1 /* 2 * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6 /* This is the prologue to krb5.h */ 7 /* Unfortunately some of these defines are compiler dependent */ 8 #ifndef _KRB5_H 9 #define _KRB5_H 10 11 #pragma ident "%Z%%M% %I% %E% SMI" 12 13 #define SIZEOF_INT 4 14 15 #ifdef _LP64 16 #define SIZEOF_LONG 8 17 #else 18 #define SIZEOF_LONG 4 19 #endif 20 21 #define SIZEOF_SHORT 2 22 #define HAVE_STDARG_H 1 23 #define HAVE_SYS_TYPES_H 1 24 /* End of prologue section */ 25 /* 26 * include/krb5.h 27 * 28 * Copyright 1989,1990,1995 by the Massachusetts Institute of Technology. 29 * All Rights Reserved. 30 * 31 * Export of this software from the United States of America may 32 * require a specific license from the United States Government. 33 * It is the responsibility of any person or organization contemplating 34 * export to obtain such a license before exporting. 35 * 36 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 37 * distribute this software and its documentation for any purpose and 38 * without fee is hereby granted, provided that the above copyright 39 * notice appear in all copies and that both that copyright notice and 40 * this permission notice appear in supporting documentation, and that 41 * the name of M.I.T. not be used in advertising or publicity pertaining 42 * to distribution of the software without specific, written prior 43 * permission. Furthermore if you modify this software you must label 44 * your software as modified software and not distribute it in such a 45 * fashion that it might be confused with the original M.I.T. software. 46 * M.I.T. makes no representations about the suitability of 47 * this software for any purpose. It is provided "as is" without express 48 * or implied warranty. 49 * 50 * 51 * General definitions for Kerberos version 5. 52 */ 53 54 /* 55 * Copyright (C) 1998 by the FundsXpress, INC. 56 * 57 * All rights reserved. 58 * 59 * Export of this software from the United States of America may require 60 * a specific license from the United States Government. It is the 61 * responsibility of any person or organization contemplating export to 62 * obtain such a license before exporting. 63 * 64 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 65 * distribute this software and its documentation for any purpose and 66 * without fee is hereby granted, provided that the above copyright 67 * notice appear in all copies and that both that copyright notice and 68 * this permission notice appear in supporting documentation, and that 69 * the name of FundsXpress. not be used in advertising or publicity pertaining 70 * to distribution of the software without specific, written prior 71 * permission. FundsXpress makes no representations about the suitability of 72 * this software for any purpose. It is provided "as is" without express 73 * or implied warranty. 74 * 75 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR 76 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 77 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. 78 */ 79 80 #ifndef KRB5_GENERAL__ 81 #define KRB5_GENERAL__ 82 83 #ifdef _KERNEL 84 #include <sys/systm.h> 85 #include <sys/kmem.h> 86 87 #include <sys/crypto/common.h> 88 #include <sys/crypto/api.h> 89 90 /* 91 * Just to be safe lets make sure the buffers are zero'ed after 92 * malloc() as some code assumes this is the case. To avoid warnings 93 * of duplicated defines let remove the old one if present. 94 */ 95 #ifdef MALLOC 96 #undef MALLOC 97 #endif 98 #define MALLOC(n) kmem_zalloc((n), KM_SLEEP) 99 100 #define FREE(x, n) kmem_free((x), (n)) 101 #define CALLOC(n, s) kmem_zalloc((n)*(s), KM_SLEEP) 102 #define strcpy(dst,src,n) bcopy((src),(dst),(n)) 103 #define mutex_lock(lck) mutex_enter(lck) 104 #define mutex_unlock(lck) mutex_exit(lck) 105 106 #else /* !_KERNEL */ 107 #define MALLOC(n) malloc(n) 108 #define FREE(x, n) free(x) 109 #define CALLOC(n, s) calloc((n), (s)) 110 #include <stdlib.h> 111 #include <thread.h> 112 #include <synch.h> 113 #include <security/cryptoki.h> 114 #include <limits.h> /* for *_MAX */ 115 #endif /* _KERNEL */ 116 117 /* By default, do not expose deprecated interfaces. */ 118 /* SUNW14resync - we need to enable this for rlogind and such */ 119 #ifndef KRB5_DEPRECATED 120 #define KRB5_DEPRECATED 1 121 #endif 122 /* Do not expose private interfaces. Build system will override. */ 123 /* SUNW14resync - for the Solaris build we set it to 1 here */ 124 #ifndef KRB5_PRIVATE 125 #define KRB5_PRIVATE 1 126 #endif 127 128 #if defined(__MACH__) && defined(__APPLE__) 129 # include <TargetConditionals.h> 130 # if TARGET_RT_MAC_CFM 131 # error "Use KfM 4.0 SDK headers for CFM compilation." 132 # endif 133 #endif 134 135 #if (defined(_MSDOS) || defined(_WIN32)) 136 #include <win-mac.h> 137 #endif 138 139 #ifndef KRB5_CONFIG__ 140 #ifndef KRB5_CALLCONV 141 #define KRB5_CALLCONV 142 #define KRB5_CALLCONV_C 143 #endif /* !KRB5_CALLCONV */ 144 #endif /* !KRB5_CONFIG__ */ 145 146 #ifndef KRB5_CALLCONV_WRONG 147 #define KRB5_CALLCONV_WRONG 148 #endif 149 150 /* SUNW14resync XXX */ 151 #include <sys/types.h> 152 #include <sys/socket.h> 153 154 #ifndef THREEPARAMOPEN 155 #define THREEPARAMOPEN(x,y,z) open(x,y,z) 156 #endif 157 158 159 /* 160 * Solaris Kerberos: 161 * KRB5_OLD_CRYPTO is not needed or supported anymore. 162 */ 163 /* #define KRB5_OLD_CRYPTO */ 164 165 166 #ifndef KRB5INT_BEGIN_DECLS 167 #if defined(__cplusplus) 168 #define KRB5INT_BEGIN_DECLS extern "C" { 169 #define KRB5INT_END_DECLS } 170 #else 171 #define KRB5INT_BEGIN_DECLS 172 #define KRB5INT_END_DECLS 173 #endif 174 #endif /* KRB5INT_BEGIN_DECLS */ 175 176 #if TARGET_OS_MAC 177 # pragma options align=mac68k 178 #endif 179 180 /* from profile.h */ 181 struct _profile_t; 182 /* typedef struct _profile_t *profile_t; */ 183 184 185 /* 186 * begin wordsize.h 187 */ 188 189 /* 190 * Word-size related definition. 191 */ 192 193 typedef unsigned char krb5_octet; 194 195 #if INT_MAX == 0x7fff 196 typedef int krb5_int16; 197 typedef unsigned int krb5_ui_2; 198 #elif SHRT_MAX == 0x7fff 199 typedef short krb5_int16; 200 typedef unsigned short krb5_ui_2; 201 #else 202 #error undefined 16 bit type 203 #endif 204 205 #if INT_MAX == 0x7fffffffL 206 typedef int krb5_int32; 207 typedef unsigned int krb5_ui_4; 208 #elif LONG_MAX == 0x7fffffffL 209 typedef long krb5_int32; 210 typedef unsigned long krb5_ui_4; 211 #elif SHRT_MAX == 0x7fffffffL 212 typedef short krb5_int32; 213 typedef unsigned short krb5_ui_4; 214 #else 215 #error: undefined 32 bit type 216 #endif 217 218 #define VALID_INT_BITS INT_MAX 219 #define VALID_UINT_BITS UINT_MAX 220 221 #define KRB5_INT32_MAX 2147483647 222 /* this strange form is necessary since - is a unary operator, not a sign 223 indicator */ 224 #define KRB5_INT32_MIN (-KRB5_INT32_MAX-1) 225 226 #define KRB5_INT16_MAX 65535 227 /* this strange form is necessary since - is a unary operator, not a sign 228 indicator */ 229 #define KRB5_INT16_MIN (-KRB5_INT16_MAX-1) 230 231 /* 232 * end wordsize.h 233 */ 234 235 /* 236 * begin "base-defs.h" 237 */ 238 239 /* 240 * Basic definitions for Kerberos V5 library 241 */ 242 243 #ifndef FALSE 244 #define FALSE 0 245 #endif 246 #ifndef TRUE 247 #define TRUE 1 248 #endif 249 250 typedef unsigned int krb5_boolean; 251 typedef unsigned int krb5_msgtype; 252 typedef unsigned int krb5_kvno; 253 254 typedef krb5_int32 krb5_addrtype; 255 typedef krb5_int32 krb5_enctype; 256 typedef krb5_int32 krb5_cksumtype; 257 typedef krb5_int32 krb5_authdatatype; 258 typedef krb5_int32 krb5_keyusage; 259 260 typedef krb5_int32 krb5_preauthtype; /* This may change, later on */ 261 typedef krb5_int32 krb5_flags; 262 typedef krb5_int32 krb5_timestamp; 263 typedef krb5_int32 krb5_error_code; 264 typedef krb5_int32 krb5_deltat; 265 266 typedef krb5_error_code krb5_magic; 267 268 typedef struct _krb5_data { 269 krb5_magic magic; 270 unsigned int length; 271 char *data; 272 } krb5_data; 273 274 /* 275 * Hack length for crypto library to use the afs_string_to_key It is 276 * equivalent to -1 without possible sign extension 277 * We also overload for an unset salt type length - which is also -1, but 278 * hey, why not.... 279 */ 280 #define SALT_TYPE_AFS_LENGTH UINT_MAX 281 #define SALT_TYPE_NO_LENGTH UINT_MAX 282 283 typedef void * krb5_pointer; 284 typedef void const * krb5_const_pointer; 285 286 typedef struct krb5_principal_data { 287 krb5_magic magic; 288 krb5_data realm; 289 krb5_data *data; /* An array of strings */ 290 krb5_int32 length; 291 krb5_int32 type; 292 } krb5_principal_data; 293 294 typedef krb5_principal_data * krb5_principal; 295 296 /* 297 * Per V5 spec on definition of principal types 298 */ 299 300 /* Name type not known */ 301 #define KRB5_NT_UNKNOWN 0 302 /* Just the name of the principal as in DCE, or for users */ 303 #define KRB5_NT_PRINCIPAL 1 304 /* Service and other unique instance (krbtgt) */ 305 #define KRB5_NT_SRV_INST 2 306 /* Service with host name as instance (telnet, rcommands) */ 307 #define KRB5_NT_SRV_HST 3 308 /* Service with host as remaining components */ 309 #define KRB5_NT_SRV_XHST 4 310 /* Unique ID */ 311 #define KRB5_NT_UID 5 312 313 /* constant version thereof: */ 314 typedef const krb5_principal_data *krb5_const_principal; 315 316 #define krb5_princ_realm(context, princ) (&(princ)->realm) 317 #define krb5_princ_set_realm(context, princ,value) ((princ)->realm = *(value)) 318 #define krb5_princ_set_realm_length(context, princ,value) (princ)->realm.length = (value) 319 #define krb5_princ_set_realm_data(context, princ,value) (princ)->realm.data = (value) 320 #define krb5_princ_size(context, princ) (princ)->length 321 #define krb5_princ_type(context, princ) (princ)->type 322 #define krb5_princ_name(context, princ) (princ)->data 323 #define krb5_princ_component(context, princ,i) \ 324 (((i) < krb5_princ_size(context, princ)) \ 325 ? (princ)->data + (i) \ 326 : NULL) 327 328 /* 329 * end "base-defs.h" 330 */ 331 332 /* 333 * begin "hostaddr.h" 334 */ 335 336 /* structure for address */ 337 typedef struct _krb5_address { 338 krb5_magic magic; 339 krb5_addrtype addrtype; 340 unsigned int length; 341 krb5_octet *contents; 342 } krb5_address; 343 344 /* per Kerberos v5 protocol spec */ 345 #define ADDRTYPE_INET 0x0002 346 #define ADDRTYPE_CHAOS 0x0005 347 #define ADDRTYPE_XNS 0x0006 348 #define ADDRTYPE_ISO 0x0007 349 #define ADDRTYPE_DDP 0x0010 350 #define ADDRTYPE_INET6 0x0018 351 /* not yet in the spec... */ 352 #define ADDRTYPE_ADDRPORT 0x0100 353 #define ADDRTYPE_IPPORT 0x0101 354 355 /* macros to determine if a type is a local type */ 356 #define ADDRTYPE_IS_LOCAL(addrtype) (addrtype & 0x8000) 357 358 /* 359 * end "hostaddr.h" 360 */ 361 362 363 struct _krb5_context; 364 typedef struct _krb5_context * krb5_context; 365 366 struct _krb5_auth_context; 367 typedef struct _krb5_auth_context * krb5_auth_context; 368 369 struct _krb5_cryptosystem_entry; 370 371 /* SUNW EF (I assume) crypto mods ... */ 372 struct _krb5_keyblock; 373 374 /* 375 * keyblocks will contain a list of derived keys, 376 * this structure will contain the derived key data. 377 */ 378 typedef struct _dk_node { 379 krb5_keyusage usage; 380 struct _krb5_keyblock *derived_key; 381 uchar_t dkid; /* derived key identifier byte */ 382 struct _dk_node *next; 383 } krb5_dk_node; 384 385 /* 386 * begin "encryption.h" 387 */ 388 typedef struct _krb5_keyblock { 389 krb5_magic magic; 390 krb5_enctype enctype; 391 unsigned int length; 392 krb5_octet *contents; 393 krb5_dk_node *dk_list; /* list of keys derived from this key */ 394 #ifdef _KERNEL 395 crypto_mech_type_t kef_mt; 396 crypto_key_t kef_key; 397 crypto_ctx_template_t key_tmpl; 398 #else 399 CK_OBJECT_HANDLE hKey; /* PKCS#11 key object handle */ 400 pid_t pid; /* fork safety */ 401 #endif /* _KERNEL */ 402 } krb5_keyblock; 403 404 typedef struct _krb5_checksum { 405 krb5_magic magic; 406 krb5_cksumtype checksum_type; /* checksum type */ 407 unsigned int length; 408 krb5_octet *contents; 409 } krb5_checksum; 410 411 typedef struct _krb5_encrypt_block { 412 krb5_magic magic; 413 krb5_enctype crypto_entry; /* to call krb5_encrypt_size, you need 414 this. it was a pointer, but it 415 doesn't have to be. gross. */ 416 krb5_keyblock *key; 417 } krb5_encrypt_block; 418 419 typedef struct _krb5_enc_data { 420 krb5_magic magic; 421 krb5_enctype enctype; 422 krb5_kvno kvno; 423 krb5_data ciphertext; 424 } krb5_enc_data; 425 426 /* per Kerberos v5 protocol spec */ 427 #define ENCTYPE_NULL 0x0000 428 #define ENCTYPE_DES_CBC_CRC 0x0001 /* DES cbc mode with CRC-32 */ 429 #define ENCTYPE_DES_CBC_MD4 0x0002 /* DES cbc mode with RSA-MD4 */ 430 #define ENCTYPE_DES_CBC_MD5 0x0003 /* DES cbc mode with RSA-MD5 */ 431 #define ENCTYPE_DES_CBC_RAW 0x0004 /* DES cbc mode raw */ 432 /* XXX deprecated? */ 433 #define ENCTYPE_DES3_CBC_SHA 0x0005 /* DES-3 cbc mode with NIST-SHA */ 434 #define ENCTYPE_DES3_CBC_RAW 0x0006 /* DES-3 cbc mode raw */ 435 #define ENCTYPE_DES_HMAC_SHA1 0x0008 436 #define ENCTYPE_DES3_CBC_SHA1 0x0010 437 #define ENCTYPE_AES128_CTS_HMAC_SHA1_96 0x0011 438 #define ENCTYPE_AES256_CTS_HMAC_SHA1_96 0x0012 439 #define ENCTYPE_ARCFOUR_HMAC 0x0017 440 #define ENCTYPE_ARCFOUR_HMAC_EXP 0x0018 441 #define ENCTYPE_UNKNOWN 0x01ff 442 443 #define CKSUMTYPE_CRC32 0x0001 444 #define CKSUMTYPE_RSA_MD4 0x0002 445 #define CKSUMTYPE_RSA_MD4_DES 0x0003 446 #define CKSUMTYPE_DESCBC 0x0004 447 /* des-mac-k */ 448 /* rsa-md4-des-k */ 449 #define CKSUMTYPE_RSA_MD5 0x0007 450 #define CKSUMTYPE_RSA_MD5_DES 0x0008 451 #define CKSUMTYPE_NIST_SHA 0x0009 452 #define CKSUMTYPE_HMAC_SHA1_DES3 0x000c 453 #define CKSUMTYPE_HMAC_SHA1_96_AES128 0x000f 454 #define CKSUMTYPE_HMAC_SHA1_96_AES256 0x0010 455 #define CKSUMTYPE_HMAC_MD5_ARCFOUR -138 /*Microsoft md5 hmac cksumtype*/ 456 457 /* The following are entropy source designations. Whenever 458 * krb5_C_random_add_entropy is called, one of these source ids is passed 459 * in. This allows the library to better estimate bits of 460 * entropy in the sample and to keep track of what sources of entropy have 461 * contributed enough entropy. Sources marked internal MUST NOT be 462 * used by applications outside the Kerberos library 463 */ 464 465 enum { 466 KRB5_C_RANDSOURCE_OLDAPI = 0, /*calls to krb5_C_RANDOM_SEED (INTERNAL)*/ 467 KRB5_C_RANDSOURCE_OSRAND = 1, /* /dev/random or equivalent (internal)*/ 468 KRB5_C_RANDSOURCE_TRUSTEDPARTY = 2, /* From KDC or other trusted party*/ 469 /*This source should be used carefully; data in this category 470 * should be from a third party trusted to give random bits 471 * For example keys issued by the KDC in the application server. 472 */ 473 KRB5_C_RANDSOURCE_TIMING = 3, /* Timing of operations*/ 474 KRB5_C_RANDSOURCE_EXTERNAL_PROTOCOL = 4, /*Protocol data possibly from attacker*/ 475 KRB5_C_RANDSOURCE_MAX = 5 /*Do not use; maximum source ID*/ 476 }; 477 478 #ifndef krb5_roundup 479 /* round x up to nearest multiple of y */ 480 #define krb5_roundup(x, y) ((((x) + (y) - 1)/(y))*(y)) 481 #endif /* roundup */ 482 483 /* macro function definitions to help clean up code */ 484 485 #ifndef _KERNEL 486 #define krb5_x(ptr,args) ((ptr)?((*(ptr)) args):(abort(),1)) 487 #define krb5_xc(ptr,args) ((ptr)?((*(ptr)) args):(abort(),(char*)0)) 488 #else 489 #define krb5_x(ptr,args) ((*(ptr)) args) 490 #define krb5_xc(ptr,args) ((*(ptr)) args) 491 #endif 492 493 krb5_error_code KRB5_CALLCONV 494 krb5_c_encrypt 495 (krb5_context context, 496 const krb5_keyblock *key, 497 krb5_keyusage usage, const krb5_data *ivec, 498 const krb5_data *input, krb5_enc_data *output); 499 500 krb5_error_code KRB5_CALLCONV 501 krb5_c_decrypt 502 (krb5_context context, 503 const krb5_keyblock *key, 504 krb5_keyusage usage, const krb5_data *ivec, 505 const krb5_enc_data *input, krb5_data *output); 506 507 krb5_error_code KRB5_CALLCONV 508 krb5_c_encrypt_length 509 (krb5_context context, krb5_enctype enctype, 510 size_t inputlen, size_t *length); 511 512 krb5_error_code KRB5_CALLCONV 513 krb5_c_block_size 514 (krb5_context context, krb5_enctype enctype, 515 size_t *blocksize); 516 517 krb5_error_code KRB5_CALLCONV 518 krb5_c_init_state(krb5_context, 519 const krb5_keyblock *, krb5_keyusage, 520 krb5_data *); 521 522 krb5_error_code KRB5_CALLCONV 523 krb5_c_free_state(krb5_context, 524 const krb5_keyblock *, krb5_data *); 525 526 krb5_error_code KRB5_CALLCONV 527 krb5_c_make_random_key 528 (krb5_context context, krb5_enctype enctype, 529 krb5_keyblock *random_key); 530 531 /* Register a new entropy sample with the PRNG. may cause 532 * the PRNG to be reseeded, although this is not guaranteed. See previous randsource definitions 533 * for information on how each source should be used. 534 */ 535 krb5_error_code KRB5_CALLCONV 536 krb5_c_random_add_entropy 537 (krb5_context context, unsigned int randsource_id, const krb5_data *data); 538 539 krb5_error_code KRB5_CALLCONV 540 krb5_c_random_make_octets 541 (krb5_context context, krb5_data *data); 542 543 /* 544 * Collect entropy from the OS if possible. strong requests that as strong 545 * of a source of entropy as available be used. Setting strong may 546 * increase the probability of blocking and should not be used for normal 547 * applications. Good uses include seeding the PRNG for kadmind 548 * and realm setup. 549 * If successful is non-null, then successful is set to 1 if the OS provided 550 * entropy else zero. 551 */ 552 #if 0 /* SUNW14resync - not used in Solaris */ 553 krb5_error_code KRB5_CALLCONV 554 krb5_c_random_os_entropy 555 (krb5_context context, int strong, int *success); 556 #endif 557 558 /*deprecated*/ krb5_error_code KRB5_CALLCONV 559 krb5_c_random_seed 560 (krb5_context context, krb5_data *data); 561 562 krb5_error_code KRB5_CALLCONV 563 krb5_c_string_to_key 564 (krb5_context context, krb5_enctype enctype, 565 const krb5_data *string, const krb5_data *salt, 566 krb5_keyblock *key); 567 568 krb5_error_code KRB5_CALLCONV 569 krb5_c_string_to_key_with_params(krb5_context context, 570 krb5_enctype enctype, 571 const krb5_data *string, 572 const krb5_data *salt, 573 const krb5_data *params, 574 krb5_keyblock *key); 575 576 krb5_error_code KRB5_CALLCONV 577 krb5_c_enctype_compare 578 (krb5_context context, krb5_enctype e1, krb5_enctype e2, 579 krb5_boolean *similar); 580 581 krb5_error_code KRB5_CALLCONV 582 krb5_c_make_checksum 583 (krb5_context context, krb5_cksumtype cksumtype, 584 const krb5_keyblock *key, krb5_keyusage usage, 585 const krb5_data *input, krb5_checksum *cksum); 586 587 krb5_error_code KRB5_CALLCONV 588 krb5_c_verify_checksum 589 (krb5_context context, 590 const krb5_keyblock *key, krb5_keyusage usage, 591 const krb5_data *data, 592 const krb5_checksum *cksum, 593 krb5_boolean *valid); 594 595 krb5_error_code KRB5_CALLCONV 596 krb5_c_checksum_length 597 (krb5_context context, krb5_cksumtype cksumtype, 598 size_t *length); 599 600 krb5_error_code KRB5_CALLCONV 601 krb5_c_keyed_checksum_types 602 (krb5_context context, krb5_enctype enctype, 603 unsigned int *count, krb5_cksumtype **cksumtypes); 604 605 #define KRB5_KEYUSAGE_AS_REQ_PA_ENC_TS 1 606 #define KRB5_KEYUSAGE_KDC_REP_TICKET 2 607 #define KRB5_KEYUSAGE_AS_REP_ENCPART 3 608 #define KRB5_KEYUSAGE_TGS_REQ_AD_SESSKEY 4 609 #define KRB5_KEYUSAGE_TGS_REQ_AD_SUBKEY 5 610 #define KRB5_KEYUSAGE_TGS_REQ_AUTH_CKSUM 6 611 #define KRB5_KEYUSAGE_TGS_REQ_AUTH 7 612 #define KRB5_KEYUSAGE_TGS_REP_ENCPART_SESSKEY 8 613 #define KRB5_KEYUSAGE_TGS_REP_ENCPART_SUBKEY 9 614 #define KRB5_KEYUSAGE_AP_REQ_AUTH_CKSUM 10 615 #define KRB5_KEYUSAGE_AP_REQ_AUTH 11 616 #define KRB5_KEYUSAGE_AP_REP_ENCPART 12 617 #define KRB5_KEYUSAGE_KRB_PRIV_ENCPART 13 618 #define KRB5_KEYUSAGE_KRB_CRED_ENCPART 14 619 #define KRB5_KEYUSAGE_KRB_SAFE_CKSUM 15 620 #define KRB5_KEYUSAGE_APP_DATA_ENCRYPT 16 621 #define KRB5_KEYUSAGE_APP_DATA_CKSUM 17 622 #define KRB5_KEYUSAGE_KRB_ERROR_CKSUM 18 623 #define KRB5_KEYUSAGE_AD_KDCISSUED_CKSUM 19 624 #define KRB5_KEYUSAGE_AD_MTE 20 625 #define KRB5_KEYUSAGE_AD_ITE 21 626 627 /* XXX need to register these */ 628 629 #define KRB5_KEYUSAGE_GSS_TOK_MIC 22 630 #define KRB5_KEYUSAGE_GSS_TOK_WRAP_INTEG 23 631 #define KRB5_KEYUSAGE_GSS_TOK_WRAP_PRIV 24 632 633 /* Defined in hardware preauth draft */ 634 635 #define KRB5_KEYUSAGE_PA_SAM_CHALLENGE_CKSUM 25 636 #define KRB5_KEYUSAGE_PA_SAM_CHALLENGE_TRACKID 26 637 #define KRB5_KEYUSAGE_PA_SAM_RESPONSE 27 638 639 krb5_boolean KRB5_CALLCONV krb5_c_valid_enctype 640 (krb5_enctype ktype); 641 krb5_boolean KRB5_CALLCONV krb5_c_valid_cksumtype 642 (krb5_cksumtype ctype); 643 krb5_boolean KRB5_CALLCONV krb5_c_is_coll_proof_cksum 644 (krb5_cksumtype ctype); 645 krb5_boolean KRB5_CALLCONV krb5_c_is_keyed_cksum 646 (krb5_cksumtype ctype); 647 648 649 #if KRB5_PRIVATE 650 /* Use the above four instead. */ 651 krb5_boolean KRB5_CALLCONV valid_enctype 652 (krb5_enctype ktype); 653 krb5_boolean KRB5_CALLCONV valid_cksumtype 654 (krb5_cksumtype ctype); 655 krb5_boolean KRB5_CALLCONV is_coll_proof_cksum 656 (krb5_cksumtype ctype); 657 krb5_boolean KRB5_CALLCONV is_keyed_cksum 658 (krb5_cksumtype ctype); 659 #endif 660 661 /* #ifdef KRB5_OLD_CRYPTO 662 * this mit block removed for Solaris Kerberos 663 #endif KRB5_OLD_CRYPTO */ 664 665 /* 666 * end "encryption.h" 667 */ 668 669 /* 670 * begin "fieldbits.h" 671 */ 672 673 /* kdc_options for kdc_request */ 674 /* options is 32 bits; each host is responsible to put the 4 bytes 675 representing these bits into net order before transmission */ 676 /* #define KDC_OPT_RESERVED 0x80000000 */ 677 #define KDC_OPT_FORWARDABLE 0x40000000 678 #define KDC_OPT_FORWARDED 0x20000000 679 #define KDC_OPT_PROXIABLE 0x10000000 680 #define KDC_OPT_PROXY 0x08000000 681 #define KDC_OPT_ALLOW_POSTDATE 0x04000000 682 #define KDC_OPT_POSTDATED 0x02000000 683 /* #define KDC_OPT_UNUSED 0x01000000 */ 684 #define KDC_OPT_RENEWABLE 0x00800000 685 /* #define KDC_OPT_UNUSED 0x00400000 */ 686 /* #define KDC_OPT_RESERVED 0x00200000 */ 687 /* #define KDC_OPT_RESERVED 0x00100000 */ 688 /* #define KDC_OPT_RESERVED 0x00080000 */ 689 /* #define KDC_OPT_RESERVED 0x00040000 */ 690 #define KDC_OPT_REQUEST_ANONYMOUS 0x00020000 691 /* #define KDC_OPT_RESERVED 0x00010000 */ 692 /* #define KDC_OPT_RESERVED 0x00008000 */ 693 /* #define KDC_OPT_RESERVED 0x00004000 */ 694 /* #define KDC_OPT_RESERVED 0x00002000 */ 695 /* #define KDC_OPT_RESERVED 0x00001000 */ 696 /* #define KDC_OPT_RESERVED 0x00000800 */ 697 /* #define KDC_OPT_RESERVED 0x00000400 */ 698 /* #define KDC_OPT_RESERVED 0x00000200 */ 699 /* #define KDC_OPT_RESERVED 0x00000100 */ 700 /* #define KDC_OPT_RESERVED 0x00000080 */ 701 /* #define KDC_OPT_RESERVED 0x00000040 */ 702 #define KDC_OPT_DISABLE_TRANSITED_CHECK 0x00000020 703 #define KDC_OPT_RENEWABLE_OK 0x00000010 704 #define KDC_OPT_ENC_TKT_IN_SKEY 0x00000008 705 /* #define KDC_OPT_UNUSED 0x00000004 */ 706 #define KDC_OPT_RENEW 0x00000002 707 #define KDC_OPT_VALIDATE 0x00000001 708 709 /* 710 * Mask of ticket flags in the TGT which should be converted into KDC 711 * options when using the TGT to get derivitive tickets. 712 * 713 * New mask = KDC_OPT_FORWARDABLE | KDC_OPT_PROXIABLE | 714 * KDC_OPT_ALLOW_POSTDATE | KDC_OPT_RENEWABLE 715 */ 716 #define KDC_TKT_COMMON_MASK 0x54800000 717 718 /* definitions for ap_options fields */ 719 /* ap_options are 32 bits; each host is responsible to put the 4 bytes 720 representing these bits into net order before transmission */ 721 #define AP_OPTS_RESERVED 0x80000000 722 #define AP_OPTS_USE_SESSION_KEY 0x40000000 723 #define AP_OPTS_MUTUAL_REQUIRED 0x20000000 724 /* #define AP_OPTS_RESERVED 0x10000000 */ 725 /* #define AP_OPTS_RESERVED 0x08000000 */ 726 /* #define AP_OPTS_RESERVED 0x04000000 */ 727 /* #define AP_OPTS_RESERVED 0x02000000 */ 728 /* #define AP_OPTS_RESERVED 0x01000000 */ 729 /* #define AP_OPTS_RESERVED 0x00800000 */ 730 /* #define AP_OPTS_RESERVED 0x00400000 */ 731 /* #define AP_OPTS_RESERVED 0x00200000 */ 732 /* #define AP_OPTS_RESERVED 0x00100000 */ 733 /* #define AP_OPTS_RESERVED 0x00080000 */ 734 /* #define AP_OPTS_RESERVED 0x00040000 */ 735 /* #define AP_OPTS_RESERVED 0x00020000 */ 736 /* #define AP_OPTS_RESERVED 0x00010000 */ 737 /* #define AP_OPTS_RESERVED 0x00008000 */ 738 /* #define AP_OPTS_RESERVED 0x00004000 */ 739 /* #define AP_OPTS_RESERVED 0x00002000 */ 740 /* #define AP_OPTS_RESERVED 0x00001000 */ 741 /* #define AP_OPTS_RESERVED 0x00000800 */ 742 /* #define AP_OPTS_RESERVED 0x00000400 */ 743 /* #define AP_OPTS_RESERVED 0x00000200 */ 744 /* #define AP_OPTS_RESERVED 0x00000100 */ 745 /* #define AP_OPTS_RESERVED 0x00000080 */ 746 /* #define AP_OPTS_RESERVED 0x00000040 */ 747 /* #define AP_OPTS_RESERVED 0x00000020 */ 748 /* #define AP_OPTS_RESERVED 0x00000010 */ 749 /* #define AP_OPTS_RESERVED 0x00000008 */ 750 /* #define AP_OPTS_RESERVED 0x00000004 */ 751 /* #define AP_OPTS_RESERVED 0x00000002 */ 752 #define AP_OPTS_USE_SUBKEY 0x00000001 753 754 #define AP_OPTS_WIRE_MASK 0xfffffff0 755 756 /* definitions for ad_type fields. */ 757 #define AD_TYPE_RESERVED 0x8000 758 #define AD_TYPE_EXTERNAL 0x4000 759 #define AD_TYPE_REGISTERED 0x2000 760 761 #define AD_TYPE_FIELD_TYPE_MASK 0x1fff 762 763 /* Ticket flags */ 764 /* flags are 32 bits; each host is responsible to put the 4 bytes 765 representing these bits into net order before transmission */ 766 /* #define TKT_FLG_RESERVED 0x80000000 */ 767 #define TKT_FLG_FORWARDABLE 0x40000000 768 #define TKT_FLG_FORWARDED 0x20000000 769 #define TKT_FLG_PROXIABLE 0x10000000 770 #define TKT_FLG_PROXY 0x08000000 771 #define TKT_FLG_MAY_POSTDATE 0x04000000 772 #define TKT_FLG_POSTDATED 0x02000000 773 #define TKT_FLG_INVALID 0x01000000 774 #define TKT_FLG_RENEWABLE 0x00800000 775 #define TKT_FLG_INITIAL 0x00400000 776 #define TKT_FLG_PRE_AUTH 0x00200000 777 #define TKT_FLG_HW_AUTH 0x00100000 778 #define TKT_FLG_TRANSIT_POLICY_CHECKED 0x00080000 779 #define TKT_FLG_OK_AS_DELEGATE 0x00040000 780 #define TKT_FLG_ANONYMOUS 0x00020000 781 /* #define TKT_FLG_RESERVED 0x00010000 */ 782 /* #define TKT_FLG_RESERVED 0x00008000 */ 783 /* #define TKT_FLG_RESERVED 0x00004000 */ 784 /* #define TKT_FLG_RESERVED 0x00002000 */ 785 /* #define TKT_FLG_RESERVED 0x00001000 */ 786 /* #define TKT_FLG_RESERVED 0x00000800 */ 787 /* #define TKT_FLG_RESERVED 0x00000400 */ 788 /* #define TKT_FLG_RESERVED 0x00000200 */ 789 /* #define TKT_FLG_RESERVED 0x00000100 */ 790 /* #define TKT_FLG_RESERVED 0x00000080 */ 791 /* #define TKT_FLG_RESERVED 0x00000040 */ 792 /* #define TKT_FLG_RESERVED 0x00000020 */ 793 /* #define TKT_FLG_RESERVED 0x00000010 */ 794 /* #define TKT_FLG_RESERVED 0x00000008 */ 795 /* #define TKT_FLG_RESERVED 0x00000004 */ 796 /* #define TKT_FLG_RESERVED 0x00000002 */ 797 /* #define TKT_FLG_RESERVED 0x00000001 */ 798 799 /* definitions for lr_type fields. */ 800 #define LR_TYPE_THIS_SERVER_ONLY 0x8000 801 802 #define LR_TYPE_INTERPRETATION_MASK 0x7fff 803 804 /* definitions for ad_type fields. */ 805 #define AD_TYPE_EXTERNAL 0x4000 806 #define AD_TYPE_REGISTERED 0x2000 807 808 #define AD_TYPE_FIELD_TYPE_MASK 0x1fff 809 #define AD_TYPE_INTERNAL_MASK 0x3fff 810 811 /* definitions for msec direction bit for KRB_SAFE, KRB_PRIV */ 812 #define MSEC_DIRBIT 0x8000 813 #define MSEC_VAL_MASK 0x7fff 814 815 /* 816 * end "fieldbits.h" 817 */ 818 819 /* 820 * begin "proto.h" 821 */ 822 823 /* Protocol version number */ 824 #define KRB5_PVNO 5 825 826 /* Message types */ 827 828 #define KRB5_AS_REQ ((krb5_msgtype)10) /* Req for initial authentication */ 829 #define KRB5_AS_REP ((krb5_msgtype)11) /* Response to KRB_AS_REQ request */ 830 #define KRB5_TGS_REQ ((krb5_msgtype)12) /* TGS request to server */ 831 #define KRB5_TGS_REP ((krb5_msgtype)13) /* Response to KRB_TGS_REQ req */ 832 #define KRB5_AP_REQ ((krb5_msgtype)14) /* application request to server */ 833 #define KRB5_AP_REP ((krb5_msgtype)15) /* Response to KRB_AP_REQ_MUTUAL */ 834 #define KRB5_SAFE ((krb5_msgtype)20) /* Safe application message */ 835 #define KRB5_PRIV ((krb5_msgtype)21) /* Private application message */ 836 #define KRB5_CRED ((krb5_msgtype)22) /* Credential forwarding message */ 837 #define KRB5_ERROR ((krb5_msgtype)30) /* Error response */ 838 839 /* LastReq types */ 840 #define KRB5_LRQ_NONE 0 841 #define KRB5_LRQ_ALL_LAST_TGT 1 842 #define KRB5_LRQ_ONE_LAST_TGT (-1) 843 #define KRB5_LRQ_ALL_LAST_INITIAL 2 844 #define KRB5_LRQ_ONE_LAST_INITIAL (-2) 845 #define KRB5_LRQ_ALL_LAST_TGT_ISSUED 3 846 #define KRB5_LRQ_ONE_LAST_TGT_ISSUED (-3) 847 #define KRB5_LRQ_ALL_LAST_RENEWAL 4 848 #define KRB5_LRQ_ONE_LAST_RENEWAL (-4) 849 #define KRB5_LRQ_ALL_LAST_REQ 5 850 #define KRB5_LRQ_ONE_LAST_REQ (-5) 851 #define KRB5_LRQ_ALL_PW_EXPTIME 6 852 #define KRB5_LRQ_ONE_PW_EXPTIME (-6) 853 854 855 /* PADATA types */ 856 #define KRB5_PADATA_NONE 0 857 #define KRB5_PADATA_AP_REQ 1 858 #define KRB5_PADATA_TGS_REQ KRB5_PADATA_AP_REQ 859 #define KRB5_PADATA_ENC_TIMESTAMP 2 860 #define KRB5_PADATA_PW_SALT 3 861 #if 0 /* Not used */ 862 #define KRB5_PADATA_ENC_ENCKEY 4 /* Key encrypted within itself */ 863 #endif 864 #define KRB5_PADATA_ENC_UNIX_TIME 5 /* timestamp encrypted in key */ 865 #define KRB5_PADATA_ENC_SANDIA_SECURID 6 /* SecurId passcode */ 866 #define KRB5_PADATA_SESAME 7 /* Sesame project */ 867 #define KRB5_PADATA_OSF_DCE 8 /* OSF DCE */ 868 #define KRB5_CYBERSAFE_SECUREID 9 /* Cybersafe */ 869 #define KRB5_PADATA_AFS3_SALT 10 /* Cygnus */ 870 #define KRB5_PADATA_ETYPE_INFO 11 /* Etype info for preauth */ 871 #define KRB5_PADATA_SAM_CHALLENGE 12 /* draft challenge system */ 872 #define KRB5_PADATA_SAM_RESPONSE 13 /* draft challenge system response */ 873 #define KRB5_PADATA_PK_AS_REQ 14 /* PKINIT */ 874 #define KRB5_PADATA_PK_AS_REP 15 /* PKINIT */ 875 #define KRB5_PADATA_ETYPE_INFO2 19 876 #define KRB5_PADATA_SAM_CHALLENGE_2 30 /* draft challenge system, updated */ 877 #define KRB5_PADATA_SAM_RESPONSE_2 31 /* draft challenge system, updated */ 878 879 #define KRB5_SAM_USE_SAD_AS_KEY 0x80000000 880 #define KRB5_SAM_SEND_ENCRYPTED_SAD 0x40000000 881 #define KRB5_SAM_MUST_PK_ENCRYPT_SAD 0x20000000 /* currently must be zero */ 882 883 /* Reserved for SPX pre-authentication. */ 884 #define KRB5_PADATA_DASS 16 885 886 /* Transited encoding types */ 887 #define KRB5_DOMAIN_X500_COMPRESS 1 888 889 /* alternate authentication types */ 890 #define KRB5_ALTAUTH_ATT_CHALLENGE_RESPONSE 64 891 892 /* authorization data types */ 893 #define KRB5_AUTHDATA_OSF_DCE 64 894 #define KRB5_AUTHDATA_SESAME 65 895 896 /* password change constants */ 897 898 #define KRB5_KPASSWD_SUCCESS 0 899 #define KRB5_KPASSWD_MALFORMED 1 900 #define KRB5_KPASSWD_HARDERROR 2 901 #define KRB5_KPASSWD_AUTHERROR 3 902 #define KRB5_KPASSWD_SOFTERROR 4 903 /* These are Microsoft's extensions in RFC 3244, and it looks like 904 they'll become standardized, possibly with other additions. */ 905 #define KRB5_KPASSWD_ACCESSDENIED 5 /* unused */ 906 #define KRB5_KPASSWD_BAD_VERSION 6 907 #define KRB5_KPASSWD_INITIAL_FLAG_NEEDED 7 /* unused */ 908 909 /* 910 * end "proto.h" 911 */ 912 913 /* Time set */ 914 typedef struct _krb5_ticket_times { 915 krb5_timestamp authtime; /* XXX ? should ktime in KDC_REP == authtime 916 in ticket? otherwise client can't get this */ 917 krb5_timestamp starttime; /* optional in ticket, if not present, 918 use authtime */ 919 krb5_timestamp endtime; 920 krb5_timestamp renew_till; 921 } krb5_ticket_times; 922 923 /* structure for auth data */ 924 typedef struct _krb5_authdata { 925 krb5_magic magic; 926 krb5_authdatatype ad_type; 927 unsigned int length; 928 krb5_octet *contents; 929 } krb5_authdata; 930 931 /* structure for transited encoding */ 932 typedef struct _krb5_transited { 933 krb5_magic magic; 934 krb5_octet tr_type; 935 krb5_data tr_contents; 936 } krb5_transited; 937 938 typedef struct _krb5_enc_tkt_part { 939 krb5_magic magic; 940 /* to-be-encrypted portion */ 941 krb5_flags flags; /* flags */ 942 krb5_keyblock *session; /* session key: includes enctype */ 943 krb5_principal client; /* client name/realm */ 944 krb5_transited transited; /* list of transited realms */ 945 krb5_ticket_times times; /* auth, start, end, renew_till */ 946 krb5_address * *caddrs; /* array of ptrs to addresses */ 947 krb5_authdata * *authorization_data; /* auth data */ 948 } krb5_enc_tkt_part; 949 950 typedef struct _krb5_ticket { 951 krb5_magic magic; 952 /* cleartext portion */ 953 krb5_principal server; /* server name/realm */ 954 krb5_enc_data enc_part; /* encryption type, kvno, encrypted 955 encoding */ 956 krb5_enc_tkt_part *enc_part2; /* ptr to decrypted version, if 957 available */ 958 } krb5_ticket; 959 960 /* the unencrypted version */ 961 typedef struct _krb5_authenticator { 962 krb5_magic magic; 963 krb5_principal client; /* client name/realm */ 964 krb5_checksum *checksum; /* checksum, includes type, optional */ 965 krb5_int32 cusec; /* client usec portion */ 966 krb5_timestamp ctime; /* client sec portion */ 967 krb5_keyblock *subkey; /* true session key, optional */ 968 krb5_ui_4 seq_number; /* sequence #, optional */ 969 krb5_authdata * *authorization_data; /* New add by Ari, auth data */ 970 } krb5_authenticator; 971 972 typedef struct _krb5_tkt_authent { 973 krb5_magic magic; 974 krb5_ticket *ticket; 975 krb5_authenticator *authenticator; 976 krb5_flags ap_options; 977 } krb5_tkt_authent; 978 979 /* credentials: Ticket, session key, etc. */ 980 typedef struct _krb5_creds { 981 krb5_magic magic; 982 krb5_principal client; /* client's principal identifier */ 983 krb5_principal server; /* server's principal identifier */ 984 krb5_keyblock keyblock; /* session encryption key info */ 985 krb5_ticket_times times; /* lifetime info */ 986 krb5_boolean is_skey; /* true if ticket is encrypted in 987 another ticket's skey */ 988 krb5_flags ticket_flags; /* flags in ticket */ 989 krb5_address * *addresses; /* addrs in ticket */ 990 krb5_data ticket; /* ticket string itself */ 991 krb5_data second_ticket; /* second ticket, if related to 992 ticket (via DUPLICATE-SKEY or 993 ENC-TKT-IN-SKEY) */ 994 krb5_authdata * *authdata; /* authorization data */ 995 } krb5_creds; 996 997 /* Last request fields */ 998 typedef struct _krb5_last_req_entry { 999 krb5_magic magic; 1000 krb5_int32 lr_type; 1001 krb5_timestamp value; 1002 } krb5_last_req_entry; 1003 1004 /* pre-authentication data */ 1005 typedef struct _krb5_pa_data { 1006 krb5_magic magic; 1007 krb5_preauthtype pa_type; 1008 unsigned int length; 1009 krb5_octet *contents; 1010 } krb5_pa_data; 1011 1012 typedef struct _krb5_kdc_req { 1013 krb5_magic magic; 1014 krb5_msgtype msg_type; /* AS_REQ or TGS_REQ? */ 1015 krb5_pa_data * *padata; /* e.g. encoded AP_REQ */ 1016 /* real body */ 1017 krb5_flags kdc_options; /* requested options */ 1018 krb5_principal client; /* includes realm; optional */ 1019 krb5_principal server; /* includes realm (only used if no 1020 client) */ 1021 krb5_timestamp from; /* requested starttime */ 1022 krb5_timestamp till; /* requested endtime */ 1023 krb5_timestamp rtime; /* (optional) requested renew_till */ 1024 krb5_int32 nonce; /* nonce to match request/response */ 1025 int nktypes; /* # of ktypes, must be positive */ 1026 krb5_enctype *ktype; /* requested enctype(s) */ 1027 krb5_address * *addresses; /* requested addresses, optional */ 1028 krb5_enc_data authorization_data; /* encrypted auth data; OPTIONAL */ 1029 krb5_authdata * *unenc_authdata; /* unencrypted auth data, 1030 if available */ 1031 krb5_ticket * *second_ticket;/* second ticket array; OPTIONAL */ 1032 } krb5_kdc_req; 1033 1034 typedef struct _krb5_enc_kdc_rep_part { 1035 krb5_magic magic; 1036 /* encrypted part: */ 1037 krb5_msgtype msg_type; /* krb5 message type */ 1038 krb5_keyblock *session; /* session key */ 1039 krb5_last_req_entry * *last_req; /* array of ptrs to entries */ 1040 krb5_int32 nonce; /* nonce from request */ 1041 krb5_timestamp key_exp; /* expiration date */ 1042 krb5_flags flags; /* ticket flags */ 1043 krb5_ticket_times times; /* lifetime info */ 1044 krb5_principal server; /* server's principal identifier */ 1045 krb5_address * *caddrs; /* array of ptrs to addresses, 1046 optional */ 1047 } krb5_enc_kdc_rep_part; 1048 1049 typedef struct _krb5_kdc_rep { 1050 krb5_magic magic; 1051 /* cleartext part: */ 1052 krb5_msgtype msg_type; /* AS_REP or KDC_REP? */ 1053 krb5_pa_data * *padata; /* preauthentication data from KDC */ 1054 krb5_principal client; /* client's principal identifier */ 1055 krb5_ticket *ticket; /* ticket */ 1056 krb5_enc_data enc_part; /* encryption type, kvno, encrypted 1057 encoding */ 1058 krb5_enc_kdc_rep_part *enc_part2;/* unencrypted version, if available */ 1059 } krb5_kdc_rep; 1060 1061 /* error message structure */ 1062 typedef struct _krb5_error { 1063 krb5_magic magic; 1064 /* some of these may be meaningless in certain contexts */ 1065 krb5_timestamp ctime; /* client sec portion; optional */ 1066 krb5_int32 cusec; /* client usec portion; optional */ 1067 krb5_int32 susec; /* server usec portion */ 1068 krb5_timestamp stime; /* server sec portion */ 1069 krb5_ui_4 error; /* error code (protocol error #'s) */ 1070 krb5_principal client; /* client's principal identifier; 1071 optional */ 1072 krb5_principal server; /* server's principal identifier */ 1073 krb5_data text; /* descriptive text */ 1074 krb5_data e_data; /* additional error-describing data */ 1075 } krb5_error; 1076 1077 typedef struct _krb5_ap_req { 1078 krb5_magic magic; 1079 krb5_flags ap_options; /* requested options */ 1080 krb5_ticket *ticket; /* ticket */ 1081 krb5_enc_data authenticator; /* authenticator (already encrypted) */ 1082 } krb5_ap_req; 1083 1084 typedef struct _krb5_ap_rep { 1085 krb5_magic magic; 1086 krb5_enc_data enc_part; 1087 } krb5_ap_rep; 1088 1089 typedef struct _krb5_ap_rep_enc_part { 1090 krb5_magic magic; 1091 krb5_timestamp ctime; /* client time, seconds portion */ 1092 krb5_int32 cusec; /* client time, microseconds portion */ 1093 krb5_keyblock *subkey; /* true session key, optional */ 1094 krb5_ui_4 seq_number; /* sequence #, optional */ 1095 } krb5_ap_rep_enc_part; 1096 1097 typedef struct _krb5_response { 1098 krb5_magic magic; 1099 krb5_octet message_type; 1100 krb5_data response; 1101 krb5_int32 expected_nonce; /* The expected nonce for KDC_REP messages */ 1102 krb5_timestamp request_time; /* When we made the request */ 1103 } krb5_response; 1104 1105 typedef struct _krb5_cred_info { 1106 krb5_magic magic; 1107 krb5_keyblock *session; /* session key used to encrypt */ 1108 /* ticket */ 1109 krb5_principal client; /* client name/realm, optional */ 1110 krb5_principal server; /* server name/realm, optional */ 1111 krb5_flags flags; /* ticket flags, optional */ 1112 krb5_ticket_times times; /* auth, start, end, renew_till, */ 1113 /* optional */ 1114 krb5_address * *caddrs; /* array of ptrs to addresses */ 1115 } krb5_cred_info; 1116 1117 typedef struct _krb5_cred_enc_part { 1118 krb5_magic magic; 1119 krb5_int32 nonce; /* nonce, optional */ 1120 krb5_timestamp timestamp; /* client time */ 1121 krb5_int32 usec; /* microsecond portion of time */ 1122 krb5_address *s_address; /* sender address, optional */ 1123 krb5_address *r_address; /* recipient address, optional */ 1124 krb5_cred_info * *ticket_info; 1125 } krb5_cred_enc_part; 1126 1127 typedef struct _krb5_cred { 1128 krb5_magic magic; 1129 krb5_ticket * *tickets; /* tickets */ 1130 krb5_enc_data enc_part; /* encrypted part */ 1131 krb5_cred_enc_part *enc_part2; /* unencrypted version, if available*/ 1132 } krb5_cred; 1133 1134 /* Sandia password generation structures */ 1135 typedef struct _passwd_phrase_element { 1136 krb5_magic magic; 1137 krb5_data *passwd; 1138 krb5_data *phrase; 1139 } passwd_phrase_element; 1140 1141 typedef struct _krb5_pwd_data { 1142 krb5_magic magic; 1143 int sequence_count; 1144 passwd_phrase_element * *element; 1145 } krb5_pwd_data; 1146 1147 /* these need to be here so the typedefs are available for the prototypes */ 1148 1149 /* 1150 * begin "safepriv.h" 1151 */ 1152 1153 #define KRB5_AUTH_CONTEXT_DO_TIME 0x00000001 1154 #define KRB5_AUTH_CONTEXT_RET_TIME 0x00000002 1155 #define KRB5_AUTH_CONTEXT_DO_SEQUENCE 0x00000004 1156 #define KRB5_AUTH_CONTEXT_RET_SEQUENCE 0x00000008 1157 #define KRB5_AUTH_CONTEXT_PERMIT_ALL 0x00000010 1158 #define KRB5_AUTH_CONTEXT_USE_SUBKEY 0x00000020 1159 1160 typedef struct krb5_replay_data { 1161 krb5_timestamp timestamp; 1162 krb5_int32 usec; 1163 krb5_int32 seq; 1164 } krb5_replay_data; 1165 1166 /* flags for krb5_auth_con_genaddrs() */ 1167 #define KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR 0x00000001 1168 #define KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR 0x00000002 1169 #define KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR 0x00000004 1170 #define KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR 0x00000008 1171 1172 /* type of function used as a callback to generate checksum data for 1173 * mk_req */ 1174 1175 typedef krb5_error_code 1176 (KRB5_CALLCONV * krb5_mk_req_checksum_func) ( 1177 krb5_context, 1178 krb5_auth_context, 1179 void *, 1180 krb5_data **); 1181 1182 1183 /* 1184 * end "safepriv.h" 1185 */ 1186 1187 1188 /* 1189 * begin "ccache.h" 1190 */ 1191 1192 typedef krb5_pointer krb5_cc_cursor; /* cursor for sequential lookup */ 1193 1194 struct _krb5_ccache; 1195 typedef struct _krb5_ccache *krb5_ccache; 1196 struct _krb5_cc_ops; 1197 typedef struct _krb5_cc_ops krb5_cc_ops; 1198 1199 /* for retrieve_cred */ 1200 #define KRB5_TC_MATCH_TIMES 0x00000001 1201 #define KRB5_TC_MATCH_IS_SKEY 0x00000002 1202 #define KRB5_TC_MATCH_FLAGS 0x00000004 1203 #define KRB5_TC_MATCH_TIMES_EXACT 0x00000008 1204 #define KRB5_TC_MATCH_FLAGS_EXACT 0x00000010 1205 #define KRB5_TC_MATCH_AUTHDATA 0x00000020 1206 #define KRB5_TC_MATCH_SRV_NAMEONLY 0x00000040 1207 #define KRB5_TC_MATCH_2ND_TKT 0x00000080 1208 #define KRB5_TC_MATCH_KTYPE 0x00000100 1209 #define KRB5_TC_SUPPORTED_KTYPES 0x00000200 1210 1211 /* for set_flags and other functions */ 1212 #define KRB5_TC_OPENCLOSE 0x00000001 1213 #define KRB5_TC_NOTICKET 0x00000002 1214 1215 1216 1217 krb5_error_code KRB5_CALLCONV 1218 krb5_cc_gen_new (krb5_context context, krb5_ccache *cache); 1219 1220 krb5_error_code KRB5_CALLCONV 1221 krb5_cc_initialize(krb5_context context, krb5_ccache cache, 1222 krb5_principal principal); 1223 1224 krb5_error_code KRB5_CALLCONV 1225 krb5_cc_destroy (krb5_context context, krb5_ccache cache); 1226 1227 krb5_error_code KRB5_CALLCONV 1228 krb5_cc_close (krb5_context context, krb5_ccache cache); 1229 1230 krb5_error_code KRB5_CALLCONV 1231 krb5_cc_store_cred (krb5_context context, krb5_ccache cache, 1232 krb5_creds *creds); 1233 1234 krb5_error_code KRB5_CALLCONV 1235 krb5_cc_retrieve_cred (krb5_context context, krb5_ccache cache, 1236 krb5_flags flags, krb5_creds *mcreds, 1237 krb5_creds *creds); 1238 1239 krb5_error_code KRB5_CALLCONV 1240 krb5_cc_get_principal (krb5_context context, krb5_ccache cache, 1241 krb5_principal *principal); 1242 krb5_error_code KRB5_CALLCONV 1243 krb5_cc_start_seq_get (krb5_context context, krb5_ccache cache, 1244 krb5_cc_cursor *cursor); 1245 1246 krb5_error_code KRB5_CALLCONV 1247 krb5_cc_next_cred (krb5_context context, krb5_ccache cache, 1248 krb5_cc_cursor *cursor, krb5_creds *creds); 1249 1250 krb5_error_code KRB5_CALLCONV 1251 krb5_cc_end_seq_get (krb5_context context, krb5_ccache cache, 1252 krb5_cc_cursor *cursor); 1253 1254 krb5_error_code KRB5_CALLCONV 1255 krb5_cc_remove_cred (krb5_context context, krb5_ccache cache, krb5_flags flags, 1256 krb5_creds *creds); 1257 1258 krb5_error_code KRB5_CALLCONV 1259 krb5_cc_set_flags (krb5_context context, krb5_ccache cache, krb5_flags flags); 1260 1261 const char * KRB5_CALLCONV 1262 krb5_cc_get_type (krb5_context context, krb5_ccache cache); 1263 1264 /* SUNW14resync - add_cred.c needs this func */ 1265 const char * KRB5_CALLCONV 1266 krb5_cc_get_name (krb5_context context, krb5_ccache cache); 1267 1268 /* 1269 * end "ccache.h" 1270 */ 1271 1272 /* 1273 * begin "rcache.h" 1274 */ 1275 1276 struct krb5_rc_st; 1277 typedef struct krb5_rc_st *krb5_rcache; 1278 1279 /* 1280 * end "rcache.h" 1281 */ 1282 1283 /* 1284 * begin "keytab.h" 1285 */ 1286 1287 1288 /* XXX */ 1289 #define MAX_KEYTAB_NAME_LEN 1100 /* Long enough for MAXPATHLEN + some extra */ 1290 1291 typedef krb5_pointer krb5_kt_cursor; /* XXX */ 1292 1293 typedef struct krb5_keytab_entry_st { 1294 krb5_magic magic; 1295 krb5_principal principal; /* principal of this key */ 1296 krb5_timestamp timestamp; /* time entry written to keytable */ 1297 krb5_kvno vno; /* key version number */ 1298 krb5_keyblock key; /* the secret key */ 1299 } krb5_keytab_entry; 1300 1301 #if KRB5_PRIVATE 1302 struct _krb5_kt_ops; 1303 typedef struct _krb5_kt { /* should move into k5-int.h */ 1304 krb5_magic magic; 1305 const struct _krb5_kt_ops *ops; 1306 krb5_pointer data; 1307 } *krb5_keytab; 1308 #else 1309 struct _krb5_kt; 1310 typedef struct _krb5_kt *krb5_keytab; 1311 #endif 1312 1313 char * KRB5_CALLCONV 1314 krb5_kt_get_type (krb5_context, krb5_keytab keytab); 1315 krb5_error_code KRB5_CALLCONV 1316 krb5_kt_get_name(krb5_context context, krb5_keytab keytab, char *name, 1317 unsigned int namelen); 1318 krb5_error_code KRB5_CALLCONV 1319 krb5_kt_close(krb5_context context, krb5_keytab keytab); 1320 krb5_error_code KRB5_CALLCONV 1321 krb5_kt_get_entry(krb5_context context, krb5_keytab keytab, 1322 krb5_const_principal principal, krb5_kvno vno, 1323 krb5_enctype enctype, krb5_keytab_entry *entry); 1324 krb5_error_code KRB5_CALLCONV 1325 krb5_kt_start_seq_get(krb5_context context, krb5_keytab keytab, 1326 krb5_kt_cursor *cursor); 1327 krb5_error_code KRB5_CALLCONV 1328 krb5_kt_next_entry(krb5_context context, krb5_keytab keytab, 1329 krb5_keytab_entry *entry, krb5_kt_cursor *cursor); 1330 krb5_error_code KRB5_CALLCONV 1331 krb5_kt_end_seq_get(krb5_context context, krb5_keytab keytab, 1332 krb5_kt_cursor *cursor); 1333 1334 /* 1335 * end "keytab.h" 1336 */ 1337 1338 /* 1339 * begin "func-proto.h" 1340 */ 1341 1342 /* Solaris Kerberos */ 1343 krb5_error_code krb5_init_ef_handle(krb5_context); 1344 krb5_error_code krb5_free_ef_handle(krb5_context); 1345 1346 krb5_boolean krb5_privacy_allowed(void); 1347 1348 /* 1349 * Solaris Kerberos: 1350 * krb5_copy_keyblock_data is a new routine to hide the details 1351 * of a keyblock copy operation. 1352 */ 1353 krb5_error_code KRB5_CALLCONV krb5_copy_keyblock_data 1354 (krb5_context, 1355 const krb5_keyblock *, 1356 krb5_keyblock *); 1357 1358 1359 1360 krb5_error_code KRB5_CALLCONV krb5_init_context 1361 (krb5_context *); 1362 krb5_error_code KRB5_CALLCONV krb5_init_secure_context 1363 (krb5_context *); 1364 void KRB5_CALLCONV krb5_free_context 1365 (krb5_context); 1366 1367 #if KRB5_PRIVATE 1368 krb5_error_code krb5_set_default_in_tkt_ktypes 1369 (krb5_context, 1370 const krb5_enctype *); 1371 krb5_error_code krb5_get_default_in_tkt_ktypes 1372 (krb5_context, 1373 krb5_enctype **); 1374 1375 krb5_error_code krb5_set_default_tgs_ktypes 1376 (krb5_context, 1377 const krb5_enctype *); 1378 #endif 1379 1380 krb5_error_code KRB5_CALLCONV 1381 krb5_set_default_tgs_enctypes 1382 (krb5_context, 1383 const krb5_enctype *); 1384 #if KRB5_PRIVATE 1385 krb5_error_code KRB5_CALLCONV krb5_get_tgs_ktypes 1386 (krb5_context, 1387 krb5_const_principal, 1388 krb5_enctype **); 1389 #endif 1390 1391 krb5_error_code KRB5_CALLCONV krb5_get_permitted_enctypes 1392 (krb5_context, krb5_enctype **); 1393 1394 #if KRB5_PRIVATE 1395 void KRB5_CALLCONV krb5_free_ktypes 1396 (krb5_context, krb5_enctype *); 1397 1398 krb5_boolean krb5_is_permitted_enctype 1399 (krb5_context, krb5_enctype); 1400 #endif 1401 1402 krb5_boolean KRB5_CALLCONV krb5_is_thread_safe(void); 1403 1404 /* libkrb.spec */ 1405 #if KRB5_PRIVATE 1406 krb5_error_code krb5_kdc_rep_decrypt_proc 1407 (krb5_context, 1408 const krb5_keyblock *, 1409 krb5_const_pointer, 1410 krb5_kdc_rep * ); 1411 krb5_error_code KRB5_CALLCONV krb5_decrypt_tkt_part 1412 (krb5_context, 1413 const krb5_keyblock *, 1414 krb5_ticket * ); 1415 krb5_error_code krb5_get_cred_from_kdc 1416 (krb5_context, 1417 krb5_ccache, /* not const, as reading may save 1418 state */ 1419 krb5_creds *, 1420 krb5_creds **, 1421 krb5_creds *** ); 1422 krb5_error_code krb5_get_cred_from_kdc_validate 1423 (krb5_context, 1424 krb5_ccache, /* not const, as reading may save 1425 state */ 1426 krb5_creds *, 1427 krb5_creds **, 1428 krb5_creds *** ); 1429 krb5_error_code krb5_get_cred_from_kdc_renew 1430 (krb5_context, 1431 krb5_ccache, /* not const, as reading may save 1432 state */ 1433 krb5_creds *, 1434 krb5_creds **, 1435 krb5_creds *** ); 1436 #endif 1437 1438 void KRB5_CALLCONV krb5_free_tgt_creds 1439 (krb5_context, 1440 krb5_creds **); /* XXX too hard to do with const */ 1441 1442 #define KRB5_GC_USER_USER 1 /* want user-user ticket */ 1443 #define KRB5_GC_CACHED 2 /* want cached ticket only */ 1444 1445 krb5_error_code KRB5_CALLCONV krb5_get_credentials 1446 (krb5_context, 1447 krb5_flags, 1448 krb5_ccache, 1449 krb5_creds *, 1450 krb5_creds **); 1451 krb5_error_code KRB5_CALLCONV krb5_get_credentials_validate 1452 (krb5_context, 1453 krb5_flags, 1454 krb5_ccache, 1455 krb5_creds *, 1456 krb5_creds **); 1457 krb5_error_code KRB5_CALLCONV krb5_get_credentials_renew 1458 (krb5_context, 1459 krb5_flags, 1460 krb5_ccache, 1461 krb5_creds *, 1462 krb5_creds **); 1463 #if KRB5_PRIVATE 1464 krb5_error_code krb5_get_cred_via_tkt 1465 (krb5_context, 1466 krb5_creds *, 1467 krb5_flags, 1468 krb5_address * const *, 1469 krb5_creds *, 1470 krb5_creds **); 1471 #endif 1472 krb5_error_code KRB5_CALLCONV krb5_mk_req 1473 (krb5_context, 1474 krb5_auth_context *, 1475 krb5_flags, 1476 char *, 1477 char *, 1478 krb5_data *, 1479 krb5_ccache, 1480 krb5_data * ); 1481 krb5_error_code KRB5_CALLCONV krb5_mk_req_extended 1482 (krb5_context, 1483 krb5_auth_context *, 1484 krb5_flags, 1485 krb5_data *, 1486 krb5_creds *, 1487 krb5_data * ); 1488 krb5_error_code KRB5_CALLCONV krb5_mk_rep 1489 (krb5_context, 1490 krb5_auth_context, 1491 krb5_data *); 1492 krb5_error_code KRB5_CALLCONV krb5_rd_rep 1493 (krb5_context, 1494 krb5_auth_context, 1495 const krb5_data *, 1496 krb5_ap_rep_enc_part **); 1497 krb5_error_code KRB5_CALLCONV krb5_mk_error 1498 (krb5_context, 1499 const krb5_error *, 1500 krb5_data * ); 1501 krb5_error_code KRB5_CALLCONV krb5_rd_error 1502 (krb5_context, 1503 const krb5_data *, 1504 krb5_error ** ); 1505 krb5_error_code KRB5_CALLCONV krb5_rd_safe 1506 (krb5_context, 1507 krb5_auth_context, 1508 const krb5_data *, 1509 krb5_data *, 1510 krb5_replay_data *); 1511 krb5_error_code KRB5_CALLCONV krb5_rd_priv 1512 (krb5_context, 1513 krb5_auth_context, 1514 const krb5_data *, 1515 krb5_data *, 1516 krb5_replay_data *); 1517 krb5_error_code KRB5_CALLCONV krb5_parse_name 1518 (krb5_context, 1519 const char *, 1520 krb5_principal * ); 1521 krb5_error_code KRB5_CALLCONV krb5_unparse_name 1522 (krb5_context, 1523 krb5_const_principal, 1524 char ** ); 1525 krb5_error_code KRB5_CALLCONV krb5_unparse_name_ext 1526 (krb5_context, 1527 krb5_const_principal, 1528 char **, 1529 unsigned int *); 1530 1531 krb5_error_code KRB5_CALLCONV krb5_set_principal_realm 1532 (krb5_context, krb5_principal, const char *); 1533 1534 krb5_boolean KRB5_CALLCONV_WRONG krb5_address_search 1535 (krb5_context, 1536 const krb5_address *, 1537 krb5_address * const *); 1538 krb5_boolean KRB5_CALLCONV krb5_address_compare 1539 (krb5_context, 1540 const krb5_address *, 1541 const krb5_address *); 1542 int KRB5_CALLCONV krb5_address_order 1543 (krb5_context, 1544 const krb5_address *, 1545 const krb5_address *); 1546 krb5_boolean KRB5_CALLCONV krb5_realm_compare 1547 (krb5_context, 1548 krb5_const_principal, 1549 krb5_const_principal); 1550 krb5_boolean KRB5_CALLCONV krb5_principal_compare 1551 (krb5_context, 1552 krb5_const_principal, 1553 krb5_const_principal); 1554 krb5_error_code KRB5_CALLCONV krb5_init_keyblock 1555 (krb5_context, krb5_enctype enctype, 1556 size_t length, krb5_keyblock **out); 1557 /* Initialize a new keyblock and allocate storage 1558 * for the contents of the key, which will be freed along 1559 * with the keyblock when krb5_free_keyblock is called. 1560 * It is legal to pass in a length of 0, in which 1561 * case contents are left unallocated. 1562 */ 1563 krb5_error_code KRB5_CALLCONV krb5_copy_keyblock 1564 (krb5_context, 1565 const krb5_keyblock *, 1566 krb5_keyblock **); 1567 krb5_error_code KRB5_CALLCONV krb5_copy_keyblock_contents 1568 (krb5_context, 1569 const krb5_keyblock *, 1570 krb5_keyblock *); 1571 krb5_error_code KRB5_CALLCONV krb5_copy_creds 1572 (krb5_context, 1573 const krb5_creds *, 1574 krb5_creds **); 1575 krb5_error_code KRB5_CALLCONV krb5_copy_data 1576 (krb5_context, 1577 const krb5_data *, 1578 krb5_data **); 1579 krb5_error_code KRB5_CALLCONV krb5_copy_principal 1580 (krb5_context, 1581 krb5_const_principal, 1582 krb5_principal *); 1583 #if KRB5_PRIVATE 1584 krb5_error_code KRB5_CALLCONV krb5_copy_addr 1585 (krb5_context, 1586 const krb5_address *, 1587 krb5_address **); 1588 #endif 1589 krb5_error_code KRB5_CALLCONV krb5_copy_addresses 1590 (krb5_context, 1591 krb5_address * const *, 1592 krb5_address ***); 1593 krb5_error_code KRB5_CALLCONV krb5_copy_ticket 1594 (krb5_context, 1595 const krb5_ticket *, 1596 krb5_ticket **); 1597 krb5_error_code KRB5_CALLCONV krb5_copy_authdata 1598 (krb5_context, 1599 krb5_authdata * const *, 1600 krb5_authdata ***); 1601 krb5_error_code KRB5_CALLCONV krb5_copy_authenticator 1602 (krb5_context, 1603 const krb5_authenticator *, 1604 krb5_authenticator **); 1605 krb5_error_code KRB5_CALLCONV krb5_copy_checksum 1606 (krb5_context, 1607 const krb5_checksum *, 1608 krb5_checksum **); 1609 #if KRB5_PRIVATE 1610 void krb5_init_ets 1611 (krb5_context); 1612 void krb5_free_ets 1613 (krb5_context); 1614 krb5_error_code krb5_generate_subkey 1615 (krb5_context, 1616 const krb5_keyblock *, krb5_keyblock **); 1617 krb5_error_code krb5_generate_seq_number 1618 (krb5_context, 1619 const krb5_keyblock *, krb5_ui_4 *); 1620 #endif 1621 krb5_error_code KRB5_CALLCONV krb5_get_server_rcache 1622 (krb5_context, 1623 const krb5_data *, krb5_rcache *); 1624 krb5_error_code KRB5_CALLCONV_C krb5_build_principal_ext 1625 (krb5_context, krb5_principal *, unsigned int, const char *, ...); 1626 krb5_error_code KRB5_CALLCONV_C krb5_build_principal 1627 (krb5_context, krb5_principal *, unsigned int, const char *, ...); 1628 #ifdef va_start 1629 /* XXX depending on varargs include file defining va_start... */ 1630 krb5_error_code KRB5_CALLCONV krb5_build_principal_va 1631 (krb5_context, 1632 krb5_principal, unsigned int, const char *, va_list); 1633 #endif 1634 1635 krb5_error_code KRB5_CALLCONV krb5_425_conv_principal 1636 (krb5_context, 1637 const char *name, 1638 const char *instance, const char *realm, 1639 krb5_principal *princ); 1640 1641 krb5_error_code KRB5_CALLCONV krb5_524_conv_principal 1642 (krb5_context context, krb5_const_principal princ, 1643 char *name, char *inst, char *realm); 1644 1645 struct credentials; 1646 int KRB5_CALLCONV krb5_524_convert_creds 1647 (krb5_context context, krb5_creds *v5creds, 1648 struct credentials *v4creds); 1649 #if KRB5_DEPRECATED 1650 #define krb524_convert_creds_kdc krb5_524_convert_creds 1651 #define krb524_init_ets(x) (0) 1652 #endif 1653 1654 /* libkt.spec */ 1655 #if KRB5_PRIVATE 1656 krb5_error_code KRB5_CALLCONV krb5_kt_register 1657 (krb5_context, 1658 const struct _krb5_kt_ops * ); 1659 #endif 1660 1661 krb5_error_code KRB5_CALLCONV krb5_kt_resolve 1662 (krb5_context, 1663 const char *, 1664 krb5_keytab * ); 1665 krb5_error_code KRB5_CALLCONV krb5_kt_default_name 1666 (krb5_context, 1667 char *, 1668 int ); 1669 krb5_error_code KRB5_CALLCONV krb5_kt_default 1670 (krb5_context, 1671 krb5_keytab * ); 1672 krb5_error_code KRB5_CALLCONV krb5_free_keytab_entry_contents 1673 (krb5_context, 1674 krb5_keytab_entry * ); 1675 #if KRB5_PRIVATE 1676 /* use krb5_free_keytab_entry_contents instead */ 1677 krb5_error_code KRB5_CALLCONV krb5_kt_free_entry 1678 (krb5_context, 1679 krb5_keytab_entry * ); 1680 #endif 1681 /* remove and add are functions, so that they can return NOWRITE 1682 if not a writable keytab */ 1683 krb5_error_code KRB5_CALLCONV krb5_kt_remove_entry 1684 (krb5_context, 1685 krb5_keytab, 1686 krb5_keytab_entry * ); 1687 krb5_error_code KRB5_CALLCONV krb5_kt_add_entry 1688 (krb5_context, 1689 krb5_keytab, 1690 krb5_keytab_entry * ); 1691 krb5_error_code KRB5_CALLCONV_WRONG krb5_principal2salt 1692 (krb5_context, 1693 krb5_const_principal, krb5_data *); 1694 #if KRB5_PRIVATE 1695 krb5_error_code krb5_principal2salt_norealm 1696 (krb5_context, 1697 krb5_const_principal, krb5_data *); 1698 #endif 1699 /* librc.spec--see rcache.h */ 1700 1701 /* libcc.spec */ 1702 krb5_error_code KRB5_CALLCONV krb5_cc_resolve 1703 (krb5_context, 1704 const char *, 1705 krb5_ccache * ); 1706 const char * KRB5_CALLCONV krb5_cc_default_name 1707 (krb5_context); 1708 krb5_error_code KRB5_CALLCONV krb5_cc_set_default_name 1709 (krb5_context, const char *); 1710 krb5_error_code KRB5_CALLCONV krb5_cc_default 1711 (krb5_context, 1712 krb5_ccache *); 1713 #if KRB5_PRIVATE 1714 unsigned int KRB5_CALLCONV krb5_get_notification_message 1715 (void); 1716 #endif 1717 1718 krb5_error_code KRB5_CALLCONV krb5_cc_copy_creds 1719 (krb5_context context, 1720 krb5_ccache incc, 1721 krb5_ccache outcc); 1722 1723 1724 /* chk_trans.c */ 1725 #if KRB5_PRIVATE 1726 krb5_error_code krb5_check_transited_list 1727 (krb5_context, const krb5_data *trans, 1728 const krb5_data *realm1, const krb5_data *realm2); 1729 #endif 1730 1731 /* free_rtree.c */ 1732 #if KRB5_PRIVATE 1733 void krb5_free_realm_tree 1734 (krb5_context, 1735 krb5_principal *); 1736 #endif 1737 1738 /* krb5_free.c */ 1739 void KRB5_CALLCONV krb5_free_principal 1740 (krb5_context, krb5_principal ); 1741 void KRB5_CALLCONV krb5_free_authenticator 1742 (krb5_context, krb5_authenticator * ); 1743 #if KRB5_PRIVATE 1744 void KRB5_CALLCONV krb5_free_authenticator_contents 1745 (krb5_context, krb5_authenticator * ); 1746 #endif 1747 void KRB5_CALLCONV krb5_free_addresses 1748 (krb5_context, krb5_address ** ); 1749 #if KRB5_PRIVATE 1750 void KRB5_CALLCONV krb5_free_address 1751 (krb5_context, krb5_address * ); 1752 #endif 1753 void KRB5_CALLCONV krb5_free_authdata 1754 (krb5_context, krb5_authdata ** ); 1755 #if KRB5_PRIVATE 1756 void KRB5_CALLCONV krb5_free_enc_tkt_part 1757 (krb5_context, krb5_enc_tkt_part * ); 1758 #endif 1759 void KRB5_CALLCONV krb5_free_ticket 1760 (krb5_context, krb5_ticket * ); 1761 #if KRB5_PRIVATE 1762 void KRB5_CALLCONV krb5_free_tickets 1763 (krb5_context, krb5_ticket ** ); 1764 void KRB5_CALLCONV krb5_free_kdc_req 1765 (krb5_context, krb5_kdc_req * ); 1766 void KRB5_CALLCONV krb5_free_kdc_rep 1767 (krb5_context, krb5_kdc_rep * ); 1768 void KRB5_CALLCONV krb5_free_last_req 1769 (krb5_context, krb5_last_req_entry ** ); 1770 void KRB5_CALLCONV krb5_free_enc_kdc_rep_part 1771 (krb5_context, krb5_enc_kdc_rep_part * ); 1772 #endif 1773 void KRB5_CALLCONV krb5_free_error 1774 (krb5_context, krb5_error * ); 1775 #if KRB5_PRIVATE 1776 void KRB5_CALLCONV krb5_free_ap_req 1777 (krb5_context, krb5_ap_req * ); 1778 void KRB5_CALLCONV krb5_free_ap_rep 1779 (krb5_context, krb5_ap_rep * ); 1780 void KRB5_CALLCONV krb5_free_cred 1781 (krb5_context, krb5_cred *); 1782 #endif 1783 void KRB5_CALLCONV krb5_free_creds 1784 (krb5_context, krb5_creds *); 1785 void KRB5_CALLCONV krb5_free_cred_contents 1786 (krb5_context, krb5_creds *); 1787 #if KRB5_PRIVATE 1788 void KRB5_CALLCONV krb5_free_cred_enc_part 1789 (krb5_context, krb5_cred_enc_part *); 1790 #endif 1791 void KRB5_CALLCONV krb5_free_checksum 1792 (krb5_context, krb5_checksum *); 1793 void KRB5_CALLCONV krb5_free_checksum_contents 1794 (krb5_context, krb5_checksum *); 1795 void KRB5_CALLCONV krb5_free_keyblock 1796 (krb5_context, krb5_keyblock *); 1797 void KRB5_CALLCONV krb5_free_keyblock_contents 1798 (krb5_context, krb5_keyblock *); 1799 #if KRB5_PRIVATE 1800 void KRB5_CALLCONV krb5_free_pa_data 1801 (krb5_context, krb5_pa_data **); 1802 #endif 1803 void KRB5_CALLCONV krb5_free_ap_rep_enc_part 1804 (krb5_context, krb5_ap_rep_enc_part *); 1805 #if KRB5_PRIVATE 1806 void KRB5_CALLCONV krb5_free_tkt_authent 1807 (krb5_context, krb5_tkt_authent *); 1808 void KRB5_CALLCONV krb5_free_pwd_data 1809 (krb5_context, krb5_pwd_data *); 1810 void KRB5_CALLCONV krb5_free_pwd_sequences 1811 (krb5_context, passwd_phrase_element **); 1812 #endif 1813 void KRB5_CALLCONV krb5_free_data 1814 (krb5_context, krb5_data *); 1815 void KRB5_CALLCONV krb5_free_data_contents 1816 (krb5_context, krb5_data *); 1817 void KRB5_CALLCONV krb5_free_unparsed_name 1818 (krb5_context, char *); 1819 void KRB5_CALLCONV krb5_free_cksumtypes 1820 (krb5_context, krb5_cksumtype *); 1821 1822 /* From krb5/os but needed but by the outside world */ 1823 krb5_error_code KRB5_CALLCONV krb5_us_timeofday 1824 (krb5_context, 1825 krb5_int32 *, 1826 krb5_int32 * ); 1827 krb5_error_code KRB5_CALLCONV krb5_timeofday 1828 (krb5_context, 1829 krb5_int32 * ); 1830 /* get all the addresses of this host */ 1831 krb5_error_code KRB5_CALLCONV krb5_os_localaddr 1832 (krb5_context, 1833 krb5_address ***); 1834 krb5_error_code KRB5_CALLCONV krb5_get_default_realm 1835 (krb5_context, 1836 char ** ); 1837 krb5_error_code KRB5_CALLCONV krb5_set_default_realm 1838 (krb5_context, 1839 const char * ); 1840 void KRB5_CALLCONV krb5_free_default_realm 1841 (krb5_context, 1842 char * ); 1843 krb5_error_code KRB5_CALLCONV krb5_sname_to_principal 1844 (krb5_context, 1845 const char *, 1846 const char *, 1847 krb5_int32, 1848 krb5_principal *); 1849 krb5_error_code KRB5_CALLCONV 1850 krb5_change_password 1851 (krb5_context context, krb5_creds *creds, char *newpw, 1852 int *result_code, krb5_data *result_code_string, 1853 krb5_data *result_string); 1854 krb5_error_code KRB5_CALLCONV 1855 krb5_set_password 1856 (krb5_context context, krb5_creds *creds, char *newpw, krb5_principal change_password_for, 1857 int *result_code, krb5_data *result_code_string, krb5_data *result_string); 1858 krb5_error_code KRB5_CALLCONV 1859 krb5_set_password_using_ccache 1860 (krb5_context context, krb5_ccache ccache, char *newpw, krb5_principal change_password_for, 1861 int *result_code, krb5_data *result_code_string, krb5_data *result_string); 1862 1863 #if KRB5_PRIVATE 1864 krb5_error_code krb5_set_config_files 1865 (krb5_context, const char **); 1866 1867 krb5_error_code KRB5_CALLCONV krb5_get_default_config_files 1868 (char ***filenames); 1869 1870 void KRB5_CALLCONV krb5_free_config_files 1871 (char **filenames); 1872 #endif 1873 1874 krb5_error_code KRB5_CALLCONV 1875 krb5_get_profile 1876 (krb5_context, struct _profile_t * /* profile_t */ *); 1877 1878 #if KRB5_PRIVATE 1879 krb5_error_code krb5_send_tgs 1880 (krb5_context, 1881 krb5_flags, 1882 const krb5_ticket_times *, 1883 const krb5_enctype *, 1884 krb5_const_principal, 1885 krb5_address * const *, 1886 krb5_authdata * const *, 1887 krb5_pa_data * const *, 1888 const krb5_data *, 1889 krb5_creds *, 1890 krb5_response * ); 1891 #endif 1892 1893 #if KRB5_DEPRECATED 1894 krb5_error_code KRB5_CALLCONV krb5_get_in_tkt 1895 (krb5_context, 1896 krb5_flags, 1897 krb5_address * const *, 1898 krb5_enctype *, 1899 krb5_preauthtype *, 1900 krb5_error_code ( * )(krb5_context, 1901 krb5_enctype, 1902 krb5_data *, 1903 krb5_const_pointer, 1904 krb5_keyblock **), 1905 krb5_const_pointer, 1906 krb5_error_code ( * )(krb5_context, 1907 const krb5_keyblock *, 1908 krb5_const_pointer, 1909 krb5_kdc_rep * ), 1910 krb5_const_pointer, 1911 krb5_creds *, 1912 krb5_ccache, 1913 krb5_kdc_rep ** ); 1914 1915 krb5_error_code KRB5_CALLCONV krb5_get_in_tkt_with_password 1916 (krb5_context, 1917 krb5_flags, 1918 krb5_address * const *, 1919 krb5_enctype *, 1920 krb5_preauthtype *, 1921 const char *, 1922 krb5_ccache, 1923 krb5_creds *, 1924 krb5_kdc_rep ** ); 1925 1926 krb5_error_code KRB5_CALLCONV krb5_get_in_tkt_with_skey 1927 (krb5_context, 1928 krb5_flags, 1929 krb5_address * const *, 1930 krb5_enctype *, 1931 krb5_preauthtype *, 1932 const krb5_keyblock *, 1933 krb5_ccache, 1934 krb5_creds *, 1935 krb5_kdc_rep ** ); 1936 1937 krb5_error_code KRB5_CALLCONV krb5_get_in_tkt_with_keytab 1938 (krb5_context, 1939 krb5_flags, 1940 krb5_address * const *, 1941 krb5_enctype *, 1942 krb5_preauthtype *, 1943 krb5_keytab, 1944 krb5_ccache, 1945 krb5_creds *, 1946 krb5_kdc_rep ** ); 1947 #endif /* KRB5_DEPRECATED */ 1948 1949 #if KRB5_PRIVATE 1950 krb5_error_code krb5_decode_kdc_rep 1951 (krb5_context, 1952 krb5_data *, 1953 const krb5_keyblock *, 1954 krb5_kdc_rep ** ); 1955 #endif 1956 1957 krb5_error_code KRB5_CALLCONV krb5_rd_req 1958 (krb5_context, 1959 krb5_auth_context *, 1960 const krb5_data *, 1961 krb5_const_principal, 1962 krb5_keytab, 1963 krb5_flags *, 1964 krb5_ticket **); 1965 1966 #if KRB5_PRIVATE 1967 krb5_error_code krb5_rd_req_decoded 1968 (krb5_context, 1969 krb5_auth_context *, 1970 const krb5_ap_req *, 1971 krb5_const_principal, 1972 krb5_keytab, 1973 krb5_flags *, 1974 krb5_ticket **); 1975 1976 krb5_error_code krb5_rd_req_decoded_anyflag 1977 (krb5_context, 1978 krb5_auth_context *, 1979 const krb5_ap_req *, 1980 krb5_const_principal, 1981 krb5_keytab, 1982 krb5_flags *, 1983 krb5_ticket **); 1984 #endif 1985 1986 krb5_error_code KRB5_CALLCONV krb5_kt_read_service_key 1987 (krb5_context, 1988 krb5_pointer, 1989 krb5_principal, 1990 krb5_kvno, 1991 krb5_enctype, 1992 krb5_keyblock **); 1993 krb5_error_code KRB5_CALLCONV krb5_mk_safe 1994 (krb5_context, 1995 krb5_auth_context, 1996 const krb5_data *, 1997 krb5_data *, 1998 krb5_replay_data *); 1999 krb5_error_code KRB5_CALLCONV krb5_mk_priv 2000 (krb5_context, 2001 krb5_auth_context, 2002 const krb5_data *, 2003 krb5_data *, 2004 krb5_replay_data *); 2005 #if KRB5_PRIVATE 2006 krb5_error_code KRB5_CALLCONV krb5_cc_register 2007 (krb5_context, 2008 krb5_cc_ops *, 2009 krb5_boolean ); 2010 #endif 2011 2012 krb5_error_code KRB5_CALLCONV krb5_sendauth 2013 (krb5_context, 2014 krb5_auth_context *, 2015 krb5_pointer, 2016 char *, 2017 krb5_principal, 2018 krb5_principal, 2019 krb5_flags, 2020 krb5_data *, 2021 krb5_creds *, 2022 krb5_ccache, 2023 krb5_error **, 2024 krb5_ap_rep_enc_part **, 2025 krb5_creds **); 2026 2027 krb5_error_code KRB5_CALLCONV krb5_recvauth 2028 (krb5_context, 2029 krb5_auth_context *, 2030 krb5_pointer, 2031 char *, 2032 krb5_principal, 2033 krb5_int32, 2034 krb5_keytab, 2035 krb5_ticket **); 2036 krb5_error_code KRB5_CALLCONV krb5_recvauth_version 2037 (krb5_context, 2038 krb5_auth_context *, 2039 krb5_pointer, 2040 krb5_principal, 2041 krb5_int32, 2042 krb5_keytab, 2043 krb5_ticket **, 2044 krb5_data *); 2045 2046 #if KRB5_PRIVATE 2047 krb5_error_code krb5_walk_realm_tree 2048 (krb5_context, 2049 const krb5_data *, 2050 const krb5_data *, 2051 krb5_principal **, 2052 int); 2053 #endif 2054 2055 krb5_error_code KRB5_CALLCONV krb5_mk_ncred 2056 (krb5_context, 2057 krb5_auth_context, 2058 krb5_creds **, 2059 krb5_data **, 2060 krb5_replay_data *); 2061 2062 krb5_error_code KRB5_CALLCONV krb5_mk_1cred 2063 (krb5_context, 2064 krb5_auth_context, 2065 krb5_creds *, 2066 krb5_data **, 2067 krb5_replay_data *); 2068 2069 krb5_error_code KRB5_CALLCONV krb5_rd_cred 2070 (krb5_context, 2071 krb5_auth_context, 2072 krb5_data *, 2073 krb5_creds ***, 2074 krb5_replay_data *); 2075 2076 krb5_error_code KRB5_CALLCONV krb5_fwd_tgt_creds 2077 (krb5_context, 2078 krb5_auth_context, 2079 char *, 2080 krb5_principal, 2081 krb5_principal, 2082 krb5_ccache, 2083 int forwardable, 2084 krb5_data *); 2085 2086 krb5_error_code KRB5_CALLCONV krb5_auth_con_init 2087 (krb5_context, 2088 krb5_auth_context *); 2089 2090 krb5_error_code KRB5_CALLCONV krb5_auth_con_free 2091 (krb5_context, 2092 krb5_auth_context); 2093 2094 krb5_error_code KRB5_CALLCONV krb5_auth_con_setflags 2095 (krb5_context, 2096 krb5_auth_context, 2097 krb5_int32); 2098 2099 krb5_error_code KRB5_CALLCONV krb5_auth_con_getflags 2100 (krb5_context, 2101 krb5_auth_context, 2102 krb5_int32 *); 2103 2104 krb5_error_code KRB5_CALLCONV 2105 krb5_auth_con_set_checksum_func (krb5_context, krb5_auth_context, 2106 krb5_mk_req_checksum_func, void *); 2107 2108 krb5_error_code KRB5_CALLCONV 2109 krb5_auth_con_get_checksum_func( krb5_context, krb5_auth_context, 2110 krb5_mk_req_checksum_func *, void **); 2111 2112 krb5_error_code KRB5_CALLCONV_WRONG krb5_auth_con_setaddrs 2113 (krb5_context, 2114 krb5_auth_context, 2115 krb5_address *, 2116 krb5_address *); 2117 2118 krb5_error_code KRB5_CALLCONV krb5_auth_con_getaddrs 2119 (krb5_context, 2120 krb5_auth_context, 2121 krb5_address **, 2122 krb5_address **); 2123 2124 krb5_error_code KRB5_CALLCONV krb5_auth_con_setports 2125 (krb5_context, 2126 krb5_auth_context, 2127 krb5_address *, 2128 krb5_address *); 2129 2130 krb5_error_code KRB5_CALLCONV krb5_auth_con_setuseruserkey 2131 (krb5_context, 2132 krb5_auth_context, 2133 krb5_keyblock *); 2134 2135 krb5_error_code KRB5_CALLCONV krb5_auth_con_getkey 2136 (krb5_context, 2137 krb5_auth_context, 2138 krb5_keyblock **); 2139 2140 krb5_error_code KRB5_CALLCONV krb5_auth_con_getsendsubkey( 2141 krb5_context, krb5_auth_context, krb5_keyblock **); 2142 2143 krb5_error_code KRB5_CALLCONV krb5_auth_con_getrecvsubkey( 2144 krb5_context, krb5_auth_context, krb5_keyblock **); 2145 2146 krb5_error_code KRB5_CALLCONV krb5_auth_con_setsendsubkey( 2147 krb5_context, krb5_auth_context, krb5_keyblock *); 2148 2149 krb5_error_code KRB5_CALLCONV krb5_auth_con_setrecvsubkey( 2150 krb5_context, krb5_auth_context, krb5_keyblock *); 2151 2152 #if KRB5_DEPRECATED 2153 krb5_error_code KRB5_CALLCONV krb5_auth_con_getlocalsubkey 2154 (krb5_context, 2155 krb5_auth_context, 2156 krb5_keyblock **); 2157 2158 krb5_error_code KRB5_CALLCONV krb5_auth_con_getremotesubkey 2159 (krb5_context, 2160 krb5_auth_context, 2161 krb5_keyblock **); 2162 #endif 2163 2164 #if KRB5_PRIVATE 2165 krb5_error_code KRB5_CALLCONV krb5_auth_con_set_req_cksumtype 2166 (krb5_context, 2167 krb5_auth_context, 2168 krb5_cksumtype); 2169 2170 krb5_error_code krb5_auth_con_set_safe_cksumtype 2171 (krb5_context, 2172 krb5_auth_context, 2173 krb5_cksumtype); 2174 #endif 2175 2176 krb5_error_code KRB5_CALLCONV krb5_auth_con_getlocalseqnumber 2177 (krb5_context, 2178 krb5_auth_context, 2179 krb5_int32 *); 2180 2181 krb5_error_code KRB5_CALLCONV krb5_auth_con_getremoteseqnumber 2182 (krb5_context, 2183 krb5_auth_context, 2184 krb5_int32 *); 2185 2186 #if KRB5_DEPRECATED 2187 krb5_error_code KRB5_CALLCONV krb5_auth_con_initivector 2188 (krb5_context, 2189 krb5_auth_context); 2190 #endif 2191 2192 #if KRB5_PRIVATE 2193 krb5_error_code krb5_auth_con_setivector 2194 (krb5_context, 2195 krb5_auth_context, 2196 krb5_pointer); 2197 2198 krb5_error_code krb5_auth_con_getivector 2199 (krb5_context, 2200 krb5_auth_context, 2201 krb5_pointer *); 2202 #endif 2203 2204 krb5_error_code KRB5_CALLCONV krb5_auth_con_setrcache 2205 (krb5_context, 2206 krb5_auth_context, 2207 krb5_rcache); 2208 2209 krb5_error_code KRB5_CALLCONV_WRONG krb5_auth_con_getrcache 2210 (krb5_context, 2211 krb5_auth_context, 2212 krb5_rcache *); 2213 2214 #if KRB5_PRIVATE 2215 krb5_error_code krb5_auth_con_setpermetypes 2216 (krb5_context, 2217 krb5_auth_context, 2218 const krb5_enctype *); 2219 2220 krb5_error_code krb5_auth_con_getpermetypes 2221 (krb5_context, 2222 krb5_auth_context, 2223 krb5_enctype **); 2224 #endif 2225 2226 krb5_error_code KRB5_CALLCONV krb5_auth_con_getauthenticator 2227 (krb5_context, 2228 krb5_auth_context, 2229 krb5_authenticator **); 2230 2231 #define KRB5_REALM_BRANCH_CHAR '.' 2232 2233 /* 2234 * end "func-proto.h" 2235 */ 2236 2237 /* 2238 * begin stuff from libos.h 2239 */ 2240 2241 2242 #if KRB5_PRIVATE 2243 krb5_error_code krb5_read_message (krb5_context, krb5_pointer, krb5_data *); 2244 krb5_error_code krb5_write_message (krb5_context, krb5_pointer, krb5_data *); 2245 int krb5_net_read (krb5_context, int , char *, int); 2246 int krb5_net_write (krb5_context, int , const char *, int); 2247 #endif 2248 2249 krb5_error_code KRB5_CALLCONV krb5_read_password 2250 (krb5_context, 2251 const char *, 2252 const char *, 2253 char *, 2254 unsigned int * ); 2255 krb5_error_code KRB5_CALLCONV krb5_aname_to_localname 2256 (krb5_context, 2257 krb5_const_principal, 2258 int, 2259 char * ); 2260 krb5_error_code KRB5_CALLCONV krb5_get_host_realm 2261 (krb5_context, 2262 const char *, 2263 char *** ); 2264 krb5_error_code KRB5_CALLCONV krb5_free_host_realm 2265 (krb5_context, 2266 char * const * ); 2267 #if KRB5_PRIVATE 2268 krb5_error_code KRB5_CALLCONV krb5_get_realm_domain 2269 (krb5_context, 2270 const char *, 2271 char ** ); 2272 #endif 2273 krb5_boolean KRB5_CALLCONV krb5_kuserok 2274 (krb5_context, 2275 krb5_principal, const char *); 2276 krb5_error_code KRB5_CALLCONV krb5_auth_con_genaddrs 2277 (krb5_context, 2278 krb5_auth_context, 2279 int, int); 2280 #if KRB5_PRIVATE 2281 krb5_error_code krb5_gen_portaddr 2282 (krb5_context, 2283 const krb5_address *, 2284 krb5_const_pointer, 2285 krb5_address **); 2286 krb5_error_code krb5_gen_replay_name 2287 (krb5_context, 2288 const krb5_address *, 2289 const char *, 2290 char **); 2291 krb5_error_code krb5_make_fulladdr 2292 (krb5_context, 2293 krb5_address *, 2294 krb5_address *, 2295 krb5_address *); 2296 #endif 2297 2298 krb5_error_code KRB5_CALLCONV krb5_set_real_time 2299 (krb5_context, krb5_int32, krb5_int32); 2300 2301 #if KRB5_PRIVATE 2302 krb5_error_code krb5_set_debugging_time 2303 (krb5_context, krb5_int32, krb5_int32); 2304 krb5_error_code krb5_use_natural_time 2305 (krb5_context); 2306 #endif 2307 krb5_error_code KRB5_CALLCONV krb5_get_time_offsets 2308 (krb5_context, krb5_int32 *, krb5_int32 *); 2309 #if KRB5_PRIVATE 2310 krb5_error_code krb5_set_time_offsets 2311 (krb5_context, krb5_int32, krb5_int32); 2312 #endif 2313 2314 /* str_conv.c */ 2315 krb5_error_code KRB5_CALLCONV krb5_string_to_enctype 2316 (char *, krb5_enctype *); 2317 krb5_error_code KRB5_CALLCONV krb5_string_to_salttype 2318 (char *, krb5_int32 *); 2319 krb5_error_code KRB5_CALLCONV krb5_string_to_cksumtype 2320 (char *, krb5_cksumtype *); 2321 krb5_error_code KRB5_CALLCONV krb5_string_to_timestamp 2322 (char *, krb5_timestamp *); 2323 krb5_error_code KRB5_CALLCONV krb5_string_to_deltat 2324 (char *, krb5_deltat *); 2325 krb5_error_code KRB5_CALLCONV krb5_enctype_to_string 2326 (krb5_enctype, char *, size_t); 2327 krb5_error_code KRB5_CALLCONV krb5_salttype_to_string 2328 (krb5_int32, char *, size_t); 2329 krb5_error_code KRB5_CALLCONV krb5_cksumtype_to_string 2330 (krb5_cksumtype, char *, size_t); 2331 krb5_error_code KRB5_CALLCONV krb5_timestamp_to_string 2332 (krb5_timestamp, char *, size_t); 2333 krb5_error_code KRB5_CALLCONV krb5_timestamp_to_sfstring 2334 (krb5_timestamp, char *, size_t, char *); 2335 krb5_error_code KRB5_CALLCONV krb5_deltat_to_string 2336 (krb5_deltat, char *, size_t); 2337 2338 2339 /* 2340 * end stuff from libos.h 2341 */ 2342 2343 /* 2344 * begin "k5-free.h" 2345 */ 2346 2347 /* to keep lint happy */ 2348 #ifdef _KERNEL 2349 #define krb5_xfree_wrap(val,n) kmem_free((char *)(val),n) 2350 #else 2351 #define krb5_xfree_wrap(val,n) free((char *)(val)) 2352 #define krb5_xfree(val) free((char *)(val)) 2353 #endif 2354 2355 /* 2356 * end "k5-free.h" 2357 */ 2358 2359 /* The name of the Kerberos ticket granting service... and its size */ 2360 #define KRB5_TGS_NAME "krbtgt" 2361 #define KRB5_TGS_NAME_SIZE 6 2362 2363 /* flags for recvauth */ 2364 #define KRB5_RECVAUTH_SKIP_VERSION 0x0001 2365 #define KRB5_RECVAUTH_BADAUTHVERS 0x0002 2366 2367 /* initial ticket api functions */ 2368 2369 typedef struct _krb5_prompt { 2370 char *prompt; 2371 int hidden; 2372 krb5_data *reply; 2373 } krb5_prompt; 2374 2375 typedef krb5_error_code (KRB5_CALLCONV *krb5_prompter_fct)(krb5_context context, 2376 void *data, 2377 const char *name, 2378 const char *banner, 2379 int num_prompts, 2380 krb5_prompt prompts[]); 2381 2382 2383 krb5_error_code KRB5_CALLCONV 2384 krb5_prompter_posix 2385 (krb5_context context, 2386 void *data, 2387 const char *name, 2388 const char *banner, 2389 int num_prompts, 2390 krb5_prompt prompts[]); 2391 2392 typedef struct _krb5_get_init_creds_opt { 2393 krb5_flags flags; 2394 krb5_deltat tkt_life; 2395 krb5_deltat renew_life; 2396 int forwardable; 2397 int proxiable; 2398 krb5_enctype *etype_list; 2399 int etype_list_length; 2400 krb5_address **address_list; 2401 krb5_preauthtype *preauth_list; 2402 int preauth_list_length; 2403 krb5_data *salt; 2404 } krb5_get_init_creds_opt; 2405 2406 #define KRB5_GET_INIT_CREDS_OPT_TKT_LIFE 0x0001 2407 #define KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE 0x0002 2408 #define KRB5_GET_INIT_CREDS_OPT_FORWARDABLE 0x0004 2409 #define KRB5_GET_INIT_CREDS_OPT_PROXIABLE 0x0008 2410 #define KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST 0x0010 2411 #define KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST 0x0020 2412 #define KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST 0x0040 2413 #define KRB5_GET_INIT_CREDS_OPT_SALT 0x0080 2414 2415 void KRB5_CALLCONV 2416 krb5_get_init_creds_opt_init 2417 (krb5_get_init_creds_opt *opt); 2418 2419 void KRB5_CALLCONV 2420 krb5_get_init_creds_opt_set_tkt_life 2421 (krb5_get_init_creds_opt *opt, 2422 krb5_deltat tkt_life); 2423 2424 void KRB5_CALLCONV 2425 krb5_get_init_creds_opt_set_renew_life 2426 (krb5_get_init_creds_opt *opt, 2427 krb5_deltat renew_life); 2428 2429 void KRB5_CALLCONV 2430 krb5_get_init_creds_opt_set_forwardable 2431 (krb5_get_init_creds_opt *opt, 2432 int forwardable); 2433 2434 void KRB5_CALLCONV 2435 krb5_get_init_creds_opt_set_proxiable 2436 (krb5_get_init_creds_opt *opt, 2437 int proxiable); 2438 2439 void KRB5_CALLCONV 2440 krb5_get_init_creds_opt_set_etype_list 2441 (krb5_get_init_creds_opt *opt, 2442 krb5_enctype *etype_list, 2443 int etype_list_length); 2444 2445 void KRB5_CALLCONV 2446 krb5_get_init_creds_opt_set_address_list 2447 (krb5_get_init_creds_opt *opt, 2448 krb5_address **addresses); 2449 2450 void KRB5_CALLCONV 2451 krb5_get_init_creds_opt_set_preauth_list 2452 (krb5_get_init_creds_opt *opt, 2453 krb5_preauthtype *preauth_list, 2454 int preauth_list_length); 2455 2456 void KRB5_CALLCONV 2457 krb5_get_init_creds_opt_set_salt 2458 (krb5_get_init_creds_opt *opt, 2459 krb5_data *salt); 2460 2461 2462 2463 krb5_error_code KRB5_CALLCONV 2464 krb5_get_init_creds_password 2465 (krb5_context context, 2466 krb5_creds *creds, 2467 krb5_principal client, 2468 char *password, 2469 krb5_prompter_fct prompter, 2470 void *data, 2471 krb5_deltat start_time, 2472 char *in_tkt_service, 2473 krb5_get_init_creds_opt *k5_gic_options); 2474 2475 krb5_error_code KRB5_CALLCONV 2476 krb5_get_init_creds_keytab 2477 (krb5_context context, 2478 krb5_creds *creds, 2479 krb5_principal client, 2480 krb5_keytab arg_keytab, 2481 krb5_deltat start_time, 2482 char *in_tkt_service, 2483 krb5_get_init_creds_opt *k5_gic_options); 2484 2485 typedef struct _krb5_verify_init_creds_opt { 2486 krb5_flags flags; 2487 int ap_req_nofail; 2488 } krb5_verify_init_creds_opt; 2489 2490 #define KRB5_VERIFY_INIT_CREDS_OPT_AP_REQ_NOFAIL 0x0001 2491 2492 void KRB5_CALLCONV 2493 krb5_verify_init_creds_opt_init 2494 (krb5_verify_init_creds_opt *k5_vic_options); 2495 void KRB5_CALLCONV 2496 krb5_verify_init_creds_opt_set_ap_req_nofail 2497 (krb5_verify_init_creds_opt *k5_vic_options, 2498 int ap_req_nofail); 2499 2500 krb5_error_code KRB5_CALLCONV 2501 krb5_verify_init_creds 2502 (krb5_context context, 2503 krb5_creds *creds, 2504 krb5_principal ap_req_server, 2505 krb5_keytab ap_req_keytab, 2506 krb5_ccache *ccache, 2507 krb5_verify_init_creds_opt *k5_vic_options); 2508 2509 krb5_error_code KRB5_CALLCONV 2510 krb5_get_validated_creds 2511 (krb5_context context, 2512 krb5_creds *creds, 2513 krb5_principal client, 2514 krb5_ccache ccache, 2515 char *in_tkt_service); 2516 2517 krb5_error_code KRB5_CALLCONV 2518 krb5_get_renewed_creds 2519 (krb5_context context, 2520 krb5_creds *creds, 2521 krb5_principal client, 2522 krb5_ccache ccache, 2523 char *in_tkt_service); 2524 2525 krb5_error_code KRB5_CALLCONV 2526 krb5_decode_ticket 2527 (const krb5_data *code, 2528 krb5_ticket **rep); 2529 2530 void KRB5_CALLCONV 2531 krb5_appdefault_string 2532 (krb5_context context, 2533 const char *appname, 2534 const krb5_data *realm, 2535 const char *option, 2536 const char *default_value, 2537 char ** ret_value); 2538 2539 void KRB5_CALLCONV 2540 krb5_appdefault_boolean 2541 (krb5_context context, 2542 const char *appname, 2543 const krb5_data *realm, 2544 const char *option, 2545 int default_value, 2546 int *ret_value); 2547 2548 #if KRB5_PRIVATE 2549 /* 2550 * The realm iterator functions 2551 */ 2552 2553 krb5_error_code KRB5_CALLCONV krb5_realm_iterator_create 2554 (krb5_context context, void **iter_p); 2555 2556 krb5_error_code KRB5_CALLCONV krb5_realm_iterator 2557 (krb5_context context, void **iter_p, char **ret_realm); 2558 2559 void KRB5_CALLCONV krb5_realm_iterator_free 2560 (krb5_context context, void **iter_p); 2561 2562 void KRB5_CALLCONV krb5_free_realm_string 2563 (krb5_context context, char *str); 2564 #endif 2565 2566 /* 2567 * The realm iterator functions 2568 */ 2569 2570 krb5_error_code KRB5_CALLCONV krb5_realm_iterator_create 2571 (krb5_context context, void **iter_p); 2572 2573 krb5_error_code KRB5_CALLCONV krb5_realm_iterator 2574 (krb5_context context, void **iter_p, char **ret_realm); 2575 2576 void KRB5_CALLCONV krb5_realm_iterator_free 2577 (krb5_context context, void **iter_p); 2578 2579 void KRB5_CALLCONV krb5_free_realm_string 2580 (krb5_context context, char *str); 2581 2582 /* 2583 * Prompter enhancements 2584 */ 2585 2586 #define KRB5_PROMPT_TYPE_PASSWORD 0x1 2587 #define KRB5_PROMPT_TYPE_NEW_PASSWORD 0x2 2588 #define KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN 0x3 2589 #define KRB5_PROMPT_TYPE_PREAUTH 0x4 2590 2591 typedef krb5_int32 krb5_prompt_type; 2592 2593 krb5_prompt_type* KRB5_CALLCONV krb5_get_prompt_types 2594 (krb5_context context); 2595 2596 #if TARGET_OS_MAC 2597 # pragma options align=reset 2598 #endif /* KRB5INT_END_DECLS */ 2599 2600 /* Don't use this! We're going to phase it out. It's just here to keep 2601 applications from breaking right away. */ 2602 #define krb5_const const 2603 2604 #endif /* KRB5_GENERAL__ */ 2605 2606 2607 /* 2608 * krb5_err.h: 2609 * This file is automatically generated; please do not edit it. 2610 */ 2611 2612 #define KRB5KDC_ERR_NONE (-1765328384L) 2613 #define KRB5KDC_ERR_NAME_EXP (-1765328383L) 2614 #define KRB5KDC_ERR_SERVICE_EXP (-1765328382L) 2615 #define KRB5KDC_ERR_BAD_PVNO (-1765328381L) 2616 #define KRB5KDC_ERR_C_OLD_MAST_KVNO (-1765328380L) 2617 #define KRB5KDC_ERR_S_OLD_MAST_KVNO (-1765328379L) 2618 #define KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN (-1765328378L) 2619 #define KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN (-1765328377L) 2620 #define KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE (-1765328376L) 2621 #define KRB5KDC_ERR_NULL_KEY (-1765328375L) 2622 #define KRB5KDC_ERR_CANNOT_POSTDATE (-1765328374L) 2623 #define KRB5KDC_ERR_NEVER_VALID (-1765328373L) 2624 #define KRB5KDC_ERR_POLICY (-1765328372L) 2625 #define KRB5KDC_ERR_BADOPTION (-1765328371L) 2626 #define KRB5KDC_ERR_ETYPE_NOSUPP (-1765328370L) 2627 #define KRB5KDC_ERR_SUMTYPE_NOSUPP (-1765328369L) 2628 #define KRB5KDC_ERR_PADATA_TYPE_NOSUPP (-1765328368L) 2629 #define KRB5KDC_ERR_TRTYPE_NOSUPP (-1765328367L) 2630 #define KRB5KDC_ERR_CLIENT_REVOKED (-1765328366L) 2631 #define KRB5KDC_ERR_SERVICE_REVOKED (-1765328365L) 2632 #define KRB5KDC_ERR_TGT_REVOKED (-1765328364L) 2633 #define KRB5KDC_ERR_CLIENT_NOTYET (-1765328363L) 2634 #define KRB5KDC_ERR_SERVICE_NOTYET (-1765328362L) 2635 #define KRB5KDC_ERR_KEY_EXP (-1765328361L) 2636 #define KRB5KDC_ERR_PREAUTH_FAILED (-1765328360L) 2637 #define KRB5KDC_ERR_PREAUTH_REQUIRED (-1765328359L) 2638 #define KRB5KDC_ERR_SERVER_NOMATCH (-1765328358L) 2639 #define KRB5PLACEHOLD_27 (-1765328357L) 2640 #define KRB5PLACEHOLD_28 (-1765328356L) 2641 #define KRB5PLACEHOLD_29 (-1765328355L) 2642 #define KRB5PLACEHOLD_30 (-1765328354L) 2643 #define KRB5KRB_AP_ERR_BAD_INTEGRITY (-1765328353L) 2644 #define KRB5KRB_AP_ERR_TKT_EXPIRED (-1765328352L) 2645 #define KRB5KRB_AP_ERR_TKT_NYV (-1765328351L) 2646 #define KRB5KRB_AP_ERR_REPEAT (-1765328350L) 2647 #define KRB5KRB_AP_ERR_NOT_US (-1765328349L) 2648 #define KRB5KRB_AP_ERR_BADMATCH (-1765328348L) 2649 #define KRB5KRB_AP_ERR_SKEW (-1765328347L) 2650 #define KRB5KRB_AP_ERR_BADADDR (-1765328346L) 2651 #define KRB5KRB_AP_ERR_BADVERSION (-1765328345L) 2652 #define KRB5KRB_AP_ERR_MSG_TYPE (-1765328344L) 2653 #define KRB5KRB_AP_ERR_MODIFIED (-1765328343L) 2654 #define KRB5KRB_AP_ERR_BADORDER (-1765328342L) 2655 #define KRB5KRB_AP_ERR_ILL_CR_TKT (-1765328341L) 2656 #define KRB5KRB_AP_ERR_BADKEYVER (-1765328340L) 2657 #define KRB5KRB_AP_ERR_NOKEY (-1765328339L) 2658 #define KRB5KRB_AP_ERR_MUT_FAIL (-1765328338L) 2659 #define KRB5KRB_AP_ERR_BADDIRECTION (-1765328337L) 2660 #define KRB5KRB_AP_ERR_METHOD (-1765328336L) 2661 #define KRB5KRB_AP_ERR_BADSEQ (-1765328335L) 2662 #define KRB5KRB_AP_ERR_INAPP_CKSUM (-1765328334L) 2663 #define KRB5PLACEHOLD_51 (-1765328333L) 2664 #define KRB5PLACEHOLD_52 (-1765328332L) 2665 #define KRB5PLACEHOLD_53 (-1765328331L) 2666 #define KRB5PLACEHOLD_54 (-1765328330L) 2667 #define KRB5PLACEHOLD_55 (-1765328329L) 2668 #define KRB5PLACEHOLD_56 (-1765328328L) 2669 #define KRB5PLACEHOLD_57 (-1765328327L) 2670 #define KRB5PLACEHOLD_58 (-1765328326L) 2671 #define KRB5PLACEHOLD_59 (-1765328325L) 2672 #define KRB5KRB_ERR_GENERIC (-1765328324L) 2673 #define KRB5KRB_ERR_FIELD_TOOLONG (-1765328323L) 2674 #define KRB5PLACEHOLD_62 (-1765328322L) 2675 #define KRB5PLACEHOLD_63 (-1765328321L) 2676 #define KRB5PLACEHOLD_64 (-1765328320L) 2677 #define KRB5PLACEHOLD_65 (-1765328319L) 2678 #define KRB5PLACEHOLD_66 (-1765328318L) 2679 #define KRB5PLACEHOLD_67 (-1765328317L) 2680 #define KRB5PLACEHOLD_68 (-1765328316L) 2681 #define KRB5PLACEHOLD_69 (-1765328315L) 2682 #define KRB5PLACEHOLD_70 (-1765328314L) 2683 #define KRB5PLACEHOLD_71 (-1765328313L) 2684 #define KRB5PLACEHOLD_72 (-1765328312L) 2685 #define KRB5PLACEHOLD_73 (-1765328311L) 2686 #define KRB5PLACEHOLD_74 (-1765328310L) 2687 #define KRB5PLACEHOLD_75 (-1765328309L) 2688 #define KRB5PLACEHOLD_76 (-1765328308L) 2689 #define KRB5PLACEHOLD_77 (-1765328307L) 2690 #define KRB5PLACEHOLD_78 (-1765328306L) 2691 #define KRB5PLACEHOLD_79 (-1765328305L) 2692 #define KRB5PLACEHOLD_80 (-1765328304L) 2693 #define KRB5PLACEHOLD_81 (-1765328303L) 2694 #define KRB5PLACEHOLD_82 (-1765328302L) 2695 #define KRB5PLACEHOLD_83 (-1765328301L) 2696 #define KRB5PLACEHOLD_84 (-1765328300L) 2697 #define KRB5PLACEHOLD_85 (-1765328299L) 2698 #define KRB5PLACEHOLD_86 (-1765328298L) 2699 #define KRB5PLACEHOLD_87 (-1765328297L) 2700 #define KRB5PLACEHOLD_88 (-1765328296L) 2701 #define KRB5PLACEHOLD_89 (-1765328295L) 2702 #define KRB5PLACEHOLD_90 (-1765328294L) 2703 #define KRB5PLACEHOLD_91 (-1765328293L) 2704 #define KRB5PLACEHOLD_92 (-1765328292L) 2705 #define KRB5PLACEHOLD_93 (-1765328291L) 2706 #define KRB5PLACEHOLD_94 (-1765328290L) 2707 #define KRB5PLACEHOLD_95 (-1765328289L) 2708 #define KRB5PLACEHOLD_96 (-1765328288L) 2709 #define KRB5PLACEHOLD_97 (-1765328287L) 2710 #define KRB5PLACEHOLD_98 (-1765328286L) 2711 #define KRB5PLACEHOLD_99 (-1765328285L) 2712 #define KRB5PLACEHOLD_100 (-1765328284L) 2713 #define KRB5PLACEHOLD_101 (-1765328283L) 2714 #define KRB5PLACEHOLD_102 (-1765328282L) 2715 #define KRB5PLACEHOLD_103 (-1765328281L) 2716 #define KRB5PLACEHOLD_104 (-1765328280L) 2717 #define KRB5PLACEHOLD_105 (-1765328279L) 2718 #define KRB5PLACEHOLD_106 (-1765328278L) 2719 #define KRB5PLACEHOLD_107 (-1765328277L) 2720 #define KRB5PLACEHOLD_108 (-1765328276L) 2721 #define KRB5PLACEHOLD_109 (-1765328275L) 2722 #define KRB5PLACEHOLD_110 (-1765328274L) 2723 #define KRB5PLACEHOLD_111 (-1765328273L) 2724 #define KRB5PLACEHOLD_112 (-1765328272L) 2725 #define KRB5PLACEHOLD_113 (-1765328271L) 2726 #define KRB5PLACEHOLD_114 (-1765328270L) 2727 #define KRB5PLACEHOLD_115 (-1765328269L) 2728 #define KRB5PLACEHOLD_116 (-1765328268L) 2729 #define KRB5PLACEHOLD_117 (-1765328267L) 2730 #define KRB5PLACEHOLD_118 (-1765328266L) 2731 #define KRB5PLACEHOLD_119 (-1765328265L) 2732 #define KRB5PLACEHOLD_120 (-1765328264L) 2733 #define KRB5PLACEHOLD_121 (-1765328263L) 2734 #define KRB5PLACEHOLD_122 (-1765328262L) 2735 #define KRB5PLACEHOLD_123 (-1765328261L) 2736 #define KRB5PLACEHOLD_124 (-1765328260L) 2737 #define KRB5PLACEHOLD_125 (-1765328259L) 2738 #define KRB5PLACEHOLD_126 (-1765328258L) 2739 #define KRB5PLACEHOLD_127 (-1765328257L) 2740 #define KRB5_ERR_RCSID (-1765328256L) 2741 #define KRB5_LIBOS_BADLOCKFLAG (-1765328255L) 2742 #define KRB5_LIBOS_CANTREADPWD (-1765328254L) 2743 #define KRB5_LIBOS_BADPWDMATCH (-1765328253L) 2744 #define KRB5_LIBOS_PWDINTR (-1765328252L) 2745 #define KRB5_PARSE_ILLCHAR (-1765328251L) 2746 #define KRB5_PARSE_MALFORMED (-1765328250L) 2747 #define KRB5_CONFIG_CANTOPEN (-1765328249L) 2748 #define KRB5_CONFIG_BADFORMAT (-1765328248L) 2749 #define KRB5_CONFIG_NOTENUFSPACE (-1765328247L) 2750 #define KRB5_BADMSGTYPE (-1765328246L) 2751 #define KRB5_CC_BADNAME (-1765328245L) 2752 #define KRB5_CC_UNKNOWN_TYPE (-1765328244L) 2753 #define KRB5_CC_NOTFOUND (-1765328243L) 2754 #define KRB5_CC_END (-1765328242L) 2755 #define KRB5_NO_TKT_SUPPLIED (-1765328241L) 2756 #define KRB5KRB_AP_WRONG_PRINC (-1765328240L) 2757 #define KRB5KRB_AP_ERR_TKT_INVALID (-1765328239L) 2758 #define KRB5_PRINC_NOMATCH (-1765328238L) 2759 #define KRB5_KDCREP_MODIFIED (-1765328237L) 2760 #define KRB5_KDCREP_SKEW (-1765328236L) 2761 #define KRB5_IN_TKT_REALM_MISMATCH (-1765328235L) 2762 #define KRB5_PROG_ETYPE_NOSUPP (-1765328234L) 2763 #define KRB5_PROG_KEYTYPE_NOSUPP (-1765328233L) 2764 #define KRB5_WRONG_ETYPE (-1765328232L) 2765 #define KRB5_PROG_SUMTYPE_NOSUPP (-1765328231L) 2766 #define KRB5_REALM_UNKNOWN (-1765328230L) 2767 #define KRB5_SERVICE_UNKNOWN (-1765328229L) 2768 #define KRB5_KDC_UNREACH (-1765328228L) 2769 #define KRB5_NO_LOCALNAME (-1765328227L) 2770 #define KRB5_MUTUAL_FAILED (-1765328226L) 2771 #define KRB5_RC_TYPE_EXISTS (-1765328225L) 2772 #define KRB5_RC_MALLOC (-1765328224L) 2773 #define KRB5_RC_TYPE_NOTFOUND (-1765328223L) 2774 #define KRB5_RC_UNKNOWN (-1765328222L) 2775 #define KRB5_RC_REPLAY (-1765328221L) 2776 #define KRB5_RC_IO (-1765328220L) 2777 #define KRB5_RC_NOIO (-1765328219L) 2778 #define KRB5_RC_PARSE (-1765328218L) 2779 #define KRB5_RC_IO_EOF (-1765328217L) 2780 #define KRB5_RC_IO_MALLOC (-1765328216L) 2781 #define KRB5_RC_IO_PERM (-1765328215L) 2782 #define KRB5_RC_IO_IO (-1765328214L) 2783 #define KRB5_RC_IO_UNKNOWN (-1765328213L) 2784 #define KRB5_RC_IO_SPACE (-1765328212L) 2785 #define KRB5_TRANS_CANTOPEN (-1765328211L) 2786 #define KRB5_TRANS_BADFORMAT (-1765328210L) 2787 #define KRB5_LNAME_CANTOPEN (-1765328209L) 2788 #define KRB5_LNAME_NOTRANS (-1765328208L) 2789 #define KRB5_LNAME_BADFORMAT (-1765328207L) 2790 #define KRB5_CRYPTO_INTERNAL (-1765328206L) 2791 #define KRB5_KT_BADNAME (-1765328205L) 2792 #define KRB5_KT_UNKNOWN_TYPE (-1765328204L) 2793 #define KRB5_KT_NOTFOUND (-1765328203L) 2794 #define KRB5_KT_END (-1765328202L) 2795 #define KRB5_KT_NOWRITE (-1765328201L) 2796 #define KRB5_KT_IOERR (-1765328200L) 2797 #define KRB5_NO_TKT_IN_RLM (-1765328199L) 2798 #define KRB5DES_BAD_KEYPAR (-1765328198L) 2799 #define KRB5DES_WEAK_KEY (-1765328197L) 2800 #define KRB5_BAD_ENCTYPE (-1765328196L) 2801 #define KRB5_BAD_KEYSIZE (-1765328195L) 2802 #define KRB5_BAD_MSIZE (-1765328194L) 2803 #define KRB5_CC_TYPE_EXISTS (-1765328193L) 2804 #define KRB5_KT_TYPE_EXISTS (-1765328192L) 2805 #define KRB5_CC_IO (-1765328191L) 2806 #define KRB5_FCC_PERM (-1765328190L) 2807 #define KRB5_FCC_NOFILE (-1765328189L) 2808 #define KRB5_FCC_INTERNAL (-1765328188L) 2809 #define KRB5_CC_WRITE (-1765328187L) 2810 #define KRB5_CC_NOMEM (-1765328186L) 2811 #define KRB5_CC_FORMAT (-1765328185L) 2812 #define KRB5_CC_NOT_KTYPE (-1765328184L) 2813 #define KRB5_INVALID_FLAGS (-1765328183L) 2814 #define KRB5_NO_2ND_TKT (-1765328182L) 2815 #define KRB5_NOCREDS_SUPPLIED (-1765328181L) 2816 #define KRB5_SENDAUTH_BADAUTHVERS (-1765328180L) 2817 #define KRB5_SENDAUTH_BADAPPLVERS (-1765328179L) 2818 #define KRB5_SENDAUTH_BADRESPONSE (-1765328178L) 2819 #define KRB5_SENDAUTH_REJECTED (-1765328177L) 2820 #define KRB5_PREAUTH_BAD_TYPE (-1765328176L) 2821 #define KRB5_PREAUTH_NO_KEY (-1765328175L) 2822 #define KRB5_PREAUTH_FAILED (-1765328174L) 2823 #define KRB5_RCACHE_BADVNO (-1765328173L) 2824 #define KRB5_CCACHE_BADVNO (-1765328172L) 2825 #define KRB5_KEYTAB_BADVNO (-1765328171L) 2826 #define KRB5_PROG_ATYPE_NOSUPP (-1765328170L) 2827 #define KRB5_RC_REQUIRED (-1765328169L) 2828 #define KRB5_ERR_BAD_HOSTNAME (-1765328168L) 2829 #define KRB5_ERR_HOST_REALM_UNKNOWN (-1765328167L) 2830 #define KRB5_SNAME_UNSUPP_NAMETYPE (-1765328166L) 2831 #define KRB5KRB_AP_ERR_V4_REPLY (-1765328165L) 2832 #define KRB5_REALM_CANT_RESOLVE (-1765328164L) 2833 #define KRB5_TKT_NOT_FORWARDABLE (-1765328163L) 2834 #define KRB5_FWD_BAD_PRINCIPAL (-1765328162L) 2835 #define KRB5_GET_IN_TKT_LOOP (-1765328161L) 2836 #define KRB5_CONFIG_NODEFREALM (-1765328160L) 2837 #define KRB5_SAM_UNSUPPORTED (-1765328159L) 2838 #define KRB5_SAM_INVALID_ETYPE (-1765328158L) 2839 #define KRB5_SAM_NO_CHECKSUM (-1765328157L) 2840 #define KRB5_SAM_BAD_CHECKSUM (-1765328156L) 2841 #define KRB5_KT_NAME_TOOLONG (-1765328155L) 2842 #define KRB5_KT_KVNONOTFOUND (-1765328154L) 2843 #define KRB5_APPL_EXPIRED (-1765328153L) 2844 #define KRB5_LIB_EXPIRED (-1765328152L) 2845 #define KRB5_CHPW_PWDNULL (-1765328151L) 2846 #define KRB5_CHPW_FAIL (-1765328150L) 2847 #define KRB5_KT_FORMAT (-1765328149L) 2848 #define KRB5_NOPERM_ETYPE (-1765328148L) 2849 #define KRB5_CONFIG_ETYPE_NOSUPP (-1765328147L) 2850 #define KRB5_OBSOLETE_FN (-1765328146L) 2851 #define KRB5_EAI_FAIL (-1765328145L) 2852 #define KRB5_EAI_NODATA (-1765328144L) 2853 #define KRB5_EAI_NONAME (-1765328143L) 2854 #define KRB5_EAI_SERVICE (-1765328142L) 2855 #define KRB5_ERR_NUMERIC_REALM (-1765328141L) 2856 #define KRB5_ERR_BAD_S2K_PARAMS (-1765328140L) 2857 #define KRB5_ERR_NO_SERVICE (-1765328139L) 2858 #define KRB5_CC_READONLY (-1765328138L) 2859 #define KRB5_CC_NOSUPP (-1765328137L) 2860 2861 /* NOTE! error values should not collide */ 2862 /* XXX Note KRB5_RC_BADNAME and KRB5_CONF_NOT_CONFIGURED are Solaris specific */ 2863 #define KRB5_RC_BADNAME (-1765328136L) 2864 #define KRB5_CONF_NOT_CONFIGURED (-1765328135L) 2865 #ifdef _KERNEL 2866 /* XXX Note KRB5_KEF_ERROR and PKCS_ERR are Solaris specific */ 2867 #define KRB5_KEF_ERROR (-1765328134L) 2868 #else 2869 #define PKCS_ERR (-1765328134L) 2870 #endif /* _KERNEL */ 2871 2872 #define KRB5_DELTAT_BADFORMAT (-1765328133L) 2873 2874 #define ERROR_TABLE_BASE_krb5 (-1765328384L) 2875 2876 /* for compatibility with older versions... */ 2877 #define krb5_err_base ERROR_TABLE_BASE_krb5 2878 /* 2879 * kdb5_err.h: 2880 * This file is automatically generated; please do not edit it. 2881 */ 2882 #define KRB5_KDB_RCSID (-1780008448L) 2883 #define KRB5_KDB_INUSE (-1780008447L) 2884 #define KRB5_KDB_UK_SERROR (-1780008446L) 2885 #define KRB5_KDB_UK_RERROR (-1780008445L) 2886 #define KRB5_KDB_UNAUTH (-1780008444L) 2887 #define KRB5_KDB_NOENTRY (-1780008443L) 2888 #define KRB5_KDB_ILL_WILDCARD (-1780008442L) 2889 #define KRB5_KDB_DB_INUSE (-1780008441L) 2890 #define KRB5_KDB_DB_CHANGED (-1780008440L) 2891 #define KRB5_KDB_TRUNCATED_RECORD (-1780008439L) 2892 #define KRB5_KDB_RECURSIVELOCK (-1780008438L) 2893 #define KRB5_KDB_NOTLOCKED (-1780008437L) 2894 #define KRB5_KDB_BADLOCKMODE (-1780008436L) 2895 #define KRB5_KDB_DBNOTINITED (-1780008435L) 2896 #define KRB5_KDB_DBINITED (-1780008434L) 2897 #define KRB5_KDB_ILLDIRECTION (-1780008433L) 2898 #define KRB5_KDB_NOMASTERKEY (-1780008432L) 2899 #define KRB5_KDB_BADMASTERKEY (-1780008431L) 2900 #define KRB5_KDB_INVALIDKEYSIZE (-1780008430L) 2901 #define KRB5_KDB_CANTREAD_STORED (-1780008429L) 2902 #define KRB5_KDB_BADSTORED_MKEY (-1780008428L) 2903 #define KRB5_KDB_CANTLOCK_DB (-1780008427L) 2904 #define KRB5_KDB_DB_CORRUPT (-1780008426L) 2905 #define KRB5_KDB_BAD_VERSION (-1780008425L) 2906 #define KRB5_KDB_BAD_SALTTYPE (-1780008424L) 2907 #define KRB5_KDB_BAD_ENCTYPE (-1780008423L) 2908 #define KRB5_KDB_BAD_CREATEFLAGS (-1780008422L) 2909 #define KRB5_KDB_NO_PERMITTED_KEY (-1780008421L) 2910 #define KRB5_KDB_NO_MATCHING_KEY (-1780008420L) 2911 /* 2912 * Incremental propagation error codes 2913 */ 2914 #define KRB5_LOG_CONV (-1780008419L) 2915 #define KRB5_LOG_UNSTABLE (-1780008418L) 2916 #define KRB5_LOG_CORRUPT (-1780008417L) 2917 #define KRB5_LOG_ERROR (-1780008416L) 2918 #define ERROR_TABLE_BASE_kdb5 (-1780008448L) 2919 2920 /* for compatibility with older versions... */ 2921 #define kdb5_err_base ERROR_TABLE_BASE_kdb5 2922 /* 2923 * kv5m_err.h: 2924 * This file is automatically generated; please do not edit it. 2925 */ 2926 #define KV5M_NONE (-1760647424L) 2927 #define KV5M_PRINCIPAL (-1760647423L) 2928 #define KV5M_DATA (-1760647422L) 2929 #define KV5M_KEYBLOCK (-1760647421L) 2930 #define KV5M_CHECKSUM (-1760647420L) 2931 #define KV5M_ENCRYPT_BLOCK (-1760647419L) 2932 #define KV5M_ENC_DATA (-1760647418L) 2933 #define KV5M_CRYPTOSYSTEM_ENTRY (-1760647417L) 2934 #define KV5M_CS_TABLE_ENTRY (-1760647416L) 2935 #define KV5M_CHECKSUM_ENTRY (-1760647415L) 2936 #define KV5M_AUTHDATA (-1760647414L) 2937 #define KV5M_TRANSITED (-1760647413L) 2938 #define KV5M_ENC_TKT_PART (-1760647412L) 2939 #define KV5M_TICKET (-1760647411L) 2940 #define KV5M_AUTHENTICATOR (-1760647410L) 2941 #define KV5M_TKT_AUTHENT (-1760647409L) 2942 #define KV5M_CREDS (-1760647408L) 2943 #define KV5M_LAST_REQ_ENTRY (-1760647407L) 2944 #define KV5M_PA_DATA (-1760647406L) 2945 #define KV5M_KDC_REQ (-1760647405L) 2946 #define KV5M_ENC_KDC_REP_PART (-1760647404L) 2947 #define KV5M_KDC_REP (-1760647403L) 2948 #define KV5M_ERROR (-1760647402L) 2949 #define KV5M_AP_REQ (-1760647401L) 2950 #define KV5M_AP_REP (-1760647400L) 2951 #define KV5M_AP_REP_ENC_PART (-1760647399L) 2952 #define KV5M_RESPONSE (-1760647398L) 2953 #define KV5M_SAFE (-1760647397L) 2954 #define KV5M_PRIV (-1760647396L) 2955 #define KV5M_PRIV_ENC_PART (-1760647395L) 2956 #define KV5M_CRED (-1760647394L) 2957 #define KV5M_CRED_INFO (-1760647393L) 2958 #define KV5M_CRED_ENC_PART (-1760647392L) 2959 #define KV5M_PWD_DATA (-1760647391L) 2960 #define KV5M_ADDRESS (-1760647390L) 2961 #define KV5M_KEYTAB_ENTRY (-1760647389L) 2962 #define KV5M_CONTEXT (-1760647388L) 2963 #define KV5M_OS_CONTEXT (-1760647387L) 2964 #define KV5M_ALT_METHOD (-1760647386L) 2965 #define KV5M_ETYPE_INFO_ENTRY (-1760647385L) 2966 #define KV5M_DB_CONTEXT (-1760647384L) 2967 #define KV5M_AUTH_CONTEXT (-1760647383L) 2968 #define KV5M_KEYTAB (-1760647382L) 2969 #define KV5M_RCACHE (-1760647381L) 2970 #define KV5M_CCACHE (-1760647380L) 2971 #define KV5M_PREAUTH_OPS (-1760647379L) 2972 #define KV5M_SAM_CHALLENGE (-1760647378L) 2973 #define KV5M_SAM_KEY (-1760647377L) 2974 #define KV5M_ENC_SAM_RESPONSE_ENC (-1760647376L) 2975 #define KV5M_ENC_SAM_RESPONSE_ENC_2 (-1760647374L) 2976 #define KV5M_SAM_RESPONSE (-1760647373L) 2977 #define KV5M_SAM_RESPONSE_2 (-1760647372L) 2978 #define KV5M_PREDICTED_SAM_RESPONSE (-1760647371L) 2979 #define KV5M_PASSWD_PHRASE_ELEMENT (-1760647370L) 2980 #define KV5M_GSS_OID (-1760647369L) 2981 #define KV5M_GSS_QUEUE (-1760647368L) 2982 #define ERROR_TABLE_BASE_kv5m (-1760647424L) 2983 2984 /* for compatibility with older versions... */ 2985 #define kv5m_err_base ERROR_TABLE_BASE_kv5m 2986 /* 2987 * asn1_err.h: 2988 * This file is automatically generated; please do not edit it. 2989 */ 2990 #define ASN1_BAD_TIMEFORMAT (1859794432L) 2991 #define ASN1_MISSING_FIELD (1859794433L) 2992 #define ASN1_MISPLACED_FIELD (1859794434L) 2993 #define ASN1_TYPE_MISMATCH (1859794435L) 2994 #define ASN1_OVERFLOW (1859794436L) 2995 #define ASN1_OVERRUN (1859794437L) 2996 #define ASN1_BAD_ID (1859794438L) 2997 #define ASN1_BAD_LENGTH (1859794439L) 2998 #define ASN1_BAD_FORMAT (1859794440L) 2999 #define ASN1_PARSE_ERROR (1859794441L) 3000 #define ASN1_BAD_GMTIME (1859794442L) 3001 #define ASN1_MISMATCH_INDEF (1859794443L) 3002 #define ASN1_MISSING_EOC (1859794444L) 3003 #define ERROR_TABLE_BASE_asn1 (1859794432L) 3004 3005 /* for compatibility with older versions... */ 3006 #define asn1_err_base ERROR_TABLE_BASE_asn1 3007 3008 #ifdef __cplusplus 3009 } 3010 #endif 3011 3012 #endif /* _KRB5_H */ 3013