/* Definitions for the authentication server
   Copyright (C) 1991, 1992 Free Software Foundation

This file is part of the GNU Hurd.

The GNU Hurd is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.

The GNU Hurd is distributed in the hope that it will be useful, 
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with the GNU Hurd; see the file COPYING.  If not, write to
the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.  */

subsystem auth 25000;

#include <hurd/hurd_types.defs>

#ifdef AUTH_IMPORTS
AUTH_IMPORTS
#endif

type reply_port_t = MACH_MSG_TYPE_MAKE_SEND_ONCE | polymorphic
	ctype: mach_port_t;

/* Throughout, uid's and gid's are passed as arrays.  Conventionally,
   the first uid is the real uid and the second is the saved uid.
   Neither of these should be used for permissions checking.
   Similarly, the first gid is the real gid and the second gid is the
   saved gid.  */

/* Given an authentication handle, return the identification. */
routine auth_getids (
	handle: auth_t;
	out uids: idarray_t;
	out gids: idarray_t);

/* Create a new authentication handle.  */
routine auth_makeauth (
	handle: auth_t;
	uids: idarray_t;
	gids: idarray_t;
	out newhandle: mach_port_make_send_t);

routine auth_combine (
	handle1: auth_t;
	handle2: auth_t;
	out newhandle: mach_port_make_send_t);

/* Called by a user in a reauthentication transaction.  The rendezvous
   port is used to match the request up with the server's
   auth_server_authenticate call.  The newport is a port provided by
   the server.  */
routine auth_user_authenticate (
	handle: auth_t;
	sreplyport reply_port: reply_port_t;
	rendezvous: mach_port_t;
	out newport: mach_port_t);
   
/* Called by a server in a reauthentication transaction.  The
   rendezvous port is used to match the request up with the user's
   auth_user_authenticate call.  The newport is passed to the user
   through the authentication server.  The identification information
   is returned.  */
routine auth_server_authenticate (
	handle: auth_t;
	sreplyport reply_port: reply_port_t;
	rendezvous: mach_port_t;
	newport: mach_port_t;
	out uids: idarray_t;
	out gids: idarray_t);