<<>> <> <> <> DIRECTORY Rope USING [ROPE] ; SunRPCAuth: CEDAR DEFINITIONS ~ { ROPE: TYPE ~ Rope.ROPE; <> Flavor: TYPE ~ RECORD [CARD]; nullFlavor: Flavor ~ [0]; unixFlavor: Flavor ~ [1]; shortFlavor: Flavor ~ [2]; OpaqueValue: TYPE ~ REF TEXT; maxValueBytes: CARDINAL ~ 500; AuthenticateResult: TYPE ~ { ok, badCredentials, -- can't be parsed wrongCredentials, -- don't like them badVerifier, -- can't be parsed wrongVerifier -- don't like it }; Conversation: TYPE ~ REF ConversationObject; ConversationObject: TYPE ~ RECORD [ flavor: Flavor, procs: Procs, conversationData: REF ]; Procs: TYPE ~ REF ProcsObject; ProcsObject: TYPE ~ RECORD [ getCredentialsAndNextVerifier: GetCredentialsAndNextVerifierProc, checkReplyVerifier: CheckReplyVerifierProc, noShortcut: NoShortcutProc, terminate: TerminateProc ]; <> Initiate: PROC [flavor: Flavor ¬ nullFlavor, myName, myPassword: ROPE ¬ NIL, hisName: ROPE ¬ NIL] RETURNS [c: Conversation]; <> <> <<>> <> NoShortcut: NoShortcutProc ~ INLINE { RETURN[c.procs.noShortcut[c]] }; NoShortcutProc: TYPE ~ PROC [c: Conversation] RETURNS [wasShortcut: BOOL]; <> Terminate: TerminateProc ~ INLINE { c.procs.terminate[c] }; TerminateProc: TYPE ~ PROC [c: Conversation]; <> GetCredentialsAndNextVerifier: GetCredentialsAndNextVerifierProc ~ INLINE { [cFlavor, credentials, vFlavor, verifier] ¬ c.procs.getCredentialsAndNextVerifier[c]; }; GetCredentialsAndNextVerifierProc: TYPE ~ PROC [c: Conversation] RETURNS [cFlavor: Flavor, credentials: OpaqueValue, vFlavor: Flavor, verifier: OpaqueValue]; <> CheckReplyVerifier: CheckReplyVerifierProc ~ INLINE { result ¬ c.procs.checkReplyVerifier[c, flavor, verifier]; }; CheckReplyVerifierProc: TYPE ~ PROC [c: Conversation, flavor: Flavor, verifier: OpaqueValue] RETURNS [result: AuthenticateResult]; <> <> Authenticate: PROC [cFlavor: Flavor, credentials: OpaqueValue, vFlavor: Flavor, verifier: OpaqueValue] RETURNS [result: AuthenticateResult, replyFlavor: Flavor, replyVerifier: OpaqueValue, c: Conversation]; <> <> <> <> Register: PROC [flavor: Flavor, initiate: InitiateProc, authenticate: AuthenticateProc, sweep: SweepProc, registrationData: REF]; <> <> InitiateProc: TYPE ~ PROC [flavor: Flavor, myName, myPassword: ROPE, hisName: ROPE, registrationData: REF] RETURNS [c: Conversation]; <> <<>> AuthenticateProc: TYPE ~ PROC [cFlavor: Flavor, credentials: OpaqueValue, vFlavor: Flavor, verifier: OpaqueValue, registrationData: REF] RETURNS [result: AuthenticateResult, replyFlavor: Flavor, replyVerifier: OpaqueValue, c: Conversation]; <> SweepProc: TYPE ~ PROC [registrationData: REF, secondsSinceLastSweep: CARD]; <> CreateShort: PROC [c: Conversation] RETURNS [replyVerifier: OpaqueValue]; <> DestroyShort: PROC [key: OpaqueValue]; <> <> Error: ERROR [code: ATOM]; <> <<$flavorOutOfRange>> <<$flavorNotRegistered>> <<$wrongUserPassword : user unknown or wrong password for user.>> <<$wrongService : specified service (hisName) in Initiate doesn't exist.>> <<$badCredentials : can't parse them.>> <<$wrongCredentials : not acceptable.>> <<$badVerifier : can't parse it.>> <<$wrongVerifier : not acceptable.>> <<$timeout : unable to contact authentication service.>> <<$protocol : confusion in talking to authentication service.>> }...