subversion/libsvn_subr/auth.h

   1 /*
   2  * auth.h :  shared stuff internal to the subr library.
   3  *
   4  * ====================================================================
   5  *    Licensed to the Apache Software Foundation (ASF) under one
   6  *    or more contributor license agreements.  See the NOTICE file
   7  *    distributed with this work for additional information
   8  *    regarding copyright ownership.  The ASF licenses this file
   9  *    to you under the Apache License, Version 2.0 (the
  10  *    "License"); you may not use this file except in compliance
  11  *    with the License.  You may obtain a copy of the License at
  12  *
  13  *      http://www.apache.org/licenses/LICENSE-2.0
  14  *
  15  *    Unless required by applicable law or agreed to in writing,
  16  *    software distributed under the License is distributed on an
  17  *    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  18  *    KIND, either express or implied.  See the License for the
  19  *    specific language governing permissions and limitations
  20  *    under the License.
  21  * ====================================================================
  22  */
  23
  24 #ifndef SVN_LIBSVN_SUBR_AUTH_H
  25 #define SVN_LIBSVN_SUBR_AUTH_H
  26
  27 #ifdef __cplusplus
  28 extern "C" {
  29 #endif /* __cplusplus */
  30
  31 #include "svn_auth.h"
  32
  33 /* Helper for svn_config_{read|write}_auth_data.  Return a path to a
  34    file within ~/.subversion/auth/ that holds CRED_KIND credentials
  35    within REALMSTRING.  If no path is available *PATH will be set to
  36    NULL. */
  37 svn_error_t *
  38 svn_auth__file_path(const char **path,
  39                     const char *cred_kind,
  40                     const char *realmstring,
  41                     const char *config_dir,
  42                     apr_pool_t *pool);
  43
  44 #if (defined(WIN32) && !defined(__MINGW32__)) || defined(DOXYGEN)
  45 /**
  46  * Set @a *provider to an authentication provider of type @c
  47  * svn_auth_cred_simple_t that gets/sets information from the user's
  48  * ~/.subversion configuration directory.  Allocate @a *provider in
  49  * @a pool.
  50  *
  51  * This is like svn_auth_get_simple_provider(), except that, when
  52  * running on Window 2000 or newer (or any other Windows version that
  53  * includes the CryptoAPI), the provider encrypts the password before
  54  * storing it to disk. On earlier versions of Windows, the provider
  55  * does nothing.
  56  *
  57  * @note This function is only available on Windows.
  58  *
  59  * @note An administrative password reset may invalidate the account's
  60  * secret key. This function will detect that situation and behave as
  61  * if the password were not cached at all.
  62  */
  63 void
  64 svn_auth__get_windows_simple_provider(svn_auth_provider_object_t **provider,
  65                                       apr_pool_t *pool);
  66
  67 /**
  68  * Set @a *provider to an authentication provider of type @c
  69  * svn_auth_cred_ssl_client_cert_pw_t that gets/sets information from the
  70  * user's ~/.subversion configuration directory.  Allocate @a *provider in
  71  * @a pool.
  72  *
  73  * This is like svn_auth_get_ssl_client_cert_pw_file_provider(), except that
  74  * when running on Window 2000 or newer, the provider encrypts the password
  75  * before storing it to disk. On earlier versions of Windows, the provider
  76  * does nothing.
  77  *
  78  * @note This function is only available on Windows.
  79  *
  80  * @note An administrative password reset may invalidate the account's
  81  * secret key. This function will detect that situation and behave as
  82  * if the password were not cached at all.
  83  */
  84 void
  85 svn_auth__get_windows_ssl_client_cert_pw_provider(
  86   svn_auth_provider_object_t **provider,
  87   apr_pool_t *pool);
  88
  89 /**
  90  * Set @a *provider to an authentication provider of type @c
  91  * svn_auth_cred_ssl_server_trust_t, allocated in @a pool.
  92  *
  93  * This provider automatically validates ssl server certificates with
  94  * the CryptoApi, like Internet Explorer and the Windows network API do.
  95  * This allows the rollout of root certificates via Windows Domain
  96  * policies, instead of Subversion specific configuration.
  97  *
  98  * @note This function is only available on Windows.
  99  */
 100 void
 101 svn_auth__get_windows_ssl_server_trust_provider(
 102   svn_auth_provider_object_t **provider,
 103   apr_pool_t *pool);
 104 #endif /* WIN32 && !__MINGW32__ || DOXYGEN */
 105
 106 #if defined(DARWIN) || defined(DOXYGEN)
 107 /**
 108  * Set @a *provider to an authentication provider of type @c
 109  * svn_auth_cred_simple_t that gets/sets information from the user's
 110  * ~/.subversion configuration directory.  Allocate @a *provider in
 111  * @a pool.
 112  *
 113  * This is like svn_auth_get_simple_provider(), except that the
 114  * password is stored in the Mac OS KeyChain.
 115  *
 116  * @note This function is only available on Mac OS 10.2 and higher.
 117  */
 118 void
 119 svn_auth__get_keychain_simple_provider(svn_auth_provider_object_t **provider,
 120                                       apr_pool_t *pool);
 121
 122 /**
 123  * Set @a *provider to an authentication provider of type @c
 124  * svn_auth_cred_ssl_client_cert_pw_t that gets/sets information from the
 125  * user's ~/.subversion configuration directory.  Allocate @a *provider in
 126  * @a pool.
 127  *
 128  * This is like svn_auth_get_ssl_client_cert_pw_file_provider(), except
 129  * that the password is stored in the Mac OS KeyChain.
 130  *
 131  * @note This function is only available on Mac OS 10.2 and higher.
 132  */
 133 void
 134 svn_auth__get_keychain_ssl_client_cert_pw_provider(
 135   svn_auth_provider_object_t **provider,
 136   apr_pool_t *pool);
 137 #endif /* DARWIN || DOXYGEN */
 138
 139 #if !defined(WIN32) || defined(DOXYGEN)
 140 /**
 141  * Set @a *provider to an authentication provider of type @c
 142  * svn_auth_cred_simple_t that gets/sets information from the user's
 143  * ~/.subversion configuration directory.
 144  *
 145  * This is like svn_client_get_simple_provider(), except that the
 146  * password is obtained from gpg_agent, which will keep it in
 147  * a memory cache.
 148  *
 149  * Allocate @a *provider in @a pool.
 150  *
 151  * @note This function actually works only on systems with
 152  * GNU Privacy Guard installed.
 153  */
 154 void
 155 svn_auth__get_gpg_agent_simple_provider
 156     (svn_auth_provider_object_t **provider,
 157      apr_pool_t *pool);
 158 #endif /* !defined(WIN32) || defined(DOXYGEN) */
 159
 160 /**
 161  * Set @a *provider to a dummy provider of type @c
 162  * svn_auth_cred_simple_t that never returns or stores any
 163  * credentials.
 164  */
 165 void
 166 svn_auth__get_dummmy_simple_provider(svn_auth_provider_object_t **provider,
 167                                      apr_pool_t *pool);
 168
 169 #ifdef __cplusplus
 170 }
 171 #endif /* __cplusplus */
 172
 173 #endif /* SVN_LIBSVN_SUBR_AUTH_H */