2 * Copyright (c) 1997 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. All advertising materials mentioning features or use of this software
18 * must display the following acknowledgement:
19 * This product includes software developed by Kungliga Tekniska
20 * Högskolan and its contributors.
22 * 4. Neither the name of the Institute nor the names of its contributors
23 * may be used to endorse or promote products derived from this software
24 * without specific prior written permission.
26 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
45 * First, include stddef.h to get size_t defined.
53 #include <sys/types.h>
55 #include <krb5-types.h>
58 * Now define the three implementation-dependent types.
61 typedef u_int32_t OM_uint32
;
64 * This is to avoid having to include <krb5.h>
67 struct krb5_auth_context_data
;
71 /* typedef void *gss_name_t; */
73 typedef struct Principal
*gss_name_t
;
75 typedef struct gss_ctx_id_t_desc_struct
{
76 struct krb5_auth_context_data
*auth_context
;
77 gss_name_t source
, target
;
79 enum { LOCAL
= 1, OPEN
= 2} more_flags
;
82 typedef gss_ctx_id_t_desc
*gss_ctx_id_t
;
84 typedef struct gss_OID_desc_struct
{
87 } gss_OID_desc
, *gss_OID
;
89 typedef struct gss_OID_set_desc_struct
{
92 } gss_OID_set_desc
, *gss_OID_set
;
94 struct krb5_keytab_data
;
96 typedef int gss_cred_usage_t
;
98 typedef struct gss_cred_id_t_desc_struct
{
100 struct krb5_keytab_data
*keytab
;
102 gss_cred_usage_t usage
;
103 gss_OID_set mechanisms
;
104 } gss_cred_id_t_desc
;
106 typedef gss_cred_id_t_desc
*gss_cred_id_t
;
108 typedef struct gss_buffer_desc_struct
{
111 } gss_buffer_desc
, *gss_buffer_t
;
113 typedef struct gss_channel_bindings_struct
{
114 OM_uint32 initiator_addrtype
;
115 gss_buffer_desc initiator_address
;
116 OM_uint32 acceptor_addrtype
;
117 gss_buffer_desc acceptor_address
;
118 gss_buffer_desc application_data
;
119 } *gss_channel_bindings_t
;
122 * For now, define a QOP-type as an OM_uint32
124 typedef OM_uint32 gss_qop_t
;
127 * Flag bits for context-level services.
129 #define GSS_C_DELEG_FLAG 1
130 #define GSS_C_MUTUAL_FLAG 2
131 #define GSS_C_REPLAY_FLAG 4
132 #define GSS_C_SEQUENCE_FLAG 8
133 #define GSS_C_CONF_FLAG 16
134 #define GSS_C_INTEG_FLAG 32
135 #define GSS_C_ANON_FLAG 64
136 #define GSS_C_PROT_READY_FLAG 128
137 #define GSS_C_TRANS_FLAG 256
140 * Credential usage options
143 #define GSS_C_INITIATE 1
144 #define GSS_C_ACCEPT 2
147 * Status code types for gss_display_status
149 #define GSS_C_GSS_CODE 1
150 #define GSS_C_MECH_CODE 2
153 * The constant definitions for channel-bindings address families
155 #define GSS_C_AF_UNSPEC 0
156 #define GSS_C_AF_LOCAL 1
157 #define GSS_C_AF_INET 2
158 #define GSS_C_AF_IMPLINK 3
159 #define GSS_C_AF_PUP 4
160 #define GSS_C_AF_CHAOS 5
161 #define GSS_C_AF_NS 6
162 #define GSS_C_AF_NBS 7
163 #define GSS_C_AF_ECMA 8
164 #define GSS_C_AF_DATAKIT 9
165 #define GSS_C_AF_CCITT 10
166 #define GSS_C_AF_SNA 11
167 #define GSS_C_AF_DECnet 12
168 #define GSS_C_AF_DLI 13
169 #define GSS_C_AF_LAT 14
170 #define GSS_C_AF_HYLINK 15
171 #define GSS_C_AF_APPLETALK 16
172 #define GSS_C_AF_BSC 17
173 #define GSS_C_AF_DSS 18
174 #define GSS_C_AF_OSI 19
175 #define GSS_C_AF_X25 21
177 #define GSS_C_AF_NULLADDR 255
180 * Various Null values
182 #define GSS_C_NO_NAME ((gss_name_t) 0)
183 #define GSS_C_NO_BUFFER ((gss_buffer_t) 0)
184 #define GSS_C_NO_OID ((gss_OID) 0)
185 #define GSS_C_NO_OID_SET ((gss_OID_set) 0)
186 #define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0)
187 #define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0)
188 #define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0)
189 #define GSS_C_EMPTY_BUFFER {0, NULL}
192 * Some alternate names for a couple of the above
193 * values. These are defined for V1 compatibility.
195 #define GSS_C_NULL_OID GSS_C_NO_OID
196 #define GSS_C_NULL_OID_SET GSS_C_NO_OID_SET
199 * Define the default Quality of Protection for per-message
200 * services. Note that an implementation that offers multiple
201 * levels of QOP may define GSS_C_QOP_DEFAULT to be either zero
202 * (as done here) to mean "default protection", or to a specific
203 * explicit QOP value. However, a value of 0 should always be
204 * interpreted by a GSSAPI implementation as a request for the
205 * default protection level.
207 #define GSS_C_QOP_DEFAULT 0
210 * Expiration time of 2^32-1 seconds means infinite lifetime for a
211 * credential or security context
213 #define GSS_C_INDEFINITE 0xfffffffful
216 * The implementation must reserve static storage for a
217 * gss_OID_desc object containing the value
218 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
219 * "\x01\x02\x01\x01"},
220 * corresponding to an object-identifier value of
221 * {iso(1) member-body(2) United States(840) mit(113554)
222 * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant
223 * GSS_C_NT_USER_NAME should be initialized to point
224 * to that gss_OID_desc.
226 extern gss_OID GSS_C_NT_USER_NAME
;
229 * The implementation must reserve static storage for a
230 * gss_OID_desc object containing the value
231 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
232 * "\x01\x02\x01\x02"},
233 * corresponding to an object-identifier value of
234 * {iso(1) member-body(2) United States(840) mit(113554)
235 * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}.
236 * The constant GSS_C_NT_MACHINE_UID_NAME should be
237 * initialized to point to that gss_OID_desc.
239 extern gss_OID GSS_C_NT_MACHINE_UID_NAME
;
242 * The implementation must reserve static storage for a
243 * gss_OID_desc object containing the value
244 * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
245 * "\x01\x02\x01\x03"},
246 * corresponding to an object-identifier value of
247 * {iso(1) member-body(2) United States(840) mit(113554)
248 * infosys(1) gssapi(2) generic(1) string_uid_name(3)}.
249 * The constant GSS_C_NT_STRING_UID_NAME should be
250 * initialized to point to that gss_OID_desc.
252 extern gss_OID GSS_C_NT_STRING_UID_NAME
;
255 * The implementation must reserve static storage for a
256 * gss_OID_desc object containing the value
257 * {6, (void *)"\x2b\x06\x01\x05\x06\x02"},
258 * corresponding to an object-identifier value of
259 * {1(iso), 3(org), 6(dod), 1(internet), 5(security),
260 * 6(nametypes), 2(gss-host-based-services)}. The constant
261 * GSS_C_NT_HOSTBASED_SERVICE should be initialized to point
262 * to that gss_OID_desc.
264 extern gss_OID GSS_C_NT_HOSTBASED_SERVICE
;
267 * The implementation must reserve static storage for a
268 * gss_OID_desc object containing the value
269 * {6, (void *)"\x2b\x06\01\x05\x06\x03"},
270 * corresponding to an object identifier value of
271 * {1(iso), 3(org), 6(dod), 1(internet), 5(security),
272 * 6(nametypes), 3(gss-anonymous-name)}. The constant
273 * and GSS_C_NT_ANONYMOUS should be initialized to point
274 * to that gss_OID_desc.
276 extern gss_OID GSS_C_NT_ANONYMOUS
;
279 * The implementation must reserve static storage for a
280 * gss_OID_desc object containing the value
281 * {6, (void *)"\x2b\x06\x01\x05\x06\x04"},
282 * corresponding to an object-identifier value of
283 * {1(iso), 3(org), 6(dod), 1(internet), 5(security),
284 * 6(nametypes), 4(gss-api-exported-name)}. The constant
285 * GSS_C_NT_EXPORT_NAME should be initialized to point
286 * to that gss_OID_desc.
288 extern gss_OID GSS_C_NT_EXPORT_NAME
;
291 * This if for kerberos5 names.
294 extern gss_OID GSS_KRB5_NT_PRINCIPAL_NAME
;
295 extern gss_OID GSS_KRB5_NT_USER_NAME
;
296 extern gss_OID GSS_KRB5_NT_MACHINE_UID_NAME
;
297 extern gss_OID GSS_KRB5_NT_STRING_UID_NAME
;
299 extern gss_OID GSS_KRB5_MECHANISM
;
301 /* Major status codes */
303 #define GSS_S_COMPLETE 0
306 * Some "helper" definitions to make the status code macros obvious.
308 #define GSS_C_CALLING_ERROR_OFFSET 24
309 #define GSS_C_ROUTINE_ERROR_OFFSET 16
310 #define GSS_C_SUPPLEMENTARY_OFFSET 0
311 #define GSS_C_CALLING_ERROR_MASK 0377ul
312 #define GSS_C_ROUTINE_ERROR_MASK 0377ul
313 #define GSS_C_SUPPLEMENTARY_MASK 0177777ul
316 * The macros that test status codes for error conditions.
317 * Note that the GSS_ERROR() macro has changed slightly from
318 * the V1 GSSAPI so that it now evaluates its argument
321 #define GSS_CALLING_ERROR(x) \
322 (x & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET))
323 #define GSS_ROUTINE_ERROR(x) \
324 (x & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))
325 #define GSS_SUPPLEMENTARY_INFO(x) \
326 (x & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET))
327 #define GSS_ERROR(x) \
328 (x & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) | \
329 (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)))
332 * Now the actual status code definitions
338 #define GSS_S_CALL_INACCESSIBLE_READ \
339 (1ul << GSS_C_CALLING_ERROR_OFFSET)
340 #define GSS_S_CALL_INACCESSIBLE_WRITE \
341 (2ul << GSS_C_CALLING_ERROR_OFFSET)
342 #define GSS_S_CALL_BAD_STRUCTURE \
343 (3ul << GSS_C_CALLING_ERROR_OFFSET)
348 #define GSS_S_BAD_MECH (1ul << GSS_C_ROUTINE_ERROR_OFFSET)
349 #define GSS_S_BAD_NAME (2ul << GSS_C_ROUTINE_ERROR_OFFSET)
350 #define GSS_S_BAD_NAMETYPE (3ul << GSS_C_ROUTINE_ERROR_OFFSET)
352 #define GSS_S_BAD_BINDINGS (4ul << GSS_C_ROUTINE_ERROR_OFFSET)
353 #define GSS_S_BAD_STATUS (5ul << GSS_C_ROUTINE_ERROR_OFFSET)
354 #define GSS_S_BAD_SIG (6ul << GSS_C_ROUTINE_ERROR_OFFSET)
355 #define GSS_S_BAD_MIC GSS_S_BAD_SIG
356 #define GSS_S_NO_CRED (7ul << GSS_C_ROUTINE_ERROR_OFFSET)
357 #define GSS_S_NO_CONTEXT (8ul << GSS_C_ROUTINE_ERROR_OFFSET)
358 #define GSS_S_DEFECTIVE_TOKEN (9ul << GSS_C_ROUTINE_ERROR_OFFSET)
359 #define GSS_S_DEFECTIVE_CREDENTIAL (10ul << GSS_C_ROUTINE_ERROR_OFFSET)
360 #define GSS_S_CREDENTIALS_EXPIRED (11ul << GSS_C_ROUTINE_ERROR_OFFSET)
361 #define GSS_S_CONTEXT_EXPIRED (12ul << GSS_C_ROUTINE_ERROR_OFFSET)
362 #define GSS_S_FAILURE (13ul << GSS_C_ROUTINE_ERROR_OFFSET)
363 #define GSS_S_BAD_QOP (14ul << GSS_C_ROUTINE_ERROR_OFFSET)
364 #define GSS_S_UNAUTHORIZED (15ul << GSS_C_ROUTINE_ERROR_OFFSET)
365 #define GSS_S_UNAVAILABLE (16ul << GSS_C_ROUTINE_ERROR_OFFSET)
366 #define GSS_S_DUPLICATE_ELEMENT (17ul << GSS_C_ROUTINE_ERROR_OFFSET)
367 #define GSS_S_NAME_NOT_MN (18ul << GSS_C_ROUTINE_ERROR_OFFSET)
370 * Supplementary info bits:
372 #define GSS_S_CONTINUE_NEEDED (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 0))
373 #define GSS_S_DUPLICATE_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 1))
374 #define GSS_S_OLD_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 2))
375 #define GSS_S_UNSEQ_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 3))
376 #define GSS_S_GAP_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 4))
381 * 4.1.1. Non-Kerberos-specific codes
384 #define GSS_KRB5_S_G_BAD_SERVICE_NAME 1
385 /* "No @ in SERVICE-NAME name string" */
386 #define GSS_KRB5_S_G_BAD_STRING_UID 2
387 /* "STRING-UID-NAME contains nondigits" */
388 #define GSS_KRB5_S_G_NOUSER 3
389 /* "UID does not resolve to username" */
390 #define GSS_KRB5_S_G_VALIDATE_FAILED 4
391 /* "Validation error" */
392 #define GSS_KRB5_S_G_BUFFER_ALLOC 5
393 /* "Couldn't allocate gss_buffer_t data" */
394 #define GSS_KRB5_S_G_BAD_MSG_CTX 6
395 /* "Message context invalid" */
396 #define GSS_KRB5_S_G_WRONG_SIZE 7
397 /* "Buffer is the wrong size" */
398 #define GSS_KRB5_S_G_BAD_USAGE 8
399 /* "Credential usage type is unknown" */
400 #define GSS_KRB5_S_G_UNKNOWN_QOP 9
401 /* "Unknown quality of protection specified" */
404 * 4.1.2. Kerberos-specific-codes
407 #define GSS_KRB5_S_KG_CCACHE_NOMATCH 10
408 /* "Principal in credential cache does not match desired name" */
409 #define GSS_KRB5_S_KG_KEYTAB_NOMATCH 11
410 /* "No principal in keytab matches desired name" */
411 #define GSS_KRB5_S_KG_TGT_MISSING 12
412 /* "Credential cache has no TGT" */
413 #define GSS_KRB5_S_KG_NO_SUBKEY 13
414 /* "Authenticator has no subkey" */
415 #define GSS_KRB5_S_KG_CONTEXT_ESTABLISHED 14
416 /* "Context is already fully established" */
417 #define GSS_KRB5_S_KG_BAD_SIGN_TYPE 15
418 /* "Unknown signature type in token" */
419 #define GSS_KRB5_S_KG_BAD_LENGTH 16
420 /* "Invalid field length in token" */
421 #define GSS_KRB5_S_KG_CTX_INCOMPLETE 17
422 /* "Attempt to use incomplete security context" */
425 * Finally, function prototypes for the GSS-API routines.
428 OM_uint32 gss_acquire_cred
429 (OM_uint32
* minor_status
,
430 const gss_name_t desired_name
,
432 const gss_OID_set desired_mechs
,
433 gss_cred_usage_t cred_usage
,
434 gss_cred_id_t
* output_cred_handle
,
435 gss_OID_set
* actual_mechs
,
439 OM_uint32 gss_release_cred
440 (OM_uint32
* minor_status
,
441 gss_cred_id_t
* cred_handle
444 OM_uint32 gss_init_sec_context
445 (OM_uint32
* minor_status
,
446 const gss_cred_id_t initiator_cred_handle
,
447 gss_ctx_id_t
* context_handle
,
448 const gss_name_t target_name
,
449 const gss_OID mech_type
,
452 const gss_channel_bindings_t input_chan_bindings
,
453 const gss_buffer_t input_token
,
454 gss_OID
* actual_mech_type
,
455 gss_buffer_t output_token
,
456 OM_uint32
* ret_flags
,
460 OM_uint32 gss_accept_sec_context
461 (OM_uint32
* minor_status
,
462 gss_ctx_id_t
* context_handle
,
463 const gss_cred_id_t acceptor_cred_handle
,
464 const gss_buffer_t input_token_buffer
,
465 const gss_channel_bindings_t input_chan_bindings
,
466 gss_name_t
* src_name
,
468 gss_buffer_t output_token
,
469 OM_uint32
* ret_flags
,
470 OM_uint32
* time_rec
,
471 gss_cred_id_t
* delegated_cred_handle
474 OM_uint32 gss_process_context_token
475 (OM_uint32
* minor_status
,
476 const gss_ctx_id_t context_handle
,
477 const gss_buffer_t token_buffer
480 OM_uint32 gss_delete_sec_context
481 (OM_uint32
* minor_status
,
482 gss_ctx_id_t
* context_handle
,
483 gss_buffer_t output_token
486 OM_uint32 gss_context_time
487 (OM_uint32
* minor_status
,
488 const gss_ctx_id_t context_handle
,
492 OM_uint32 gss_get_mic
493 (OM_uint32
* minor_status
,
494 const gss_ctx_id_t context_handle
,
496 const gss_buffer_t message_buffer
,
497 gss_buffer_t message_token
500 OM_uint32 gss_verify_mic
501 (OM_uint32
* minor_status
,
502 const gss_ctx_id_t context_handle
,
503 const gss_buffer_t message_buffer
,
504 const gss_buffer_t token_buffer
,
505 gss_qop_t
* qop_state
509 (OM_uint32
* minor_status
,
510 const gss_ctx_id_t context_handle
,
513 const gss_buffer_t input_message_buffer
,
515 gss_buffer_t output_message_buffer
519 (OM_uint32
* minor_status
,
520 const gss_ctx_id_t context_handle
,
521 const gss_buffer_t input_message_buffer
,
522 gss_buffer_t output_message_buffer
,
524 gss_qop_t
* qop_state
527 OM_uint32 gss_display_status
528 (OM_uint32
* minor_status
,
529 OM_uint32 status_value
,
531 const gss_OID mech_type
,
532 OM_uint32
* message_context
,
533 gss_buffer_t status_string
536 OM_uint32 gss_indicate_mechs
537 (OM_uint32
* minor_status
,
538 gss_OID_set
* mech_set
541 OM_uint32 gss_compare_name
542 (OM_uint32
* minor_status
,
543 const gss_name_t name1
,
544 const gss_name_t name2
,
548 OM_uint32 gss_display_name
549 (OM_uint32
* minor_status
,
550 const gss_name_t input_name
,
551 gss_buffer_t output_name_buffer
,
552 gss_OID
* output_name_type
555 OM_uint32 gss_import_name
556 (OM_uint32
* minor_status
,
557 const gss_buffer_t input_name_buffer
,
558 const gss_OID input_name_type
,
559 gss_name_t
* output_name
562 OM_uint32 gss_export_name
563 (OM_uint32
* minor_status
,
564 const gss_name_t input_name
,
565 gss_buffer_t exported_name
568 OM_uint32 gss_release_name
569 (OM_uint32
* minor_status
,
570 gss_name_t
* input_name
573 OM_uint32 gss_release_buffer
574 (OM_uint32
* minor_status
,
578 OM_uint32 gss_release_oid_set
579 (OM_uint32
* minor_status
,
583 OM_uint32 gss_inquire_cred
584 (OM_uint32
* minor_status
,
585 const gss_cred_id_t cred_handle
,
587 OM_uint32
* lifetime
,
588 gss_cred_usage_t
* cred_usage
,
589 gss_OID_set
* mechanisms
592 OM_uint32
gss_inquire_context (
593 OM_uint32
* minor_status
,
594 const gss_ctx_id_t context_handle
,
595 gss_name_t
* src_name
,
596 gss_name_t
* targ_name
,
597 OM_uint32
* lifetime_rec
,
599 OM_uint32
* ctx_flags
,
600 int * locally_initiated
,
604 OM_uint32
gss_wrap_size_limit (
605 OM_uint32
* minor_status
,
606 const gss_ctx_id_t context_handle
,
609 OM_uint32 req_output_size
,
610 OM_uint32
* max_input_size
613 OM_uint32
gss_add_cred (
614 OM_uint32
* minor_status
,
615 const gss_cred_id_t input_cred_handle
,
616 const gss_name_t desired_name
,
617 const gss_OID desired_mech
,
618 gss_cred_usage_t cred_usage
,
619 OM_uint32 initiator_time_req
,
620 OM_uint32 acceptor_time_req
,
621 gss_cred_id_t
* output_cred_handle
,
622 gss_OID_set
* actual_mechs
,
623 OM_uint32
* initiator_time_rec
,
624 OM_uint32
* acceptor_time_rec
627 OM_uint32
gss_inquire_cred_by_mech (
628 OM_uint32
* minor_status
,
629 const gss_cred_id_t cred_handle
,
630 const gss_OID mech_type
,
632 OM_uint32
* initiator_lifetime
,
633 OM_uint32
* acceptor_lifetime
,
634 gss_cred_usage_t
* cred_usage
637 OM_uint32
gss_export_sec_context (
638 OM_uint32
* minor_status
,
639 gss_ctx_id_t
* context_handle
,
640 gss_buffer_t interprocess_token
643 OM_uint32
gss_import_sec_context (
644 OM_uint32
* minor_status
,
645 const gss_buffer_t interprocess_token
,
646 gss_ctx_id_t
* context_handle
649 OM_uint32
gss_create_empty_oid_set (
650 OM_uint32
* minor_status
,
651 gss_OID_set
* oid_set
654 OM_uint32
gss_add_oid_set_member (
655 OM_uint32
* minor_status
,
656 const gss_OID member_oid
,
657 gss_OID_set
* oid_set
660 OM_uint32
gss_test_oid_set_member (
661 OM_uint32
* minor_status
,
662 const gss_OID member
,
663 const gss_OID_set set
,
667 OM_uint32
gss_inquire_names_for_mech (
668 OM_uint32
* minor_status
,
669 const gss_OID mechanism
,
670 gss_OID_set
* name_types
673 OM_uint32
gss_inquire_mechs_for_name (
674 OM_uint32
* minor_status
,
675 const gss_name_t input_name
,
676 gss_OID_set
* mech_types
679 OM_uint32
gss_canonicalize_name (
680 OM_uint32
* minor_status
,
681 const gss_name_t input_name
,
682 const gss_OID mech_type
,
683 gss_name_t
* output_name
686 OM_uint32
gss_duplicate_name (
687 OM_uint32
* minor_status
,
688 const gss_name_t src_name
,
689 gss_name_t
* dest_name
693 * The following routines are obsolete variants of gss_get_mic,
694 * gss_verify_mic, gss_wrap and gss_unwrap. They should be
695 * provided by GSSAPI V2 implementations for backwards
696 * compatibility with V1 applications. Distinct entrypoints
697 * (as opposed to #defines) should be provided, both to allow
698 * GSSAPI V1 applications to link against GSSAPI V2 implementations,
699 * and to retain the slight parameter type differences between the
700 * obsolete versions of these routines and their current forms.
704 (OM_uint32
* minor_status
,
705 gss_ctx_id_t context_handle
,
707 gss_buffer_t message_buffer
,
708 gss_buffer_t message_token
712 (OM_uint32
* minor_status
,
713 gss_ctx_id_t context_handle
,
714 gss_buffer_t message_buffer
,
715 gss_buffer_t token_buffer
,
720 (OM_uint32
* minor_status
,
721 gss_ctx_id_t context_handle
,
724 gss_buffer_t input_message_buffer
,
726 gss_buffer_t output_message_buffer
730 (OM_uint32
* minor_status
,
731 gss_ctx_id_t context_handle
,
732 gss_buffer_t input_message_buffer
,
733 gss_buffer_t output_message_buffer
,
739 * kerberos mechanism specific functions
742 OM_uint32 gsskrb5_register_acceptor_identity
745 #endif /* GSSAPI_H_ */