CASA/CASA/include/micasa_mgmd.h

429 lines
15 KiB
C

/***********************************************************************
*
* Copyright (C) 2005-2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
***********************************************************************/
/***************************************************************************
* This is the Managed IDK for collaborating suite of applications
***************************************************************************/
#ifndef _MICASA_MANAGED_H_
#define _MICASA_MANAGED_H_
#if defined(__cplusplus) || defined(c_plusplus)
extern "C"
{
#endif
#include <micasa_types.h>
/***************************************************************************
*** All strings are length preceeded and the lengths include the NULL.
***************************************************************************/
#ifndef _SSUTF8_H_
/* defining the utf8 for SSCS */
typedef unsigned char SS_UTF8_T;
#endif
#define NSSCS_MAX_USERID_LEN 256 //* max username (bytes)
#define NSSCS_MAX_PWORD_LEN 128 //* max password (bytes)
#define NSSCS_MAX_SECRET_ID_LEN 512 //* in bytes including NULL
// used to denote what structure is being used for the credentials
#define SSCS_CRED_TYPE_BASIC_F 0x00000001L
#define SSCS_CRED_TYPE_BINARY_F 0x00000002L
// used to denote the type of username being requested or set
#define USERNAME_TYPE_CN_F 0x00000000L // default behavior
#define USERNAME_TYPE_NDS_DN_F 0x00000001L
#define USERNAME_TYPE_NDS_FDN_F 0x00000002L
#define USERNAME_TYPE_LDAP_DN_F 0x00000004L
#define USERNAME_TYPE_EMAIL_F 0x00000008L
#define USERNAME_TYPE_OTHER_F 0x00000010L
typedef struct _sscs_secret_id
{
uint32_t len; // max id len in bytes
SS_UTF8_T id[NSSCS_MAX_SECRET_ID_LEN]; // * should be passed in # of chars
} SSCS_SECRET_ID_T;
typedef struct _sscs_basic_credential
{
uint32_t unFlags;
uint32_t unLen;
SS_UTF8_T username[NSSCS_MAX_USERID_LEN];
uint32_t pwordLen;
SS_UTF8_T password[NSSCS_MAX_PWORD_LEN];
} SSCS_BASIC_CREDENTIAL;
typedef struct _sscs_binary_credential
{
uint32_t idLen;
SS_UTF8_T id[NSSCS_MAX_SECRET_ID_LEN];
uint32_t *dataLen;
uint8_t *data;
} SSCS_BINARY_CREDENTIAL;
typedef struct _sscs_ext_t
{
int32_t extID; // defined to identify the extension
int32_t version; // defined as the version of the specified extension
void *ext; // points to the actual extension
} SSCS_EXT_T;
/* ####################################################################### */
/* ############################## ERROR CODES ############################ */
/* ####################################################################### */
#define NSSCS_SUCCESS 0x00000000 /* 0 */
#define NSSCS_E_OBJECT_NOT_FOUND 0xFFFFFCE0 /* -800 */
#define NSSCS_E_NICI_FAILURE 0xFFFFFCDF /* -801 */
#define NSSCS_E_INVALID_SECRET_ID 0xFFFFFCDE /* -802 */
#define NSSCS_E_SYSTEM_FAILURE 0xFFFFFCDD /* -803 */
#define NSSCS_E_ACCESS_DENIED 0xFFFFFCDC /* -804 */
#define NSSCS_E_NDS_INTERNAL_FAILURE 0xFFFFFCDB /* -805 */
#define NSSCS_E_SECRET_UNINITIALIZED 0xFFFFFCDA /* -806 */
#define NSSCS_E_BUFFER_LEN 0xFFFFFCD9 /* -807 */
#define NSSCS_E_INCOMPATIBLE_VERSION 0xFFFFFCD8 /* -808 */
#define NSSCS_E_CORRUPTED_STORE 0xFFFFFCD7 /* -809 */
#define NSSCS_E_SECRET_ID_EXISTS 0xFFFFFCD6 /* -810 */
#define NSSCS_E_NDS_PWORD_CHANGED 0xFFFFFCD5 /* -811 */
#define NSSCS_E_INVALID_TARGET_OBJECT 0xFFFFFCD4 /* -812 */
#define NSSCS_E_STORE_NOT_FOUND 0xFFFFFCD3 /* -813 */
#define NSSCS_E_SERVICE_NOT_FOUND 0xFFFFFCD2 /* -814 */
#define NSSCS_E_SECRET_ID_TOO_LONG 0xFFFFFCD1 /* -815 */
#define NSSCS_E_ENUM_BUFF_TOO_SHORT 0xFFFFFCD0 /* -816 */
#define NSSCS_E_NOT_AUTHENTICATED 0xFFFFFCCF /* -817 */
#define NSSCS_E_NOT_SUPPORTED 0xFFFFFCCE /* -818 */
#define NSSCS_E_NDS_PWORD_INVALID 0xFFFFFCCD /* -819 */
#define NSSCS_E_NICI_OUTOF_SYNC 0xFFFFFCCC /* -820 */
#define NSSCS_E_SERVICE_NOT_SUPPORTED 0xFFFFFCCB /* -821 */
#define NSSCS_E_TOKEN_NOT_SUPPORTED 0xFFFFFCCA /* -822 */
#define NSSCS_E_UNICODE_OP_FAILURE 0xFFFFFCC9 /* -823 */
#define NSSCS_E_TRANSPORT_FAILURE 0xFFFFFCC8 /* -824 */
#define NSSCS_E_CRYPTO_OP_FAILURE 0xFFFFFCC7 /* -825 */
#define NSSCS_E_SERVER_CONN_FAILURE 0xFFFFFCC6 /* -826 */
#define NSSCS_E_CONN_ACCESS_FAILURE 0xFFFFFCC5 /* -827 */
#define NSSCS_E_ENUM_BUFF_TOO_LONG 0xFFFFFCC4 /* -828 */
#define NSSCS_E_SECRET_BUFF_TOO_LONG 0xFFFFFCC3 /* -829 */
#define NSSCS_E_SECRET_ID_TOO_SHORT 0xFFFFFCC2 /* -830 */
#define NSSCS_E_CORRUPTED_PACKET_DATA 0xFFFFFCC1 /* -831 */
#define NSSCS_E_EP_ACCESS_DENIED 0xFFFFFCC0 /* -832 */
#define NSSCS_E_SCHEMA_NOT_EXTENDED 0xFFFFFCBF /* -833 */
#define NSSCS_E_ATTR_NOT_FOUND 0xFFFFFCBE /* -834 */
#define NSSCS_E_MIGRATION_NEEDED 0xFFFFFCBD /* -835 */
#define NSSCS_E_MP_PWORD_INVALID 0xFFFFFCBC /* -836 */
#define NSSCS_E_MP_PWORD_NOT_SET 0xFFFFFCBB /* -837 */
#define NSSCS_E_MP_PWORD_NOT_ALLOWED 0xFFFFFCBA /* -838 */
#define NSSCS_E_WRONG_REPLICA_TYPE 0xFFFFFCB9 /* -839 */
#define NSSCS_E_ATTR_VAL_NOT_FOUND 0xFFFFFCB8 /* -840 */
#define NSSCS_E_INVALID_PARAM 0xFFFFFCB7 /* -841 */
#define NSSCS_E_NEED_SECURE_CHANNEL 0xFFFFFCB6 /* -842 */
#define NSSCS_E_CONFIG_NOT_SUPPORTED 0xFFFFFCB5 /* -843 */
#define NSSCS_E_STORE_NOT_LOCKED 0xFFFFFCB4 /* -844 */
#define NSSCS_E_TIME_OUT_OF_SYNC 0xFFFFFCB3 /* -845 */
#define NSSCS_E_VERSION_MISMATCH 0xFFFFFCB2 /* -846 */
#define NSSCS_E_SECRET_BUFF_TOO_SHORT 0xFFFFFCB1 /* -847 */
#define NSSCS_E_SH_SECRET_FAILURE 0xFFFFFCB0 /* -848 */
#define NSSCS_E_PARSER_FAILURE 0xFFFFFCAF /* -849 */
#define NSSCS_E_UTF8_OP_FAILURE 0xFFFFFCAE /* -850 */
#define NSSCS_E_CTX_LESS_CN_NOT_UNIQUE 0xFFFFFCAD /* -851 */
#define NSSCS_E_UNSUPPORTED_BIND_CRED 0xFFFFFCAC /* -852 */
#define NSSCS_E_CERTIFICATE_NOT_FOUND 0xFFFFFCAB /* -853 */
#define NSSCS_E_CANT_OPEN_CLIENT_CACHE 0xFFFFFCAA /* -854 */
#define NSSCS_E_WRONG_SH_SEC_TYPE 0xFFFFFCA9 /* -855 */
#define NSSCS_E_NOT_IMPLEMENTED 0xFFFFFC88 /* -888 */
#define NSSCS_E_BETA_EXPIRED 0xFFFFFC7D /* -899 */
/* #########################################################################
########################### ERROR DESCRIPTIONS ##########################
#########################################################################
NSSCS_E_OBJECT_NOT_FOUND -800
Description: Can't find the target object DN in NDS. (Resolve name failed.)
NSSCS_E_NICI_FAILURE -801
Description: NICI operations have failed.
NSSCS_E_INVALID_SECRET_ID -802
Description: Secret ID is not in the User Secret Store.
NSSCS_E_SYSTEM_FAILURE -803
Description: Some internal operating system services have not been available.
NSSCS_E_ACCESS_DENIED -804
Description: Access to the target Secret Store has been denied!
NSSCS_E_NDS_INTERNAL_FAILURE -805
Description: Some internal NDS services have not been available.
NSSCS_E_SECRET_UNINITIALIZED -806
Description: Secret has not been initialized with a write.
NSSCS_E_BUFFER_LEN -807
Description: Size of the buffer is not in a nominal range between minimum and maximum.
NSSCS_E_INCOMPATIBLE_VERSION -808
Description: Client and server components are not of the compatible versions.
NSSCS_E_CORRUPTED_STORE -809
Description: Secret Store data on the server has been corrupted.
NSSCS_E_SECRET_ID_EXISTS -810
Description: Secret ID already exists in the Secret Store.
NSSCS_E_NDS_PWORD_CHANGED -811
Description: User NDS password has been changed by the administrator.
NSSCS_E_INVALID_TARGET_OBJECT -812
Description: Target NDS User object not found.
NSSCS_E_STORE_NOT_FOUND -813
Description: Target NDS User object does not have a Secret Store.
NSSCS_E_SERVICE_NOT_FOUND -814
Description: Secret Store not on the Network.
NSSCS_E_SECRET_ID_TOO_LONG -815
Description: Lenght of the Secret ID buffer exceeds the limit.
NSSCS_E_ENUM_BUFF_TOO_SHORT -816
Description: Lenght of the Enumeration buffer too short.
NSSCS_E_NOT_AUTHENTICATED -817
Description: User not authenticated.
NSSCS_E_NOT_SUPPORTED -818
Description: Not supported operations.
NSSCS_E_NDS_PWORD_INVALID -819
Description: Typed in NDS password not valid.
NSSCS_E_NICI_OUTOF_SYNC -820
Description: Session keys of the client and server NICI are out of sync.
NSSCS_E_SERVICE_NOT_SUPPORTED -821
Description: Requested service not supported yet.
NSSCS_E_TOKEN_NOT_SUPPORTED -822
Description: NDS authentication type not supported.
NSSCS_E_UNICODE_OP_FAILURE -823
Description: Unicode text conversion operation failed.
NSSCS_E_TRANSPORT_FAILURE -824
Description: Connection to server is lost.
NSSCS_E_CRYPTO_OP_FAILURE -825
Description: Cryptographic operation failed.
NSSCS_E_SERVER_CONN_FAILURE -826
Description: Opening a connection to the server failed.
NSSCS_E_CONN_ACCESS_FAILURE -827
Description: Access to server connection failed.
NSSCS_E_ENUM_BUFF_TOO_LONG -828
Description: Size of the enumeration buffer exceeds the limit.
NSSCS_E_SECRET_BUFF_TOO_LONG -829
Description: Size of the Secret buffer exceeds the limit.
NSSCS_E_SECRET_ID_TOO_SHORT -830
Description: Lenght of the Secret ID should be greater than zero.
NSSCS_E_CORRUPTED_PACKET_DATA -831
Description: Protocol data corrupted on the wire.
NSSCS_E_EP_ACCESS_DENIED -832
Description: EP password validation failed. Access to the secret denied!
NSSCS_E_SCHEMA_NOT_EXTENDED -833
Description: Schema is not extended to support SecreStore on the target tree.
NSSCS_E_ATTR_NOT_FOUND -834
Description: One of the optional service attributes is not instantiated.
NSSCS_E_MIGRATION_NEEDED -835
Description: Server has been upgraded and user SecretStore should be updated.
NSSCS_E_MP_PWORD_INVALID -836
Description: Master passwrod could not be verified to read or unlock the secrets.
NSSCS_E_MP_PWORD_NOT_SET -837
Description: Master password has not been set on the SecretStore.
NSSCS_E_MP_PWORD_NOT_ALLOWED -838
Description: Ability to use master password has been disabled.
NSSCS_E_WRONG_REPLICA_TYPE -839
Description: Not a writeable replica of NDS.
NSSCS_E_ATTR_VAL_NOT_FOUND -840
Description: Target attrbute is not instantiated in NDS.
NSSCS_E_INVALID_PARAM -841
Description: API parameter is not initialized.
NSSCS_E_NEED_SECURE_CHANNEL -842
Description: Connection to the SecretStore needs to be over SSL.
NSSCS_E_CONFIG_NOT_SUPPORTED -843
Description: No server to support the given override configuration is found.
NSSCS_E_STORE_NOT_LOCKED -844
Description: Attempt to unlock SecretStore failed because the store is not locked.
NSSCS_E_TIME_OUT_OF_SYNC -845
Description: NDS Replica on the server that holds SecretStore is out of sync with the replica ring.
NSSCS_E_VERSION_MISMATCH -846
Description: Versions of the client dlls don't match.
NSSCS_E_SECRET_BUFF_TOO_SHORT -847
Description: Buffer supplied for the secret is too short (minimum NSSCS_MIN_IDLIST_BUF_LEN).
NSSCS_E_SH_SECRET_FAILURE -848
Description: Shared Secret processing and operations failed.
NSSCS_E_PARSER_FAILURE -849
Description: Shared Secret parser operations failed.
NSSCS_E_UTF8_OP_FAILURE -850
Description: Utf8 string operations failed.
NSSCS_E_CTX_LESS_CN_NOT_UNIQUE -851
Description: Contextless name for LDAP bind does not resolve to a unique DN
NSSCS_E_UNSUPPORTED_BIND_CRED -852
Description: login credential for advanced bind is not supported
NSSCS_E_CERTIFICATE_NOT_FOUND -853
Description: LDAP Root Cert required for Bind operations not found
NSSCS_E_WRONG_SH_SEC_TYPE -855
Description: Unrecognized or unknown shared secret tag.
NSSCS_E_NOT_IMPLEMENTED -888
Description: Feature not implemented yet.
NSSCS_E_BETA_EXPIRED -899
Description: Product's BETA life has expired! Official release copy should be
purchased.
########################### END OFERROR CODES ########################## */
// * The following functions will be exposed as exported API:
// **************************************************************
// * These function calls will utilize the Support Functions for
// * populating or extracting data from a Shared Secret.
// **************************************************************
// General API Info:
// All strings passed through the API need to be NULL terminated.
//
//
// Parameters:
// ssFlags
// Sets behaviors desired on the Secret. Set to 0.
//
// appSecretID (input) -
// Name of service requesting credentials.
//
// sharedSecretID (input) -
// The group name is the name of the backend authentication realm, relating a group of services.
// Example: Novell.Collaboration (Groupwise, GW address book, GW Notify, and GWIM)
// This parameter can be set to NULL,
//
// credentialType (input)
// Type of credential structure used during this call.
// Currently we only support one:
// SSCS_CRED_TYPE_BASIC_F
//
// credential
// Pointer to the credential structure
//
// ext
// Reserved.
//
// Abstract:
//
// Get cache user credentials routine.
//
//
SSCS_EXTERN_LIBCALL(int32_t)
miCASAGetCredential
(
uint32_t ssFlags, // IN
SSCS_SECRET_ID_T * appSecretID, // IN
SSCS_SECRET_ID_T * sharedSecretID, // Optional IN
uint32_t * credentialType, // IN/OUT
void * credential, // OUT
SSCS_EXT_T * ext // Reserved
);
SSCS_EXTERN_LIBCALL(int32_t)
miCASASetCredential
(
uint32_t ssFlags, // IN
SSCS_SECRET_ID_T * appSecretID, // IN
SSCS_SECRET_ID_T * sharedSecretID, // Optional IN
uint32_t credentialType, // IN
void * credential, // IN
SSCS_EXT_T * ext // Reserved
);
SSCS_EXTERN_LIBCALL(int32_t)
miCASARemoveCredential
(
uint32_t ssFlags, // IN
SSCS_SECRET_ID_T * appSecretID, // IN
SSCS_SECRET_ID_T * sharedSecretID, // Optional IN
SSCS_EXT_T * ext // Reserved
);
// end
SSCS_EXTERN_LIBCALL(int32_t)
miCASAIsSecretPersistent
(
uint32_t ssFlags,
SSCS_SECRET_ID_T *secretID,
SSCS_EXT_T *ext
);
#if defined(__cplusplus) || defined(c_plusplus)
}
#endif
#endif