1 /* 2 * Copyright (c) 2004 Kungliga Tekniska H�gskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * 3. Neither the name of the Institute nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 /* $Id: krb5_ccapi.h 22090 2007-12-02 23:23:43Z lha $ */ 35 36 #ifndef KRB5_CCAPI_H 37 #define KRB5_CCAPI_H 1 38 39 #include <krb5-types.h> 40 41 enum { 42 cc_credentials_v5 = 2 43 }; 44 45 enum { 46 ccapi_version_3 = 3, 47 ccapi_version_4 = 4 48 }; 49 50 enum { 51 ccNoError = 0, 52 53 ccIteratorEnd = 201, 54 ccErrBadParam, 55 ccErrNoMem, 56 ccErrInvalidContext, 57 ccErrInvalidCCache, 58 59 ccErrInvalidString, /* 206 */ 60 ccErrInvalidCredentials, 61 ccErrInvalidCCacheIterator, 62 ccErrInvalidCredentialsIterator, 63 ccErrInvalidLock, 64 65 ccErrBadName, /* 211 */ 66 ccErrBadCredentialsVersion, 67 ccErrBadAPIVersion, 68 ccErrContextLocked, 69 ccErrContextUnlocked, 70 71 ccErrCCacheLocked, /* 216 */ 72 ccErrCCacheUnlocked, 73 ccErrBadLockType, 74 ccErrNeverDefault, 75 ccErrCredentialsNotFound, 76 77 ccErrCCacheNotFound, /* 221 */ 78 ccErrContextNotFound, 79 ccErrServerUnavailable, 80 ccErrServerInsecure, 81 ccErrServerCantBecomeUID, 82 83 ccErrTimeOffsetNotSet /* 226 */ 84 }; 85 86 typedef int32_t cc_int32; 87 typedef uint32_t cc_uint32; 88 typedef struct cc_context_t *cc_context_t; 89 typedef struct cc_ccache_t *cc_ccache_t; 90 typedef struct cc_ccache_iterator_t *cc_ccache_iterator_t; 91 typedef struct cc_credentials_v5_t cc_credentials_v5_t; 92 typedef struct cc_credentials_t *cc_credentials_t; 93 typedef struct cc_credentials_iterator_t *cc_credentials_iterator_t; 94 typedef struct cc_string_t *cc_string_t; 95 typedef time_t cc_time_t; 96 97 typedef struct cc_data { 98 cc_uint32 type; 99 cc_uint32 length; 100 void *data; 101 } cc_data; 102 103 struct cc_credentials_v5_t { 104 char *client; 105 char *server; 106 cc_data keyblock; 107 cc_time_t authtime; 108 cc_time_t starttime; 109 cc_time_t endtime; 110 cc_time_t renew_till; 111 cc_uint32 is_skey; 112 cc_uint32 ticket_flags; 113 #define KRB5_CCAPI_TKT_FLG_FORWARDABLE 0x40000000 114 #define KRB5_CCAPI_TKT_FLG_FORWARDED 0x20000000 115 #define KRB5_CCAPI_TKT_FLG_PROXIABLE 0x10000000 116 #define KRB5_CCAPI_TKT_FLG_PROXY 0x08000000 117 #define KRB5_CCAPI_TKT_FLG_MAY_POSTDATE 0x04000000 118 #define KRB5_CCAPI_TKT_FLG_POSTDATED 0x02000000 119 #define KRB5_CCAPI_TKT_FLG_INVALID 0x01000000 120 #define KRB5_CCAPI_TKT_FLG_RENEWABLE 0x00800000 121 #define KRB5_CCAPI_TKT_FLG_INITIAL 0x00400000 122 #define KRB5_CCAPI_TKT_FLG_PRE_AUTH 0x00200000 123 #define KRB5_CCAPI_TKT_FLG_HW_AUTH 0x00100000 124 #define KRB5_CCAPI_TKT_FLG_TRANSIT_POLICY_CHECKED 0x00080000 125 #define KRB5_CCAPI_TKT_FLG_OK_AS_DELEGATE 0x00040000 126 #define KRB5_CCAPI_TKT_FLG_ANONYMOUS 0x00020000 127 cc_data **addresses; 128 cc_data ticket; 129 cc_data second_ticket; 130 cc_data **authdata; 131 }; 132 133 134 typedef struct cc_string_functions { 135 cc_int32 (*release)(cc_string_t); 136 } cc_string_functions; 137 138 struct cc_string_t { 139 const char *data; 140 const cc_string_functions *func; 141 }; 142 143 typedef struct cc_credentials_union { 144 cc_int32 version; 145 union { 146 cc_credentials_v5_t* credentials_v5; 147 } credentials; 148 } cc_credentials_union; 149 150 struct cc_credentials_functions { 151 cc_int32 (*release)(cc_credentials_t); 152 cc_int32 (*compare)(cc_credentials_t, cc_credentials_t, cc_uint32*); 153 }; 154 155 struct cc_credentials_t { 156 const cc_credentials_union* data; 157 const struct cc_credentials_functions* func; 158 }; 159 160 struct cc_credentials_iterator_functions { 161 cc_int32 (*release)(cc_credentials_iterator_t); 162 cc_int32 (*next)(cc_credentials_iterator_t, cc_credentials_t*); 163 }; 164 165 struct cc_credentials_iterator_t { 166 const struct cc_credentials_iterator_functions *func; 167 }; 168 169 struct cc_ccache_iterator_functions { 170 cc_int32 (*release) (cc_ccache_iterator_t); 171 cc_int32 (*next)(cc_ccache_iterator_t, cc_ccache_t*); 172 }; 173 174 struct cc_ccache_iterator_t { 175 const struct cc_ccache_iterator_functions* func; 176 }; 177 178 typedef struct cc_ccache_functions { 179 cc_int32 (*release)(cc_ccache_t); 180 cc_int32 (*destroy)(cc_ccache_t); 181 cc_int32 (*set_default)(cc_ccache_t); 182 cc_int32 (*get_credentials_version)(cc_ccache_t, cc_uint32*); 183 cc_int32 (*get_name)(cc_ccache_t, cc_string_t*); 184 cc_int32 (*get_principal)(cc_ccache_t, cc_uint32, cc_string_t*); 185 cc_int32 (*set_principal)(cc_ccache_t, cc_uint32, const char*); 186 cc_int32 (*store_credentials)(cc_ccache_t, const cc_credentials_union*); 187 cc_int32 (*remove_credentials)(cc_ccache_t, cc_credentials_t); 188 cc_int32 (*new_credentials_iterator)(cc_ccache_t, 189 cc_credentials_iterator_t*); 190 cc_int32 (*move)(cc_ccache_t, cc_ccache_t); 191 cc_int32 (*lock)(cc_ccache_t, cc_uint32, cc_uint32); 192 cc_int32 (*unlock)(cc_ccache_t); 193 cc_int32 (*get_last_default_time)(cc_ccache_t, cc_time_t*); 194 cc_int32 (*get_change_time)(cc_ccache_t, cc_time_t*); 195 cc_int32 (*compare)(cc_ccache_t, cc_ccache_t, cc_uint32*); 196 cc_int32 (*get_kdc_time_offset)(cc_ccache_t, cc_int32, cc_time_t *); 197 cc_int32 (*set_kdc_time_offset)(cc_ccache_t, cc_int32, cc_time_t); 198 cc_int32 (*clear_kdc_time_offset)(cc_ccache_t, cc_int32); 199 } cc_ccache_functions; 200 201 struct cc_ccache_t { 202 const cc_ccache_functions *func; 203 }; 204 205 struct cc_context_functions { 206 cc_int32 (*release)(cc_context_t); 207 cc_int32 (*get_change_time)(cc_context_t, cc_time_t *); 208 cc_int32 (*get_default_ccache_name)(cc_context_t, cc_string_t*); 209 cc_int32 (*open_ccache)(cc_context_t, const char*, cc_ccache_t *); 210 cc_int32 (*open_default_ccache)(cc_context_t, cc_ccache_t*); 211 cc_int32 (*create_ccache)(cc_context_t,const char*, cc_uint32, 212 const char*, cc_ccache_t*); 213 cc_int32 (*create_default_ccache)(cc_context_t, cc_uint32, 214 const char*, cc_ccache_t*); 215 cc_int32 (*create_new_ccache)(cc_context_t, cc_uint32, 216 const char*, cc_ccache_t*); 217 cc_int32 (*new_ccache_iterator)(cc_context_t, cc_ccache_iterator_t*); 218 cc_int32 (*lock)(cc_context_t, cc_uint32, cc_uint32); 219 cc_int32 (*unlock)(cc_context_t); 220 cc_int32 (*compare)(cc_context_t, cc_context_t, cc_uint32*); 221 }; 222 223 struct cc_context_t { 224 const struct cc_context_functions* func; 225 }; 226 227 typedef cc_int32 228 (*cc_initialize_func)(cc_context_t*, cc_int32, cc_int32 *, char const **); 229 230 #endif /* KRB5_CCAPI_H */ 231