FCL/sf/os/security: securityanddataprivacytools/openssllib/import/inc/openssl/kssl.h@ca9a0fc2f082 (annotated)

108 ca9a0fc2f082 201043_01 hgs parents: diff changeset	1	/* ssl/kssl.h -- mode: C; c-file-style: "eay" -- */
ca9a0fc2f082 201043_01 hgs parents: diff changeset	2	/* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project 2000.
ca9a0fc2f082 201043_01 hgs parents: diff changeset	3	* project 2000.
ca9a0fc2f082 201043_01 hgs parents: diff changeset	4	*/
ca9a0fc2f082 201043_01 hgs parents: diff changeset	5	/* ====================================================================
ca9a0fc2f082 201043_01 hgs parents: diff changeset	6	* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
ca9a0fc2f082 201043_01 hgs parents: diff changeset	7	*
ca9a0fc2f082 201043_01 hgs parents: diff changeset	8	* Redistribution and use in source and binary forms, with or without
ca9a0fc2f082 201043_01 hgs parents: diff changeset	9	* modification, are permitted provided that the following conditions
ca9a0fc2f082 201043_01 hgs parents: diff changeset	10	* are met:
ca9a0fc2f082 201043_01 hgs parents: diff changeset	11	*
ca9a0fc2f082 201043_01 hgs parents: diff changeset	12	* 1. Redistributions of source code must retain the above copyright
ca9a0fc2f082 201043_01 hgs parents: diff changeset	13	* notice, this list of conditions and the following disclaimer.
ca9a0fc2f082 201043_01 hgs parents: diff changeset	14	*
ca9a0fc2f082 201043_01 hgs parents: diff changeset	15	* 2. Redistributions in binary form must reproduce the above copyright
ca9a0fc2f082 201043_01 hgs parents: diff changeset	16	* notice, this list of conditions and the following disclaimer in
ca9a0fc2f082 201043_01 hgs parents: diff changeset	17	* the documentation and/or other materials provided with the
ca9a0fc2f082 201043_01 hgs parents: diff changeset	18	* distribution.
ca9a0fc2f082 201043_01 hgs parents: diff changeset	19	*
ca9a0fc2f082 201043_01 hgs parents: diff changeset	20	* 3. All advertising materials mentioning features or use of this
ca9a0fc2f082 201043_01 hgs parents: diff changeset	21	* software must display the following acknowledgment:
ca9a0fc2f082 201043_01 hgs parents: diff changeset	22	* "This product includes software developed by the OpenSSL Project
ca9a0fc2f082 201043_01 hgs parents: diff changeset	23	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
ca9a0fc2f082 201043_01 hgs parents: diff changeset	24	*
ca9a0fc2f082 201043_01 hgs parents: diff changeset	25	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
ca9a0fc2f082 201043_01 hgs parents: diff changeset	26	* endorse or promote products derived from this software without
ca9a0fc2f082 201043_01 hgs parents: diff changeset	27	* prior written permission. For written permission, please contact
ca9a0fc2f082 201043_01 hgs parents: diff changeset	28	* licensing@OpenSSL.org.
ca9a0fc2f082 201043_01 hgs parents: diff changeset	29	*
ca9a0fc2f082 201043_01 hgs parents: diff changeset	30	* 5. Products derived from this software may not be called "OpenSSL"
ca9a0fc2f082 201043_01 hgs parents: diff changeset	31	* nor may "OpenSSL" appear in their names without prior written
ca9a0fc2f082 201043_01 hgs parents: diff changeset	32	* permission of the OpenSSL Project.
ca9a0fc2f082 201043_01 hgs parents: diff changeset	33	*
ca9a0fc2f082 201043_01 hgs parents: diff changeset	34	* 6. Redistributions of any form whatsoever must retain the following
ca9a0fc2f082 201043_01 hgs parents: diff changeset	35	* acknowledgment:
ca9a0fc2f082 201043_01 hgs parents: diff changeset	36	* "This product includes software developed by the OpenSSL Project
ca9a0fc2f082 201043_01 hgs parents: diff changeset	37	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
ca9a0fc2f082 201043_01 hgs parents: diff changeset	38	*
ca9a0fc2f082 201043_01 hgs parents: diff changeset	39	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
ca9a0fc2f082 201043_01 hgs parents: diff changeset	40	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
ca9a0fc2f082 201043_01 hgs parents: diff changeset	41	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
ca9a0fc2f082 201043_01 hgs parents: diff changeset	42	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
ca9a0fc2f082 201043_01 hgs parents: diff changeset	43	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
ca9a0fc2f082 201043_01 hgs parents: diff changeset	44	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
ca9a0fc2f082 201043_01 hgs parents: diff changeset	45	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
ca9a0fc2f082 201043_01 hgs parents: diff changeset	46	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
ca9a0fc2f082 201043_01 hgs parents: diff changeset	47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
ca9a0fc2f082 201043_01 hgs parents: diff changeset	48	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ca9a0fc2f082 201043_01 hgs parents: diff changeset	49	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
ca9a0fc2f082 201043_01 hgs parents: diff changeset	50	* OF THE POSSIBILITY OF SUCH DAMAGE.
ca9a0fc2f082 201043_01 hgs parents: diff changeset	51	* ====================================================================
ca9a0fc2f082 201043_01 hgs parents: diff changeset	52	*
ca9a0fc2f082 201043_01 hgs parents: diff changeset	53	* This product includes cryptographic software written by Eric Young
ca9a0fc2f082 201043_01 hgs parents: diff changeset	54	* (eay@cryptsoft.com). This product includes software written by Tim
ca9a0fc2f082 201043_01 hgs parents: diff changeset	55	* Hudson (tjh@cryptsoft.com).
ca9a0fc2f082 201043_01 hgs parents: diff changeset	56	*
ca9a0fc2f082 201043_01 hgs parents: diff changeset	57	*/
ca9a0fc2f082 201043_01 hgs parents: diff changeset	58
ca9a0fc2f082 201043_01 hgs parents: diff changeset	59	/*
ca9a0fc2f082 201043_01 hgs parents: diff changeset	60	** 19990701 VRS Started.
ca9a0fc2f082 201043_01 hgs parents: diff changeset	61	*/
ca9a0fc2f082 201043_01 hgs parents: diff changeset	62
ca9a0fc2f082 201043_01 hgs parents: diff changeset	63	#ifndef KSSL_H
ca9a0fc2f082 201043_01 hgs parents: diff changeset	64	#define KSSL_H
ca9a0fc2f082 201043_01 hgs parents: diff changeset	65
ca9a0fc2f082 201043_01 hgs parents: diff changeset	66	#include <openssl/opensslconf.h>
ca9a0fc2f082 201043_01 hgs parents: diff changeset	67
ca9a0fc2f082 201043_01 hgs parents: diff changeset	68	#ifndef OPENSSL_NO_KRB5
ca9a0fc2f082 201043_01 hgs parents: diff changeset	69
ca9a0fc2f082 201043_01 hgs parents: diff changeset	70	#include <stdio.h>
ca9a0fc2f082 201043_01 hgs parents: diff changeset	71	#include <ctype.h>
ca9a0fc2f082 201043_01 hgs parents: diff changeset	72	#include <krb5.h>
ca9a0fc2f082 201043_01 hgs parents: diff changeset	73
ca9a0fc2f082 201043_01 hgs parents: diff changeset	74	#ifdef __cplusplus
ca9a0fc2f082 201043_01 hgs parents: diff changeset	75	extern "C" {
ca9a0fc2f082 201043_01 hgs parents: diff changeset	76	#endif
ca9a0fc2f082 201043_01 hgs parents: diff changeset	77
ca9a0fc2f082 201043_01 hgs parents: diff changeset	78	/*
ca9a0fc2f082 201043_01 hgs parents: diff changeset	79	** Depending on which KRB5 implementation used, some types from
ca9a0fc2f082 201043_01 hgs parents: diff changeset	80	** the other may be missing. Resolve that here and now
ca9a0fc2f082 201043_01 hgs parents: diff changeset	81	*/
ca9a0fc2f082 201043_01 hgs parents: diff changeset	82	#ifdef KRB5_HEIMDAL
ca9a0fc2f082 201043_01 hgs parents: diff changeset	83	typedef unsigned char krb5_octet;
ca9a0fc2f082 201043_01 hgs parents: diff changeset	84	#define FAR
ca9a0fc2f082 201043_01 hgs parents: diff changeset	85	#endif
ca9a0fc2f082 201043_01 hgs parents: diff changeset	86
ca9a0fc2f082 201043_01 hgs parents: diff changeset	87	/* Uncomment this to debug kssl problems or
ca9a0fc2f082 201043_01 hgs parents: diff changeset	88	** to trace usage of the Kerberos session key
ca9a0fc2f082 201043_01 hgs parents: diff changeset	89	**
ca9a0fc2f082 201043_01 hgs parents: diff changeset	90	** #define KSSL_DEBUG
ca9a0fc2f082 201043_01 hgs parents: diff changeset	91	*/
ca9a0fc2f082 201043_01 hgs parents: diff changeset	92
ca9a0fc2f082 201043_01 hgs parents: diff changeset	93	#ifndef KRB5SVC
ca9a0fc2f082 201043_01 hgs parents: diff changeset	94	#define KRB5SVC "host"
ca9a0fc2f082 201043_01 hgs parents: diff changeset	95	#endif
ca9a0fc2f082 201043_01 hgs parents: diff changeset	96
ca9a0fc2f082 201043_01 hgs parents: diff changeset	97	#ifndef KRB5KEYTAB
ca9a0fc2f082 201043_01 hgs parents: diff changeset	98	#define KRB5KEYTAB "/etc/krb5.keytab"
ca9a0fc2f082 201043_01 hgs parents: diff changeset	99	#endif
ca9a0fc2f082 201043_01 hgs parents: diff changeset	100
ca9a0fc2f082 201043_01 hgs parents: diff changeset	101	#ifndef KRB5SENDAUTH
ca9a0fc2f082 201043_01 hgs parents: diff changeset	102	#define KRB5SENDAUTH 1
ca9a0fc2f082 201043_01 hgs parents: diff changeset	103	#endif
ca9a0fc2f082 201043_01 hgs parents: diff changeset	104
ca9a0fc2f082 201043_01 hgs parents: diff changeset	105	#ifndef KRB5CHECKAUTH
ca9a0fc2f082 201043_01 hgs parents: diff changeset	106	#define KRB5CHECKAUTH 1
ca9a0fc2f082 201043_01 hgs parents: diff changeset	107	#endif
ca9a0fc2f082 201043_01 hgs parents: diff changeset	108
ca9a0fc2f082 201043_01 hgs parents: diff changeset	109	#ifndef KSSL_CLOCKSKEW
ca9a0fc2f082 201043_01 hgs parents: diff changeset	110	#define KSSL_CLOCKSKEW 300;
ca9a0fc2f082 201043_01 hgs parents: diff changeset	111	#endif
ca9a0fc2f082 201043_01 hgs parents: diff changeset	112
ca9a0fc2f082 201043_01 hgs parents: diff changeset	113	#define KSSL_ERR_MAX 255
ca9a0fc2f082 201043_01 hgs parents: diff changeset	114	typedef struct kssl_err_st {
ca9a0fc2f082 201043_01 hgs parents: diff changeset	115	int reason;
ca9a0fc2f082 201043_01 hgs parents: diff changeset	116	char text[KSSL_ERR_MAX+1];
ca9a0fc2f082 201043_01 hgs parents: diff changeset	117	} KSSL_ERR;
ca9a0fc2f082 201043_01 hgs parents: diff changeset	118
ca9a0fc2f082 201043_01 hgs parents: diff changeset	119
ca9a0fc2f082 201043_01 hgs parents: diff changeset	120	/* Context for passing
ca9a0fc2f082 201043_01 hgs parents: diff changeset	121	** (1) Kerberos session key to SSL, and
ca9a0fc2f082 201043_01 hgs parents: diff changeset	122	** (2) Config data between application and SSL lib
ca9a0fc2f082 201043_01 hgs parents: diff changeset	123	*/
ca9a0fc2f082 201043_01 hgs parents: diff changeset	124	typedef struct kssl_ctx_st
ca9a0fc2f082 201043_01 hgs parents: diff changeset	125	{
ca9a0fc2f082 201043_01 hgs parents: diff changeset	126	/* used by: disposition: */
ca9a0fc2f082 201043_01 hgs parents: diff changeset	127	char service_name; / C,S default ok (kssl) */
ca9a0fc2f082 201043_01 hgs parents: diff changeset	128	char service_host; / C input, REQUIRED */
ca9a0fc2f082 201043_01 hgs parents: diff changeset	129	char client_princ; / S output from krb5 ticket */
ca9a0fc2f082 201043_01 hgs parents: diff changeset	130	char keytab_file; / S NULL (/etc/krb5.keytab) */
ca9a0fc2f082 201043_01 hgs parents: diff changeset	131	char cred_cache; / C NULL (default) */
ca9a0fc2f082 201043_01 hgs parents: diff changeset	132	krb5_enctype enctype;
ca9a0fc2f082 201043_01 hgs parents: diff changeset	133	int length;
ca9a0fc2f082 201043_01 hgs parents: diff changeset	134	krb5_octet FAR *key;
ca9a0fc2f082 201043_01 hgs parents: diff changeset	135	} KSSL_CTX;
ca9a0fc2f082 201043_01 hgs parents: diff changeset	136
ca9a0fc2f082 201043_01 hgs parents: diff changeset	137	#define KSSL_CLIENT 1
ca9a0fc2f082 201043_01 hgs parents: diff changeset	138	#define KSSL_SERVER 2
ca9a0fc2f082 201043_01 hgs parents: diff changeset	139	#define KSSL_SERVICE 3
ca9a0fc2f082 201043_01 hgs parents: diff changeset	140	#define KSSL_KEYTAB 4
ca9a0fc2f082 201043_01 hgs parents: diff changeset	141
ca9a0fc2f082 201043_01 hgs parents: diff changeset	142	#define KSSL_CTX_OK 0
ca9a0fc2f082 201043_01 hgs parents: diff changeset	143	#define KSSL_CTX_ERR 1
ca9a0fc2f082 201043_01 hgs parents: diff changeset	144	#define KSSL_NOMEM 2
ca9a0fc2f082 201043_01 hgs parents: diff changeset	145
ca9a0fc2f082 201043_01 hgs parents: diff changeset	146	/* Public (for use by applications that use OpenSSL with Kerberos 5 support */
ca9a0fc2f082 201043_01 hgs parents: diff changeset	147	krb5_error_code kssl_ctx_setstring(KSSL_CTX kssl_ctx, int which, char text);
ca9a0fc2f082 201043_01 hgs parents: diff changeset	148	KSSL_CTX *kssl_ctx_new(void);
ca9a0fc2f082 201043_01 hgs parents: diff changeset	149	KSSL_CTX kssl_ctx_free(KSSL_CTX kssl_ctx);
ca9a0fc2f082 201043_01 hgs parents: diff changeset	150	void kssl_ctx_show(KSSL_CTX *kssl_ctx);
ca9a0fc2f082 201043_01 hgs parents: diff changeset	151	krb5_error_code kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
ca9a0fc2f082 201043_01 hgs parents: diff changeset	152	krb5_data realm, krb5_data entity);
ca9a0fc2f082 201043_01 hgs parents: diff changeset	153	krb5_error_code kssl_cget_tkt(KSSL_CTX kssl_ctx, krb5_data *enc_tktp,
ca9a0fc2f082 201043_01 hgs parents: diff changeset	154	krb5_data authenp, KSSL_ERR kssl_err);
ca9a0fc2f082 201043_01 hgs parents: diff changeset	155	krb5_error_code kssl_sget_tkt(KSSL_CTX kssl_ctx, krb5_data indata,
ca9a0fc2f082 201043_01 hgs parents: diff changeset	156	krb5_ticket_times ttimes, KSSL_ERR kssl_err);
ca9a0fc2f082 201043_01 hgs parents: diff changeset	157	krb5_error_code kssl_ctx_setkey(KSSL_CTX kssl_ctx, krb5_keyblock session);
ca9a0fc2f082 201043_01 hgs parents: diff changeset	158	void kssl_err_set(KSSL_ERR kssl_err, int reason, char text);
ca9a0fc2f082 201043_01 hgs parents: diff changeset	159	void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data);
ca9a0fc2f082 201043_01 hgs parents: diff changeset	160	krb5_error_code kssl_build_principal_2(krb5_context context,
ca9a0fc2f082 201043_01 hgs parents: diff changeset	161	krb5_principal princ, int rlen, const char realm,
ca9a0fc2f082 201043_01 hgs parents: diff changeset	162	int slen, const char svc, int hlen, const char host);
ca9a0fc2f082 201043_01 hgs parents: diff changeset	163	krb5_error_code kssl_validate_times(krb5_timestamp atime,
ca9a0fc2f082 201043_01 hgs parents: diff changeset	164	krb5_ticket_times *ttimes);
ca9a0fc2f082 201043_01 hgs parents: diff changeset	165	krb5_error_code kssl_check_authent(KSSL_CTX kssl_ctx, krb5_data authentp,
ca9a0fc2f082 201043_01 hgs parents: diff changeset	166	krb5_timestamp atimep, KSSL_ERR kssl_err);
ca9a0fc2f082 201043_01 hgs parents: diff changeset	167	unsigned char kssl_skip_confound(krb5_enctype enctype, unsigned char authn);
ca9a0fc2f082 201043_01 hgs parents: diff changeset	168
ca9a0fc2f082 201043_01 hgs parents: diff changeset	169	#ifdef __cplusplus
ca9a0fc2f082 201043_01 hgs parents: diff changeset	170	}
ca9a0fc2f082 201043_01 hgs parents: diff changeset	171	#endif
ca9a0fc2f082 201043_01 hgs parents: diff changeset	172	#endif /* OPENSSL_NO_KRB5 */
ca9a0fc2f082 201043_01 hgs parents: diff changeset	173	#endif /* KSSL_H */
ca9a0fc2f082 201043_01 hgs parents: diff changeset	174

author	hgs
	Sat, 30 Oct 2010 16:29:23 +0530
changeset 108	ca9a0fc2f082
permissions	-rw-r--r--