Grid Community Toolkit  6.2.1705709074 (tag: v6.2.20240202)
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
globus_gss_assist.h
Go to the documentation of this file.
1 /*
2  * Copyright 1999-2006 University of Chicago
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef _GLOBUS_GSS_ASSIST_H
18 #define _GLOBUS_GSS_ASSIST_H
19 
25 #include "gssapi.h"
26 
27 #include <stdio.h>
28 #include <stdlib.h>
29 
30 #ifdef __cplusplus
31 extern "C" {
32 #endif
33 
34 #ifndef GLOBUS_GLOBAL_DOCUMENT_SET
35 
39 #endif
40 
94 #define GLOBUS_GSI_GSS_ASSIST_MODULE (&globus_i_gsi_gss_assist_module)
95 
96 extern
97 globus_module_descriptor_t globus_i_gsi_gss_assist_module;
98 
99 #define _GASL(s) globus_common_i18n_get_string( \
100  GLOBUS_GSI_GSS_ASSIST_MODULE, \
101  s)
103 
104 
105 #define GLOBUS_GSS_ASSIST_TOKEN_ERR_MALLOC 1
106 #define GLOBUS_GSS_ASSIST_TOKEN_ERR_BAD_SIZE 2
107 #define GLOBUS_GSS_ASSIST_TOKEN_EOF 3
108 #define GLOBUS_GSS_ASSIST_TOKEN_NOT_FOUND 4
109 
110 /* for kerberos v5.1.0.5 compatibility we need this */
111 #ifndef GSS_C_NO_NAME
112 #define GSS_C_NO_NAME ((gss_name_t *) 0)
113 #define GSS_ASSIST_KRB5_HACK
114 #endif
115 
116 /* for the globus_gss_assist_ex flags: */
117 
118 #define GLOBUS_GSS_ASSIST_EX_SEND_WITHOUT_LENGTH 1
119 
120 typedef struct globus_gss_assist_ex_st
121 {
122  void * arg;
123  int flags;
124 } globus_gss_assist_ex;
125 
136 extern int
138  void * arg,
139  void ** bufp,
140  size_t * sizep);
141 
142 extern int
144  void * arg,
145  void * buf,
146  size_t size);
147 
148 extern int
150  void * exp,
151  void * buf,
152  size_t size);
153 
154 extern int
156  void * arg,
157  void * buf,
158  size_t size);
159 
169 extern OM_uint32
171  OM_uint32 *, /* minor_status */
172  gss_cred_usage_t, /* cred_usage */
173  gss_cred_id_t * /* output_cred_handle */);
174 
175 extern
176 OM_uint32
178  OM_uint32 *minor_status,
179  const char *dir,
180  gss_cred_id_t **output_credentials_array,
181  size_t *output_credentials_array_size);
182 
183 extern OM_uint32
184 globus_gss_assist_acquire_cred_dir(
185  OM_uint32 *, /* minor_status */
186  gss_cred_usage_t, /* cred_usage */
187  gss_cred_id_t ** /* output_cred_handle */,
188  size_t);
189 /*
190  * globus_gss_assist_acquire_cred_ext, assist with the gss_acquire_cred
191  */
192 extern OM_uint32
194  OM_uint32 *, /* minor_status */
195  char *, /* desired_name_char */
196  OM_uint32, /* time_req */
197  const gss_OID_set, /* desired_mechs */
198  gss_cred_usage_t, /* cred_usage */
199  gss_cred_id_t *, /* output_cred_handle */
200  gss_OID_set *, /* actual_mechs */
201  OM_uint32 * /* time_rec */);
202 
216 /*
217  * globus_gss_assist_accept_sec_context - takes care of looping
218  * over multiple tokens using the get and send tokens
219  * routines
220  */
221 extern OM_uint32
223  OM_uint32 *, /* minor_status */
224  gss_ctx_id_t *, /* context_handle */
225  const gss_cred_id_t, /* acceptor_cred_handle */
226  char **, /* src_name as char ** */
227  OM_uint32 *, /* ret_flags */
228  int *, /* user_to_user_flag */
229  int *, /* token_status */
230  gss_cred_id_t *, /* delegated_cred_handle */
231  int (* get_token)(void *, void **, size_t *),
232  void * get_context,
233  int (* send_token)(void *, void *, size_t),
234  void * send_context);
235 
236 /*
237  * globus_gss_assist_accept_sec_context_async - async version of
238  * globus_gss_assist_accept_sec_context().
239  */
240 extern OM_uint32
242  OM_uint32 * minor_status,
243  gss_ctx_id_t * context_handle,
244  const gss_cred_id_t cred_handle,
245  char ** src_name_char,
246  OM_uint32 * ret_flags,
247  int * user_to_user_flag,
248  void * input_buffer,
249  size_t input_buffer_len,
250  void ** output_bufferp,
251  size_t * output_buffer_lenp,
252  gss_cred_id_t * delegated_cred_handle);
253 
254 /*
255  * globus_gss_assist_init_sec_context - takes care of looping
256  * over multiple tokens using the get and send tokens
257  * routines
258  */
259 extern OM_uint32
261  OM_uint32 *, /* minor_status */
262  const gss_cred_id_t, /* initiator_cred_handle */
263  gss_ctx_id_t *, /* context_handle */
264  char *, /* target_name as char * */
265  OM_uint32, /* req_flags */
266  OM_uint32 *, /* ret_flags */
267  int *, /* token_status */
268  int (* get_token)(void *, void **, size_t *),
269  void * get_arg,
270  int (* send_token)(void *, void *, size_t),
271  void * send_arg);
272 
273 /*
274  * globus_gss_assist_init_sec_context_async - async version of
275  * globus_gss_assist_init_sec_context().
276  */
277 extern OM_uint32
279  OM_uint32 * minor_status,
280  const gss_cred_id_t cred_handle,
281  gss_ctx_id_t * context_handle,
282  char * target_name_char,
283  OM_uint32 req_flags,
284  OM_uint32 * ret_flags,
285  void * input_buffer,
286  size_t input_buffer_len,
287  void ** output_bufferp,
288  size_t * output_buffer_lenp);
289 
299 extern OM_uint32
301  FILE *, /* where to print */
302  char *, /* comment */
303  OM_uint32, /* major_status */
304  OM_uint32, /* minor_status */
305  int /* token_status */);
306 
307 extern OM_uint32
309  char **, /* string returned with newlines */
310  char *, /* comment */
311  OM_uint32, /* major_status */
312  OM_uint32, /* minor_status */
313  int /* token_status */);
314 
315 /*
316  * globus_gss_assist_wrap_send - used to wrap a
317  * simple message and send it
318  */
319 extern OM_uint32
321  OM_uint32 * minor_status,
322  const gss_ctx_id_t context_handle,
323  char * data,
324  size_t length,
325  int * token_status,
326  int (*gss_assist_send_token)(void *, void *, size_t),
327  void * gss_assist_send_context,
328  FILE * fperr);
329 
330 /*
331  * globus_gss_assist_get_unwrap - used to get and unwrap a message
332  */
333 extern OM_uint32
335  OM_uint32 * minor_status,
336  const gss_ctx_id_t context_handle,
337  char ** data,
338  size_t * length,
339  int * token_status,
340  int (*gss_assist_get_token)(void *, void **, size_t *),
341  void * gss_assist_get_context,
342  FILE * fperr);
343 
344 /*
345  * globus_gss_assist_will_handle_restrictions - used to tell OpenSSL
346  * that the application will deal with the restrictions extension
347  */
348 OM_uint32
350  OM_uint32 * minor_status,
351  gss_ctx_id_t * context_handle);
352 
353 
354 /*
355  * globus_gss_assist_import_sec_context - read a security context
356  */
357 extern OM_uint32
359  OM_uint32 * minor_status,
360  gss_ctx_id_t * context_handle,
361  int * token_status,
362  int fdp,
363  FILE * fperr);
364 
365 /*
366  * globus_gss_assist_import_sec_context - read a security context
367  */
368 extern OM_uint32
370  OM_uint32 * minor_status,
371  gss_ctx_id_t * context_handle,
372  int * token_status,
373  int fdp,
374  FILE * fperr);
375 
376 
379  char * hostname,
380  gss_name_t * authorization_hostname);
381 
392 extern int
394  char * globusidp,
395  char ** useridp);
396 
397 extern int
399  char * globusid,
400  char * userid);
401 
402 extern int
404  char * local_user,
405  char ** globusidp);
406 
409  char * username,
410  char ** dns[],
411  int * dn_count);
412 
415  gss_ctx_id_t context,
416  char * service,
417  char * desired_identity,
418  char * identity_buffer,
419  unsigned int identity_buffer_length);
420 
423  char * shared_user_certificate,
424  gss_ctx_id_t context,
425  char * desired_identity,
426  char * identity_buffer,
427  unsigned int identity_buffer_length);
428 
429 
444 #define GlobusGssAssistFreeDNArray(dn_a) \
445 { \
446  int __ctr = 0; \
447  while(dn_a[__ctr] != NULL) \
448  { \
449  free(dn_a[__ctr]); \
450  __ctr++; \
451  } \
452  free(dn_a); \
453 }
454 
455 
456 #ifdef __cplusplus
457 }
458 #endif
459 
460 #endif /* _GLOBUS_GSS_ASSIST_H */
globus_result_t globus_gss_assist_lookup_all_globusid(char *username, char **dns[], int *dn_count)
Look up all Grid IDs associated with a local user ID.
Definition: gridmap.c:1769
OM_uint32 globus_gss_assist_display_status_str(char **str, char *comment, OM_uint32 major_status, OM_uint32 minor_status, int token_status)
Definition: display.c:173
int globus_gss_assist_userok(char *globusid, char *userid)
Gridmap entry existence check.
Definition: gridmap.c:699
OM_uint32 globus_gss_assist_accept_sec_context_async(OM_uint32 *minor_status, gss_ctx_id_t *context_handle, const gss_cred_id_t cred_handle, char **src_name_char, OM_uint32 *ret_flags, int *user_to_user_flag, void *input_buffer, size_t input_buffer_len, void **output_bufferp, size_t *output_buffer_lenp, gss_cred_id_t *delegated_cred_handle)
Accept a Security Context Without Blocking.
Definition: accept.c:324
OM_uint32 globus_gss_assist_get_unwrap(OM_uint32 *minor_status, const gss_ctx_id_t context_handle, char **data, size_t *length, int *token_status, int(*gss_assist_get_token)(void *, void **, size_t *), void *gss_assist_get_context, FILE *fperr)
Get Unwrap.
Definition: unwrap.c:60
OM_uint32 globus_gss_assist_acquire_cred(OM_uint32 *minor_status, gss_cred_usage_t cred_usage, gss_cred_id_t *output_cred_handle)
Definition: acquire.c:67
OM_uint32 globus_gss_assist_accept_sec_context(OM_uint32 *minor_status, gss_ctx_id_t *context_handle, const gss_cred_id_t cred_handle, char **src_name_char, OM_uint32 *ret_flags, int *user_to_user_flag, int *token_status, gss_cred_id_t *delegated_cred_handle, int(*gss_assist_get_token)(void *, void **, size_t *), void *gss_assist_get_context, int(*gss_assist_send_token)(void *, void *, size_t), void *gss_assist_send_context)
Accept a Security Context.
Definition: accept.c:80
OM_uint32 globus_gss_assist_import_sec_context(OM_uint32 *minor_status, gss_ctx_id_t *context_handle, int *token_status, int fdp, FILE *fperr)
Definition: import_sec_context.c:51
OM_uint32 globus_gss_assist_will_handle_restrictions(OM_uint32 *minor_status, gss_ctx_id_t *context_handle)
Definition: set_sec_context_opts.c:45
OM_uint32 globus_gss_assist_acquire_cred_ext(OM_uint32 *minor_status, char *desired_name_char, OM_uint32 time_req, const gss_OID_set desired_mechs, gss_cred_usage_t cred_usage, gss_cred_id_t *output_cred_handle, gss_OID_set *actual_mechs, OM_uint32 *time_rec)
Definition: acquire.c:95
int globus_gss_assist_token_send_fd(void *arg, void *buf, size_t size)
Send token via a FILE *.
Definition: tokens_f.c:253
globus_result_t globus_gss_assist_map_and_authorize_sharing(char *shared_user_certificate, gss_ctx_id_t context, char *desired_identity, char *identity_buffer, unsigned int identity_buffer_length)
Authorize a particular credential for shared access.
Definition: gridmap.c:2126
OM_uint32 globus_gss_assist_export_sec_context(OM_uint32 *minor_status, gss_ctx_id_t *context_handle, int *token_status, int fdp, FILE *fperr)
Definition: export_sec_context.c:52
OM_uint32 globus_gss_assist_wrap_send(OM_uint32 *minor_status, const gss_ctx_id_t context_handle, char *data, size_t length, int *token_status, int(*gss_assist_send_token)(void *, void *, size_t), void *gss_assist_send_context, FILE *fperr)
Wrap.
Definition: wrap.c:62
OM_uint32 globus_gss_assist_read_vhost_cred_dir(OM_uint32 *minor_status, const char *dir, gss_cred_id_t **output_credentials_array, size_t *output_credentials_array_size)
Acquire all GSSAPI credentials in a directory.
Definition: read_vhost_cred_dir.c:42
int globus_gss_assist_map_local_user(char *local_user, char **globusidp)
Look up the default Grid identity associated with a local user name.
Definition: gridmap.c:836
OM_uint32 globus_gss_assist_init_sec_context(OM_uint32 *, const gss_cred_id_t, gss_ctx_id_t *, char *, OM_uint32, OM_uint32 *, int *, int(*get_token)(void *, void **, size_t *), void *get_arg, int(*send_token)(void *, void *, size_t), void *send_arg)
Definition: init.c:77
int globus_gss_assist_token_send_fd_ex(void *exp, void *buf, size_t size)
Send a token to a FILE *.
Definition: tokens_f.c:325
uint32_t globus_result_t
Definition: globus_types.h:99
OM_uint32 globus_gss_assist_init_sec_context_async(OM_uint32 *minor_status, const gss_cred_id_t cred_handle, gss_ctx_id_t *context_handle, char *target_name_char, OM_uint32 req_flags, OM_uint32 *ret_flags, void *input_buffer, size_t input_buffer_len, void **output_bufferp, size_t *output_buffer_lenp)
Definition: init.c:338
int globus_gss_assist_token_get_fd(void *arg, void **bufp, size_t *sizep)
Get token from a FILE *.
Definition: tokens_f.c:50
int globus_gss_assist_gridmap(char *globusidp, char **useridp)
Look up the default mapping for a Grid identity in a gridmap file.
Definition: gridmap.c:552
OM_uint32 globus_gss_assist_display_status(FILE *fp, char *comment, OM_uint32 major_status, OM_uint32 minor_status, int token_status)
Definition: display.c:125
globus_result_t globus_gss_assist_map_and_authorize(gss_ctx_id_t context, char *service, char *desired_identity, char *identity_buffer, unsigned int identity_buffer_length)
Authorize the peer of a security context to use a service.
Definition: gridmap.c:1952
globus_result_t globus_gss_assist_authorization_host_name(char *hostname, gss_name_t *authorization_hostname)
Definition: hostname.c:47
Globus GSI GSS Assist Library.
Module Descriptor.
Definition: globus_module.h:71
int globus_gss_assist_token_send_fd_without_length(void *arg, void *buf, size_t size)
Send token to a FILE *.
Definition: tokens_f.c:282