Dr Andrew Scott
G7VAV
Senior Lecturer
School of Computing
and Communications
D35 InfoLab21
Lancaster University
Lancaster, LA1 4WA
United Kingdom
School of Computing
and Communications
D35 InfoLab21
Lancaster University
Lancaster, LA1 4WA
United Kingdom
| June 2025 | ||||||
| Mo | Tu | We | Th | Fr | Sa | Su |
| 26 | 27 | 28 | 29 | 30 | 31 | 1 |
| 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 9 | 10 | 11 | 12 | 13 | 14 | 15 |
| 16 | 17 | 18 | 19 | 20 | 21 | 22 |
| 23 | 24 | 25 | 26 | 27 | 28 | 29 |
| 30 | 1 | 2 | 3 | 4 | 5 | 6 |
auth.h
001: /* 002: * auth.h, Authentication interface. 003: * 004: * Copyright (c) 2010, Oracle America, Inc. 005: * 006: * Redistribution and use in source and binary forms, with or without 007: * modification, are permitted provided that the following conditions are 008: * met: 009: * 010: * * Redistributions of source code must retain the above copyright 011: * notice, this list of conditions and the following disclaimer. 012: * * Redistributions in binary form must reproduce the above 013: * copyright notice, this list of conditions and the following 014: * disclaimer in the documentation and/or other materials 015: * provided with the distribution. 016: * * Neither the name of the "Oracle America, Inc." nor the names of its 017: * contributors may be used to endorse or promote products derived 018: * from this software without specific prior written permission. 019: * 020: * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 021: * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 022: * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 023: * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 024: * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 025: * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 026: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE 027: * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 028: * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 029: * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 030: * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 031: * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 032: * 033: * The data structures are completely opaque to the client. The client 034: * is required to pass a AUTH * to routines that create rpc 035: * "sessions". 036: */ 037: 038: #ifndef _RPC_AUTH_H 039: 040: #define _RPC_AUTH_H 1 041: #include <features.h> 042: #include <rpc/xdr.h> 043: 044: __BEGIN_DECLS 045: 046: #define MAX_AUTH_BYTES 400 047: #define MAXNETNAMELEN 255 /* maximum length of network user's name */ 048: 049: /* 050: * Status returned from authentication check 051: */ 052: enum auth_stat { 053: AUTH_OK=0, 054: /* 055: * failed at remote end 056: */ 057: AUTH_BADCRED=1, /* bogus credentials (seal broken) */ 058: AUTH_REJECTEDCRED=2, /* client should begin new session */ 059: AUTH_BADVERF=3, /* bogus verifier (seal broken) */ 060: AUTH_REJECTEDVERF=4, /* verifier expired or was replayed */ 061: AUTH_TOOWEAK=5, /* rejected due to security reasons */ 062: /* 063: * failed locally 064: */ 065: AUTH_INVALIDRESP=6, /* bogus response verifier */ 066: AUTH_FAILED=7 /* some unknown reason */ 067: }; 068: 069: union des_block { 070: struct { 071: u_int32_t high; 072: u_int32_t low; 073: } key; 074: char c[8]; 075: }; 076: typedef union des_block des_block; 077: extern bool_t xdr_des_block (XDR *__xdrs, des_block *__blkp) __THROW; 078: 079: /* 080: * Authentication info. Opaque to client. 081: */ 082: struct opaque_auth { 083: enum_t oa_flavor; /* flavor of auth */ 084: caddr_t oa_base; /* address of more auth stuff */ 085: u_int oa_length; /* not to exceed MAX_AUTH_BYTES */ 086: }; 087: 088: /* 089: * Auth handle, interface to client side authenticators. 090: */ 091: typedef struct AUTH AUTH; 092: struct AUTH { 093: struct opaque_auth ah_cred; 094: struct opaque_auth ah_verf; 095: union des_block ah_key; 096: struct auth_ops { 097: void (*ah_nextverf) (AUTH *); 098: int (*ah_marshal) (AUTH *, XDR *); /* nextverf & serialize */ 099: int (*ah_validate) (AUTH *, struct opaque_auth *); 100: /* validate verifier */ 101: int (*ah_refresh) (AUTH *); /* refresh credentials */ 102: void (*ah_destroy) (AUTH *); /* destroy this structure */ 103: } *ah_ops; 104: caddr_t ah_private; 105: }; 106: 107: 108: /* 109: * Authentication ops. 110: * The ops and the auth handle provide the interface to the authenticators. 111: * 112: * AUTH *auth; 113: * XDR *xdrs; 114: * struct opaque_auth verf; 115: */ 116: #define AUTH_NEXTVERF(auth) \ 117: ((*((auth)->ah_ops->ah_nextverf))(auth)) 118: #define auth_nextverf(auth) \ 119: ((*((auth)->ah_ops->ah_nextverf))(auth)) 120: 121: #define AUTH_MARSHALL(auth, xdrs) \ 122: ((*((auth)->ah_ops->ah_marshal))(auth, xdrs)) 123: #define auth_marshall(auth, xdrs) \ 124: ((*((auth)->ah_ops->ah_marshal))(auth, xdrs)) 125: 126: #define AUTH_VALIDATE(auth, verfp) \ 127: ((*((auth)->ah_ops->ah_validate))((auth), verfp)) 128: #define auth_validate(auth, verfp) \ 129: ((*((auth)->ah_ops->ah_validate))((auth), verfp)) 130: 131: #define AUTH_REFRESH(auth) \ 132: ((*((auth)->ah_ops->ah_refresh))(auth)) 133: #define auth_refresh(auth) \ 134: ((*((auth)->ah_ops->ah_refresh))(auth)) 135: 136: #define AUTH_DESTROY(auth) \ 137: ((*((auth)->ah_ops->ah_destroy))(auth)) 138: #define auth_destroy(auth) \ 139: ((*((auth)->ah_ops->ah_destroy))(auth)) 140: 141: 142: extern struct opaque_auth _null_auth; 143: 144: 145: /* 146: * These are the various implementations of client side authenticators. 147: */ 148: 149: /* 150: * Unix style authentication 151: * AUTH *authunix_create(machname, uid, gid, len, aup_gids) 152: * char *machname; 153: * int uid; 154: * int gid; 155: * int len; 156: * int *aup_gids; 157: */ 158: extern AUTH *authunix_create (char *__machname, __uid_t __uid, __gid_t __gid, 159: int __len, __gid_t *__aup_gids); 160: extern AUTH *authunix_create_default (void); 161: extern AUTH *authnone_create (void) __THROW; 162: extern AUTH *authdes_create (const char *__servername, u_int __window, 163: struct sockaddr *__syncaddr, des_block *__ckey) 164: __THROW; 165: extern AUTH *authdes_pk_create (const char *, netobj *, u_int, 166: struct sockaddr *, des_block *) __THROW; 167: 168: 169: #define AUTH_NONE 0 /* no authentication */ 170: #define AUTH_NULL 0 /* backward compatibility */ 171: #define AUTH_SYS 1 /* unix style (uid, gids) */ 172: #define AUTH_UNIX AUTH_SYS 173: #define AUTH_SHORT 2 /* short hand unix style */ 174: #define AUTH_DES 3 /* des style (encrypted timestamps) */ 175: #define AUTH_DH AUTH_DES /* Diffie-Hellman (this is DES) */ 176: #define AUTH_KERB 4 /* kerberos style */ 177: 178: /* 179: * Netname manipulating functions 180: * 181: */ 182: extern int getnetname (char *) __THROW; 183: extern int host2netname (char *, __const char *, __const char *) __THROW; 184: extern int user2netname (char *, __const uid_t, __const char *) __THROW; 185: extern int netname2user (__const char *, uid_t *, gid_t *, int *, gid_t *) 186: __THROW; 187: extern int netname2host (__const char *, char *, __const int) __THROW; 188: 189: /* 190: * 191: * These routines interface to the keyserv daemon 192: * 193: */ 194: extern int key_decryptsession (char *, des_block *); 195: extern int key_decryptsession_pk (char *, netobj *, des_block *); 196: extern int key_encryptsession (char *, des_block *); 197: extern int key_encryptsession_pk (char *, netobj *, des_block *); 198: extern int key_gendes (des_block *); 199: extern int key_setsecret (char *); 200: extern int key_secretkey_is_set (void); 201: extern int key_get_conv (char *, des_block *); 202: 203: /* 204: * XDR an opaque authentication struct. 205: */ 206: extern bool_t xdr_opaque_auth (XDR *, struct opaque_auth *) __THROW; 207: 208: __END_DECLS 209: 210: #endif /* rpc/auth.h */ 211:
for client
(none)
© Andrew Scott 2006 -
2025,
All Rights Reserved
All Rights Reserved
Andrew Scott