Dr Andrew Scott G7VAV

My photo
 
June 2025
Mo Tu We Th Fr Sa Su
26 27 28 29 30 31 1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 1 2 3 4 5 6


auth.h
001: /*
002:  * auth.h, Authentication interface.
003:  *
004:  * Copyright (c) 2010, Oracle America, Inc.
005:  *
006:  * Redistribution and use in source and binary forms, with or without
007:  * modification, are permitted provided that the following conditions are
008:  * met:
009:  *
010:  *     * Redistributions of source code must retain the above copyright
011:  *       notice, this list of conditions and the following disclaimer.
012:  *     * Redistributions in binary form must reproduce the above
013:  *       copyright notice, this list of conditions and the following
014:  *       disclaimer in the documentation and/or other materials
015:  *       provided with the distribution.
016:  *     * Neither the name of the "Oracle America, Inc." nor the names of its
017:  *       contributors may be used to endorse or promote products derived
018:  *       from this software without specific prior written permission.
019:  *
020:  *   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
021:  *   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
022:  *   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
023:  *   FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
024:  *   COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
025:  *   INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
026:  *   DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
027:  *   GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
028:  *   INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
029:  *   WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
030:  *   NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
031:  *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
032:  *
033:  * The data structures are completely opaque to the client.  The client
034:  * is required to pass a AUTH * to routines that create rpc
035:  * "sessions".
036:  */
037: 
038: #ifndef _RPC_AUTH_H
039: 
040: #define _RPC_AUTH_H     1
041: #include <features.h>
042: #include <rpc/xdr.h>
043: 
044: __BEGIN_DECLS
045: 
046: #define MAX_AUTH_BYTES  400
047: #define MAXNETNAMELEN   255     /* maximum length of network user's name */
048: 
049: /*
050:  * Status returned from authentication check
051:  */
052: enum auth_stat {
053:         AUTH_OK=0,
054:         /*
055:          * failed at remote end
056:          */
057:         AUTH_BADCRED=1,                 /* bogus credentials (seal broken) */
058:         AUTH_REJECTEDCRED=2,            /* client should begin new session */
059:         AUTH_BADVERF=3,                 /* bogus verifier (seal broken) */
060:         AUTH_REJECTEDVERF=4,            /* verifier expired or was replayed */
061:         AUTH_TOOWEAK=5,                 /* rejected due to security reasons */
062:         /*
063:          * failed locally
064:         */
065:         AUTH_INVALIDRESP=6,             /* bogus response verifier */
066:         AUTH_FAILED=7                   /* some unknown reason */
067: };
068: 
069: union des_block {
070:         struct {
071:                 u_int32_t high;
072:                 u_int32_t low;
073:         } key;
074:         char c[8];
075: };
076: typedef union des_block des_block;
077: extern bool_t xdr_des_block (XDR *__xdrs, des_block *__blkp) __THROW;
078: 
079: /*
080:  * Authentication info.  Opaque to client.
081:  */
082: struct opaque_auth {
083:         enum_t  oa_flavor;              /* flavor of auth */
084:         caddr_t oa_base;                /* address of more auth stuff */
085:         u_int   oa_length;              /* not to exceed MAX_AUTH_BYTES */
086: };
087: 
088: /*
089:  * Auth handle, interface to client side authenticators.
090:  */
091: typedef struct AUTH AUTH;
092: struct AUTH {
093:   struct opaque_auth ah_cred;
094:   struct opaque_auth ah_verf;
095:   union des_block ah_key;
096:   struct auth_ops {
097:     void (*ah_nextverf) (AUTH *);
098:     int  (*ah_marshal) (AUTH *, XDR *);         /* nextverf & serialize */
099:     int  (*ah_validate) (AUTH *, struct opaque_auth *);
100:                                                 /* validate verifier */
101:     int  (*ah_refresh) (AUTH *);                /* refresh credentials */
102:     void (*ah_destroy) (AUTH *);                /* destroy this structure */
103:   } *ah_ops;
104:   caddr_t ah_private;
105: };
106: 
107: 
108: /*
109:  * Authentication ops.
110:  * The ops and the auth handle provide the interface to the authenticators.
111:  *
112:  * AUTH *auth;
113:  * XDR  *xdrs;
114:  * struct opaque_auth verf;
115:  */
116: #define AUTH_NEXTVERF(auth)             \
117:                 ((*((auth)->ah_ops->ah_nextverf))(auth))
118: #define auth_nextverf(auth)             \
119:                 ((*((auth)->ah_ops->ah_nextverf))(auth))
120: 
121: #define AUTH_MARSHALL(auth, xdrs)       \
122:                 ((*((auth)->ah_ops->ah_marshal))(auth, xdrs))
123: #define auth_marshall(auth, xdrs)       \
124:                 ((*((auth)->ah_ops->ah_marshal))(auth, xdrs))
125: 
126: #define AUTH_VALIDATE(auth, verfp)      \
127:                 ((*((auth)->ah_ops->ah_validate))((auth), verfp))
128: #define auth_validate(auth, verfp)      \
129:                 ((*((auth)->ah_ops->ah_validate))((auth), verfp))
130: 
131: #define AUTH_REFRESH(auth)              \
132:                 ((*((auth)->ah_ops->ah_refresh))(auth))
133: #define auth_refresh(auth)              \
134:                 ((*((auth)->ah_ops->ah_refresh))(auth))
135: 
136: #define AUTH_DESTROY(auth)              \
137:                 ((*((auth)->ah_ops->ah_destroy))(auth))
138: #define auth_destroy(auth)              \
139:                 ((*((auth)->ah_ops->ah_destroy))(auth))
140: 
141: 
142: extern struct opaque_auth _null_auth;
143: 
144: 
145: /*
146:  * These are the various implementations of client side authenticators.
147:  */
148: 
149: /*
150:  * Unix style authentication
151:  * AUTH *authunix_create(machname, uid, gid, len, aup_gids)
152:  *      char *machname;
153:  *      int uid;
154:  *      int gid;
155:  *      int len;
156:  *      int *aup_gids;
157:  */
158: extern AUTH *authunix_create (char *__machname, __uid_t __uid, __gid_t __gid,
159:                               int __len, __gid_t *__aup_gids);
160: extern AUTH *authunix_create_default (void);
161: extern AUTH *authnone_create (void) __THROW;
162: extern AUTH *authdes_create (const char *__servername, u_int __window,
163:                              struct sockaddr *__syncaddr, des_block *__ckey)
164:      __THROW;
165: extern AUTH *authdes_pk_create (const char *, netobj *, u_int,
166:                                 struct sockaddr *, des_block *) __THROW;
167: 
168: 
169: #define AUTH_NONE       0               /* no authentication */
170: #define AUTH_NULL       0               /* backward compatibility */
171: #define AUTH_SYS        1               /* unix style (uid, gids) */
172: #define AUTH_UNIX       AUTH_SYS
173: #define AUTH_SHORT      2               /* short hand unix style */
174: #define AUTH_DES        3               /* des style (encrypted timestamps) */
175: #define AUTH_DH         AUTH_DES        /* Diffie-Hellman (this is DES) */
176: #define AUTH_KERB       4               /* kerberos style */
177: 
178: /*
179:  *  Netname manipulating functions
180:  *
181:  */
182: extern int getnetname (char *) __THROW;
183: extern int host2netname (char *, __const char *, __const char *) __THROW;
184: extern int user2netname (char *, __const uid_t, __const char *) __THROW;
185: extern int netname2user (__const char *, uid_t *, gid_t *, int *, gid_t *)
186:      __THROW;
187: extern int netname2host (__const char *, char *, __const int) __THROW;
188: 
189: /*
190:  *
191:  * These routines interface to the keyserv daemon
192:  *
193:  */
194: extern int key_decryptsession (char *, des_block *);
195: extern int key_decryptsession_pk (char *, netobj *, des_block *);
196: extern int key_encryptsession (char *, des_block *);
197: extern int key_encryptsession_pk (char *, netobj *, des_block *);
198: extern int key_gendes (des_block *);
199: extern int key_setsecret (char *);
200: extern int key_secretkey_is_set (void);
201: extern int key_get_conv (char *, des_block *);
202: 
203: /*
204:  * XDR an opaque authentication struct.
205:  */
206: extern bool_t xdr_opaque_auth (XDR *, struct opaque_auth *) __THROW;
207: 
208: __END_DECLS
209: 
210: #endif /* rpc/auth.h */
211: 


for client (none)
© Andrew Scott 2006 - 2025,
All Rights Reserved
http://www.andrew-scott.uk/
Andrew Scott
http://www.andrew-scott.co.uk/