/lab4/.minix-src/include/openssl/kssl.h - Annotate - LCOM1920-T02G10 - FEUP Project Manager

13

up20180614

/* ssl/kssl.h -*- mode: C; c-file-style: "eay" -*- */

2

/*

3

 * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project

4

 * 2000. project 2000.

5

*/

6

/* ====================================================================

7

 * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.

8

9

 * Redistribution and use in source and binary forms, with or without

10

 * modification, are permitted provided that the following conditions

11

 * are met:

12

13

 * 1. Redistributions of source code must retain the above copyright

14

 *    notice, this list of conditions and the following disclaimer.

15

16

 * 2. Redistributions in binary form must reproduce the above copyright

17

 *    notice, this list of conditions and the following disclaimer in

18

 *    the documentation and/or other materials provided with the

19

 *    distribution.

20

21

 * 3. All advertising materials mentioning features or use of this

22

 *    software must display the following acknowledgment:

23

 *    "This product includes software developed by the OpenSSL Project

24

 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"

25

26

 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

27

 *    endorse or promote products derived from this software without

28

 *    prior written permission. For written permission, please contact

29

 *    licensing@OpenSSL.org.

30

31

 * 5. Products derived from this software may not be called "OpenSSL"

32

 *    nor may "OpenSSL" appear in their names without prior written

33

 *    permission of the OpenSSL Project.

34

35

 * 6. Redistributions of any form whatsoever must retain the following

36

 *    acknowledgment:

37

 *    "This product includes software developed by the OpenSSL Project

38

 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"

39

40

 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

41

 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

42

 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

43

 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

44

 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

45

 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

46

 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

47

 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

48

 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

49

 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

50

 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

51

 * OF THE POSSIBILITY OF SUCH DAMAGE.

52

 * ====================================================================

53

54

 * This product includes cryptographic software written by Eric Young

55

 * (eay@cryptsoft.com).  This product includes software written by Tim

56

 * Hudson (tjh@cryptsoft.com).

57

58

*/

59

60

/*

61

 **      19990701        VRS     Started.

62

*/

63

64

#ifndef KSSL_H

65

# define KSSL_H

66

67

# include <openssl/opensslconf.h>

68

69

# ifndef OPENSSL_NO_KRB5

70

71

#  include <stdio.h>

72

#  include <ctype.h>

73

#  include <krb5.h>

74

#  ifdef OPENSSL_SYS_WIN32

75

/*

76

 * These can sometimes get redefined indirectly by krb5 header files after

77

 * they get undefed in ossl_typ.h

78

*/

79

#   undef X509_NAME

80

#   undef X509_EXTENSIONS

81

#   undef OCSP_REQUEST

82

#   undef OCSP_RESPONSE

83

#  endif

84

85

#ifdef  __cplusplus

86

extern "C" {

87

#endif

88

89

/*

90

 *      Depending on which KRB5 implementation used, some types from

91

 *      the other may be missing.  Resolve that here and now

92

*/

93

#  ifdef KRB5_HEIMDAL

94

typedef unsigned char krb5_octet;

95

#   define FAR

96

#  else

97

98

#   ifndef FAR

99

#    define FAR

100

#   endif

101

102

#  endif

103

104

/*-

105

 *      Uncomment this to debug kssl problems or

106

 *      to trace usage of the Kerberos session key

107

108

 *      #define         KSSL_DEBUG

109

*/

110

111

#  ifndef KRB5SVC

112

#   define KRB5SVC "host"

113

#  endif

114

115

#  ifndef KRB5KEYTAB

116

#   define KRB5KEYTAB      "/etc/krb5.keytab"

117

#  endif

118

119

#  ifndef KRB5SENDAUTH

120

#   define KRB5SENDAUTH    1

121

#  endif

122

123

#  ifndef KRB5CHECKAUTH

124

#   define KRB5CHECKAUTH   1

125

#  endif

126

127

#  ifndef KSSL_CLOCKSKEW

128

#   define KSSL_CLOCKSKEW  300;

129

#  endif

130

131

#  define KSSL_ERR_MAX    255

132

typedef struct kssl_err_st {

133

    int reason;

134

    char text[KSSL_ERR_MAX + 1];

135

} KSSL_ERR;

136

137

/*-     Context for passing

138

 *              (1) Kerberos session key to SSL, and

139

 *              (2)     Config data between application and SSL lib

140

*/

141

typedef struct kssl_ctx_st {

142

    /*      used by:    disposition:            */

143

    char *service_name;         /* C,S default ok (kssl) */

144

    char *service_host;         /* C input, REQUIRED */

145

    char *client_princ;         /* S output from krb5 ticket */

146

    char *keytab_file;          /* S NULL (/etc/krb5.keytab) */

147

    char *cred_cache;           /* C NULL (default) */

148

    krb5_enctype enctype;

149

    int length;

150

    krb5_octet FAR *key;

151

} KSSL_CTX;

152

153

#  define KSSL_CLIENT     1

154

#  define KSSL_SERVER     2

155

#  define KSSL_SERVICE    3

156

#  define KSSL_KEYTAB     4

157

158

#  define KSSL_CTX_OK     0

159

#  define KSSL_CTX_ERR    1

160

#  define KSSL_NOMEM      2

161

162

/* Public (for use by applications that use OpenSSL with Kerberos 5 support */

163

krb5_error_code kssl_ctx_setstring(KSSL_CTX *kssl_ctx, int which, char *text);

164

KSSL_CTX *kssl_ctx_new(void);

165

KSSL_CTX *kssl_ctx_free(KSSL_CTX *kssl_ctx);

166

void kssl_ctx_show(KSSL_CTX *kssl_ctx);

167

krb5_error_code kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,

168

                                  krb5_data *realm, krb5_data *entity,

169

                                  int nentities);

170

krb5_error_code kssl_cget_tkt(KSSL_CTX *kssl_ctx, krb5_data **enc_tktp,

171

                              krb5_data *authenp, KSSL_ERR *kssl_err);

172

krb5_error_code kssl_sget_tkt(KSSL_CTX *kssl_ctx, krb5_data *indata,

173

                              krb5_ticket_times *ttimes, KSSL_ERR *kssl_err);

174

krb5_error_code kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session);

175

void kssl_err_set(KSSL_ERR *kssl_err, int reason, char *text);

176

void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data);

177

krb5_error_code kssl_build_principal_2(krb5_context context,

178

                                       krb5_principal *princ, int rlen,

179

                                       const char *realm, int slen,

180

                                       const char *svc, int hlen,

181

                                       const char *host);

182

krb5_error_code kssl_validate_times(krb5_timestamp atime,

183

                                    krb5_ticket_times *ttimes);

184

krb5_error_code kssl_check_authent(KSSL_CTX *kssl_ctx, krb5_data *authentp,

185

                                   krb5_timestamp *atimep,

186

                                   KSSL_ERR *kssl_err);

187

unsigned char *kssl_skip_confound(krb5_enctype enctype, unsigned char *authn);

188

189

void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx);

190

KSSL_CTX *SSL_get0_kssl_ctx(SSL *s);

191

char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx);

192

193

#ifdef  __cplusplus

194

195

#endif

196

# endif                         /* OPENSSL_NO_KRB5 */

197

#endif                          /* KSSL_H */

Project

General

Profile

LCOM1920-T02G10

root / lab4 / .minix-src / include / openssl / kssl.h @ 13