--- /dev/null
+/*
+ * Copyright (c) 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of KTH nor the names of its contributors may be
+ * used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * $Id$
+ */
+
+/* missing from tests:
+ * - export context
+ * - import context
+ */
+
+/*
+ * wire encodings:
+ * int16: number, 2 bytes, in network order
+ * int32: number, 4 bytes, in network order
+ * length-encoded: [int32 length, data of length bytes]
+ * string: [int32 length, string of length + 1 bytes, includes trailing '\0' ]
+ */
+
+enum gssMaggotErrorCodes {
+ GSMERR_OK = 0,
+ GSMERR_ERROR,
+ GSMERR_CONTINUE_NEEDED,
+ GSMERR_INVALID_TOKEN,
+ GSMERR_AP_MODIFIED,
+ GSMERR_TEST_ISSUE,
+ GSMERR_NOT_SUPPORTED
+};
+
+/*
+ * input:
+ * int32: message OP (enum gssMaggotProtocol)
+ * ...
+ *
+ * return: -- on error
+ * int32: not support (GSMERR_NOT_SUPPORTED)
+ *
+ * return: -- on existing message OP
+ * int32: support (GSMERR_OK) -- only sent for extensions
+ * ...
+ */
+
+#define GSSMAGGOTPROTOCOL 14
+
+enum gssMaggotOp {
+ eGetVersionInfo = 0,
+ /*
+ * input:
+ * none
+ * return:
+ * int32: last version handled
+ */
+ eGoodBye,
+ /*
+ * input:
+ * none
+ * return:
+ * close socket
+ */
+ eInitContext,
+ /*
+ * input:
+ * int32: hContext
+ * int32: hCred
+ * int32: Flags
+ * the lowest 0x7f flags maps directly to GSS-API flags
+ * DELEGATE 0x001
+ * MUTUAL_AUTH 0x002
+ * REPLAY_DETECT 0x004
+ * SEQUENCE_DETECT 0x008
+ * CONFIDENTIALITY 0x010
+ * INTEGRITY 0x020
+ * ANONYMOUS 0x040
+ *
+ * FIRST_CALL 0x080
+ *
+ * NTLM 0x100
+ * SPNEGO 0x200
+ * length-encoded: targetname
+ * length-encoded: token
+ * return:
+ * int32: hNewContextId
+ * int32: gssapi status val
+ * length-encoded: output token
+ */
+ eAcceptContext,
+ /*
+ * input:
+ * int32: hContext
+ * int32: Flags -- unused ?
+ * flags are same as flags for eInitContext
+ * length-encoded: token
+ * return:
+ * int32: hNewContextId
+ * int32: gssapi status val
+ * length-encoded: output token
+ * int32: delegation cred id
+ */
+ eToastResource,
+ /*
+ * input:
+ * int32: hResource
+ * return:
+ * int32: gsm status val
+ */
+ eAcquireCreds,
+ /*
+ * input:
+ * string: principal name
+ * string: password
+ * int32: flags
+ * FORWARDABLE 0x001
+ * DEFAULT_CREDS 0x002
+ *
+ * NTLM 0x100
+ * SPNEGO 0x200
+ * return:
+ * int32: gsm status val
+ * int32: hCred
+ */
+ eEncrypt,
+ /*
+ * input:
+ * int32: hContext
+ * int32: flags
+ * int32: seqno -- unused
+ * length-encode: plaintext
+ * return:
+ * int32: gsm status val
+ * length-encode: ciphertext
+ */
+ eDecrypt,
+ /*
+ * input:
+ * int32: hContext
+ * int32: flags
+ * int32: seqno -- unused
+ * length-encode: ciphertext
+ * return:
+ * int32: gsm status val
+ * length-encode: plaintext
+ */
+ eSign,
+ /* message same as eEncrypt */
+ eVerify,
+ /*
+ * input:
+ * int32: hContext
+ * int32: flags
+ * int32: seqno -- unused
+ * length-encode: message
+ * length-encode: signature
+ * return:
+ * int32: gsm status val
+ */
+ eGetVersionAndCapabilities,
+ /*
+ * return:
+ * int32: protocol version
+ * int32: capability flags */
+#define ISSERVER 0x01
+#define ISKDC 0x02
+#define MS_KERBEROS 0x04
+#define LOGSERVER 0x08
+#define HAS_MONIKER 0x10
+ /* string: version string
+ */
+ eGetTargetName,
+ /*
+ * return:
+ * string: target principal name
+ */
+ eSetLoggingSocket,
+ /*
+ * input:
+ * int32: hostPort
+ * return to the port on the host:
+ * int32: opcode - for example eLogSetMoniker
+ */
+ eChangePassword,
+ /* here ended version 7 of the protocol */
+ /*
+ * input:
+ * string: principal name
+ * string: old password
+ * string: new password
+ * return:
+ * int32: gsm status val
+ */
+ eSetPasswordSelf,
+ /* same as eChangePassword */
+ eWrap,
+ /* message same as eEncrypt */
+ eUnwrap,
+ /* message same as eDecrypt */
+ eConnectLoggingService2,
+ /*
+ * return1:
+ * int16: log port number
+ * int32: master log prototocol version (0)
+ *
+ * wait for master to connect on the master log socket
+ *
+ * return2:
+ * int32: gsm connection status
+ * int32: maggot log prototocol version (2)
+ */
+ eGetMoniker,
+ /*
+ * return:
+ * string: moniker (Nickname the master can refer to maggot)
+ */
+ eCallExtension,
+ /*
+ * input:
+ * string: extension name
+ * int32: message id
+ * return:
+ * int32: gsm status val
+ */
+ eAcquirePKInitCreds,
+ /*
+ * input:
+ * int32: flags
+ * length-encode: certificate (pkcs12 data)
+ * return:
+ * int32: hResource
+ * int32: gsm status val (GSMERR_NOT_SUPPORTED)
+ */
+ /* here ended version 7 of the protocol */
+ eWrapExt,
+ /*
+ * input:
+ * int32: hContext
+ * int32: flags
+ * int32: bflags
+ * length-encode: protocol header
+ * length-encode: plaintext
+ * length-encode: protocol trailer
+ * return:
+ * int32: gsm status val
+ * length-encode: ciphertext
+ */
+ eUnwrapExt,
+ /*
+ * input:
+ * int32: hContext
+ * int32: flags
+ * int32: bflags
+ * length-encode: protocol header
+ * length-encode: ciphertext
+ * length-encode: protocol trailer
+ * return:
+ * int32: gsm status val
+ * length-encode: plaintext
+ */
+ /* here ended version 8 of the protocol */
+
+ eLastProtocolMessage
+};
+
+/* bflags */
+#define WRAP_EXP_ONLY_HEADER 1
+
+enum gssMaggotLogOp{
+ eLogInfo = 0,
+ /*
+ string: File
+ int32: Line
+ string: message
+ reply:
+ int32: ackid
+ */
+ eLogFailure,
+ /*
+ string: File
+ int32: Line
+ string: message
+ reply:
+ int32: ackid
+ */
+ eLogSetMoniker
+ /*
+ string: moniker
+ */
+};
git.samba.org / samba.git / blobdiff