mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-11-02 19:31:18 +00:00
bb1c9296f5
This provides two modules for handling SASL * virNetSASLContext provides the process-wide state, currently just a whitelist of usernames on the server and a one time library init call * virNetTLSSession provides the per-connection state, ie the SASL session itself. This also include APIs for providing data encryption/decryption once the session is established * src/Makefile.am: Add to libvirt-net-rpc.la * src/rpc/virnetsaslcontext.c, src/rpc/virnetsaslcontext.h: Generic SASL handling code
120 lines
4.8 KiB
C
120 lines
4.8 KiB
C
/*
|
|
* virnetsaslcontext.h: SASL encryption/auth handling
|
|
*
|
|
* Copyright (C) 2010-2011 Red Hat, Inc.
|
|
*
|
|
* This library is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
* License as published by the Free Software Foundation; either
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
* License along with this library; if not, write to the Free Software
|
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
*/
|
|
|
|
#ifndef __VIR_NET_CLIENT_SASL_CONTEXT_H__
|
|
# define __VIR_NET_CLIENT_SASL_CONTEXT_H__
|
|
|
|
# include <sasl/sasl.h>
|
|
|
|
# include "internal.h"
|
|
|
|
typedef struct _virNetSASLContext virNetSASLContext;
|
|
typedef virNetSASLContext *virNetSASLContextPtr;
|
|
|
|
typedef struct _virNetSASLSession virNetSASLSession;
|
|
typedef virNetSASLSession *virNetSASLSessionPtr;
|
|
|
|
enum {
|
|
VIR_NET_SASL_COMPLETE,
|
|
VIR_NET_SASL_CONTINUE,
|
|
VIR_NET_SASL_INTERACT,
|
|
};
|
|
|
|
virNetSASLContextPtr virNetSASLContextNewClient(void);
|
|
virNetSASLContextPtr virNetSASLContextNewServer(const char *const*usernameWhitelist);
|
|
|
|
int virNetSASLContextCheckIdentity(virNetSASLContextPtr ctxt,
|
|
const char *identity);
|
|
|
|
void virNetSASLContextRef(virNetSASLContextPtr sasl);
|
|
void virNetSASLContextFree(virNetSASLContextPtr sasl);
|
|
|
|
virNetSASLSessionPtr virNetSASLSessionNewClient(virNetSASLContextPtr ctxt,
|
|
const char *service,
|
|
const char *hostname,
|
|
const char *localAddr,
|
|
const char *remoteAddr,
|
|
const sasl_callback_t *cbs);
|
|
virNetSASLSessionPtr virNetSASLSessionNewServer(virNetSASLContextPtr ctxt,
|
|
const char *service,
|
|
const char *localAddr,
|
|
const char *remoteAddr);
|
|
|
|
char *virNetSASLSessionListMechanisms(virNetSASLSessionPtr sasl);
|
|
|
|
void virNetSASLSessionRef(virNetSASLSessionPtr sasl);
|
|
|
|
int virNetSASLSessionExtKeySize(virNetSASLSessionPtr sasl,
|
|
int ssf);
|
|
|
|
int virNetSASLSessionGetKeySize(virNetSASLSessionPtr sasl);
|
|
|
|
const char *virNetSASLSessionGetIdentity(virNetSASLSessionPtr sasl);
|
|
|
|
int virNetSASLSessionSecProps(virNetSASLSessionPtr sasl,
|
|
int minSSF,
|
|
int maxSSF,
|
|
bool allowAnonymous);
|
|
|
|
int virNetSASLSessionClientStart(virNetSASLSessionPtr sasl,
|
|
const char *mechlist,
|
|
sasl_interact_t **prompt_need,
|
|
const char **clientout,
|
|
size_t *clientoutlen,
|
|
const char **mech);
|
|
|
|
int virNetSASLSessionClientStep(virNetSASLSessionPtr sasl,
|
|
const char *serverin,
|
|
size_t serverinlen,
|
|
sasl_interact_t **prompt_need,
|
|
const char **clientout,
|
|
size_t *clientoutlen);
|
|
|
|
int virNetSASLSessionServerStart(virNetSASLSessionPtr sasl,
|
|
const char *mechname,
|
|
const char *clientin,
|
|
size_t clientinlen,
|
|
const char **serverout,
|
|
size_t *serveroutlen);
|
|
|
|
int virNetSASLSessionServerStep(virNetSASLSessionPtr sasl,
|
|
const char *clientin,
|
|
size_t clientinlen,
|
|
const char **serverout,
|
|
size_t *serveroutlen);
|
|
|
|
size_t virNetSASLSessionGetMaxBufSize(virNetSASLSessionPtr sasl);
|
|
|
|
ssize_t virNetSASLSessionEncode(virNetSASLSessionPtr sasl,
|
|
const char *input,
|
|
size_t inputLen,
|
|
const char **output,
|
|
size_t *outputlen);
|
|
|
|
ssize_t virNetSASLSessionDecode(virNetSASLSessionPtr sasl,
|
|
const char *input,
|
|
size_t inputLen,
|
|
const char **output,
|
|
size_t *outputlen);
|
|
|
|
void virNetSASLSessionFree(virNetSASLSessionPtr sasl);
|
|
|
|
#endif /* __VIR_NET_CLIENT_SASL_CONTEXT_H__ */
|