krb5.h revision 1.1
1 1.1 elric /* $NetBSD: krb5.h,v 1.1 2011/04/13 18:15:34 elric Exp $ */ 2 1.1 elric 3 1.1 elric /* 4 1.1 elric * Copyright (c) 1997 - 2007 Kungliga Tekniska Hgskolan 5 1.1 elric * (Royal Institute of Technology, Stockholm, Sweden). 6 1.1 elric * All rights reserved. 7 1.1 elric * 8 1.1 elric * Portions Copyright (c) 2009 Apple Inc. All rights reserved. 9 1.1 elric * 10 1.1 elric * Redistribution and use in source and binary forms, with or without 11 1.1 elric * modification, are permitted provided that the following conditions 12 1.1 elric * are met: 13 1.1 elric * 14 1.1 elric * 1. Redistributions of source code must retain the above copyright 15 1.1 elric * notice, this list of conditions and the following disclaimer. 16 1.1 elric * 17 1.1 elric * 2. Redistributions in binary form must reproduce the above copyright 18 1.1 elric * notice, this list of conditions and the following disclaimer in the 19 1.1 elric * documentation and/or other materials provided with the distribution. 20 1.1 elric * 21 1.1 elric * 3. Neither the name of the Institute nor the names of its contributors 22 1.1 elric * may be used to endorse or promote products derived from this software 23 1.1 elric * without specific prior written permission. 24 1.1 elric * 25 1.1 elric * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 26 1.1 elric * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 27 1.1 elric * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 28 1.1 elric * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 29 1.1 elric * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30 1.1 elric * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31 1.1 elric * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32 1.1 elric * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33 1.1 elric * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34 1.1 elric * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35 1.1 elric * SUCH DAMAGE. 36 1.1 elric */ 37 1.1 elric 38 1.1 elric /* $Id: krb5.h,v 1.1 2011/04/13 18:15:34 elric Exp $ */ 39 1.1 elric 40 1.1 elric #ifndef __KRB5_H__ 41 1.1 elric #define __KRB5_H__ 42 1.1 elric 43 1.1 elric #include <time.h> 44 1.1 elric #include <krb5/krb5-types.h> 45 1.1 elric 46 1.1 elric #include <krb5/asn1_err.h> 47 1.1 elric #include <krb5/krb5_err.h> 48 1.1 elric #include <krb5/heim_err.h> 49 1.1 elric #include <krb5/k524_err.h> 50 1.1 elric 51 1.1 elric #include <krb5/krb5_asn1.h> 52 1.1 elric 53 1.1 elric /* name confusion with MIT */ 54 1.1 elric #ifndef KRB5KDC_ERR_KEY_EXP 55 1.1 elric #define KRB5KDC_ERR_KEY_EXP KRB5KDC_ERR_KEY_EXPIRED 56 1.1 elric #endif 57 1.1 elric 58 1.1 elric #ifndef KRB5_DEPRECATED 59 1.1 elric #if defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 ))) 60 1.1 elric #define KRB5_DEPRECATED __attribute__((deprecated)) 61 1.1 elric #elif defined(_MSC_VER) && (_MSC_VER>1200) 62 1.1 elric #define KRB5_DEPRECATED __declspec(deprecated) 63 1.1 elric #else 64 1.1 elric #define KRB5_DEPRECATED 65 1.1 elric #endif 66 1.1 elric #endif 67 1.1 elric 68 1.1 elric #ifdef _WIN32 69 1.1 elric #define KRB5_CALLCONV __stdcall 70 1.1 elric #else 71 1.1 elric #define KRB5_CALLCONV 72 1.1 elric #endif 73 1.1 elric 74 1.1 elric /* simple constants */ 75 1.1 elric 76 1.1 elric #ifndef TRUE 77 1.1 elric #define TRUE 1 78 1.1 elric #define FALSE 0 79 1.1 elric #endif 80 1.1 elric 81 1.1 elric typedef int krb5_boolean; 82 1.1 elric 83 1.1 elric typedef int32_t krb5_error_code; 84 1.1 elric 85 1.1 elric typedef int32_t krb5_kvno; 86 1.1 elric 87 1.1 elric typedef uint32_t krb5_flags; 88 1.1 elric 89 1.1 elric typedef void *krb5_pointer; 90 1.1 elric typedef const void *krb5_const_pointer; 91 1.1 elric 92 1.1 elric struct krb5_crypto_data; 93 1.1 elric typedef struct krb5_crypto_data *krb5_crypto; 94 1.1 elric 95 1.1 elric struct krb5_get_creds_opt_data; 96 1.1 elric typedef struct krb5_get_creds_opt_data *krb5_get_creds_opt; 97 1.1 elric 98 1.1 elric struct krb5_digest_data; 99 1.1 elric typedef struct krb5_digest_data *krb5_digest; 100 1.1 elric struct krb5_ntlm_data; 101 1.1 elric typedef struct krb5_ntlm_data *krb5_ntlm; 102 1.1 elric 103 1.1 elric struct krb5_pac_data; 104 1.1 elric typedef struct krb5_pac_data *krb5_pac; 105 1.1 elric 106 1.1 elric typedef struct krb5_rd_req_in_ctx_data *krb5_rd_req_in_ctx; 107 1.1 elric typedef struct krb5_rd_req_out_ctx_data *krb5_rd_req_out_ctx; 108 1.1 elric 109 1.1 elric typedef CKSUMTYPE krb5_cksumtype; 110 1.1 elric 111 1.1 elric typedef Checksum krb5_checksum; 112 1.1 elric 113 1.1 elric typedef ENCTYPE krb5_enctype; 114 1.1 elric 115 1.1 elric typedef struct krb5_get_init_creds_ctx *krb5_init_creds_context; 116 1.1 elric 117 1.1 elric typedef heim_octet_string krb5_data; 118 1.1 elric 119 1.1 elric /* PKINIT related forward declarations */ 120 1.1 elric struct ContentInfo; 121 1.1 elric struct krb5_pk_identity; 122 1.1 elric struct krb5_pk_cert; 123 1.1 elric 124 1.1 elric /* krb5_enc_data is a mit compat structure */ 125 1.1 elric typedef struct krb5_enc_data { 126 1.1 elric krb5_enctype enctype; 127 1.1 elric krb5_kvno kvno; 128 1.1 elric krb5_data ciphertext; 129 1.1 elric } krb5_enc_data; 130 1.1 elric 131 1.1 elric /* alternative names */ 132 1.1 elric enum { 133 1.1 elric ENCTYPE_NULL = ETYPE_NULL, 134 1.1 elric ENCTYPE_DES_CBC_CRC = ETYPE_DES_CBC_CRC, 135 1.1 elric ENCTYPE_DES_CBC_MD4 = ETYPE_DES_CBC_MD4, 136 1.1 elric ENCTYPE_DES_CBC_MD5 = ETYPE_DES_CBC_MD5, 137 1.1 elric ENCTYPE_DES3_CBC_MD5 = ETYPE_DES3_CBC_MD5, 138 1.1 elric ENCTYPE_OLD_DES3_CBC_SHA1 = ETYPE_OLD_DES3_CBC_SHA1, 139 1.1 elric ENCTYPE_SIGN_DSA_GENERATE = ETYPE_SIGN_DSA_GENERATE, 140 1.1 elric ENCTYPE_ENCRYPT_RSA_PRIV = ETYPE_ENCRYPT_RSA_PRIV, 141 1.1 elric ENCTYPE_ENCRYPT_RSA_PUB = ETYPE_ENCRYPT_RSA_PUB, 142 1.1 elric ENCTYPE_DES3_CBC_SHA1 = ETYPE_DES3_CBC_SHA1, 143 1.1 elric ENCTYPE_AES128_CTS_HMAC_SHA1_96 = ETYPE_AES128_CTS_HMAC_SHA1_96, 144 1.1 elric ENCTYPE_AES256_CTS_HMAC_SHA1_96 = ETYPE_AES256_CTS_HMAC_SHA1_96, 145 1.1 elric ENCTYPE_ARCFOUR_HMAC = ETYPE_ARCFOUR_HMAC_MD5, 146 1.1 elric ENCTYPE_ARCFOUR_HMAC_MD5 = ETYPE_ARCFOUR_HMAC_MD5, 147 1.1 elric ENCTYPE_ARCFOUR_HMAC_MD5_56 = ETYPE_ARCFOUR_HMAC_MD5_56, 148 1.1 elric ENCTYPE_ENCTYPE_PK_CROSS = ETYPE_ENCTYPE_PK_CROSS, 149 1.1 elric ENCTYPE_DES_CBC_NONE = ETYPE_DES_CBC_NONE, 150 1.1 elric ENCTYPE_DES3_CBC_NONE = ETYPE_DES3_CBC_NONE, 151 1.1 elric ENCTYPE_DES_CFB64_NONE = ETYPE_DES_CFB64_NONE, 152 1.1 elric ENCTYPE_DES_PCBC_NONE = ETYPE_DES_PCBC_NONE 153 1.1 elric }; 154 1.1 elric 155 1.1 elric typedef PADATA_TYPE krb5_preauthtype; 156 1.1 elric 157 1.1 elric typedef enum krb5_key_usage { 158 1.1 elric KRB5_KU_PA_ENC_TIMESTAMP = 1, 159 1.1 elric /* AS-REQ PA-ENC-TIMESTAMP padata timestamp, encrypted with the 160 1.1 elric client key (section 5.4.1) */ 161 1.1 elric KRB5_KU_TICKET = 2, 162 1.1 elric /* AS-REP Ticket and TGS-REP Ticket (includes tgs session key or 163 1.1 elric application session key), encrypted with the service key 164 1.1 elric (section 5.4.2) */ 165 1.1 elric KRB5_KU_AS_REP_ENC_PART = 3, 166 1.1 elric /* AS-REP encrypted part (includes tgs session key or application 167 1.1 elric session key), encrypted with the client key (section 5.4.2) */ 168 1.1 elric KRB5_KU_TGS_REQ_AUTH_DAT_SESSION = 4, 169 1.1 elric /* TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the tgs 170 1.1 elric session key (section 5.4.1) */ 171 1.1 elric KRB5_KU_TGS_REQ_AUTH_DAT_SUBKEY = 5, 172 1.1 elric /* TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the tgs 173 1.1 elric authenticator subkey (section 5.4.1) */ 174 1.1 elric KRB5_KU_TGS_REQ_AUTH_CKSUM = 6, 175 1.1 elric /* TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator cksum, keyed 176 1.1 elric with the tgs session key (sections 5.3.2, 5.4.1) */ 177 1.1 elric KRB5_KU_TGS_REQ_AUTH = 7, 178 1.1 elric /* TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator (includes tgs 179 1.1 elric authenticator subkey), encrypted with the tgs session key 180 1.1 elric (section 5.3.2) */ 181 1.1 elric KRB5_KU_TGS_REP_ENC_PART_SESSION = 8, 182 1.1 elric /* TGS-REP encrypted part (includes application session key), 183 1.1 elric encrypted with the tgs session key (section 5.4.2) */ 184 1.1 elric KRB5_KU_TGS_REP_ENC_PART_SUB_KEY = 9, 185 1.1 elric /* TGS-REP encrypted part (includes application session key), 186 1.1 elric encrypted with the tgs authenticator subkey (section 5.4.2) */ 187 1.1 elric KRB5_KU_AP_REQ_AUTH_CKSUM = 10, 188 1.1 elric /* AP-REQ Authenticator cksum, keyed with the application session 189 1.1 elric key (section 5.3.2) */ 190 1.1 elric KRB5_KU_AP_REQ_AUTH = 11, 191 1.1 elric /* AP-REQ Authenticator (includes application authenticator 192 1.1 elric subkey), encrypted with the application session key (section 193 1.1 elric 5.3.2) */ 194 1.1 elric KRB5_KU_AP_REQ_ENC_PART = 12, 195 1.1 elric /* AP-REP encrypted part (includes application session subkey), 196 1.1 elric encrypted with the application session key (section 5.5.2) */ 197 1.1 elric KRB5_KU_KRB_PRIV = 13, 198 1.1 elric /* KRB-PRIV encrypted part, encrypted with a key chosen by the 199 1.1 elric application (section 5.7.1) */ 200 1.1 elric KRB5_KU_KRB_CRED = 14, 201 1.1 elric /* KRB-CRED encrypted part, encrypted with a key chosen by the 202 1.1 elric application (section 5.8.1) */ 203 1.1 elric KRB5_KU_KRB_SAFE_CKSUM = 15, 204 1.1 elric /* KRB-SAFE cksum, keyed with a key chosen by the application 205 1.1 elric (section 5.6.1) */ 206 1.1 elric KRB5_KU_OTHER_ENCRYPTED = 16, 207 1.1 elric /* Data which is defined in some specification outside of 208 1.1 elric Kerberos to be encrypted using an RFC1510 encryption type. */ 209 1.1 elric KRB5_KU_OTHER_CKSUM = 17, 210 1.1 elric /* Data which is defined in some specification outside of 211 1.1 elric Kerberos to be checksummed using an RFC1510 checksum type. */ 212 1.1 elric KRB5_KU_KRB_ERROR = 18, 213 1.1 elric /* Krb-error checksum */ 214 1.1 elric KRB5_KU_AD_KDC_ISSUED = 19, 215 1.1 elric /* AD-KDCIssued checksum */ 216 1.1 elric KRB5_KU_MANDATORY_TICKET_EXTENSION = 20, 217 1.1 elric /* Checksum for Mandatory Ticket Extensions */ 218 1.1 elric KRB5_KU_AUTH_DATA_TICKET_EXTENSION = 21, 219 1.1 elric /* Checksum in Authorization Data in Ticket Extensions */ 220 1.1 elric KRB5_KU_USAGE_SEAL = 22, 221 1.1 elric /* seal in GSSAPI krb5 mechanism */ 222 1.1 elric KRB5_KU_USAGE_SIGN = 23, 223 1.1 elric /* sign in GSSAPI krb5 mechanism */ 224 1.1 elric KRB5_KU_USAGE_SEQ = 24, 225 1.1 elric /* SEQ in GSSAPI krb5 mechanism */ 226 1.1 elric KRB5_KU_USAGE_ACCEPTOR_SEAL = 22, 227 1.1 elric /* acceptor sign in GSSAPI CFX krb5 mechanism */ 228 1.1 elric KRB5_KU_USAGE_ACCEPTOR_SIGN = 23, 229 1.1 elric /* acceptor seal in GSSAPI CFX krb5 mechanism */ 230 1.1 elric KRB5_KU_USAGE_INITIATOR_SEAL = 24, 231 1.1 elric /* initiator sign in GSSAPI CFX krb5 mechanism */ 232 1.1 elric KRB5_KU_USAGE_INITIATOR_SIGN = 25, 233 1.1 elric /* initiator seal in GSSAPI CFX krb5 mechanism */ 234 1.1 elric KRB5_KU_PA_SERVER_REFERRAL_DATA = 22, 235 1.1 elric /* encrypted server referral data */ 236 1.1 elric KRB5_KU_SAM_CHECKSUM = 25, 237 1.1 elric /* Checksum for the SAM-CHECKSUM field */ 238 1.1 elric KRB5_KU_SAM_ENC_TRACK_ID = 26, 239 1.1 elric /* Encryption of the SAM-TRACK-ID field */ 240 1.1 elric KRB5_KU_PA_SERVER_REFERRAL = 26, 241 1.1 elric /* Keyusage for the server referral in a TGS req */ 242 1.1 elric KRB5_KU_SAM_ENC_NONCE_SAD = 27, 243 1.1 elric /* Encryption of the SAM-NONCE-OR-SAD field */ 244 1.1 elric KRB5_KU_PA_PKINIT_KX = 44, 245 1.1 elric /* Encryption type of the kdc session contribution in pk-init */ 246 1.1 elric KRB5_KU_AS_REQ = 56, 247 1.1 elric /* Checksum of over the AS-REQ send by the KDC in PA-REQ-ENC-PA-REP */ 248 1.1 elric KRB5_KU_DIGEST_ENCRYPT = -18, 249 1.1 elric /* Encryption key usage used in the digest encryption field */ 250 1.1 elric KRB5_KU_DIGEST_OPAQUE = -19, 251 1.1 elric /* Checksum key usage used in the digest opaque field */ 252 1.1 elric KRB5_KU_KRB5SIGNEDPATH = -21, 253 1.1 elric /* Checksum key usage on KRB5SignedPath */ 254 1.1 elric KRB5_KU_CANONICALIZED_NAMES = -23 255 1.1 elric /* Checksum key usage on PA-CANONICALIZED */ 256 1.1 elric } krb5_key_usage; 257 1.1 elric 258 1.1 elric typedef krb5_key_usage krb5_keyusage; 259 1.1 elric 260 1.1 elric typedef enum krb5_salttype { 261 1.1 elric KRB5_PW_SALT = KRB5_PADATA_PW_SALT, 262 1.1 elric KRB5_AFS3_SALT = KRB5_PADATA_AFS3_SALT 263 1.1 elric }krb5_salttype; 264 1.1 elric 265 1.1 elric typedef struct krb5_salt { 266 1.1 elric krb5_salttype salttype; 267 1.1 elric krb5_data saltvalue; 268 1.1 elric } krb5_salt; 269 1.1 elric 270 1.1 elric typedef ETYPE_INFO krb5_preauthinfo; 271 1.1 elric 272 1.1 elric typedef struct { 273 1.1 elric krb5_preauthtype type; 274 1.1 elric krb5_preauthinfo info; /* list of preauthinfo for this type */ 275 1.1 elric } krb5_preauthdata_entry; 276 1.1 elric 277 1.1 elric typedef struct krb5_preauthdata { 278 1.1 elric unsigned len; 279 1.1 elric krb5_preauthdata_entry *val; 280 1.1 elric }krb5_preauthdata; 281 1.1 elric 282 1.1 elric typedef enum krb5_address_type { 283 1.1 elric KRB5_ADDRESS_INET = 2, 284 1.1 elric KRB5_ADDRESS_NETBIOS = 20, 285 1.1 elric KRB5_ADDRESS_INET6 = 24, 286 1.1 elric KRB5_ADDRESS_ADDRPORT = 256, 287 1.1 elric KRB5_ADDRESS_IPPORT = 257 288 1.1 elric } krb5_address_type; 289 1.1 elric 290 1.1 elric enum { 291 1.1 elric AP_OPTS_USE_SESSION_KEY = 1, 292 1.1 elric AP_OPTS_MUTUAL_REQUIRED = 2, 293 1.1 elric AP_OPTS_USE_SUBKEY = 4 /* library internal */ 294 1.1 elric }; 295 1.1 elric 296 1.1 elric typedef HostAddress krb5_address; 297 1.1 elric 298 1.1 elric typedef HostAddresses krb5_addresses; 299 1.1 elric 300 1.1 elric typedef enum krb5_keytype { 301 1.1 elric KEYTYPE_NULL = ETYPE_NULL, 302 1.1 elric KEYTYPE_DES = ETYPE_DES_CBC_CRC, 303 1.1 elric KEYTYPE_DES3 = ETYPE_OLD_DES3_CBC_SHA1, 304 1.1 elric KEYTYPE_AES128 = ETYPE_AES128_CTS_HMAC_SHA1_96, 305 1.1 elric KEYTYPE_AES256 = ETYPE_AES256_CTS_HMAC_SHA1_96, 306 1.1 elric KEYTYPE_ARCFOUR = ETYPE_ARCFOUR_HMAC_MD5, 307 1.1 elric KEYTYPE_ARCFOUR_56 = ETYPE_ARCFOUR_HMAC_MD5_56 308 1.1 elric } krb5_keytype; 309 1.1 elric 310 1.1 elric typedef EncryptionKey krb5_keyblock; 311 1.1 elric 312 1.1 elric typedef AP_REQ krb5_ap_req; 313 1.1 elric 314 1.1 elric struct krb5_cc_ops; 315 1.1 elric 316 1.1 elric #ifdef _WIN32 317 1.1 elric #define KRB5_USE_PATH_TOKENS 1 318 1.1 elric #endif 319 1.1 elric 320 1.1 elric #ifdef KRB5_USE_PATH_TOKENS 321 1.1 elric #define KRB5_DEFAULT_CCFILE_ROOT "%{TEMP}/krb5cc_" 322 1.1 elric #else 323 1.1 elric #define KRB5_DEFAULT_CCFILE_ROOT "/tmp/krb5cc_" 324 1.1 elric #endif 325 1.1 elric 326 1.1 elric #define KRB5_DEFAULT_CCROOT "FILE:" KRB5_DEFAULT_CCFILE_ROOT 327 1.1 elric 328 1.1 elric #define KRB5_ACCEPT_NULL_ADDRESSES(C) \ 329 1.1 elric krb5_config_get_bool_default((C), NULL, TRUE, \ 330 1.1 elric "libdefaults", "accept_null_addresses", \ 331 1.1 elric NULL) 332 1.1 elric 333 1.1 elric typedef void *krb5_cc_cursor; 334 1.1 elric typedef struct krb5_cccol_cursor_data *krb5_cccol_cursor; 335 1.1 elric 336 1.1 elric typedef struct krb5_ccache_data { 337 1.1 elric const struct krb5_cc_ops *ops; 338 1.1 elric krb5_data data; 339 1.1 elric }krb5_ccache_data; 340 1.1 elric 341 1.1 elric typedef struct krb5_ccache_data *krb5_ccache; 342 1.1 elric 343 1.1 elric typedef struct krb5_context_data *krb5_context; 344 1.1 elric 345 1.1 elric typedef Realm krb5_realm; 346 1.1 elric typedef const char *krb5_const_realm; /* stupid language */ 347 1.1 elric 348 1.1 elric #define krb5_realm_length(r) strlen(r) 349 1.1 elric #define krb5_realm_data(r) (r) 350 1.1 elric 351 1.1 elric typedef Principal krb5_principal_data; 352 1.1 elric typedef struct Principal *krb5_principal; 353 1.1 elric typedef const struct Principal *krb5_const_principal; 354 1.1 elric typedef struct Principals *krb5_principals; 355 1.1 elric 356 1.1 elric typedef time_t krb5_deltat; 357 1.1 elric typedef time_t krb5_timestamp; 358 1.1 elric 359 1.1 elric typedef struct krb5_times { 360 1.1 elric krb5_timestamp authtime; 361 1.1 elric krb5_timestamp starttime; 362 1.1 elric krb5_timestamp endtime; 363 1.1 elric krb5_timestamp renew_till; 364 1.1 elric } krb5_times; 365 1.1 elric 366 1.1 elric typedef union { 367 1.1 elric TicketFlags b; 368 1.1 elric krb5_flags i; 369 1.1 elric } krb5_ticket_flags; 370 1.1 elric 371 1.1 elric /* options for krb5_get_in_tkt() */ 372 1.1 elric #define KDC_OPT_FORWARDABLE (1 << 1) 373 1.1 elric #define KDC_OPT_FORWARDED (1 << 2) 374 1.1 elric #define KDC_OPT_PROXIABLE (1 << 3) 375 1.1 elric #define KDC_OPT_PROXY (1 << 4) 376 1.1 elric #define KDC_OPT_ALLOW_POSTDATE (1 << 5) 377 1.1 elric #define KDC_OPT_POSTDATED (1 << 6) 378 1.1 elric #define KDC_OPT_RENEWABLE (1 << 8) 379 1.1 elric #define KDC_OPT_REQUEST_ANONYMOUS (1 << 14) 380 1.1 elric #define KDC_OPT_DISABLE_TRANSITED_CHECK (1 << 26) 381 1.1 elric #define KDC_OPT_RENEWABLE_OK (1 << 27) 382 1.1 elric #define KDC_OPT_ENC_TKT_IN_SKEY (1 << 28) 383 1.1 elric #define KDC_OPT_RENEW (1 << 30) 384 1.1 elric #define KDC_OPT_VALIDATE (1 << 31) 385 1.1 elric 386 1.1 elric typedef union { 387 1.1 elric KDCOptions b; 388 1.1 elric krb5_flags i; 389 1.1 elric } krb5_kdc_flags; 390 1.1 elric 391 1.1 elric /* flags for krb5_verify_ap_req */ 392 1.1 elric 393 1.1 elric #define KRB5_VERIFY_AP_REQ_IGNORE_INVALID (1 << 0) 394 1.1 elric 395 1.1 elric #define KRB5_GC_CACHED (1U << 0) 396 1.1 elric #define KRB5_GC_USER_USER (1U << 1) 397 1.1 elric #define KRB5_GC_EXPIRED_OK (1U << 2) 398 1.1 elric #define KRB5_GC_NO_STORE (1U << 3) 399 1.1 elric #define KRB5_GC_FORWARDABLE (1U << 4) 400 1.1 elric #define KRB5_GC_NO_TRANSIT_CHECK (1U << 5) 401 1.1 elric #define KRB5_GC_CONSTRAINED_DELEGATION (1U << 6) 402 1.1 elric #define KRB5_GC_CANONICALIZE (1U << 7) 403 1.1 elric 404 1.1 elric /* constants for compare_creds (and cc_retrieve_cred) */ 405 1.1 elric #define KRB5_TC_DONT_MATCH_REALM (1U << 31) 406 1.1 elric #define KRB5_TC_MATCH_KEYTYPE (1U << 30) 407 1.1 elric #define KRB5_TC_MATCH_KTYPE KRB5_TC_MATCH_KEYTYPE /* MIT name */ 408 1.1 elric #define KRB5_TC_MATCH_SRV_NAMEONLY (1 << 29) 409 1.1 elric #define KRB5_TC_MATCH_FLAGS_EXACT (1 << 28) 410 1.1 elric #define KRB5_TC_MATCH_FLAGS (1 << 27) 411 1.1 elric #define KRB5_TC_MATCH_TIMES_EXACT (1 << 26) 412 1.1 elric #define KRB5_TC_MATCH_TIMES (1 << 25) 413 1.1 elric #define KRB5_TC_MATCH_AUTHDATA (1 << 24) 414 1.1 elric #define KRB5_TC_MATCH_2ND_TKT (1 << 23) 415 1.1 elric #define KRB5_TC_MATCH_IS_SKEY (1 << 22) 416 1.1 elric 417 1.1 elric /* constants for get_flags and set_flags */ 418 1.1 elric #define KRB5_TC_OPENCLOSE 0x00000001 419 1.1 elric #define KRB5_TC_NOTICKET 0x00000002 420 1.1 elric 421 1.1 elric typedef AuthorizationData krb5_authdata; 422 1.1 elric 423 1.1 elric typedef KRB_ERROR krb5_error; 424 1.1 elric 425 1.1 elric typedef struct krb5_creds { 426 1.1 elric krb5_principal client; 427 1.1 elric krb5_principal server; 428 1.1 elric krb5_keyblock session; 429 1.1 elric krb5_times times; 430 1.1 elric krb5_data ticket; 431 1.1 elric krb5_data second_ticket; 432 1.1 elric krb5_authdata authdata; 433 1.1 elric krb5_addresses addresses; 434 1.1 elric krb5_ticket_flags flags; 435 1.1 elric } krb5_creds; 436 1.1 elric 437 1.1 elric typedef struct krb5_cc_cache_cursor_data *krb5_cc_cache_cursor; 438 1.1 elric 439 1.1 elric #define KRB5_CC_OPS_VERSION 3 440 1.1 elric 441 1.1 elric typedef struct krb5_cc_ops { 442 1.1 elric int version; 443 1.1 elric const char *prefix; 444 1.1 elric const char* (KRB5_CALLCONV * get_name)(krb5_context, krb5_ccache); 445 1.1 elric krb5_error_code (KRB5_CALLCONV * resolve)(krb5_context, krb5_ccache *, const char *); 446 1.1 elric krb5_error_code (KRB5_CALLCONV * gen_new)(krb5_context, krb5_ccache *); 447 1.1 elric krb5_error_code (KRB5_CALLCONV * init)(krb5_context, krb5_ccache, krb5_principal); 448 1.1 elric krb5_error_code (KRB5_CALLCONV * destroy)(krb5_context, krb5_ccache); 449 1.1 elric krb5_error_code (KRB5_CALLCONV * close)(krb5_context, krb5_ccache); 450 1.1 elric krb5_error_code (KRB5_CALLCONV * store)(krb5_context, krb5_ccache, krb5_creds*); 451 1.1 elric krb5_error_code (KRB5_CALLCONV * retrieve)(krb5_context, krb5_ccache, 452 1.1 elric krb5_flags, const krb5_creds*, krb5_creds *); 453 1.1 elric krb5_error_code (KRB5_CALLCONV * get_princ)(krb5_context, krb5_ccache, krb5_principal*); 454 1.1 elric krb5_error_code (KRB5_CALLCONV * get_first)(krb5_context, krb5_ccache, krb5_cc_cursor *); 455 1.1 elric krb5_error_code (KRB5_CALLCONV * get_next)(krb5_context, krb5_ccache, 456 1.1 elric krb5_cc_cursor*, krb5_creds*); 457 1.1 elric krb5_error_code (KRB5_CALLCONV * end_get)(krb5_context, krb5_ccache, krb5_cc_cursor*); 458 1.1 elric krb5_error_code (KRB5_CALLCONV * remove_cred)(krb5_context, krb5_ccache, 459 1.1 elric krb5_flags, krb5_creds*); 460 1.1 elric krb5_error_code (KRB5_CALLCONV * set_flags)(krb5_context, krb5_ccache, krb5_flags); 461 1.1 elric int (KRB5_CALLCONV * get_version)(krb5_context, krb5_ccache); 462 1.1 elric krb5_error_code (KRB5_CALLCONV * get_cache_first)(krb5_context, krb5_cc_cursor *); 463 1.1 elric krb5_error_code (KRB5_CALLCONV * get_cache_next)(krb5_context, krb5_cc_cursor, 464 1.1 elric krb5_ccache *); 465 1.1 elric krb5_error_code (KRB5_CALLCONV * end_cache_get)(krb5_context, krb5_cc_cursor); 466 1.1 elric krb5_error_code (KRB5_CALLCONV * move)(krb5_context, krb5_ccache, krb5_ccache); 467 1.1 elric krb5_error_code (KRB5_CALLCONV * get_default_name)(krb5_context, char **); 468 1.1 elric krb5_error_code (KRB5_CALLCONV * set_default)(krb5_context, krb5_ccache); 469 1.1 elric krb5_error_code (KRB5_CALLCONV * lastchange)(krb5_context, krb5_ccache, krb5_timestamp *); 470 1.1 elric krb5_error_code (KRB5_CALLCONV * set_kdc_offset)(krb5_context, krb5_ccache, krb5_deltat); 471 1.1 elric krb5_error_code (KRB5_CALLCONV * get_kdc_offset)(krb5_context, krb5_ccache, krb5_deltat *); 472 1.1 elric } krb5_cc_ops; 473 1.1 elric 474 1.1 elric struct krb5_log_facility; 475 1.1 elric 476 1.1 elric struct krb5_config_binding { 477 1.1 elric enum { krb5_config_string, krb5_config_list } type; 478 1.1 elric char *name; 479 1.1 elric struct krb5_config_binding *next; 480 1.1 elric union { 481 1.1 elric char *string; 482 1.1 elric struct krb5_config_binding *list; 483 1.1 elric void *generic; 484 1.1 elric } u; 485 1.1 elric }; 486 1.1 elric 487 1.1 elric typedef struct krb5_config_binding krb5_config_binding; 488 1.1 elric 489 1.1 elric typedef krb5_config_binding krb5_config_section; 490 1.1 elric 491 1.1 elric typedef struct krb5_ticket { 492 1.1 elric EncTicketPart ticket; 493 1.1 elric krb5_principal client; 494 1.1 elric krb5_principal server; 495 1.1 elric } krb5_ticket; 496 1.1 elric 497 1.1 elric typedef Authenticator krb5_authenticator_data; 498 1.1 elric 499 1.1 elric typedef krb5_authenticator_data *krb5_authenticator; 500 1.1 elric 501 1.1 elric struct krb5_rcache_data; 502 1.1 elric typedef struct krb5_rcache_data *krb5_rcache; 503 1.1 elric typedef Authenticator krb5_donot_replay; 504 1.1 elric 505 1.1 elric #define KRB5_STORAGE_HOST_BYTEORDER 0x01 /* old */ 506 1.1 elric #define KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS 0x02 507 1.1 elric #define KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE 0x04 508 1.1 elric #define KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE 0x08 509 1.1 elric #define KRB5_STORAGE_BYTEORDER_MASK 0x60 510 1.1 elric #define KRB5_STORAGE_BYTEORDER_BE 0x00 /* default */ 511 1.1 elric #define KRB5_STORAGE_BYTEORDER_LE 0x20 512 1.1 elric #define KRB5_STORAGE_BYTEORDER_HOST 0x40 513 1.1 elric #define KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER 0x80 514 1.1 elric 515 1.1 elric struct krb5_storage_data; 516 1.1 elric typedef struct krb5_storage_data krb5_storage; 517 1.1 elric 518 1.1 elric typedef struct krb5_keytab_entry { 519 1.1 elric krb5_principal principal; 520 1.1 elric krb5_kvno vno; 521 1.1 elric krb5_keyblock keyblock; 522 1.1 elric uint32_t timestamp; 523 1.1 elric uint32_t flags; 524 1.1 elric krb5_principals aliases; 525 1.1 elric } krb5_keytab_entry; 526 1.1 elric 527 1.1 elric typedef struct krb5_kt_cursor { 528 1.1 elric int fd; 529 1.1 elric krb5_storage *sp; 530 1.1 elric void *data; 531 1.1 elric } krb5_kt_cursor; 532 1.1 elric 533 1.1 elric struct krb5_keytab_data; 534 1.1 elric 535 1.1 elric typedef struct krb5_keytab_data *krb5_keytab; 536 1.1 elric 537 1.1 elric #define KRB5_KT_PREFIX_MAX_LEN 30 538 1.1 elric 539 1.1 elric struct krb5_keytab_data { 540 1.1 elric const char *prefix; 541 1.1 elric krb5_error_code (KRB5_CALLCONV * resolve)(krb5_context, const char*, krb5_keytab); 542 1.1 elric krb5_error_code (KRB5_CALLCONV * get_name)(krb5_context, krb5_keytab, char*, size_t); 543 1.1 elric krb5_error_code (KRB5_CALLCONV * close)(krb5_context, krb5_keytab); 544 1.1 elric krb5_error_code (KRB5_CALLCONV * destroy)(krb5_context, krb5_keytab); 545 1.1 elric krb5_error_code (KRB5_CALLCONV * get)(krb5_context, krb5_keytab, krb5_const_principal, 546 1.1 elric krb5_kvno, krb5_enctype, krb5_keytab_entry*); 547 1.1 elric krb5_error_code (KRB5_CALLCONV * start_seq_get)(krb5_context, krb5_keytab, krb5_kt_cursor*); 548 1.1 elric krb5_error_code (KRB5_CALLCONV * next_entry)(krb5_context, krb5_keytab, 549 1.1 elric krb5_keytab_entry*, krb5_kt_cursor*); 550 1.1 elric krb5_error_code (KRB5_CALLCONV * end_seq_get)(krb5_context, krb5_keytab, krb5_kt_cursor*); 551 1.1 elric krb5_error_code (KRB5_CALLCONV * add)(krb5_context, krb5_keytab, krb5_keytab_entry*); 552 1.1 elric krb5_error_code (KRB5_CALLCONV * remove)(krb5_context, krb5_keytab, krb5_keytab_entry*); 553 1.1 elric void *data; 554 1.1 elric int32_t version; 555 1.1 elric }; 556 1.1 elric 557 1.1 elric typedef struct krb5_keytab_data krb5_kt_ops; 558 1.1 elric 559 1.1 elric struct krb5_keytab_key_proc_args { 560 1.1 elric krb5_keytab keytab; 561 1.1 elric krb5_principal principal; 562 1.1 elric }; 563 1.1 elric 564 1.1 elric typedef struct krb5_keytab_key_proc_args krb5_keytab_key_proc_args; 565 1.1 elric 566 1.1 elric typedef struct krb5_replay_data { 567 1.1 elric krb5_timestamp timestamp; 568 1.1 elric int32_t usec; 569 1.1 elric uint32_t seq; 570 1.1 elric } krb5_replay_data; 571 1.1 elric 572 1.1 elric /* flags for krb5_auth_con_setflags */ 573 1.1 elric enum { 574 1.1 elric KRB5_AUTH_CONTEXT_DO_TIME = 1, 575 1.1 elric KRB5_AUTH_CONTEXT_RET_TIME = 2, 576 1.1 elric KRB5_AUTH_CONTEXT_DO_SEQUENCE = 4, 577 1.1 elric KRB5_AUTH_CONTEXT_RET_SEQUENCE = 8, 578 1.1 elric KRB5_AUTH_CONTEXT_PERMIT_ALL = 16, 579 1.1 elric KRB5_AUTH_CONTEXT_USE_SUBKEY = 32, 580 1.1 elric KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED = 64 581 1.1 elric }; 582 1.1 elric 583 1.1 elric /* flags for krb5_auth_con_genaddrs */ 584 1.1 elric enum { 585 1.1 elric KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR = 1, 586 1.1 elric KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR = 3, 587 1.1 elric KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR = 4, 588 1.1 elric KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR = 12 589 1.1 elric }; 590 1.1 elric 591 1.1 elric typedef struct krb5_auth_context_data { 592 1.1 elric unsigned int flags; 593 1.1 elric 594 1.1 elric krb5_address *local_address; 595 1.1 elric krb5_address *remote_address; 596 1.1 elric int16_t local_port; 597 1.1 elric int16_t remote_port; 598 1.1 elric krb5_keyblock *keyblock; 599 1.1 elric krb5_keyblock *local_subkey; 600 1.1 elric krb5_keyblock *remote_subkey; 601 1.1 elric 602 1.1 elric uint32_t local_seqnumber; 603 1.1 elric uint32_t remote_seqnumber; 604 1.1 elric 605 1.1 elric krb5_authenticator authenticator; 606 1.1 elric 607 1.1 elric krb5_pointer i_vector; 608 1.1 elric 609 1.1 elric krb5_rcache rcache; 610 1.1 elric 611 1.1 elric krb5_keytype keytype; /* requested key type ? */ 612 1.1 elric krb5_cksumtype cksumtype; /* requested checksum type! */ 613 1.1 elric 614 1.1 elric }krb5_auth_context_data, *krb5_auth_context; 615 1.1 elric 616 1.1 elric typedef struct { 617 1.1 elric KDC_REP kdc_rep; 618 1.1 elric EncKDCRepPart enc_part; 619 1.1 elric KRB_ERROR error; 620 1.1 elric } krb5_kdc_rep; 621 1.1 elric 622 1.1 elric extern const char *heimdal_version, *heimdal_long_version; 623 1.1 elric 624 1.1 elric typedef void (KRB5_CALLCONV * krb5_log_log_func_t)(const char*, const char*, void*); 625 1.1 elric typedef void (KRB5_CALLCONV * krb5_log_close_func_t)(void*); 626 1.1 elric 627 1.1 elric typedef struct krb5_log_facility { 628 1.1 elric char *program; 629 1.1 elric int len; 630 1.1 elric struct facility *val; 631 1.1 elric } krb5_log_facility; 632 1.1 elric 633 1.1 elric typedef EncAPRepPart krb5_ap_rep_enc_part; 634 1.1 elric 635 1.1 elric #define KRB5_RECVAUTH_IGNORE_VERSION 1 636 1.1 elric 637 1.1 elric #define KRB5_SENDAUTH_VERSION "KRB5_SENDAUTH_V1.0" 638 1.1 elric 639 1.1 elric #define KRB5_TGS_NAME_SIZE (6) 640 1.1 elric #define KRB5_TGS_NAME ("krbtgt") 641 1.1 elric #define KRB5_WELLKNOWN_NAME ("WELLKNOWN") 642 1.1 elric #define KRB5_ANON_NAME ("ANONYMOUS") 643 1.1 elric #define KRB5_DIGEST_NAME ("digest") 644 1.1 elric 645 1.1 elric typedef enum { 646 1.1 elric KRB5_PROMPT_TYPE_PASSWORD = 0x1, 647 1.1 elric KRB5_PROMPT_TYPE_NEW_PASSWORD = 0x2, 648 1.1 elric KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN = 0x3, 649 1.1 elric KRB5_PROMPT_TYPE_PREAUTH = 0x4, 650 1.1 elric KRB5_PROMPT_TYPE_INFO = 0x5 651 1.1 elric } krb5_prompt_type; 652 1.1 elric 653 1.1 elric typedef struct _krb5_prompt { 654 1.1 elric const char *prompt; 655 1.1 elric int hidden; 656 1.1 elric krb5_data *reply; 657 1.1 elric krb5_prompt_type type; 658 1.1 elric } krb5_prompt; 659 1.1 elric 660 1.1 elric typedef int (KRB5_CALLCONV * krb5_prompter_fct)(krb5_context /*context*/, 661 1.1 elric void * /*data*/, 662 1.1 elric const char * /*name*/, 663 1.1 elric const char * /*banner*/, 664 1.1 elric int /*num_prompts*/, 665 1.1 elric krb5_prompt /*prompts*/[]); 666 1.1 elric typedef krb5_error_code (KRB5_CALLCONV * krb5_key_proc)(krb5_context /*context*/, 667 1.1 elric krb5_enctype /*type*/, 668 1.1 elric krb5_salt /*salt*/, 669 1.1 elric krb5_const_pointer /*keyseed*/, 670 1.1 elric krb5_keyblock ** /*key*/); 671 1.1 elric typedef krb5_error_code (KRB5_CALLCONV * krb5_decrypt_proc)(krb5_context /*context*/, 672 1.1 elric krb5_keyblock * /*key*/, 673 1.1 elric krb5_key_usage /*usage*/, 674 1.1 elric krb5_const_pointer /*decrypt_arg*/, 675 1.1 elric krb5_kdc_rep * /*dec_rep*/); 676 1.1 elric typedef krb5_error_code (KRB5_CALLCONV * krb5_s2k_proc)(krb5_context /*context*/, 677 1.1 elric krb5_enctype /*type*/, 678 1.1 elric krb5_const_pointer /*keyseed*/, 679 1.1 elric krb5_salt /*salt*/, 680 1.1 elric krb5_data * /*s2kparms*/, 681 1.1 elric krb5_keyblock ** /*key*/); 682 1.1 elric 683 1.1 elric struct _krb5_get_init_creds_opt_private; 684 1.1 elric 685 1.1 elric struct _krb5_get_init_creds_opt { 686 1.1 elric krb5_flags flags; 687 1.1 elric krb5_deltat tkt_life; 688 1.1 elric krb5_deltat renew_life; 689 1.1 elric int forwardable; 690 1.1 elric int proxiable; 691 1.1 elric int anonymous; 692 1.1 elric krb5_enctype *etype_list; 693 1.1 elric int etype_list_length; 694 1.1 elric krb5_addresses *address_list; 695 1.1 elric /* XXX the next three should not be used, as they may be 696 1.1 elric removed later */ 697 1.1 elric krb5_preauthtype *preauth_list; 698 1.1 elric int preauth_list_length; 699 1.1 elric krb5_data *salt; 700 1.1 elric struct _krb5_get_init_creds_opt_private *opt_private; 701 1.1 elric }; 702 1.1 elric 703 1.1 elric typedef struct _krb5_get_init_creds_opt krb5_get_init_creds_opt; 704 1.1 elric 705 1.1 elric #define KRB5_GET_INIT_CREDS_OPT_TKT_LIFE 0x0001 706 1.1 elric #define KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE 0x0002 707 1.1 elric #define KRB5_GET_INIT_CREDS_OPT_FORWARDABLE 0x0004 708 1.1 elric #define KRB5_GET_INIT_CREDS_OPT_PROXIABLE 0x0008 709 1.1 elric #define KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST 0x0010 710 1.1 elric #define KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST 0x0020 711 1.1 elric #define KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST 0x0040 712 1.1 elric #define KRB5_GET_INIT_CREDS_OPT_SALT 0x0080 /* no supported */ 713 1.1 elric #define KRB5_GET_INIT_CREDS_OPT_ANONYMOUS 0x0100 714 1.1 elric #define KRB5_GET_INIT_CREDS_OPT_DISABLE_TRANSITED_CHECK 0x0200 715 1.1 elric 716 1.1 elric /* krb5_init_creds_step flags argument */ 717 1.1 elric #define KRB5_INIT_CREDS_STEP_FLAG_CONTINUE 0x0001 718 1.1 elric 719 1.1 elric typedef struct _krb5_verify_init_creds_opt { 720 1.1 elric krb5_flags flags; 721 1.1 elric int ap_req_nofail; 722 1.1 elric } krb5_verify_init_creds_opt; 723 1.1 elric 724 1.1 elric #define KRB5_VERIFY_INIT_CREDS_OPT_AP_REQ_NOFAIL 0x0001 725 1.1 elric 726 1.1 elric typedef struct krb5_verify_opt { 727 1.1 elric unsigned int flags; 728 1.1 elric krb5_ccache ccache; 729 1.1 elric krb5_keytab keytab; 730 1.1 elric krb5_boolean secure; 731 1.1 elric const char *service; 732 1.1 elric } krb5_verify_opt; 733 1.1 elric 734 1.1 elric #define KRB5_VERIFY_LREALMS 1 735 1.1 elric #define KRB5_VERIFY_NO_ADDRESSES 2 736 1.1 elric 737 1.1 elric #define KRB5_KPASSWD_VERS_CHANGEPW 1 738 1.1 elric #define KRB5_KPASSWD_VERS_SETPW 0xff80 739 1.1 elric 740 1.1 elric #define KRB5_KPASSWD_SUCCESS 0 741 1.1 elric #define KRB5_KPASSWD_MALFORMED 1 742 1.1 elric #define KRB5_KPASSWD_HARDERROR 2 743 1.1 elric #define KRB5_KPASSWD_AUTHERROR 3 744 1.1 elric #define KRB5_KPASSWD_SOFTERROR 4 745 1.1 elric #define KRB5_KPASSWD_ACCESSDENIED 5 746 1.1 elric #define KRB5_KPASSWD_BAD_VERSION 6 747 1.1 elric #define KRB5_KPASSWD_INITIAL_FLAG_NEEDED 7 748 1.1 elric 749 1.1 elric #define KPASSWD_PORT 464 750 1.1 elric 751 1.1 elric /* types for the new krbhst interface */ 752 1.1 elric struct krb5_krbhst_data; 753 1.1 elric typedef struct krb5_krbhst_data *krb5_krbhst_handle; 754 1.1 elric 755 1.1 elric #define KRB5_KRBHST_KDC 1 756 1.1 elric #define KRB5_KRBHST_ADMIN 2 757 1.1 elric #define KRB5_KRBHST_CHANGEPW 3 758 1.1 elric #define KRB5_KRBHST_KRB524 4 759 1.1 elric #define KRB5_KRBHST_KCA 5 760 1.1 elric 761 1.1 elric typedef struct krb5_krbhst_info { 762 1.1 elric enum { KRB5_KRBHST_UDP, 763 1.1 elric KRB5_KRBHST_TCP, 764 1.1 elric KRB5_KRBHST_HTTP } proto; 765 1.1 elric unsigned short port; 766 1.1 elric unsigned short def_port; 767 1.1 elric struct addrinfo *ai; 768 1.1 elric struct krb5_krbhst_info *next; 769 1.1 elric char hostname[1]; /* has to come last */ 770 1.1 elric } krb5_krbhst_info; 771 1.1 elric 772 1.1 elric /* flags for krb5_krbhst_init_flags (and krb5_send_to_kdc_flags) */ 773 1.1 elric enum { 774 1.1 elric KRB5_KRBHST_FLAGS_MASTER = 1, 775 1.1 elric KRB5_KRBHST_FLAGS_LARGE_MSG = 2 776 1.1 elric }; 777 1.1 elric 778 1.1 elric typedef krb5_error_code 779 1.1 elric (KRB5_CALLCONV * krb5_send_to_kdc_func)(krb5_context, void *, krb5_krbhst_info *, time_t, 780 1.1 elric const krb5_data *, krb5_data *); 781 1.1 elric 782 1.1 elric /** flags for krb5_parse_name_flags */ 783 1.1 elric enum { 784 1.1 elric KRB5_PRINCIPAL_PARSE_NO_REALM = 1, /**< Require that there are no realm */ 785 1.1 elric KRB5_PRINCIPAL_PARSE_REQUIRE_REALM = 2, /**< Require a realm present */ 786 1.1 elric KRB5_PRINCIPAL_PARSE_ENTERPRISE = 4 /**< Parse as a NT-ENTERPRISE name */ 787 1.1 elric }; 788 1.1 elric 789 1.1 elric /** flags for krb5_unparse_name_flags */ 790 1.1 elric enum { 791 1.1 elric KRB5_PRINCIPAL_UNPARSE_SHORT = 1, /**< No realm if it is the default realm */ 792 1.1 elric KRB5_PRINCIPAL_UNPARSE_NO_REALM = 2, /**< No realm */ 793 1.1 elric KRB5_PRINCIPAL_UNPARSE_DISPLAY = 4 /**< No quoting */ 794 1.1 elric }; 795 1.1 elric 796 1.1 elric typedef struct krb5_sendto_ctx_data *krb5_sendto_ctx; 797 1.1 elric 798 1.1 elric #define KRB5_SENDTO_DONE 0 799 1.1 elric #define KRB5_SENDTO_RESTART 1 800 1.1 elric #define KRB5_SENDTO_CONTINUE 2 801 1.1 elric 802 1.1 elric typedef krb5_error_code 803 1.1 elric (KRB5_CALLCONV * krb5_sendto_ctx_func)(krb5_context, krb5_sendto_ctx, void *, 804 1.1 elric const krb5_data *, int *); 805 1.1 elric 806 1.1 elric struct krb5_plugin; 807 1.1 elric enum krb5_plugin_type { 808 1.1 elric PLUGIN_TYPE_DATA = 1, 809 1.1 elric PLUGIN_TYPE_FUNC 810 1.1 elric }; 811 1.1 elric 812 1.1 elric struct credentials; /* this is to keep the compiler happy */ 813 1.1 elric struct getargs; 814 1.1 elric struct sockaddr; 815 1.1 elric 816 1.1 elric /** 817 1.1 elric * Semi private, not stable yet 818 1.1 elric */ 819 1.1 elric 820 1.1 elric typedef struct krb5_crypto_iov { 821 1.1 elric unsigned int flags; 822 1.1 elric /* ignored */ 823 1.1 elric #define KRB5_CRYPTO_TYPE_EMPTY 0 824 1.1 elric /* OUT krb5_crypto_length(KRB5_CRYPTO_TYPE_HEADER) */ 825 1.1 elric #define KRB5_CRYPTO_TYPE_HEADER 1 826 1.1 elric /* IN and OUT */ 827 1.1 elric #define KRB5_CRYPTO_TYPE_DATA 2 828 1.1 elric /* IN */ 829 1.1 elric #define KRB5_CRYPTO_TYPE_SIGN_ONLY 3 830 1.1 elric /* (only for encryption) OUT krb5_crypto_length(KRB5_CRYPTO_TYPE_TRAILER) */ 831 1.1 elric #define KRB5_CRYPTO_TYPE_PADDING 4 832 1.1 elric /* OUT krb5_crypto_length(KRB5_CRYPTO_TYPE_TRAILER) */ 833 1.1 elric #define KRB5_CRYPTO_TYPE_TRAILER 5 834 1.1 elric /* OUT krb5_crypto_length(KRB5_CRYPTO_TYPE_CHECKSUM) */ 835 1.1 elric #define KRB5_CRYPTO_TYPE_CHECKSUM 6 836 1.1 elric krb5_data data; 837 1.1 elric } krb5_crypto_iov; 838 1.1 elric 839 1.1 elric 840 1.1 elric /* Glue for MIT */ 841 1.1 elric 842 1.1 elric typedef struct { 843 1.1 elric int32_t lr_type; 844 1.1 elric krb5_timestamp value; 845 1.1 elric } krb5_last_req_entry; 846 1.1 elric 847 1.1 elric typedef krb5_error_code 848 1.1 elric (KRB5_CALLCONV * krb5_gic_process_last_req)(krb5_context, krb5_last_req_entry **, void *); 849 1.1 elric 850 1.1 elric /* 851 1.1 elric * 852 1.1 elric */ 853 1.1 elric 854 1.1 elric struct hx509_certs_data; 855 1.1 elric 856 1.1 elric #include <krb5/krb5-protos.h> 857 1.1 elric 858 1.1 elric /* variables */ 859 1.1 elric 860 1.1 elric extern KRB5_LIB_VARIABLE const char *krb5_config_file; 861 1.1 elric extern KRB5_LIB_VARIABLE const char *krb5_defkeyname; 862 1.1 elric 863 1.1 elric 864 1.1 elric extern KRB5_LIB_VARIABLE const krb5_cc_ops krb5_acc_ops; 865 1.1 elric extern KRB5_LIB_VARIABLE const krb5_cc_ops krb5_fcc_ops; 866 1.1 elric extern KRB5_LIB_VARIABLE const krb5_cc_ops krb5_mcc_ops; 867 1.1 elric extern KRB5_LIB_VARIABLE const krb5_cc_ops krb5_kcm_ops; 868 1.1 elric extern KRB5_LIB_VARIABLE const krb5_cc_ops krb5_akcm_ops; 869 1.1 elric extern KRB5_LIB_VARIABLE const krb5_cc_ops krb5_scc_ops; 870 1.1 elric 871 1.1 elric extern KRB5_LIB_VARIABLE const krb5_kt_ops krb5_fkt_ops; 872 1.1 elric extern KRB5_LIB_VARIABLE const krb5_kt_ops krb5_wrfkt_ops; 873 1.1 elric extern KRB5_LIB_VARIABLE const krb5_kt_ops krb5_javakt_ops; 874 1.1 elric extern KRB5_LIB_VARIABLE const krb5_kt_ops krb5_mkt_ops; 875 1.1 elric extern KRB5_LIB_VARIABLE const krb5_kt_ops krb5_akf_ops; 876 1.1 elric extern KRB5_LIB_VARIABLE const krb5_kt_ops krb5_any_ops; 877 1.1 elric 878 1.1 elric extern KRB5_LIB_VARIABLE const char *krb5_cc_type_api; 879 1.1 elric extern KRB5_LIB_VARIABLE const char *krb5_cc_type_file; 880 1.1 elric extern KRB5_LIB_VARIABLE const char *krb5_cc_type_memory; 881 1.1 elric extern KRB5_LIB_VARIABLE const char *krb5_cc_type_kcm; 882 1.1 elric extern KRB5_LIB_VARIABLE const char *krb5_cc_type_scc; 883 1.1 elric 884 1.1 elric #endif /* __KRB5_H__ */ 885 1.1 elric 886
Indexes created Sat Feb 28 05:31:39 UTC 2026