libvirt/src/rpc/virnetsaslcontext.h

/*
 * virnetsaslcontext.h: SASL encryption/auth handling
 *
 * Copyright (C) 2010-2011 Red Hat, Inc.
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library.  If not, see
 * <http://www.gnu.org/licenses/>.
 */

#ifndef __VIR_NET_CLIENT_SASL_CONTEXT_H__
# define __VIR_NET_CLIENT_SASL_CONTEXT_H__

# include <sasl/sasl.h>

# include "internal.h"
# include "virobject.h"

typedef struct _virNetSASLContext virNetSASLContext;
typedef virNetSASLContext *virNetSASLContextPtr;

typedef struct _virNetSASLSession virNetSASLSession;
typedef virNetSASLSession *virNetSASLSessionPtr;

enum {
    VIR_NET_SASL_COMPLETE,
    VIR_NET_SASL_CONTINUE,
    VIR_NET_SASL_INTERACT,
};

virNetSASLContextPtr virNetSASLContextNewClient(void);
virNetSASLContextPtr virNetSASLContextNewServer(const char *const*usernameWhitelist);

int virNetSASLContextCheckIdentity(virNetSASLContextPtr ctxt,
                                   const char *identity);

virNetSASLSessionPtr virNetSASLSessionNewClient(virNetSASLContextPtr ctxt,
                                                const char *service,
                                                const char *hostname,
                                                const char *localAddr,
                                                const char *remoteAddr,
                                                const sasl_callback_t *cbs);
virNetSASLSessionPtr virNetSASLSessionNewServer(virNetSASLContextPtr ctxt,
                                                const char *service,
                                                const char *localAddr,
                                                const char *remoteAddr);

char *virNetSASLSessionListMechanisms(virNetSASLSessionPtr sasl);

int virNetSASLSessionExtKeySize(virNetSASLSessionPtr sasl,
                                int ssf);

int virNetSASLSessionGetKeySize(virNetSASLSessionPtr sasl);

const char *virNetSASLSessionGetIdentity(virNetSASLSessionPtr sasl);

int virNetSASLSessionSecProps(virNetSASLSessionPtr sasl,
                              int minSSF,
                              int maxSSF,
                              bool allowAnonymous);

int virNetSASLSessionClientStart(virNetSASLSessionPtr sasl,
                                 const char *mechlist,
                                 sasl_interact_t **prompt_need,
                                 const char **clientout,
                                 size_t *clientoutlen,
                                 const char **mech);

int virNetSASLSessionClientStep(virNetSASLSessionPtr sasl,
                                const char *serverin,
                                size_t serverinlen,
                                sasl_interact_t **prompt_need,
                                const char **clientout,
                                size_t *clientoutlen);

int virNetSASLSessionServerStart(virNetSASLSessionPtr sasl,
                                 const char *mechname,
                                 const char *clientin,
                                 size_t clientinlen,
                                 const char **serverout,
                                 size_t *serveroutlen);

int virNetSASLSessionServerStep(virNetSASLSessionPtr sasl,
                                const char *clientin,
                                size_t clientinlen,
                                const char **serverout,
                                size_t *serveroutlen);

size_t virNetSASLSessionGetMaxBufSize(virNetSASLSessionPtr sasl);

ssize_t virNetSASLSessionEncode(virNetSASLSessionPtr sasl,
                                const char *input,
                                size_t inputLen,
                                const char **output,
                                size_t *outputlen);

ssize_t virNetSASLSessionDecode(virNetSASLSessionPtr sasl,
                                const char *input,
                                size_t inputLen,
                                const char **output,
                                size_t *outputlen);

#endif /* __VIR_NET_CLIENT_SASL_CONTEXT_H__ */
Generic module for handling SASL authentication & encryption This provides two modules for handling SASL * virNetSASLContext provides the process-wide state, currently just a whitelist of usernames on the server and a one time library init call * virNetTLSSession provides the per-connection state, ie the SASL session itself. This also include APIs for providing data encryption/decryption once the session is established * src/Makefile.am: Add to libvirt-net-rpc.la * src/rpc/virnetsaslcontext.c, src/rpc/virnetsaslcontext.h: Generic SASL handling code 2010-12-10 12:21:18 +00:00			`/*`
			`* virnetsaslcontext.h: SASL encryption/auth handling`
			`*`
			`* Copyright (C) 2010-2011 Red Hat, Inc.`
			`*`
			`* This library is free software; you can redistribute it and/or`
			`* modify it under the terms of the GNU Lesser General Public`
			`* License as published by the Free Software Foundation; either`
			`* version 2.1 of the License, or (at your option) any later version.`
			`*`
			`* This library is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU`
			`* Lesser General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU Lesser General Public`
maint: fix up copyright notice inconsistencies https://www.gnu.org/licenses/gpl-howto.html recommends that the 'If not, see <url>.' phrase be a separate sentence. * tests/securityselinuxhelper.c: Remove doubled line. * tests/securityselinuxtest.c: Likewise. * globally: s/; If/. If/ 2012-09-20 22:30:55 +00:00			`* License along with this library. If not, see`
Desert the FSF address in copyright Per the FSF address could be changed from time to time, and GNU recommends the following now: (http://www.gnu.org/licenses/gpl-howto.html) You should have received a copy of the GNU General Public License along with Foobar. If not, see <http://www.gnu.org/licenses/>. This patch removes the explicit FSF address, and uses above instead (of course, with inserting 'Lesser' before 'General'). Except a bunch of files for security driver, all others are changed automatically, the copyright for securify files are not complete, that's why to do it manually: src/security/security_selinux.h src/security/security_driver.h src/security/security_selinux.c src/security/security_apparmor.h src/security/security_apparmor.c src/security/security_driver.c 2012-07-21 10:06:23 +00:00			`* <http://www.gnu.org/licenses/>.`
Generic module for handling SASL authentication & encryption This provides two modules for handling SASL * virNetSASLContext provides the process-wide state, currently just a whitelist of usernames on the server and a one time library init call * virNetTLSSession provides the per-connection state, ie the SASL session itself. This also include APIs for providing data encryption/decryption once the session is established * src/Makefile.am: Add to libvirt-net-rpc.la * src/rpc/virnetsaslcontext.c, src/rpc/virnetsaslcontext.h: Generic SASL handling code 2010-12-10 12:21:18 +00:00			`*/`

			`#ifndef __VIR_NET_CLIENT_SASL_CONTEXT_H__`
			`# define __VIR_NET_CLIENT_SASL_CONTEXT_H__`

			`# include <sasl/sasl.h>`

			`# include "internal.h"`
Turn virNetSASLContext and virNetSASLSession into virObject instances Make virNetSASLContext and virNetSASLSession use virObject APIs for reference counting Signed-off-by: Daniel P. Berrange <berrange@redhat.com> 2012-07-11 13:35:49 +00:00			`# include "virobject.h"`
Generic module for handling SASL authentication & encryption This provides two modules for handling SASL * virNetSASLContext provides the process-wide state, currently just a whitelist of usernames on the server and a one time library init call * virNetTLSSession provides the per-connection state, ie the SASL session itself. This also include APIs for providing data encryption/decryption once the session is established * src/Makefile.am: Add to libvirt-net-rpc.la * src/rpc/virnetsaslcontext.c, src/rpc/virnetsaslcontext.h: Generic SASL handling code 2010-12-10 12:21:18 +00:00
			`typedef struct _virNetSASLContext virNetSASLContext;`
			`typedef virNetSASLContext *virNetSASLContextPtr;`

			`typedef struct _virNetSASLSession virNetSASLSession;`
			`typedef virNetSASLSession *virNetSASLSessionPtr;`

			`enum {`
			`VIR_NET_SASL_COMPLETE,`
			`VIR_NET_SASL_CONTINUE,`
			`VIR_NET_SASL_INTERACT,`
			`};`

			`virNetSASLContextPtr virNetSASLContextNewClient(void);`
			`virNetSASLContextPtr virNetSASLContextNewServer(const char constusernameWhitelist);`

			`int virNetSASLContextCheckIdentity(virNetSASLContextPtr ctxt,`
			`const char *identity);`

			`virNetSASLSessionPtr virNetSASLSessionNewClient(virNetSASLContextPtr ctxt,`
			`const char *service,`
			`const char *hostname,`
			`const char *localAddr,`
			`const char *remoteAddr,`
			`const sasl_callback_t *cbs);`
			`virNetSASLSessionPtr virNetSASLSessionNewServer(virNetSASLContextPtr ctxt,`
			`const char *service,`
			`const char *localAddr,`
			`const char *remoteAddr);`

			`char *virNetSASLSessionListMechanisms(virNetSASLSessionPtr sasl);`

			`int virNetSASLSessionExtKeySize(virNetSASLSessionPtr sasl,`
			`int ssf);`

			`int virNetSASLSessionGetKeySize(virNetSASLSessionPtr sasl);`

			`const char *virNetSASLSessionGetIdentity(virNetSASLSessionPtr sasl);`

			`int virNetSASLSessionSecProps(virNetSASLSessionPtr sasl,`
			`int minSSF,`
			`int maxSSF,`
			`bool allowAnonymous);`

			`int virNetSASLSessionClientStart(virNetSASLSessionPtr sasl,`
			`const char *mechlist,`
			`sasl_interact_t **prompt_need,`
			`const char **clientout,`
			`size_t *clientoutlen,`
			`const char **mech);`

			`int virNetSASLSessionClientStep(virNetSASLSessionPtr sasl,`
			`const char *serverin,`
			`size_t serverinlen,`
			`sasl_interact_t **prompt_need,`
			`const char **clientout,`
			`size_t *clientoutlen);`

			`int virNetSASLSessionServerStart(virNetSASLSessionPtr sasl,`
			`const char *mechname,`
			`const char *clientin,`
			`size_t clientinlen,`
			`const char **serverout,`
			`size_t *serveroutlen);`

			`int virNetSASLSessionServerStep(virNetSASLSessionPtr sasl,`
			`const char *clientin,`
			`size_t clientinlen,`
			`const char **serverout,`
			`size_t *serveroutlen);`

			`size_t virNetSASLSessionGetMaxBufSize(virNetSASLSessionPtr sasl);`

			`ssize_t virNetSASLSessionEncode(virNetSASLSessionPtr sasl,`
			`const char *input,`
			`size_t inputLen,`
			`const char **output,`
			`size_t *outputlen);`

			`ssize_t virNetSASLSessionDecode(virNetSASLSessionPtr sasl,`
			`const char *input,`
			`size_t inputLen,`
			`const char **output,`
			`size_t *outputlen);`

			`#endif /* __VIR_NET_CLIENT_SASL_CONTEXT_H__ */`