8 #define SSH2_GSS_OIDTYPE 0x06
9 typedef void *Ssh_gss_ctx
;
11 typedef enum Ssh_gss_stat
{
13 SSH_GSS_S_CONTINUE_NEEDED
,
15 SSH_GSS_BAD_HOST_NAME
,
19 #define SSH_GSS_S_COMPLETE SSH_GSS_OK
21 #define SSH_GSS_CLEAR_BUF(buf) do { \
23 (*buf).value = NULL; \
26 typedef gss_buffer_desc Ssh_gss_buf
;
27 typedef gss_name_t Ssh_gss_name
;
29 /* Functions, provided by either wingss.c or sshgssc.c */
31 struct ssh_gss_library
;
34 * Do startup-time initialisation for using GSSAPI. This should
35 * correctly initialise the array of struct ssh_gss_library declared
38 * Must be callable multiple times (since the most convenient place
39 * to call it _from_ is the ssh.c setup code), and should harmlessly
40 * return success if already initialised.
42 void ssh_gss_init(void);
45 * Fills in buf with a string describing the GSSAPI mechanism in
46 * use. buf->data is not dynamically allocated.
48 typedef Ssh_gss_stat (*t_ssh_gss_indicate_mech
)(struct ssh_gss_library
*lib
,
52 * Converts a name such as a hostname into a GSSAPI internal form,
53 * which is placed in "out". The result should be freed by
54 * ssh_gss_release_name().
56 typedef Ssh_gss_stat (*t_ssh_gss_import_name
)(struct ssh_gss_library
*lib
,
57 char *in
, Ssh_gss_name
*out
);
60 * Frees the contents of an Ssh_gss_name structure filled in by
61 * ssh_gss_import_name().
63 typedef Ssh_gss_stat (*t_ssh_gss_release_name
)(struct ssh_gss_library
*lib
,
67 * The main GSSAPI security context setup function. The "out"
68 * parameter will need to be freed by ssh_gss_free_tok.
70 typedef Ssh_gss_stat (*t_ssh_gss_init_sec_context
)
71 (struct ssh_gss_library
*lib
,
72 Ssh_gss_ctx
*ctx
, Ssh_gss_name name
, int delegate
,
73 Ssh_gss_buf
*in
, Ssh_gss_buf
*out
);
76 * Frees the contents of an Ssh_gss_buf filled in by
77 * ssh_gss_init_sec_context(). Do not accidentally call this on
78 * something filled in by ssh_gss_get_mic() (which requires a
79 * different free function) or something filled in by any other
82 typedef Ssh_gss_stat (*t_ssh_gss_free_tok
)(struct ssh_gss_library
*lib
,
86 * Acquires the credentials to perform authentication in the first
87 * place. Needs to be freed by ssh_gss_release_cred().
89 typedef Ssh_gss_stat (*t_ssh_gss_acquire_cred
)(struct ssh_gss_library
*lib
,
93 * Frees the contents of an Ssh_gss_ctx filled in by
94 * ssh_gss_acquire_cred().
96 typedef Ssh_gss_stat (*t_ssh_gss_release_cred
)(struct ssh_gss_library
*lib
,
100 * Gets a MIC for some input data. "out" needs to be freed by
101 * ssh_gss_free_mic().
103 typedef Ssh_gss_stat (*t_ssh_gss_get_mic
)(struct ssh_gss_library
*lib
,
104 Ssh_gss_ctx ctx
, Ssh_gss_buf
*in
,
108 * Frees the contents of an Ssh_gss_buf filled in by
109 * ssh_gss_get_mic(). Do not accidentally call this on something
110 * filled in by ssh_gss_init_sec_context() (which requires a
111 * different free function) or something filled in by any other
114 typedef Ssh_gss_stat (*t_ssh_gss_free_mic
)(struct ssh_gss_library
*lib
,
118 * Return an error message after authentication failed. The
119 * message string is returned in "buf", with buf->len giving the
120 * number of characters of printable message text and buf->data
121 * containing one more character which is a trailing NUL.
122 * buf->data should be manually freed by the caller.
124 typedef Ssh_gss_stat (*t_ssh_gss_display_status
)(struct ssh_gss_library
*lib
,
125 Ssh_gss_ctx
, Ssh_gss_buf
*buf
);
127 struct ssh_gss_library
{
129 * Identifying number in the enumeration used by the
130 * configuration code to specify a preference order.
135 * Filled in at initialisation time, if there's anything
136 * interesting to say about how GSSAPI was initialised (e.g.
137 * which of a number of alternative libraries was used).
139 const char *gsslogmsg
;
142 * Function pointers implementing the SSH wrapper layer on top
143 * of GSSAPI. (Defined in sshgssc, typically, though Windows
144 * provides an alternative layer to sit on top of the annoyingly
147 t_ssh_gss_indicate_mech indicate_mech
;
148 t_ssh_gss_import_name import_name
;
149 t_ssh_gss_release_name release_name
;
150 t_ssh_gss_init_sec_context init_sec_context
;
151 t_ssh_gss_free_tok free_tok
;
152 t_ssh_gss_acquire_cred acquire_cred
;
153 t_ssh_gss_release_cred release_cred
;
154 t_ssh_gss_get_mic get_mic
;
155 t_ssh_gss_free_mic free_mic
;
156 t_ssh_gss_display_status display_status
;
159 * Additional data for the wrapper layers.
162 struct gssapi_functions gssapi
;
164 * The SSPI wrappers don't need to store their Windows API
165 * function pointers in this structure, because there can't
166 * be more than one set of them available.
171 extern struct ssh_gss_library ssh_gss_libraries
[];
172 extern int n_ssh_gss_libraries
;
174 #endif /* NO_GSSAPI */
176 #endif /*PUTTY_SSHGSS_H*/