source: heimdal/trunk/appl/gssmask/protocol.h

Last change on this file was 1, checked in by Paul Smedley, 10 years ago

Initial commit of Heimdal 1.5.3
File size: 7.5 KB
Line 
1/*
2 * Copyright (c) 2006 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of KTH nor the names of its contributors may be
18 * used to endorse or promote products derived from this software without
19 * specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
22 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
24 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
25 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
28 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
29 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
30 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
31 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 */
33
34/*
35 * $Id$
36 */
37
38/* missing from tests:
39 * - export context
40 * - import context
41 */
42
43/*
44 * wire encodings:
45 * int16: number, 2 bytes, in network order
46 * int32: number, 4 bytes, in network order
47 * length-encoded: [int32 length, data of length bytes]
48 * string: [int32 length, string of length + 1 bytes, includes trailing '\0' ]
49 */
50
51enum gssMaggotErrorCodes {
52 GSMERR_OK = 0,
53 GSMERR_ERROR,
54 GSMERR_CONTINUE_NEEDED,
55 GSMERR_INVALID_TOKEN,
56 GSMERR_AP_MODIFIED,
57 GSMERR_TEST_ISSUE,
58 GSMERR_NOT_SUPPORTED
59};
60
61/*
62 * input:
63 * int32: message OP (enum gssMaggotProtocol)
64 * ...
65 *
66 * return: -- on error
67 * int32: not support (GSMERR_NOT_SUPPORTED)
68 *
69 * return: -- on existing message OP
70 * int32: support (GSMERR_OK) -- only sent for extensions
71 * ...
72 */
73
74#define GSSMAGGOTPROTOCOL 14
75
76enum gssMaggotOp {
77 eGetVersionInfo = 0,
78 /*
79 * input:
80 * none
81 * return:
82 * int32: last version handled
83 */
84 eGoodBye,
85 /*
86 * input:
87 * none
88 * return:
89 * close socket
90 */
91 eInitContext,
92 /*
93 * input:
94 * int32: hContext
95 * int32: hCred
96 * int32: Flags
97 * the lowest 0x7f flags maps directly to GSS-API flags
98 * DELEGATE 0x001
99 * MUTUAL_AUTH 0x002
100 * REPLAY_DETECT 0x004
101 * SEQUENCE_DETECT 0x008
102 * CONFIDENTIALITY 0x010
103 * INTEGRITY 0x020
104 * ANONYMOUS 0x040
105 *
106 * FIRST_CALL 0x080
107 *
108 * NTLM 0x100
109 * SPNEGO 0x200
110 * length-encoded: targetname
111 * length-encoded: token
112 * return:
113 * int32: hNewContextId
114 * int32: gssapi status val
115 * length-encoded: output token
116 */
117 eAcceptContext,
118 /*
119 * input:
120 * int32: hContext
121 * int32: Flags -- unused ?
122 * flags are same as flags for eInitContext
123 * length-encoded: token
124 * return:
125 * int32: hNewContextId
126 * int32: gssapi status val
127 * length-encoded: output token
128 * int32: delegation cred id
129 */
130 eToastResource,
131 /*
132 * input:
133 * int32: hResource
134 * return:
135 * int32: gsm status val
136 */
137 eAcquireCreds,
138 /*
139 * input:
140 * string: principal name
141 * string: password
142 * int32: flags
143 * FORWARDABLE 0x001
144 * DEFAULT_CREDS 0x002
145 *
146 * NTLM 0x100
147 * SPNEGO 0x200
148 * return:
149 * int32: gsm status val
150 * int32: hCred
151 */
152 eEncrypt,
153 /*
154 * input:
155 * int32: hContext
156 * int32: flags
157 * int32: seqno -- unused
158 * length-encode: plaintext
159 * return:
160 * int32: gsm status val
161 * length-encode: ciphertext
162 */
163 eDecrypt,
164 /*
165 * input:
166 * int32: hContext
167 * int32: flags
168 * int32: seqno -- unused
169 * length-encode: ciphertext
170 * return:
171 * int32: gsm status val
172 * length-encode: plaintext
173 */
174 eSign,
175 /* message same as eEncrypt */
176 eVerify,
177 /*
178 * input:
179 * int32: hContext
180 * int32: flags
181 * int32: seqno -- unused
182 * length-encode: message
183 * length-encode: signature
184 * return:
185 * int32: gsm status val
186 */
187 eGetVersionAndCapabilities,
188 /*
189 * return:
190 * int32: protocol version
191 * int32: capability flags */
192#define ISSERVER 0x01
193#define ISKDC 0x02
194#define MS_KERBEROS 0x04
195#define LOGSERVER 0x08
196#define HAS_MONIKER 0x10
197 /* string: version string
198 */
199 eGetTargetName,
200 /*
201 * return:
202 * string: target principal name
203 */
204 eSetLoggingSocket,
205 /*
206 * input:
207 * int32: hostPort
208 * return to the port on the host:
209 * int32: opcode - for example eLogSetMoniker
210 */
211 eChangePassword,
212 /* here ended version 7 of the protocol */
213 /*
214 * input:
215 * string: principal name
216 * string: old password
217 * string: new password
218 * return:
219 * int32: gsm status val
220 */
221 eSetPasswordSelf,
222 /* same as eChangePassword */
223 eWrap,
224 /* message same as eEncrypt */
225 eUnwrap,
226 /* message same as eDecrypt */
227 eConnectLoggingService2,
228 /*
229 * return1:
230 * int16: log port number
231 * int32: master log prototocol version (0)
232 *
233 * wait for master to connect on the master log socket
234 *
235 * return2:
236 * int32: gsm connection status
237 * int32: maggot log prototocol version (2)
238 */
239 eGetMoniker,
240 /*
241 * return:
242 * string: moniker (Nickname the master can refer to maggot)
243 */
244 eCallExtension,
245 /*
246 * input:
247 * string: extension name
248 * int32: message id
249 * return:
250 * int32: gsm status val
251 */
252 eAcquirePKInitCreds,
253 /*
254 * input:
255 * int32: flags
256 * length-encode: certificate (pkcs12 data)
257 * return:
258 * int32: hResource
259 * int32: gsm status val (GSMERR_NOT_SUPPORTED)
260 */
261 /* here ended version 7 of the protocol */
262 eWrapExt,
263 /*
264 * input:
265 * int32: hContext
266 * int32: flags
267 * int32: bflags
268 * length-encode: protocol header
269 * length-encode: plaintext
270 * length-encode: protocol trailer
271 * return:
272 * int32: gsm status val
273 * length-encode: ciphertext
274 */
275 eUnwrapExt,
276 /*
277 * input:
278 * int32: hContext
279 * int32: flags
280 * int32: bflags
281 * length-encode: protocol header
282 * length-encode: ciphertext
283 * length-encode: protocol trailer
284 * return:
285 * int32: gsm status val
286 * length-encode: plaintext
287 */
288 /* here ended version 8 of the protocol */
289
290 eLastProtocolMessage
291};
292
293/* bflags */
294#define WRAP_EXP_ONLY_HEADER 1
295
296enum gssMaggotLogOp{
297 eLogInfo = 0,
298 /*
299 string: File
300 int32: Line
301 string: message
302 reply:
303 int32: ackid
304 */
305 eLogFailure,
306 /*
307 string: File
308 int32: Line
309 string: message
310 reply:
311 int32: ackid
312 */
313 eLogSetMoniker
314 /*
315 string: moniker
316 */
317};
Note: See TracBrowser for help on using the repository browser.