source3/librpc/rpc/dcerpc_gssapi.h

   1 /*
   2  *  GSSAPI Security Extensions
   3  *  RPC Pipe client routines
   4  *  Copyright (C) Simo Sorce 2010.
   5  *
   6  *  This program is free software; you can redistribute it and/or modify
   7  *  it under the terms of the GNU General Public License as published by
   8  *  the Free Software Foundation; either version 3 of the License, or
   9  *  (at your option) any later version.
  10  *
  11  *  This program is distributed in the hope that it will be useful,
  12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  *  GNU General Public License for more details.
  15  *
  16  *  You should have received a copy of the GNU General Public License
  17  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
  18  */
  19
  20 #ifndef _CLI_PIPE_GSSAPI_H_
  21 #define _CLI_PIPE_GSSAPI_H_
  22
  23 struct gse_context;
  24
  25 #ifndef GSS_C_DCE_STYLE
  26 #define GSS_C_DCE_STYLE 0x1000
  27 #endif
  28
  29 NTSTATUS gse_init_client(TALLOC_CTX *mem_ctx,
  30                           enum dcerpc_AuthType auth_type,
  31                           enum dcerpc_AuthLevel auth_level,
  32                           const char *ccache_name,
  33                           const char *server,
  34                           const char *service,
  35                           const char *username,
  36                           const char *password,
  37                           uint32_t add_gss_c_flags,
  38                           struct gse_context **_gse_ctx);
  39 NTSTATUS gse_get_client_auth_token(TALLOC_CTX *mem_ctx,
  40                                    struct gse_context *gse_ctx,
  41                                    DATA_BLOB *token_in,
  42                                    DATA_BLOB *token_out);
  43
  44 NTSTATUS gse_init_server(TALLOC_CTX *mem_ctx,
  45                          enum dcerpc_AuthType auth_type,
  46                          enum dcerpc_AuthLevel auth_level,
  47                          uint32_t add_gss_c_flags,
  48                          const char *server,
  49                          const char *keytab,
  50                          struct gse_context **_gse_ctx);
  51 NTSTATUS gse_get_server_auth_token(TALLOC_CTX *mem_ctx,
  52                                    struct gse_context *gse_ctx,
  53                                    DATA_BLOB *token_in,
  54                                    DATA_BLOB *token_out);
  55 NTSTATUS gse_verify_server_auth_flags(struct gse_context *gse_ctx);
  56
  57 bool gse_require_more_processing(struct gse_context *gse_ctx);
  58 DATA_BLOB gse_get_session_key(TALLOC_CTX *mem_ctx,
  59                                 struct gse_context *gse_ctx);
  60 NTSTATUS gse_get_client_name(struct gse_context *gse_ctx,
  61                              TALLOC_CTX *mem_ctx, char **client_name);
  62 NTSTATUS gse_get_authz_data(struct gse_context *gse_ctx,
  63                             TALLOC_CTX *mem_ctx, DATA_BLOB *pac);
  64 NTSTATUS gse_get_authtime(struct gse_context *gse_ctx, time_t *authtime);
  65
  66 size_t gse_get_signature_length(struct gse_context *gse_ctx,
  67                                 int seal, size_t payload_size);
  68 NTSTATUS gse_seal(TALLOC_CTX *mem_ctx, struct gse_context *gse_ctx,
  69                   DATA_BLOB *data, DATA_BLOB *signature);
  70 NTSTATUS gse_unseal(TALLOC_CTX *mem_ctx, struct gse_context *gse_ctx,
  71                     DATA_BLOB *data, DATA_BLOB *signature);
  72 NTSTATUS gse_sign(TALLOC_CTX *mem_ctx, struct gse_context *gse_ctx,
  73                   DATA_BLOB *data, DATA_BLOB *signature);
  74 NTSTATUS gse_sigcheck(TALLOC_CTX *mem_ctx, struct gse_context *gse_ctx,
  75                       DATA_BLOB *data, DATA_BLOB *signature);
  76 #endif /* _CLI_PIPE_GSSAPI_H_ */