1 /* -*- mode: c; c-basic-offset: 8; indent-tabs-mode: nil; -*-
2 * vim:expandtab:shiftwidth=8:tabstop=8:
4 * Modifications for Lustre
5 * Copyright 2004, Cluster File Systems, Inc.
7 * Author: Eric Mei <ericm@clusterfs.com>
11 * Adapted from MIT Kerberos 5-1.2.1 include/gssapi/gssapi.h
13 * Copyright (c) 2002 The Regents of the University of Michigan.
14 * All rights reserved.
16 * Andy Adamson <andros@umich.edu>
20 * Copyright 1993 by OpenVision Technologies, Inc.
22 * Permission to use, copy, modify, distribute, and sell this software
23 * and its documentation for any purpose is hereby granted without fee,
24 * provided that the above copyright notice appears in all copies and
25 * that both that copyright notice and this permission notice appear in
26 * supporting documentation, and that the name of OpenVision not be used
27 * in advertising or publicity pertaining to distribution of the software
28 * without specific, written prior permission. OpenVision makes no
29 * representations about the suitability of this software for any
30 * purpose. It is provided "as is" without express or implied warranty.
32 * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
33 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
34 * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR
35 * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
36 * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
37 * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
38 * PERFORMANCE OF THIS SOFTWARE.
41 #ifndef __SEC_GSS_GSS_ERR_H_
42 #define __SEC_GSS_GSS_ERR_H_
44 typedef unsigned int OM_uint32;
47 * Flag bits for context-level services.
49 #define GSS_C_DELEG_FLAG 1
50 #define GSS_C_MUTUAL_FLAG 2
51 #define GSS_C_REPLAY_FLAG 4
52 #define GSS_C_SEQUENCE_FLAG 8
53 #define GSS_C_CONF_FLAG 16
54 #define GSS_C_INTEG_FLAG 32
55 #define GSS_C_ANON_FLAG 64
56 #define GSS_C_PROT_READY_FLAG 128
57 #define GSS_C_TRANS_FLAG 256
60 * Credential usage options
63 #define GSS_C_INITIATE 1
64 #define GSS_C_ACCEPT 2
67 * Status code types for gss_display_status
69 #define GSS_C_GSS_CODE 1
70 #define GSS_C_MECH_CODE 2
74 * Define the default Quality of Protection for per-message services. Note
75 * that an implementation that offers multiple levels of QOP may either reserve
76 * a value (for example zero, as assumed here) to mean "default protection", or
77 * alternatively may simply equate GSS_C_QOP_DEFAULT to a specific explicit
78 * QOP value. However a value of 0 should always be interpreted by a GSSAPI
79 * implementation as a request for the default protection level.
81 #define GSS_C_QOP_DEFAULT 0
84 * Expiration time of 2^32-1 seconds means infinite lifetime for a
85 * credential or security context
87 #define GSS_C_INDEFINITE ((OM_uint32) 0xfffffffful)
90 /* Major status codes */
92 #define GSS_S_COMPLETE 0
95 * Some "helper" definitions to make the status code macros obvious.
97 #define GSS_C_CALLING_ERROR_OFFSET 24
98 #define GSS_C_ROUTINE_ERROR_OFFSET 16
99 #define GSS_C_SUPPLEMENTARY_OFFSET 0
100 #define GSS_C_CALLING_ERROR_MASK ((OM_uint32) 0377ul)
101 #define GSS_C_ROUTINE_ERROR_MASK ((OM_uint32) 0377ul)
102 #define GSS_C_SUPPLEMENTARY_MASK ((OM_uint32) 0177777ul)
105 * The macros that test status codes for error conditions. Note that the
106 * GSS_ERROR() macro has changed slightly from the V1 GSSAPI so that it now
107 * evaluates its argument only once.
109 #define GSS_CALLING_ERROR(x) \
110 ((x) & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET))
111 #define GSS_ROUTINE_ERROR(x) \
112 ((x) & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))
113 #define GSS_SUPPLEMENTARY_INFO(x) \
114 ((x) & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET))
115 #define GSS_ERROR(x) \
116 ((x) & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) | \
117 (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)))
120 * Now the actual status code definitions
126 #define GSS_S_CALL_INACCESSIBLE_READ \
127 (((OM_uint32) 1ul) << GSS_C_CALLING_ERROR_OFFSET)
128 #define GSS_S_CALL_INACCESSIBLE_WRITE \
129 (((OM_uint32) 2ul) << GSS_C_CALLING_ERROR_OFFSET)
130 #define GSS_S_CALL_BAD_STRUCTURE \
131 (((OM_uint32) 3ul) << GSS_C_CALLING_ERROR_OFFSET)
136 #define GSS_S_BAD_MECH (((OM_uint32) 1ul) << GSS_C_ROUTINE_ERROR_OFFSET)
137 #define GSS_S_BAD_NAME (((OM_uint32) 2ul) << GSS_C_ROUTINE_ERROR_OFFSET)
138 #define GSS_S_BAD_NAMETYPE (((OM_uint32) 3ul) << GSS_C_ROUTINE_ERROR_OFFSET)
139 #define GSS_S_BAD_BINDINGS (((OM_uint32) 4ul) << GSS_C_ROUTINE_ERROR_OFFSET)
140 #define GSS_S_BAD_STATUS (((OM_uint32) 5ul) << GSS_C_ROUTINE_ERROR_OFFSET)
141 #define GSS_S_BAD_SIG (((OM_uint32) 6ul) << GSS_C_ROUTINE_ERROR_OFFSET)
142 #define GSS_S_NO_CRED (((OM_uint32) 7ul) << GSS_C_ROUTINE_ERROR_OFFSET)
143 #define GSS_S_NO_CONTEXT (((OM_uint32) 8ul) << GSS_C_ROUTINE_ERROR_OFFSET)
144 #define GSS_S_DEFECTIVE_TOKEN (((OM_uint32) 9ul) << GSS_C_ROUTINE_ERROR_OFFSET)
145 #define GSS_S_DEFECTIVE_CREDENTIAL \
146 (((OM_uint32) 10ul) << GSS_C_ROUTINE_ERROR_OFFSET)
147 #define GSS_S_CREDENTIALS_EXPIRED \
148 (((OM_uint32) 11ul) << GSS_C_ROUTINE_ERROR_OFFSET)
149 #define GSS_S_CONTEXT_EXPIRED \
150 (((OM_uint32) 12ul) << GSS_C_ROUTINE_ERROR_OFFSET)
151 #define GSS_S_FAILURE (((OM_uint32) 13ul) << GSS_C_ROUTINE_ERROR_OFFSET)
152 #define GSS_S_BAD_QOP (((OM_uint32) 14ul) << GSS_C_ROUTINE_ERROR_OFFSET)
153 #define GSS_S_UNAUTHORIZED (((OM_uint32) 15ul) << GSS_C_ROUTINE_ERROR_OFFSET)
154 #define GSS_S_UNAVAILABLE (((OM_uint32) 16ul) << GSS_C_ROUTINE_ERROR_OFFSET)
155 #define GSS_S_DUPLICATE_ELEMENT \
156 (((OM_uint32) 17ul) << GSS_C_ROUTINE_ERROR_OFFSET)
157 #define GSS_S_NAME_NOT_MN \
158 (((OM_uint32) 18ul) << GSS_C_ROUTINE_ERROR_OFFSET)
161 * Supplementary info bits:
163 #define GSS_S_CONTINUE_NEEDED (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 0))
164 #define GSS_S_DUPLICATE_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 1))
165 #define GSS_S_OLD_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 2))
166 #define GSS_S_UNSEQ_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 3))
167 #define GSS_S_GAP_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 4))
169 /* XXXX these are not part of the GSSAPI C bindings! (but should be) */
171 #define GSS_CALLING_ERROR_FIELD(x) \
172 (((x) >> GSS_C_CALLING_ERROR_OFFSET) & GSS_C_CALLING_ERROR_MASK)
173 #define GSS_ROUTINE_ERROR_FIELD(x) \
174 (((x) >> GSS_C_ROUTINE_ERROR_OFFSET) & GSS_C_ROUTINE_ERROR_MASK)
175 #define GSS_SUPPLEMENTARY_INFO_FIELD(x) \
176 (((x) >> GSS_C_SUPPLEMENTARY_OFFSET) & GSS_C_SUPPLEMENTARY_MASK)
178 /* XXXX This is a necessary evil until the spec is fixed */
179 #define GSS_S_CRED_UNAVAIL GSS_S_FAILURE
181 #endif /* __SEC_GSS_GSS_ERR_H_ */