205 gss_OID*, /* actual_mech_type */
206 gss_buffer_t, /* output_token */
207 OM_uint32 *, /* ret_flags */
208 OM_uint32 * /* time_rec */
209 /* */);
210 OM_uint32 (*gss_accept_sec_context)
211 (
212 void *, /* context */
213 OM_uint32 *, /* minor_status */
214 gss_ctx_id_t *, /* context_handle */
215 const gss_cred_id_t, /* verifier_cred_handle */
216 const gss_buffer_t, /* input_token_buffer */
217 const gss_channel_bindings_t, /* input_chan_bindings */
218 gss_name_t *, /* src_name */
219 gss_OID*, /* mech_type */
220 gss_buffer_t, /* output_token */
221 OM_uint32 *, /* ret_flags */
222 OM_uint32 *, /* time_rec */
223 gss_cred_id_t * /* delegated_cred_handle */
224 /* */);
225 /* EXPORT DELETE START */ /* CRYPT DELETE START */
226 #endif /* ! _KERNEL */
227
228 /*
229 * Note: there are two gss_unseal's in here. Make any changes to both.
230 */
231 OM_uint32 (*gss_unseal)
232 (
233 void *, /* context */
234 OM_uint32 *, /* minor_status */
235 const gss_ctx_id_t, /* context_handle */
236 const gss_buffer_t, /* input_message_buffer */
237 gss_buffer_t, /* output_message_buffer */
238 int *, /* conf_state */
239 int * /* qop_state */
240 #ifdef _KERNEL
241 /* */, OM_uint32
242 #endif
243 /* */);
244 #ifndef _KERNEL
245 /* EXPORT DELETE END */ /* CRYPT DELETE END */
246 OM_uint32 (*gss_process_context_token)
247 (
248 void *, /* context */
249 OM_uint32 *, /* minor_status */
250 const gss_ctx_id_t, /* context_handle */
251 const gss_buffer_t /* token_buffer */
252 /* */);
253 #endif /* ! _KERNEL */
254 OM_uint32 (*gss_delete_sec_context)
255 (
256 void *, /* context */
257 OM_uint32 *, /* minor_status */
258 gss_ctx_id_t *, /* context_handle */
259 gss_buffer_t /* output_token */
260 #ifdef _KERNEL
261 /* */, OM_uint32
262 #endif
263 /* */);
264 #ifndef _KERNEL
265 OM_uint32 (*gss_context_time)
323 gss_name_t *, /* name */
324 OM_uint32 *, /* lifetime */
325 int *, /* cred_usage */
326 gss_OID_set * /* mechanisms */
327 /* */);
328 OM_uint32 (*gss_add_cred)
329 (
330 void *, /* context */
331 OM_uint32 *, /* minor_status */
332 const gss_cred_id_t, /* input_cred_handle */
333 const gss_name_t, /* desired_name */
334 const gss_OID, /* desired_mech */
335 gss_cred_usage_t, /* cred_usage */
336 OM_uint32, /* initiator_time_req */
337 OM_uint32, /* acceptor_time_req */
338 gss_cred_id_t *, /* output_cred_handle */
339 gss_OID_set *, /* actual_mechs */
340 OM_uint32 *, /* initiator_time_rec */
341 OM_uint32 * /* acceptor_time_rec */
342 /* */);
343 /* EXPORT DELETE START */ /* CRYPT DELETE START */
344 #endif /* ! _KERNEL */
345 /*
346 * Note: there are two gss_seal's in here. Make any changes to both.
347 */
348 OM_uint32 (*gss_seal)
349 (
350 void *, /* context */
351 OM_uint32 *, /* minor_status */
352 const gss_ctx_id_t, /* context_handle */
353 int, /* conf_req_flag */
354 int, /* qop_req */
355 const gss_buffer_t, /* input_message_buffer */
356 int *, /* conf_state */
357 gss_buffer_t /* output_message_buffer */
358 #ifdef _KERNEL
359 /* */, OM_uint32
360 #endif
361 /* */);
362 #ifndef _KERNEL
363 /* EXPORT DELETE END */ /* CRYPT DELETE END */
364 OM_uint32 (*gss_export_sec_context)
365 (
366 void *, /* context */
367 OM_uint32 *, /* minor_status */
368 gss_ctx_id_t *, /* context_handle */
369 gss_buffer_t /* interprocess_token */
370 /* */);
371 #endif /* ! _KERNEL */
372 OM_uint32 (*gss_import_sec_context)
373 (
374 void *, /* context */
375 OM_uint32 *, /* minor_status */
376 const gss_buffer_t, /* interprocess_token */
377 gss_ctx_id_t * /* context_handle */
378 /* */);
379 #ifndef _KERNEL
380 OM_uint32 (*gss_inquire_cred_by_mech)
381 (
382 void *, /* context */
383 OM_uint32 *, /* minor_status */
430 OM_uint32 *, /* minor_status */
431 const gss_name_t, /* pname */
432 uid_t * /* uid */
433 /* */);
434 OM_uint32 (*__gss_userok)
435 (
436 void *, /* context */
437 OM_uint32 *, /* minor_status */
438 const gss_name_t, /* pname */
439 const char *, /* local user */
440 int * /* user ok? */
441 /* */);
442 OM_uint32 (*gss_export_name)
443 (
444 void *, /* context */
445 OM_uint32 *, /* minor_status */
446 const gss_name_t, /* input_name */
447 gss_buffer_t /* exported_name */
448 /* */);
449 #endif /* ! _KERNEL */
450 /* EXPORT DELETE START */
451 /* CRYPT DELETE START */
452 /*
453 * This block comment is Sun Proprietary: Need-To-Know.
454 * What we are doing is leaving the seal and unseal entry points
455 * in an obvious place before sign and unsign for the Domestic customer
456 * of the Solaris Source Product. The Domestic customer of the Solaris Source
457 * Product will have to deal with the problem of creating exportable libgss
458 * binaries.
459 * In the binary product that Sun builds, these entry points are elsewhere,
460 * and bracketed with special comments so that the CRYPT_SRC and EXPORT_SRC
461 * targets delete them.
462 */
463 #if 0
464 /* CRYPT DELETE END */
465 OM_uint32 (*gss_seal)
466 (
467 void *, /* context */
468 OM_uint32 *, /* minor_status */
469 const gss_ctx_id_t, /* context_handle */
470 int, /* conf_req_flag */
471 int, /* qop_req */
472 const gss_buffer_t, /* input_message_buffer */
473 int *, /* conf_state */
474 gss_buffer_t /* output_message_buffer */
475 #ifdef _KERNEL
476 /* */, OM_uint32
477 #endif
478 /* */);
479 OM_uint32 (*gss_unseal)
480 (
481 void *, /* context */
482 OM_uint32 *, /* minor_status */
483 const gss_ctx_id_t, /* context_handle */
484 const gss_buffer_t, /* input_message_buffer */
485 gss_buffer_t, /* output_message_buffer */
486 int *, /* conf_state */
487 int * /* qop_state */
488 #ifdef _KERNEL
489 /* */, OM_uint32
490 #endif
491 /* */);
492 /* CRYPT DELETE START */
493 #endif /* 0 */
494 /* CRYPT DELETE END */
495 /* EXPORT DELETE END */
496 OM_uint32 (*gss_sign)
497 (
498 void *, /* context */
499 OM_uint32 *, /* minor_status */
500 const gss_ctx_id_t, /* context_handle */
501 int, /* qop_req */
502 const gss_buffer_t, /* message_buffer */
503 gss_buffer_t /* message_token */
504 #ifdef _KERNEL
505 /* */, OM_uint32
506 #endif
507 /* */);
508 OM_uint32 (*gss_verify)
509 (
510 void *, /* context */
511 OM_uint32 *, /* minor_status */
512 const gss_ctx_id_t, /* context_handle */
513 const gss_buffer_t, /* message_buffer */
514 const gss_buffer_t, /* token_buffer */
515 int * /* qop_state */
784
785 #define KGSS_ALLOC() kmem_zalloc(sizeof (struct kgss_ctx), KM_SLEEP)
786 #define KGSS_FREE(ctx) kmem_free(ctx, sizeof (struct kgss_ctx))
787
788 #define KGSS_SIGN(minor_st, ctx, qop, msg, tkn) \
789 (*(KCTX_TO_MECH(ctx)->gss_sign))(KCTX_TO_PRIVATE(ctx), minor_st, \
790 KCTX_TO_CTX(ctx), qop, msg, tkn, KCTX_TO_CTXV(ctx))
791
792 #define KGSS_VERIFY(minor_st, ctx, msg, tkn, qop) \
793 (*(KCTX_TO_MECH(ctx)->gss_verify))(KCTX_TO_PRIVATE(ctx), minor_st,\
794 KCTX_TO_CTX(ctx), msg, tkn, qop, KCTX_TO_CTXV(ctx))
795
796 #define KGSS_DELETE_SEC_CONTEXT(minor_st, ctx, int_ctx_id, tkn) \
797 (*(KCTX_TO_MECH(ctx)->gss_delete_sec_context))(KCTX_TO_PRIVATE(ctx),\
798 minor_st, int_ctx_id, tkn, KCTX_TO_CTXV(ctx))
799
800 #define KGSS_IMPORT_SEC_CONTEXT(minor_st, tkn, ctx, int_ctx_id) \
801 (*(KCTX_TO_MECH(ctx)->gss_import_sec_context))(KCTX_TO_PRIVATE(ctx),\
802 minor_st, tkn, int_ctx_id)
803
804 /* EXPORT DELETE START */
805 #define KGSS_SEAL(minor_st, ctx, conf_req, qop, msg, conf_state, tkn) \
806 (*(KCTX_TO_MECH(ctx)->gss_seal))(KCTX_TO_PRIVATE(ctx), minor_st, \
807 KCTX_TO_CTX(ctx), conf_req, qop, msg, conf_state, tkn,\
808 KCTX_TO_CTXV(ctx))
809
810 #define KGSS_UNSEAL(minor_st, ctx, msg, tkn, conf, qop) \
811 (*(KCTX_TO_MECH(ctx)->gss_unseal))(KCTX_TO_PRIVATE(ctx), minor_st,\
812 KCTX_TO_CTX(ctx), msg, tkn, conf, qop, \
813 KCTX_TO_CTXV(ctx))
814
815 /* EXPORT DELETE END */
816
817 #define KGSS_INIT_CONTEXT(ctx) krb5_init_context(ctx)
818 #define KGSS_RELEASE_OID(minor_st, oid) krb5_gss_release_oid(minor_st, oid)
819 extern OM_uint32 kgss_release_oid(OM_uint32 *, gss_OID *);
820
821 #else /* !_KERNEL */
822
823 #define KGSS_INIT_CONTEXT(ctx) krb5_gss_init_context(ctx)
824 #define KGSS_RELEASE_OID(minor_st, oid) gss_release_oid(minor_st, oid)
825
826 #define KCTX_TO_CTX(ctx) (KCTX_TO_KGSS_CTX(ctx)->gssd_ctx)
827 #define MALLOC(n) malloc(n)
828 #define FREE(x, n) free(x)
829 #define KGSS_CRED_ALLOC() (struct kgss_cred *) \
830 MALLOC(sizeof (struct kgss_cred))
831 #define KGSS_CRED_FREE(cred) free(cred)
832 #define KGSS_ALLOC() (struct kgss_ctx *)MALLOC(sizeof (struct kgss_ctx))
833 #define KGSS_FREE(ctx) free(ctx)
834
835 #define KGSS_SIGN(minor_st, ctx, qop, msg, tkn) \
836 kgss_sign_wrapped(minor_st, \
|
205 gss_OID*, /* actual_mech_type */
206 gss_buffer_t, /* output_token */
207 OM_uint32 *, /* ret_flags */
208 OM_uint32 * /* time_rec */
209 /* */);
210 OM_uint32 (*gss_accept_sec_context)
211 (
212 void *, /* context */
213 OM_uint32 *, /* minor_status */
214 gss_ctx_id_t *, /* context_handle */
215 const gss_cred_id_t, /* verifier_cred_handle */
216 const gss_buffer_t, /* input_token_buffer */
217 const gss_channel_bindings_t, /* input_chan_bindings */
218 gss_name_t *, /* src_name */
219 gss_OID*, /* mech_type */
220 gss_buffer_t, /* output_token */
221 OM_uint32 *, /* ret_flags */
222 OM_uint32 *, /* time_rec */
223 gss_cred_id_t * /* delegated_cred_handle */
224 /* */);
225 #endif /* ! _KERNEL */
226
227 /*
228 * Note: there are two gss_unseal's in here. Make any changes to both.
229 */
230 OM_uint32 (*gss_unseal)
231 (
232 void *, /* context */
233 OM_uint32 *, /* minor_status */
234 const gss_ctx_id_t, /* context_handle */
235 const gss_buffer_t, /* input_message_buffer */
236 gss_buffer_t, /* output_message_buffer */
237 int *, /* conf_state */
238 int * /* qop_state */
239 #ifdef _KERNEL
240 /* */, OM_uint32
241 #endif
242 /* */);
243 #ifndef _KERNEL
244 OM_uint32 (*gss_process_context_token)
245 (
246 void *, /* context */
247 OM_uint32 *, /* minor_status */
248 const gss_ctx_id_t, /* context_handle */
249 const gss_buffer_t /* token_buffer */
250 /* */);
251 #endif /* ! _KERNEL */
252 OM_uint32 (*gss_delete_sec_context)
253 (
254 void *, /* context */
255 OM_uint32 *, /* minor_status */
256 gss_ctx_id_t *, /* context_handle */
257 gss_buffer_t /* output_token */
258 #ifdef _KERNEL
259 /* */, OM_uint32
260 #endif
261 /* */);
262 #ifndef _KERNEL
263 OM_uint32 (*gss_context_time)
321 gss_name_t *, /* name */
322 OM_uint32 *, /* lifetime */
323 int *, /* cred_usage */
324 gss_OID_set * /* mechanisms */
325 /* */);
326 OM_uint32 (*gss_add_cred)
327 (
328 void *, /* context */
329 OM_uint32 *, /* minor_status */
330 const gss_cred_id_t, /* input_cred_handle */
331 const gss_name_t, /* desired_name */
332 const gss_OID, /* desired_mech */
333 gss_cred_usage_t, /* cred_usage */
334 OM_uint32, /* initiator_time_req */
335 OM_uint32, /* acceptor_time_req */
336 gss_cred_id_t *, /* output_cred_handle */
337 gss_OID_set *, /* actual_mechs */
338 OM_uint32 *, /* initiator_time_rec */
339 OM_uint32 * /* acceptor_time_rec */
340 /* */);
341 #endif /* ! _KERNEL */
342 /*
343 * Note: there are two gss_seal's in here. Make any changes to both.
344 */
345 OM_uint32 (*gss_seal)
346 (
347 void *, /* context */
348 OM_uint32 *, /* minor_status */
349 const gss_ctx_id_t, /* context_handle */
350 int, /* conf_req_flag */
351 int, /* qop_req */
352 const gss_buffer_t, /* input_message_buffer */
353 int *, /* conf_state */
354 gss_buffer_t /* output_message_buffer */
355 #ifdef _KERNEL
356 /* */, OM_uint32
357 #endif
358 /* */);
359 #ifndef _KERNEL
360 OM_uint32 (*gss_export_sec_context)
361 (
362 void *, /* context */
363 OM_uint32 *, /* minor_status */
364 gss_ctx_id_t *, /* context_handle */
365 gss_buffer_t /* interprocess_token */
366 /* */);
367 #endif /* ! _KERNEL */
368 OM_uint32 (*gss_import_sec_context)
369 (
370 void *, /* context */
371 OM_uint32 *, /* minor_status */
372 const gss_buffer_t, /* interprocess_token */
373 gss_ctx_id_t * /* context_handle */
374 /* */);
375 #ifndef _KERNEL
376 OM_uint32 (*gss_inquire_cred_by_mech)
377 (
378 void *, /* context */
379 OM_uint32 *, /* minor_status */
426 OM_uint32 *, /* minor_status */
427 const gss_name_t, /* pname */
428 uid_t * /* uid */
429 /* */);
430 OM_uint32 (*__gss_userok)
431 (
432 void *, /* context */
433 OM_uint32 *, /* minor_status */
434 const gss_name_t, /* pname */
435 const char *, /* local user */
436 int * /* user ok? */
437 /* */);
438 OM_uint32 (*gss_export_name)
439 (
440 void *, /* context */
441 OM_uint32 *, /* minor_status */
442 const gss_name_t, /* input_name */
443 gss_buffer_t /* exported_name */
444 /* */);
445 #endif /* ! _KERNEL */
446 OM_uint32 (*gss_sign)
447 (
448 void *, /* context */
449 OM_uint32 *, /* minor_status */
450 const gss_ctx_id_t, /* context_handle */
451 int, /* qop_req */
452 const gss_buffer_t, /* message_buffer */
453 gss_buffer_t /* message_token */
454 #ifdef _KERNEL
455 /* */, OM_uint32
456 #endif
457 /* */);
458 OM_uint32 (*gss_verify)
459 (
460 void *, /* context */
461 OM_uint32 *, /* minor_status */
462 const gss_ctx_id_t, /* context_handle */
463 const gss_buffer_t, /* message_buffer */
464 const gss_buffer_t, /* token_buffer */
465 int * /* qop_state */
734
735 #define KGSS_ALLOC() kmem_zalloc(sizeof (struct kgss_ctx), KM_SLEEP)
736 #define KGSS_FREE(ctx) kmem_free(ctx, sizeof (struct kgss_ctx))
737
738 #define KGSS_SIGN(minor_st, ctx, qop, msg, tkn) \
739 (*(KCTX_TO_MECH(ctx)->gss_sign))(KCTX_TO_PRIVATE(ctx), minor_st, \
740 KCTX_TO_CTX(ctx), qop, msg, tkn, KCTX_TO_CTXV(ctx))
741
742 #define KGSS_VERIFY(minor_st, ctx, msg, tkn, qop) \
743 (*(KCTX_TO_MECH(ctx)->gss_verify))(KCTX_TO_PRIVATE(ctx), minor_st,\
744 KCTX_TO_CTX(ctx), msg, tkn, qop, KCTX_TO_CTXV(ctx))
745
746 #define KGSS_DELETE_SEC_CONTEXT(minor_st, ctx, int_ctx_id, tkn) \
747 (*(KCTX_TO_MECH(ctx)->gss_delete_sec_context))(KCTX_TO_PRIVATE(ctx),\
748 minor_st, int_ctx_id, tkn, KCTX_TO_CTXV(ctx))
749
750 #define KGSS_IMPORT_SEC_CONTEXT(minor_st, tkn, ctx, int_ctx_id) \
751 (*(KCTX_TO_MECH(ctx)->gss_import_sec_context))(KCTX_TO_PRIVATE(ctx),\
752 minor_st, tkn, int_ctx_id)
753
754 #define KGSS_SEAL(minor_st, ctx, conf_req, qop, msg, conf_state, tkn) \
755 (*(KCTX_TO_MECH(ctx)->gss_seal))(KCTX_TO_PRIVATE(ctx), minor_st, \
756 KCTX_TO_CTX(ctx), conf_req, qop, msg, conf_state, tkn,\
757 KCTX_TO_CTXV(ctx))
758
759 #define KGSS_UNSEAL(minor_st, ctx, msg, tkn, conf, qop) \
760 (*(KCTX_TO_MECH(ctx)->gss_unseal))(KCTX_TO_PRIVATE(ctx), minor_st,\
761 KCTX_TO_CTX(ctx), msg, tkn, conf, qop, \
762 KCTX_TO_CTXV(ctx))
763
764 #define KGSS_INIT_CONTEXT(ctx) krb5_init_context(ctx)
765 #define KGSS_RELEASE_OID(minor_st, oid) krb5_gss_release_oid(minor_st, oid)
766 extern OM_uint32 kgss_release_oid(OM_uint32 *, gss_OID *);
767
768 #else /* !_KERNEL */
769
770 #define KGSS_INIT_CONTEXT(ctx) krb5_gss_init_context(ctx)
771 #define KGSS_RELEASE_OID(minor_st, oid) gss_release_oid(minor_st, oid)
772
773 #define KCTX_TO_CTX(ctx) (KCTX_TO_KGSS_CTX(ctx)->gssd_ctx)
774 #define MALLOC(n) malloc(n)
775 #define FREE(x, n) free(x)
776 #define KGSS_CRED_ALLOC() (struct kgss_cred *) \
777 MALLOC(sizeof (struct kgss_cred))
778 #define KGSS_CRED_FREE(cred) free(cred)
779 #define KGSS_ALLOC() (struct kgss_ctx *)MALLOC(sizeof (struct kgss_ctx))
780 #define KGSS_FREE(ctx) free(ctx)
781
782 #define KGSS_SIGN(minor_st, ctx, qop, msg, tkn) \
783 kgss_sign_wrapped(minor_st, \
|