source: rtems/cpukit/libnetworking/rpc/auth.h @ 16f4661f

5
Last change on this file since 16f4661f was 16f4661f, checked in by Sebastian Huber <sebastian.huber@…>, on 03/09/18 at 07:38:18

network: Optionally install network headers

Install the network headers only if --enable-networking is specified.

Update #3254.
  • Property mode set to 100644
File size: 7.4 KB
Line 
1/*
2 * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
3 * unrestricted use provided that this legend is included on all tape
4 * media and as a part of the software program in whole or part.  Users
5 * may copy or modify Sun RPC without charge, but are not authorized
6 * to license or distribute it to anyone else except as part of a product or
7 * program developed by the user.
8 *
9 * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
10 * WARRANTIES OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR
11 * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
12 *
13 * Sun RPC is provided with no support and without any obligation on the
14 * part of Sun Microsystems, Inc. to assist in its use, correction,
15 * modification or enhancement.
16 *
17 * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
18 * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
19 * OR ANY PART THEREOF.
20 *
21 * In no event will Sun Microsystems, Inc. be liable for any lost revenue
22 * or profits or other special, indirect and consequential damages, even if
23 * Sun has been advised of the possibility of such damages.
24 *
25 * Sun Microsystems, Inc.
26 * 2550 Garcia Avenue
27 * Mountain View, California  94043
28 *
29 *      from: @(#)auth.h 1.17 88/02/08 SMI
30 *      from: @(#)auth.h        2.3 88/08/07 4.0 RPCSRC
31 * $FreeBSD: src/include/rpc/auth.h,v 1.15 1999/08/27 23:45:02 peter Exp $
32 */
33
34/*
35 * auth.h, Authentication interface.
36 *
37 * Copyright (C) 1984, Sun Microsystems, Inc.
38 *
39 * The data structures are completely opaque to the client.  The client
40 * is required to pass a AUTH * to routines that create rpc
41 * "sessions".
42 */
43
44#ifndef _RPC_AUTH_H
45#define _RPC_AUTH_H
46#include <sys/cdefs.h>
47#include <sys/socket.h>
48#include <rpc/xdr.h>
49
50#define MAX_AUTH_BYTES  400
51#define MAXNETNAMELEN   255     /* maximum length of network user's name */
52
53/*
54 * Status returned from authentication check
55 */
56enum auth_stat {
57        AUTH_OK=0,
58        /*
59         * failed at remote end
60         */
61        AUTH_BADCRED=1,                 /* bogus credentials (seal broken) */
62        AUTH_REJECTEDCRED=2,            /* client should begin new session */
63        AUTH_BADVERF=3,                 /* bogus verifier (seal broken) */
64        AUTH_REJECTEDVERF=4,            /* verifier expired or was replayed */
65        AUTH_TOOWEAK=5,                 /* rejected due to security reasons */
66        /*
67         * failed locally
68        */
69        AUTH_INVALIDRESP=6,             /* bogus response verifier */
70        AUTH_FAILED=7,                  /* some unknown reason */
71        _AUTH_STAT = 0xffffffff
72};
73
74union des_block {
75        struct {
76                u_int32_t high;
77                u_int32_t low;
78        } key;
79        char c[8];
80};
81typedef union des_block des_block;
82__BEGIN_DECLS
83extern bool_t xdr_des_block (XDR *, des_block *);
84__END_DECLS
85
86/*
87 * Authentication info.  Opaque to client.
88 */
89struct opaque_auth {
90        enum_t  oa_flavor;              /* flavor of auth */
91        caddr_t oa_base;                /* address of more auth stuff */
92        u_int   oa_length;              /* not to exceed MAX_AUTH_BYTES */
93};
94__BEGIN_DECLS
95bool_t xdr_opaque_auth (XDR *xdrs, struct opaque_auth *ap);
96__END_DECLS
97
98
99/*
100 * Auth handle, interface to client side authenticators.
101 */
102typedef struct __rpc_auth {
103        struct  opaque_auth     ah_cred;
104        struct  opaque_auth     ah_verf;
105        union   des_block       ah_key;
106        struct auth_ops {
107                void    (*ah_nextverf) (struct __rpc_auth *);
108                /* nextverf & serialize */
109                int     (*ah_marshal) (struct __rpc_auth *, XDR *);
110                /* validate verifier */
111                int     (*ah_validate) (struct __rpc_auth *,
112                                struct opaque_auth *);
113                /* refresh credentials */
114                int     (*ah_refresh) (struct __rpc_auth *);
115                /* destroy this structure */
116                void    (*ah_destroy) (struct __rpc_auth *);
117        } *ah_ops;
118        caddr_t ah_private;
119} AUTH;
120
121
122/*
123 * Authentication ops.
124 * The ops and the auth handle provide the interface to the authenticators.
125 *
126 * AUTH *auth;
127 * XDR  *xdrs;
128 * struct opaque_auth verf;
129 */
130#define AUTH_NEXTVERF(auth)             \
131                ((*((auth)->ah_ops->ah_nextverf))(auth))
132#define auth_nextverf(auth)             \
133                ((*((auth)->ah_ops->ah_nextverf))(auth))
134
135#define AUTH_MARSHALL(auth, xdrs)       \
136                ((*((auth)->ah_ops->ah_marshal))(auth, xdrs))
137#define auth_marshall(auth, xdrs)       \
138                ((*((auth)->ah_ops->ah_marshal))(auth, xdrs))
139
140#define AUTH_VALIDATE(auth, verfp)      \
141                ((*((auth)->ah_ops->ah_validate))((auth), verfp))
142#define auth_validate(auth, verfp)      \
143                ((*((auth)->ah_ops->ah_validate))((auth), verfp))
144
145#define AUTH_REFRESH(auth)              \
146                ((*((auth)->ah_ops->ah_refresh))(auth))
147#define auth_refresh(auth)              \
148                ((*((auth)->ah_ops->ah_refresh))(auth))
149
150#define AUTH_DESTROY(auth)              \
151                ((*((auth)->ah_ops->ah_destroy))(auth))
152#define auth_destroy(auth)              \
153                ((*((auth)->ah_ops->ah_destroy))(auth))
154
155
156extern struct opaque_auth _null_auth;
157
158/*
159 * These are the various implementations of client side authenticators.
160 */
161
162/*
163 * Unix style authentication
164 * AUTH *authunix_create(machname, uid, gid, len, aup_gids)
165 *      char *machname;
166 *      int uid;
167 *      int gid;
168 *      int len;
169 *      int *aup_gids;
170 */
171__BEGIN_DECLS
172struct sockaddr_in;
173extern AUTH *authunix_create            (char *, int, int, int, int *);
174extern AUTH *authunix_create_default    (void);
175extern AUTH *authnone_create            (void);
176__END_DECLS
177
178/* Forward compatibility with TI-RPC */
179#define authsys_create authunix_create
180#define authsys_create_default authunix_create_default
181
182/*
183 * DES style authentication
184 * AUTH *authdes_create(servername, window, timehost, ckey)
185 *      char *servername;               - network name of server
186 *      u_int window;                   - time to live
187 *      struct sockaddr *timehost;      - optional hostname to sync with
188 *      des_block *ckey;                - optional conversation key to use
189 */
190__BEGIN_DECLS
191extern AUTH *authdes_create ( char *, u_int, struct sockaddr *, des_block * );
192#ifdef NOTYET
193/*
194 * TI-RPC supports this call, but it requires the inclusion of
195 * NIS+-specific headers which would require the inclusion of other
196 * headers which would result in a tangled mess. For now, the NIS+
197 * code prototypes this routine internally.
198 */
199extern AUTH *authdes_pk_create ( char *, netobj *, u_int,
200                                     struct sockaddr *, des_block *,
201                                     nis_server * );
202#endif
203__END_DECLS
204
205/*
206 * Netname manipulation routines.
207 */
208__BEGIN_DECLS
209extern int netname2user ( char *, uid_t *, gid_t *, int *, gid_t *);
210extern int netname2host ( char *, char *, int );
211extern int getnetname ( char * );
212extern int user2netname ( char *, uid_t, char * );
213extern int host2netname ( char *, char *, char * );
214extern void passwd2des ( char *, char * );
215__END_DECLS
216
217/*
218 * Keyserv interface routines.
219 * XXX Should not be here.
220 */
221#ifndef HEXKEYBYTES
222#define HEXKEYBYTES 48
223#endif
224typedef char kbuf[HEXKEYBYTES];
225typedef char *namestr;
226
227struct netstarg {
228        kbuf st_priv_key;
229        kbuf st_pub_key;
230        namestr st_netname;
231};
232
233__BEGIN_DECLS
234extern int key_decryptsession ( const char *, des_block * );
235extern int key_decryptsession_pk ( char *, netobj *, des_block * );
236extern int key_encryptsession ( const char *, des_block * );
237extern int key_encryptsession_pk ( char *, netobj *, des_block * );
238extern int key_gendes ( des_block * );
239extern int key_setsecret ( const char * );
240extern int key_secretkey_is_set ( void );
241extern int key_setnet ( struct netstarg * );
242extern int key_get_conv ( char *, des_block * );
243__END_DECLS
244
245/*
246 * Publickey routines.
247 */
248__BEGIN_DECLS
249extern int getpublickey ( char *, char * );
250extern int getpublicandprivatekey ( char *, char * );
251extern int getsecretkey ( char *, char *, char * );
252__END_DECLS
253
254
255#define AUTH_NONE       0               /* no authentication */
256#define AUTH_NULL       0               /* backward compatibility */
257#define AUTH_UNIX       1               /* unix style (uid, gids) */
258#define AUTH_SYS        1               /* forward compatibility */
259#define AUTH_SHORT      2               /* short hand unix style */
260#define AUTH_DES        3               /* des style (encrypted timestamps) */
261
262#endif /* !_RPC_AUTH_H */
Note: See TracBrowser for help on using the repository browser.