Grid Community Toolkit  6.2.1541705016
globus_gss_assist.h
Go to the documentation of this file.
1 /*
2  * Copyright 1999-2006 University of Chicago
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef _GLOBUS_GSS_ASSIST_H
18 #define _GLOBUS_GSS_ASSIST_H
19 
25 #include "gssapi.h"
26 
27 #include <stdio.h>
28 #include <stdlib.h>
29 
30 #ifdef __cplusplus
31 extern "C" {
32 #endif
33 
34 #ifndef GLOBUS_GLOBAL_DOCUMENT_SET
35 
39 #endif
40 
92 #define GLOBUS_GSI_GSS_ASSIST_MODULE (&globus_i_gsi_gss_assist_module)
93 
94 extern
95 globus_module_descriptor_t globus_i_gsi_gss_assist_module;
96 
97 #define _GASL(s) globus_common_i18n_get_string( \
98  GLOBUS_GSI_GSS_ASSIST_MODULE, \
99  s)
100 #include "globus_gss_assist_constants.h"
101 
102 
103 #define GLOBUS_GSS_ASSIST_TOKEN_ERR_MALLOC 1
104 #define GLOBUS_GSS_ASSIST_TOKEN_ERR_BAD_SIZE 2
105 #define GLOBUS_GSS_ASSIST_TOKEN_EOF 3
106 #define GLOBUS_GSS_ASSIST_TOKEN_NOT_FOUND 4
107 
108 /* for kerberos v5.1.0.5 compatibility we need this */
109 #ifndef GSS_C_NO_NAME
110 #define GSS_C_NO_NAME ((gss_name_t *) 0)
111 #define GSS_ASSIST_KRB5_HACK
112 #endif
113 
114 /* for the globus_gss_assist_ex flags: */
115 
116 #define GLOBUS_GSS_ASSIST_EX_SEND_WITHOUT_LENGTH 1
117 
118 typedef struct globus_gss_assist_ex_st
119 {
120  void * arg;
121  int flags;
122 } globus_gss_assist_ex;
123 
133 extern int
134 globus_gss_assist_token_get_fd(
135  void * arg,
136  void ** bufp,
137  size_t * sizep);
138 
139 extern int
140 globus_gss_assist_token_send_fd(
141  void * arg,
142  void * buf,
143  size_t size);
144 
145 extern int
146 globus_gss_assist_token_send_fd_ex(
147  void * arg,
148  void * buf,
149  size_t size);
150 
151 extern int
152 globus_gss_assist_token_send_fd_without_length(
153  void * arg,
154  void * buf,
155  size_t size);
156 
165 extern OM_uint32
166 globus_gss_assist_acquire_cred(
167  OM_uint32 *, /* minor_status */
168  gss_cred_usage_t, /* cred_usage */
169  gss_cred_id_t * /* output_cred_handle */);
170 
171 extern
172 OM_uint32
173 globus_gss_assist_read_vhost_cred_dir(
174  OM_uint32 *minor_status,
175  const char *dir,
176  gss_cred_id_t **output_credentials_array,
177  size_t *output_credentials_array_size);
178 
179 extern OM_uint32
180 globus_gss_assist_acquire_cred_dir(
181  OM_uint32 *, /* minor_status */
182  gss_cred_usage_t, /* cred_usage */
183  gss_cred_id_t ** /* output_cred_handle */,
184  size_t);
185 /*
186  * globus_gss_assist_acquire_cred_ext, assist with the gss_acquire_cred
187  */
188 extern OM_uint32
189 globus_gss_assist_acquire_cred_ext(
190  OM_uint32 *, /* minor_status */
191  char *, /* desired_name_char */
192  OM_uint32, /* time_req */
193  const gss_OID_set, /* desired_mechs */
194  gss_cred_usage_t, /* cred_usage */
195  gss_cred_id_t *, /* output_cred_handle */
196  gss_OID_set *, /* actual_mechs */
197  OM_uint32 * /* time_rec */);
198 
210 extern OM_uint32
211 globus_gss_assist_accept_sec_context(
212  OM_uint32 *, /* minor_status */
213  gss_ctx_id_t *, /* context_handle */
214  const gss_cred_id_t, /* acceptor_cred_handle */
215  char **, /* src_name as char ** */
216  OM_uint32 *, /* ret_flags */
217  int *, /* user_to_user_flag */
218  int *, /* token_status */
219  gss_cred_id_t *, /* delegated_cred_handle */
220  int (* get_token)(void *, void **, size_t *),
221  void * get_context,
222  int (* send_token)(void *, void *, size_t),
223  void * send_context);
224 
225 /*
226  * globus_gss_assist_accept_sec_context_async - async version of
227  * globus_gss_assist_accept_sec_context().
228  */
229 extern OM_uint32
230 globus_gss_assist_accept_sec_context_async(
231  OM_uint32 * minor_status,
232  gss_ctx_id_t * context_handle,
233  const gss_cred_id_t cred_handle,
234  char ** src_name_char,
235  OM_uint32 * ret_flags,
236  int * user_to_user_flag,
237  void * input_buffer,
238  size_t input_buffer_len,
239  void ** output_bufferp,
240  size_t * output_buffer_lenp,
241  gss_cred_id_t * delegated_cred_handle);
242 
243 /*
244  * globus_gss_assist_init_sec_context - takes care of looping
245  * over multiple tokens using the get and send tokens
246  * routines
247  */
248 extern OM_uint32
249 globus_gss_assist_init_sec_context(
250  OM_uint32 *, /* minor_status */
251  const gss_cred_id_t, /* initiator_cred_handle */
252  gss_ctx_id_t *, /* context_handle */
253  char *, /* target_name as char * */
254  OM_uint32, /* req_flags */
255  OM_uint32 *, /* ret_flags */
256  int *, /* token_status */
257  int (* get_token)(void *, void **, size_t *),
258  void * get_arg,
259  int (* send_token)(void *, void *, size_t),
260  void * send_arg);
261 
262 /*
263  * globus_gss_assist_init_sec_context_async - async version of
264  * globus_gss_assist_init_sec_context().
265  */
266 extern OM_uint32
267 globus_gss_assist_init_sec_context_async(
268  OM_uint32 * minor_status,
269  const gss_cred_id_t cred_handle,
270  gss_ctx_id_t * context_handle,
271  char * target_name_char,
272  OM_uint32 req_flags,
273  OM_uint32 * ret_flags,
274  void * input_buffer,
275  size_t input_buffer_len,
276  void ** output_bufferp,
277  size_t * output_buffer_lenp);
278 
287 extern OM_uint32
288 globus_gss_assist_display_status(
289  FILE *, /* where to print */
290  char *, /* comment */
291  OM_uint32, /* major_status */
292  OM_uint32, /* minor_status */
293  int /* token_status */);
294 
295 extern OM_uint32
296 globus_gss_assist_display_status_str(
297  char **, /* string returned with newlines */
298  char *, /* comment */
299  OM_uint32, /* major_status */
300  OM_uint32, /* minor_status */
301  int /* token_status */);
302 
303 /*
304  * globus_gss_assist_wrap_send - used to wrap a
305  * simple message and send it
306  */
307 extern OM_uint32
308 globus_gss_assist_wrap_send(
309  OM_uint32 * minor_status,
310  const gss_ctx_id_t context_handle,
311  char * data,
312  size_t length,
313  int * token_status,
314  int (*gss_assist_send_token)(void *, void *, size_t),
315  void * gss_assist_send_context,
316  FILE * fperr);
317 
318 /*
319  * globus_gss_assist_get_unwrap - used to get and unwrap a message
320  */
321 extern OM_uint32
322 globus_gss_assist_get_unwrap(
323  OM_uint32 * minor_status,
324  const gss_ctx_id_t context_handle,
325  char ** data,
326  size_t * length,
327  int * token_status,
328  int (*gss_assist_get_token)(void *, void **, size_t *),
329  void * gss_assist_get_context,
330  FILE * fperr);
331 
332 /*
333  * globus_gss_assist_will_handle_restrictions - used to tell OpenSSL
334  * that the application will deal with the restrictions extension
335  */
336 OM_uint32
337 globus_gss_assist_will_handle_restrictions(
338  OM_uint32 * minor_status,
339  gss_ctx_id_t * context_handle);
340 
341 
342 /*
343  * globus_gss_assist_import_sec_context - read a security context
344  */
345 extern OM_uint32
346 globus_gss_assist_export_sec_context(
347  OM_uint32 * minor_status,
348  gss_ctx_id_t * context_handle,
349  int * token_status,
350  int fdp,
351  FILE * fperr);
352 
353 /*
354  * globus_gss_assist_import_sec_context - read a security context
355  */
356 extern OM_uint32
357 globus_gss_assist_import_sec_context(
358  OM_uint32 * minor_status,
359  gss_ctx_id_t * context_handle,
360  int * token_status,
361  int fdp,
362  FILE * fperr);
363 
364 
365 globus_result_t
366 globus_gss_assist_authorization_host_name(
367  char * hostname,
368  gss_name_t * authorization_hostname);
369 
379 extern int
380 globus_gss_assist_gridmap(
381  char * globusidp,
382  char ** useridp);
383 
384 extern int
385 globus_gss_assist_userok(
386  char * globusid,
387  char * userid);
388 
389 extern int
390 globus_gss_assist_map_local_user(
391  char * local_user,
392  char ** globusidp);
393 
394 globus_result_t
395 globus_gss_assist_lookup_all_globusid(
396  char * username,
397  char ** dns[],
398  int * dn_count);
399 
400 globus_result_t
401 globus_gss_assist_map_and_authorize(
402  gss_ctx_id_t context,
403  char * service,
404  char * desired_identity,
405  char * identity_buffer,
406  unsigned int identity_buffer_length);
407 
408 globus_result_t
409 globus_gss_assist_map_and_authorize_sharing(
410  char * shared_user_certificate,
411  gss_ctx_id_t context,
412  char * desired_identity,
413  char * identity_buffer,
414  unsigned int identity_buffer_length);
415 
416 
431 #define GlobusGssAssistFreeDNArray(dn_a) \
432 { \
433  int __ctr = 0; \
434  while(dn_a[__ctr] != NULL) \
435  { \
436  free(dn_a[__ctr]); \
437  __ctr++; \
438  } \
439  free(dn_a); \
440 }
441 
442 
443 #ifdef __cplusplus
444 }
445 #endif
446 
447 #endif /* _GLOBUS_GSS_ASSIST_H */
globus_gss_assist_lookup_all_globusid
globus_result_t globus_gss_assist_lookup_all_globusid(char *username, char **dns[], int *dn_count)
Look up all Grid IDs associated with a local user ID.
Definition: gridmap.c:1769
globus_gss_assist_display_status_str
OM_uint32 globus_gss_assist_display_status_str(char **, char *, OM_uint32, OM_uint32, int)
Definition: display.c:173
globus_gss_assist_userok
int globus_gss_assist_userok(char *globusid, char *userid)
Gridmap entry existence check.
Definition: gridmap.c:699
globus_gss_assist_accept_sec_context_async
OM_uint32 globus_gss_assist_accept_sec_context_async(OM_uint32 *minor_status, gss_ctx_id_t *context_handle, const gss_cred_id_t cred_handle, char **src_name_char, OM_uint32 *ret_flags, int *user_to_user_flag, void *input_buffer, size_t input_buffer_len, void **output_bufferp, size_t *output_buffer_lenp, gss_cred_id_t *delegated_cred_handle)
Accept a Security Context Without Blocking.
Definition: accept.c:323
globus_gss_assist_get_unwrap
OM_uint32 globus_gss_assist_get_unwrap(OM_uint32 *minor_status, const gss_ctx_id_t context_handle, char **data, size_t *length, int *token_status, int(*gss_assist_get_token)(void *, void **, size_t *), void *gss_assist_get_context, FILE *fperr)
Get Unwrap.
Definition: unwrap.c:60
globus_gss_assist_acquire_cred
OM_uint32 globus_gss_assist_acquire_cred(OM_uint32 *, gss_cred_usage_t, gss_cred_id_t *)
Definition: acquire.c:67
globus_gss_assist_accept_sec_context
OM_uint32 globus_gss_assist_accept_sec_context(OM_uint32 *, gss_ctx_id_t *, const gss_cred_id_t, char **, OM_uint32 *, int *, int *, gss_cred_id_t *, int(*get_token)(void *, void **, size_t *), void *get_context, int(*send_token)(void *, void *, size_t), void *send_context)
Accept a Security Context.
Definition: accept.c:80
globus_gss_assist_import_sec_context
OM_uint32 globus_gss_assist_import_sec_context(OM_uint32 *minor_status, gss_ctx_id_t *context_handle, int *token_status, int fdp, FILE *fperr)
Definition: import_sec_context.c:51
globus_gss_assist_will_handle_restrictions
OM_uint32 globus_gss_assist_will_handle_restrictions(OM_uint32 *minor_status, gss_ctx_id_t *context_handle)
Definition: set_sec_context_opts.c:45
globus_gss_assist_acquire_cred_ext
OM_uint32 globus_gss_assist_acquire_cred_ext(OM_uint32 *, char *, OM_uint32, const gss_OID_set, gss_cred_usage_t, gss_cred_id_t *, gss_OID_set *, OM_uint32 *)
Definition: acquire.c:95
globus_gss_assist_token_send_fd
int globus_gss_assist_token_send_fd(void *arg, void *buf, size_t size)
Send token via a FILE *.
Definition: tokens_f.c:247
globus_gss_assist_map_and_authorize_sharing
globus_result_t globus_gss_assist_map_and_authorize_sharing(char *shared_user_certificate, gss_ctx_id_t context, char *desired_identity, char *identity_buffer, unsigned int identity_buffer_length)
Authorize a particular credential for shared access.
Definition: gridmap.c:2126
globus_gss_assist_export_sec_context
OM_uint32 globus_gss_assist_export_sec_context(OM_uint32 *minor_status, gss_ctx_id_t *context_handle, int *token_status, int fdp, FILE *fperr)
Definition: export_sec_context.c:52
globus_gss_assist_wrap_send
OM_uint32 globus_gss_assist_wrap_send(OM_uint32 *minor_status, const gss_ctx_id_t context_handle, char *data, size_t length, int *token_status, int(*gss_assist_send_token)(void *, void *, size_t), void *gss_assist_send_context, FILE *fperr)
Wrap.
Definition: wrap.c:62
globus_gss_assist_read_vhost_cred_dir
OM_uint32 globus_gss_assist_read_vhost_cred_dir(OM_uint32 *minor_status, const char *dir, gss_cred_id_t **output_credentials_array, size_t *output_credentials_array_size)
Acquire all GSSAPI credentials in a directory.
Definition: read_vhost_cred_dir.c:41
globus_gss_assist_map_local_user
int globus_gss_assist_map_local_user(char *local_user, char **globusidp)
Look up the default Grid identity associated with a local user name.
Definition: gridmap.c:836
globus_gss_assist_init_sec_context
OM_uint32 globus_gss_assist_init_sec_context(OM_uint32 *, const gss_cred_id_t, gss_ctx_id_t *, char *, OM_uint32, OM_uint32 *, int *, int(*get_token)(void *, void **, size_t *), void *get_arg, int(*send_token)(void *, void *, size_t), void *send_arg)
Definition: init.c:77
globus_gss_assist_token_send_fd_ex
int globus_gss_assist_token_send_fd_ex(void *arg, void *buf, size_t size)
Send a token to a FILE *.
Definition: tokens_f.c:319
globus_result_t
uint32_t globus_result_t
Definition: globus_types.h:99
globus_gss_assist_init_sec_context_async
OM_uint32 globus_gss_assist_init_sec_context_async(OM_uint32 *minor_status, const gss_cred_id_t cred_handle, gss_ctx_id_t *context_handle, char *target_name_char, OM_uint32 req_flags, OM_uint32 *ret_flags, void *input_buffer, size_t input_buffer_len, void **output_bufferp, size_t *output_buffer_lenp)
Definition: init.c:336
globus_gss_assist_token_get_fd
int globus_gss_assist_token_get_fd(void *arg, void **bufp, size_t *sizep)
Get token from a FILE *.
Definition: tokens_f.c:50
globus_gss_assist_gridmap
int globus_gss_assist_gridmap(char *globusidp, char **useridp)
Look up the default mapping for a Grid identity in a gridmap file.
Definition: gridmap.c:552
globus_gss_assist_display_status
OM_uint32 globus_gss_assist_display_status(FILE *, char *, OM_uint32, OM_uint32, int)
Definition: display.c:125
globus_gss_assist_map_and_authorize
globus_result_t globus_gss_assist_map_and_authorize(gss_ctx_id_t context, char *service, char *desired_identity, char *identity_buffer, unsigned int identity_buffer_length)
Authorize the peer of a security context to use a service.
Definition: gridmap.c:1952
globus_gss_assist_authorization_host_name
globus_result_t globus_gss_assist_authorization_host_name(char *hostname, gss_name_t *authorization_hostname)
Definition: hostname.c:47
globus_gss_assist_constants.h
Globus GSI GSS Assist Library.
globus_module_descriptor_s
Module Descriptor.
Definition: globus_module.h:69
globus_gss_assist_token_send_fd_without_length
int globus_gss_assist_token_send_fd_without_length(void *arg, void *buf, size_t size)
Send token to a FILE *.
Definition: tokens_f.c:276
Generated by   doxygen 1.8.14