17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5*32885d59Sgtb * Common Development and Distribution License (the "License"). 6*32885d59Sgtb * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 21*32885d59Sgtb 227c478bd9Sstevel@tonic-gate /* 23*32885d59Sgtb * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 247c478bd9Sstevel@tonic-gate * Use is subject to license terms. 257c478bd9Sstevel@tonic-gate */ 267c478bd9Sstevel@tonic-gate 277c478bd9Sstevel@tonic-gate #ifndef _KCMD_H 287c478bd9Sstevel@tonic-gate #define _KCMD_H 297c478bd9Sstevel@tonic-gate 307c478bd9Sstevel@tonic-gate #ifdef __cplusplus 317c478bd9Sstevel@tonic-gate extern "C" { 327c478bd9Sstevel@tonic-gate #endif 337c478bd9Sstevel@tonic-gate 347c478bd9Sstevel@tonic-gate #define OPTS_FORWARD_CREDS 0x00000002 357c478bd9Sstevel@tonic-gate #define OPTS_FORWARDABLE_CREDS 0x00000001 367c478bd9Sstevel@tonic-gate 377c478bd9Sstevel@tonic-gate #define SERVER 0 387c478bd9Sstevel@tonic-gate #define CLIENT 1 397c478bd9Sstevel@tonic-gate 407c478bd9Sstevel@tonic-gate enum kcmd_proto { 417c478bd9Sstevel@tonic-gate /* 427c478bd9Sstevel@tonic-gate * Old protocol: DES encryption only. No subkeys. 437c478bd9Sstevel@tonic-gate * No protection for cleartext length. No ivec supplied. 447c478bd9Sstevel@tonic-gate * OOB hacks used for rlogin. Checksum may be omitted at 457c478bd9Sstevel@tonic-gate * connection startup. 467c478bd9Sstevel@tonic-gate */ 477c478bd9Sstevel@tonic-gate KCMD_OLD_PROTOCOL = 1, 487c478bd9Sstevel@tonic-gate /* 497c478bd9Sstevel@tonic-gate * New protocol: Any encryption scheme. Client-generated 507c478bd9Sstevel@tonic-gate * subkey required. Prepend cleartext-length to cleartext 517c478bd9Sstevel@tonic-gate * data (but don't include it in count). Starting ivec defined, 527c478bd9Sstevel@tonic-gate * chained. In-band signalling. Checksum required. 537c478bd9Sstevel@tonic-gate */ 547c478bd9Sstevel@tonic-gate KCMD_NEW_PROTOCOL, 557c478bd9Sstevel@tonic-gate 567c478bd9Sstevel@tonic-gate /* 577c478bd9Sstevel@tonic-gate * Hack: Get credentials, and use the old protocol iff the session 587c478bd9Sstevel@tonic-gate * key type is single-DES. 597c478bd9Sstevel@tonic-gate */ 607c478bd9Sstevel@tonic-gate KCMD_PROTOCOL_COMPAT_HACK, 617c478bd9Sstevel@tonic-gate /* Using Kerberos version 4. */ 627c478bd9Sstevel@tonic-gate KCMD_V4_PROTOCOL, 637c478bd9Sstevel@tonic-gate KCMD_UNKNOWN_PROTOCOL 647c478bd9Sstevel@tonic-gate }; 657c478bd9Sstevel@tonic-gate 667c478bd9Sstevel@tonic-gate #define SOCK_FAMILY(ss) ((ss).ss_family) 677c478bd9Sstevel@tonic-gate 687c478bd9Sstevel@tonic-gate #define SOCK_PORT(ss) ((ss).ss_family == AF_INET6 ? \ 697c478bd9Sstevel@tonic-gate ((struct sockaddr_in6 *)&(ss))->sin6_port : \ 707c478bd9Sstevel@tonic-gate ((struct sockaddr_in *)&(ss))->sin_port) 717c478bd9Sstevel@tonic-gate 727c478bd9Sstevel@tonic-gate #define SOCK_ADDR(ss) ((ss).ss_family == AF_INET6 ? \ 737c478bd9Sstevel@tonic-gate (void *)&((struct sockaddr_in6 *)&(ss))->sin6_addr : \ 747c478bd9Sstevel@tonic-gate (void *)&((struct sockaddr_in *)&(ss))->sin_addr) 757c478bd9Sstevel@tonic-gate 767c478bd9Sstevel@tonic-gate #define SET_SOCK_FAMILY(ss, family) (SOCK_FAMILY(ss) = (family)) 777c478bd9Sstevel@tonic-gate 787c478bd9Sstevel@tonic-gate #define SET_SOCK_PORT(ss, port) \ 797c478bd9Sstevel@tonic-gate ((ss).ss_family == AF_INET6 ? \ 807c478bd9Sstevel@tonic-gate (((struct sockaddr_in6 *)&(ss))->sin6_port = (port)) : \ 817c478bd9Sstevel@tonic-gate (((struct sockaddr_in *)&(ss))->sin_port = (port))) 827c478bd9Sstevel@tonic-gate 837c478bd9Sstevel@tonic-gate #define SET_SOCK_ADDR4(ss, addr) ((void)(sock_set_inaddr(&(ss), (addr)))) 847c478bd9Sstevel@tonic-gate 857c478bd9Sstevel@tonic-gate #define SET_SOCK_ADDR_ANY(ss) \ 867c478bd9Sstevel@tonic-gate ((void) ((ss).ss_family == AF_INET6 ? \ 877c478bd9Sstevel@tonic-gate (void) (((struct sockaddr_in6 *)&(ss))->sin6_addr = in6addr_any) : \ 887c478bd9Sstevel@tonic-gate (void) (((struct sockaddr_in *)&(ss))->sin_addr.s_addr = \ 897c478bd9Sstevel@tonic-gate htonl(INADDR_ANY)))) 907c478bd9Sstevel@tonic-gate 917c478bd9Sstevel@tonic-gate /* 927c478bd9Sstevel@tonic-gate * Prototypes for functions in 'kcmd.c' 937c478bd9Sstevel@tonic-gate */ 947c478bd9Sstevel@tonic-gate char *strsave(char *sp); 957c478bd9Sstevel@tonic-gate 967c478bd9Sstevel@tonic-gate int kcmd(int *sock, char **ahost, ushort_t rport, char *locuser, 977c478bd9Sstevel@tonic-gate char *remuser, char *cmd, int *fd2p, char *service, char *realm, 987c478bd9Sstevel@tonic-gate krb5_context bsd_context, krb5_auth_context *authconp, 997c478bd9Sstevel@tonic-gate krb5_creds **cred, krb5_int32 *seqno, krb5_int32 *server_seqno, 1007c478bd9Sstevel@tonic-gate krb5_flags authopts, 1017c478bd9Sstevel@tonic-gate int anyport, enum kcmd_proto *kcmd_proto); 1027c478bd9Sstevel@tonic-gate 1037c478bd9Sstevel@tonic-gate void init_encrypt(int, krb5_context, enum kcmd_proto, 1047c478bd9Sstevel@tonic-gate krb5_data *, krb5_data *, 1057c478bd9Sstevel@tonic-gate int, krb5_encrypt_block *); 1067c478bd9Sstevel@tonic-gate 1077c478bd9Sstevel@tonic-gate int desread(int, char *, int, int); 1087c478bd9Sstevel@tonic-gate int deswrite(int, char *, int, int); 1097c478bd9Sstevel@tonic-gate 1107c478bd9Sstevel@tonic-gate #ifdef __cplusplus 1117c478bd9Sstevel@tonic-gate } 1127c478bd9Sstevel@tonic-gate #endif 1137c478bd9Sstevel@tonic-gate 1147c478bd9Sstevel@tonic-gate #endif /* _KCMD_H */ 115