define AUTH_SYS        1               /* unix style (uid, gids) */
350 
#define AUTH_UNIX       AUTH_SYS
351 
#define AUTH_SHORT      2               /* short hand unix style */
352 
#define AUTH_DH         3               /* for Diffie-Hellman mechanism */
353 
#define AUTH_DES        AUTH_DH         /* for backward compatibility */
354 
#define AUTH_KERB       4               /* kerberos style */
355 
 
356 
#endif /* !_RPC_AUTH_H */

powered by: WebSVN 2.1.0

© copyright 1999-2024 OpenCores.org, equivalent to Oliscience, all rights reserved. OpenCores®, registered trademark.