source: trunk/server/source3/librpc/crypto/spnego.h

Last change on this file was 745, checked in by Silvan Scherrer, 13 years ago

Samba Server: updated trunk to 3.6.0
File size: 2.9 KB
Line 
1/*
2 * SPNEGO Encapsulation
3 * RPC Pipe client routines
4 * Copyright (C) Simo Sorce 2010.
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
18 */
19
20#ifndef _CLI_SPNEGO_H_
21#define _CLI_SPENGO_H_
22
23enum spnego_mech {
24 SPNEGO_NONE = 0,
25 SPNEGO_KRB5,
26 SPNEGO_NTLMSSP
27};
28
29struct spnego_context {
30 enum spnego_mech mech;
31
32 union {
33 struct auth_ntlmssp_state *ntlmssp_state;
34 struct gse_context *gssapi_state;
35 } mech_ctx;
36
37 char *oid_list[ASN1_MAX_OIDS];
38 char *mech_oid;
39
40 enum {
41 SPNEGO_CONV_INIT = 0,
42 SPNEGO_CONV_NEGO,
43 SPNEGO_CONV_AUTH_MORE,
44 SPNEGO_CONV_AUTH_CONFIRM,
45 SPNEGO_CONV_AUTH_DONE
46 } state;
47
48 bool do_sign;
49 bool do_seal;
50 bool is_dcerpc;
51};
52
53NTSTATUS spnego_gssapi_init_client(TALLOC_CTX *mem_ctx,
54 bool do_sign, bool do_seal,
55 bool is_dcerpc,
56 const char *ccache_name,
57 const char *server,
58 const char *service,
59 const char *username,
60 const char *password,
61 struct spnego_context **spengo_ctx);
62NTSTATUS spnego_ntlmssp_init_client(TALLOC_CTX *mem_ctx,
63 bool do_sign, bool do_seal,
64 bool is_dcerpc,
65 const char *domain,
66 const char *username,
67 const char *password,
68 struct spnego_context **spnego_ctx);
69
70NTSTATUS spnego_get_client_auth_token(TALLOC_CTX *mem_ctx,
71 struct spnego_context *sp_ctx,
72 DATA_BLOB *spnego_in,
73 DATA_BLOB *spnego_out);
74
75bool spnego_require_more_processing(struct spnego_context *sp_ctx);
76
77NTSTATUS spnego_get_negotiated_mech(struct spnego_context *sp_ctx,
78 enum spnego_mech *type,
79 void **auth_context);
80
81DATA_BLOB spnego_get_session_key(TALLOC_CTX *mem_ctx,
82 struct spnego_context *sp_ctx);
83
84NTSTATUS spnego_sign(TALLOC_CTX *mem_ctx,
85 struct spnego_context *sp_ctx,
86 DATA_BLOB *data, DATA_BLOB *full_data,
87 DATA_BLOB *signature);
88NTSTATUS spnego_sigcheck(TALLOC_CTX *mem_ctx,
89 struct spnego_context *sp_ctx,
90 DATA_BLOB *data, DATA_BLOB *full_data,
91 DATA_BLOB *signature);
92NTSTATUS spnego_seal(TALLOC_CTX *mem_ctx,
93 struct spnego_context *sp_ctx,
94 DATA_BLOB *data, DATA_BLOB *full_data,
95 DATA_BLOB *signature);
96NTSTATUS spnego_unseal(TALLOC_CTX *mem_ctx,
97 struct spnego_context *sp_ctx,
98 DATA_BLOB *data, DATA_BLOB *full_data,
99 DATA_BLOB *signature);
100
101#endif /* _CLI_SPENGO_H_ */
Note: See TracBrowser for help on using the repository browser.