17c478bd9Sstevel@tonic-gate /* 2db02be57S * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 37c478bd9Sstevel@tonic-gate * Use is subject to license terms. 47c478bd9Sstevel@tonic-gate */ 57c478bd9Sstevel@tonic-gate 67c478bd9Sstevel@tonic-gate /* This is the prologue to krb5.h */ 77c478bd9Sstevel@tonic-gate /* Unfortunately some of these defines are compiler dependent */ 87c478bd9Sstevel@tonic-gate #ifndef _KRB5_H 97c478bd9Sstevel@tonic-gate #define _KRB5_H 107c478bd9Sstevel@tonic-gate 117c478bd9Sstevel@tonic-gate 127c478bd9Sstevel@tonic-gate #define SIZEOF_INT 4 137c478bd9Sstevel@tonic-gate 147c478bd9Sstevel@tonic-gate #ifdef _LP64 157c478bd9Sstevel@tonic-gate #define SIZEOF_LONG 8 167c478bd9Sstevel@tonic-gate #else 177c478bd9Sstevel@tonic-gate #define SIZEOF_LONG 4 187c478bd9Sstevel@tonic-gate #endif 197c478bd9Sstevel@tonic-gate 207c478bd9Sstevel@tonic-gate #define SIZEOF_SHORT 2 217c478bd9Sstevel@tonic-gate #define HAVE_STDARG_H 1 227c478bd9Sstevel@tonic-gate #define HAVE_SYS_TYPES_H 1 237c478bd9Sstevel@tonic-gate /* End of prologue section */ 247c478bd9Sstevel@tonic-gate /* 257c478bd9Sstevel@tonic-gate * include/krb5.h 267c478bd9Sstevel@tonic-gate * 27fe598cdcSmp * Copyright 1989,1990,1995,2001, 2003 by the Massachusetts Institute of Technology. 287c478bd9Sstevel@tonic-gate * All Rights Reserved. 297c478bd9Sstevel@tonic-gate * 307c478bd9Sstevel@tonic-gate * Export of this software from the United States of America may 317c478bd9Sstevel@tonic-gate * require a specific license from the United States Government. 327c478bd9Sstevel@tonic-gate * It is the responsibility of any person or organization contemplating 337c478bd9Sstevel@tonic-gate * export to obtain such a license before exporting. 34fe598cdcSmp * 357c478bd9Sstevel@tonic-gate * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 367c478bd9Sstevel@tonic-gate * distribute this software and its documentation for any purpose and 377c478bd9Sstevel@tonic-gate * without fee is hereby granted, provided that the above copyright 387c478bd9Sstevel@tonic-gate * notice appear in all copies and that both that copyright notice and 397c478bd9Sstevel@tonic-gate * this permission notice appear in supporting documentation, and that 407c478bd9Sstevel@tonic-gate * the name of M.I.T. not be used in advertising or publicity pertaining 417c478bd9Sstevel@tonic-gate * to distribution of the software without specific, written prior 427c478bd9Sstevel@tonic-gate * permission. Furthermore if you modify this software you must label 437c478bd9Sstevel@tonic-gate * your software as modified software and not distribute it in such a 447c478bd9Sstevel@tonic-gate * fashion that it might be confused with the original M.I.T. software. 457c478bd9Sstevel@tonic-gate * M.I.T. makes no representations about the suitability of 467c478bd9Sstevel@tonic-gate * this software for any purpose. It is provided "as is" without express 477c478bd9Sstevel@tonic-gate * or implied warranty. 48159d09a2SMark Phalan * 497c478bd9Sstevel@tonic-gate * 507c478bd9Sstevel@tonic-gate * General definitions for Kerberos version 5. 517c478bd9Sstevel@tonic-gate */ 527c478bd9Sstevel@tonic-gate 537c478bd9Sstevel@tonic-gate /* 547c478bd9Sstevel@tonic-gate * Copyright (C) 1998 by the FundsXpress, INC. 55159d09a2SMark Phalan * 567c478bd9Sstevel@tonic-gate * All rights reserved. 57159d09a2SMark Phalan * 587c478bd9Sstevel@tonic-gate * Export of this software from the United States of America may require 597c478bd9Sstevel@tonic-gate * a specific license from the United States Government. It is the 607c478bd9Sstevel@tonic-gate * responsibility of any person or organization contemplating export to 617c478bd9Sstevel@tonic-gate * obtain such a license before exporting. 62159d09a2SMark Phalan * 637c478bd9Sstevel@tonic-gate * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 647c478bd9Sstevel@tonic-gate * distribute this software and its documentation for any purpose and 657c478bd9Sstevel@tonic-gate * without fee is hereby granted, provided that the above copyright 667c478bd9Sstevel@tonic-gate * notice appear in all copies and that both that copyright notice and 677c478bd9Sstevel@tonic-gate * this permission notice appear in supporting documentation, and that 687c478bd9Sstevel@tonic-gate * the name of FundsXpress. not be used in advertising or publicity pertaining 697c478bd9Sstevel@tonic-gate * to distribution of the software without specific, written prior 707c478bd9Sstevel@tonic-gate * permission. FundsXpress makes no representations about the suitability of 717c478bd9Sstevel@tonic-gate * this software for any purpose. It is provided "as is" without express 727c478bd9Sstevel@tonic-gate * or implied warranty. 73159d09a2SMark Phalan * 747c478bd9Sstevel@tonic-gate * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR 757c478bd9Sstevel@tonic-gate * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 767c478bd9Sstevel@tonic-gate * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. 777c478bd9Sstevel@tonic-gate */ 787c478bd9Sstevel@tonic-gate 797c478bd9Sstevel@tonic-gate #ifndef KRB5_GENERAL__ 807c478bd9Sstevel@tonic-gate #define KRB5_GENERAL__ 817c478bd9Sstevel@tonic-gate 827c478bd9Sstevel@tonic-gate #ifdef _KERNEL 837c478bd9Sstevel@tonic-gate #include <sys/systm.h> 847c478bd9Sstevel@tonic-gate #include <sys/kmem.h> 857c478bd9Sstevel@tonic-gate 867c478bd9Sstevel@tonic-gate #include <sys/crypto/common.h> 877c478bd9Sstevel@tonic-gate #include <sys/crypto/api.h> 887c478bd9Sstevel@tonic-gate 897c478bd9Sstevel@tonic-gate /* 907c478bd9Sstevel@tonic-gate * Just to be safe lets make sure the buffers are zero'ed after 917c478bd9Sstevel@tonic-gate * malloc() as some code assumes this is the case. To avoid warnings 927c478bd9Sstevel@tonic-gate * of duplicated defines let remove the old one if present. 937c478bd9Sstevel@tonic-gate */ 947c478bd9Sstevel@tonic-gate #ifdef MALLOC 957c478bd9Sstevel@tonic-gate #undef MALLOC 967c478bd9Sstevel@tonic-gate #endif 977c478bd9Sstevel@tonic-gate #define MALLOC(n) kmem_zalloc((n), KM_SLEEP) 987c478bd9Sstevel@tonic-gate 997c478bd9Sstevel@tonic-gate #define FREE(x, n) kmem_free((x), (n)) 1007c478bd9Sstevel@tonic-gate #define CALLOC(n, s) kmem_zalloc((n)*(s), KM_SLEEP) 1017c478bd9Sstevel@tonic-gate #define strcpy(dst,src,n) bcopy((src),(dst),(n)) 1027c478bd9Sstevel@tonic-gate #define mutex_lock(lck) mutex_enter(lck) 1037c478bd9Sstevel@tonic-gate #define mutex_unlock(lck) mutex_exit(lck) 1047c478bd9Sstevel@tonic-gate 1057c478bd9Sstevel@tonic-gate #else /* !_KERNEL */ 1067c478bd9Sstevel@tonic-gate #define MALLOC(n) malloc(n) 1077c478bd9Sstevel@tonic-gate #define FREE(x, n) free(x) 1087c478bd9Sstevel@tonic-gate #define CALLOC(n, s) calloc((n), (s)) 1097c478bd9Sstevel@tonic-gate #include <stdlib.h> 1107c478bd9Sstevel@tonic-gate #include <thread.h> 1117c478bd9Sstevel@tonic-gate #include <synch.h> 1127c478bd9Sstevel@tonic-gate #include <security/cryptoki.h> 113505d05c7Sgtb #include <limits.h> /* for *_MAX */ 1147c478bd9Sstevel@tonic-gate #endif /* _KERNEL */ 1157c478bd9Sstevel@tonic-gate 116505d05c7Sgtb /* By default, do not expose deprecated interfaces. */ 117505d05c7Sgtb /* SUNW14resync - we need to enable this for rlogind and such */ 118505d05c7Sgtb #ifndef KRB5_DEPRECATED 119505d05c7Sgtb #define KRB5_DEPRECATED 1 120505d05c7Sgtb #endif 121505d05c7Sgtb /* Do not expose private interfaces. Build system will override. */ 122505d05c7Sgtb /* SUNW14resync - for the Solaris build we set it to 1 here */ 123505d05c7Sgtb #ifndef KRB5_PRIVATE 124505d05c7Sgtb #define KRB5_PRIVATE 1 125505d05c7Sgtb #endif 126505d05c7Sgtb 127159d09a2SMark Phalan #if defined(__MACH__) && defined(__APPLE__) 128159d09a2SMark Phalan # include <TargetConditionals.h> 129159d09a2SMark Phalan # if TARGET_RT_MAC_CFM 130159d09a2SMark Phalan # error "Use KfM 4.0 SDK headers for CFM compilation." 131159d09a2SMark Phalan # endif 132505d05c7Sgtb #endif 1337c478bd9Sstevel@tonic-gate 134159d09a2SMark Phalan #if defined(_MSDOS) || defined(_WIN32) 1357c478bd9Sstevel@tonic-gate #include <win-mac.h> 1367c478bd9Sstevel@tonic-gate #endif 1377c478bd9Sstevel@tonic-gate 1387c478bd9Sstevel@tonic-gate #ifndef KRB5_CONFIG__ 1397c478bd9Sstevel@tonic-gate #ifndef KRB5_CALLCONV 1407c478bd9Sstevel@tonic-gate #define KRB5_CALLCONV 1417c478bd9Sstevel@tonic-gate #define KRB5_CALLCONV_C 1427c478bd9Sstevel@tonic-gate #endif /* !KRB5_CALLCONV */ 1437c478bd9Sstevel@tonic-gate #endif /* !KRB5_CONFIG__ */ 1447c478bd9Sstevel@tonic-gate 145505d05c7Sgtb #ifndef KRB5_CALLCONV_WRONG 146505d05c7Sgtb #define KRB5_CALLCONV_WRONG 147505d05c7Sgtb #endif 148505d05c7Sgtb 149505d05c7Sgtb /* SUNW14resync XXX */ 1507c478bd9Sstevel@tonic-gate #include <sys/types.h> 1517c478bd9Sstevel@tonic-gate #include <sys/socket.h> 1527c478bd9Sstevel@tonic-gate 1537c478bd9Sstevel@tonic-gate #ifndef THREEPARAMOPEN 1547c478bd9Sstevel@tonic-gate #define THREEPARAMOPEN(x,y,z) open(x,y,z) 1557c478bd9Sstevel@tonic-gate #endif 1567c478bd9Sstevel@tonic-gate 157505d05c7Sgtb 1587c478bd9Sstevel@tonic-gate /* 1597c478bd9Sstevel@tonic-gate * Solaris Kerberos: 16010db1377Sgtb * Samba needs a couple of these interfaces so old crypto is enabled. 1617c478bd9Sstevel@tonic-gate */ 16210db1377Sgtb #define KRB5_OLD_CRYPTO 1637c478bd9Sstevel@tonic-gate 1647c478bd9Sstevel@tonic-gate 165159d09a2SMark Phalan #ifndef KRB5INT_BEGIN_DECLS 166159d09a2SMark Phalan #if defined(__cplusplus) 167159d09a2SMark Phalan #define KRB5INT_BEGIN_DECLS extern "C" { 168159d09a2SMark Phalan #define KRB5INT_END_DECLS } 169159d09a2SMark Phalan #else 170159d09a2SMark Phalan #define KRB5INT_BEGIN_DECLS 171159d09a2SMark Phalan #define KRB5INT_END_DECLS 172159d09a2SMark Phalan #endif 173159d09a2SMark Phalan #endif 1747c478bd9Sstevel@tonic-gate 175eb42280bSWill Fiveash KRB5INT_BEGIN_DECLS 176eb42280bSWill Fiveash 177505d05c7Sgtb #if TARGET_OS_MAC 178505d05c7Sgtb # pragma options align=mac68k 1797c478bd9Sstevel@tonic-gate #endif 1807c478bd9Sstevel@tonic-gate 181505d05c7Sgtb /* from profile.h */ 182505d05c7Sgtb struct _profile_t; 183505d05c7Sgtb /* typedef struct _profile_t *profile_t; */ 184505d05c7Sgtb 1857c478bd9Sstevel@tonic-gate /* 1867c478bd9Sstevel@tonic-gate * begin wordsize.h 1877c478bd9Sstevel@tonic-gate */ 1887c478bd9Sstevel@tonic-gate 1897c478bd9Sstevel@tonic-gate /* 1907c478bd9Sstevel@tonic-gate * Word-size related definition. 1917c478bd9Sstevel@tonic-gate */ 1927c478bd9Sstevel@tonic-gate 1937c478bd9Sstevel@tonic-gate typedef unsigned char krb5_octet; 1947c478bd9Sstevel@tonic-gate 195505d05c7Sgtb #if INT_MAX == 0x7fff 1967c478bd9Sstevel@tonic-gate typedef int krb5_int16; 1977c478bd9Sstevel@tonic-gate typedef unsigned int krb5_ui_2; 198505d05c7Sgtb #elif SHRT_MAX == 0x7fff 1997c478bd9Sstevel@tonic-gate typedef short krb5_int16; 2007c478bd9Sstevel@tonic-gate typedef unsigned short krb5_ui_2; 2017c478bd9Sstevel@tonic-gate #else 202505d05c7Sgtb #error undefined 16 bit type 2037c478bd9Sstevel@tonic-gate #endif 2047c478bd9Sstevel@tonic-gate 205505d05c7Sgtb #if INT_MAX == 0x7fffffffL 206159d09a2SMark Phalan typedef int krb5_int32; 2077c478bd9Sstevel@tonic-gate typedef unsigned int krb5_ui_4; 208505d05c7Sgtb #elif LONG_MAX == 0x7fffffffL 2097c478bd9Sstevel@tonic-gate typedef long krb5_int32; 2107c478bd9Sstevel@tonic-gate typedef unsigned long krb5_ui_4; 211505d05c7Sgtb #elif SHRT_MAX == 0x7fffffffL 2127c478bd9Sstevel@tonic-gate typedef short krb5_int32; 2137c478bd9Sstevel@tonic-gate typedef unsigned short krb5_ui_4; 2147c478bd9Sstevel@tonic-gate #else 215505d05c7Sgtb #error: undefined 32 bit type 2167c478bd9Sstevel@tonic-gate #endif 2177c478bd9Sstevel@tonic-gate 218159d09a2SMark Phalan #define VALID_INT_BITS INT_MAX 219159d09a2SMark Phalan #define VALID_UINT_BITS UINT_MAX 220505d05c7Sgtb 2217c478bd9Sstevel@tonic-gate #define KRB5_INT32_MAX 2147483647 2227c478bd9Sstevel@tonic-gate /* this strange form is necessary since - is a unary operator, not a sign 2237c478bd9Sstevel@tonic-gate indicator */ 2247c478bd9Sstevel@tonic-gate #define KRB5_INT32_MIN (-KRB5_INT32_MAX-1) 2257c478bd9Sstevel@tonic-gate 2267c478bd9Sstevel@tonic-gate #define KRB5_INT16_MAX 65535 2277c478bd9Sstevel@tonic-gate /* this strange form is necessary since - is a unary operator, not a sign 2287c478bd9Sstevel@tonic-gate indicator */ 2297c478bd9Sstevel@tonic-gate #define KRB5_INT16_MIN (-KRB5_INT16_MAX-1) 2307c478bd9Sstevel@tonic-gate 2317c478bd9Sstevel@tonic-gate /* 2327c478bd9Sstevel@tonic-gate * end wordsize.h 2337c478bd9Sstevel@tonic-gate */ 2347c478bd9Sstevel@tonic-gate 2357c478bd9Sstevel@tonic-gate /* 2367c478bd9Sstevel@tonic-gate * begin "base-defs.h" 2377c478bd9Sstevel@tonic-gate */ 2387c478bd9Sstevel@tonic-gate 2397c478bd9Sstevel@tonic-gate /* 2407c478bd9Sstevel@tonic-gate * Basic definitions for Kerberos V5 library 2417c478bd9Sstevel@tonic-gate */ 2427c478bd9Sstevel@tonic-gate 2437c478bd9Sstevel@tonic-gate #ifndef FALSE 2447c478bd9Sstevel@tonic-gate #define FALSE 0 2457c478bd9Sstevel@tonic-gate #endif 2467c478bd9Sstevel@tonic-gate #ifndef TRUE 2477c478bd9Sstevel@tonic-gate #define TRUE 1 2487c478bd9Sstevel@tonic-gate #endif 2497c478bd9Sstevel@tonic-gate 2507c478bd9Sstevel@tonic-gate typedef unsigned int krb5_boolean; 2517c478bd9Sstevel@tonic-gate typedef unsigned int krb5_msgtype; 2527c478bd9Sstevel@tonic-gate typedef unsigned int krb5_kvno; 2537c478bd9Sstevel@tonic-gate 254159d09a2SMark Phalan typedef krb5_int32 krb5_addrtype; 255159d09a2SMark Phalan typedef krb5_int32 krb5_enctype; 256159d09a2SMark Phalan typedef krb5_int32 krb5_cksumtype; 257159d09a2SMark Phalan typedef krb5_int32 krb5_authdatatype; 258159d09a2SMark Phalan typedef krb5_int32 krb5_keyusage; 2597c478bd9Sstevel@tonic-gate 2607c478bd9Sstevel@tonic-gate typedef krb5_int32 krb5_preauthtype; /* This may change, later on */ 2617c478bd9Sstevel@tonic-gate typedef krb5_int32 krb5_flags; 2627c478bd9Sstevel@tonic-gate typedef krb5_int32 krb5_timestamp; 2637c478bd9Sstevel@tonic-gate typedef krb5_int32 krb5_error_code; 2647c478bd9Sstevel@tonic-gate typedef krb5_int32 krb5_deltat; 2657c478bd9Sstevel@tonic-gate 2667c478bd9Sstevel@tonic-gate typedef krb5_error_code krb5_magic; 2677c478bd9Sstevel@tonic-gate 2687c478bd9Sstevel@tonic-gate typedef struct _krb5_data { 269159d09a2SMark Phalan krb5_magic magic; 270159d09a2SMark Phalan unsigned int length; 271159d09a2SMark Phalan char *data; 2727c478bd9Sstevel@tonic-gate } krb5_data; 2737c478bd9Sstevel@tonic-gate 274159d09a2SMark Phalan typedef struct _krb5_octet_data { 275159d09a2SMark Phalan krb5_magic magic; 276159d09a2SMark Phalan unsigned int length; 277159d09a2SMark Phalan krb5_octet *data; 278159d09a2SMark Phalan } krb5_octet_data; 279159d09a2SMark Phalan 280505d05c7Sgtb /* 281159d09a2SMark Phalan * Hack length for crypto library to use the afs_string_to_key It is 282159d09a2SMark Phalan * equivalent to -1 without possible sign extension 283159d09a2SMark Phalan * We also overload for an unset salt type length - which is also -1, but 284159d09a2SMark Phalan * hey, why not.... 285159d09a2SMark Phalan */ 286159d09a2SMark Phalan #define SALT_TYPE_AFS_LENGTH UINT_MAX 287159d09a2SMark Phalan #define SALT_TYPE_NO_LENGTH UINT_MAX 2887c478bd9Sstevel@tonic-gate 289159d09a2SMark Phalan typedef void * krb5_pointer; 290159d09a2SMark Phalan typedef void const * krb5_const_pointer; 2917c478bd9Sstevel@tonic-gate 2927c478bd9Sstevel@tonic-gate typedef struct krb5_principal_data { 2937c478bd9Sstevel@tonic-gate krb5_magic magic; 2947c478bd9Sstevel@tonic-gate krb5_data realm; 2957c478bd9Sstevel@tonic-gate krb5_data *data; /* An array of strings */ 2967c478bd9Sstevel@tonic-gate krb5_int32 length; 2977c478bd9Sstevel@tonic-gate krb5_int32 type; 2987c478bd9Sstevel@tonic-gate } krb5_principal_data; 2997c478bd9Sstevel@tonic-gate 3007c478bd9Sstevel@tonic-gate typedef krb5_principal_data * krb5_principal; 3017c478bd9Sstevel@tonic-gate 3027c478bd9Sstevel@tonic-gate /* 3037c478bd9Sstevel@tonic-gate * Per V5 spec on definition of principal types 3047c478bd9Sstevel@tonic-gate */ 3057c478bd9Sstevel@tonic-gate 3067c478bd9Sstevel@tonic-gate /* Name type not known */ 3077c478bd9Sstevel@tonic-gate #define KRB5_NT_UNKNOWN 0 3087c478bd9Sstevel@tonic-gate /* Just the name of the principal as in DCE, or for users */ 3097c478bd9Sstevel@tonic-gate #define KRB5_NT_PRINCIPAL 1 3107c478bd9Sstevel@tonic-gate /* Service and other unique instance (krbtgt) */ 3117c478bd9Sstevel@tonic-gate #define KRB5_NT_SRV_INST 2 3127c478bd9Sstevel@tonic-gate /* Service with host name as instance (telnet, rcommands) */ 3137c478bd9Sstevel@tonic-gate #define KRB5_NT_SRV_HST 3 3147c478bd9Sstevel@tonic-gate /* Service with host as remaining components */ 3157c478bd9Sstevel@tonic-gate #define KRB5_NT_SRV_XHST 4 3167c478bd9Sstevel@tonic-gate /* Unique ID */ 3177c478bd9Sstevel@tonic-gate #define KRB5_NT_UID 5 318*ba7b222eSGlenn Barry /* PKINIT */ 319*ba7b222eSGlenn Barry #define KRB5_NT_X500_PRINCIPAL 6 320*ba7b222eSGlenn Barry /* Name in form of SMTP email name */ 321*ba7b222eSGlenn Barry #define KRB5_NT_SMTP_NAME 7 322*ba7b222eSGlenn Barry /* Windows 2000 UPN */ 323*ba7b222eSGlenn Barry #define KRB5_NT_ENTERPRISE_PRINCIPAL 10 324*ba7b222eSGlenn Barry /* Windows 2000 UPN and SID */ 325*ba7b222eSGlenn Barry #define KRB5_NT_MS_PRINCIPAL -128 326*ba7b222eSGlenn Barry /* NT 4 style name */ 327*ba7b222eSGlenn Barry #define KRB5_NT_MS_PRINCIPAL_AND_ID -129 328*ba7b222eSGlenn Barry /* NT 4 style name and SID */ 329*ba7b222eSGlenn Barry #define KRB5_NT_ENT_PRINCIPAL_AND_ID -130 3307c478bd9Sstevel@tonic-gate 3317c478bd9Sstevel@tonic-gate /* constant version thereof: */ 332505d05c7Sgtb typedef const krb5_principal_data *krb5_const_principal; 3337c478bd9Sstevel@tonic-gate 3347c478bd9Sstevel@tonic-gate #define krb5_princ_realm(context, princ) (&(princ)->realm) 3357c478bd9Sstevel@tonic-gate #define krb5_princ_set_realm(context, princ,value) ((princ)->realm = *(value)) 3367c478bd9Sstevel@tonic-gate #define krb5_princ_set_realm_length(context, princ,value) (princ)->realm.length = (value) 3377c478bd9Sstevel@tonic-gate #define krb5_princ_set_realm_data(context, princ,value) (princ)->realm.data = (value) 3387c478bd9Sstevel@tonic-gate #define krb5_princ_size(context, princ) (princ)->length 3397c478bd9Sstevel@tonic-gate #define krb5_princ_type(context, princ) (princ)->type 3407c478bd9Sstevel@tonic-gate #define krb5_princ_name(context, princ) (princ)->data 341159d09a2SMark Phalan #define krb5_princ_component(context, princ,i) \ 342159d09a2SMark Phalan (((i) < krb5_princ_size(context, princ)) \ 343159d09a2SMark Phalan ? (princ)->data + (i) \ 344159d09a2SMark Phalan : NULL) 3457c478bd9Sstevel@tonic-gate 346fe598cdcSmp /* 347fe598cdcSmp * Constants for realm referrals. 348fe598cdcSmp */ 349fe598cdcSmp #define KRB5_REFERRAL_REALM "" 350fe598cdcSmp 351fe598cdcSmp /* 352fe598cdcSmp * Referral-specific functions. 353fe598cdcSmp */ 354fe598cdcSmp krb5_boolean KRB5_CALLCONV krb5_is_referral_realm(const krb5_data *); 355fe598cdcSmp 3567c478bd9Sstevel@tonic-gate /* 3577c478bd9Sstevel@tonic-gate * end "base-defs.h" 3587c478bd9Sstevel@tonic-gate */ 3597c478bd9Sstevel@tonic-gate 3607c478bd9Sstevel@tonic-gate /* 3617c478bd9Sstevel@tonic-gate * begin "hostaddr.h" 3627c478bd9Sstevel@tonic-gate */ 3637c478bd9Sstevel@tonic-gate 3647c478bd9Sstevel@tonic-gate /* structure for address */ 3657c478bd9Sstevel@tonic-gate typedef struct _krb5_address { 3667c478bd9Sstevel@tonic-gate krb5_magic magic; 3677c478bd9Sstevel@tonic-gate krb5_addrtype addrtype; 3687c478bd9Sstevel@tonic-gate unsigned int length; 3697c478bd9Sstevel@tonic-gate krb5_octet *contents; 3707c478bd9Sstevel@tonic-gate } krb5_address; 3717c478bd9Sstevel@tonic-gate 3727c478bd9Sstevel@tonic-gate /* per Kerberos v5 protocol spec */ 3737c478bd9Sstevel@tonic-gate #define ADDRTYPE_INET 0x0002 3747c478bd9Sstevel@tonic-gate #define ADDRTYPE_CHAOS 0x0005 3757c478bd9Sstevel@tonic-gate #define ADDRTYPE_XNS 0x0006 3767c478bd9Sstevel@tonic-gate #define ADDRTYPE_ISO 0x0007 377159d09a2SMark Phalan #define ADDRTYPE_DDP 0x0010 378159d09a2SMark Phalan #define ADDRTYPE_INET6 0x0018 3797c478bd9Sstevel@tonic-gate /* not yet in the spec... */ 380159d09a2SMark Phalan #define ADDRTYPE_ADDRPORT 0x0100 381159d09a2SMark Phalan #define ADDRTYPE_IPPORT 0x0101 3827c478bd9Sstevel@tonic-gate 3837c478bd9Sstevel@tonic-gate /* macros to determine if a type is a local type */ 3847c478bd9Sstevel@tonic-gate #define ADDRTYPE_IS_LOCAL(addrtype) (addrtype & 0x8000) 3857c478bd9Sstevel@tonic-gate 3867c478bd9Sstevel@tonic-gate /* 3877c478bd9Sstevel@tonic-gate * end "hostaddr.h" 3887c478bd9Sstevel@tonic-gate */ 3897c478bd9Sstevel@tonic-gate 3907c478bd9Sstevel@tonic-gate 3917c478bd9Sstevel@tonic-gate struct _krb5_context; 3927c478bd9Sstevel@tonic-gate typedef struct _krb5_context * krb5_context; 3937c478bd9Sstevel@tonic-gate 3947c478bd9Sstevel@tonic-gate struct _krb5_auth_context; 3957c478bd9Sstevel@tonic-gate typedef struct _krb5_auth_context * krb5_auth_context; 3967c478bd9Sstevel@tonic-gate 3977c478bd9Sstevel@tonic-gate struct _krb5_cryptosystem_entry; 3987c478bd9Sstevel@tonic-gate 399505d05c7Sgtb /* SUNW EF (I assume) crypto mods ... */ 4007c478bd9Sstevel@tonic-gate struct _krb5_keyblock; 4017c478bd9Sstevel@tonic-gate 4027c478bd9Sstevel@tonic-gate /* 4037c478bd9Sstevel@tonic-gate * keyblocks will contain a list of derived keys, 4047c478bd9Sstevel@tonic-gate * this structure will contain the derived key data. 4057c478bd9Sstevel@tonic-gate */ 4067c478bd9Sstevel@tonic-gate typedef struct _dk_node { 4077c478bd9Sstevel@tonic-gate krb5_keyusage usage; 4087c478bd9Sstevel@tonic-gate struct _krb5_keyblock *derived_key; 4097c478bd9Sstevel@tonic-gate uchar_t dkid; /* derived key identifier byte */ 4107c478bd9Sstevel@tonic-gate struct _dk_node *next; 4117c478bd9Sstevel@tonic-gate } krb5_dk_node; 4127c478bd9Sstevel@tonic-gate 4137c478bd9Sstevel@tonic-gate /* 4147c478bd9Sstevel@tonic-gate * begin "encryption.h" 4157c478bd9Sstevel@tonic-gate */ 416159d09a2SMark Phalan 4177c478bd9Sstevel@tonic-gate typedef struct _krb5_keyblock { 4187c478bd9Sstevel@tonic-gate krb5_magic magic; 4197c478bd9Sstevel@tonic-gate krb5_enctype enctype; 4207c478bd9Sstevel@tonic-gate unsigned int length; 4217c478bd9Sstevel@tonic-gate krb5_octet *contents; 4227c478bd9Sstevel@tonic-gate krb5_dk_node *dk_list; /* list of keys derived from this key */ 4237c478bd9Sstevel@tonic-gate #ifdef _KERNEL 4247c478bd9Sstevel@tonic-gate crypto_mech_type_t kef_mt; 4257c478bd9Sstevel@tonic-gate crypto_key_t kef_key; 4267c478bd9Sstevel@tonic-gate crypto_ctx_template_t key_tmpl; 4277c478bd9Sstevel@tonic-gate #else 4287c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hKey; /* PKCS#11 key object handle */ 4297c478bd9Sstevel@tonic-gate pid_t pid; /* fork safety */ 4307c478bd9Sstevel@tonic-gate #endif /* _KERNEL */ 4317c478bd9Sstevel@tonic-gate } krb5_keyblock; 4327c478bd9Sstevel@tonic-gate 4337c478bd9Sstevel@tonic-gate typedef struct _krb5_checksum { 4347c478bd9Sstevel@tonic-gate krb5_magic magic; 4357c478bd9Sstevel@tonic-gate krb5_cksumtype checksum_type; /* checksum type */ 4367c478bd9Sstevel@tonic-gate unsigned int length; 4377c478bd9Sstevel@tonic-gate krb5_octet *contents; 4387c478bd9Sstevel@tonic-gate } krb5_checksum; 4397c478bd9Sstevel@tonic-gate 4407c478bd9Sstevel@tonic-gate typedef struct _krb5_encrypt_block { 4417c478bd9Sstevel@tonic-gate krb5_magic magic; 4427c478bd9Sstevel@tonic-gate krb5_enctype crypto_entry; /* to call krb5_encrypt_size, you need 4437c478bd9Sstevel@tonic-gate this. it was a pointer, but it 4447c478bd9Sstevel@tonic-gate doesn't have to be. gross. */ 4457c478bd9Sstevel@tonic-gate krb5_keyblock *key; 4467c478bd9Sstevel@tonic-gate } krb5_encrypt_block; 4477c478bd9Sstevel@tonic-gate 4487c478bd9Sstevel@tonic-gate typedef struct _krb5_enc_data { 4497c478bd9Sstevel@tonic-gate krb5_magic magic; 4507c478bd9Sstevel@tonic-gate krb5_enctype enctype; 4517c478bd9Sstevel@tonic-gate krb5_kvno kvno; 4527c478bd9Sstevel@tonic-gate krb5_data ciphertext; 4537c478bd9Sstevel@tonic-gate } krb5_enc_data; 4547c478bd9Sstevel@tonic-gate 4557c478bd9Sstevel@tonic-gate /* per Kerberos v5 protocol spec */ 4567c478bd9Sstevel@tonic-gate #define ENCTYPE_NULL 0x0000 4577c478bd9Sstevel@tonic-gate #define ENCTYPE_DES_CBC_CRC 0x0001 /* DES cbc mode with CRC-32 */ 4587c478bd9Sstevel@tonic-gate #define ENCTYPE_DES_CBC_MD4 0x0002 /* DES cbc mode with RSA-MD4 */ 4597c478bd9Sstevel@tonic-gate #define ENCTYPE_DES_CBC_MD5 0x0003 /* DES cbc mode with RSA-MD5 */ 460159d09a2SMark Phalan #define ENCTYPE_DES_CBC_RAW 0x0004 /* DES cbc mode raw */ 4617c478bd9Sstevel@tonic-gate /* XXX deprecated? */ 4627c478bd9Sstevel@tonic-gate #define ENCTYPE_DES3_CBC_SHA 0x0005 /* DES-3 cbc mode with NIST-SHA */ 4637c478bd9Sstevel@tonic-gate #define ENCTYPE_DES3_CBC_RAW 0x0006 /* DES-3 cbc mode raw */ 464159d09a2SMark Phalan #define ENCTYPE_DES_HMAC_SHA1 0x0008 465159d09a2SMark Phalan #define ENCTYPE_DES3_CBC_SHA1 0x0010 466159d09a2SMark Phalan #define ENCTYPE_AES128_CTS_HMAC_SHA1_96 0x0011 467159d09a2SMark Phalan #define ENCTYPE_AES256_CTS_HMAC_SHA1_96 0x0012 4687c478bd9Sstevel@tonic-gate #define ENCTYPE_ARCFOUR_HMAC 0x0017 4697c478bd9Sstevel@tonic-gate #define ENCTYPE_ARCFOUR_HMAC_EXP 0x0018 470159d09a2SMark Phalan #define ENCTYPE_UNKNOWN 0x01ff 4717c478bd9Sstevel@tonic-gate 4727c478bd9Sstevel@tonic-gate #define CKSUMTYPE_CRC32 0x0001 4737c478bd9Sstevel@tonic-gate #define CKSUMTYPE_RSA_MD4 0x0002 4747c478bd9Sstevel@tonic-gate #define CKSUMTYPE_RSA_MD4_DES 0x0003 4757c478bd9Sstevel@tonic-gate #define CKSUMTYPE_DESCBC 0x0004 4767c478bd9Sstevel@tonic-gate /* des-mac-k */ 4777c478bd9Sstevel@tonic-gate /* rsa-md4-des-k */ 4787c478bd9Sstevel@tonic-gate #define CKSUMTYPE_RSA_MD5 0x0007 4797c478bd9Sstevel@tonic-gate #define CKSUMTYPE_RSA_MD5_DES 0x0008 480159d09a2SMark Phalan #define CKSUMTYPE_NIST_SHA 0x0009 481159d09a2SMark Phalan #define CKSUMTYPE_HMAC_SHA1_DES3 0x000c 4827c478bd9Sstevel@tonic-gate #define CKSUMTYPE_HMAC_SHA1_96_AES128 0x000f 4837c478bd9Sstevel@tonic-gate #define CKSUMTYPE_HMAC_SHA1_96_AES256 0x0010 4847c478bd9Sstevel@tonic-gate #define CKSUMTYPE_HMAC_MD5_ARCFOUR -138 /*Microsoft md5 hmac cksumtype*/ 4857c478bd9Sstevel@tonic-gate 486505d05c7Sgtb /* The following are entropy source designations. Whenever 487505d05c7Sgtb * krb5_C_random_add_entropy is called, one of these source ids is passed 488505d05c7Sgtb * in. This allows the library to better estimate bits of 489505d05c7Sgtb * entropy in the sample and to keep track of what sources of entropy have 490505d05c7Sgtb * contributed enough entropy. Sources marked internal MUST NOT be 491505d05c7Sgtb * used by applications outside the Kerberos library 492505d05c7Sgtb */ 493505d05c7Sgtb 494505d05c7Sgtb enum { 495505d05c7Sgtb KRB5_C_RANDSOURCE_OLDAPI = 0, /*calls to krb5_C_RANDOM_SEED (INTERNAL)*/ 496505d05c7Sgtb KRB5_C_RANDSOURCE_OSRAND = 1, /* /dev/random or equivalent (internal)*/ 497505d05c7Sgtb KRB5_C_RANDSOURCE_TRUSTEDPARTY = 2, /* From KDC or other trusted party*/ 498505d05c7Sgtb /*This source should be used carefully; data in this category 499505d05c7Sgtb * should be from a third party trusted to give random bits 500505d05c7Sgtb * For example keys issued by the KDC in the application server. 501505d05c7Sgtb */ 502505d05c7Sgtb KRB5_C_RANDSOURCE_TIMING = 3, /* Timing of operations*/ 503505d05c7Sgtb KRB5_C_RANDSOURCE_EXTERNAL_PROTOCOL = 4, /*Protocol data possibly from attacker*/ 504505d05c7Sgtb KRB5_C_RANDSOURCE_MAX = 5 /*Do not use; maximum source ID*/ 505505d05c7Sgtb }; 5067c478bd9Sstevel@tonic-gate 5077c478bd9Sstevel@tonic-gate #ifndef krb5_roundup 5087c478bd9Sstevel@tonic-gate /* round x up to nearest multiple of y */ 5097c478bd9Sstevel@tonic-gate #define krb5_roundup(x, y) ((((x) + (y) - 1)/(y))*(y)) 5107c478bd9Sstevel@tonic-gate #endif /* roundup */ 5117c478bd9Sstevel@tonic-gate 5127c478bd9Sstevel@tonic-gate /* macro function definitions to help clean up code */ 5137c478bd9Sstevel@tonic-gate 5147c478bd9Sstevel@tonic-gate #ifndef _KERNEL 5157c478bd9Sstevel@tonic-gate #define krb5_x(ptr,args) ((ptr)?((*(ptr)) args):(abort(),1)) 5167c478bd9Sstevel@tonic-gate #define krb5_xc(ptr,args) ((ptr)?((*(ptr)) args):(abort(),(char*)0)) 5177c478bd9Sstevel@tonic-gate #else 5187c478bd9Sstevel@tonic-gate #define krb5_x(ptr,args) ((*(ptr)) args) 5197c478bd9Sstevel@tonic-gate #define krb5_xc(ptr,args) ((*(ptr)) args) 5207c478bd9Sstevel@tonic-gate #endif 5217c478bd9Sstevel@tonic-gate 5227c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 5237c478bd9Sstevel@tonic-gate krb5_c_encrypt 524159d09a2SMark Phalan (krb5_context context, const krb5_keyblock *key, 525159d09a2SMark Phalan krb5_keyusage usage, const krb5_data *cipher_state, 526505d05c7Sgtb const krb5_data *input, krb5_enc_data *output); 5277c478bd9Sstevel@tonic-gate 5287c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 5297c478bd9Sstevel@tonic-gate krb5_c_decrypt 530159d09a2SMark Phalan (krb5_context context, const krb5_keyblock *key, 531159d09a2SMark Phalan krb5_keyusage usage, const krb5_data *cipher_state, 532505d05c7Sgtb const krb5_enc_data *input, krb5_data *output); 5337c478bd9Sstevel@tonic-gate 5347c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 5357c478bd9Sstevel@tonic-gate krb5_c_encrypt_length 536505d05c7Sgtb (krb5_context context, krb5_enctype enctype, 537505d05c7Sgtb size_t inputlen, size_t *length); 5387c478bd9Sstevel@tonic-gate 5397c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 5407c478bd9Sstevel@tonic-gate krb5_c_block_size 541505d05c7Sgtb (krb5_context context, krb5_enctype enctype, 542505d05c7Sgtb size_t *blocksize); 5437c478bd9Sstevel@tonic-gate 544159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV 545159d09a2SMark Phalan krb5_c_keylengths 546159d09a2SMark Phalan (krb5_context context, krb5_enctype enctype, 547159d09a2SMark Phalan size_t *keybytes, size_t *keylength); 548159d09a2SMark Phalan 5497c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 5507c478bd9Sstevel@tonic-gate krb5_c_init_state(krb5_context, 5517c478bd9Sstevel@tonic-gate const krb5_keyblock *, krb5_keyusage, 5527c478bd9Sstevel@tonic-gate krb5_data *); 5537c478bd9Sstevel@tonic-gate 5547c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 5557c478bd9Sstevel@tonic-gate krb5_c_free_state(krb5_context, 5567c478bd9Sstevel@tonic-gate const krb5_keyblock *, krb5_data *); 5577c478bd9Sstevel@tonic-gate 5587c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 5597c478bd9Sstevel@tonic-gate krb5_c_make_random_key 560505d05c7Sgtb (krb5_context context, krb5_enctype enctype, 561505d05c7Sgtb krb5_keyblock *random_key); 562505d05c7Sgtb 563159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV 564159d09a2SMark Phalan krb5_c_random_to_key 565159d09a2SMark Phalan (krb5_context context, krb5_enctype enctype, 566159d09a2SMark Phalan krb5_data *random_data, krb5_keyblock *k5_random_key); 567159d09a2SMark Phalan 568505d05c7Sgtb /* Register a new entropy sample with the PRNG. may cause 569505d05c7Sgtb * the PRNG to be reseeded, although this is not guaranteed. See previous randsource definitions 570505d05c7Sgtb * for information on how each source should be used. 571505d05c7Sgtb */ 572505d05c7Sgtb krb5_error_code KRB5_CALLCONV 573505d05c7Sgtb krb5_c_random_add_entropy 574505d05c7Sgtb (krb5_context context, unsigned int randsource_id, const krb5_data *data); 5757c478bd9Sstevel@tonic-gate 5767c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 5777c478bd9Sstevel@tonic-gate krb5_c_random_make_octets 578505d05c7Sgtb (krb5_context context, krb5_data *data); 579505d05c7Sgtb 580159d09a2SMark Phalan /* 581159d09a2SMark Phalan * Collect entropy from the OS if possible. strong requests that as strong 582159d09a2SMark Phalan * of a source of entropy as available be used. Setting strong may 583159d09a2SMark Phalan * increase the probability of blocking and should not be used for normal 584159d09a2SMark Phalan * applications. Good uses include seeding the PRNG for kadmind 585159d09a2SMark Phalan * and realm setup. 586159d09a2SMark Phalan * If successful is non-null, then successful is set to 1 if the OS provided 587159d09a2SMark Phalan * entropy else zero. 588159d09a2SMark Phalan */ 589505d05c7Sgtb #if 0 /* SUNW14resync - not used in Solaris */ 590159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV 591159d09a2SMark Phalan krb5_c_random_os_entropy 592159d09a2SMark Phalan (krb5_context context, int strong, int *success); 593505d05c7Sgtb #endif 5947c478bd9Sstevel@tonic-gate 595505d05c7Sgtb /*deprecated*/ krb5_error_code KRB5_CALLCONV 5967c478bd9Sstevel@tonic-gate krb5_c_random_seed 597505d05c7Sgtb (krb5_context context, krb5_data *data); 5987c478bd9Sstevel@tonic-gate 5997c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 6007c478bd9Sstevel@tonic-gate krb5_c_string_to_key 601505d05c7Sgtb (krb5_context context, krb5_enctype enctype, 602505d05c7Sgtb const krb5_data *string, const krb5_data *salt, 603505d05c7Sgtb krb5_keyblock *key); 604159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV 6057c478bd9Sstevel@tonic-gate krb5_c_string_to_key_with_params(krb5_context context, 606159d09a2SMark Phalan krb5_enctype enctype, 607159d09a2SMark Phalan const krb5_data *string, 608159d09a2SMark Phalan const krb5_data *salt, 609159d09a2SMark Phalan const krb5_data *params, 610159d09a2SMark Phalan krb5_keyblock *key); 6117c478bd9Sstevel@tonic-gate 6127c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 6137c478bd9Sstevel@tonic-gate krb5_c_enctype_compare 614505d05c7Sgtb (krb5_context context, krb5_enctype e1, krb5_enctype e2, 615505d05c7Sgtb krb5_boolean *similar); 6167c478bd9Sstevel@tonic-gate 6177c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 6187c478bd9Sstevel@tonic-gate krb5_c_make_checksum 619505d05c7Sgtb (krb5_context context, krb5_cksumtype cksumtype, 620505d05c7Sgtb const krb5_keyblock *key, krb5_keyusage usage, 621505d05c7Sgtb const krb5_data *input, krb5_checksum *cksum); 622159d09a2SMark Phalan 6237c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 6247c478bd9Sstevel@tonic-gate krb5_c_verify_checksum 625159d09a2SMark Phalan (krb5_context context, 626505d05c7Sgtb const krb5_keyblock *key, krb5_keyusage usage, 627505d05c7Sgtb const krb5_data *data, 628505d05c7Sgtb const krb5_checksum *cksum, 629505d05c7Sgtb krb5_boolean *valid); 630159d09a2SMark Phalan 6317c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 6327c478bd9Sstevel@tonic-gate krb5_c_checksum_length 633505d05c7Sgtb (krb5_context context, krb5_cksumtype cksumtype, 634505d05c7Sgtb size_t *length); 6357c478bd9Sstevel@tonic-gate 6367c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 6377c478bd9Sstevel@tonic-gate krb5_c_keyed_checksum_types 638159d09a2SMark Phalan (krb5_context context, krb5_enctype enctype, 639505d05c7Sgtb unsigned int *count, krb5_cksumtype **cksumtypes); 6407c478bd9Sstevel@tonic-gate 6417c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_AS_REQ_PA_ENC_TS 1 6427c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_KDC_REP_TICKET 2 6437c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_AS_REP_ENCPART 3 6447c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_TGS_REQ_AD_SESSKEY 4 6457c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_TGS_REQ_AD_SUBKEY 5 6467c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_TGS_REQ_AUTH_CKSUM 6 6477c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_TGS_REQ_AUTH 7 6487c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_TGS_REP_ENCPART_SESSKEY 8 6497c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_TGS_REP_ENCPART_SUBKEY 9 6507c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_AP_REQ_AUTH_CKSUM 10 6517c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_AP_REQ_AUTH 11 6527c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_AP_REP_ENCPART 12 6537c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_KRB_PRIV_ENCPART 13 6547c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_KRB_CRED_ENCPART 14 6557c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_KRB_SAFE_CKSUM 15 6567c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_APP_DATA_ENCRYPT 16 6577c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_APP_DATA_CKSUM 17 6587c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_KRB_ERROR_CKSUM 18 6597c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_AD_KDCISSUED_CKSUM 19 6607c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_AD_MTE 20 6617c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_AD_ITE 21 6627c478bd9Sstevel@tonic-gate 6637c478bd9Sstevel@tonic-gate /* XXX need to register these */ 6647c478bd9Sstevel@tonic-gate 6657c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_GSS_TOK_MIC 22 6667c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_GSS_TOK_WRAP_INTEG 23 6677c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_GSS_TOK_WRAP_PRIV 24 6687c478bd9Sstevel@tonic-gate 6697c478bd9Sstevel@tonic-gate /* Defined in hardware preauth draft */ 6707c478bd9Sstevel@tonic-gate 6717c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_PA_SAM_CHALLENGE_CKSUM 25 6727c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_PA_SAM_CHALLENGE_TRACKID 26 6737c478bd9Sstevel@tonic-gate #define KRB5_KEYUSAGE_PA_SAM_RESPONSE 27 6747c478bd9Sstevel@tonic-gate 675fe598cdcSmp /* Defined in KDC referrals draft */ 676fe598cdcSmp #define KRB5_KEYUSAGE_PA_REFERRAL 26 /* XXX note conflict with above */ 677fe598cdcSmp 6787c478bd9Sstevel@tonic-gate krb5_boolean KRB5_CALLCONV krb5_c_valid_enctype 679159d09a2SMark Phalan (krb5_enctype ktype); 6807c478bd9Sstevel@tonic-gate krb5_boolean KRB5_CALLCONV krb5_c_valid_cksumtype 681159d09a2SMark Phalan (krb5_cksumtype ctype); 6827c478bd9Sstevel@tonic-gate krb5_boolean KRB5_CALLCONV krb5_c_is_coll_proof_cksum 683159d09a2SMark Phalan (krb5_cksumtype ctype); 6847c478bd9Sstevel@tonic-gate krb5_boolean KRB5_CALLCONV krb5_c_is_keyed_cksum 685159d09a2SMark Phalan (krb5_cksumtype ctype); 686505d05c7Sgtb 687505d05c7Sgtb #if KRB5_PRIVATE 688505d05c7Sgtb /* Use the above four instead. */ 689505d05c7Sgtb krb5_boolean KRB5_CALLCONV valid_enctype 690159d09a2SMark Phalan (krb5_enctype ktype); 691505d05c7Sgtb krb5_boolean KRB5_CALLCONV valid_cksumtype 692159d09a2SMark Phalan (krb5_cksumtype ctype); 693505d05c7Sgtb krb5_boolean KRB5_CALLCONV is_coll_proof_cksum 694159d09a2SMark Phalan (krb5_cksumtype ctype); 695505d05c7Sgtb krb5_boolean KRB5_CALLCONV is_keyed_cksum 696159d09a2SMark Phalan (krb5_cksumtype ctype); 697505d05c7Sgtb #endif 6987c478bd9Sstevel@tonic-gate 69910db1377Sgtb #ifdef KRB5_OLD_CRYPTO 70010db1377Sgtb /* 70110db1377Sgtb * old cryptosystem routine prototypes. These are now layered 70210db1377Sgtb * on top of the functions above. 70310db1377Sgtb */ 704159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV krb5_encrypt 705159d09a2SMark Phalan (krb5_context context, 706159d09a2SMark Phalan krb5_const_pointer inptr, 707159d09a2SMark Phalan krb5_pointer outptr, 708159d09a2SMark Phalan size_t size, 709159d09a2SMark Phalan krb5_encrypt_block * eblock, 710159d09a2SMark Phalan krb5_pointer ivec); 711159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV krb5_decrypt 712159d09a2SMark Phalan (krb5_context context, 713159d09a2SMark Phalan krb5_const_pointer inptr, 714159d09a2SMark Phalan krb5_pointer outptr, 715159d09a2SMark Phalan size_t size, 716159d09a2SMark Phalan krb5_encrypt_block * eblock, 717159d09a2SMark Phalan krb5_pointer ivec); 718159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV krb5_process_key 719159d09a2SMark Phalan (krb5_context context, 720159d09a2SMark Phalan krb5_encrypt_block * eblock, 721159d09a2SMark Phalan const krb5_keyblock * key); 722159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV krb5_finish_key 723159d09a2SMark Phalan (krb5_context context, 724159d09a2SMark Phalan krb5_encrypt_block * eblock); 72510db1377Sgtb krb5_error_code KRB5_CALLCONV krb5_string_to_key 726159d09a2SMark Phalan (krb5_context context, 727159d09a2SMark Phalan const krb5_encrypt_block * eblock, 728159d09a2SMark Phalan krb5_keyblock * keyblock, 729159d09a2SMark Phalan const krb5_data * data, 730159d09a2SMark Phalan const krb5_data * salt); 731159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV krb5_init_random_key 732159d09a2SMark Phalan (krb5_context context, 733159d09a2SMark Phalan const krb5_encrypt_block * eblock, 734159d09a2SMark Phalan const krb5_keyblock * keyblock, 735159d09a2SMark Phalan krb5_pointer * ptr); 736159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV krb5_finish_random_key 737159d09a2SMark Phalan (krb5_context context, 738159d09a2SMark Phalan const krb5_encrypt_block * eblock, 739159d09a2SMark Phalan krb5_pointer * ptr); 740159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV krb5_random_key 741159d09a2SMark Phalan (krb5_context context, 742159d09a2SMark Phalan const krb5_encrypt_block * eblock, 743159d09a2SMark Phalan krb5_pointer ptr, 744159d09a2SMark Phalan krb5_keyblock ** keyblock); 745159d09a2SMark Phalan krb5_enctype KRB5_CALLCONV krb5_eblock_enctype 746159d09a2SMark Phalan (krb5_context context, 747159d09a2SMark Phalan const krb5_encrypt_block * eblock); 748159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV krb5_use_enctype 749159d09a2SMark Phalan (krb5_context context, 750159d09a2SMark Phalan krb5_encrypt_block * eblock, 751159d09a2SMark Phalan krb5_enctype enctype); 752159d09a2SMark Phalan size_t KRB5_CALLCONV krb5_encrypt_size 753159d09a2SMark Phalan (size_t length, 754159d09a2SMark Phalan krb5_enctype crypto); 75510db1377Sgtb size_t KRB5_CALLCONV krb5_checksum_size 75610db1377Sgtb (krb5_context context, 75710db1377Sgtb krb5_cksumtype ctype); 758159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV krb5_calculate_checksum 759159d09a2SMark Phalan (krb5_context context, 760159d09a2SMark Phalan krb5_cksumtype ctype, 761159d09a2SMark Phalan krb5_const_pointer in, size_t in_length, 762159d09a2SMark Phalan krb5_const_pointer seed, size_t seed_length, 763159d09a2SMark Phalan krb5_checksum * outcksum); 764159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV krb5_verify_checksum 765159d09a2SMark Phalan (krb5_context context, 766159d09a2SMark Phalan krb5_cksumtype ctype, 767159d09a2SMark Phalan const krb5_checksum * cksum, 768159d09a2SMark Phalan krb5_const_pointer in, size_t in_length, 769159d09a2SMark Phalan krb5_const_pointer seed, size_t seed_length); 770159d09a2SMark Phalan 771159d09a2SMark Phalan #if KRB5_PRIVATE 772159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV krb5_random_confounder 773159d09a2SMark Phalan (size_t, krb5_pointer); 774159d09a2SMark Phalan 775159d09a2SMark Phalan krb5_error_code krb5_encrypt_data 776159d09a2SMark Phalan (krb5_context context, krb5_keyblock *key, 777159d09a2SMark Phalan krb5_pointer ivec, krb5_data *data, 778159d09a2SMark Phalan krb5_enc_data *enc_data); 779159d09a2SMark Phalan 780159d09a2SMark Phalan krb5_error_code krb5_decrypt_data 781159d09a2SMark Phalan (krb5_context context, krb5_keyblock *key, 782159d09a2SMark Phalan krb5_pointer ivec, krb5_enc_data *data, 783159d09a2SMark Phalan krb5_data *enc_data); 784159d09a2SMark Phalan #endif 785159d09a2SMark Phalan 78610db1377Sgtb #endif /* KRB5_OLD_CRYPTO */ 7877c478bd9Sstevel@tonic-gate 7887c478bd9Sstevel@tonic-gate /* 7897c478bd9Sstevel@tonic-gate * end "encryption.h" 7907c478bd9Sstevel@tonic-gate */ 7917c478bd9Sstevel@tonic-gate 7927c478bd9Sstevel@tonic-gate /* 7937c478bd9Sstevel@tonic-gate * begin "fieldbits.h" 7947c478bd9Sstevel@tonic-gate */ 7957c478bd9Sstevel@tonic-gate 7967c478bd9Sstevel@tonic-gate /* kdc_options for kdc_request */ 7977c478bd9Sstevel@tonic-gate /* options is 32 bits; each host is responsible to put the 4 bytes 7987c478bd9Sstevel@tonic-gate representing these bits into net order before transmission */ 7997c478bd9Sstevel@tonic-gate /* #define KDC_OPT_RESERVED 0x80000000 */ 8007c478bd9Sstevel@tonic-gate #define KDC_OPT_FORWARDABLE 0x40000000 8017c478bd9Sstevel@tonic-gate #define KDC_OPT_FORWARDED 0x20000000 8027c478bd9Sstevel@tonic-gate #define KDC_OPT_PROXIABLE 0x10000000 8037c478bd9Sstevel@tonic-gate #define KDC_OPT_PROXY 0x08000000 8047c478bd9Sstevel@tonic-gate #define KDC_OPT_ALLOW_POSTDATE 0x04000000 8057c478bd9Sstevel@tonic-gate #define KDC_OPT_POSTDATED 0x02000000 8067c478bd9Sstevel@tonic-gate /* #define KDC_OPT_UNUSED 0x01000000 */ 8077c478bd9Sstevel@tonic-gate #define KDC_OPT_RENEWABLE 0x00800000 8087c478bd9Sstevel@tonic-gate /* #define KDC_OPT_UNUSED 0x00400000 */ 8097c478bd9Sstevel@tonic-gate /* #define KDC_OPT_RESERVED 0x00200000 */ 8107c478bd9Sstevel@tonic-gate /* #define KDC_OPT_RESERVED 0x00100000 */ 8117c478bd9Sstevel@tonic-gate /* #define KDC_OPT_RESERVED 0x00080000 */ 8127c478bd9Sstevel@tonic-gate /* #define KDC_OPT_RESERVED 0x00040000 */ 8137c478bd9Sstevel@tonic-gate #define KDC_OPT_REQUEST_ANONYMOUS 0x00020000 814fe598cdcSmp #define KDC_OPT_CANONICALIZE 0x00010000 8157c478bd9Sstevel@tonic-gate /* #define KDC_OPT_RESERVED 0x00008000 */ 8167c478bd9Sstevel@tonic-gate /* #define KDC_OPT_RESERVED 0x00004000 */ 8177c478bd9Sstevel@tonic-gate /* #define KDC_OPT_RESERVED 0x00002000 */ 8187c478bd9Sstevel@tonic-gate /* #define KDC_OPT_RESERVED 0x00001000 */ 8197c478bd9Sstevel@tonic-gate /* #define KDC_OPT_RESERVED 0x00000800 */ 8207c478bd9Sstevel@tonic-gate /* #define KDC_OPT_RESERVED 0x00000400 */ 8217c478bd9Sstevel@tonic-gate /* #define KDC_OPT_RESERVED 0x00000200 */ 8227c478bd9Sstevel@tonic-gate /* #define KDC_OPT_RESERVED 0x00000100 */ 8237c478bd9Sstevel@tonic-gate /* #define KDC_OPT_RESERVED 0x00000080 */ 8247c478bd9Sstevel@tonic-gate /* #define KDC_OPT_RESERVED 0x00000040 */ 825159d09a2SMark Phalan #define KDC_OPT_DISABLE_TRANSITED_CHECK 0x00000020 8267c478bd9Sstevel@tonic-gate #define KDC_OPT_RENEWABLE_OK 0x00000010 8277c478bd9Sstevel@tonic-gate #define KDC_OPT_ENC_TKT_IN_SKEY 0x00000008 8287c478bd9Sstevel@tonic-gate /* #define KDC_OPT_UNUSED 0x00000004 */ 8297c478bd9Sstevel@tonic-gate #define KDC_OPT_RENEW 0x00000002 8307c478bd9Sstevel@tonic-gate #define KDC_OPT_VALIDATE 0x00000001 8317c478bd9Sstevel@tonic-gate 8327c478bd9Sstevel@tonic-gate /* 8337c478bd9Sstevel@tonic-gate * Mask of ticket flags in the TGT which should be converted into KDC 8347c478bd9Sstevel@tonic-gate * options when using the TGT to get derivitive tickets. 835159d09a2SMark Phalan * 8367c478bd9Sstevel@tonic-gate * New mask = KDC_OPT_FORWARDABLE | KDC_OPT_PROXIABLE | 837159d09a2SMark Phalan * KDC_OPT_ALLOW_POSTDATE | KDC_OPT_RENEWABLE 8387c478bd9Sstevel@tonic-gate */ 8397c478bd9Sstevel@tonic-gate #define KDC_TKT_COMMON_MASK 0x54800000 8407c478bd9Sstevel@tonic-gate 8417c478bd9Sstevel@tonic-gate /* definitions for ap_options fields */ 8427c478bd9Sstevel@tonic-gate /* ap_options are 32 bits; each host is responsible to put the 4 bytes 8437c478bd9Sstevel@tonic-gate representing these bits into net order before transmission */ 8447c478bd9Sstevel@tonic-gate #define AP_OPTS_RESERVED 0x80000000 8457c478bd9Sstevel@tonic-gate #define AP_OPTS_USE_SESSION_KEY 0x40000000 8467c478bd9Sstevel@tonic-gate #define AP_OPTS_MUTUAL_REQUIRED 0x20000000 8477c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x10000000 */ 8487c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x08000000 */ 8497c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x04000000 */ 8507c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x02000000 */ 8517c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x01000000 */ 8527c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00800000 */ 8537c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00400000 */ 8547c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00200000 */ 8557c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00100000 */ 8567c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00080000 */ 8577c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00040000 */ 8587c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00020000 */ 8597c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00010000 */ 8607c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00008000 */ 8617c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00004000 */ 8627c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00002000 */ 8637c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00001000 */ 8647c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00000800 */ 8657c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00000400 */ 8667c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00000200 */ 8677c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00000100 */ 8687c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00000080 */ 8697c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00000040 */ 8707c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00000020 */ 8717c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00000010 */ 8727c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00000008 */ 8737c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00000004 */ 8747c478bd9Sstevel@tonic-gate /* #define AP_OPTS_RESERVED 0x00000002 */ 875159d09a2SMark Phalan #define AP_OPTS_USE_SUBKEY 0x00000001 8767c478bd9Sstevel@tonic-gate 8777c478bd9Sstevel@tonic-gate #define AP_OPTS_WIRE_MASK 0xfffffff0 8787c478bd9Sstevel@tonic-gate 8797c478bd9Sstevel@tonic-gate /* definitions for ad_type fields. */ 8807c478bd9Sstevel@tonic-gate #define AD_TYPE_RESERVED 0x8000 8817c478bd9Sstevel@tonic-gate #define AD_TYPE_EXTERNAL 0x4000 8827c478bd9Sstevel@tonic-gate #define AD_TYPE_REGISTERED 0x2000 8837c478bd9Sstevel@tonic-gate 8847c478bd9Sstevel@tonic-gate #define AD_TYPE_FIELD_TYPE_MASK 0x1fff 8857c478bd9Sstevel@tonic-gate 8867c478bd9Sstevel@tonic-gate /* Ticket flags */ 8877c478bd9Sstevel@tonic-gate /* flags are 32 bits; each host is responsible to put the 4 bytes 8887c478bd9Sstevel@tonic-gate representing these bits into net order before transmission */ 8897c478bd9Sstevel@tonic-gate /* #define TKT_FLG_RESERVED 0x80000000 */ 8907c478bd9Sstevel@tonic-gate #define TKT_FLG_FORWARDABLE 0x40000000 8917c478bd9Sstevel@tonic-gate #define TKT_FLG_FORWARDED 0x20000000 8927c478bd9Sstevel@tonic-gate #define TKT_FLG_PROXIABLE 0x10000000 8937c478bd9Sstevel@tonic-gate #define TKT_FLG_PROXY 0x08000000 8947c478bd9Sstevel@tonic-gate #define TKT_FLG_MAY_POSTDATE 0x04000000 8957c478bd9Sstevel@tonic-gate #define TKT_FLG_POSTDATED 0x02000000 8967c478bd9Sstevel@tonic-gate #define TKT_FLG_INVALID 0x01000000 8977c478bd9Sstevel@tonic-gate #define TKT_FLG_RENEWABLE 0x00800000 8987c478bd9Sstevel@tonic-gate #define TKT_FLG_INITIAL 0x00400000 8997c478bd9Sstevel@tonic-gate #define TKT_FLG_PRE_AUTH 0x00200000 9007c478bd9Sstevel@tonic-gate #define TKT_FLG_HW_AUTH 0x00100000 9017c478bd9Sstevel@tonic-gate #define TKT_FLG_TRANSIT_POLICY_CHECKED 0x00080000 9027c478bd9Sstevel@tonic-gate #define TKT_FLG_OK_AS_DELEGATE 0x00040000 9037c478bd9Sstevel@tonic-gate #define TKT_FLG_ANONYMOUS 0x00020000 9047c478bd9Sstevel@tonic-gate /* #define TKT_FLG_RESERVED 0x00010000 */ 9057c478bd9Sstevel@tonic-gate /* #define TKT_FLG_RESERVED 0x00008000 */ 9067c478bd9Sstevel@tonic-gate /* #define TKT_FLG_RESERVED 0x00004000 */ 9077c478bd9Sstevel@tonic-gate /* #define TKT_FLG_RESERVED 0x00002000 */ 9087c478bd9Sstevel@tonic-gate /* #define TKT_FLG_RESERVED 0x00001000 */ 9097c478bd9Sstevel@tonic-gate /* #define TKT_FLG_RESERVED 0x00000800 */ 9107c478bd9Sstevel@tonic-gate /* #define TKT_FLG_RESERVED 0x00000400 */ 9117c478bd9Sstevel@tonic-gate /* #define TKT_FLG_RESERVED 0x00000200 */ 9127c478bd9Sstevel@tonic-gate /* #define TKT_FLG_RESERVED 0x00000100 */ 9137c478bd9Sstevel@tonic-gate /* #define TKT_FLG_RESERVED 0x00000080 */ 9147c478bd9Sstevel@tonic-gate /* #define TKT_FLG_RESERVED 0x00000040 */ 9157c478bd9Sstevel@tonic-gate /* #define TKT_FLG_RESERVED 0x00000020 */ 9167c478bd9Sstevel@tonic-gate /* #define TKT_FLG_RESERVED 0x00000010 */ 9177c478bd9Sstevel@tonic-gate /* #define TKT_FLG_RESERVED 0x00000008 */ 9187c478bd9Sstevel@tonic-gate /* #define TKT_FLG_RESERVED 0x00000004 */ 9197c478bd9Sstevel@tonic-gate /* #define TKT_FLG_RESERVED 0x00000002 */ 9207c478bd9Sstevel@tonic-gate /* #define TKT_FLG_RESERVED 0x00000001 */ 9217c478bd9Sstevel@tonic-gate 9227c478bd9Sstevel@tonic-gate /* definitions for lr_type fields. */ 9237c478bd9Sstevel@tonic-gate #define LR_TYPE_THIS_SERVER_ONLY 0x8000 9247c478bd9Sstevel@tonic-gate 9257c478bd9Sstevel@tonic-gate #define LR_TYPE_INTERPRETATION_MASK 0x7fff 9267c478bd9Sstevel@tonic-gate 9277c478bd9Sstevel@tonic-gate /* definitions for ad_type fields. */ 9287c478bd9Sstevel@tonic-gate #define AD_TYPE_EXTERNAL 0x4000 9297c478bd9Sstevel@tonic-gate #define AD_TYPE_REGISTERED 0x2000 9307c478bd9Sstevel@tonic-gate 9317c478bd9Sstevel@tonic-gate #define AD_TYPE_FIELD_TYPE_MASK 0x1fff 9327c478bd9Sstevel@tonic-gate #define AD_TYPE_INTERNAL_MASK 0x3fff 9337c478bd9Sstevel@tonic-gate 9347c478bd9Sstevel@tonic-gate /* definitions for msec direction bit for KRB_SAFE, KRB_PRIV */ 9357c478bd9Sstevel@tonic-gate #define MSEC_DIRBIT 0x8000 9367c478bd9Sstevel@tonic-gate #define MSEC_VAL_MASK 0x7fff 9377c478bd9Sstevel@tonic-gate 9387c478bd9Sstevel@tonic-gate /* 9397c478bd9Sstevel@tonic-gate * end "fieldbits.h" 9407c478bd9Sstevel@tonic-gate */ 9417c478bd9Sstevel@tonic-gate 9427c478bd9Sstevel@tonic-gate /* 9437c478bd9Sstevel@tonic-gate * begin "proto.h" 9447c478bd9Sstevel@tonic-gate */ 9457c478bd9Sstevel@tonic-gate 9467c478bd9Sstevel@tonic-gate /* Protocol version number */ 9477c478bd9Sstevel@tonic-gate #define KRB5_PVNO 5 9487c478bd9Sstevel@tonic-gate 9497c478bd9Sstevel@tonic-gate /* Message types */ 9507c478bd9Sstevel@tonic-gate 9517c478bd9Sstevel@tonic-gate #define KRB5_AS_REQ ((krb5_msgtype)10) /* Req for initial authentication */ 9527c478bd9Sstevel@tonic-gate #define KRB5_AS_REP ((krb5_msgtype)11) /* Response to KRB_AS_REQ request */ 9537c478bd9Sstevel@tonic-gate #define KRB5_TGS_REQ ((krb5_msgtype)12) /* TGS request to server */ 9547c478bd9Sstevel@tonic-gate #define KRB5_TGS_REP ((krb5_msgtype)13) /* Response to KRB_TGS_REQ req */ 9557c478bd9Sstevel@tonic-gate #define KRB5_AP_REQ ((krb5_msgtype)14) /* application request to server */ 9567c478bd9Sstevel@tonic-gate #define KRB5_AP_REP ((krb5_msgtype)15) /* Response to KRB_AP_REQ_MUTUAL */ 9577c478bd9Sstevel@tonic-gate #define KRB5_SAFE ((krb5_msgtype)20) /* Safe application message */ 9587c478bd9Sstevel@tonic-gate #define KRB5_PRIV ((krb5_msgtype)21) /* Private application message */ 9597c478bd9Sstevel@tonic-gate #define KRB5_CRED ((krb5_msgtype)22) /* Credential forwarding message */ 9607c478bd9Sstevel@tonic-gate #define KRB5_ERROR ((krb5_msgtype)30) /* Error response */ 9617c478bd9Sstevel@tonic-gate 9627c478bd9Sstevel@tonic-gate /* LastReq types */ 963159d09a2SMark Phalan #define KRB5_LRQ_NONE 0 964159d09a2SMark Phalan #define KRB5_LRQ_ALL_LAST_TGT 1 965159d09a2SMark Phalan #define KRB5_LRQ_ONE_LAST_TGT (-1) 966159d09a2SMark Phalan #define KRB5_LRQ_ALL_LAST_INITIAL 2 967159d09a2SMark Phalan #define KRB5_LRQ_ONE_LAST_INITIAL (-2) 968159d09a2SMark Phalan #define KRB5_LRQ_ALL_LAST_TGT_ISSUED 3 969159d09a2SMark Phalan #define KRB5_LRQ_ONE_LAST_TGT_ISSUED (-3) 970159d09a2SMark Phalan #define KRB5_LRQ_ALL_LAST_RENEWAL 4 971159d09a2SMark Phalan #define KRB5_LRQ_ONE_LAST_RENEWAL (-4) 972159d09a2SMark Phalan #define KRB5_LRQ_ALL_LAST_REQ 5 973159d09a2SMark Phalan #define KRB5_LRQ_ONE_LAST_REQ (-5) 974159d09a2SMark Phalan #define KRB5_LRQ_ALL_PW_EXPTIME 6 975159d09a2SMark Phalan #define KRB5_LRQ_ONE_PW_EXPTIME (-6) 9767c478bd9Sstevel@tonic-gate 9777c478bd9Sstevel@tonic-gate /* PADATA types */ 978159d09a2SMark Phalan #define KRB5_PADATA_NONE 0 9797c478bd9Sstevel@tonic-gate #define KRB5_PADATA_AP_REQ 1 9807c478bd9Sstevel@tonic-gate #define KRB5_PADATA_TGS_REQ KRB5_PADATA_AP_REQ 9817c478bd9Sstevel@tonic-gate #define KRB5_PADATA_ENC_TIMESTAMP 2 9827c478bd9Sstevel@tonic-gate #define KRB5_PADATA_PW_SALT 3 9837c478bd9Sstevel@tonic-gate #if 0 /* Not used */ 984159d09a2SMark Phalan #define KRB5_PADATA_ENC_ENCKEY 4 /* Key encrypted within itself */ 9857c478bd9Sstevel@tonic-gate #endif 986159d09a2SMark Phalan #define KRB5_PADATA_ENC_UNIX_TIME 5 /* timestamp encrypted in key */ 987159d09a2SMark Phalan #define KRB5_PADATA_ENC_SANDIA_SECURID 6 /* SecurId passcode */ 9887c478bd9Sstevel@tonic-gate #define KRB5_PADATA_SESAME 7 /* Sesame project */ 9897c478bd9Sstevel@tonic-gate #define KRB5_PADATA_OSF_DCE 8 /* OSF DCE */ 9907c478bd9Sstevel@tonic-gate #define KRB5_CYBERSAFE_SECUREID 9 /* Cybersafe */ 9917c478bd9Sstevel@tonic-gate #define KRB5_PADATA_AFS3_SALT 10 /* Cygnus */ 9927c478bd9Sstevel@tonic-gate #define KRB5_PADATA_ETYPE_INFO 11 /* Etype info for preauth */ 9937c478bd9Sstevel@tonic-gate #define KRB5_PADATA_SAM_CHALLENGE 12 /* draft challenge system */ 9947c478bd9Sstevel@tonic-gate #define KRB5_PADATA_SAM_RESPONSE 13 /* draft challenge system response */ 995159d09a2SMark Phalan #define KRB5_PADATA_PK_AS_REQ_OLD 14 /* PKINIT */ 996159d09a2SMark Phalan #define KRB5_PADATA_PK_AS_REP_OLD 15 /* PKINIT */ 997159d09a2SMark Phalan #define KRB5_PADATA_PK_AS_REQ 16 /* PKINIT */ 998159d09a2SMark Phalan #define KRB5_PADATA_PK_AS_REP 17 /* PKINIT */ 9997c478bd9Sstevel@tonic-gate #define KRB5_PADATA_ETYPE_INFO2 19 1000fe598cdcSmp #define KRB5_PADATA_REFERRAL 25 /* draft referral system */ 10017c478bd9Sstevel@tonic-gate #define KRB5_PADATA_SAM_CHALLENGE_2 30 /* draft challenge system, updated */ 10027c478bd9Sstevel@tonic-gate #define KRB5_PADATA_SAM_RESPONSE_2 31 /* draft challenge system, updated */ 1003159d09a2SMark Phalan 10047c478bd9Sstevel@tonic-gate #define KRB5_SAM_USE_SAD_AS_KEY 0x80000000 10057c478bd9Sstevel@tonic-gate #define KRB5_SAM_SEND_ENCRYPTED_SAD 0x40000000 10067c478bd9Sstevel@tonic-gate #define KRB5_SAM_MUST_PK_ENCRYPT_SAD 0x20000000 /* currently must be zero */ 10077c478bd9Sstevel@tonic-gate 10087c478bd9Sstevel@tonic-gate /* Reserved for SPX pre-authentication. */ 10097c478bd9Sstevel@tonic-gate #define KRB5_PADATA_DASS 16 10107c478bd9Sstevel@tonic-gate 10117c478bd9Sstevel@tonic-gate /* Transited encoding types */ 10127c478bd9Sstevel@tonic-gate #define KRB5_DOMAIN_X500_COMPRESS 1 10137c478bd9Sstevel@tonic-gate 10147c478bd9Sstevel@tonic-gate /* alternate authentication types */ 10157c478bd9Sstevel@tonic-gate #define KRB5_ALTAUTH_ATT_CHALLENGE_RESPONSE 64 10167c478bd9Sstevel@tonic-gate 10177c478bd9Sstevel@tonic-gate /* authorization data types */ 1018159d09a2SMark Phalan #define KRB5_AUTHDATA_IF_RELEVANT 1 1019159d09a2SMark Phalan #define KRB5_AUTHDATA_KDC_ISSUED 4 1020159d09a2SMark Phalan #define KRB5_AUTHDATA_AND_OR 5 1021159d09a2SMark Phalan #define KRB5_AUTHDATA_MANDATORY_FOR_KDC 8 1022159d09a2SMark Phalan #define KRB5_AUTHDATA_INITIAL_VERIFIED_CAS 9 10237c478bd9Sstevel@tonic-gate #define KRB5_AUTHDATA_OSF_DCE 64 10247c478bd9Sstevel@tonic-gate #define KRB5_AUTHDATA_SESAME 65 1025*ba7b222eSGlenn Barry #define KRB5_AUTHDATA_WIN2K_PAC 128 1026*ba7b222eSGlenn Barry #define KRB5_AUTHDATA_ETYPE_NEGOTIATION 129 /* RFC 4537 */ 1027*ba7b222eSGlenn Barry #define KRB5_AUTHDATA_FX_ARMOR 71 10287c478bd9Sstevel@tonic-gate 10297c478bd9Sstevel@tonic-gate /* password change constants */ 10307c478bd9Sstevel@tonic-gate 10317c478bd9Sstevel@tonic-gate #define KRB5_KPASSWD_SUCCESS 0 10327c478bd9Sstevel@tonic-gate #define KRB5_KPASSWD_MALFORMED 1 10337c478bd9Sstevel@tonic-gate #define KRB5_KPASSWD_HARDERROR 2 10347c478bd9Sstevel@tonic-gate #define KRB5_KPASSWD_AUTHERROR 3 10357c478bd9Sstevel@tonic-gate #define KRB5_KPASSWD_SOFTERROR 4 1036505d05c7Sgtb /* These are Microsoft's extensions in RFC 3244, and it looks like 1037505d05c7Sgtb they'll become standardized, possibly with other additions. */ 1038159d09a2SMark Phalan #define KRB5_KPASSWD_ACCESSDENIED 5 /* unused */ 1039159d09a2SMark Phalan #define KRB5_KPASSWD_BAD_VERSION 6 1040159d09a2SMark Phalan #define KRB5_KPASSWD_INITIAL_FLAG_NEEDED 7 /* unused */ 10417c478bd9Sstevel@tonic-gate 10427c478bd9Sstevel@tonic-gate /* 10437c478bd9Sstevel@tonic-gate * end "proto.h" 10447c478bd9Sstevel@tonic-gate */ 10457c478bd9Sstevel@tonic-gate 10467c478bd9Sstevel@tonic-gate /* Time set */ 10477c478bd9Sstevel@tonic-gate typedef struct _krb5_ticket_times { 10487c478bd9Sstevel@tonic-gate krb5_timestamp authtime; /* XXX ? should ktime in KDC_REP == authtime 1049159d09a2SMark Phalan in ticket? otherwise client can't get this */ 10507c478bd9Sstevel@tonic-gate krb5_timestamp starttime; /* optional in ticket, if not present, 10517c478bd9Sstevel@tonic-gate use authtime */ 10527c478bd9Sstevel@tonic-gate krb5_timestamp endtime; 10537c478bd9Sstevel@tonic-gate krb5_timestamp renew_till; 10547c478bd9Sstevel@tonic-gate } krb5_ticket_times; 10557c478bd9Sstevel@tonic-gate 10567c478bd9Sstevel@tonic-gate /* structure for auth data */ 10577c478bd9Sstevel@tonic-gate typedef struct _krb5_authdata { 10587c478bd9Sstevel@tonic-gate krb5_magic magic; 10597c478bd9Sstevel@tonic-gate krb5_authdatatype ad_type; 10607c478bd9Sstevel@tonic-gate unsigned int length; 10617c478bd9Sstevel@tonic-gate krb5_octet *contents; 10627c478bd9Sstevel@tonic-gate } krb5_authdata; 10637c478bd9Sstevel@tonic-gate 10647c478bd9Sstevel@tonic-gate /* structure for transited encoding */ 10657c478bd9Sstevel@tonic-gate typedef struct _krb5_transited { 10667c478bd9Sstevel@tonic-gate krb5_magic magic; 10677c478bd9Sstevel@tonic-gate krb5_octet tr_type; 10687c478bd9Sstevel@tonic-gate krb5_data tr_contents; 10697c478bd9Sstevel@tonic-gate } krb5_transited; 10707c478bd9Sstevel@tonic-gate 10717c478bd9Sstevel@tonic-gate typedef struct _krb5_enc_tkt_part { 10727c478bd9Sstevel@tonic-gate krb5_magic magic; 10737c478bd9Sstevel@tonic-gate /* to-be-encrypted portion */ 10747c478bd9Sstevel@tonic-gate krb5_flags flags; /* flags */ 10757c478bd9Sstevel@tonic-gate krb5_keyblock *session; /* session key: includes enctype */ 10767c478bd9Sstevel@tonic-gate krb5_principal client; /* client name/realm */ 10777c478bd9Sstevel@tonic-gate krb5_transited transited; /* list of transited realms */ 10787c478bd9Sstevel@tonic-gate krb5_ticket_times times; /* auth, start, end, renew_till */ 1079159d09a2SMark Phalan krb5_address **caddrs; /* array of ptrs to addresses */ 1080159d09a2SMark Phalan krb5_authdata **authorization_data; /* auth data */ 10817c478bd9Sstevel@tonic-gate } krb5_enc_tkt_part; 10827c478bd9Sstevel@tonic-gate 10837c478bd9Sstevel@tonic-gate typedef struct _krb5_ticket { 10847c478bd9Sstevel@tonic-gate krb5_magic magic; 10857c478bd9Sstevel@tonic-gate /* cleartext portion */ 10867c478bd9Sstevel@tonic-gate krb5_principal server; /* server name/realm */ 10877c478bd9Sstevel@tonic-gate krb5_enc_data enc_part; /* encryption type, kvno, encrypted 10887c478bd9Sstevel@tonic-gate encoding */ 10897c478bd9Sstevel@tonic-gate krb5_enc_tkt_part *enc_part2; /* ptr to decrypted version, if 10907c478bd9Sstevel@tonic-gate available */ 10917c478bd9Sstevel@tonic-gate } krb5_ticket; 10927c478bd9Sstevel@tonic-gate 10937c478bd9Sstevel@tonic-gate /* the unencrypted version */ 10947c478bd9Sstevel@tonic-gate typedef struct _krb5_authenticator { 10957c478bd9Sstevel@tonic-gate krb5_magic magic; 10967c478bd9Sstevel@tonic-gate krb5_principal client; /* client name/realm */ 10977c478bd9Sstevel@tonic-gate krb5_checksum *checksum; /* checksum, includes type, optional */ 10987c478bd9Sstevel@tonic-gate krb5_int32 cusec; /* client usec portion */ 10997c478bd9Sstevel@tonic-gate krb5_timestamp ctime; /* client sec portion */ 11007c478bd9Sstevel@tonic-gate krb5_keyblock *subkey; /* true session key, optional */ 11017c478bd9Sstevel@tonic-gate krb5_ui_4 seq_number; /* sequence #, optional */ 1102159d09a2SMark Phalan krb5_authdata **authorization_data; /* New add by Ari, auth data */ 11037c478bd9Sstevel@tonic-gate } krb5_authenticator; 11047c478bd9Sstevel@tonic-gate 11057c478bd9Sstevel@tonic-gate typedef struct _krb5_tkt_authent { 11067c478bd9Sstevel@tonic-gate krb5_magic magic; 11077c478bd9Sstevel@tonic-gate krb5_ticket *ticket; 11087c478bd9Sstevel@tonic-gate krb5_authenticator *authenticator; 11097c478bd9Sstevel@tonic-gate krb5_flags ap_options; 11107c478bd9Sstevel@tonic-gate } krb5_tkt_authent; 11117c478bd9Sstevel@tonic-gate 1112159d09a2SMark Phalan /* credentials: Ticket, session key, etc. */ 11137c478bd9Sstevel@tonic-gate typedef struct _krb5_creds { 11147c478bd9Sstevel@tonic-gate krb5_magic magic; 11157c478bd9Sstevel@tonic-gate krb5_principal client; /* client's principal identifier */ 11167c478bd9Sstevel@tonic-gate krb5_principal server; /* server's principal identifier */ 11177c478bd9Sstevel@tonic-gate krb5_keyblock keyblock; /* session encryption key info */ 11187c478bd9Sstevel@tonic-gate krb5_ticket_times times; /* lifetime info */ 11197c478bd9Sstevel@tonic-gate krb5_boolean is_skey; /* true if ticket is encrypted in 11207c478bd9Sstevel@tonic-gate another ticket's skey */ 11217c478bd9Sstevel@tonic-gate krb5_flags ticket_flags; /* flags in ticket */ 11227c478bd9Sstevel@tonic-gate krb5_address * *addresses; /* addrs in ticket */ 11237c478bd9Sstevel@tonic-gate krb5_data ticket; /* ticket string itself */ 11247c478bd9Sstevel@tonic-gate krb5_data second_ticket; /* second ticket, if related to 11257c478bd9Sstevel@tonic-gate ticket (via DUPLICATE-SKEY or 11267c478bd9Sstevel@tonic-gate ENC-TKT-IN-SKEY) */ 1127159d09a2SMark Phalan krb5_authdata **authdata; /* authorization data */ 11287c478bd9Sstevel@tonic-gate } krb5_creds; 11297c478bd9Sstevel@tonic-gate 11307c478bd9Sstevel@tonic-gate /* Last request fields */ 11317c478bd9Sstevel@tonic-gate typedef struct _krb5_last_req_entry { 11327c478bd9Sstevel@tonic-gate krb5_magic magic; 11337c478bd9Sstevel@tonic-gate krb5_int32 lr_type; 11347c478bd9Sstevel@tonic-gate krb5_timestamp value; 11357c478bd9Sstevel@tonic-gate } krb5_last_req_entry; 11367c478bd9Sstevel@tonic-gate 11377c478bd9Sstevel@tonic-gate /* pre-authentication data */ 11387c478bd9Sstevel@tonic-gate typedef struct _krb5_pa_data { 11397c478bd9Sstevel@tonic-gate krb5_magic magic; 11407c478bd9Sstevel@tonic-gate krb5_preauthtype pa_type; 11417c478bd9Sstevel@tonic-gate unsigned int length; 11427c478bd9Sstevel@tonic-gate krb5_octet *contents; 11437c478bd9Sstevel@tonic-gate } krb5_pa_data; 11447c478bd9Sstevel@tonic-gate 11457c478bd9Sstevel@tonic-gate typedef struct _krb5_kdc_req { 11467c478bd9Sstevel@tonic-gate krb5_magic magic; 11477c478bd9Sstevel@tonic-gate krb5_msgtype msg_type; /* AS_REQ or TGS_REQ? */ 1148159d09a2SMark Phalan krb5_pa_data **padata; /* e.g. encoded AP_REQ */ 11497c478bd9Sstevel@tonic-gate /* real body */ 11507c478bd9Sstevel@tonic-gate krb5_flags kdc_options; /* requested options */ 11517c478bd9Sstevel@tonic-gate krb5_principal client; /* includes realm; optional */ 11527c478bd9Sstevel@tonic-gate krb5_principal server; /* includes realm (only used if no 11537c478bd9Sstevel@tonic-gate client) */ 11547c478bd9Sstevel@tonic-gate krb5_timestamp from; /* requested starttime */ 11557c478bd9Sstevel@tonic-gate krb5_timestamp till; /* requested endtime */ 11567c478bd9Sstevel@tonic-gate krb5_timestamp rtime; /* (optional) requested renew_till */ 11577c478bd9Sstevel@tonic-gate krb5_int32 nonce; /* nonce to match request/response */ 11587c478bd9Sstevel@tonic-gate int nktypes; /* # of ktypes, must be positive */ 11597c478bd9Sstevel@tonic-gate krb5_enctype *ktype; /* requested enctype(s) */ 1160159d09a2SMark Phalan krb5_address **addresses; /* requested addresses, optional */ 11617c478bd9Sstevel@tonic-gate krb5_enc_data authorization_data; /* encrypted auth data; OPTIONAL */ 1162159d09a2SMark Phalan krb5_authdata **unenc_authdata; /* unencrypted auth data, 11637c478bd9Sstevel@tonic-gate if available */ 1164159d09a2SMark Phalan krb5_ticket **second_ticket;/* second ticket array; OPTIONAL */ 11657c478bd9Sstevel@tonic-gate } krb5_kdc_req; 11667c478bd9Sstevel@tonic-gate 11677c478bd9Sstevel@tonic-gate typedef struct _krb5_enc_kdc_rep_part { 11687c478bd9Sstevel@tonic-gate krb5_magic magic; 11697c478bd9Sstevel@tonic-gate /* encrypted part: */ 11707c478bd9Sstevel@tonic-gate krb5_msgtype msg_type; /* krb5 message type */ 11717c478bd9Sstevel@tonic-gate krb5_keyblock *session; /* session key */ 1172159d09a2SMark Phalan krb5_last_req_entry **last_req; /* array of ptrs to entries */ 11737c478bd9Sstevel@tonic-gate krb5_int32 nonce; /* nonce from request */ 11747c478bd9Sstevel@tonic-gate krb5_timestamp key_exp; /* expiration date */ 11757c478bd9Sstevel@tonic-gate krb5_flags flags; /* ticket flags */ 11767c478bd9Sstevel@tonic-gate krb5_ticket_times times; /* lifetime info */ 11777c478bd9Sstevel@tonic-gate krb5_principal server; /* server's principal identifier */ 1178159d09a2SMark Phalan krb5_address **caddrs; /* array of ptrs to addresses, 11797c478bd9Sstevel@tonic-gate optional */ 1180*ba7b222eSGlenn Barry krb5_pa_data **enc_padata; /* Windows 2000 compat */ 11817c478bd9Sstevel@tonic-gate } krb5_enc_kdc_rep_part; 11827c478bd9Sstevel@tonic-gate 11837c478bd9Sstevel@tonic-gate typedef struct _krb5_kdc_rep { 11847c478bd9Sstevel@tonic-gate krb5_magic magic; 11857c478bd9Sstevel@tonic-gate /* cleartext part: */ 11867c478bd9Sstevel@tonic-gate krb5_msgtype msg_type; /* AS_REP or KDC_REP? */ 1187159d09a2SMark Phalan krb5_pa_data **padata; /* preauthentication data from KDC */ 11887c478bd9Sstevel@tonic-gate krb5_principal client; /* client's principal identifier */ 11897c478bd9Sstevel@tonic-gate krb5_ticket *ticket; /* ticket */ 11907c478bd9Sstevel@tonic-gate krb5_enc_data enc_part; /* encryption type, kvno, encrypted 11917c478bd9Sstevel@tonic-gate encoding */ 11927c478bd9Sstevel@tonic-gate krb5_enc_kdc_rep_part *enc_part2;/* unencrypted version, if available */ 11937c478bd9Sstevel@tonic-gate } krb5_kdc_rep; 11947c478bd9Sstevel@tonic-gate 11957c478bd9Sstevel@tonic-gate /* error message structure */ 11967c478bd9Sstevel@tonic-gate typedef struct _krb5_error { 11977c478bd9Sstevel@tonic-gate krb5_magic magic; 11987c478bd9Sstevel@tonic-gate /* some of these may be meaningless in certain contexts */ 11997c478bd9Sstevel@tonic-gate krb5_timestamp ctime; /* client sec portion; optional */ 12007c478bd9Sstevel@tonic-gate krb5_int32 cusec; /* client usec portion; optional */ 12017c478bd9Sstevel@tonic-gate krb5_int32 susec; /* server usec portion */ 12027c478bd9Sstevel@tonic-gate krb5_timestamp stime; /* server sec portion */ 12037c478bd9Sstevel@tonic-gate krb5_ui_4 error; /* error code (protocol error #'s) */ 12047c478bd9Sstevel@tonic-gate krb5_principal client; /* client's principal identifier; 12057c478bd9Sstevel@tonic-gate optional */ 12067c478bd9Sstevel@tonic-gate krb5_principal server; /* server's principal identifier */ 12077c478bd9Sstevel@tonic-gate krb5_data text; /* descriptive text */ 12087c478bd9Sstevel@tonic-gate krb5_data e_data; /* additional error-describing data */ 12097c478bd9Sstevel@tonic-gate } krb5_error; 12107c478bd9Sstevel@tonic-gate 12117c478bd9Sstevel@tonic-gate typedef struct _krb5_ap_req { 12127c478bd9Sstevel@tonic-gate krb5_magic magic; 12137c478bd9Sstevel@tonic-gate krb5_flags ap_options; /* requested options */ 12147c478bd9Sstevel@tonic-gate krb5_ticket *ticket; /* ticket */ 12157c478bd9Sstevel@tonic-gate krb5_enc_data authenticator; /* authenticator (already encrypted) */ 12167c478bd9Sstevel@tonic-gate } krb5_ap_req; 12177c478bd9Sstevel@tonic-gate 12187c478bd9Sstevel@tonic-gate typedef struct _krb5_ap_rep { 12197c478bd9Sstevel@tonic-gate krb5_magic magic; 12207c478bd9Sstevel@tonic-gate krb5_enc_data enc_part; 12217c478bd9Sstevel@tonic-gate } krb5_ap_rep; 12227c478bd9Sstevel@tonic-gate 12237c478bd9Sstevel@tonic-gate typedef struct _krb5_ap_rep_enc_part { 12247c478bd9Sstevel@tonic-gate krb5_magic magic; 12257c478bd9Sstevel@tonic-gate krb5_timestamp ctime; /* client time, seconds portion */ 12267c478bd9Sstevel@tonic-gate krb5_int32 cusec; /* client time, microseconds portion */ 12277c478bd9Sstevel@tonic-gate krb5_keyblock *subkey; /* true session key, optional */ 12287c478bd9Sstevel@tonic-gate krb5_ui_4 seq_number; /* sequence #, optional */ 12297c478bd9Sstevel@tonic-gate } krb5_ap_rep_enc_part; 12307c478bd9Sstevel@tonic-gate 12317c478bd9Sstevel@tonic-gate typedef struct _krb5_response { 12327c478bd9Sstevel@tonic-gate krb5_magic magic; 12337c478bd9Sstevel@tonic-gate krb5_octet message_type; 12347c478bd9Sstevel@tonic-gate krb5_data response; 12357c478bd9Sstevel@tonic-gate krb5_int32 expected_nonce; /* The expected nonce for KDC_REP messages */ 12367c478bd9Sstevel@tonic-gate krb5_timestamp request_time; /* When we made the request */ 12377c478bd9Sstevel@tonic-gate } krb5_response; 12387c478bd9Sstevel@tonic-gate 12397c478bd9Sstevel@tonic-gate typedef struct _krb5_cred_info { 12407c478bd9Sstevel@tonic-gate krb5_magic magic; 1241159d09a2SMark Phalan krb5_keyblock *session; /* session key used to encrypt */ 12427c478bd9Sstevel@tonic-gate /* ticket */ 1243159d09a2SMark Phalan krb5_principal client; /* client name/realm, optional */ 1244159d09a2SMark Phalan krb5_principal server; /* server name/realm, optional */ 12457c478bd9Sstevel@tonic-gate krb5_flags flags; /* ticket flags, optional */ 12467c478bd9Sstevel@tonic-gate krb5_ticket_times times; /* auth, start, end, renew_till, */ 1247159d09a2SMark Phalan /* optional */ 1248159d09a2SMark Phalan krb5_address **caddrs; /* array of ptrs to addresses */ 12497c478bd9Sstevel@tonic-gate } krb5_cred_info; 12507c478bd9Sstevel@tonic-gate 12517c478bd9Sstevel@tonic-gate typedef struct _krb5_cred_enc_part { 12527c478bd9Sstevel@tonic-gate krb5_magic magic; 1253159d09a2SMark Phalan krb5_int32 nonce; /* nonce, optional */ 1254159d09a2SMark Phalan krb5_timestamp timestamp; /* client time */ 1255159d09a2SMark Phalan krb5_int32 usec; /* microsecond portion of time */ 1256159d09a2SMark Phalan krb5_address *s_address; /* sender address, optional */ 1257159d09a2SMark Phalan krb5_address *r_address; /* recipient address, optional */ 1258159d09a2SMark Phalan krb5_cred_info **ticket_info; 1259159d09a2SMark Phalan } krb5_cred_enc_part; 12607c478bd9Sstevel@tonic-gate 12617c478bd9Sstevel@tonic-gate typedef struct _krb5_cred { 12627c478bd9Sstevel@tonic-gate krb5_magic magic; 1263159d09a2SMark Phalan krb5_ticket **tickets; /* tickets */ 12647c478bd9Sstevel@tonic-gate krb5_enc_data enc_part; /* encrypted part */ 1265159d09a2SMark Phalan krb5_cred_enc_part *enc_part2; /* unencrypted version, if available*/ 12667c478bd9Sstevel@tonic-gate } krb5_cred; 12677c478bd9Sstevel@tonic-gate 12687c478bd9Sstevel@tonic-gate /* Sandia password generation structures */ 12697c478bd9Sstevel@tonic-gate typedef struct _passwd_phrase_element { 12707c478bd9Sstevel@tonic-gate krb5_magic magic; 12717c478bd9Sstevel@tonic-gate krb5_data *passwd; 12727c478bd9Sstevel@tonic-gate krb5_data *phrase; 12737c478bd9Sstevel@tonic-gate } passwd_phrase_element; 12747c478bd9Sstevel@tonic-gate 12757c478bd9Sstevel@tonic-gate typedef struct _krb5_pwd_data { 12767c478bd9Sstevel@tonic-gate krb5_magic magic; 12777c478bd9Sstevel@tonic-gate int sequence_count; 1278159d09a2SMark Phalan passwd_phrase_element **element; 12797c478bd9Sstevel@tonic-gate } krb5_pwd_data; 12807c478bd9Sstevel@tonic-gate 12817c478bd9Sstevel@tonic-gate /* these need to be here so the typedefs are available for the prototypes */ 12827c478bd9Sstevel@tonic-gate 1283*ba7b222eSGlenn Barry typedef struct _krb5_pa_svr_referral_data { 1284*ba7b222eSGlenn Barry /* Referred name, only realm is required */ 1285*ba7b222eSGlenn Barry krb5_principal principal; 1286*ba7b222eSGlenn Barry } krb5_pa_svr_referral_data; 1287*ba7b222eSGlenn Barry 1288*ba7b222eSGlenn Barry typedef struct _krb5_pa_server_referral_data { 1289*ba7b222eSGlenn Barry krb5_data *referred_realm; 1290*ba7b222eSGlenn Barry krb5_principal true_principal_name; 1291*ba7b222eSGlenn Barry krb5_principal requested_principal_name; 1292*ba7b222eSGlenn Barry krb5_timestamp referral_valid_until; 1293*ba7b222eSGlenn Barry krb5_checksum rep_cksum; 1294*ba7b222eSGlenn Barry } krb5_pa_server_referral_data; 1295*ba7b222eSGlenn Barry 1296*ba7b222eSGlenn Barry typedef struct _krb5_pa_pac_req { 1297*ba7b222eSGlenn Barry /* TRUE if a PAC should be included in TGS-REP */ 1298*ba7b222eSGlenn Barry krb5_boolean include_pac; 1299*ba7b222eSGlenn Barry } krb5_pa_pac_req; 1300*ba7b222eSGlenn Barry 13017c478bd9Sstevel@tonic-gate /* 13027c478bd9Sstevel@tonic-gate * begin "safepriv.h" 13037c478bd9Sstevel@tonic-gate */ 13047c478bd9Sstevel@tonic-gate 1305159d09a2SMark Phalan #define KRB5_AUTH_CONTEXT_DO_TIME 0x00000001 1306159d09a2SMark Phalan #define KRB5_AUTH_CONTEXT_RET_TIME 0x00000002 1307159d09a2SMark Phalan #define KRB5_AUTH_CONTEXT_DO_SEQUENCE 0x00000004 1308159d09a2SMark Phalan #define KRB5_AUTH_CONTEXT_RET_SEQUENCE 0x00000008 13097c478bd9Sstevel@tonic-gate #define KRB5_AUTH_CONTEXT_PERMIT_ALL 0x00000010 1310159d09a2SMark Phalan #define KRB5_AUTH_CONTEXT_USE_SUBKEY 0x00000020 1311159d09a2SMark Phalan 1312159d09a2SMark Phalan typedef struct krb5_replay_data { 1313159d09a2SMark Phalan krb5_timestamp timestamp; 1314159d09a2SMark Phalan krb5_int32 usec; 1315159d09a2SMark Phalan krb5_int32 seq; 13167c478bd9Sstevel@tonic-gate } krb5_replay_data; 13177c478bd9Sstevel@tonic-gate 13187c478bd9Sstevel@tonic-gate /* flags for krb5_auth_con_genaddrs() */ 1319159d09a2SMark Phalan #define KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR 0x00000001 1320159d09a2SMark Phalan #define KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR 0x00000002 1321159d09a2SMark Phalan #define KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR 0x00000004 1322159d09a2SMark Phalan #define KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR 0x00000008 13237c478bd9Sstevel@tonic-gate 13247c478bd9Sstevel@tonic-gate /* type of function used as a callback to generate checksum data for 13257c478bd9Sstevel@tonic-gate * mk_req */ 13267c478bd9Sstevel@tonic-gate 1327159d09a2SMark Phalan typedef krb5_error_code 1328159d09a2SMark Phalan (KRB5_CALLCONV * krb5_mk_req_checksum_func) (krb5_context, krb5_auth_context , void *, 1329159d09a2SMark Phalan krb5_data **); 13307c478bd9Sstevel@tonic-gate 13317c478bd9Sstevel@tonic-gate /* 13327c478bd9Sstevel@tonic-gate * end "safepriv.h" 13337c478bd9Sstevel@tonic-gate */ 13347c478bd9Sstevel@tonic-gate 13357c478bd9Sstevel@tonic-gate 13367c478bd9Sstevel@tonic-gate /* 13377c478bd9Sstevel@tonic-gate * begin "ccache.h" 13387c478bd9Sstevel@tonic-gate */ 13397c478bd9Sstevel@tonic-gate 13407c478bd9Sstevel@tonic-gate typedef krb5_pointer krb5_cc_cursor; /* cursor for sequential lookup */ 13417c478bd9Sstevel@tonic-gate 1342505d05c7Sgtb struct _krb5_ccache; 1343505d05c7Sgtb typedef struct _krb5_ccache *krb5_ccache; 1344505d05c7Sgtb struct _krb5_cc_ops; 1345505d05c7Sgtb typedef struct _krb5_cc_ops krb5_cc_ops; 13467c478bd9Sstevel@tonic-gate 13477c478bd9Sstevel@tonic-gate /* for retrieve_cred */ 13487c478bd9Sstevel@tonic-gate #define KRB5_TC_MATCH_TIMES 0x00000001 13497c478bd9Sstevel@tonic-gate #define KRB5_TC_MATCH_IS_SKEY 0x00000002 13507c478bd9Sstevel@tonic-gate #define KRB5_TC_MATCH_FLAGS 0x00000004 13517c478bd9Sstevel@tonic-gate #define KRB5_TC_MATCH_TIMES_EXACT 0x00000008 13527c478bd9Sstevel@tonic-gate #define KRB5_TC_MATCH_FLAGS_EXACT 0x00000010 13537c478bd9Sstevel@tonic-gate #define KRB5_TC_MATCH_AUTHDATA 0x00000020 13547c478bd9Sstevel@tonic-gate #define KRB5_TC_MATCH_SRV_NAMEONLY 0x00000040 13557c478bd9Sstevel@tonic-gate #define KRB5_TC_MATCH_2ND_TKT 0x00000080 13567c478bd9Sstevel@tonic-gate #define KRB5_TC_MATCH_KTYPE 0x00000100 13577c478bd9Sstevel@tonic-gate #define KRB5_TC_SUPPORTED_KTYPES 0x00000200 13587c478bd9Sstevel@tonic-gate 13597c478bd9Sstevel@tonic-gate /* for set_flags and other functions */ 13607c478bd9Sstevel@tonic-gate #define KRB5_TC_OPENCLOSE 0x00000001 1361505d05c7Sgtb #define KRB5_TC_NOTICKET 0x00000002 1362505d05c7Sgtb 1363505d05c7Sgtb 1364159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV 1365159d09a2SMark Phalan krb5_cc_gen_new (krb5_context context, krb5_ccache *cache); 1366505d05c7Sgtb 1367159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV 1368159d09a2SMark Phalan krb5_cc_initialize(krb5_context context, krb5_ccache cache, 1369159d09a2SMark Phalan krb5_principal principal); 1370505d05c7Sgtb 1371159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV 1372159d09a2SMark Phalan krb5_cc_destroy (krb5_context context, krb5_ccache cache); 1373505d05c7Sgtb 1374159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV 1375159d09a2SMark Phalan krb5_cc_close (krb5_context context, krb5_ccache cache); 1376505d05c7Sgtb 1377159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV 1378159d09a2SMark Phalan krb5_cc_store_cred (krb5_context context, krb5_ccache cache, 1379505d05c7Sgtb krb5_creds *creds); 1380505d05c7Sgtb 1381159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV 1382159d09a2SMark Phalan krb5_cc_retrieve_cred (krb5_context context, krb5_ccache cache, 1383159d09a2SMark Phalan krb5_flags flags, krb5_creds *mcreds, 1384159d09a2SMark Phalan krb5_creds *creds); 1385159d09a2SMark Phalan 1386159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV 1387159d09a2SMark Phalan krb5_cc_get_principal (krb5_context context, krb5_ccache cache, 1388159d09a2SMark Phalan krb5_principal *principal); 1389505d05c7Sgtb 1390505d05c7Sgtb krb5_error_code KRB5_CALLCONV 1391505d05c7Sgtb krb5_cc_start_seq_get (krb5_context context, krb5_ccache cache, 1392159d09a2SMark Phalan krb5_cc_cursor *cursor); 13937c478bd9Sstevel@tonic-gate 1394159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV 1395159d09a2SMark Phalan krb5_cc_next_cred (krb5_context context, krb5_ccache cache, 1396159d09a2SMark Phalan krb5_cc_cursor *cursor, krb5_creds *creds); 1397505d05c7Sgtb 1398159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV 1399159d09a2SMark Phalan krb5_cc_end_seq_get (krb5_context context, krb5_ccache cache, 1400159d09a2SMark Phalan krb5_cc_cursor *cursor); 1401505d05c7Sgtb 1402505d05c7Sgtb krb5_error_code KRB5_CALLCONV 1403505d05c7Sgtb krb5_cc_remove_cred (krb5_context context, krb5_ccache cache, krb5_flags flags, 1404159d09a2SMark Phalan krb5_creds *creds); 1405505d05c7Sgtb 1406505d05c7Sgtb krb5_error_code KRB5_CALLCONV 1407505d05c7Sgtb krb5_cc_set_flags (krb5_context context, krb5_ccache cache, krb5_flags flags); 1408505d05c7Sgtb 1409159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV 1410159d09a2SMark Phalan krb5_cc_get_flags (krb5_context context, krb5_ccache cache, krb5_flags *flags); 1411159d09a2SMark Phalan 1412505d05c7Sgtb const char * KRB5_CALLCONV 1413505d05c7Sgtb krb5_cc_get_type (krb5_context context, krb5_ccache cache); 1414505d05c7Sgtb 1415505d05c7Sgtb /* SUNW14resync - add_cred.c needs this func */ 1416505d05c7Sgtb const char * KRB5_CALLCONV 1417505d05c7Sgtb krb5_cc_get_name (krb5_context context, krb5_ccache cache); 14187c478bd9Sstevel@tonic-gate 1419159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV 1420159d09a2SMark Phalan krb5_cc_new_unique( 1421159d09a2SMark Phalan krb5_context context, 1422159d09a2SMark Phalan const char *type, 1423159d09a2SMark Phalan const char *hint, 1424159d09a2SMark Phalan krb5_ccache *id); 1425159d09a2SMark Phalan 14267c478bd9Sstevel@tonic-gate /* 14277c478bd9Sstevel@tonic-gate * end "ccache.h" 14287c478bd9Sstevel@tonic-gate */ 14297c478bd9Sstevel@tonic-gate 14307c478bd9Sstevel@tonic-gate /* 14317c478bd9Sstevel@tonic-gate * begin "rcache.h" 14327c478bd9Sstevel@tonic-gate */ 14337c478bd9Sstevel@tonic-gate 1434505d05c7Sgtb struct krb5_rc_st; 1435505d05c7Sgtb typedef struct krb5_rc_st *krb5_rcache; 14367c478bd9Sstevel@tonic-gate 14377c478bd9Sstevel@tonic-gate /* 14387c478bd9Sstevel@tonic-gate * end "rcache.h" 14397c478bd9Sstevel@tonic-gate */ 14407c478bd9Sstevel@tonic-gate 14417c478bd9Sstevel@tonic-gate /* 14427c478bd9Sstevel@tonic-gate * begin "keytab.h" 14437c478bd9Sstevel@tonic-gate */ 14447c478bd9Sstevel@tonic-gate 14457c478bd9Sstevel@tonic-gate 14467c478bd9Sstevel@tonic-gate /* XXX */ 14477c478bd9Sstevel@tonic-gate #define MAX_KEYTAB_NAME_LEN 1100 /* Long enough for MAXPATHLEN + some extra */ 14487c478bd9Sstevel@tonic-gate 14497c478bd9Sstevel@tonic-gate typedef krb5_pointer krb5_kt_cursor; /* XXX */ 14507c478bd9Sstevel@tonic-gate 14517c478bd9Sstevel@tonic-gate typedef struct krb5_keytab_entry_st { 14527c478bd9Sstevel@tonic-gate krb5_magic magic; 14537c478bd9Sstevel@tonic-gate krb5_principal principal; /* principal of this key */ 1454159d09a2SMark Phalan krb5_timestamp timestamp; /* time entry written to keytable */ 14557c478bd9Sstevel@tonic-gate krb5_kvno vno; /* key version number */ 14567c478bd9Sstevel@tonic-gate krb5_keyblock key; /* the secret key */ 14577c478bd9Sstevel@tonic-gate } krb5_keytab_entry; 14587c478bd9Sstevel@tonic-gate 1459505d05c7Sgtb #if KRB5_PRIVATE 1460159d09a2SMark Phalan struct _krb5_kt_ops; 1461159d09a2SMark Phalan typedef struct _krb5_kt { /* should move into k5-int.h */ 14627c478bd9Sstevel@tonic-gate krb5_magic magic; 1463159d09a2SMark Phalan const struct _krb5_kt_ops *ops; 14647c478bd9Sstevel@tonic-gate krb5_pointer data; 1465159d09a2SMark Phalan } *krb5_keytab; 1466505d05c7Sgtb #else 1467159d09a2SMark Phalan struct _krb5_kt; 1468159d09a2SMark Phalan typedef struct _krb5_kt *krb5_keytab; 1469505d05c7Sgtb #endif 14707c478bd9Sstevel@tonic-gate 1471505d05c7Sgtb char * KRB5_CALLCONV 1472505d05c7Sgtb krb5_kt_get_type (krb5_context, krb5_keytab keytab); 1473505d05c7Sgtb krb5_error_code KRB5_CALLCONV 1474505d05c7Sgtb krb5_kt_get_name(krb5_context context, krb5_keytab keytab, char *name, 1475159d09a2SMark Phalan unsigned int namelen); 1476505d05c7Sgtb krb5_error_code KRB5_CALLCONV 1477505d05c7Sgtb krb5_kt_close(krb5_context context, krb5_keytab keytab); 1478505d05c7Sgtb krb5_error_code KRB5_CALLCONV 1479505d05c7Sgtb krb5_kt_get_entry(krb5_context context, krb5_keytab keytab, 1480159d09a2SMark Phalan krb5_const_principal principal, krb5_kvno vno, 1481159d09a2SMark Phalan krb5_enctype enctype, krb5_keytab_entry *entry); 1482505d05c7Sgtb krb5_error_code KRB5_CALLCONV 1483505d05c7Sgtb krb5_kt_start_seq_get(krb5_context context, krb5_keytab keytab, 1484159d09a2SMark Phalan krb5_kt_cursor *cursor); 1485505d05c7Sgtb krb5_error_code KRB5_CALLCONV 1486505d05c7Sgtb krb5_kt_next_entry(krb5_context context, krb5_keytab keytab, 1487159d09a2SMark Phalan krb5_keytab_entry *entry, krb5_kt_cursor *cursor); 1488505d05c7Sgtb krb5_error_code KRB5_CALLCONV 1489505d05c7Sgtb krb5_kt_end_seq_get(krb5_context context, krb5_keytab keytab, 1490159d09a2SMark Phalan krb5_kt_cursor *cursor); 1491db02be57S /* Solaris Kerberos */ 1492db02be57S krb5_error_code 1493db02be57S krb5_kt_find_realm(krb5_context context, krb5_keytab keytab, 1494db02be57S krb5_principal princ, krb5_data *realm); 14957c478bd9Sstevel@tonic-gate 14967c478bd9Sstevel@tonic-gate /* 14977c478bd9Sstevel@tonic-gate * end "keytab.h" 14987c478bd9Sstevel@tonic-gate */ 14997c478bd9Sstevel@tonic-gate 15007c478bd9Sstevel@tonic-gate /* 15017c478bd9Sstevel@tonic-gate * begin "func-proto.h" 15027c478bd9Sstevel@tonic-gate */ 15037c478bd9Sstevel@tonic-gate 1504505d05c7Sgtb /* Solaris Kerberos */ 15057c478bd9Sstevel@tonic-gate krb5_error_code krb5_init_ef_handle(krb5_context); 15067c478bd9Sstevel@tonic-gate krb5_error_code krb5_free_ef_handle(krb5_context); 15077c478bd9Sstevel@tonic-gate 15087c478bd9Sstevel@tonic-gate krb5_boolean krb5_privacy_allowed(void); 15097c478bd9Sstevel@tonic-gate 1510505d05c7Sgtb /* 1511505d05c7Sgtb * Solaris Kerberos: 1512505d05c7Sgtb * krb5_copy_keyblock_data is a new routine to hide the details 1513505d05c7Sgtb * of a keyblock copy operation. 1514505d05c7Sgtb */ 1515505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_copy_keyblock_data 1516505d05c7Sgtb (krb5_context, 1517505d05c7Sgtb const krb5_keyblock *, 1518505d05c7Sgtb krb5_keyblock *); 1519505d05c7Sgtb 1520505d05c7Sgtb 1521505d05c7Sgtb 1522505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_init_context 1523505d05c7Sgtb (krb5_context *); 1524505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_init_secure_context 1525505d05c7Sgtb (krb5_context *); 1526505d05c7Sgtb void KRB5_CALLCONV krb5_free_context 1527505d05c7Sgtb (krb5_context); 1528505d05c7Sgtb 1529505d05c7Sgtb #if KRB5_PRIVATE 15307c478bd9Sstevel@tonic-gate krb5_error_code krb5_set_default_in_tkt_ktypes 1531505d05c7Sgtb (krb5_context, 1532505d05c7Sgtb const krb5_enctype *); 15337c478bd9Sstevel@tonic-gate krb5_error_code krb5_get_default_in_tkt_ktypes 1534505d05c7Sgtb (krb5_context, 1535505d05c7Sgtb krb5_enctype **); 15367c478bd9Sstevel@tonic-gate 15377c478bd9Sstevel@tonic-gate krb5_error_code krb5_set_default_tgs_ktypes 1538505d05c7Sgtb (krb5_context, 1539505d05c7Sgtb const krb5_enctype *); 1540505d05c7Sgtb #endif 1541505d05c7Sgtb 15427c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 15437c478bd9Sstevel@tonic-gate krb5_set_default_tgs_enctypes 15447c478bd9Sstevel@tonic-gate (krb5_context, 1545505d05c7Sgtb const krb5_enctype *); 1546505d05c7Sgtb #if KRB5_PRIVATE 15477c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_get_tgs_ktypes 1548505d05c7Sgtb (krb5_context, 1549505d05c7Sgtb krb5_const_principal, 1550505d05c7Sgtb krb5_enctype **); 1551505d05c7Sgtb #endif 15527c478bd9Sstevel@tonic-gate 1553505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_get_permitted_enctypes 1554505d05c7Sgtb (krb5_context, krb5_enctype **); 1555505d05c7Sgtb 1556505d05c7Sgtb #if KRB5_PRIVATE 15577c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_ktypes 1558505d05c7Sgtb (krb5_context, krb5_enctype *); 15597c478bd9Sstevel@tonic-gate 15607c478bd9Sstevel@tonic-gate krb5_boolean krb5_is_permitted_enctype 1561505d05c7Sgtb (krb5_context, krb5_enctype); 1562505d05c7Sgtb #endif 1563505d05c7Sgtb 1564505d05c7Sgtb krb5_boolean KRB5_CALLCONV krb5_is_thread_safe(void); 15657c478bd9Sstevel@tonic-gate 15667c478bd9Sstevel@tonic-gate /* libkrb.spec */ 1567505d05c7Sgtb #if KRB5_PRIVATE 15687c478bd9Sstevel@tonic-gate krb5_error_code krb5_kdc_rep_decrypt_proc 1569505d05c7Sgtb (krb5_context, 1570505d05c7Sgtb const krb5_keyblock *, 1571505d05c7Sgtb krb5_const_pointer, 1572505d05c7Sgtb krb5_kdc_rep * ); 1573505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_decrypt_tkt_part 1574505d05c7Sgtb (krb5_context, 1575505d05c7Sgtb const krb5_keyblock *, 1576505d05c7Sgtb krb5_ticket * ); 15777c478bd9Sstevel@tonic-gate krb5_error_code krb5_get_cred_from_kdc 1578505d05c7Sgtb (krb5_context, 1579505d05c7Sgtb krb5_ccache, /* not const, as reading may save 15807c478bd9Sstevel@tonic-gate state */ 1581505d05c7Sgtb krb5_creds *, 1582505d05c7Sgtb krb5_creds **, 1583505d05c7Sgtb krb5_creds *** ); 15847c478bd9Sstevel@tonic-gate krb5_error_code krb5_get_cred_from_kdc_validate 1585505d05c7Sgtb (krb5_context, 1586505d05c7Sgtb krb5_ccache, /* not const, as reading may save 15877c478bd9Sstevel@tonic-gate state */ 1588505d05c7Sgtb krb5_creds *, 1589505d05c7Sgtb krb5_creds **, 1590505d05c7Sgtb krb5_creds *** ); 15917c478bd9Sstevel@tonic-gate krb5_error_code krb5_get_cred_from_kdc_renew 1592505d05c7Sgtb (krb5_context, 1593505d05c7Sgtb krb5_ccache, /* not const, as reading may save 15947c478bd9Sstevel@tonic-gate state */ 1595505d05c7Sgtb krb5_creds *, 1596505d05c7Sgtb krb5_creds **, 1597505d05c7Sgtb krb5_creds *** ); 1598505d05c7Sgtb #endif 1599505d05c7Sgtb 16007c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_tgt_creds 1601505d05c7Sgtb (krb5_context, 1602505d05c7Sgtb krb5_creds **); /* XXX too hard to do with const */ 16037c478bd9Sstevel@tonic-gate 16047c478bd9Sstevel@tonic-gate #define KRB5_GC_USER_USER 1 /* want user-user ticket */ 16057c478bd9Sstevel@tonic-gate #define KRB5_GC_CACHED 2 /* want cached ticket only */ 16067c478bd9Sstevel@tonic-gate 16077c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_get_credentials 1608505d05c7Sgtb (krb5_context, 1609505d05c7Sgtb krb5_flags, 1610505d05c7Sgtb krb5_ccache, 1611505d05c7Sgtb krb5_creds *, 1612505d05c7Sgtb krb5_creds **); 16137c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_get_credentials_validate 1614505d05c7Sgtb (krb5_context, 1615505d05c7Sgtb krb5_flags, 1616505d05c7Sgtb krb5_ccache, 1617505d05c7Sgtb krb5_creds *, 1618505d05c7Sgtb krb5_creds **); 16197c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_get_credentials_renew 1620505d05c7Sgtb (krb5_context, 1621505d05c7Sgtb krb5_flags, 1622505d05c7Sgtb krb5_ccache, 1623505d05c7Sgtb krb5_creds *, 1624505d05c7Sgtb krb5_creds **); 1625505d05c7Sgtb #if KRB5_PRIVATE 16267c478bd9Sstevel@tonic-gate krb5_error_code krb5_get_cred_via_tkt 1627505d05c7Sgtb (krb5_context, 1628505d05c7Sgtb krb5_creds *, 1629505d05c7Sgtb krb5_flags, 1630505d05c7Sgtb krb5_address * const *, 1631505d05c7Sgtb krb5_creds *, 1632505d05c7Sgtb krb5_creds **); 1633505d05c7Sgtb #endif 16347c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_mk_req 1635505d05c7Sgtb (krb5_context, 16367c478bd9Sstevel@tonic-gate krb5_auth_context *, 1637505d05c7Sgtb krb5_flags, 16387c478bd9Sstevel@tonic-gate char *, 16397c478bd9Sstevel@tonic-gate char *, 16407c478bd9Sstevel@tonic-gate krb5_data *, 16417c478bd9Sstevel@tonic-gate krb5_ccache, 1642505d05c7Sgtb krb5_data * ); 16437c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_mk_req_extended 1644505d05c7Sgtb (krb5_context, 1645505d05c7Sgtb krb5_auth_context *, 1646505d05c7Sgtb krb5_flags, 1647505d05c7Sgtb krb5_data *, 1648505d05c7Sgtb krb5_creds *, 1649505d05c7Sgtb krb5_data * ); 16507c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_mk_rep 1651505d05c7Sgtb (krb5_context, 16527c478bd9Sstevel@tonic-gate krb5_auth_context, 1653505d05c7Sgtb krb5_data *); 16547c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_rd_rep 1655505d05c7Sgtb (krb5_context, 1656505d05c7Sgtb krb5_auth_context, 1657505d05c7Sgtb const krb5_data *, 1658505d05c7Sgtb krb5_ap_rep_enc_part **); 16597c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_mk_error 1660505d05c7Sgtb (krb5_context, 1661505d05c7Sgtb const krb5_error *, 1662505d05c7Sgtb krb5_data * ); 16637c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_rd_error 1664505d05c7Sgtb (krb5_context, 1665505d05c7Sgtb const krb5_data *, 1666505d05c7Sgtb krb5_error ** ); 16677c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_rd_safe 1668505d05c7Sgtb (krb5_context, 16697c478bd9Sstevel@tonic-gate krb5_auth_context, 1670505d05c7Sgtb const krb5_data *, 16717c478bd9Sstevel@tonic-gate krb5_data *, 1672505d05c7Sgtb krb5_replay_data *); 16737c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_rd_priv 1674505d05c7Sgtb (krb5_context, 16757c478bd9Sstevel@tonic-gate krb5_auth_context, 1676505d05c7Sgtb const krb5_data *, 16777c478bd9Sstevel@tonic-gate krb5_data *, 1678505d05c7Sgtb krb5_replay_data *); 16797c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_parse_name 1680505d05c7Sgtb (krb5_context, 1681505d05c7Sgtb const char *, 1682505d05c7Sgtb krb5_principal * ); 1683*ba7b222eSGlenn Barry #define KRB5_PRINCIPAL_PARSE_NO_REALM 0x1 1684*ba7b222eSGlenn Barry #define KRB5_PRINCIPAL_PARSE_REQUIRE_REALM 0x2 1685*ba7b222eSGlenn Barry #define KRB5_PRINCIPAL_PARSE_ENTERPRISE 0x4 1686*ba7b222eSGlenn Barry krb5_error_code KRB5_CALLCONV krb5_parse_name_flags 1687*ba7b222eSGlenn Barry (krb5_context, 1688*ba7b222eSGlenn Barry const char *, 1689*ba7b222eSGlenn Barry int, 1690*ba7b222eSGlenn Barry krb5_principal * ); 16917c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_unparse_name 1692505d05c7Sgtb (krb5_context, 1693505d05c7Sgtb krb5_const_principal, 1694505d05c7Sgtb char ** ); 16957c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_unparse_name_ext 1696505d05c7Sgtb (krb5_context, 16977c478bd9Sstevel@tonic-gate krb5_const_principal, 1698505d05c7Sgtb char **, 1699505d05c7Sgtb unsigned int *); 1700*ba7b222eSGlenn Barry #define KRB5_PRINCIPAL_UNPARSE_SHORT 0x1 1701*ba7b222eSGlenn Barry #define KRB5_PRINCIPAL_UNPARSE_NO_REALM 0x2 1702*ba7b222eSGlenn Barry #define KRB5_PRINCIPAL_UNPARSE_DISPLAY 0x4 1703*ba7b222eSGlenn Barry krb5_error_code KRB5_CALLCONV krb5_unparse_name_flags 1704*ba7b222eSGlenn Barry (krb5_context, 1705*ba7b222eSGlenn Barry krb5_const_principal, 1706*ba7b222eSGlenn Barry int, 1707*ba7b222eSGlenn Barry char **); 1708*ba7b222eSGlenn Barry krb5_error_code KRB5_CALLCONV krb5_unparse_name_flags_ext 1709*ba7b222eSGlenn Barry (krb5_context, 1710*ba7b222eSGlenn Barry krb5_const_principal, 1711*ba7b222eSGlenn Barry int, 1712*ba7b222eSGlenn Barry char **, 1713*ba7b222eSGlenn Barry unsigned int *); 17147c478bd9Sstevel@tonic-gate 17157c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_set_principal_realm 1716505d05c7Sgtb (krb5_context, krb5_principal, const char *); 1717505d05c7Sgtb 1718505d05c7Sgtb krb5_boolean KRB5_CALLCONV_WRONG krb5_address_search 1719505d05c7Sgtb (krb5_context, 1720505d05c7Sgtb const krb5_address *, 1721505d05c7Sgtb krb5_address * const *); 1722505d05c7Sgtb krb5_boolean KRB5_CALLCONV krb5_address_compare 1723505d05c7Sgtb (krb5_context, 1724505d05c7Sgtb const krb5_address *, 1725505d05c7Sgtb const krb5_address *); 1726505d05c7Sgtb int KRB5_CALLCONV krb5_address_order 1727505d05c7Sgtb (krb5_context, 1728505d05c7Sgtb const krb5_address *, 1729505d05c7Sgtb const krb5_address *); 1730505d05c7Sgtb krb5_boolean KRB5_CALLCONV krb5_realm_compare 1731505d05c7Sgtb (krb5_context, 1732505d05c7Sgtb krb5_const_principal, 1733505d05c7Sgtb krb5_const_principal); 1734505d05c7Sgtb krb5_boolean KRB5_CALLCONV krb5_principal_compare 1735505d05c7Sgtb (krb5_context, 1736505d05c7Sgtb krb5_const_principal, 1737505d05c7Sgtb krb5_const_principal); 1738505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_init_keyblock 1739505d05c7Sgtb (krb5_context, krb5_enctype enctype, 1740505d05c7Sgtb size_t length, krb5_keyblock **out); 1741505d05c7Sgtb /* Initialize a new keyblock and allocate storage 1742505d05c7Sgtb * for the contents of the key, which will be freed along 1743505d05c7Sgtb * with the keyblock when krb5_free_keyblock is called. 1744505d05c7Sgtb * It is legal to pass in a length of 0, in which 1745505d05c7Sgtb * case contents are left unallocated. 1746505d05c7Sgtb */ 174710db1377Sgtb 174810db1377Sgtb /* 174910db1377Sgtb * Solaris Kerberos 175010db1377Sgtb * Start - keyblock API (MIT will ship this also in a future release) 175110db1377Sgtb */ 175210db1377Sgtb /* 175310db1377Sgtb * Similiar to krb5_init_keyblock but this routine expects the 175410db1377Sgtb * keyblock to already be allocated. 175510db1377Sgtb */ 175610db1377Sgtb krb5_error_code KRB5_CALLCONV krb5_init_allocated_keyblock 175710db1377Sgtb (krb5_context, 175810db1377Sgtb krb5_enctype, 175910db1377Sgtb unsigned int, 176010db1377Sgtb krb5_keyblock *); 176110db1377Sgtb 176210db1377Sgtb krb5_enctype KRB5_CALLCONV krb5_get_key_enctype 176310db1377Sgtb (krb5_keyblock *); 176410db1377Sgtb 176510db1377Sgtb unsigned int KRB5_CALLCONV krb5_get_key_length 176610db1377Sgtb (krb5_keyblock *); 176710db1377Sgtb 176810db1377Sgtb krb5_octet KRB5_CALLCONV *krb5_get_key_data 176910db1377Sgtb (krb5_keyblock *); 177010db1377Sgtb 177110db1377Sgtb void KRB5_CALLCONV krb5_set_key_enctype 177210db1377Sgtb (krb5_keyblock *, 177310db1377Sgtb krb5_enctype); 177410db1377Sgtb 177510db1377Sgtb void KRB5_CALLCONV krb5_set_key_data 177610db1377Sgtb (krb5_keyblock *, 177710db1377Sgtb krb5_octet *); 177810db1377Sgtb 177910db1377Sgtb void KRB5_CALLCONV krb5_set_key_length 178010db1377Sgtb (krb5_keyblock *, 178110db1377Sgtb unsigned int); 178210db1377Sgtb /* 178310db1377Sgtb * Solaris Kerberos 178410db1377Sgtb * End - keyblock API 178510db1377Sgtb */ 178610db1377Sgtb 17877c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_copy_keyblock 1788505d05c7Sgtb (krb5_context, 1789505d05c7Sgtb const krb5_keyblock *, 1790505d05c7Sgtb krb5_keyblock **); 17917c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_copy_keyblock_contents 1792505d05c7Sgtb (krb5_context, 1793505d05c7Sgtb const krb5_keyblock *, 1794505d05c7Sgtb krb5_keyblock *); 17957c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_copy_creds 1796505d05c7Sgtb (krb5_context, 1797505d05c7Sgtb const krb5_creds *, 1798505d05c7Sgtb krb5_creds **); 17997c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_copy_data 1800505d05c7Sgtb (krb5_context, 1801505d05c7Sgtb const krb5_data *, 1802505d05c7Sgtb krb5_data **); 18037c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_copy_principal 1804505d05c7Sgtb (krb5_context, 18057c478bd9Sstevel@tonic-gate krb5_const_principal, 1806505d05c7Sgtb krb5_principal *); 1807505d05c7Sgtb #if KRB5_PRIVATE 18087c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_copy_addr 1809505d05c7Sgtb (krb5_context, 18107c478bd9Sstevel@tonic-gate const krb5_address *, 1811505d05c7Sgtb krb5_address **); 1812505d05c7Sgtb #endif 18137c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_copy_addresses 1814505d05c7Sgtb (krb5_context, 1815505d05c7Sgtb krb5_address * const *, 1816505d05c7Sgtb krb5_address ***); 18177c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_copy_ticket 1818505d05c7Sgtb (krb5_context, 1819505d05c7Sgtb const krb5_ticket *, 1820505d05c7Sgtb krb5_ticket **); 18217c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_copy_authdata 1822505d05c7Sgtb (krb5_context, 1823505d05c7Sgtb krb5_authdata * const *, 1824505d05c7Sgtb krb5_authdata ***); 1825*ba7b222eSGlenn Barry krb5_error_code KRB5_CALLCONV krb5_merge_authdata 1826*ba7b222eSGlenn Barry (krb5_context, 1827*ba7b222eSGlenn Barry krb5_authdata * const *, 1828*ba7b222eSGlenn Barry krb5_authdata *const *, 1829*ba7b222eSGlenn Barry krb5_authdata ***); 1830*ba7b222eSGlenn Barry /* Merge two authdata arrays, such as the array from a ticket 1831*ba7b222eSGlenn Barry * and authenticator */ 1832*ba7b222eSGlenn Barry 18337c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_copy_authenticator 1834505d05c7Sgtb (krb5_context, 1835505d05c7Sgtb const krb5_authenticator *, 1836505d05c7Sgtb krb5_authenticator **); 18377c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_copy_checksum 1838505d05c7Sgtb (krb5_context, 1839505d05c7Sgtb const krb5_checksum *, 1840505d05c7Sgtb krb5_checksum **); 1841505d05c7Sgtb #if KRB5_PRIVATE 18427c478bd9Sstevel@tonic-gate void krb5_init_ets 1843505d05c7Sgtb (krb5_context); 18447c478bd9Sstevel@tonic-gate void krb5_free_ets 1845505d05c7Sgtb (krb5_context); 18467c478bd9Sstevel@tonic-gate krb5_error_code krb5_generate_subkey 1847505d05c7Sgtb (krb5_context, 1848505d05c7Sgtb const krb5_keyblock *, krb5_keyblock **); 18497c478bd9Sstevel@tonic-gate krb5_error_code krb5_generate_seq_number 1850505d05c7Sgtb (krb5_context, 1851505d05c7Sgtb const krb5_keyblock *, krb5_ui_4 *); 1852505d05c7Sgtb #endif 18537c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_get_server_rcache 1854505d05c7Sgtb (krb5_context, 1855505d05c7Sgtb const krb5_data *, krb5_rcache *); 18567c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV_C krb5_build_principal_ext 1857505d05c7Sgtb (krb5_context, krb5_principal *, unsigned int, const char *, ...); 1858505d05c7Sgtb krb5_error_code KRB5_CALLCONV_C krb5_build_principal 1859505d05c7Sgtb (krb5_context, krb5_principal *, unsigned int, const char *, ...); 18607c478bd9Sstevel@tonic-gate #ifdef va_start 18617c478bd9Sstevel@tonic-gate /* XXX depending on varargs include file defining va_start... */ 1862505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_build_principal_va 1863505d05c7Sgtb (krb5_context, 1864505d05c7Sgtb krb5_principal, unsigned int, const char *, va_list); 18657c478bd9Sstevel@tonic-gate #endif 18667c478bd9Sstevel@tonic-gate 18677c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_425_conv_principal 1868505d05c7Sgtb (krb5_context, 1869505d05c7Sgtb const char *name, 1870505d05c7Sgtb const char *instance, const char *realm, 1871505d05c7Sgtb krb5_principal *princ); 18727c478bd9Sstevel@tonic-gate 18737c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_524_conv_principal 1874505d05c7Sgtb (krb5_context context, krb5_const_principal princ, 1875505d05c7Sgtb char *name, char *inst, char *realm); 1876505d05c7Sgtb 1877505d05c7Sgtb struct credentials; 1878505d05c7Sgtb int KRB5_CALLCONV krb5_524_convert_creds 1879505d05c7Sgtb (krb5_context context, krb5_creds *v5creds, 1880505d05c7Sgtb struct credentials *v4creds); 1881505d05c7Sgtb #if KRB5_DEPRECATED 1882505d05c7Sgtb #define krb524_convert_creds_kdc krb5_524_convert_creds 1883505d05c7Sgtb #define krb524_init_ets(x) (0) 1884505d05c7Sgtb #endif 18857c478bd9Sstevel@tonic-gate 18867c478bd9Sstevel@tonic-gate /* libkt.spec */ 1887505d05c7Sgtb #if KRB5_PRIVATE 18887c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_kt_register 1889505d05c7Sgtb (krb5_context, 1890505d05c7Sgtb const struct _krb5_kt_ops * ); 1891505d05c7Sgtb #endif 1892505d05c7Sgtb 18937c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_kt_resolve 1894505d05c7Sgtb (krb5_context, 1895505d05c7Sgtb const char *, 1896505d05c7Sgtb krb5_keytab * ); 18977c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_kt_default_name 1898505d05c7Sgtb (krb5_context, 18997c478bd9Sstevel@tonic-gate char *, 1900505d05c7Sgtb int ); 19017c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_kt_default 1902505d05c7Sgtb (krb5_context, 1903505d05c7Sgtb krb5_keytab * ); 1904505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_free_keytab_entry_contents 1905505d05c7Sgtb (krb5_context, 1906505d05c7Sgtb krb5_keytab_entry * ); 1907505d05c7Sgtb #if KRB5_PRIVATE 1908505d05c7Sgtb /* use krb5_free_keytab_entry_contents instead */ 19097c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_kt_free_entry 1910505d05c7Sgtb (krb5_context, 1911505d05c7Sgtb krb5_keytab_entry * ); 1912505d05c7Sgtb #endif 19137c478bd9Sstevel@tonic-gate /* remove and add are functions, so that they can return NOWRITE 19147c478bd9Sstevel@tonic-gate if not a writable keytab */ 19157c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_kt_remove_entry 1916505d05c7Sgtb (krb5_context, 19177c478bd9Sstevel@tonic-gate krb5_keytab, 1918505d05c7Sgtb krb5_keytab_entry * ); 19197c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_kt_add_entry 1920505d05c7Sgtb (krb5_context, 19217c478bd9Sstevel@tonic-gate krb5_keytab, 1922505d05c7Sgtb krb5_keytab_entry * ); 1923505d05c7Sgtb krb5_error_code KRB5_CALLCONV_WRONG krb5_principal2salt 1924505d05c7Sgtb (krb5_context, 1925505d05c7Sgtb krb5_const_principal, krb5_data *); 1926505d05c7Sgtb #if KRB5_PRIVATE 19277c478bd9Sstevel@tonic-gate krb5_error_code krb5_principal2salt_norealm 1928505d05c7Sgtb (krb5_context, 1929505d05c7Sgtb krb5_const_principal, krb5_data *); 1930505d05c7Sgtb #endif 19317c478bd9Sstevel@tonic-gate /* librc.spec--see rcache.h */ 19327c478bd9Sstevel@tonic-gate 19337c478bd9Sstevel@tonic-gate /* libcc.spec */ 19347c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_cc_resolve 1935505d05c7Sgtb (krb5_context, 1936505d05c7Sgtb const char *, 1937505d05c7Sgtb krb5_ccache * ); 1938505d05c7Sgtb const char * KRB5_CALLCONV krb5_cc_default_name 1939505d05c7Sgtb (krb5_context); 19407c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_cc_set_default_name 1941505d05c7Sgtb (krb5_context, const char *); 19427c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_cc_default 1943505d05c7Sgtb (krb5_context, 1944505d05c7Sgtb krb5_ccache *); 1945505d05c7Sgtb #if KRB5_PRIVATE 1946505d05c7Sgtb unsigned int KRB5_CALLCONV krb5_get_notification_message 1947505d05c7Sgtb (void); 1948505d05c7Sgtb #endif 19497c478bd9Sstevel@tonic-gate 19507c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_cc_copy_creds 1951505d05c7Sgtb (krb5_context context, 19527c478bd9Sstevel@tonic-gate krb5_ccache incc, 1953505d05c7Sgtb krb5_ccache outcc); 19547c478bd9Sstevel@tonic-gate 19557c478bd9Sstevel@tonic-gate 19567c478bd9Sstevel@tonic-gate /* chk_trans.c */ 1957505d05c7Sgtb #if KRB5_PRIVATE 19587c478bd9Sstevel@tonic-gate krb5_error_code krb5_check_transited_list 1959505d05c7Sgtb (krb5_context, const krb5_data *trans, 1960505d05c7Sgtb const krb5_data *realm1, const krb5_data *realm2); 1961505d05c7Sgtb #endif 19627c478bd9Sstevel@tonic-gate 19637c478bd9Sstevel@tonic-gate /* free_rtree.c */ 1964505d05c7Sgtb #if KRB5_PRIVATE 19657c478bd9Sstevel@tonic-gate void krb5_free_realm_tree 1966505d05c7Sgtb (krb5_context, 1967505d05c7Sgtb krb5_principal *); 1968505d05c7Sgtb #endif 19697c478bd9Sstevel@tonic-gate 19707c478bd9Sstevel@tonic-gate /* krb5_free.c */ 19717c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_principal 1972505d05c7Sgtb (krb5_context, krb5_principal ); 19737c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_authenticator 1974505d05c7Sgtb (krb5_context, krb5_authenticator * ); 1975505d05c7Sgtb #if KRB5_PRIVATE 19767c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_authenticator_contents 1977505d05c7Sgtb (krb5_context, krb5_authenticator * ); 1978505d05c7Sgtb #endif 19797c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_addresses 1980505d05c7Sgtb (krb5_context, krb5_address ** ); 1981505d05c7Sgtb #if KRB5_PRIVATE 19827c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_address 1983505d05c7Sgtb (krb5_context, krb5_address * ); 1984505d05c7Sgtb #endif 19857c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_authdata 1986505d05c7Sgtb (krb5_context, krb5_authdata ** ); 1987505d05c7Sgtb #if KRB5_PRIVATE 19887c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_enc_tkt_part 1989505d05c7Sgtb (krb5_context, krb5_enc_tkt_part * ); 1990505d05c7Sgtb #endif 19917c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_ticket 1992505d05c7Sgtb (krb5_context, krb5_ticket * ); 1993505d05c7Sgtb #if KRB5_PRIVATE 19947c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_tickets 1995505d05c7Sgtb (krb5_context, krb5_ticket ** ); 19967c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_kdc_req 1997505d05c7Sgtb (krb5_context, krb5_kdc_req * ); 19987c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_kdc_rep 1999505d05c7Sgtb (krb5_context, krb5_kdc_rep * ); 20007c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_last_req 2001505d05c7Sgtb (krb5_context, krb5_last_req_entry ** ); 20027c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_enc_kdc_rep_part 2003505d05c7Sgtb (krb5_context, krb5_enc_kdc_rep_part * ); 2004505d05c7Sgtb #endif 20057c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_error 2006505d05c7Sgtb (krb5_context, krb5_error * ); 2007505d05c7Sgtb #if KRB5_PRIVATE 20087c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_ap_req 2009505d05c7Sgtb (krb5_context, krb5_ap_req * ); 20107c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_ap_rep 2011505d05c7Sgtb (krb5_context, krb5_ap_rep * ); 20127c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_cred 2013505d05c7Sgtb (krb5_context, krb5_cred *); 2014505d05c7Sgtb #endif 20157c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_creds 2016505d05c7Sgtb (krb5_context, krb5_creds *); 20177c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_cred_contents 2018505d05c7Sgtb (krb5_context, krb5_creds *); 2019505d05c7Sgtb #if KRB5_PRIVATE 20207c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_cred_enc_part 2021505d05c7Sgtb (krb5_context, krb5_cred_enc_part *); 2022505d05c7Sgtb #endif 20237c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_checksum 2024505d05c7Sgtb (krb5_context, krb5_checksum *); 20257c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_checksum_contents 2026505d05c7Sgtb (krb5_context, krb5_checksum *); 20277c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_keyblock 2028505d05c7Sgtb (krb5_context, krb5_keyblock *); 20297c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_keyblock_contents 2030505d05c7Sgtb (krb5_context, krb5_keyblock *); 2031505d05c7Sgtb #if KRB5_PRIVATE 20327c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_pa_data 2033505d05c7Sgtb (krb5_context, krb5_pa_data **); 2034505d05c7Sgtb #endif 20357c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_ap_rep_enc_part 2036505d05c7Sgtb (krb5_context, krb5_ap_rep_enc_part *); 2037505d05c7Sgtb #if KRB5_PRIVATE 20387c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_tkt_authent 2039505d05c7Sgtb (krb5_context, krb5_tkt_authent *); 20407c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_pwd_data 2041505d05c7Sgtb (krb5_context, krb5_pwd_data *); 20427c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_pwd_sequences 2043505d05c7Sgtb (krb5_context, passwd_phrase_element **); 2044505d05c7Sgtb #endif 20457c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_data 2046505d05c7Sgtb (krb5_context, krb5_data *); 20477c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_data_contents 2048505d05c7Sgtb (krb5_context, krb5_data *); 20497c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_unparsed_name 2050505d05c7Sgtb (krb5_context, char *); 20517c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_cksumtypes 2052505d05c7Sgtb (krb5_context, krb5_cksumtype *); 20537c478bd9Sstevel@tonic-gate 20547c478bd9Sstevel@tonic-gate /* From krb5/os but needed but by the outside world */ 20557c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_us_timeofday 2056505d05c7Sgtb (krb5_context, 2057505d05c7Sgtb krb5_int32 *, 2058505d05c7Sgtb krb5_int32 * ); 20597c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_timeofday 2060505d05c7Sgtb (krb5_context, 2061505d05c7Sgtb krb5_int32 * ); 20627c478bd9Sstevel@tonic-gate /* get all the addresses of this host */ 20637c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_os_localaddr 2064505d05c7Sgtb (krb5_context, 2065505d05c7Sgtb krb5_address ***); 20667c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_get_default_realm 2067505d05c7Sgtb (krb5_context, 2068505d05c7Sgtb char ** ); 20697c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_set_default_realm 2070505d05c7Sgtb (krb5_context, 2071505d05c7Sgtb const char * ); 20727c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_default_realm 2073505d05c7Sgtb (krb5_context, 2074505d05c7Sgtb char * ); 20757c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_sname_to_principal 2076505d05c7Sgtb (krb5_context, 2077505d05c7Sgtb const char *, 2078505d05c7Sgtb const char *, 20797c478bd9Sstevel@tonic-gate krb5_int32, 2080505d05c7Sgtb krb5_principal *); 2081505d05c7Sgtb krb5_error_code KRB5_CALLCONV 2082505d05c7Sgtb krb5_change_password 2083505d05c7Sgtb (krb5_context context, krb5_creds *creds, char *newpw, 2084505d05c7Sgtb int *result_code, krb5_data *result_code_string, 2085505d05c7Sgtb krb5_data *result_string); 2086505d05c7Sgtb krb5_error_code KRB5_CALLCONV 2087505d05c7Sgtb krb5_set_password 2088505d05c7Sgtb (krb5_context context, krb5_creds *creds, char *newpw, krb5_principal change_password_for, 2089505d05c7Sgtb int *result_code, krb5_data *result_code_string, krb5_data *result_string); 2090505d05c7Sgtb krb5_error_code KRB5_CALLCONV 2091505d05c7Sgtb krb5_set_password_using_ccache 2092505d05c7Sgtb (krb5_context context, krb5_ccache ccache, char *newpw, krb5_principal change_password_for, 2093505d05c7Sgtb int *result_code, krb5_data *result_code_string, krb5_data *result_string); 20947c478bd9Sstevel@tonic-gate 2095505d05c7Sgtb #if KRB5_PRIVATE 20967c478bd9Sstevel@tonic-gate krb5_error_code krb5_set_config_files 2097505d05c7Sgtb (krb5_context, const char **); 20987c478bd9Sstevel@tonic-gate 20997c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_get_default_config_files 2100505d05c7Sgtb (char ***filenames); 21017c478bd9Sstevel@tonic-gate 21027c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_config_files 2103505d05c7Sgtb (char **filenames); 21047c478bd9Sstevel@tonic-gate #endif 21057c478bd9Sstevel@tonic-gate 2106505d05c7Sgtb krb5_error_code KRB5_CALLCONV 2107505d05c7Sgtb krb5_get_profile 2108505d05c7Sgtb (krb5_context, struct _profile_t * /* profile_t */ *); 2109505d05c7Sgtb 2110505d05c7Sgtb #if KRB5_PRIVATE 21117c478bd9Sstevel@tonic-gate krb5_error_code krb5_send_tgs 2112505d05c7Sgtb (krb5_context, 2113505d05c7Sgtb krb5_flags, 2114505d05c7Sgtb const krb5_ticket_times *, 2115505d05c7Sgtb const krb5_enctype *, 2116505d05c7Sgtb krb5_const_principal, 2117505d05c7Sgtb krb5_address * const *, 2118505d05c7Sgtb krb5_authdata * const *, 2119505d05c7Sgtb krb5_pa_data * const *, 2120505d05c7Sgtb const krb5_data *, 2121505d05c7Sgtb krb5_creds *, 2122505d05c7Sgtb krb5_response * ); 2123505d05c7Sgtb #endif 2124505d05c7Sgtb 2125505d05c7Sgtb #if KRB5_DEPRECATED 2126505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_get_in_tkt 2127505d05c7Sgtb (krb5_context, 2128505d05c7Sgtb krb5_flags, 2129505d05c7Sgtb krb5_address * const *, 2130505d05c7Sgtb krb5_enctype *, 2131505d05c7Sgtb krb5_preauthtype *, 2132505d05c7Sgtb krb5_error_code ( * )(krb5_context, 2133505d05c7Sgtb krb5_enctype, 2134505d05c7Sgtb krb5_data *, 2135505d05c7Sgtb krb5_const_pointer, 2136505d05c7Sgtb krb5_keyblock **), 2137505d05c7Sgtb krb5_const_pointer, 2138505d05c7Sgtb krb5_error_code ( * )(krb5_context, 2139505d05c7Sgtb const krb5_keyblock *, 2140505d05c7Sgtb krb5_const_pointer, 2141505d05c7Sgtb krb5_kdc_rep * ), 2142505d05c7Sgtb krb5_const_pointer, 2143505d05c7Sgtb krb5_creds *, 2144505d05c7Sgtb krb5_ccache, 2145505d05c7Sgtb krb5_kdc_rep ** ); 2146505d05c7Sgtb 2147505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_get_in_tkt_with_password 2148505d05c7Sgtb (krb5_context, 2149505d05c7Sgtb krb5_flags, 2150505d05c7Sgtb krb5_address * const *, 2151505d05c7Sgtb krb5_enctype *, 2152505d05c7Sgtb krb5_preauthtype *, 2153505d05c7Sgtb const char *, 2154505d05c7Sgtb krb5_ccache, 2155505d05c7Sgtb krb5_creds *, 2156505d05c7Sgtb krb5_kdc_rep ** ); 2157505d05c7Sgtb 2158505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_get_in_tkt_with_skey 2159505d05c7Sgtb (krb5_context, 2160505d05c7Sgtb krb5_flags, 2161505d05c7Sgtb krb5_address * const *, 2162505d05c7Sgtb krb5_enctype *, 2163505d05c7Sgtb krb5_preauthtype *, 2164505d05c7Sgtb const krb5_keyblock *, 2165505d05c7Sgtb krb5_ccache, 2166505d05c7Sgtb krb5_creds *, 2167505d05c7Sgtb krb5_kdc_rep ** ); 2168505d05c7Sgtb 2169505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_get_in_tkt_with_keytab 2170505d05c7Sgtb (krb5_context, 2171505d05c7Sgtb krb5_flags, 2172505d05c7Sgtb krb5_address * const *, 2173505d05c7Sgtb krb5_enctype *, 2174505d05c7Sgtb krb5_preauthtype *, 2175505d05c7Sgtb krb5_keytab, 2176505d05c7Sgtb krb5_ccache, 2177505d05c7Sgtb krb5_creds *, 2178505d05c7Sgtb krb5_kdc_rep ** ); 2179505d05c7Sgtb #endif /* KRB5_DEPRECATED */ 21807c478bd9Sstevel@tonic-gate 2181505d05c7Sgtb #if KRB5_PRIVATE 21827c478bd9Sstevel@tonic-gate krb5_error_code krb5_decode_kdc_rep 2183505d05c7Sgtb (krb5_context, 2184505d05c7Sgtb krb5_data *, 2185505d05c7Sgtb const krb5_keyblock *, 2186505d05c7Sgtb krb5_kdc_rep ** ); 2187505d05c7Sgtb #endif 21887c478bd9Sstevel@tonic-gate 21897c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_rd_req 2190505d05c7Sgtb (krb5_context, 21917c478bd9Sstevel@tonic-gate krb5_auth_context *, 2192505d05c7Sgtb const krb5_data *, 21937c478bd9Sstevel@tonic-gate krb5_const_principal, 21947c478bd9Sstevel@tonic-gate krb5_keytab, 21957c478bd9Sstevel@tonic-gate krb5_flags *, 2196505d05c7Sgtb krb5_ticket **); 21977c478bd9Sstevel@tonic-gate 2198505d05c7Sgtb #if KRB5_PRIVATE 21997c478bd9Sstevel@tonic-gate krb5_error_code krb5_rd_req_decoded 2200505d05c7Sgtb (krb5_context, 2201505d05c7Sgtb krb5_auth_context *, 2202505d05c7Sgtb const krb5_ap_req *, 2203505d05c7Sgtb krb5_const_principal, 2204505d05c7Sgtb krb5_keytab, 2205505d05c7Sgtb krb5_flags *, 2206505d05c7Sgtb krb5_ticket **); 22077c478bd9Sstevel@tonic-gate 22087c478bd9Sstevel@tonic-gate krb5_error_code krb5_rd_req_decoded_anyflag 2209505d05c7Sgtb (krb5_context, 2210505d05c7Sgtb krb5_auth_context *, 2211505d05c7Sgtb const krb5_ap_req *, 2212505d05c7Sgtb krb5_const_principal, 2213505d05c7Sgtb krb5_keytab, 2214505d05c7Sgtb krb5_flags *, 2215505d05c7Sgtb krb5_ticket **); 2216505d05c7Sgtb #endif 22177c478bd9Sstevel@tonic-gate 22187c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_kt_read_service_key 2219505d05c7Sgtb (krb5_context, 22207c478bd9Sstevel@tonic-gate krb5_pointer, 22217c478bd9Sstevel@tonic-gate krb5_principal, 22227c478bd9Sstevel@tonic-gate krb5_kvno, 22237c478bd9Sstevel@tonic-gate krb5_enctype, 2224505d05c7Sgtb krb5_keyblock **); 22257c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_mk_safe 2226505d05c7Sgtb (krb5_context, 22277c478bd9Sstevel@tonic-gate krb5_auth_context, 2228505d05c7Sgtb const krb5_data *, 22297c478bd9Sstevel@tonic-gate krb5_data *, 2230505d05c7Sgtb krb5_replay_data *); 22317c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_mk_priv 2232505d05c7Sgtb (krb5_context, 22337c478bd9Sstevel@tonic-gate krb5_auth_context, 2234505d05c7Sgtb const krb5_data *, 22357c478bd9Sstevel@tonic-gate krb5_data *, 2236505d05c7Sgtb krb5_replay_data *); 2237505d05c7Sgtb #if KRB5_PRIVATE 22387c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_cc_register 2239505d05c7Sgtb (krb5_context, 22407c478bd9Sstevel@tonic-gate krb5_cc_ops *, 2241505d05c7Sgtb krb5_boolean ); 2242505d05c7Sgtb #endif 22437c478bd9Sstevel@tonic-gate 2244505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_sendauth 2245505d05c7Sgtb (krb5_context, 22467c478bd9Sstevel@tonic-gate krb5_auth_context *, 22477c478bd9Sstevel@tonic-gate krb5_pointer, 22487c478bd9Sstevel@tonic-gate char *, 22497c478bd9Sstevel@tonic-gate krb5_principal, 22507c478bd9Sstevel@tonic-gate krb5_principal, 22517c478bd9Sstevel@tonic-gate krb5_flags, 22527c478bd9Sstevel@tonic-gate krb5_data *, 22537c478bd9Sstevel@tonic-gate krb5_creds *, 22547c478bd9Sstevel@tonic-gate krb5_ccache, 2255505d05c7Sgtb krb5_error **, 2256505d05c7Sgtb krb5_ap_rep_enc_part **, 2257505d05c7Sgtb krb5_creds **); 2258505d05c7Sgtb 22597c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_recvauth 2260505d05c7Sgtb (krb5_context, 22617c478bd9Sstevel@tonic-gate krb5_auth_context *, 22627c478bd9Sstevel@tonic-gate krb5_pointer, 22637c478bd9Sstevel@tonic-gate char *, 22647c478bd9Sstevel@tonic-gate krb5_principal, 2265505d05c7Sgtb krb5_int32, 22667c478bd9Sstevel@tonic-gate krb5_keytab, 2267505d05c7Sgtb krb5_ticket **); 22687c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_recvauth_version 2269505d05c7Sgtb (krb5_context, 22707c478bd9Sstevel@tonic-gate krb5_auth_context *, 22717c478bd9Sstevel@tonic-gate krb5_pointer, 22727c478bd9Sstevel@tonic-gate krb5_principal, 2273505d05c7Sgtb krb5_int32, 22747c478bd9Sstevel@tonic-gate krb5_keytab, 2275505d05c7Sgtb krb5_ticket **, 2276505d05c7Sgtb krb5_data *); 22777c478bd9Sstevel@tonic-gate 2278505d05c7Sgtb #if KRB5_PRIVATE 22797c478bd9Sstevel@tonic-gate krb5_error_code krb5_walk_realm_tree 2280505d05c7Sgtb (krb5_context, 2281505d05c7Sgtb const krb5_data *, 2282505d05c7Sgtb const krb5_data *, 22837c478bd9Sstevel@tonic-gate krb5_principal **, 2284505d05c7Sgtb int); 2285505d05c7Sgtb #endif 22867c478bd9Sstevel@tonic-gate 22877c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_mk_ncred 2288505d05c7Sgtb (krb5_context, 22897c478bd9Sstevel@tonic-gate krb5_auth_context, 2290505d05c7Sgtb krb5_creds **, 2291505d05c7Sgtb krb5_data **, 2292505d05c7Sgtb krb5_replay_data *); 22937c478bd9Sstevel@tonic-gate 22947c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_mk_1cred 2295505d05c7Sgtb (krb5_context, 22967c478bd9Sstevel@tonic-gate krb5_auth_context, 22977c478bd9Sstevel@tonic-gate krb5_creds *, 2298505d05c7Sgtb krb5_data **, 2299505d05c7Sgtb krb5_replay_data *); 23007c478bd9Sstevel@tonic-gate 23017c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_rd_cred 2302505d05c7Sgtb (krb5_context, 23037c478bd9Sstevel@tonic-gate krb5_auth_context, 23047c478bd9Sstevel@tonic-gate krb5_data *, 2305505d05c7Sgtb krb5_creds ***, 2306505d05c7Sgtb krb5_replay_data *); 23077c478bd9Sstevel@tonic-gate 23087c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_fwd_tgt_creds 2309505d05c7Sgtb (krb5_context, 23107c478bd9Sstevel@tonic-gate krb5_auth_context, 23117c478bd9Sstevel@tonic-gate char *, 2312505d05c7Sgtb krb5_principal, 2313505d05c7Sgtb krb5_principal, 23147c478bd9Sstevel@tonic-gate krb5_ccache, 23157c478bd9Sstevel@tonic-gate int forwardable, 2316505d05c7Sgtb krb5_data *); 23177c478bd9Sstevel@tonic-gate 23187c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_auth_con_init 2319505d05c7Sgtb (krb5_context, 2320505d05c7Sgtb krb5_auth_context *); 23217c478bd9Sstevel@tonic-gate 23227c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_auth_con_free 2323505d05c7Sgtb (krb5_context, 2324505d05c7Sgtb krb5_auth_context); 23257c478bd9Sstevel@tonic-gate 23267c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_auth_con_setflags 2327505d05c7Sgtb (krb5_context, 23287c478bd9Sstevel@tonic-gate krb5_auth_context, 2329505d05c7Sgtb krb5_int32); 23307c478bd9Sstevel@tonic-gate 23317c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_auth_con_getflags 2332505d05c7Sgtb (krb5_context, 23337c478bd9Sstevel@tonic-gate krb5_auth_context, 2334505d05c7Sgtb krb5_int32 *); 23357c478bd9Sstevel@tonic-gate 23367c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 23377c478bd9Sstevel@tonic-gate krb5_auth_con_set_checksum_func (krb5_context, krb5_auth_context, 2338505d05c7Sgtb krb5_mk_req_checksum_func, void *); 23397c478bd9Sstevel@tonic-gate 23407c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 23417c478bd9Sstevel@tonic-gate krb5_auth_con_get_checksum_func( krb5_context, krb5_auth_context, 2342505d05c7Sgtb krb5_mk_req_checksum_func *, void **); 2343505d05c7Sgtb 2344505d05c7Sgtb krb5_error_code KRB5_CALLCONV_WRONG krb5_auth_con_setaddrs 2345505d05c7Sgtb (krb5_context, 2346505d05c7Sgtb krb5_auth_context, 2347505d05c7Sgtb krb5_address *, 2348505d05c7Sgtb krb5_address *); 2349505d05c7Sgtb 2350505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_auth_con_getaddrs 2351505d05c7Sgtb (krb5_context, 2352505d05c7Sgtb krb5_auth_context, 2353505d05c7Sgtb krb5_address **, 2354505d05c7Sgtb krb5_address **); 2355505d05c7Sgtb 2356505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_auth_con_setports 2357505d05c7Sgtb (krb5_context, 2358505d05c7Sgtb krb5_auth_context, 2359505d05c7Sgtb krb5_address *, 2360505d05c7Sgtb krb5_address *); 23617c478bd9Sstevel@tonic-gate 23627c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_auth_con_setuseruserkey 2363505d05c7Sgtb (krb5_context, 23647c478bd9Sstevel@tonic-gate krb5_auth_context, 2365505d05c7Sgtb krb5_keyblock *); 23667c478bd9Sstevel@tonic-gate 23677c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_auth_con_getkey 2368505d05c7Sgtb (krb5_context, 23697c478bd9Sstevel@tonic-gate krb5_auth_context, 2370505d05c7Sgtb krb5_keyblock **); 23717c478bd9Sstevel@tonic-gate 23727c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_auth_con_getsendsubkey( 23737c478bd9Sstevel@tonic-gate krb5_context, krb5_auth_context, krb5_keyblock **); 23747c478bd9Sstevel@tonic-gate 23757c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_auth_con_getrecvsubkey( 23767c478bd9Sstevel@tonic-gate krb5_context, krb5_auth_context, krb5_keyblock **); 23777c478bd9Sstevel@tonic-gate 23787c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_auth_con_setsendsubkey( 23797c478bd9Sstevel@tonic-gate krb5_context, krb5_auth_context, krb5_keyblock *); 23807c478bd9Sstevel@tonic-gate 23817c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_auth_con_setrecvsubkey( 23827c478bd9Sstevel@tonic-gate krb5_context, krb5_auth_context, krb5_keyblock *); 23837c478bd9Sstevel@tonic-gate 2384505d05c7Sgtb #if KRB5_DEPRECATED 23857c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_auth_con_getlocalsubkey 2386505d05c7Sgtb (krb5_context, 23877c478bd9Sstevel@tonic-gate krb5_auth_context, 2388505d05c7Sgtb krb5_keyblock **); 23897c478bd9Sstevel@tonic-gate 2390505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_auth_con_getremotesubkey 2391505d05c7Sgtb (krb5_context, 2392505d05c7Sgtb krb5_auth_context, 2393505d05c7Sgtb krb5_keyblock **); 2394505d05c7Sgtb #endif 2395505d05c7Sgtb 2396505d05c7Sgtb #if KRB5_PRIVATE 23977c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_auth_con_set_req_cksumtype 2398505d05c7Sgtb (krb5_context, 23997c478bd9Sstevel@tonic-gate krb5_auth_context, 2400505d05c7Sgtb krb5_cksumtype); 24017c478bd9Sstevel@tonic-gate 24027c478bd9Sstevel@tonic-gate krb5_error_code krb5_auth_con_set_safe_cksumtype 2403505d05c7Sgtb (krb5_context, 2404505d05c7Sgtb krb5_auth_context, 2405505d05c7Sgtb krb5_cksumtype); 2406505d05c7Sgtb #endif 24077c478bd9Sstevel@tonic-gate 24087c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_auth_con_getlocalseqnumber 2409505d05c7Sgtb (krb5_context, 24107c478bd9Sstevel@tonic-gate krb5_auth_context, 2411505d05c7Sgtb krb5_int32 *); 24127c478bd9Sstevel@tonic-gate 24137c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_auth_con_getremoteseqnumber 2414505d05c7Sgtb (krb5_context, 24157c478bd9Sstevel@tonic-gate krb5_auth_context, 2416505d05c7Sgtb krb5_int32 *); 24177c478bd9Sstevel@tonic-gate 2418505d05c7Sgtb #if KRB5_DEPRECATED 2419505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_auth_con_initivector 2420505d05c7Sgtb (krb5_context, 2421505d05c7Sgtb krb5_auth_context); 2422505d05c7Sgtb #endif 24237c478bd9Sstevel@tonic-gate 2424505d05c7Sgtb #if KRB5_PRIVATE 24257c478bd9Sstevel@tonic-gate krb5_error_code krb5_auth_con_setivector 2426505d05c7Sgtb (krb5_context, 2427505d05c7Sgtb krb5_auth_context, 2428505d05c7Sgtb krb5_pointer); 24297c478bd9Sstevel@tonic-gate 24307c478bd9Sstevel@tonic-gate krb5_error_code krb5_auth_con_getivector 2431505d05c7Sgtb (krb5_context, 2432505d05c7Sgtb krb5_auth_context, 2433505d05c7Sgtb krb5_pointer *); 2434505d05c7Sgtb #endif 24357c478bd9Sstevel@tonic-gate 24367c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_auth_con_setrcache 2437505d05c7Sgtb (krb5_context, 24387c478bd9Sstevel@tonic-gate krb5_auth_context, 2439505d05c7Sgtb krb5_rcache); 24407c478bd9Sstevel@tonic-gate 2441505d05c7Sgtb krb5_error_code KRB5_CALLCONV_WRONG krb5_auth_con_getrcache 2442505d05c7Sgtb (krb5_context, 24437c478bd9Sstevel@tonic-gate krb5_auth_context, 2444505d05c7Sgtb krb5_rcache *); 24457c478bd9Sstevel@tonic-gate 2446505d05c7Sgtb #if KRB5_PRIVATE 2447505d05c7Sgtb krb5_error_code krb5_auth_con_setpermetypes 2448505d05c7Sgtb (krb5_context, 2449505d05c7Sgtb krb5_auth_context, 2450505d05c7Sgtb const krb5_enctype *); 2451505d05c7Sgtb 2452505d05c7Sgtb krb5_error_code krb5_auth_con_getpermetypes 2453505d05c7Sgtb (krb5_context, 2454505d05c7Sgtb krb5_auth_context, 2455505d05c7Sgtb krb5_enctype **); 2456505d05c7Sgtb #endif 2457505d05c7Sgtb 2458505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_auth_con_getauthenticator 2459505d05c7Sgtb (krb5_context, 24607c478bd9Sstevel@tonic-gate krb5_auth_context, 2461505d05c7Sgtb krb5_authenticator **); 24627c478bd9Sstevel@tonic-gate 24637c478bd9Sstevel@tonic-gate #define KRB5_REALM_BRANCH_CHAR '.' 24647c478bd9Sstevel@tonic-gate 24657c478bd9Sstevel@tonic-gate /* 24667c478bd9Sstevel@tonic-gate * end "func-proto.h" 24677c478bd9Sstevel@tonic-gate */ 24687c478bd9Sstevel@tonic-gate 24697c478bd9Sstevel@tonic-gate /* 24707c478bd9Sstevel@tonic-gate * begin stuff from libos.h 24717c478bd9Sstevel@tonic-gate */ 24727c478bd9Sstevel@tonic-gate 2473505d05c7Sgtb #if KRB5_PRIVATE 2474505d05c7Sgtb krb5_error_code krb5_read_message (krb5_context, krb5_pointer, krb5_data *); 2475505d05c7Sgtb krb5_error_code krb5_write_message (krb5_context, krb5_pointer, krb5_data *); 2476505d05c7Sgtb int krb5_net_read (krb5_context, int , char *, int); 2477505d05c7Sgtb int krb5_net_write (krb5_context, int , const char *, int); 2478505d05c7Sgtb #endif 2479505d05c7Sgtb 24807c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_read_password 2481505d05c7Sgtb (krb5_context, 24827c478bd9Sstevel@tonic-gate const char *, 24837c478bd9Sstevel@tonic-gate const char *, 24847c478bd9Sstevel@tonic-gate char *, 2485505d05c7Sgtb unsigned int * ); 2486505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_aname_to_localname 2487505d05c7Sgtb (krb5_context, 24887c478bd9Sstevel@tonic-gate krb5_const_principal, 2489505d05c7Sgtb int, 2490505d05c7Sgtb char * ); 24917c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_get_host_realm 2492505d05c7Sgtb (krb5_context, 24937c478bd9Sstevel@tonic-gate const char *, 2494505d05c7Sgtb char *** ); 2495fe598cdcSmp krb5_error_code KRB5_CALLCONV krb5_get_fallback_host_realm 2496fe598cdcSmp (krb5_context, 2497fe598cdcSmp krb5_data *, 2498fe598cdcSmp char *** ); 24997c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_free_host_realm 2500505d05c7Sgtb (krb5_context, 2501505d05c7Sgtb char * const * ); 2502505d05c7Sgtb #if KRB5_PRIVATE 25037c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_get_realm_domain 2504505d05c7Sgtb (krb5_context, 25057c478bd9Sstevel@tonic-gate const char *, 2506505d05c7Sgtb char ** ); 2507505d05c7Sgtb #endif 2508505d05c7Sgtb krb5_boolean KRB5_CALLCONV krb5_kuserok 2509505d05c7Sgtb (krb5_context, 2510505d05c7Sgtb krb5_principal, const char *); 25117c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_auth_con_genaddrs 2512505d05c7Sgtb (krb5_context, 25137c478bd9Sstevel@tonic-gate krb5_auth_context, 2514505d05c7Sgtb int, int); 2515505d05c7Sgtb #if KRB5_PRIVATE 25167c478bd9Sstevel@tonic-gate krb5_error_code krb5_gen_portaddr 2517505d05c7Sgtb (krb5_context, 25187c478bd9Sstevel@tonic-gate const krb5_address *, 25197c478bd9Sstevel@tonic-gate krb5_const_pointer, 2520505d05c7Sgtb krb5_address **); 2521505d05c7Sgtb krb5_error_code krb5_gen_replay_name 2522505d05c7Sgtb (krb5_context, 2523505d05c7Sgtb const krb5_address *, 2524505d05c7Sgtb const char *, 2525505d05c7Sgtb char **); 25267c478bd9Sstevel@tonic-gate krb5_error_code krb5_make_fulladdr 2527505d05c7Sgtb (krb5_context, 25287c478bd9Sstevel@tonic-gate krb5_address *, 25297c478bd9Sstevel@tonic-gate krb5_address *, 2530505d05c7Sgtb krb5_address *); 2531505d05c7Sgtb #endif 25327c478bd9Sstevel@tonic-gate 2533505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_set_real_time 2534505d05c7Sgtb (krb5_context, krb5_int32, krb5_int32); 25357c478bd9Sstevel@tonic-gate 2536505d05c7Sgtb #if KRB5_PRIVATE 25377c478bd9Sstevel@tonic-gate krb5_error_code krb5_set_debugging_time 2538505d05c7Sgtb (krb5_context, krb5_int32, krb5_int32); 25397c478bd9Sstevel@tonic-gate krb5_error_code krb5_use_natural_time 2540505d05c7Sgtb (krb5_context); 2541505d05c7Sgtb #endif 2542505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_get_time_offsets 2543505d05c7Sgtb (krb5_context, krb5_int32 *, krb5_int32 *); 2544505d05c7Sgtb #if KRB5_PRIVATE 25457c478bd9Sstevel@tonic-gate krb5_error_code krb5_set_time_offsets 2546505d05c7Sgtb (krb5_context, krb5_int32, krb5_int32); 2547505d05c7Sgtb #endif 25487c478bd9Sstevel@tonic-gate 25497c478bd9Sstevel@tonic-gate /* str_conv.c */ 25507c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_string_to_enctype 2551505d05c7Sgtb (char *, krb5_enctype *); 25527c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_string_to_salttype 2553505d05c7Sgtb (char *, krb5_int32 *); 25547c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_string_to_cksumtype 2555505d05c7Sgtb (char *, krb5_cksumtype *); 25567c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_string_to_timestamp 2557505d05c7Sgtb (char *, krb5_timestamp *); 25587c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_string_to_deltat 2559505d05c7Sgtb (char *, krb5_deltat *); 25607c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_enctype_to_string 2561505d05c7Sgtb (krb5_enctype, char *, size_t); 25627c64d375Smp /* Solaris Kerberos */ 25637c64d375Smp krb5_error_code KRB5_CALLCONV krb5_enctype_to_istring 25647c64d375Smp (krb5_enctype, char *, size_t); 25657c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_salttype_to_string 2566505d05c7Sgtb (krb5_int32, char *, size_t); 25677c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_cksumtype_to_string 2568505d05c7Sgtb (krb5_cksumtype, char *, size_t); 25697c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_timestamp_to_string 2570505d05c7Sgtb (krb5_timestamp, char *, size_t); 25717c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_timestamp_to_sfstring 2572505d05c7Sgtb (krb5_timestamp, char *, size_t, char *); 25737c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_deltat_to_string 2574505d05c7Sgtb (krb5_deltat, char *, size_t); 2575505d05c7Sgtb 25767c478bd9Sstevel@tonic-gate 25777c478bd9Sstevel@tonic-gate /* 25787c478bd9Sstevel@tonic-gate * end stuff from libos.h 25797c478bd9Sstevel@tonic-gate */ 25807c478bd9Sstevel@tonic-gate 25817c478bd9Sstevel@tonic-gate /* 25827c478bd9Sstevel@tonic-gate * begin "k5-free.h" 25837c478bd9Sstevel@tonic-gate */ 25847c478bd9Sstevel@tonic-gate 25857c478bd9Sstevel@tonic-gate /* to keep lint happy */ 25867c478bd9Sstevel@tonic-gate #ifdef _KERNEL 25877c478bd9Sstevel@tonic-gate #define krb5_xfree_wrap(val,n) kmem_free((char *)(val),n) 25887c478bd9Sstevel@tonic-gate #else 25897c478bd9Sstevel@tonic-gate #define krb5_xfree_wrap(val,n) free((char *)(val)) 25907c478bd9Sstevel@tonic-gate #define krb5_xfree(val) free((char *)(val)) 25917c478bd9Sstevel@tonic-gate #endif 25927c478bd9Sstevel@tonic-gate 25937c478bd9Sstevel@tonic-gate /* 25947c478bd9Sstevel@tonic-gate * end "k5-free.h" 25957c478bd9Sstevel@tonic-gate */ 25967c478bd9Sstevel@tonic-gate 25977c478bd9Sstevel@tonic-gate /* The name of the Kerberos ticket granting service... and its size */ 25987c478bd9Sstevel@tonic-gate #define KRB5_TGS_NAME "krbtgt" 25997c478bd9Sstevel@tonic-gate #define KRB5_TGS_NAME_SIZE 6 26007c478bd9Sstevel@tonic-gate 26017c478bd9Sstevel@tonic-gate /* flags for recvauth */ 26027c478bd9Sstevel@tonic-gate #define KRB5_RECVAUTH_SKIP_VERSION 0x0001 26037c478bd9Sstevel@tonic-gate #define KRB5_RECVAUTH_BADAUTHVERS 0x0002 26047c478bd9Sstevel@tonic-gate /* initial ticket api functions */ 26057c478bd9Sstevel@tonic-gate 26067c478bd9Sstevel@tonic-gate typedef struct _krb5_prompt { 26077c478bd9Sstevel@tonic-gate char *prompt; 26087c478bd9Sstevel@tonic-gate int hidden; 26097c478bd9Sstevel@tonic-gate krb5_data *reply; 26107c478bd9Sstevel@tonic-gate } krb5_prompt; 26117c478bd9Sstevel@tonic-gate 26127c478bd9Sstevel@tonic-gate typedef krb5_error_code (KRB5_CALLCONV *krb5_prompter_fct)(krb5_context context, 26137c478bd9Sstevel@tonic-gate void *data, 26147c478bd9Sstevel@tonic-gate const char *name, 26157c478bd9Sstevel@tonic-gate const char *banner, 26167c478bd9Sstevel@tonic-gate int num_prompts, 26177c478bd9Sstevel@tonic-gate krb5_prompt prompts[]); 26187c478bd9Sstevel@tonic-gate 26197c478bd9Sstevel@tonic-gate 26207c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 2621159d09a2SMark Phalan krb5_prompter_posix (krb5_context context, 26227c478bd9Sstevel@tonic-gate void *data, 26237c478bd9Sstevel@tonic-gate const char *name, 26247c478bd9Sstevel@tonic-gate const char *banner, 26257c478bd9Sstevel@tonic-gate int num_prompts, 2626505d05c7Sgtb krb5_prompt prompts[]); 26277c478bd9Sstevel@tonic-gate 26287c478bd9Sstevel@tonic-gate typedef struct _krb5_get_init_creds_opt { 26297c478bd9Sstevel@tonic-gate krb5_flags flags; 26307c478bd9Sstevel@tonic-gate krb5_deltat tkt_life; 26317c478bd9Sstevel@tonic-gate krb5_deltat renew_life; 26327c478bd9Sstevel@tonic-gate int forwardable; 26337c478bd9Sstevel@tonic-gate int proxiable; 26347c478bd9Sstevel@tonic-gate krb5_enctype *etype_list; 26357c478bd9Sstevel@tonic-gate int etype_list_length; 26367c478bd9Sstevel@tonic-gate krb5_address **address_list; 26377c478bd9Sstevel@tonic-gate krb5_preauthtype *preauth_list; 26387c478bd9Sstevel@tonic-gate int preauth_list_length; 26397c478bd9Sstevel@tonic-gate krb5_data *salt; 26407c478bd9Sstevel@tonic-gate } krb5_get_init_creds_opt; 26417c478bd9Sstevel@tonic-gate 26427c478bd9Sstevel@tonic-gate #define KRB5_GET_INIT_CREDS_OPT_TKT_LIFE 0x0001 26437c478bd9Sstevel@tonic-gate #define KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE 0x0002 26447c478bd9Sstevel@tonic-gate #define KRB5_GET_INIT_CREDS_OPT_FORWARDABLE 0x0004 26457c478bd9Sstevel@tonic-gate #define KRB5_GET_INIT_CREDS_OPT_PROXIABLE 0x0008 26467c478bd9Sstevel@tonic-gate #define KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST 0x0010 26477c478bd9Sstevel@tonic-gate #define KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST 0x0020 26487c478bd9Sstevel@tonic-gate #define KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST 0x0040 26497c478bd9Sstevel@tonic-gate #define KRB5_GET_INIT_CREDS_OPT_SALT 0x0080 2650159d09a2SMark Phalan #define KRB5_GET_INIT_CREDS_OPT_CHG_PWD_PRMPT 0x0100 2651159d09a2SMark Phalan 2652159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV 2653159d09a2SMark Phalan krb5_get_init_creds_opt_alloc 2654159d09a2SMark Phalan (krb5_context context, 2655159d09a2SMark Phalan krb5_get_init_creds_opt **opt); 2656159d09a2SMark Phalan 2657159d09a2SMark Phalan void KRB5_CALLCONV 2658159d09a2SMark Phalan krb5_get_init_creds_opt_free 2659159d09a2SMark Phalan (krb5_context context, 2660159d09a2SMark Phalan krb5_get_init_creds_opt *opt); 26617c478bd9Sstevel@tonic-gate 26627c478bd9Sstevel@tonic-gate void KRB5_CALLCONV 26637c478bd9Sstevel@tonic-gate krb5_get_init_creds_opt_init 2664505d05c7Sgtb (krb5_get_init_creds_opt *opt); 26657c478bd9Sstevel@tonic-gate 26667c478bd9Sstevel@tonic-gate void KRB5_CALLCONV 26677c478bd9Sstevel@tonic-gate krb5_get_init_creds_opt_set_tkt_life 2668505d05c7Sgtb (krb5_get_init_creds_opt *opt, 2669505d05c7Sgtb krb5_deltat tkt_life); 26707c478bd9Sstevel@tonic-gate 26717c478bd9Sstevel@tonic-gate void KRB5_CALLCONV 26727c478bd9Sstevel@tonic-gate krb5_get_init_creds_opt_set_renew_life 2673505d05c7Sgtb (krb5_get_init_creds_opt *opt, 2674505d05c7Sgtb krb5_deltat renew_life); 26757c478bd9Sstevel@tonic-gate 26767c478bd9Sstevel@tonic-gate void KRB5_CALLCONV 26777c478bd9Sstevel@tonic-gate krb5_get_init_creds_opt_set_forwardable 2678505d05c7Sgtb (krb5_get_init_creds_opt *opt, 2679505d05c7Sgtb int forwardable); 26807c478bd9Sstevel@tonic-gate 26817c478bd9Sstevel@tonic-gate void KRB5_CALLCONV 26827c478bd9Sstevel@tonic-gate krb5_get_init_creds_opt_set_proxiable 2683505d05c7Sgtb (krb5_get_init_creds_opt *opt, 2684505d05c7Sgtb int proxiable); 26857c478bd9Sstevel@tonic-gate 26867c478bd9Sstevel@tonic-gate void KRB5_CALLCONV 26877c478bd9Sstevel@tonic-gate krb5_get_init_creds_opt_set_etype_list 2688505d05c7Sgtb (krb5_get_init_creds_opt *opt, 26897c478bd9Sstevel@tonic-gate krb5_enctype *etype_list, 2690505d05c7Sgtb int etype_list_length); 26917c478bd9Sstevel@tonic-gate 26927c478bd9Sstevel@tonic-gate void KRB5_CALLCONV 26937c478bd9Sstevel@tonic-gate krb5_get_init_creds_opt_set_address_list 2694505d05c7Sgtb (krb5_get_init_creds_opt *opt, 2695505d05c7Sgtb krb5_address **addresses); 26967c478bd9Sstevel@tonic-gate 26977c478bd9Sstevel@tonic-gate void KRB5_CALLCONV 26987c478bd9Sstevel@tonic-gate krb5_get_init_creds_opt_set_preauth_list 2699505d05c7Sgtb (krb5_get_init_creds_opt *opt, 27007c478bd9Sstevel@tonic-gate krb5_preauthtype *preauth_list, 2701505d05c7Sgtb int preauth_list_length); 27027c478bd9Sstevel@tonic-gate 27037c478bd9Sstevel@tonic-gate void KRB5_CALLCONV 27047c478bd9Sstevel@tonic-gate krb5_get_init_creds_opt_set_salt 2705505d05c7Sgtb (krb5_get_init_creds_opt *opt, 2706505d05c7Sgtb krb5_data *salt); 2707505d05c7Sgtb 2708159d09a2SMark Phalan void KRB5_CALLCONV 2709159d09a2SMark Phalan krb5_get_init_creds_opt_set_change_password_prompt 2710159d09a2SMark Phalan (krb5_get_init_creds_opt *opt, 2711159d09a2SMark Phalan int prompt); 2712505d05c7Sgtb 2713159d09a2SMark Phalan /* Generic preauth option attribute/value pairs */ 2714159d09a2SMark Phalan typedef struct _krb5_gic_opt_pa_data { 2715159d09a2SMark Phalan char *attr; 2716159d09a2SMark Phalan char *value; 2717159d09a2SMark Phalan } krb5_gic_opt_pa_data; 2718159d09a2SMark Phalan 2719159d09a2SMark Phalan /* 2720159d09a2SMark Phalan * This function allows the caller to supply options to preauth 2721159d09a2SMark Phalan * plugins. Preauth plugin modules are given a chance to look 2722159d09a2SMark Phalan * at each option at the time this function is called in ordre 2723159d09a2SMark Phalan * to check the validity of the option. 2724159d09a2SMark Phalan * The 'opt' pointer supplied to this function must have been 2725159d09a2SMark Phalan * obtained using krb5_get_init_creds_opt_alloc() 2726159d09a2SMark Phalan */ 2727159d09a2SMark Phalan krb5_error_code KRB5_CALLCONV 2728159d09a2SMark Phalan krb5_get_init_creds_opt_set_pa 2729159d09a2SMark Phalan (krb5_context context, 2730159d09a2SMark Phalan krb5_get_init_creds_opt *opt, 2731159d09a2SMark Phalan const char *attr, 2732159d09a2SMark Phalan const char *value); 27337c478bd9Sstevel@tonic-gate 27347c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 27357c478bd9Sstevel@tonic-gate krb5_get_init_creds_password 2736505d05c7Sgtb (krb5_context context, 27377c478bd9Sstevel@tonic-gate krb5_creds *creds, 27387c478bd9Sstevel@tonic-gate krb5_principal client, 27397c478bd9Sstevel@tonic-gate char *password, 27407c478bd9Sstevel@tonic-gate krb5_prompter_fct prompter, 27417c478bd9Sstevel@tonic-gate void *data, 27427c478bd9Sstevel@tonic-gate krb5_deltat start_time, 27437c478bd9Sstevel@tonic-gate char *in_tkt_service, 2744505d05c7Sgtb krb5_get_init_creds_opt *k5_gic_options); 27457c478bd9Sstevel@tonic-gate 27467c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 27477c478bd9Sstevel@tonic-gate krb5_get_init_creds_keytab 2748505d05c7Sgtb (krb5_context context, 27497c478bd9Sstevel@tonic-gate krb5_creds *creds, 27507c478bd9Sstevel@tonic-gate krb5_principal client, 27517c478bd9Sstevel@tonic-gate krb5_keytab arg_keytab, 27527c478bd9Sstevel@tonic-gate krb5_deltat start_time, 27537c478bd9Sstevel@tonic-gate char *in_tkt_service, 2754505d05c7Sgtb krb5_get_init_creds_opt *k5_gic_options); 27557c478bd9Sstevel@tonic-gate 27567c478bd9Sstevel@tonic-gate typedef struct _krb5_verify_init_creds_opt { 27577c478bd9Sstevel@tonic-gate krb5_flags flags; 27587c478bd9Sstevel@tonic-gate int ap_req_nofail; 27597c478bd9Sstevel@tonic-gate } krb5_verify_init_creds_opt; 27607c478bd9Sstevel@tonic-gate 2761505d05c7Sgtb #define KRB5_VERIFY_INIT_CREDS_OPT_AP_REQ_NOFAIL 0x0001 27627c478bd9Sstevel@tonic-gate 27637c478bd9Sstevel@tonic-gate void KRB5_CALLCONV 27647c478bd9Sstevel@tonic-gate krb5_verify_init_creds_opt_init 2765505d05c7Sgtb (krb5_verify_init_creds_opt *k5_vic_options); 27667c478bd9Sstevel@tonic-gate void KRB5_CALLCONV 27677c478bd9Sstevel@tonic-gate krb5_verify_init_creds_opt_set_ap_req_nofail 2768505d05c7Sgtb (krb5_verify_init_creds_opt *k5_vic_options, 2769505d05c7Sgtb int ap_req_nofail); 27707c478bd9Sstevel@tonic-gate 27717c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 27727c478bd9Sstevel@tonic-gate krb5_verify_init_creds 2773505d05c7Sgtb (krb5_context context, 27747c478bd9Sstevel@tonic-gate krb5_creds *creds, 27757c478bd9Sstevel@tonic-gate krb5_principal ap_req_server, 27767c478bd9Sstevel@tonic-gate krb5_keytab ap_req_keytab, 27777c478bd9Sstevel@tonic-gate krb5_ccache *ccache, 2778505d05c7Sgtb krb5_verify_init_creds_opt *k5_vic_options); 27797c478bd9Sstevel@tonic-gate 27807c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 27817c478bd9Sstevel@tonic-gate krb5_get_validated_creds 2782505d05c7Sgtb (krb5_context context, 27837c478bd9Sstevel@tonic-gate krb5_creds *creds, 27847c478bd9Sstevel@tonic-gate krb5_principal client, 27857c478bd9Sstevel@tonic-gate krb5_ccache ccache, 2786505d05c7Sgtb char *in_tkt_service); 27877c478bd9Sstevel@tonic-gate 27887c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 27897c478bd9Sstevel@tonic-gate krb5_get_renewed_creds 2790505d05c7Sgtb (krb5_context context, 27917c478bd9Sstevel@tonic-gate krb5_creds *creds, 27927c478bd9Sstevel@tonic-gate krb5_principal client, 27937c478bd9Sstevel@tonic-gate krb5_ccache ccache, 2794505d05c7Sgtb char *in_tkt_service); 27957c478bd9Sstevel@tonic-gate 27967c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 27977c478bd9Sstevel@tonic-gate krb5_decode_ticket 2798505d05c7Sgtb (const krb5_data *code, 2799505d05c7Sgtb krb5_ticket **rep); 28007c478bd9Sstevel@tonic-gate 28017c478bd9Sstevel@tonic-gate void KRB5_CALLCONV 28027c478bd9Sstevel@tonic-gate krb5_appdefault_string 2803505d05c7Sgtb (krb5_context context, 2804505d05c7Sgtb const char *appname, 2805505d05c7Sgtb const krb5_data *realm, 2806505d05c7Sgtb const char *option, 28077c478bd9Sstevel@tonic-gate const char *default_value, 2808505d05c7Sgtb char ** ret_value); 28097c478bd9Sstevel@tonic-gate 28107c478bd9Sstevel@tonic-gate void KRB5_CALLCONV 28117c478bd9Sstevel@tonic-gate krb5_appdefault_boolean 2812505d05c7Sgtb (krb5_context context, 2813505d05c7Sgtb const char *appname, 2814505d05c7Sgtb const krb5_data *realm, 2815505d05c7Sgtb const char *option, 28167c478bd9Sstevel@tonic-gate int default_value, 2817505d05c7Sgtb int *ret_value); 28187c478bd9Sstevel@tonic-gate 2819505d05c7Sgtb #if KRB5_PRIVATE 28207c478bd9Sstevel@tonic-gate /* 28217c478bd9Sstevel@tonic-gate * The realm iterator functions 28227c478bd9Sstevel@tonic-gate */ 28237c478bd9Sstevel@tonic-gate 28247c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_realm_iterator_create 2825505d05c7Sgtb (krb5_context context, void **iter_p); 28267c478bd9Sstevel@tonic-gate 28277c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV krb5_realm_iterator 2828505d05c7Sgtb (krb5_context context, void **iter_p, char **ret_realm); 28297c478bd9Sstevel@tonic-gate 28307c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_realm_iterator_free 2831505d05c7Sgtb (krb5_context context, void **iter_p); 28327c478bd9Sstevel@tonic-gate 28337c478bd9Sstevel@tonic-gate void KRB5_CALLCONV krb5_free_realm_string 2834505d05c7Sgtb (krb5_context context, char *str); 2835505d05c7Sgtb #endif 2836505d05c7Sgtb 2837505d05c7Sgtb /* 2838505d05c7Sgtb * The realm iterator functions 2839505d05c7Sgtb */ 2840505d05c7Sgtb 2841505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_realm_iterator_create 2842505d05c7Sgtb (krb5_context context, void **iter_p); 2843505d05c7Sgtb 2844505d05c7Sgtb krb5_error_code KRB5_CALLCONV krb5_realm_iterator 2845505d05c7Sgtb (krb5_context context, void **iter_p, char **ret_realm); 2846505d05c7Sgtb 2847505d05c7Sgtb void KRB5_CALLCONV krb5_realm_iterator_free 2848505d05c7Sgtb (krb5_context context, void **iter_p); 2849505d05c7Sgtb 2850505d05c7Sgtb void KRB5_CALLCONV krb5_free_realm_string 2851505d05c7Sgtb (krb5_context context, char *str); 28527c478bd9Sstevel@tonic-gate 28537c478bd9Sstevel@tonic-gate /* 28547c478bd9Sstevel@tonic-gate * Prompter enhancements 28557c478bd9Sstevel@tonic-gate */ 28567c478bd9Sstevel@tonic-gate 2857159d09a2SMark Phalan #define KRB5_PROMPT_TYPE_PASSWORD 0x1 2858159d09a2SMark Phalan #define KRB5_PROMPT_TYPE_NEW_PASSWORD 0x2 2859159d09a2SMark Phalan #define KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN 0x3 2860159d09a2SMark Phalan #define KRB5_PROMPT_TYPE_PREAUTH 0x4 28617c478bd9Sstevel@tonic-gate 28627c478bd9Sstevel@tonic-gate typedef krb5_int32 krb5_prompt_type; 28637c478bd9Sstevel@tonic-gate 28647c478bd9Sstevel@tonic-gate krb5_prompt_type* KRB5_CALLCONV krb5_get_prompt_types 28657c478bd9Sstevel@tonic-gate (krb5_context context); 28667c478bd9Sstevel@tonic-gate 286754925bf6Swillf /* Error reporting */ 286854925bf6Swillf void KRB5_CALLCONV_C 286954925bf6Swillf krb5_set_error_message (krb5_context, krb5_error_code, const char *, ...); 287054925bf6Swillf #ifdef va_start 287154925bf6Swillf void KRB5_CALLCONV 287254925bf6Swillf krb5_vset_error_message (krb5_context, krb5_error_code, const char *, va_list); 287354925bf6Swillf #endif 287454925bf6Swillf /* 287554925bf6Swillf * The behavior of krb5_get_error_message is only defined the first 287654925bf6Swillf * time it is called after a failed call to a krb5 function using the 287754925bf6Swillf * same context, and only when the error code passed in is the same as 287854925bf6Swillf * that returned by the krb5 function. Future versions may return the 287954925bf6Swillf * same string for the second and following calls. 288054925bf6Swillf * 288154925bf6Swillf * The string returned by this function must be freed using 288254925bf6Swillf * krb5_free_error_message. 288354925bf6Swillf */ 288454925bf6Swillf const char * KRB5_CALLCONV 288554925bf6Swillf krb5_get_error_message (krb5_context, krb5_error_code); 288654925bf6Swillf void KRB5_CALLCONV 288754925bf6Swillf krb5_free_error_message (krb5_context, const char *); 288854925bf6Swillf void KRB5_CALLCONV 288954925bf6Swillf krb5_clear_error_message (krb5_context); 289054925bf6Swillf 2891*ba7b222eSGlenn Barry krb5_error_code KRB5_CALLCONV 2892*ba7b222eSGlenn Barry krb5_decode_authdata_container(krb5_context context, 2893*ba7b222eSGlenn Barry krb5_authdatatype type, 2894*ba7b222eSGlenn Barry const krb5_authdata *container, 2895*ba7b222eSGlenn Barry krb5_authdata ***authdata); 2896*ba7b222eSGlenn Barry krb5_error_code KRB5_CALLCONV 2897*ba7b222eSGlenn Barry krb5_encode_authdata_container(krb5_context context, 2898*ba7b222eSGlenn Barry krb5_authdatatype type, 2899*ba7b222eSGlenn Barry krb5_authdata * const*authdata, 2900*ba7b222eSGlenn Barry krb5_authdata ***container); 2901*ba7b222eSGlenn Barry 2902*ba7b222eSGlenn Barry /* 2903*ba7b222eSGlenn Barry * Windows PAC 2904*ba7b222eSGlenn Barry */ 2905*ba7b222eSGlenn Barry struct krb5_pac_data; 2906*ba7b222eSGlenn Barry typedef struct krb5_pac_data *krb5_pac; 2907*ba7b222eSGlenn Barry 2908*ba7b222eSGlenn Barry krb5_error_code KRB5_CALLCONV 2909*ba7b222eSGlenn Barry krb5_pac_add_buffer 2910*ba7b222eSGlenn Barry (krb5_context context, 2911*ba7b222eSGlenn Barry krb5_pac pac, 2912*ba7b222eSGlenn Barry krb5_ui_4 type, 2913*ba7b222eSGlenn Barry const krb5_data *data); 2914*ba7b222eSGlenn Barry 2915*ba7b222eSGlenn Barry void KRB5_CALLCONV 2916*ba7b222eSGlenn Barry krb5_pac_free 2917*ba7b222eSGlenn Barry (krb5_context context, 2918*ba7b222eSGlenn Barry krb5_pac pac); 2919*ba7b222eSGlenn Barry 2920*ba7b222eSGlenn Barry krb5_error_code KRB5_CALLCONV 2921*ba7b222eSGlenn Barry krb5_pac_get_buffer 2922*ba7b222eSGlenn Barry (krb5_context context, 2923*ba7b222eSGlenn Barry krb5_pac pac, 2924*ba7b222eSGlenn Barry krb5_ui_4 type, 2925*ba7b222eSGlenn Barry krb5_data *data); 2926*ba7b222eSGlenn Barry 2927*ba7b222eSGlenn Barry krb5_error_code KRB5_CALLCONV 2928*ba7b222eSGlenn Barry krb5_pac_get_types 2929*ba7b222eSGlenn Barry (krb5_context context, 2930*ba7b222eSGlenn Barry krb5_pac pac, 2931*ba7b222eSGlenn Barry size_t *len, 2932*ba7b222eSGlenn Barry krb5_ui_4 **types); 2933*ba7b222eSGlenn Barry 2934*ba7b222eSGlenn Barry krb5_error_code KRB5_CALLCONV 2935*ba7b222eSGlenn Barry krb5_pac_init 2936*ba7b222eSGlenn Barry (krb5_context context, 2937*ba7b222eSGlenn Barry krb5_pac *pac); 2938*ba7b222eSGlenn Barry 2939*ba7b222eSGlenn Barry krb5_error_code KRB5_CALLCONV 2940*ba7b222eSGlenn Barry krb5_pac_parse 2941*ba7b222eSGlenn Barry (krb5_context context, 2942*ba7b222eSGlenn Barry const void *ptr, 2943*ba7b222eSGlenn Barry size_t len, 2944*ba7b222eSGlenn Barry krb5_pac *pac); 2945*ba7b222eSGlenn Barry 2946*ba7b222eSGlenn Barry krb5_error_code KRB5_CALLCONV 2947*ba7b222eSGlenn Barry krb5_pac_verify 2948*ba7b222eSGlenn Barry (krb5_context context, 2949*ba7b222eSGlenn Barry const krb5_pac pac, 2950*ba7b222eSGlenn Barry krb5_timestamp authtime, 2951*ba7b222eSGlenn Barry krb5_const_principal principal, 2952*ba7b222eSGlenn Barry const krb5_keyblock *server, 2953*ba7b222eSGlenn Barry const krb5_keyblock *privsvr); 2954*ba7b222eSGlenn Barry 2955159d09a2SMark Phalan 2956159d09a2SMark Phalan #if TARGET_OS_MAC 2957159d09a2SMark Phalan # pragma pack(pop) 2958159d09a2SMark Phalan #endif 2959159d09a2SMark Phalan 2960159d09a2SMark Phalan KRB5INT_END_DECLS 2961505d05c7Sgtb 2962505d05c7Sgtb /* Don't use this! We're going to phase it out. It's just here to keep 2963505d05c7Sgtb applications from breaking right away. */ 2964505d05c7Sgtb #define krb5_const const 2965505d05c7Sgtb 29667c478bd9Sstevel@tonic-gate #endif /* KRB5_GENERAL__ */ 29677c478bd9Sstevel@tonic-gate 2968eb42280bSWill Fiveash /* 2969eb42280bSWill Fiveash * Solaris Kerberos: the following differs from the MIT krb5.hin as that file is 2970eb42280bSWill Fiveash * processed to produce their krb5.h. We do not process a krb5.hin so our 2971eb42280bSWill Fiveash * krb5.h is manually edited. 2972eb42280bSWill Fiveash */ 29737c478bd9Sstevel@tonic-gate 29747c478bd9Sstevel@tonic-gate /* 29757c478bd9Sstevel@tonic-gate * krb5_err.h: 29767c478bd9Sstevel@tonic-gate * This file is automatically generated; please do not edit it. 29777c478bd9Sstevel@tonic-gate */ 29787c478bd9Sstevel@tonic-gate 29797c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_NONE (-1765328384L) 29807c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_NAME_EXP (-1765328383L) 29817c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_SERVICE_EXP (-1765328382L) 29827c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_BAD_PVNO (-1765328381L) 29837c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_C_OLD_MAST_KVNO (-1765328380L) 29847c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_S_OLD_MAST_KVNO (-1765328379L) 29857c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN (-1765328378L) 29867c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN (-1765328377L) 29877c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE (-1765328376L) 29887c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_NULL_KEY (-1765328375L) 29897c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_CANNOT_POSTDATE (-1765328374L) 29907c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_NEVER_VALID (-1765328373L) 29917c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_POLICY (-1765328372L) 29927c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_BADOPTION (-1765328371L) 29937c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_ETYPE_NOSUPP (-1765328370L) 29947c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_SUMTYPE_NOSUPP (-1765328369L) 29957c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_PADATA_TYPE_NOSUPP (-1765328368L) 29967c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_TRTYPE_NOSUPP (-1765328367L) 29977c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_CLIENT_REVOKED (-1765328366L) 29987c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_SERVICE_REVOKED (-1765328365L) 29997c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_TGT_REVOKED (-1765328364L) 30007c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_CLIENT_NOTYET (-1765328363L) 30017c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_SERVICE_NOTYET (-1765328362L) 30027c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_KEY_EXP (-1765328361L) 30037c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_PREAUTH_FAILED (-1765328360L) 30047c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_PREAUTH_REQUIRED (-1765328359L) 30057c478bd9Sstevel@tonic-gate #define KRB5KDC_ERR_SERVER_NOMATCH (-1765328358L) 30067c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_27 (-1765328357L) 30077c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_28 (-1765328356L) 3008159d09a2SMark Phalan #define KRB5KDC_ERR_SVC_UNAVAILABLE (-1765328355L) 30097c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_30 (-1765328354L) 30107c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_BAD_INTEGRITY (-1765328353L) 30117c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_TKT_EXPIRED (-1765328352L) 30127c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_TKT_NYV (-1765328351L) 30137c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_REPEAT (-1765328350L) 30147c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_NOT_US (-1765328349L) 30157c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_BADMATCH (-1765328348L) 30167c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_SKEW (-1765328347L) 30177c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_BADADDR (-1765328346L) 30187c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_BADVERSION (-1765328345L) 30197c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_MSG_TYPE (-1765328344L) 30207c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_MODIFIED (-1765328343L) 30217c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_BADORDER (-1765328342L) 30227c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_ILL_CR_TKT (-1765328341L) 30237c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_BADKEYVER (-1765328340L) 30247c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_NOKEY (-1765328339L) 30257c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_MUT_FAIL (-1765328338L) 30267c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_BADDIRECTION (-1765328337L) 30277c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_METHOD (-1765328336L) 30287c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_BADSEQ (-1765328335L) 30297c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_INAPP_CKSUM (-1765328334L) 3030159d09a2SMark Phalan #define KRB5KRB_AP_PATH_NOT_ACCEPTED (-1765328333L) 3031159d09a2SMark Phalan #define KRB5KRB_ERR_RESPONSE_TOO_BIG (-1765328332L) 30327c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_53 (-1765328331L) 30337c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_54 (-1765328330L) 30347c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_55 (-1765328329L) 30357c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_56 (-1765328328L) 30367c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_57 (-1765328327L) 30377c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_58 (-1765328326L) 30387c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_59 (-1765328325L) 30397c478bd9Sstevel@tonic-gate #define KRB5KRB_ERR_GENERIC (-1765328324L) 30407c478bd9Sstevel@tonic-gate #define KRB5KRB_ERR_FIELD_TOOLONG (-1765328323L) 3041159d09a2SMark Phalan #define KRB5KDC_ERR_CLIENT_NOT_TRUSTED (-1765328322L) 3042159d09a2SMark Phalan #define KRB5KDC_ERR_KDC_NOT_TRUSTED (-1765328321L) 3043159d09a2SMark Phalan #define KRB5KDC_ERR_INVALID_SIG (-1765328320L) 3044159d09a2SMark Phalan #define KRB5KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED (-1765328319L) 3045159d09a2SMark Phalan #define KRB5KDC_ERR_CERTIFICATE_MISMATCH (-1765328318L) 30467c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_67 (-1765328317L) 30477c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_68 (-1765328316L) 30487c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_69 (-1765328315L) 3049159d09a2SMark Phalan #define KRB5KDC_ERR_CANT_VERIFY_CERTIFICATE (-1765328314L) 3050159d09a2SMark Phalan #define KRB5KDC_ERR_INVALID_CERTIFICATE (-1765328313L) 3051159d09a2SMark Phalan #define KRB5KDC_ERR_REVOKED_CERTIFICATE (-1765328312L) 3052159d09a2SMark Phalan #define KRB5KDC_ERR_REVOCATION_STATUS_UNKNOWN (-1765328311L) 3053159d09a2SMark Phalan #define KRB5KDC_ERR_REVOCATION_STATUS_UNAVAILABLE (-1765328310L) 3054159d09a2SMark Phalan #define KRB5KDC_ERR_CLIENT_NAME_MISMATCH (-1765328309L) 3055159d09a2SMark Phalan #define KRB5KDC_ERR_KDC_NAME_MISMATCH (-1765328308L) 3056159d09a2SMark Phalan #define KRB5KDC_ERR_INCONSISTENT_KEY_PURPOSE (-1765328307L) 3057159d09a2SMark Phalan #define KRB5KDC_ERR_DIGEST_IN_CERT_NOT_ACCEPTED (-1765328306L) 3058159d09a2SMark Phalan #define KRB5KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED (-1765328305L) 3059159d09a2SMark Phalan #define KRB5KDC_ERR_DIGEST_IN_SIGNED_DATA_NOT_ACCEPTED (-1765328304L) 3060159d09a2SMark Phalan #define KRB5KDC_ERR_PUBLIC_KEY_ENCRYPTION_NOT_SUPPORTED (-1765328303L) 30617c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_82 (-1765328302L) 30627c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_83 (-1765328301L) 30637c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_84 (-1765328300L) 30647c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_85 (-1765328299L) 30657c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_86 (-1765328298L) 30667c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_87 (-1765328297L) 30677c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_88 (-1765328296L) 30687c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_89 (-1765328295L) 30697c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_90 (-1765328294L) 30707c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_91 (-1765328293L) 30717c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_92 (-1765328292L) 30727c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_93 (-1765328291L) 30737c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_94 (-1765328290L) 30747c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_95 (-1765328289L) 30757c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_96 (-1765328288L) 30767c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_97 (-1765328287L) 30777c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_98 (-1765328286L) 30787c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_99 (-1765328285L) 30797c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_100 (-1765328284L) 30807c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_101 (-1765328283L) 30817c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_102 (-1765328282L) 30827c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_103 (-1765328281L) 30837c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_104 (-1765328280L) 30847c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_105 (-1765328279L) 30857c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_106 (-1765328278L) 30867c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_107 (-1765328277L) 30877c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_108 (-1765328276L) 30887c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_109 (-1765328275L) 30897c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_110 (-1765328274L) 30907c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_111 (-1765328273L) 30917c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_112 (-1765328272L) 30927c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_113 (-1765328271L) 30937c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_114 (-1765328270L) 30947c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_115 (-1765328269L) 30957c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_116 (-1765328268L) 30967c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_117 (-1765328267L) 30977c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_118 (-1765328266L) 30987c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_119 (-1765328265L) 30997c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_120 (-1765328264L) 31007c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_121 (-1765328263L) 31017c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_122 (-1765328262L) 31027c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_123 (-1765328261L) 31037c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_124 (-1765328260L) 31047c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_125 (-1765328259L) 31057c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_126 (-1765328258L) 31067c478bd9Sstevel@tonic-gate #define KRB5PLACEHOLD_127 (-1765328257L) 31077c478bd9Sstevel@tonic-gate #define KRB5_ERR_RCSID (-1765328256L) 31087c478bd9Sstevel@tonic-gate #define KRB5_LIBOS_BADLOCKFLAG (-1765328255L) 31097c478bd9Sstevel@tonic-gate #define KRB5_LIBOS_CANTREADPWD (-1765328254L) 31107c478bd9Sstevel@tonic-gate #define KRB5_LIBOS_BADPWDMATCH (-1765328253L) 31117c478bd9Sstevel@tonic-gate #define KRB5_LIBOS_PWDINTR (-1765328252L) 31127c478bd9Sstevel@tonic-gate #define KRB5_PARSE_ILLCHAR (-1765328251L) 31137c478bd9Sstevel@tonic-gate #define KRB5_PARSE_MALFORMED (-1765328250L) 31147c478bd9Sstevel@tonic-gate #define KRB5_CONFIG_CANTOPEN (-1765328249L) 31157c478bd9Sstevel@tonic-gate #define KRB5_CONFIG_BADFORMAT (-1765328248L) 31167c478bd9Sstevel@tonic-gate #define KRB5_CONFIG_NOTENUFSPACE (-1765328247L) 31177c478bd9Sstevel@tonic-gate #define KRB5_BADMSGTYPE (-1765328246L) 31187c478bd9Sstevel@tonic-gate #define KRB5_CC_BADNAME (-1765328245L) 31197c478bd9Sstevel@tonic-gate #define KRB5_CC_UNKNOWN_TYPE (-1765328244L) 31207c478bd9Sstevel@tonic-gate #define KRB5_CC_NOTFOUND (-1765328243L) 31217c478bd9Sstevel@tonic-gate #define KRB5_CC_END (-1765328242L) 31227c478bd9Sstevel@tonic-gate #define KRB5_NO_TKT_SUPPLIED (-1765328241L) 31237c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_WRONG_PRINC (-1765328240L) 31247c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_TKT_INVALID (-1765328239L) 31257c478bd9Sstevel@tonic-gate #define KRB5_PRINC_NOMATCH (-1765328238L) 31267c478bd9Sstevel@tonic-gate #define KRB5_KDCREP_MODIFIED (-1765328237L) 31277c478bd9Sstevel@tonic-gate #define KRB5_KDCREP_SKEW (-1765328236L) 31287c478bd9Sstevel@tonic-gate #define KRB5_IN_TKT_REALM_MISMATCH (-1765328235L) 31297c478bd9Sstevel@tonic-gate #define KRB5_PROG_ETYPE_NOSUPP (-1765328234L) 31307c478bd9Sstevel@tonic-gate #define KRB5_PROG_KEYTYPE_NOSUPP (-1765328233L) 31317c478bd9Sstevel@tonic-gate #define KRB5_WRONG_ETYPE (-1765328232L) 31327c478bd9Sstevel@tonic-gate #define KRB5_PROG_SUMTYPE_NOSUPP (-1765328231L) 31337c478bd9Sstevel@tonic-gate #define KRB5_REALM_UNKNOWN (-1765328230L) 31347c478bd9Sstevel@tonic-gate #define KRB5_SERVICE_UNKNOWN (-1765328229L) 31357c478bd9Sstevel@tonic-gate #define KRB5_KDC_UNREACH (-1765328228L) 31367c478bd9Sstevel@tonic-gate #define KRB5_NO_LOCALNAME (-1765328227L) 31377c478bd9Sstevel@tonic-gate #define KRB5_MUTUAL_FAILED (-1765328226L) 31387c478bd9Sstevel@tonic-gate #define KRB5_RC_TYPE_EXISTS (-1765328225L) 31397c478bd9Sstevel@tonic-gate #define KRB5_RC_MALLOC (-1765328224L) 31407c478bd9Sstevel@tonic-gate #define KRB5_RC_TYPE_NOTFOUND (-1765328223L) 31417c478bd9Sstevel@tonic-gate #define KRB5_RC_UNKNOWN (-1765328222L) 31427c478bd9Sstevel@tonic-gate #define KRB5_RC_REPLAY (-1765328221L) 31437c478bd9Sstevel@tonic-gate #define KRB5_RC_IO (-1765328220L) 31447c478bd9Sstevel@tonic-gate #define KRB5_RC_NOIO (-1765328219L) 31457c478bd9Sstevel@tonic-gate #define KRB5_RC_PARSE (-1765328218L) 31467c478bd9Sstevel@tonic-gate #define KRB5_RC_IO_EOF (-1765328217L) 31477c478bd9Sstevel@tonic-gate #define KRB5_RC_IO_MALLOC (-1765328216L) 31487c478bd9Sstevel@tonic-gate #define KRB5_RC_IO_PERM (-1765328215L) 31497c478bd9Sstevel@tonic-gate #define KRB5_RC_IO_IO (-1765328214L) 31507c478bd9Sstevel@tonic-gate #define KRB5_RC_IO_UNKNOWN (-1765328213L) 31517c478bd9Sstevel@tonic-gate #define KRB5_RC_IO_SPACE (-1765328212L) 31527c478bd9Sstevel@tonic-gate #define KRB5_TRANS_CANTOPEN (-1765328211L) 31537c478bd9Sstevel@tonic-gate #define KRB5_TRANS_BADFORMAT (-1765328210L) 31547c478bd9Sstevel@tonic-gate #define KRB5_LNAME_CANTOPEN (-1765328209L) 31557c478bd9Sstevel@tonic-gate #define KRB5_LNAME_NOTRANS (-1765328208L) 31567c478bd9Sstevel@tonic-gate #define KRB5_LNAME_BADFORMAT (-1765328207L) 31577c478bd9Sstevel@tonic-gate #define KRB5_CRYPTO_INTERNAL (-1765328206L) 31587c478bd9Sstevel@tonic-gate #define KRB5_KT_BADNAME (-1765328205L) 31597c478bd9Sstevel@tonic-gate #define KRB5_KT_UNKNOWN_TYPE (-1765328204L) 31607c478bd9Sstevel@tonic-gate #define KRB5_KT_NOTFOUND (-1765328203L) 31617c478bd9Sstevel@tonic-gate #define KRB5_KT_END (-1765328202L) 31627c478bd9Sstevel@tonic-gate #define KRB5_KT_NOWRITE (-1765328201L) 31637c478bd9Sstevel@tonic-gate #define KRB5_KT_IOERR (-1765328200L) 31647c478bd9Sstevel@tonic-gate #define KRB5_NO_TKT_IN_RLM (-1765328199L) 31657c478bd9Sstevel@tonic-gate #define KRB5DES_BAD_KEYPAR (-1765328198L) 31667c478bd9Sstevel@tonic-gate #define KRB5DES_WEAK_KEY (-1765328197L) 31677c478bd9Sstevel@tonic-gate #define KRB5_BAD_ENCTYPE (-1765328196L) 31687c478bd9Sstevel@tonic-gate #define KRB5_BAD_KEYSIZE (-1765328195L) 31697c478bd9Sstevel@tonic-gate #define KRB5_BAD_MSIZE (-1765328194L) 31707c478bd9Sstevel@tonic-gate #define KRB5_CC_TYPE_EXISTS (-1765328193L) 31717c478bd9Sstevel@tonic-gate #define KRB5_KT_TYPE_EXISTS (-1765328192L) 31727c478bd9Sstevel@tonic-gate #define KRB5_CC_IO (-1765328191L) 31737c478bd9Sstevel@tonic-gate #define KRB5_FCC_PERM (-1765328190L) 31747c478bd9Sstevel@tonic-gate #define KRB5_FCC_NOFILE (-1765328189L) 31757c478bd9Sstevel@tonic-gate #define KRB5_FCC_INTERNAL (-1765328188L) 31767c478bd9Sstevel@tonic-gate #define KRB5_CC_WRITE (-1765328187L) 31777c478bd9Sstevel@tonic-gate #define KRB5_CC_NOMEM (-1765328186L) 31787c478bd9Sstevel@tonic-gate #define KRB5_CC_FORMAT (-1765328185L) 31797c478bd9Sstevel@tonic-gate #define KRB5_CC_NOT_KTYPE (-1765328184L) 31807c478bd9Sstevel@tonic-gate #define KRB5_INVALID_FLAGS (-1765328183L) 31817c478bd9Sstevel@tonic-gate #define KRB5_NO_2ND_TKT (-1765328182L) 31827c478bd9Sstevel@tonic-gate #define KRB5_NOCREDS_SUPPLIED (-1765328181L) 31837c478bd9Sstevel@tonic-gate #define KRB5_SENDAUTH_BADAUTHVERS (-1765328180L) 31847c478bd9Sstevel@tonic-gate #define KRB5_SENDAUTH_BADAPPLVERS (-1765328179L) 31857c478bd9Sstevel@tonic-gate #define KRB5_SENDAUTH_BADRESPONSE (-1765328178L) 31867c478bd9Sstevel@tonic-gate #define KRB5_SENDAUTH_REJECTED (-1765328177L) 31877c478bd9Sstevel@tonic-gate #define KRB5_PREAUTH_BAD_TYPE (-1765328176L) 31887c478bd9Sstevel@tonic-gate #define KRB5_PREAUTH_NO_KEY (-1765328175L) 31897c478bd9Sstevel@tonic-gate #define KRB5_PREAUTH_FAILED (-1765328174L) 31907c478bd9Sstevel@tonic-gate #define KRB5_RCACHE_BADVNO (-1765328173L) 31917c478bd9Sstevel@tonic-gate #define KRB5_CCACHE_BADVNO (-1765328172L) 31927c478bd9Sstevel@tonic-gate #define KRB5_KEYTAB_BADVNO (-1765328171L) 31937c478bd9Sstevel@tonic-gate #define KRB5_PROG_ATYPE_NOSUPP (-1765328170L) 31947c478bd9Sstevel@tonic-gate #define KRB5_RC_REQUIRED (-1765328169L) 31957c478bd9Sstevel@tonic-gate #define KRB5_ERR_BAD_HOSTNAME (-1765328168L) 31967c478bd9Sstevel@tonic-gate #define KRB5_ERR_HOST_REALM_UNKNOWN (-1765328167L) 31977c478bd9Sstevel@tonic-gate #define KRB5_SNAME_UNSUPP_NAMETYPE (-1765328166L) 31987c478bd9Sstevel@tonic-gate #define KRB5KRB_AP_ERR_V4_REPLY (-1765328165L) 31997c478bd9Sstevel@tonic-gate #define KRB5_REALM_CANT_RESOLVE (-1765328164L) 32007c478bd9Sstevel@tonic-gate #define KRB5_TKT_NOT_FORWARDABLE (-1765328163L) 32017c478bd9Sstevel@tonic-gate #define KRB5_FWD_BAD_PRINCIPAL (-1765328162L) 32027c478bd9Sstevel@tonic-gate #define KRB5_GET_IN_TKT_LOOP (-1765328161L) 32037c478bd9Sstevel@tonic-gate #define KRB5_CONFIG_NODEFREALM (-1765328160L) 32047c478bd9Sstevel@tonic-gate #define KRB5_SAM_UNSUPPORTED (-1765328159L) 3205159d09a2SMark Phalan #define KRB5_SAM_INVALID_ETYPE (-1765328158L) 3206159d09a2SMark Phalan #define KRB5_SAM_NO_CHECKSUM (-1765328157L) 3207159d09a2SMark Phalan #define KRB5_SAM_BAD_CHECKSUM (-1765328156L) 3208159d09a2SMark Phalan #define KRB5_KT_NAME_TOOLONG (-1765328155L) 3209159d09a2SMark Phalan #define KRB5_KT_KVNONOTFOUND (-1765328154L) 3210159d09a2SMark Phalan #define KRB5_APPL_EXPIRED (-1765328153L) 3211159d09a2SMark Phalan #define KRB5_LIB_EXPIRED (-1765328152L) 3212159d09a2SMark Phalan #define KRB5_CHPW_PWDNULL (-1765328151L) 3213159d09a2SMark Phalan #define KRB5_CHPW_FAIL (-1765328150L) 3214159d09a2SMark Phalan #define KRB5_KT_FORMAT (-1765328149L) 3215159d09a2SMark Phalan #define KRB5_NOPERM_ETYPE (-1765328148L) 3216159d09a2SMark Phalan #define KRB5_CONFIG_ETYPE_NOSUPP (-1765328147L) 3217159d09a2SMark Phalan #define KRB5_OBSOLETE_FN (-1765328146L) 3218159d09a2SMark Phalan #define KRB5_EAI_FAIL (-1765328145L) 3219159d09a2SMark Phalan #define KRB5_EAI_NODATA (-1765328144L) 3220159d09a2SMark Phalan #define KRB5_EAI_NONAME (-1765328143L) 3221159d09a2SMark Phalan #define KRB5_EAI_SERVICE (-1765328142L) 3222159d09a2SMark Phalan #define KRB5_ERR_NUMERIC_REALM (-1765328141L) 3223159d09a2SMark Phalan #define KRB5_ERR_BAD_S2K_PARAMS (-1765328140L) 3224159d09a2SMark Phalan #define KRB5_ERR_NO_SERVICE (-1765328139L) 3225159d09a2SMark Phalan #define KRB5_CC_READONLY (-1765328138L) 3226159d09a2SMark Phalan #define KRB5_CC_NOSUPP (-1765328137L) 32277c478bd9Sstevel@tonic-gate 32287c478bd9Sstevel@tonic-gate /* NOTE! error values should not collide */ 32297c478bd9Sstevel@tonic-gate /* XXX Note KRB5_RC_BADNAME and KRB5_CONF_NOT_CONFIGURED are Solaris specific */ 32307c478bd9Sstevel@tonic-gate #define KRB5_RC_BADNAME (-1765328136L) 32317c478bd9Sstevel@tonic-gate #define KRB5_CONF_NOT_CONFIGURED (-1765328135L) 32327c478bd9Sstevel@tonic-gate #ifdef _KERNEL 32337c478bd9Sstevel@tonic-gate /* XXX Note KRB5_KEF_ERROR and PKCS_ERR are Solaris specific */ 32347c478bd9Sstevel@tonic-gate #define KRB5_KEF_ERROR (-1765328134L) 32357c478bd9Sstevel@tonic-gate #else 32367c478bd9Sstevel@tonic-gate #define PKCS_ERR (-1765328134L) 32377c478bd9Sstevel@tonic-gate #endif /* _KERNEL */ 3238505d05c7Sgtb 3239505d05c7Sgtb #define KRB5_DELTAT_BADFORMAT (-1765328133L) 324054925bf6Swillf #define KRB5_PLUGIN_NO_HANDLE (-1765328132L) 324154925bf6Swillf #define KRB5_PLUGIN_OP_NOTSUPP (-1765328131L) 3242505d05c7Sgtb 3243*ba7b222eSGlenn Barry /* SUNW17PACresync */ 3244*ba7b222eSGlenn Barry #define KRB5_ERR_INVALID_UTF8 (-1765328130L) 3245*ba7b222eSGlenn Barry #define KRB5_ERR_FAST_REQUIRED (-1765328129L) 3246*ba7b222eSGlenn Barry #define KRB5_LOCAL_ADDR_REQUIRED (-1765328128L) 3247*ba7b222eSGlenn Barry #define KRB5_REMOTE_ADDR_REQUIRED (-1765328127L) 3248*ba7b222eSGlenn Barry 3249*ba7b222eSGlenn Barry 32507c478bd9Sstevel@tonic-gate #define ERROR_TABLE_BASE_krb5 (-1765328384L) 32517c478bd9Sstevel@tonic-gate 32527c478bd9Sstevel@tonic-gate /* for compatibility with older versions... */ 32537c478bd9Sstevel@tonic-gate #define krb5_err_base ERROR_TABLE_BASE_krb5 32547c478bd9Sstevel@tonic-gate /* 32557c478bd9Sstevel@tonic-gate * kdb5_err.h: 32567c478bd9Sstevel@tonic-gate * This file is automatically generated; please do not edit it. 32577c478bd9Sstevel@tonic-gate */ 32587c478bd9Sstevel@tonic-gate #define KRB5_KDB_RCSID (-1780008448L) 32597c478bd9Sstevel@tonic-gate #define KRB5_KDB_INUSE (-1780008447L) 32607c478bd9Sstevel@tonic-gate #define KRB5_KDB_UK_SERROR (-1780008446L) 32617c478bd9Sstevel@tonic-gate #define KRB5_KDB_UK_RERROR (-1780008445L) 32627c478bd9Sstevel@tonic-gate #define KRB5_KDB_UNAUTH (-1780008444L) 32637c478bd9Sstevel@tonic-gate #define KRB5_KDB_NOENTRY (-1780008443L) 32647c478bd9Sstevel@tonic-gate #define KRB5_KDB_ILL_WILDCARD (-1780008442L) 32657c478bd9Sstevel@tonic-gate #define KRB5_KDB_DB_INUSE (-1780008441L) 32667c478bd9Sstevel@tonic-gate #define KRB5_KDB_DB_CHANGED (-1780008440L) 32677c478bd9Sstevel@tonic-gate #define KRB5_KDB_TRUNCATED_RECORD (-1780008439L) 32687c478bd9Sstevel@tonic-gate #define KRB5_KDB_RECURSIVELOCK (-1780008438L) 32697c478bd9Sstevel@tonic-gate #define KRB5_KDB_NOTLOCKED (-1780008437L) 32707c478bd9Sstevel@tonic-gate #define KRB5_KDB_BADLOCKMODE (-1780008436L) 32717c478bd9Sstevel@tonic-gate #define KRB5_KDB_DBNOTINITED (-1780008435L) 32727c478bd9Sstevel@tonic-gate #define KRB5_KDB_DBINITED (-1780008434L) 32737c478bd9Sstevel@tonic-gate #define KRB5_KDB_ILLDIRECTION (-1780008433L) 32747c478bd9Sstevel@tonic-gate #define KRB5_KDB_NOMASTERKEY (-1780008432L) 32757c478bd9Sstevel@tonic-gate #define KRB5_KDB_BADMASTERKEY (-1780008431L) 32767c478bd9Sstevel@tonic-gate #define KRB5_KDB_INVALIDKEYSIZE (-1780008430L) 32777c478bd9Sstevel@tonic-gate #define KRB5_KDB_CANTREAD_STORED (-1780008429L) 32787c478bd9Sstevel@tonic-gate #define KRB5_KDB_BADSTORED_MKEY (-1780008428L) 32797c478bd9Sstevel@tonic-gate #define KRB5_KDB_CANTLOCK_DB (-1780008427L) 32807c478bd9Sstevel@tonic-gate #define KRB5_KDB_DB_CORRUPT (-1780008426L) 32817c478bd9Sstevel@tonic-gate #define KRB5_KDB_BAD_VERSION (-1780008425L) 32827c478bd9Sstevel@tonic-gate #define KRB5_KDB_BAD_SALTTYPE (-1780008424L) 32837c478bd9Sstevel@tonic-gate #define KRB5_KDB_BAD_ENCTYPE (-1780008423L) 32847c478bd9Sstevel@tonic-gate #define KRB5_KDB_BAD_CREATEFLAGS (-1780008422L) 32857c478bd9Sstevel@tonic-gate #define KRB5_KDB_NO_PERMITTED_KEY (-1780008421L) 32867c478bd9Sstevel@tonic-gate #define KRB5_KDB_NO_MATCHING_KEY (-1780008420L) 32877c478bd9Sstevel@tonic-gate /* 32887c478bd9Sstevel@tonic-gate * Incremental propagation error codes 32897c478bd9Sstevel@tonic-gate */ 32907c478bd9Sstevel@tonic-gate #define KRB5_LOG_CONV (-1780008419L) 32917c478bd9Sstevel@tonic-gate #define KRB5_LOG_UNSTABLE (-1780008418L) 32927c478bd9Sstevel@tonic-gate #define KRB5_LOG_CORRUPT (-1780008417L) 32937c478bd9Sstevel@tonic-gate #define KRB5_LOG_ERROR (-1780008416L) 329454925bf6Swillf #define KRB5_KDB_DBTYPE_NOTFOUND (-1780008415L) 329554925bf6Swillf #define KRB5_KDB_DBTYPE_NOSUP (-1780008414L) 329654925bf6Swillf #define KRB5_KDB_DBTYPE_INIT (-1780008413L) 329754925bf6Swillf #define KRB5_KDB_SERVER_INTERNAL_ERR (-1780008412L) 329854925bf6Swillf #define KRB5_KDB_ACCESS_ERROR (-1780008411L) 329954925bf6Swillf #define KRB5_KDB_INTERNAL_ERROR (-1780008410L) 330054925bf6Swillf #define KRB5_KDB_CONSTRAINT_VIOLATION (-1780008409L) 33017c478bd9Sstevel@tonic-gate #define ERROR_TABLE_BASE_kdb5 (-1780008448L) 33027c478bd9Sstevel@tonic-gate 33037c478bd9Sstevel@tonic-gate /* for compatibility with older versions... */ 33047c478bd9Sstevel@tonic-gate #define kdb5_err_base ERROR_TABLE_BASE_kdb5 33057c478bd9Sstevel@tonic-gate /* 33067c478bd9Sstevel@tonic-gate * kv5m_err.h: 33077c478bd9Sstevel@tonic-gate * This file is automatically generated; please do not edit it. 33087c478bd9Sstevel@tonic-gate */ 33097c478bd9Sstevel@tonic-gate #define KV5M_NONE (-1760647424L) 33107c478bd9Sstevel@tonic-gate #define KV5M_PRINCIPAL (-1760647423L) 33117c478bd9Sstevel@tonic-gate #define KV5M_DATA (-1760647422L) 33127c478bd9Sstevel@tonic-gate #define KV5M_KEYBLOCK (-1760647421L) 33137c478bd9Sstevel@tonic-gate #define KV5M_CHECKSUM (-1760647420L) 33147c478bd9Sstevel@tonic-gate #define KV5M_ENCRYPT_BLOCK (-1760647419L) 33157c478bd9Sstevel@tonic-gate #define KV5M_ENC_DATA (-1760647418L) 33167c478bd9Sstevel@tonic-gate #define KV5M_CRYPTOSYSTEM_ENTRY (-1760647417L) 33177c478bd9Sstevel@tonic-gate #define KV5M_CS_TABLE_ENTRY (-1760647416L) 33187c478bd9Sstevel@tonic-gate #define KV5M_CHECKSUM_ENTRY (-1760647415L) 33197c478bd9Sstevel@tonic-gate #define KV5M_AUTHDATA (-1760647414L) 33207c478bd9Sstevel@tonic-gate #define KV5M_TRANSITED (-1760647413L) 33217c478bd9Sstevel@tonic-gate #define KV5M_ENC_TKT_PART (-1760647412L) 33227c478bd9Sstevel@tonic-gate #define KV5M_TICKET (-1760647411L) 33237c478bd9Sstevel@tonic-gate #define KV5M_AUTHENTICATOR (-1760647410L) 33247c478bd9Sstevel@tonic-gate #define KV5M_TKT_AUTHENT (-1760647409L) 33257c478bd9Sstevel@tonic-gate #define KV5M_CREDS (-1760647408L) 33267c478bd9Sstevel@tonic-gate #define KV5M_LAST_REQ_ENTRY (-1760647407L) 33277c478bd9Sstevel@tonic-gate #define KV5M_PA_DATA (-1760647406L) 33287c478bd9Sstevel@tonic-gate #define KV5M_KDC_REQ (-1760647405L) 33297c478bd9Sstevel@tonic-gate #define KV5M_ENC_KDC_REP_PART (-1760647404L) 33307c478bd9Sstevel@tonic-gate #define KV5M_KDC_REP (-1760647403L) 33317c478bd9Sstevel@tonic-gate #define KV5M_ERROR (-1760647402L) 33327c478bd9Sstevel@tonic-gate #define KV5M_AP_REQ (-1760647401L) 33337c478bd9Sstevel@tonic-gate #define KV5M_AP_REP (-1760647400L) 33347c478bd9Sstevel@tonic-gate #define KV5M_AP_REP_ENC_PART (-1760647399L) 33357c478bd9Sstevel@tonic-gate #define KV5M_RESPONSE (-1760647398L) 33367c478bd9Sstevel@tonic-gate #define KV5M_SAFE (-1760647397L) 33377c478bd9Sstevel@tonic-gate #define KV5M_PRIV (-1760647396L) 33387c478bd9Sstevel@tonic-gate #define KV5M_PRIV_ENC_PART (-1760647395L) 33397c478bd9Sstevel@tonic-gate #define KV5M_CRED (-1760647394L) 33407c478bd9Sstevel@tonic-gate #define KV5M_CRED_INFO (-1760647393L) 33417c478bd9Sstevel@tonic-gate #define KV5M_CRED_ENC_PART (-1760647392L) 33427c478bd9Sstevel@tonic-gate #define KV5M_PWD_DATA (-1760647391L) 33437c478bd9Sstevel@tonic-gate #define KV5M_ADDRESS (-1760647390L) 33447c478bd9Sstevel@tonic-gate #define KV5M_KEYTAB_ENTRY (-1760647389L) 33457c478bd9Sstevel@tonic-gate #define KV5M_CONTEXT (-1760647388L) 33467c478bd9Sstevel@tonic-gate #define KV5M_OS_CONTEXT (-1760647387L) 33477c478bd9Sstevel@tonic-gate #define KV5M_ALT_METHOD (-1760647386L) 33487c478bd9Sstevel@tonic-gate #define KV5M_ETYPE_INFO_ENTRY (-1760647385L) 33497c478bd9Sstevel@tonic-gate #define KV5M_DB_CONTEXT (-1760647384L) 33507c478bd9Sstevel@tonic-gate #define KV5M_AUTH_CONTEXT (-1760647383L) 33517c478bd9Sstevel@tonic-gate #define KV5M_KEYTAB (-1760647382L) 33527c478bd9Sstevel@tonic-gate #define KV5M_RCACHE (-1760647381L) 33537c478bd9Sstevel@tonic-gate #define KV5M_CCACHE (-1760647380L) 33547c478bd9Sstevel@tonic-gate #define KV5M_PREAUTH_OPS (-1760647379L) 33557c478bd9Sstevel@tonic-gate #define KV5M_SAM_CHALLENGE (-1760647378L) 33567c478bd9Sstevel@tonic-gate #define KV5M_SAM_KEY (-1760647377L) 33577c478bd9Sstevel@tonic-gate #define KV5M_ENC_SAM_RESPONSE_ENC (-1760647376L) 3358159d09a2SMark Phalan #define KV5M_ENC_SAM_RESPONSE_ENC_2 (-1760647374L) 3359159d09a2SMark Phalan #define KV5M_SAM_RESPONSE (-1760647373L) 3360159d09a2SMark Phalan #define KV5M_SAM_RESPONSE_2 (-1760647372L) 3361159d09a2SMark Phalan #define KV5M_PREDICTED_SAM_RESPONSE (-1760647371L) 3362159d09a2SMark Phalan #define KV5M_PASSWD_PHRASE_ELEMENT (-1760647370L) 3363159d09a2SMark Phalan #define KV5M_GSS_OID (-1760647369L) 3364159d09a2SMark Phalan #define KV5M_GSS_QUEUE (-1760647368L) 33657c478bd9Sstevel@tonic-gate #define ERROR_TABLE_BASE_kv5m (-1760647424L) 33667c478bd9Sstevel@tonic-gate 33677c478bd9Sstevel@tonic-gate /* for compatibility with older versions... */ 33687c478bd9Sstevel@tonic-gate #define kv5m_err_base ERROR_TABLE_BASE_kv5m 33697c478bd9Sstevel@tonic-gate /* 33707c478bd9Sstevel@tonic-gate * asn1_err.h: 33717c478bd9Sstevel@tonic-gate * This file is automatically generated; please do not edit it. 33727c478bd9Sstevel@tonic-gate */ 33737c478bd9Sstevel@tonic-gate #define ASN1_BAD_TIMEFORMAT (1859794432L) 33747c478bd9Sstevel@tonic-gate #define ASN1_MISSING_FIELD (1859794433L) 33757c478bd9Sstevel@tonic-gate #define ASN1_MISPLACED_FIELD (1859794434L) 33767c478bd9Sstevel@tonic-gate #define ASN1_TYPE_MISMATCH (1859794435L) 33777c478bd9Sstevel@tonic-gate #define ASN1_OVERFLOW (1859794436L) 33787c478bd9Sstevel@tonic-gate #define ASN1_OVERRUN (1859794437L) 33797c478bd9Sstevel@tonic-gate #define ASN1_BAD_ID (1859794438L) 33807c478bd9Sstevel@tonic-gate #define ASN1_BAD_LENGTH (1859794439L) 33817c478bd9Sstevel@tonic-gate #define ASN1_BAD_FORMAT (1859794440L) 33827c478bd9Sstevel@tonic-gate #define ASN1_PARSE_ERROR (1859794441L) 33837c478bd9Sstevel@tonic-gate #define ASN1_BAD_GMTIME (1859794442L) 33847c478bd9Sstevel@tonic-gate #define ASN1_MISMATCH_INDEF (1859794443L) 33857c478bd9Sstevel@tonic-gate #define ASN1_MISSING_EOC (1859794444L) 33867c478bd9Sstevel@tonic-gate #define ERROR_TABLE_BASE_asn1 (1859794432L) 33877c478bd9Sstevel@tonic-gate 33887c478bd9Sstevel@tonic-gate /* for compatibility with older versions... */ 33897c478bd9Sstevel@tonic-gate #define asn1_err_base ERROR_TABLE_BASE_asn1 33907c478bd9Sstevel@tonic-gate 33917c478bd9Sstevel@tonic-gate #endif /* _KRB5_H */ 3392