Sun agreed to a change of the license for the RPC code to a BSD-like license.
[glibc/pb-stable.git] / sunrpc / rpc / auth.h
blob0c2663917b97c81ec492482047c0abdc17e0d929
1 /*
2 * auth.h, Authentication interface.
4 * Copyright (C) 1984, Sun Microsystems, Inc.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions are
8 * met:
10 * * Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * * Redistributions in binary form must reproduce the above
13 * copyright notice, this list of conditions and the following
14 * disclaimer in the documentation and/or other materials
15 * provided with the distribution.
16 * * Neither the name of Sun Microsystems, Inc. nor the names of its
17 * contributors may be used to endorse or promote products derived
18 * from this software without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
24 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
25 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
27 * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
29 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
30 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33 * The data structures are completely opaque to the client. The client
34 * is required to pass a AUTH * to routines that create rpc
35 * "sessions".
38 #ifndef _RPC_AUTH_H
40 #define _RPC_AUTH_H 1
41 #include <features.h>
42 #include <rpc/xdr.h>
44 __BEGIN_DECLS
46 #define MAX_AUTH_BYTES 400
47 #define MAXNETNAMELEN 255 /* maximum length of network user's name */
50 * Status returned from authentication check
52 enum auth_stat {
53 AUTH_OK=0,
55 * failed at remote end
57 AUTH_BADCRED=1, /* bogus credentials (seal broken) */
58 AUTH_REJECTEDCRED=2, /* client should begin new session */
59 AUTH_BADVERF=3, /* bogus verifier (seal broken) */
60 AUTH_REJECTEDVERF=4, /* verifier expired or was replayed */
61 AUTH_TOOWEAK=5, /* rejected due to security reasons */
63 * failed locally
65 AUTH_INVALIDRESP=6, /* bogus response verifier */
66 AUTH_FAILED=7 /* some unknown reason */
69 union des_block {
70 struct {
71 u_int32_t high;
72 u_int32_t low;
73 } key;
74 char c[8];
76 typedef union des_block des_block;
77 extern bool_t xdr_des_block (XDR *__xdrs, des_block *__blkp) __THROW;
80 * Authentication info. Opaque to client.
82 struct opaque_auth {
83 enum_t oa_flavor; /* flavor of auth */
84 caddr_t oa_base; /* address of more auth stuff */
85 u_int oa_length; /* not to exceed MAX_AUTH_BYTES */
89 * Auth handle, interface to client side authenticators.
91 typedef struct AUTH AUTH;
92 struct AUTH {
93 struct opaque_auth ah_cred;
94 struct opaque_auth ah_verf;
95 union des_block ah_key;
96 struct auth_ops {
97 void (*ah_nextverf) (AUTH *);
98 int (*ah_marshal) (AUTH *, XDR *); /* nextverf & serialize */
99 int (*ah_validate) (AUTH *, struct opaque_auth *);
100 /* validate verifier */
101 int (*ah_refresh) (AUTH *); /* refresh credentials */
102 void (*ah_destroy) (AUTH *); /* destroy this structure */
103 } *ah_ops;
104 caddr_t ah_private;
109 * Authentication ops.
110 * The ops and the auth handle provide the interface to the authenticators.
112 * AUTH *auth;
113 * XDR *xdrs;
114 * struct opaque_auth verf;
116 #define AUTH_NEXTVERF(auth) \
117 ((*((auth)->ah_ops->ah_nextverf))(auth))
118 #define auth_nextverf(auth) \
119 ((*((auth)->ah_ops->ah_nextverf))(auth))
121 #define AUTH_MARSHALL(auth, xdrs) \
122 ((*((auth)->ah_ops->ah_marshal))(auth, xdrs))
123 #define auth_marshall(auth, xdrs) \
124 ((*((auth)->ah_ops->ah_marshal))(auth, xdrs))
126 #define AUTH_VALIDATE(auth, verfp) \
127 ((*((auth)->ah_ops->ah_validate))((auth), verfp))
128 #define auth_validate(auth, verfp) \
129 ((*((auth)->ah_ops->ah_validate))((auth), verfp))
131 #define AUTH_REFRESH(auth) \
132 ((*((auth)->ah_ops->ah_refresh))(auth))
133 #define auth_refresh(auth) \
134 ((*((auth)->ah_ops->ah_refresh))(auth))
136 #define AUTH_DESTROY(auth) \
137 ((*((auth)->ah_ops->ah_destroy))(auth))
138 #define auth_destroy(auth) \
139 ((*((auth)->ah_ops->ah_destroy))(auth))
142 extern struct opaque_auth _null_auth;
146 * These are the various implementations of client side authenticators.
150 * Unix style authentication
151 * AUTH *authunix_create(machname, uid, gid, len, aup_gids)
152 * char *machname;
153 * int uid;
154 * int gid;
155 * int len;
156 * int *aup_gids;
158 extern AUTH *authunix_create (char *__machname, __uid_t __uid, __gid_t __gid,
159 int __len, __gid_t *__aup_gids);
160 extern AUTH *authunix_create_default (void);
161 extern AUTH *authnone_create (void) __THROW;
162 extern AUTH *authdes_create (const char *__servername, u_int __window,
163 struct sockaddr *__syncaddr, des_block *__ckey)
164 __THROW;
165 extern AUTH *authdes_pk_create (const char *, netobj *, u_int,
166 struct sockaddr *, des_block *) __THROW;
169 #define AUTH_NONE 0 /* no authentication */
170 #define AUTH_NULL 0 /* backward compatibility */
171 #define AUTH_SYS 1 /* unix style (uid, gids) */
172 #define AUTH_UNIX AUTH_SYS
173 #define AUTH_SHORT 2 /* short hand unix style */
174 #define AUTH_DES 3 /* des style (encrypted timestamps) */
175 #define AUTH_DH AUTH_DES /* Diffie-Hellman (this is DES) */
176 #define AUTH_KERB 4 /* kerberos style */
179 * Netname manipulating functions
182 extern int getnetname (char *) __THROW;
183 extern int host2netname (char *, __const char *, __const char *) __THROW;
184 extern int user2netname (char *, __const uid_t, __const char *) __THROW;
185 extern int netname2user (__const char *, uid_t *, gid_t *, int *, gid_t *)
186 __THROW;
187 extern int netname2host (__const char *, char *, __const int) __THROW;
191 * These routines interface to the keyserv daemon
194 extern int key_decryptsession (char *, des_block *);
195 extern int key_decryptsession_pk (char *, netobj *, des_block *);
196 extern int key_encryptsession (char *, des_block *);
197 extern int key_encryptsession_pk (char *, netobj *, des_block *);
198 extern int key_gendes (des_block *);
199 extern int key_setsecret (char *);
200 extern int key_secretkey_is_set (void);
201 extern int key_get_conv (char *, des_block *);
204 * XDR an opaque authentication struct.
206 extern bool_t xdr_opaque_auth (XDR *, struct opaque_auth *) __THROW;
208 __END_DECLS
210 #endif /* rpc/auth.h */