search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
8322 nl: misleading-indentation
[unleashed/tickless.git] / usr / src / lib / libbc / inc / include / rpc / auth.h
blob820912149306b5c2c17a96187911dc6f73fa548b
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License, Version 1.0 only
6 * (the "License"). You may not use this file except in compliance
7 * with the License.
8 *
9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 * or http://www.opensolaris.org/os/licensing.
11 * See the License for the specific language governing permissions
12 * and limitations under the License.
13 *
14 * When distributing Covered Code, include this CDDL HEADER in each
15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 * If applicable, add the following below this CDDL HEADER, with the
17 * fields enclosed by brackets "[]" replaced with your own identifying
18 * information: Portions Copyright [yyyy] [name of copyright owner]
19 *
20 * CDDL HEADER END
21 */
22 #pragma ident "%Z%%M% %I% %E% SMI"
23
24 /*
25 * auth.h, Authentication interface.
26 *
27 * Copyright (C) 1984, Sun Microsystems, Inc.
28 *
29 * The data structures are completely opaque to the client. The client
30 * is required to pass a AUTH * to routines that create rpc
31 * "sessions".
32 */
33
34
35 #ifndef _rpc_auth_h
36 #define _rpc_auth_h
37
38 #define MAX_AUTH_BYTES 400
39 #define MAXNETNAMELEN 255 /* maximum length of network user's name */
40
41 /*
42 * Status returned from authentication check
43 */
44 enum auth_stat {
45 AUTH_OK=0,
46 /*
47 * failed at remote end
48 */
49 AUTH_BADCRED=1, /* bogus credentials (seal broken) */
50 AUTH_REJECTEDCRED=2, /* client should begin new session */
51 AUTH_BADVERF=3, /* bogus verifier (seal broken) */
52 AUTH_REJECTEDVERF=4, /* verifier expired or was replayed */
53 AUTH_TOOWEAK=5, /* rejected due to security reasons */
54 /*
55 * failed locally
56 */
57 AUTH_INVALIDRESP=6, /* bogus response verifier */
58 AUTH_FAILED=7 /* some unknown reason */
59 };
60
61 #if (mc68000 || sparc || vax || i386)
62 typedef u_long u_int32; /* 32-bit unsigned integers */
63 #endif
64
65 union des_block {
66 struct {
67 u_int32 high;
68 u_int32 low;
69 } key;
70 char c[8];
71 };
72 typedef union des_block des_block;
73 extern bool_t xdr_des_block();
74
75 /*
76 * Authentication info. Opaque to client.
77 */
78 struct opaque_auth {
79 enum_t oa_flavor; /* flavor of auth */
80 caddr_t oa_base; /* address of more auth stuff */
81 u_int oa_length; /* not to exceed MAX_AUTH_BYTES */
82 };
83
84
85 /*
86 * Auth handle, interface to client side authenticators.
87 */
88 typedef struct {
89 struct opaque_auth ah_cred;
90 struct opaque_auth ah_verf;
91 union des_block ah_key;
92 struct auth_ops {
93 void (*ah_nextverf)();
94 int (*ah_marshal)(); /* nextverf & serialize */
95 int (*ah_validate)(); /* validate varifier */
96 int (*ah_refresh)(); /* refresh credentials */
97 void (*ah_destroy)(); /* destroy this structure */
98 } *ah_ops;
99 caddr_t ah_private;
100 } AUTH;
101
102
103 /*
104 * Authentication ops.
105 * The ops and the auth handle provide the interface to the authenticators.
106 *
107 * AUTH *auth;
108 * XDR *xdrs;
109 * struct opaque_auth verf;
110 */
111 #define AUTH_NEXTVERF(auth) \
112 ((*((auth)->ah_ops->ah_nextverf))(auth))
113 #define auth_nextverf(auth) \
114 ((*((auth)->ah_ops->ah_nextverf))(auth))
115
116 #define AUTH_MARSHALL(auth, xdrs) \
117 ((*((auth)->ah_ops->ah_marshal))(auth, xdrs))
118 #define auth_marshall(auth, xdrs) \
119 ((*((auth)->ah_ops->ah_marshal))(auth, xdrs))
120
121 #define AUTH_VALIDATE(auth, verfp) \
122 ((*((auth)->ah_ops->ah_validate))((auth), verfp))
123 #define auth_validate(auth, verfp) \
124 ((*((auth)->ah_ops->ah_validate))((auth), verfp))
125
126 #define AUTH_REFRESH(auth) \
127 ((*((auth)->ah_ops->ah_refresh))(auth))
128 #define auth_refresh(auth) \
129 ((*((auth)->ah_ops->ah_refresh))(auth))
130
131 #define AUTH_DESTROY(auth) \
132 ((*((auth)->ah_ops->ah_destroy))(auth))
133 #define auth_destroy(auth) \
134 ((*((auth)->ah_ops->ah_destroy))(auth))
135
136
137 extern struct opaque_auth _null_auth;
138
139
140 /*
141 * These are the various implementations of client side authenticators.
142 */
143
144 /*
145 * Unix style authentication
146 * AUTH *authunix_create(machname, uid, gid, len, aup_gids)
147 * char *machname;
148 * int uid;
149 * int gid;
150 * int len;
151 * int *aup_gids;
152 */
153 #ifdef KERNEL
154 extern AUTH *authkern_create(); /* takes no parameters */
155 #else
156 extern AUTH *authsys_create(const char *, const uid_t, const gid_t,
157 const int, const gid_t *);
158 extern AUTH *authsys_create_default(void); /* takes no parameters */
159 extern AUTH *authnone_create(); /* takes no parameters */
160 #endif
161 extern AUTH *authdes_create();
162
163 #define AUTH_NONE 0 /* no authentication */
164 #define AUTH_NULL 0 /* backward compatibility */
165 #define AUTH_UNIX 1 /* unix style (uid, gids) */
166 #define AUTH_SHORT 2 /* short hand unix style */
167 #define AUTH_DES 3 /* des style (encrypted timestamps) */
168
169 #endif /* !_rpc_auth_h */
unleashed repo fork