1 /* 2 * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska H�gskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * 3. Neither the name of the Institute nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 /* $Id: krb5.h,v 1.162 2000/01/02 00:19:24 assar Exp $ */ 35 36 #ifndef __KRB5_H__ 37 #define __KRB5_H__ 38 39 #include <time.h> 40 #include <krb5-types.h> 41 42 #include <des.h> 43 #include <asn1_err.h> 44 #include <krb5_err.h> 45 #include <heim_err.h> 46 47 #include <asn1.h> 48 49 /* simple constants */ 50 51 #ifndef TRUE 52 #define TRUE 1 53 #define FALSE 0 54 #endif 55 56 typedef int krb5_boolean; 57 58 typedef int32_t krb5_error_code; 59 60 typedef int krb5_kvno; 61 62 typedef u_int32_t krb5_flags; 63 64 typedef void *krb5_pointer; 65 typedef const void *krb5_const_pointer; 66 67 typedef octet_string krb5_data; 68 69 struct krb5_crypto_data; 70 typedef struct krb5_crypto_data *krb5_crypto; 71 72 typedef enum krb5_cksumtype { 73 CKSUMTYPE_NONE = 0, 74 CKSUMTYPE_CRC32 = 1, 75 CKSUMTYPE_RSA_MD4 = 2, 76 CKSUMTYPE_RSA_MD4_DES = 3, 77 CKSUMTYPE_DES_MAC = 4, 78 CKSUMTYPE_DES_MAC_K = 5, 79 CKSUMTYPE_RSA_MD4_DES_K = 6, 80 CKSUMTYPE_RSA_MD5 = 7, 81 CKSUMTYPE_RSA_MD5_DES = 8, 82 CKSUMTYPE_RSA_MD5_DES3 = 9, 83 /* CKSUMTYPE_SHA1 = 10,*/ 84 CKSUMTYPE_HMAC_SHA1_DES3 = 12, 85 CKSUMTYPE_SHA1 = 1000, /* correct value? */ 86 CKSUMTYPE_HMAC_MD5 = -138 /* unofficial microsoft number */ 87 } krb5_cksumtype; 88 89 90 typedef enum krb5_enctype { 91 ETYPE_NULL = 0, 92 ETYPE_DES_CBC_CRC = 1, 93 ETYPE_DES_CBC_MD4 = 2, 94 ETYPE_DES_CBC_MD5 = 3, 95 ETYPE_DES3_CBC_MD5 = 5, 96 ETYPE_OLD_DES3_CBC_SHA1 = 7, 97 ETYPE_SIGN_DSA_GENERATE = 8, 98 ETYPE_ENCRYPT_RSA_PRIV = 9, 99 ETYPE_ENCRYPT_RSA_PUB = 10, 100 ETYPE_DES3_CBC_SHA1 = 16, /* with key derivation */ 101 ETYPE_ARCFOUR_HMAC_MD5 = 23, 102 ETYPE_ARCFOUR_HMAC_MD5_56 = 24, 103 ETYPE_ENCTYPE_PK_CROSS = 48, 104 ETYPE_DES_CBC_NONE = 0x1000, 105 ETYPE_DES3_CBC_NONE = 0x1001 106 } krb5_enctype; 107 108 typedef enum krb5_preauthtype { 109 KRB5_PADATA_NONE = 0, 110 KRB5_PADATA_AP_REQ, 111 KRB5_PADATA_TGS_REQ = 1, 112 KRB5_PADATA_ENC_TIMESTAMP = 2, 113 KRB5_PADATA_ENC_SECURID 114 } krb5_preauthtype; 115 116 typedef enum krb5_key_usage { 117 KRB5_KU_PA_ENC_TIMESTAMP = 1, 118 /* AS-REQ PA-ENC-TIMESTAMP padata timestamp, encrypted with the 119 client key (section 5.4.1) */ 120 KRB5_KU_TICKET = 2, 121 /* AS-REP Ticket and TGS-REP Ticket (includes tgs session key or 122 application session key), encrypted with the service key 123 (section 5.4.2) */ 124 KRB5_KU_AS_REP_ENC_PART = 3, 125 /* AS-REP encrypted part (includes tgs session key or application 126 session key), encrypted with the client key (section 5.4.2) */ 127 KRB5_KU_TGS_REQ_AUTH_DAT_SESSION = 4, 128 /* TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the tgs 129 session key (section 5.4.1) */ 130 KRB5_KU_TGS_REQ_AUTH_DAT_SUBKEY = 5, 131 /* TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the tgs 132 authenticator subkey (section 5.4.1) */ 133 KRB5_KU_TGS_REQ_AUTH_CKSUM = 6, 134 /* TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator cksum, keyed 135 with the tgs session key (sections 5.3.2, 5.4.1) */ 136 KRB5_KU_TGS_REQ_AUTH = 7, 137 /* TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator (includes tgs 138 authenticator subkey), encrypted with the tgs session key 139 (section 5.3.2) */ 140 KRB5_KU_TGS_REP_ENC_PART_SESSION = 8, 141 /* TGS-REP encrypted part (includes application session key), 142 encrypted with the tgs session key (section 5.4.2) */ 143 KRB5_KU_TGS_REP_ENC_PART_SUB_KEY = 9, 144 /* TGS-REP encrypted part (includes application session key), 145 encrypted with the tgs authenticator subkey (section 5.4.2) */ 146 KRB5_KU_AP_REQ_AUTH_CKSUM = 10, 147 /* AP-REQ Authenticator cksum, keyed with the application session 148 key (section 5.3.2) */ 149 KRB5_KU_AP_REQ_AUTH = 11, 150 /* AP-REQ Authenticator (includes application authenticator 151 subkey), encrypted with the application session key (section 152 5.3.2) */ 153 KRB5_KU_AP_REQ_ENC_PART = 12, 154 /* AP-REP encrypted part (includes application session subkey), 155 encrypted with the application session key (section 5.5.2) */ 156 KRB5_KU_KRB_PRIV = 13, 157 /* KRB-PRIV encrypted part, encrypted with a key chosen by the 158 application (section 5.7.1) */ 159 KRB5_KU_KRB_CRED = 14, 160 /* KRB-CRED encrypted part, encrypted with a key chosen by the 161 application (section 5.8.1) */ 162 KRB5_KU_KRB_SAFE_CKSUM = 15, 163 /* KRB-SAFE cksum, keyed with a key chosen by the application 164 (section 5.6.1) */ 165 KRB5_KU_OTHER_ENCRYPTED = 16, 166 /* Data which is defined in some specification outside of 167 Kerberos to be encrypted using an RFC1510 encryption type. */ 168 KRB5_KU_OTHER_CKSUM = 17 169 /* Data which is defined in some specification outside of 170 Kerberos to be checksummed using an RFC1510 checksum type. */ 171 } krb5_key_usage; 172 173 typedef enum krb5_salttype { 174 KRB5_PW_SALT = pa_pw_salt, 175 KRB5_AFS3_SALT = pa_afs3_salt 176 }krb5_salttype; 177 178 typedef struct krb5_salt { 179 krb5_salttype salttype; 180 krb5_data saltvalue; 181 } krb5_salt; 182 183 typedef ETYPE_INFO krb5_preauthinfo; 184 185 typedef struct { 186 krb5_preauthtype type; 187 krb5_preauthinfo info; /* list of preauthinfo for this type */ 188 } krb5_preauthdata_entry; 189 190 typedef struct krb5_preauthdata { 191 unsigned len; 192 krb5_preauthdata_entry *val; 193 }krb5_preauthdata; 194 195 typedef enum krb5_address_type { 196 KRB5_ADDRESS_INET = 2, 197 KRB5_ADDRESS_INET6 = 24, 198 KRB5_ADDRESS_ADDRPORT = 256, 199 KRB5_ADDRESS_IPPORT = 257 200 } krb5_address_type; 201 202 enum { 203 AP_OPTS_USE_SESSION_KEY = 1, 204 AP_OPTS_MUTUAL_REQUIRED = 2 205 }; 206 207 typedef HostAddress krb5_address; 208 209 typedef HostAddresses krb5_addresses; 210 211 typedef enum krb5_keytype { 212 KEYTYPE_NULL = 0, 213 KEYTYPE_DES = 1, 214 KEYTYPE_DES3 = 7, 215 KEYTYPE_ARCFOUR = 23 216 } krb5_keytype; 217 218 typedef EncryptionKey krb5_keyblock; 219 220 typedef AP_REQ krb5_ap_req; 221 222 struct krb5_cc_ops; 223 224 #define KRB5_DEFAULT_CCROOT "FILE:/tmp/krb5cc_" 225 226 typedef void *krb5_cc_cursor; 227 228 typedef struct krb5_ccache_data { 229 const struct krb5_cc_ops *ops; 230 krb5_data data; 231 }krb5_ccache_data; 232 233 typedef struct krb5_ccache_data *krb5_ccache; 234 235 typedef struct krb5_context_data *krb5_context; 236 237 typedef Realm krb5_realm; 238 typedef const char *krb5_const_realm; /* stupid language */ 239 typedef Principal krb5_principal_data; 240 typedef struct Principal *krb5_principal; 241 typedef const struct Principal *krb5_const_principal; 242 243 typedef time_t krb5_deltat; 244 typedef time_t krb5_timestamp; 245 246 typedef struct krb5_times { 247 krb5_timestamp authtime; 248 krb5_timestamp starttime; 249 krb5_timestamp endtime; 250 krb5_timestamp renew_till; 251 } krb5_times; 252 253 typedef union { 254 TicketFlags b; 255 krb5_flags i; 256 } krb5_ticket_flags; 257 258 /* options for krb5_get_in_tkt() */ 259 #define KDC_OPT_FORWARDABLE (1 << 1) 260 #define KDC_OPT_FORWARDED (1 << 2) 261 #define KDC_OPT_PROXIABLE (1 << 3) 262 #define KDC_OPT_PROXY (1 << 4) 263 #define KDC_OPT_ALLOW_POSTDATE (1 << 5) 264 #define KDC_OPT_POSTDATED (1 << 6) 265 #define KDC_OPT_RENEWABLE (1 << 8) 266 #define KDC_OPT_REQUEST_ANONYMOUS (1 << 14) 267 #define KDC_OPT_DISABLE_TRANSITED_CHECK (1 << 26) 268 #define KDC_OPT_RENEWABLE_OK (1 << 27) 269 #define KDC_OPT_ENC_TKT_IN_SKEY (1 << 28) 270 #define KDC_OPT_RENEW (1 << 30) 271 #define KDC_OPT_VALIDATE (1 << 31) 272 273 typedef union { 274 KDCOptions b; 275 krb5_flags i; 276 } krb5_kdc_flags; 277 278 /* flags for krb5_verify_ap_req */ 279 280 #define KRB5_VERIFY_AP_REQ_IGNORE_INVALID (1 << 0) 281 282 #define KRB5_GC_CACHED 1 283 #define KRB5_GC_USER_USER 2 284 285 /* constants for compare_creds (and cc_retrieve_cred) */ 286 #define KRB5_TC_DONT_MATCH_REALM (1U << 31) 287 #define KRB5_TC_MATCH_KEYTYPE (1U << 30) 288 289 typedef AuthorizationData krb5_authdata; 290 291 typedef KRB_ERROR krb5_error; 292 293 typedef struct krb5_creds { 294 krb5_principal client; 295 krb5_principal server; 296 krb5_keyblock session; 297 krb5_times times; 298 krb5_data ticket; 299 krb5_data second_ticket; 300 krb5_authdata authdata; 301 krb5_addresses addresses; 302 krb5_ticket_flags flags; 303 } krb5_creds; 304 305 typedef struct krb5_cc_ops { 306 char *prefix; 307 char* (*get_name)(krb5_context, krb5_ccache); 308 krb5_error_code (*resolve)(krb5_context, krb5_ccache *, const char *); 309 krb5_error_code (*gen_new)(krb5_context, krb5_ccache *); 310 krb5_error_code (*init)(krb5_context, krb5_ccache, krb5_principal); 311 krb5_error_code (*destroy)(krb5_context, krb5_ccache); 312 krb5_error_code (*close)(krb5_context, krb5_ccache); 313 krb5_error_code (*store)(krb5_context, krb5_ccache, krb5_creds*); 314 krb5_error_code (*retrieve)(krb5_context, krb5_ccache, 315 krb5_flags, krb5_creds*, krb5_creds); 316 krb5_error_code (*get_princ)(krb5_context, krb5_ccache, krb5_principal*); 317 krb5_error_code (*get_first)(krb5_context, krb5_ccache, krb5_cc_cursor *); 318 krb5_error_code (*get_next)(krb5_context, krb5_ccache, 319 krb5_cc_cursor*, krb5_creds*); 320 krb5_error_code (*end_get)(krb5_context, krb5_ccache, krb5_cc_cursor*); 321 krb5_error_code (*remove_cred)(krb5_context, krb5_ccache, 322 krb5_flags, krb5_creds*); 323 krb5_error_code (*set_flags)(krb5_context, krb5_ccache, krb5_flags); 324 int (*get_version)(krb5_context, krb5_ccache); 325 } krb5_cc_ops; 326 327 struct krb5_log_facility; 328 329 struct krb5_config_binding { 330 enum { krb5_config_string, krb5_config_list } type; 331 char *name; 332 struct krb5_config_binding *next; 333 union { 334 char *string; 335 struct krb5_config_binding *list; 336 void *generic; 337 } u; 338 }; 339 340 typedef struct krb5_config_binding krb5_config_binding; 341 342 typedef krb5_config_binding krb5_config_section; 343 344 typedef struct krb5_context_data { 345 krb5_enctype *etypes; 346 krb5_enctype *etypes_des; 347 char **default_realms; 348 time_t max_skew; 349 time_t kdc_timeout; 350 unsigned max_retries; 351 int32_t kdc_sec_offset; 352 int32_t kdc_usec_offset; 353 krb5_config_section *cf; 354 struct et_list *et_list; 355 struct krb5_log_facility *warn_dest; 356 krb5_cc_ops *cc_ops; 357 int num_cc_ops; 358 const char *http_proxy; 359 const char *time_fmt; 360 krb5_boolean log_utc; 361 const char *default_keytab; 362 krb5_boolean use_admin_kdc; 363 krb5_addresses *extra_addresses; 364 krb5_boolean scan_interfaces; /* `ifconfig -a' */ 365 krb5_boolean srv_lookup; /* do SRV lookups */ 366 krb5_boolean srv_try_txt; /* try TXT records also */ 367 krb5_boolean srv_try_rfc2052; /* try RFC2052 compatible records */ 368 int32_t fcache_vno; /* create cache files w/ this 369 version */ 370 int num_kt_types; /* # of registered keytab types */ 371 struct krb5_keytab_data *kt_types; /* registered keytab types */ 372 } krb5_context_data; 373 374 enum { 375 KRB5_NT_UNKNOWN = 0, 376 KRB5_NT_PRINCIPAL = 1, 377 KRB5_NT_SRV_INST = 2, 378 KRB5_NT_SRV_HST = 3, 379 KRB5_NT_SRV_XHST = 4, 380 KRB5_NT_UID = 5 381 }; 382 383 384 typedef struct krb5_ticket { 385 EncTicketPart ticket; 386 krb5_principal client; 387 krb5_principal server; 388 } krb5_ticket; 389 390 typedef Authenticator krb5_authenticator_data; 391 392 typedef krb5_authenticator_data *krb5_authenticator; 393 394 struct krb5_rcache_data; 395 typedef struct krb5_rcache_data *krb5_rcache; 396 typedef Authenticator krb5_donot_reply; 397 398 #define KRB5_STORAGE_HOST_BYTEORDER 0x01 399 #define KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS 0x02 400 #define KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE 0x04 401 #define KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE 0x08 402 403 typedef struct krb5_storage { 404 void *data; 405 ssize_t (*fetch)(struct krb5_storage*, void*, size_t); 406 ssize_t (*store)(struct krb5_storage*, void*, size_t); 407 off_t (*seek)(struct krb5_storage*, off_t, int); 408 void (*free)(struct krb5_storage*); 409 krb5_flags flags; 410 } krb5_storage; 411 412 typedef struct krb5_keytab_entry { 413 krb5_principal principal; 414 krb5_kvno vno; 415 krb5_keyblock keyblock; 416 u_int32_t timestamp; 417 } krb5_keytab_entry; 418 419 typedef struct krb5_kt_cursor { 420 int fd; 421 krb5_storage *sp; 422 void *data; 423 } krb5_kt_cursor; 424 425 struct krb5_keytab_data; 426 427 typedef struct krb5_keytab_data *krb5_keytab; 428 429 struct krb5_keytab_data { 430 char *prefix; 431 krb5_error_code (*resolve)(krb5_context, const char*, krb5_keytab); 432 krb5_error_code (*get_name)(krb5_context, krb5_keytab, char*, size_t); 433 krb5_error_code (*close)(krb5_context, krb5_keytab); 434 krb5_error_code (*get)(krb5_context, krb5_keytab, krb5_const_principal, 435 krb5_kvno, krb5_enctype, krb5_keytab_entry*); 436 krb5_error_code (*start_seq_get)(krb5_context, krb5_keytab, krb5_kt_cursor*); 437 krb5_error_code (*next_entry)(krb5_context, krb5_keytab, 438 krb5_keytab_entry*, krb5_kt_cursor*); 439 krb5_error_code (*end_seq_get)(krb5_context, krb5_keytab, krb5_kt_cursor*); 440 krb5_error_code (*add)(krb5_context, krb5_keytab, krb5_keytab_entry*); 441 krb5_error_code (*remove)(krb5_context, krb5_keytab, krb5_keytab_entry*); 442 void *data; 443 int32_t version; 444 }; 445 446 typedef struct krb5_keytab_data krb5_kt_ops; 447 448 struct krb5_keytab_key_proc_args { 449 krb5_keytab keytab; 450 krb5_principal principal; 451 }; 452 453 typedef struct krb5_keytab_key_proc_args krb5_keytab_key_proc_args; 454 455 enum { 456 KRB5_AUTH_CONTEXT_DO_TIME = 1, 457 KRB5_AUTH_CONTEXT_RET_TIME = 2, 458 KRB5_AUTH_CONTEXT_DO_SEQUENCE = 4, 459 KRB5_AUTH_CONTEXT_RET_SEQUENCE = 8 460 }; 461 462 typedef struct krb5_auth_context_data { 463 unsigned int flags; 464 465 krb5_address *local_address; 466 krb5_address *remote_address; 467 int16_t local_port; 468 int16_t remote_port; 469 krb5_keyblock *keyblock; 470 krb5_keyblock *local_subkey; 471 krb5_keyblock *remote_subkey; 472 473 int32_t local_seqnumber; 474 int32_t remote_seqnumber; 475 476 krb5_authenticator authenticator; 477 478 krb5_pointer i_vector; 479 480 krb5_rcache rcache; 481 482 krb5_keytype keytype; /* �requested key type ? */ 483 krb5_cksumtype cksumtype; /* �requested checksum type! */ 484 485 }krb5_auth_context_data, *krb5_auth_context; 486 487 typedef struct { 488 KDC_REP kdc_rep; 489 EncKDCRepPart enc_part; 490 KRB_ERROR error; 491 } krb5_kdc_rep; 492 493 extern char *heimdal_version, *heimdal_long_version; 494 495 typedef void (*krb5_log_log_func_t)(const char*, const char*, void*); 496 typedef void (*krb5_log_close_func_t)(void*); 497 498 typedef struct krb5_log_facility { 499 const char *program; 500 int len; 501 struct facility *val; 502 } krb5_log_facility; 503 504 typedef EncAPRepPart krb5_ap_rep_enc_part; 505 506 #define KRB5_RECVAUTH_IGNORE_VERSION 1 507 508 #define KRB5_SENDAUTH_VERSION "KRB5_SENDAUTH_V1.0" 509 510 #define KRB5_TGS_NAME_SIZE (6) 511 #define KRB5_TGS_NAME ("krbtgt") 512 513 /* variables */ 514 515 extern const char krb5_config_file[]; 516 extern const char krb5_defkeyname[]; 517 518 typedef struct _krb5_prompt { 519 char *prompt; 520 int hidden; 521 krb5_data *reply; 522 } krb5_prompt; 523 524 typedef int (*krb5_prompter_fct)(krb5_context context, 525 void *data, 526 const char *banner, 527 int num_prompts, 528 krb5_prompt prompts[]); 529 530 typedef krb5_error_code (*krb5_key_proc)(krb5_context context, 531 krb5_enctype type, 532 krb5_salt salt, 533 krb5_const_pointer keyseed, 534 krb5_keyblock **key); 535 typedef krb5_error_code (*krb5_decrypt_proc)(krb5_context context, 536 krb5_keyblock *key, 537 krb5_key_usage usage, 538 krb5_const_pointer decrypt_arg, 539 krb5_kdc_rep *dec_rep); 540 541 542 typedef struct _krb5_get_init_creds_opt { 543 krb5_flags flags; 544 krb5_deltat tkt_life; 545 krb5_deltat renew_life; 546 int forwardable; 547 int proxiable; 548 krb5_enctype *etype_list; 549 int etype_list_length; 550 krb5_addresses *address_list; 551 #if 0 /* this is the MIT-way */ 552 krb5_address **address_list; 553 #endif 554 /* XXX the next three should not be used, as they may be 555 removed later */ 556 krb5_preauthtype *preauth_list; 557 int preauth_list_length; 558 krb5_data *salt; 559 } krb5_get_init_creds_opt; 560 561 #define KRB5_GET_INIT_CREDS_OPT_TKT_LIFE 0x0001 562 #define KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE 0x0002 563 #define KRB5_GET_INIT_CREDS_OPT_FORWARDABLE 0x0004 564 #define KRB5_GET_INIT_CREDS_OPT_PROXIABLE 0x0008 565 #define KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST 0x0010 566 #define KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST 0x0020 567 #define KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST 0x0040 568 #define KRB5_GET_INIT_CREDS_OPT_SALT 0x0080 569 570 typedef struct _krb5_verify_init_creds_opt { 571 krb5_flags flags; 572 int ap_req_nofail; 573 } krb5_verify_init_creds_opt; 574 575 #define KRB5_VERIFY_INIT_CREDS_OPT_AP_REQ_NOFAIL 0x0001 576 577 extern const krb5_cc_ops krb5_fcc_ops; 578 extern const krb5_cc_ops krb5_mcc_ops; 579 580 extern const krb5_kt_ops krb5_fkt_ops; 581 extern const krb5_kt_ops krb5_mkt_ops; 582 extern const krb5_kt_ops krb5_akf_ops; 583 584 #define KRB5_KPASSWD_SUCCESS 0 585 #define KRB5_KPASSWD_MALFORMED 0 586 #define KRB5_KPASSWD_HARDERROR 0 587 #define KRB5_KPASSWD_AUTHERROR 0 588 #define KRB5_KPASSWD_SOFTERROR 0 589 590 #define KPASSWD_PORT 464 591 592 struct credentials; /* this is to keep the compiler happy */ 593 struct getargs; 594 595 struct sockaddr; 596 597 #include <krb5-protos.h> 598 599 #endif /* __KRB5_H__ */ 600 601