[apple/libinfo.git] / rpc.subproj / auth.h

/*
 * Copyright (c) 1999 Apple Computer, Inc. All rights reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 * 
 * Portions Copyright (c) 1999 Apple Computer, Inc.  All Rights
 * Reserved.  This file contains Original Code and/or Modifications of
 * Original Code as defined in and that are subject to the Apple Public
 * Source License Version 1.1 (the "License").  You may not use this file
 * except in compliance with the License.  Please obtain a copy of the
 * License at http://www.apple.com/publicsource and read it before using
 * this file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE OR NON- INFRINGEMENT.  Please see the
 * License for the specific language governing rights and limitations
 * under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */
/*
 * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
 * unrestricted use provided that this legend is included on all tape
 * media and as a part of the software program in whole or part.  Users
 * may copy or modify Sun RPC without charge, but are not authorized
 * to license or distribute it to anyone else except as part of a product or
 * program developed by the user.
 * 
 * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
 * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
 * 
 * Sun RPC is provided with no support and without any obligation on the
 * part of Sun Microsystems, Inc. to assist in its use, correction,
 * modification or enhancement.
 * 
 * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
 * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
 * OR ANY PART THEREOF.
 * 
 * In no event will Sun Microsystems, Inc. be liable for any lost revenue
 * or profits or other special, indirect and consequential damages, even if
 * Sun has been advised of the possibility of such damages.
 * 
 * Sun Microsystems, Inc.
 * 2550 Garcia Avenue
 * Mountain View, California  94043
 *
 *	from: @(#)auth.h 1.17 88/02/08 SMI
 *	from: @(#)auth.h	2.3 88/08/07 4.0 RPCSRC
 *	$Id: auth.h,v 1.4 2004/11/25 19:41:19 emoy Exp $
 */

/*
 * auth.h, Authentication interface.
 *
 * Copyright (C) 1984, Sun Microsystems, Inc.
 *
 * The data structures are completely opaque to the client.  The client
 * is required to pass a AUTH * to routines that create rpc
 * "sessions".
 */

#ifndef _RPC_AUTH_H
#define _RPC_AUTH_H
#include <sys/cdefs.h>

#define MAX_AUTH_BYTES	400
#define MAXNETNAMELEN	255	/* maximum length of network user's name */

/*
 * Status returned from authentication check
 */
enum auth_stat {
	AUTH_OK=0,
	/*
	 * failed at remote end
	 */
	AUTH_BADCRED=1,			/* bogus credentials (seal broken) */
	AUTH_REJECTEDCRED=2,		/* client should begin new session */
	AUTH_BADVERF=3,			/* bogus verifier (seal broken) */
	AUTH_REJECTEDVERF=4,		/* verifier expired or was replayed */
	AUTH_TOOWEAK=5,			/* rejected due to security reasons */
	/*
	 * failed locally
	*/
	AUTH_INVALIDRESP=6,		/* bogus response verifier */
	AUTH_FAILED=7			/* some unknown reason */
};

/* 32-bit unsigned integers */
#ifdef __LP64__
typedef unsigned int u_int32;
#else
typedef unsigned long u_int32;
#endif

union des_block {
	struct {
		u_int32 high;
		u_int32 low;
	} key;
	char c[8];
};
typedef union des_block des_block;
__BEGIN_DECLS
extern bool_t xdr_des_block __P((XDR *, des_block *));
__END_DECLS

/*
 * Authentication info.  Opaque to client.
 */
struct opaque_auth {
	enum_t	oa_flavor;		/* flavor of auth */
	caddr_t	oa_base;		/* address of more auth stuff */
	unsigned int	oa_length;		/* not to exceed MAX_AUTH_BYTES */
};


/*
 * Auth handle, interface to client side authenticators.
 */
typedef struct {
	struct	opaque_auth	ah_cred;
	struct	opaque_auth	ah_verf;
	union	des_block	ah_key;
	struct auth_ops {
#ifdef __cplusplus
		void	(*ah_nextverf)(...);
		int	(*ah_marshal)(...);	/* nextverf & serialize */
		int	(*ah_validate)(...);	/* validate varifier */
		int	(*ah_refresh)(...);	/* refresh credentials */
		void	(*ah_destroy)(...);	/* destroy this structure */
#else
	/* DO NOT REMOVE THE COMMENTED OUT ...: fixincludes needs to see them */
		void	(*ah_nextverf)(/*...*/);
		int	(*ah_marshal)(/*...*/);	/* nextverf & serialize */
		int	(*ah_validate)(/*...*/);	/* validate varifier */
		int	(*ah_refresh)(/*...*/);	/* refresh credentials */
		void	(*ah_destroy)(/*...*/);	/* destroy this structure */
#endif
	} *ah_ops;
	caddr_t ah_private;
} AUTH;


/*
 * Authentication ops.
 * The ops and the auth handle provide the interface to the authenticators.
 *
 * AUTH	*auth;
 * XDR	*xdrs;
 * struct opaque_auth verf;
 */
#define AUTH_NEXTVERF(auth)		\
		((*((auth)->ah_ops->ah_nextverf))(auth))
#define auth_nextverf(auth)		\
		((*((auth)->ah_ops->ah_nextverf))(auth))

#define AUTH_MARSHALL(auth, xdrs)	\
		((*((auth)->ah_ops->ah_marshal))(auth, xdrs))
#define auth_marshall(auth, xdrs)	\
		((*((auth)->ah_ops->ah_marshal))(auth, xdrs))

#define AUTH_VALIDATE(auth, verfp)	\
		((*((auth)->ah_ops->ah_validate))((auth), verfp))
#define auth_validate(auth, verfp)	\
		((*((auth)->ah_ops->ah_validate))((auth), verfp))

#define AUTH_REFRESH(auth)		\
		((*((auth)->ah_ops->ah_refresh))(auth))
#define auth_refresh(auth)		\
		((*((auth)->ah_ops->ah_refresh))(auth))

#define AUTH_DESTROY(auth)		\
		((*((auth)->ah_ops->ah_destroy))(auth))
#define auth_destroy(auth)		\
		((*((auth)->ah_ops->ah_destroy))(auth))


extern struct opaque_auth _null_auth;


/*
 * These are the various implementations of client side authenticators.
 */

/*
 * Unix style authentication
 * AUTH *authunix_create(machname, uid, gid, len, aup_gids)
 *	char *machname;
 *	int uid;
 *	int gid;
 *	int len;
 *	int *aup_gids;
 */
__BEGIN_DECLS
extern AUTH *authunix_create		__P((char *, int, int, int, int *));
extern AUTH *authunix_create_default	__P((void));
extern AUTH *authnone_create		__P((void));
extern AUTH *authdes_create		__P((char *, unsigned int,
					     struct sockaddr_in *,
					     des_block *));
__END_DECLS

#define AUTH_NONE	0		/* no authentication */
#define	AUTH_NULL	0		/* backward compatibility */
#define	AUTH_UNIX	1		/* unix style (uid, gids) */
#define	AUTH_SHORT	2		/* short hand unix style */
#define AUTH_DES	3		/* des style (encrypted timestamps) */

#endif /* !_RPC_AUTH_H */
Commit	Line	Data
03fb6eb0 A	1	/*
	2	* Copyright (c) 1999 Apple Computer, Inc. All rights reserved.
	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
ad21edcc A	6	* Portions Copyright (c) 1999 Apple Computer, Inc. All Rights
	7	* Reserved. This file contains Original Code and/or Modifications of
	8	* Original Code as defined in and that are subject to the Apple Public
	9	* Source License Version 1.1 (the "License"). You may not use this file
	10	* except in compliance with the License. Please obtain a copy of the
	11	* License at http://www.apple.com/publicsource and read it before using
	12	* this file.
03fb6eb0 A	13	*
03fb6eb0 A	14	* The Original Code and all software distributed under the License are
ad21edcc	15	* distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
03fb6eb0 A	16	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
03fb6eb0 A	17	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
ad21edcc A	18	* FITNESS FOR A PARTICULAR PURPOSE OR NON- INFRINGEMENT. Please see the
	19	* License for the specific language governing rights and limitations
	20	* under the License.
03fb6eb0 A	21	*
	22	* @APPLE_LICENSE_HEADER_END@
	23	*/
	24	/*
	25	* Sun RPC is a product of Sun Microsystems, Inc. and is provided for
	26	* unrestricted use provided that this legend is included on all tape
	27	* media and as a part of the software program in whole or part. Users
	28	* may copy or modify Sun RPC without charge, but are not authorized
	29	* to license or distribute it to anyone else except as part of a product or
	30	* program developed by the user.
	31	*
	32	* SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
	33	* WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
	34	* PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
	35	*
	36	* Sun RPC is provided with no support and without any obligation on the
	37	* part of Sun Microsystems, Inc. to assist in its use, correction,
	38	* modification or enhancement.
	39	*
	40	* SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
	41	* INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
	42	* OR ANY PART THEREOF.
	43	*
	44	* In no event will Sun Microsystems, Inc. be liable for any lost revenue
	45	* or profits or other special, indirect and consequential damages, even if
	46	* Sun has been advised of the possibility of such damages.
	47	*
	48	* Sun Microsystems, Inc.
	49	* 2550 Garcia Avenue
	50	* Mountain View, California 94043
	51	*
	52	* from: @(#)auth.h 1.17 88/02/08 SMI
	53	* from: @(#)auth.h 2.3 88/08/07 4.0 RPCSRC
c29f2fcc	54	* $Id: auth.h,v 1.4 2004/11/25 19:41:19 emoy Exp $
03fb6eb0 A	55	*/
	56
	57	/*
	58	* auth.h, Authentication interface.
	59	*
	60	* Copyright (C) 1984, Sun Microsystems, Inc.
	61	*
	62	* The data structures are completely opaque to the client. The client
	63	* is required to pass a AUTH * to routines that create rpc
	64	* "sessions".
	65	*/
	66
	67	#ifndef _RPC_AUTH_H
	68	#define _RPC_AUTH_H
	69	#include <sys/cdefs.h>
	70
	71	#define MAX_AUTH_BYTES 400
	72	#define MAXNETNAMELEN 255 /* maximum length of network user's name */
	73
	74	/*
	75	* Status returned from authentication check
	76	*/
	77	enum auth_stat {
	78	AUTH_OK=0,
	79	/*
	80	* failed at remote end
	81	*/
	82	AUTH_BADCRED=1, /* bogus credentials (seal broken) */
	83	AUTH_REJECTEDCRED=2, /* client should begin new session */
	84	AUTH_BADVERF=3, /* bogus verifier (seal broken) */
	85	AUTH_REJECTEDVERF=4, /* verifier expired or was replayed */
	86	AUTH_TOOWEAK=5, /* rejected due to security reasons */
	87	/*
	88	* failed locally
	89	*/
	90	AUTH_INVALIDRESP=6, /* bogus response verifier */
	91	AUTH_FAILED=7 /* some unknown reason */
	92	};
	93
b3dd680f A	94	/* 32-bit unsigned integers */
	95	#ifdef __LP64__
	96	typedef unsigned int u_int32;
	97	#else
	98	typedef unsigned long u_int32;
	99	#endif
03fb6eb0 A	100
	101	union des_block {
	102	struct {
	103	u_int32 high;
	104	u_int32 low;
	105	} key;
	106	char c[8];
	107	};
	108	typedef union des_block des_block;
	109	__BEGIN_DECLS
	110	extern bool_t xdr_des_block __P((XDR , des_block ));
	111	__END_DECLS
	112
	113	/*
	114	* Authentication info. Opaque to client.
	115	*/
	116	struct opaque_auth {
	117	enum_t oa_flavor; /* flavor of auth */
	118	caddr_t oa_base; /* address of more auth stuff */
c29f2fcc	119	unsigned int oa_length; /* not to exceed MAX_AUTH_BYTES */
03fb6eb0 A	120	};
	121
	122
	123	/*
	124	* Auth handle, interface to client side authenticators.
	125	*/
	126	typedef struct {
	127	struct opaque_auth ah_cred;
	128	struct opaque_auth ah_verf;
	129	union des_block ah_key;
	130	struct auth_ops {
c29f2fcc A	131	#ifdef __cplusplus
	132	void (*ah_nextverf)(...);
	133	int (ah_marshal)(...); / nextverf & serialize */
	134	int (ah_validate)(...); / validate varifier */
	135	int (ah_refresh)(...); / refresh credentials */
	136	void (ah_destroy)(...); / destroy this structure */
	137	#else
	138	/* DO NOT REMOVE THE COMMENTED OUT ...: fixincludes needs to see them */
	139	void (ah_nextverf)(/...*/);
	140	int (ah_marshal)(/.../); / nextverf & serialize */
	141	int (ah_validate)(/.../); / validate varifier */
	142	int (ah_refresh)(/.../); / refresh credentials */
	143	void (ah_destroy)(/.../); / destroy this structure */
	144	#endif
03fb6eb0 A	145	} *ah_ops;
	146	caddr_t ah_private;
	147	} AUTH;
	148
	149
	150	/*
	151	* Authentication ops.
	152	* The ops and the auth handle provide the interface to the authenticators.
	153	*
	154	* AUTH *auth;
	155	* XDR *xdrs;
	156	* struct opaque_auth verf;
	157	*/
	158	#define AUTH_NEXTVERF(auth) \
	159	((*((auth)->ah_ops->ah_nextverf))(auth))
	160	#define auth_nextverf(auth) \
	161	((*((auth)->ah_ops->ah_nextverf))(auth))
	162
	163	#define AUTH_MARSHALL(auth, xdrs) \
	164	((*((auth)->ah_ops->ah_marshal))(auth, xdrs))
	165	#define auth_marshall(auth, xdrs) \
	166	((*((auth)->ah_ops->ah_marshal))(auth, xdrs))
	167
	168	#define AUTH_VALIDATE(auth, verfp) \
	169	((*((auth)->ah_ops->ah_validate))((auth), verfp))
	170	#define auth_validate(auth, verfp) \
	171	((*((auth)->ah_ops->ah_validate))((auth), verfp))
	172
	173	#define AUTH_REFRESH(auth) \
	174	((*((auth)->ah_ops->ah_refresh))(auth))
	175	#define auth_refresh(auth) \
	176	((*((auth)->ah_ops->ah_refresh))(auth))
	177
	178	#define AUTH_DESTROY(auth) \
	179	((*((auth)->ah_ops->ah_destroy))(auth))
	180	#define auth_destroy(auth) \
	181	((*((auth)->ah_ops->ah_destroy))(auth))
	182
	183
	184	extern struct opaque_auth _null_auth;
	185
	186
	187	/*
	188	* These are the various implementations of client side authenticators.
	189	*/
	190
	191	/*
	192	* Unix style authentication
	193	* AUTH *authunix_create(machname, uid, gid, len, aup_gids)
	194	* char *machname;
	195	* int uid;
	196	* int gid;
	197	* int len;
	198	* int *aup_gids;
	199	*/
	200	__BEGIN_DECLS
	201	extern AUTH authunix_create __P((char , int, int, int, int *));
	202	extern AUTH *authunix_create_default __P((void));
	203	extern AUTH *authnone_create __P((void));
c29f2fcc	204	extern AUTH authdes_create __P((char , unsigned int,
03fb6eb0 A	205	struct sockaddr_in *,
	206	des_block *));
	207	__END_DECLS
	208
	209	#define AUTH_NONE 0 /* no authentication */
	210	#define AUTH_NULL 0 /* backward compatibility */
	211	#define AUTH_UNIX 1 /* unix style (uid, gids) */
	212	#define AUTH_SHORT 2 /* short hand unix style */
	213	#define AUTH_DES 3 /* des style (encrypted timestamps) */
	214
	215	#endif /* !_RPC_AUTH_H */