1 /* 2 * Copyright (c) 1997 - 2000 Kungliga Tekniska H�gskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * 3. Neither the name of the Institute nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 /* $Id: krb5.h,v 1.164 2000/02/06 07:40:57 assar Exp $ */ 35 36 #ifndef __KRB5_H__ 37 #define __KRB5_H__ 38 39 #include <time.h> 40 #include <krb5-types.h> 41 42 #include <asn1_err.h> 43 #include <krb5_err.h> 44 #include <heim_err.h> 45 46 #include <asn1.h> 47 48 /* simple constants */ 49 50 #ifndef TRUE 51 #define TRUE 1 52 #define FALSE 0 53 #endif 54 55 typedef int krb5_boolean; 56 57 typedef int32_t krb5_error_code; 58 59 typedef int krb5_kvno; 60 61 typedef u_int32_t krb5_flags; 62 63 typedef void *krb5_pointer; 64 typedef const void *krb5_const_pointer; 65 66 typedef octet_string krb5_data; 67 68 struct krb5_crypto_data; 69 typedef struct krb5_crypto_data *krb5_crypto; 70 71 typedef enum krb5_cksumtype { 72 CKSUMTYPE_NONE = 0, 73 CKSUMTYPE_CRC32 = 1, 74 CKSUMTYPE_RSA_MD4 = 2, 75 CKSUMTYPE_RSA_MD4_DES = 3, 76 CKSUMTYPE_DES_MAC = 4, 77 CKSUMTYPE_DES_MAC_K = 5, 78 CKSUMTYPE_RSA_MD4_DES_K = 6, 79 CKSUMTYPE_RSA_MD5 = 7, 80 CKSUMTYPE_RSA_MD5_DES = 8, 81 CKSUMTYPE_RSA_MD5_DES3 = 9, 82 /* CKSUMTYPE_SHA1 = 10,*/ 83 CKSUMTYPE_HMAC_SHA1_DES3 = 12, 84 CKSUMTYPE_SHA1 = 1000, /* correct value? */ 85 CKSUMTYPE_HMAC_MD5 = -138, /* unofficial microsoft number */ 86 CKSUMTYPE_HMAC_MD5_ENC = -1138 /* even more unofficial */ 87 } krb5_cksumtype; 88 89 90 typedef enum krb5_enctype { 91 ETYPE_NULL = 0, 92 ETYPE_DES_CBC_CRC = 1, 93 ETYPE_DES_CBC_MD4 = 2, 94 ETYPE_DES_CBC_MD5 = 3, 95 ETYPE_DES3_CBC_MD5 = 5, 96 ETYPE_OLD_DES3_CBC_SHA1 = 7, 97 ETYPE_SIGN_DSA_GENERATE = 8, 98 ETYPE_ENCRYPT_RSA_PRIV = 9, 99 ETYPE_ENCRYPT_RSA_PUB = 10, 100 ETYPE_DES3_CBC_SHA1 = 16, /* with key derivation */ 101 ETYPE_ARCFOUR_HMAC_MD5 = 23, 102 ETYPE_ARCFOUR_HMAC_MD5_56 = 24, 103 ETYPE_ENCTYPE_PK_CROSS = 48, 104 ETYPE_DES_CBC_NONE = 0x1000, 105 ETYPE_DES3_CBC_NONE = 0x1001 106 } krb5_enctype; 107 108 typedef enum krb5_preauthtype { 109 KRB5_PADATA_NONE = 0, 110 KRB5_PADATA_AP_REQ, 111 KRB5_PADATA_TGS_REQ = 1, 112 KRB5_PADATA_ENC_TIMESTAMP = 2, 113 KRB5_PADATA_ENC_SECURID 114 } krb5_preauthtype; 115 116 typedef enum krb5_key_usage { 117 KRB5_KU_PA_ENC_TIMESTAMP = 1, 118 /* AS-REQ PA-ENC-TIMESTAMP padata timestamp, encrypted with the 119 client key (section 5.4.1) */ 120 KRB5_KU_TICKET = 2, 121 /* AS-REP Ticket and TGS-REP Ticket (includes tgs session key or 122 application session key), encrypted with the service key 123 (section 5.4.2) */ 124 KRB5_KU_AS_REP_ENC_PART = 3, 125 /* AS-REP encrypted part (includes tgs session key or application 126 session key), encrypted with the client key (section 5.4.2) */ 127 KRB5_KU_TGS_REQ_AUTH_DAT_SESSION = 4, 128 /* TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the tgs 129 session key (section 5.4.1) */ 130 KRB5_KU_TGS_REQ_AUTH_DAT_SUBKEY = 5, 131 /* TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the tgs 132 authenticator subkey (section 5.4.1) */ 133 KRB5_KU_TGS_REQ_AUTH_CKSUM = 6, 134 /* TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator cksum, keyed 135 with the tgs session key (sections 5.3.2, 5.4.1) */ 136 KRB5_KU_TGS_REQ_AUTH = 7, 137 /* TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator (includes tgs 138 authenticator subkey), encrypted with the tgs session key 139 (section 5.3.2) */ 140 KRB5_KU_TGS_REP_ENC_PART_SESSION = 8, 141 /* TGS-REP encrypted part (includes application session key), 142 encrypted with the tgs session key (section 5.4.2) */ 143 KRB5_KU_TGS_REP_ENC_PART_SUB_KEY = 9, 144 /* TGS-REP encrypted part (includes application session key), 145 encrypted with the tgs authenticator subkey (section 5.4.2) */ 146 KRB5_KU_AP_REQ_AUTH_CKSUM = 10, 147 /* AP-REQ Authenticator cksum, keyed with the application session 148 key (section 5.3.2) */ 149 KRB5_KU_AP_REQ_AUTH = 11, 150 /* AP-REQ Authenticator (includes application authenticator 151 subkey), encrypted with the application session key (section 152 5.3.2) */ 153 KRB5_KU_AP_REQ_ENC_PART = 12, 154 /* AP-REP encrypted part (includes application session subkey), 155 encrypted with the application session key (section 5.5.2) */ 156 KRB5_KU_KRB_PRIV = 13, 157 /* KRB-PRIV encrypted part, encrypted with a key chosen by the 158 application (section 5.7.1) */ 159 KRB5_KU_KRB_CRED = 14, 160 /* KRB-CRED encrypted part, encrypted with a key chosen by the 161 application (section 5.8.1) */ 162 KRB5_KU_KRB_SAFE_CKSUM = 15, 163 /* KRB-SAFE cksum, keyed with a key chosen by the application 164 (section 5.6.1) */ 165 KRB5_KU_OTHER_ENCRYPTED = 16, 166 /* Data which is defined in some specification outside of 167 Kerberos to be encrypted using an RFC1510 encryption type. */ 168 KRB5_KU_OTHER_CKSUM = 17 169 /* Data which is defined in some specification outside of 170 Kerberos to be checksummed using an RFC1510 checksum type. */ 171 } krb5_key_usage; 172 173 typedef enum krb5_salttype { 174 KRB5_PW_SALT = pa_pw_salt, 175 KRB5_AFS3_SALT = pa_afs3_salt 176 }krb5_salttype; 177 178 typedef struct krb5_salt { 179 krb5_salttype salttype; 180 krb5_data saltvalue; 181 } krb5_salt; 182 183 typedef ETYPE_INFO krb5_preauthinfo; 184 185 typedef struct { 186 krb5_preauthtype type; 187 krb5_preauthinfo info; /* list of preauthinfo for this type */ 188 } krb5_preauthdata_entry; 189 190 typedef struct krb5_preauthdata { 191 unsigned len; 192 krb5_preauthdata_entry *val; 193 }krb5_preauthdata; 194 195 typedef enum krb5_address_type { 196 KRB5_ADDRESS_INET = 2, 197 KRB5_ADDRESS_INET6 = 24, 198 KRB5_ADDRESS_ADDRPORT = 256, 199 KRB5_ADDRESS_IPPORT = 257 200 } krb5_address_type; 201 202 enum { 203 AP_OPTS_USE_SESSION_KEY = 1, 204 AP_OPTS_MUTUAL_REQUIRED = 2 205 }; 206 207 typedef HostAddress krb5_address; 208 209 typedef HostAddresses krb5_addresses; 210 211 typedef enum krb5_keytype { 212 KEYTYPE_NULL = 0, 213 KEYTYPE_DES = 1, 214 KEYTYPE_DES3 = 7, 215 KEYTYPE_ARCFOUR = 23 216 } krb5_keytype; 217 218 typedef EncryptionKey krb5_keyblock; 219 220 typedef AP_REQ krb5_ap_req; 221 222 struct krb5_cc_ops; 223 224 #define KRB5_DEFAULT_CCROOT "FILE:/tmp/krb5cc_" 225 226 typedef void *krb5_cc_cursor; 227 228 typedef struct krb5_ccache_data { 229 const struct krb5_cc_ops *ops; 230 krb5_data data; 231 }krb5_ccache_data; 232 233 typedef struct krb5_ccache_data *krb5_ccache; 234 235 typedef struct krb5_context_data *krb5_context; 236 237 typedef Realm krb5_realm; 238 typedef const char *krb5_const_realm; /* stupid language */ 239 240 #define krb5_realm_length(r) strlen(r) 241 #define krb5_realm_data(r) (r) 242 243 typedef Principal krb5_principal_data; 244 typedef struct Principal *krb5_principal; 245 typedef const struct Principal *krb5_const_principal; 246 247 typedef time_t krb5_deltat; 248 typedef time_t krb5_timestamp; 249 250 typedef struct krb5_times { 251 krb5_timestamp authtime; 252 krb5_timestamp starttime; 253 krb5_timestamp endtime; 254 krb5_timestamp renew_till; 255 } krb5_times; 256 257 typedef union { 258 TicketFlags b; 259 krb5_flags i; 260 } krb5_ticket_flags; 261 262 /* options for krb5_get_in_tkt() */ 263 #define KDC_OPT_FORWARDABLE (1 << 1) 264 #define KDC_OPT_FORWARDED (1 << 2) 265 #define KDC_OPT_PROXIABLE (1 << 3) 266 #define KDC_OPT_PROXY (1 << 4) 267 #define KDC_OPT_ALLOW_POSTDATE (1 << 5) 268 #define KDC_OPT_POSTDATED (1 << 6) 269 #define KDC_OPT_RENEWABLE (1 << 8) 270 #define KDC_OPT_REQUEST_ANONYMOUS (1 << 14) 271 #define KDC_OPT_DISABLE_TRANSITED_CHECK (1 << 26) 272 #define KDC_OPT_RENEWABLE_OK (1 << 27) 273 #define KDC_OPT_ENC_TKT_IN_SKEY (1 << 28) 274 #define KDC_OPT_RENEW (1 << 30) 275 #define KDC_OPT_VALIDATE (1 << 31) 276 277 typedef union { 278 KDCOptions b; 279 krb5_flags i; 280 } krb5_kdc_flags; 281 282 /* flags for krb5_verify_ap_req */ 283 284 #define KRB5_VERIFY_AP_REQ_IGNORE_INVALID (1 << 0) 285 286 #define KRB5_GC_CACHED 1 287 #define KRB5_GC_USER_USER 2 288 289 /* constants for compare_creds (and cc_retrieve_cred) */ 290 #define KRB5_TC_DONT_MATCH_REALM (1U << 31) 291 #define KRB5_TC_MATCH_KEYTYPE (1U << 30) 292 293 typedef AuthorizationData krb5_authdata; 294 295 typedef KRB_ERROR krb5_error; 296 297 typedef struct krb5_creds { 298 krb5_principal client; 299 krb5_principal server; 300 krb5_keyblock session; 301 krb5_times times; 302 krb5_data ticket; 303 krb5_data second_ticket; 304 krb5_authdata authdata; 305 krb5_addresses addresses; 306 krb5_ticket_flags flags; 307 } krb5_creds; 308 309 typedef struct krb5_cc_ops { 310 char *prefix; 311 char* (*get_name)(krb5_context, krb5_ccache); 312 krb5_error_code (*resolve)(krb5_context, krb5_ccache *, const char *); 313 krb5_error_code (*gen_new)(krb5_context, krb5_ccache *); 314 krb5_error_code (*init)(krb5_context, krb5_ccache, krb5_principal); 315 krb5_error_code (*destroy)(krb5_context, krb5_ccache); 316 krb5_error_code (*close)(krb5_context, krb5_ccache); 317 krb5_error_code (*store)(krb5_context, krb5_ccache, krb5_creds*); 318 krb5_error_code (*retrieve)(krb5_context, krb5_ccache, 319 krb5_flags, krb5_creds*, krb5_creds); 320 krb5_error_code (*get_princ)(krb5_context, krb5_ccache, krb5_principal*); 321 krb5_error_code (*get_first)(krb5_context, krb5_ccache, krb5_cc_cursor *); 322 krb5_error_code (*get_next)(krb5_context, krb5_ccache, 323 krb5_cc_cursor*, krb5_creds*); 324 krb5_error_code (*end_get)(krb5_context, krb5_ccache, krb5_cc_cursor*); 325 krb5_error_code (*remove_cred)(krb5_context, krb5_ccache, 326 krb5_flags, krb5_creds*); 327 krb5_error_code (*set_flags)(krb5_context, krb5_ccache, krb5_flags); 328 int (*get_version)(krb5_context, krb5_ccache); 329 } krb5_cc_ops; 330 331 struct krb5_log_facility; 332 333 struct krb5_config_binding { 334 enum { krb5_config_string, krb5_config_list } type; 335 char *name; 336 struct krb5_config_binding *next; 337 union { 338 char *string; 339 struct krb5_config_binding *list; 340 void *generic; 341 } u; 342 }; 343 344 typedef struct krb5_config_binding krb5_config_binding; 345 346 typedef krb5_config_binding krb5_config_section; 347 348 typedef struct krb5_context_data { 349 krb5_enctype *etypes; 350 krb5_enctype *etypes_des; 351 char **default_realms; 352 time_t max_skew; 353 time_t kdc_timeout; 354 unsigned max_retries; 355 int32_t kdc_sec_offset; 356 int32_t kdc_usec_offset; 357 krb5_config_section *cf; 358 struct et_list *et_list; 359 struct krb5_log_facility *warn_dest; 360 krb5_cc_ops *cc_ops; 361 int num_cc_ops; 362 const char *http_proxy; 363 const char *time_fmt; 364 krb5_boolean log_utc; 365 const char *default_keytab; 366 krb5_boolean use_admin_kdc; 367 krb5_addresses *extra_addresses; 368 krb5_boolean scan_interfaces; /* `ifconfig -a' */ 369 krb5_boolean srv_lookup; /* do SRV lookups */ 370 krb5_boolean srv_try_txt; /* try TXT records also */ 371 krb5_boolean srv_try_rfc2052; /* try RFC2052 compatible records */ 372 int32_t fcache_vno; /* create cache files w/ this 373 version */ 374 int num_kt_types; /* # of registered keytab types */ 375 struct krb5_keytab_data *kt_types; /* registered keytab types */ 376 } krb5_context_data; 377 378 enum { 379 KRB5_NT_UNKNOWN = 0, 380 KRB5_NT_PRINCIPAL = 1, 381 KRB5_NT_SRV_INST = 2, 382 KRB5_NT_SRV_HST = 3, 383 KRB5_NT_SRV_XHST = 4, 384 KRB5_NT_UID = 5 385 }; 386 387 388 typedef struct krb5_ticket { 389 EncTicketPart ticket; 390 krb5_principal client; 391 krb5_principal server; 392 } krb5_ticket; 393 394 typedef Authenticator krb5_authenticator_data; 395 396 typedef krb5_authenticator_data *krb5_authenticator; 397 398 struct krb5_rcache_data; 399 typedef struct krb5_rcache_data *krb5_rcache; 400 typedef Authenticator krb5_donot_reply; 401 402 #define KRB5_STORAGE_HOST_BYTEORDER 0x01 403 #define KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS 0x02 404 #define KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE 0x04 405 #define KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE 0x08 406 407 typedef struct krb5_storage { 408 void *data; 409 ssize_t (*fetch)(struct krb5_storage*, void*, size_t); 410 ssize_t (*store)(struct krb5_storage*, void*, size_t); 411 off_t (*seek)(struct krb5_storage*, off_t, int); 412 void (*free)(struct krb5_storage*); 413 krb5_flags flags; 414 } krb5_storage; 415 416 typedef struct krb5_keytab_entry { 417 krb5_principal principal; 418 krb5_kvno vno; 419 krb5_keyblock keyblock; 420 u_int32_t timestamp; 421 } krb5_keytab_entry; 422 423 typedef struct krb5_kt_cursor { 424 int fd; 425 krb5_storage *sp; 426 void *data; 427 } krb5_kt_cursor; 428 429 struct krb5_keytab_data; 430 431 typedef struct krb5_keytab_data *krb5_keytab; 432 433 struct krb5_keytab_data { 434 char *prefix; 435 krb5_error_code (*resolve)(krb5_context, const char*, krb5_keytab); 436 krb5_error_code (*get_name)(krb5_context, krb5_keytab, char*, size_t); 437 krb5_error_code (*close)(krb5_context, krb5_keytab); 438 krb5_error_code (*get)(krb5_context, krb5_keytab, krb5_const_principal, 439 krb5_kvno, krb5_enctype, krb5_keytab_entry*); 440 krb5_error_code (*start_seq_get)(krb5_context, krb5_keytab, krb5_kt_cursor*); 441 krb5_error_code (*next_entry)(krb5_context, krb5_keytab, 442 krb5_keytab_entry*, krb5_kt_cursor*); 443 krb5_error_code (*end_seq_get)(krb5_context, krb5_keytab, krb5_kt_cursor*); 444 krb5_error_code (*add)(krb5_context, krb5_keytab, krb5_keytab_entry*); 445 krb5_error_code (*remove)(krb5_context, krb5_keytab, krb5_keytab_entry*); 446 void *data; 447 int32_t version; 448 }; 449 450 typedef struct krb5_keytab_data krb5_kt_ops; 451 452 struct krb5_keytab_key_proc_args { 453 krb5_keytab keytab; 454 krb5_principal principal; 455 }; 456 457 typedef struct krb5_keytab_key_proc_args krb5_keytab_key_proc_args; 458 459 enum { 460 KRB5_AUTH_CONTEXT_DO_TIME = 1, 461 KRB5_AUTH_CONTEXT_RET_TIME = 2, 462 KRB5_AUTH_CONTEXT_DO_SEQUENCE = 4, 463 KRB5_AUTH_CONTEXT_RET_SEQUENCE = 8 464 }; 465 466 typedef struct krb5_auth_context_data { 467 unsigned int flags; 468 469 krb5_address *local_address; 470 krb5_address *remote_address; 471 int16_t local_port; 472 int16_t remote_port; 473 krb5_keyblock *keyblock; 474 krb5_keyblock *local_subkey; 475 krb5_keyblock *remote_subkey; 476 477 int32_t local_seqnumber; 478 int32_t remote_seqnumber; 479 480 krb5_authenticator authenticator; 481 482 krb5_pointer i_vector; 483 484 krb5_rcache rcache; 485 486 krb5_keytype keytype; /* �requested key type ? */ 487 krb5_cksumtype cksumtype; /* �requested checksum type! */ 488 489 }krb5_auth_context_data, *krb5_auth_context; 490 491 typedef struct { 492 KDC_REP kdc_rep; 493 EncKDCRepPart enc_part; 494 KRB_ERROR error; 495 } krb5_kdc_rep; 496 497 extern char *heimdal_version, *heimdal_long_version; 498 499 typedef void (*krb5_log_log_func_t)(const char*, const char*, void*); 500 typedef void (*krb5_log_close_func_t)(void*); 501 502 typedef struct krb5_log_facility { 503 const char *program; 504 int len; 505 struct facility *val; 506 } krb5_log_facility; 507 508 typedef EncAPRepPart krb5_ap_rep_enc_part; 509 510 #define KRB5_RECVAUTH_IGNORE_VERSION 1 511 512 #define KRB5_SENDAUTH_VERSION "KRB5_SENDAUTH_V1.0" 513 514 #define KRB5_TGS_NAME_SIZE (6) 515 #define KRB5_TGS_NAME ("krbtgt") 516 517 /* variables */ 518 519 extern const char krb5_config_file[]; 520 extern const char krb5_defkeyname[]; 521 522 typedef struct _krb5_prompt { 523 char *prompt; 524 int hidden; 525 krb5_data *reply; 526 } krb5_prompt; 527 528 typedef int (*krb5_prompter_fct)(krb5_context context, 529 void *data, 530 const char *banner, 531 int num_prompts, 532 krb5_prompt prompts[]); 533 534 typedef krb5_error_code (*krb5_key_proc)(krb5_context context, 535 krb5_enctype type, 536 krb5_salt salt, 537 krb5_const_pointer keyseed, 538 krb5_keyblock **key); 539 typedef krb5_error_code (*krb5_decrypt_proc)(krb5_context context, 540 krb5_keyblock *key, 541 krb5_key_usage usage, 542 krb5_const_pointer decrypt_arg, 543 krb5_kdc_rep *dec_rep); 544 545 546 typedef struct _krb5_get_init_creds_opt { 547 krb5_flags flags; 548 krb5_deltat tkt_life; 549 krb5_deltat renew_life; 550 int forwardable; 551 int proxiable; 552 krb5_enctype *etype_list; 553 int etype_list_length; 554 krb5_addresses *address_list; 555 #if 0 /* this is the MIT-way */ 556 krb5_address **address_list; 557 #endif 558 /* XXX the next three should not be used, as they may be 559 removed later */ 560 krb5_preauthtype *preauth_list; 561 int preauth_list_length; 562 krb5_data *salt; 563 } krb5_get_init_creds_opt; 564 565 #define KRB5_GET_INIT_CREDS_OPT_TKT_LIFE 0x0001 566 #define KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE 0x0002 567 #define KRB5_GET_INIT_CREDS_OPT_FORWARDABLE 0x0004 568 #define KRB5_GET_INIT_CREDS_OPT_PROXIABLE 0x0008 569 #define KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST 0x0010 570 #define KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST 0x0020 571 #define KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST 0x0040 572 #define KRB5_GET_INIT_CREDS_OPT_SALT 0x0080 573 574 typedef struct _krb5_verify_init_creds_opt { 575 krb5_flags flags; 576 int ap_req_nofail; 577 } krb5_verify_init_creds_opt; 578 579 #define KRB5_VERIFY_INIT_CREDS_OPT_AP_REQ_NOFAIL 0x0001 580 581 extern const krb5_cc_ops krb5_fcc_ops; 582 extern const krb5_cc_ops krb5_mcc_ops; 583 584 extern const krb5_kt_ops krb5_fkt_ops; 585 extern const krb5_kt_ops krb5_mkt_ops; 586 extern const krb5_kt_ops krb5_akf_ops; 587 588 #define KRB5_KPASSWD_SUCCESS 0 589 #define KRB5_KPASSWD_MALFORMED 0 590 #define KRB5_KPASSWD_HARDERROR 0 591 #define KRB5_KPASSWD_AUTHERROR 0 592 #define KRB5_KPASSWD_SOFTERROR 0 593 594 #define KPASSWD_PORT 464 595 596 struct credentials; /* this is to keep the compiler happy */ 597 struct getargs; 598 599 struct sockaddr; 600 601 #include <krb5-protos.h> 602 603 #endif /* __KRB5_H__ */ 604 605