1 /* 2 * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6 /* This is the prologue to krb5.h */ 7 /* Unfortunately some of these defines are compiler dependent */ 8 #ifndef _KRB5_H 9 #define _KRB5_H 10 11 #pragma ident "%Z%%M% %I% %E% SMI" 12 13 #define SIZEOF_INT 4 14 15 #ifdef _LP64 16 #define SIZEOF_LONG 8 17 #else 18 #define SIZEOF_LONG 4 19 #endif 20 21 #define SIZEOF_SHORT 2 22 #define HAVE_STDARG_H 1 23 #define HAVE_SYS_TYPES_H 1 24 /* End of prologue section */ 25 /* 26 * include/krb5.h 27 * 28 * Copyright 1989,1990,1995 by the Massachusetts Institute of Technology. 29 * All Rights Reserved. 30 * 31 * Export of this software from the United States of America may 32 * require a specific license from the United States Government. 33 * It is the responsibility of any person or organization contemplating 34 * export to obtain such a license before exporting. 35 * 36 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 37 * distribute this software and its documentation for any purpose and 38 * without fee is hereby granted, provided that the above copyright 39 * notice appear in all copies and that both that copyright notice and 40 * this permission notice appear in supporting documentation, and that 41 * the name of M.I.T. not be used in advertising or publicity pertaining 42 * to distribution of the software without specific, written prior 43 * permission. Furthermore if you modify this software you must label 44 * your software as modified software and not distribute it in such a 45 * fashion that it might be confused with the original M.I.T. software. 46 * M.I.T. makes no representations about the suitability of 47 * this software for any purpose. It is provided "as is" without express 48 * or implied warranty. 49 * 50 * 51 * General definitions for Kerberos version 5. 52 */ 53 54 /* 55 * Copyright (C) 1998 by the FundsXpress, INC. 56 * 57 * All rights reserved. 58 * 59 * Export of this software from the United States of America may require 60 * a specific license from the United States Government. It is the 61 * responsibility of any person or organization contemplating export to 62 * obtain such a license before exporting. 63 * 64 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 65 * distribute this software and its documentation for any purpose and 66 * without fee is hereby granted, provided that the above copyright 67 * notice appear in all copies and that both that copyright notice and 68 * this permission notice appear in supporting documentation, and that 69 * the name of FundsXpress. not be used in advertising or publicity pertaining 70 * to distribution of the software without specific, written prior 71 * permission. FundsXpress makes no representations about the suitability of 72 * this software for any purpose. It is provided "as is" without express 73 * or implied warranty. 74 * 75 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR 76 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 77 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. 78 */ 79 80 #ifndef KRB5_GENERAL__ 81 #define KRB5_GENERAL__ 82 83 #ifdef _KERNEL 84 #include <sys/systm.h> 85 #include <sys/kmem.h> 86 87 #include <sys/crypto/common.h> 88 #include <sys/crypto/api.h> 89 90 /* 91 * Just to be safe lets make sure the buffers are zero'ed after 92 * malloc() as some code assumes this is the case. To avoid warnings 93 * of duplicated defines let remove the old one if present. 94 */ 95 #ifdef MALLOC 96 #undef MALLOC 97 #endif 98 #define MALLOC(n) kmem_zalloc((n), KM_SLEEP) 99 100 #define FREE(x, n) kmem_free((x), (n)) 101 #define CALLOC(n, s) kmem_zalloc((n)*(s), KM_SLEEP) 102 #define strcpy(dst,src,n) bcopy((src),(dst),(n)) 103 #define mutex_lock(lck) mutex_enter(lck) 104 #define mutex_unlock(lck) mutex_exit(lck) 105 106 #else /* !_KERNEL */ 107 #define MALLOC(n) malloc(n) 108 #define FREE(x, n) free(x) 109 #define CALLOC(n, s) calloc((n), (s)) 110 #include <stdlib.h> 111 #include <thread.h> 112 #include <synch.h> 113 #include <security/cryptoki.h> 114 #endif /* _KERNEL */ 115 116 117 #if (defined(_MSDOS) || defined(_WIN32)) || defined(macintosh) 118 #include <win-mac.h> 119 #endif 120 121 #ifndef KRB5_CONFIG__ 122 #ifndef KRB5_CALLCONV 123 #define KRB5_CALLCONV 124 #define KRB5_CALLCONV_C 125 #define KRB5_DLLIMP 126 #define GSS_DLLIMP 127 #define KRB5_EXPORTVAR 128 #define NEAR 129 #define FAR 130 #endif /* !KRB5_CALLCONV */ 131 #endif /* !KRB5_CONFIG__ */ 132 133 #include <sys/types.h> 134 #include <sys/socket.h> 135 136 #ifndef THREEPARAMOPEN 137 #define THREEPARAMOPEN(x,y,z) open(x,y,z) 138 #endif 139 140 /* 141 * Solaris Kerberos: 142 * KRB5_OLD_CRYPTO is not needed or supported anymore. 143 */ 144 /* #define KRB5_OLD_CRYPTO */ 145 146 /* 147 * begin "error_def.h" 148 */ 149 150 #ifdef _KERNEL 151 #include <sys/errno.h> 152 #else 153 #include <errno.h> 154 #include <profile.h> 155 #endif /* _KERNEL */ 156 157 /* 158 * end "error_def.h" 159 */ 160 161 #ifdef __cplusplus 162 extern "C" { 163 #endif 164 165 /* 166 * begin wordsize.h 167 */ 168 169 /* 170 * Word-size related definition. 171 */ 172 173 typedef unsigned char krb5_octet; 174 typedef unsigned char krb5_ui_1; 175 176 #if (SIZEOF_INT == 2) 177 typedef int krb5_int16; 178 typedef unsigned int krb5_ui_2; 179 #define VALID_INT_BITS 0x7fff 180 #define VALID_UINT_BITS 0xffff 181 #elif (SIZEOF_SHORT == 2) 182 typedef short krb5_int16; 183 typedef unsigned short krb5_ui_2; 184 #else 185 ?==error: undefined 16 bit type 186 #endif 187 188 #if (SIZEOF_INT == 4) 189 typedef int krb5_int32; 190 typedef unsigned int krb5_ui_4; 191 #define VALID_INT_BITS 0x7fffffff 192 #define VALID_UINT_BITS 0xffffffff 193 #elif (SIZEOF_LONG == 4) 194 typedef long krb5_int32; 195 typedef unsigned long krb5_ui_4; 196 #elif (SIZEOF_SHORT == 4) 197 typedef short krb5_int32; 198 typedef unsigned short krb5_ui_4; 199 #else 200 ?== error: undefined 32 bit type 201 #endif 202 203 #define KRB5_INT32_MAX 2147483647 204 /* this strange form is necessary since - is a unary operator, not a sign 205 indicator */ 206 #define KRB5_INT32_MIN (-KRB5_INT32_MAX-1) 207 208 #define KRB5_INT16_MAX 65535 209 /* this strange form is necessary since - is a unary operator, not a sign 210 indicator */ 211 #define KRB5_INT16_MIN (-KRB5_INT16_MAX-1) 212 213 /* 214 * end wordsize.h 215 */ 216 217 /* 218 * begin "base-defs.h" 219 */ 220 221 /* 222 * Basic definitions for Kerberos V5 library 223 */ 224 225 #ifndef FALSE 226 #define FALSE 0 227 #endif 228 #ifndef TRUE 229 #define TRUE 1 230 #endif 231 232 typedef unsigned int krb5_boolean; 233 typedef unsigned int krb5_msgtype; 234 typedef unsigned int krb5_kvno; 235 236 typedef krb5_int32 krb5_addrtype; 237 typedef krb5_int32 krb5_enctype; 238 typedef krb5_int32 krb5_cksumtype; 239 typedef krb5_int32 krb5_authdatatype; 240 typedef krb5_int32 krb5_keyusage; 241 242 typedef krb5_int32 krb5_preauthtype; /* This may change, later on */ 243 typedef krb5_int32 krb5_flags; 244 typedef krb5_int32 krb5_timestamp; 245 typedef krb5_int32 krb5_error_code; 246 typedef krb5_int32 krb5_deltat; 247 248 typedef krb5_error_code krb5_magic; 249 250 typedef struct _krb5_data { 251 krb5_magic magic; 252 unsigned int length; 253 char *data; 254 } krb5_data; 255 256 #define SALT_TYPE_NO_LENGTH (4294967295U) 257 258 /* Define krb5_const as necessary */ 259 260 /* 261 * Hardcoded scrudge to deal with Ultrix; see note on NPROTOTYPE below 262 */ 263 264 #if defined(KRB5_NO_CONST) || (defined(__ultrix) && !defined(__GNUC__)) 265 #define krb5_const 266 #else 267 #define krb5_const const 268 #endif 269 270 #if defined(__STDC__) || defined(__cplusplus) || defined(HAS_VOID_TYPE) 271 typedef void * krb5_pointer; 272 typedef void krb5_const * krb5_const_pointer; 273 #else 274 typedef char * krb5_pointer; 275 typedef char krb5_const * krb5_const_pointer; 276 #endif 277 278 #if (defined(__STDC__) || defined(__cplusplus) || defined(_MSDOS) || defined(_WIN32) || defined(KRB5_PROVIDE_PROTOTYPES)) && !defined(KRB5_NO_PROTOTYPES) 279 #define KRB5_PROTOTYPE(x) x 280 #if defined(__STDC__) || defined(__cplusplus) || defined(HAVE_STDARG_H) || defined(_MSDOS) || defined(_WIN32) 281 #define KRB5_STDARG_P(x) x 282 #else 283 #define KRB5_STDARG_P(x) () 284 #endif /* defined(__STDC__) || defined(__cplusplus) || defined(HAVE_STDARG_H) */ 285 #else 286 #define KRB5_PROTOTYPE(x) () 287 #define KRB5_STDARG_P(x) () 288 #endif /* STDC or PROTOTYPES */ 289 290 /* 291 * This gross compiler dependency is in here because the stock Ultrix 292 * compiler defines __STDC__ but doesn't deal with nested prototypes 293 * properly. The reason this isn't tested for is so that this header 294 * is actually useful when installed. 295 */ 296 #if defined(KRB5_NO_NESTED_PROTOTYPES) || (defined(__ultrix) && !defined(__GNUC__)) 297 #define KRB5_NPROTOTYPE(x) () 298 #else 299 #define KRB5_NPROTOTYPE(x) KRB5_PROTOTYPE(x) 300 #endif 301 302 typedef struct krb5_principal_data { 303 krb5_magic magic; 304 krb5_data realm; 305 krb5_data *data; /* An array of strings */ 306 krb5_int32 length; 307 krb5_int32 type; 308 } krb5_principal_data; 309 310 typedef krb5_principal_data * krb5_principal; 311 312 /* 313 * Per V5 spec on definition of principal types 314 */ 315 316 /* Name type not known */ 317 #define KRB5_NT_UNKNOWN 0 318 /* Just the name of the principal as in DCE, or for users */ 319 #define KRB5_NT_PRINCIPAL 1 320 /* Service and other unique instance (krbtgt) */ 321 #define KRB5_NT_SRV_INST 2 322 /* Service with host name as instance (telnet, rcommands) */ 323 #define KRB5_NT_SRV_HST 3 324 /* Service with host as remaining components */ 325 #define KRB5_NT_SRV_XHST 4 326 /* Unique ID */ 327 #define KRB5_NT_UID 5 328 329 /* constant version thereof: */ 330 typedef krb5_const krb5_principal_data *krb5_const_principal; 331 332 #define krb5_princ_realm(context, princ) (&(princ)->realm) 333 #define krb5_princ_set_realm(context, princ,value) ((princ)->realm = *(value)) 334 #define krb5_princ_set_realm_length(context, princ,value) (princ)->realm.length = (value) 335 #define krb5_princ_set_realm_data(context, princ,value) (princ)->realm.data = (value) 336 #define krb5_princ_size(context, princ) (princ)->length 337 #define krb5_princ_type(context, princ) (princ)->type 338 #define krb5_princ_name(context, princ) (princ)->data 339 #define krb5_princ_component(context, princ, i) \ 340 (i < krb5_princ_size(context, princ) ? ((princ)->data + i) : NULL) 341 342 /* 343 * end "base-defs.h" 344 */ 345 346 /* 347 * begin "hostaddr.h" 348 */ 349 350 /* structure for address */ 351 typedef struct _krb5_address { 352 krb5_magic magic; 353 krb5_addrtype addrtype; 354 unsigned int length; 355 krb5_octet *contents; 356 } krb5_address; 357 358 /* per Kerberos v5 protocol spec */ 359 #define ADDRTYPE_INET 0x0002 360 #define ADDRTYPE_CHAOS 0x0005 361 #define ADDRTYPE_XNS 0x0006 362 #define ADDRTYPE_ISO 0x0007 363 #define ADDRTYPE_DDP 0x0010 364 #define ADDRTYPE_INET6 0x0018 365 /* not yet in the spec... */ 366 #define ADDRTYPE_ADDRPORT 0x0100 367 #define ADDRTYPE_IPPORT 0x0101 368 369 /* macros to determine if a type is a local type */ 370 #define ADDRTYPE_IS_LOCAL(addrtype) (addrtype & 0x8000) 371 372 /* 373 * end "hostaddr.h" 374 */ 375 376 377 struct _krb5_context; 378 typedef struct _krb5_context * krb5_context; 379 380 struct _krb5_auth_context; 381 typedef struct _krb5_auth_context * krb5_auth_context; 382 383 struct _krb5_cryptosystem_entry; 384 385 struct _krb5_keyblock; 386 387 /* 388 * keyblocks will contain a list of derived keys, 389 * this structure will contain the derived key data. 390 */ 391 typedef struct _dk_node { 392 krb5_keyusage usage; 393 struct _krb5_keyblock *derived_key; 394 uchar_t dkid; /* derived key identifier byte */ 395 struct _dk_node *next; 396 } krb5_dk_node; 397 398 /* 399 * begin "encryption.h" 400 */ 401 typedef struct _krb5_keyblock { 402 krb5_magic magic; 403 krb5_enctype enctype; 404 unsigned int length; 405 krb5_octet *contents; 406 krb5_dk_node *dk_list; /* list of keys derived from this key */ 407 #ifdef _KERNEL 408 crypto_mech_type_t kef_mt; 409 crypto_key_t kef_key; 410 crypto_ctx_template_t key_tmpl; 411 #else 412 CK_OBJECT_HANDLE hKey; /* PKCS#11 key object handle */ 413 pid_t pid; /* fork safety */ 414 #endif /* _KERNEL */ 415 } krb5_keyblock; 416 417 typedef struct _krb5_checksum { 418 krb5_magic magic; 419 krb5_cksumtype checksum_type; /* checksum type */ 420 unsigned int length; 421 krb5_octet *contents; 422 } krb5_checksum; 423 424 typedef struct _krb5_encrypt_block { 425 krb5_magic magic; 426 krb5_enctype crypto_entry; /* to call krb5_encrypt_size, you need 427 this. it was a pointer, but it 428 doesn't have to be. gross. */ 429 krb5_keyblock *key; 430 } krb5_encrypt_block; 431 432 typedef struct _krb5_enc_data { 433 krb5_magic magic; 434 krb5_enctype enctype; 435 krb5_kvno kvno; 436 krb5_data ciphertext; 437 } krb5_enc_data; 438 439 /* per Kerberos v5 protocol spec */ 440 #define ENCTYPE_NULL 0x0000 441 #define ENCTYPE_DES_CBC_CRC 0x0001 /* DES cbc mode with CRC-32 */ 442 #define ENCTYPE_DES_CBC_MD4 0x0002 /* DES cbc mode with RSA-MD4 */ 443 #define ENCTYPE_DES_CBC_MD5 0x0003 /* DES cbc mode with RSA-MD5 */ 444 #define ENCTYPE_DES_CBC_RAW 0x0004 /* DES cbc mode raw */ 445 /* XXX deprecated? */ 446 #define ENCTYPE_DES3_CBC_SHA 0x0005 /* DES-3 cbc mode with NIST-SHA */ 447 #define ENCTYPE_DES3_CBC_RAW 0x0006 /* DES-3 cbc mode raw */ 448 #define ENCTYPE_DES_HMAC_SHA1 0x0008 449 #define ENCTYPE_DES3_CBC_SHA1 0x0010 450 #define ENCTYPE_AES128_CTS_HMAC_SHA1_96 0x0011 451 #define ENCTYPE_AES256_CTS_HMAC_SHA1_96 0x0012 452 #define ENCTYPE_ARCFOUR_HMAC 0x0017 453 #define ENCTYPE_ARCFOUR_HMAC_EXP 0x0018 454 455 #define ENCTYPE_UNKNOWN 0x01ff 456 457 #define CKSUMTYPE_CRC32 0x0001 458 #define CKSUMTYPE_RSA_MD4 0x0002 459 #define CKSUMTYPE_RSA_MD4_DES 0x0003 460 #define CKSUMTYPE_DESCBC 0x0004 461 /* des-mac-k */ 462 /* rsa-md4-des-k */ 463 #define CKSUMTYPE_RSA_MD5 0x0007 464 #define CKSUMTYPE_RSA_MD5_DES 0x0008 465 #define CKSUMTYPE_NIST_SHA 0x0009 466 #define CKSUMTYPE_HMAC_SHA1_DES3 0x000c 467 #define CKSUMTYPE_HMAC_SHA1_96_AES128 0x000f 468 #define CKSUMTYPE_HMAC_SHA1_96_AES256 0x0010 469 #define CKSUMTYPE_HMAC_MD5_ARCFOUR -138 /*Microsoft md5 hmac cksumtype*/ 470 471 472 #ifndef krb5_roundup 473 /* round x up to nearest multiple of y */ 474 #define krb5_roundup(x, y) ((((x) + (y) - 1)/(y))*(y)) 475 #endif /* roundup */ 476 477 /* macro function definitions to help clean up code */ 478 479 #ifndef _KERNEL 480 #define krb5_x(ptr,args) ((ptr)?((*(ptr)) args):(abort(),1)) 481 #define krb5_xc(ptr,args) ((ptr)?((*(ptr)) args):(abort(),(char*)0)) 482 #else 483 #define krb5_x(ptr,args) ((*(ptr)) args) 484 #define krb5_xc(ptr,args) ((*(ptr)) args) 485 #endif 486 487 krb5_error_code KRB5_CALLCONV 488 krb5_c_encrypt 489 KRB5_PROTOTYPE((krb5_context context, 490 krb5_const krb5_keyblock *key, 491 krb5_keyusage usage, krb5_const krb5_data *ivec, 492 krb5_const krb5_data *input, krb5_enc_data *output)); 493 494 krb5_error_code KRB5_CALLCONV 495 krb5_c_decrypt 496 KRB5_PROTOTYPE((krb5_context context, 497 krb5_const krb5_keyblock *key, 498 krb5_keyusage usage, krb5_const krb5_data *ivec, 499 krb5_const krb5_enc_data *input, krb5_data *output)); 500 501 krb5_error_code KRB5_CALLCONV 502 krb5_c_encrypt_length 503 KRB5_PROTOTYPE((krb5_context context, krb5_enctype enctype, 504 size_t inputlen, size_t *length)); 505 506 krb5_error_code KRB5_CALLCONV 507 krb5_c_block_size 508 KRB5_PROTOTYPE((krb5_context context, krb5_enctype enctype, 509 size_t *blocksize)); 510 511 krb5_error_code KRB5_CALLCONV 512 krb5_c_init_state(krb5_context, 513 const krb5_keyblock *, krb5_keyusage, 514 krb5_data *); 515 516 krb5_error_code KRB5_CALLCONV 517 krb5_c_free_state(krb5_context, 518 const krb5_keyblock *, krb5_data *); 519 520 krb5_error_code KRB5_CALLCONV 521 krb5_c_make_random_key 522 KRB5_PROTOTYPE((krb5_context context, krb5_enctype enctype, 523 krb5_keyblock *random_key)); 524 525 krb5_error_code KRB5_CALLCONV 526 krb5_c_random_make_octets 527 KRB5_PROTOTYPE((krb5_context context, krb5_data *data)); 528 529 krb5_error_code KRB5_CALLCONV 530 krb5_c_random_seed 531 KRB5_PROTOTYPE((krb5_context context, krb5_data *data)); 532 533 krb5_error_code KRB5_CALLCONV 534 krb5_c_string_to_key 535 KRB5_PROTOTYPE((krb5_context context, krb5_enctype enctype, 536 krb5_const krb5_data *string, krb5_const krb5_data *salt, 537 krb5_keyblock *key)); 538 539 krb5_error_code KRB5_CALLCONV 540 krb5_c_string_to_key_with_params(krb5_context context, 541 krb5_enctype enctype, 542 const krb5_data *string, 543 const krb5_data *salt, 544 const krb5_data *params, 545 krb5_keyblock *key); 546 547 krb5_error_code KRB5_CALLCONV 548 krb5_c_enctype_compare 549 KRB5_PROTOTYPE((krb5_context context, krb5_enctype e1, krb5_enctype e2, 550 krb5_boolean *similar)); 551 552 krb5_error_code KRB5_CALLCONV 553 krb5_c_make_checksum 554 KRB5_PROTOTYPE((krb5_context context, krb5_cksumtype cksumtype, 555 krb5_const krb5_keyblock *key, krb5_keyusage usage, 556 krb5_const krb5_data *input, krb5_checksum *cksum)); 557 558 krb5_error_code KRB5_CALLCONV 559 krb5_c_verify_checksum 560 KRB5_PROTOTYPE((krb5_context context, 561 krb5_const krb5_keyblock *key, krb5_keyusage usage, 562 krb5_const krb5_data *data, 563 krb5_const krb5_checksum *cksum, 564 krb5_boolean *valid)); 565 566 krb5_error_code KRB5_CALLCONV 567 krb5_c_checksum_length 568 KRB5_PROTOTYPE((krb5_context context, krb5_cksumtype cksumtype, 569 size_t *length)); 570 571 krb5_error_code KRB5_CALLCONV 572 krb5_c_keyed_checksum_types 573 KRB5_PROTOTYPE((krb5_context context, krb5_enctype enctype, 574 unsigned int *count, krb5_cksumtype **cksumtypes)); 575 576 #define KRB5_KEYUSAGE_AS_REQ_PA_ENC_TS 1 577 #define KRB5_KEYUSAGE_KDC_REP_TICKET 2 578 #define KRB5_KEYUSAGE_AS_REP_ENCPART 3 579 #define KRB5_KEYUSAGE_TGS_REQ_AD_SESSKEY 4 580 #define KRB5_KEYUSAGE_TGS_REQ_AD_SUBKEY 5 581 #define KRB5_KEYUSAGE_TGS_REQ_AUTH_CKSUM 6 582 #define KRB5_KEYUSAGE_TGS_REQ_AUTH 7 583 #define KRB5_KEYUSAGE_TGS_REP_ENCPART_SESSKEY 8 584 #define KRB5_KEYUSAGE_TGS_REP_ENCPART_SUBKEY 9 585 #define KRB5_KEYUSAGE_AP_REQ_AUTH_CKSUM 10 586 #define KRB5_KEYUSAGE_AP_REQ_AUTH 11 587 #define KRB5_KEYUSAGE_AP_REP_ENCPART 12 588 #define KRB5_KEYUSAGE_KRB_PRIV_ENCPART 13 589 #define KRB5_KEYUSAGE_KRB_CRED_ENCPART 14 590 #define KRB5_KEYUSAGE_KRB_SAFE_CKSUM 15 591 #define KRB5_KEYUSAGE_APP_DATA_ENCRYPT 16 592 #define KRB5_KEYUSAGE_APP_DATA_CKSUM 17 593 #define KRB5_KEYUSAGE_KRB_ERROR_CKSUM 18 594 #define KRB5_KEYUSAGE_AD_KDCISSUED_CKSUM 19 595 #define KRB5_KEYUSAGE_AD_MTE 20 596 #define KRB5_KEYUSAGE_AD_ITE 21 597 598 /* XXX need to register these */ 599 600 #define KRB5_KEYUSAGE_GSS_TOK_MIC 22 601 #define KRB5_KEYUSAGE_GSS_TOK_WRAP_INTEG 23 602 #define KRB5_KEYUSAGE_GSS_TOK_WRAP_PRIV 24 603 604 /* Defined in hardware preauth draft */ 605 606 #define KRB5_KEYUSAGE_PA_SAM_CHALLENGE_CKSUM 25 607 #define KRB5_KEYUSAGE_PA_SAM_CHALLENGE_TRACKID 26 608 #define KRB5_KEYUSAGE_PA_SAM_RESPONSE 27 609 610 611 krb5_boolean KRB5_CALLCONV krb5_c_valid_enctype 612 (krb5_enctype ktype); 613 614 #define valid_enctype(k) krb5_c_valid_enctype(k) 615 616 krb5_boolean KRB5_CALLCONV krb5_c_valid_cksumtype 617 (krb5_cksumtype ctype); 618 619 #define valid_cksumtype(c) krb5_c_valid_cksumtype(c) 620 621 krb5_boolean KRB5_CALLCONV krb5_c_is_coll_proof_cksum 622 (krb5_const krb5_cksumtype ctype); 623 624 #define is_coll_proof_cksum(c) krb5_c_is_coll_proof_cksum(c) 625 626 krb5_boolean KRB5_CALLCONV krb5_c_is_keyed_cksum 627 (krb5_const krb5_cksumtype ctype); 628 629 #define is_keyed_cksum(c) krb5_c_is_keyed_cksum(c) 630 631 krb5_boolean KRB5_CALLCONV is_in_keytype 632 (krb5_const krb5_enctype *keytype, 633 int numkeytypes, krb5_enctype enctype); 634 635 /* 636 * end "encryption.h" 637 */ 638 639 /* 640 * begin "fieldbits.h" 641 */ 642 643 /* kdc_options for kdc_request */ 644 /* options is 32 bits; each host is responsible to put the 4 bytes 645 representing these bits into net order before transmission */ 646 /* #define KDC_OPT_RESERVED 0x80000000 */ 647 #define KDC_OPT_FORWARDABLE 0x40000000 648 #define KDC_OPT_FORWARDED 0x20000000 649 #define KDC_OPT_PROXIABLE 0x10000000 650 #define KDC_OPT_PROXY 0x08000000 651 #define KDC_OPT_ALLOW_POSTDATE 0x04000000 652 #define KDC_OPT_POSTDATED 0x02000000 653 /* #define KDC_OPT_UNUSED 0x01000000 */ 654 #define KDC_OPT_RENEWABLE 0x00800000 655 /* #define KDC_OPT_UNUSED 0x00400000 */ 656 /* #define KDC_OPT_RESERVED 0x00200000 */ 657 /* #define KDC_OPT_RESERVED 0x00100000 */ 658 /* #define KDC_OPT_RESERVED 0x00080000 */ 659 /* #define KDC_OPT_RESERVED 0x00040000 */ 660 #define KDC_OPT_REQUEST_ANONYMOUS 0x00020000 661 /* #define KDC_OPT_RESERVED 0x00010000 */ 662 /* #define KDC_OPT_RESERVED 0x00008000 */ 663 /* #define KDC_OPT_RESERVED 0x00004000 */ 664 /* #define KDC_OPT_RESERVED 0x00002000 */ 665 /* #define KDC_OPT_RESERVED 0x00001000 */ 666 /* #define KDC_OPT_RESERVED 0x00000800 */ 667 /* #define KDC_OPT_RESERVED 0x00000400 */ 668 /* #define KDC_OPT_RESERVED 0x00000200 */ 669 /* #define KDC_OPT_RESERVED 0x00000100 */ 670 /* #define KDC_OPT_RESERVED 0x00000080 */ 671 /* #define KDC_OPT_RESERVED 0x00000040 */ 672 #define KDC_OPT_DISABLE_TRANSITED_CHECK 0x00000020 673 #define KDC_OPT_RENEWABLE_OK 0x00000010 674 #define KDC_OPT_ENC_TKT_IN_SKEY 0x00000008 675 /* #define KDC_OPT_UNUSED 0x00000004 */ 676 #define KDC_OPT_RENEW 0x00000002 677 #define KDC_OPT_VALIDATE 0x00000001 678 679 /* 680 * Mask of ticket flags in the TGT which should be converted into KDC 681 * options when using the TGT to get derivitive tickets. 682 * 683 * New mask = KDC_OPT_FORWARDABLE | KDC_OPT_PROXIABLE | 684 * KDC_OPT_ALLOW_POSTDATE | KDC_OPT_RENEWABLE 685 */ 686 #define KDC_TKT_COMMON_MASK 0x54800000 687 688 /* definitions for ap_options fields */ 689 /* ap_options are 32 bits; each host is responsible to put the 4 bytes 690 representing these bits into net order before transmission */ 691 #define AP_OPTS_RESERVED 0x80000000 692 #define AP_OPTS_USE_SESSION_KEY 0x40000000 693 #define AP_OPTS_MUTUAL_REQUIRED 0x20000000 694 /* #define AP_OPTS_RESERVED 0x10000000 */ 695 /* #define AP_OPTS_RESERVED 0x08000000 */ 696 /* #define AP_OPTS_RESERVED 0x04000000 */ 697 /* #define AP_OPTS_RESERVED 0x02000000 */ 698 /* #define AP_OPTS_RESERVED 0x01000000 */ 699 /* #define AP_OPTS_RESERVED 0x00800000 */ 700 /* #define AP_OPTS_RESERVED 0x00400000 */ 701 /* #define AP_OPTS_RESERVED 0x00200000 */ 702 /* #define AP_OPTS_RESERVED 0x00100000 */ 703 /* #define AP_OPTS_RESERVED 0x00080000 */ 704 /* #define AP_OPTS_RESERVED 0x00040000 */ 705 /* #define AP_OPTS_RESERVED 0x00020000 */ 706 /* #define AP_OPTS_RESERVED 0x00010000 */ 707 /* #define AP_OPTS_RESERVED 0x00008000 */ 708 /* #define AP_OPTS_RESERVED 0x00004000 */ 709 /* #define AP_OPTS_RESERVED 0x00002000 */ 710 /* #define AP_OPTS_RESERVED 0x00001000 */ 711 /* #define AP_OPTS_RESERVED 0x00000800 */ 712 /* #define AP_OPTS_RESERVED 0x00000400 */ 713 /* #define AP_OPTS_RESERVED 0x00000200 */ 714 /* #define AP_OPTS_RESERVED 0x00000100 */ 715 /* #define AP_OPTS_RESERVED 0x00000080 */ 716 /* #define AP_OPTS_RESERVED 0x00000040 */ 717 /* #define AP_OPTS_RESERVED 0x00000020 */ 718 /* #define AP_OPTS_RESERVED 0x00000010 */ 719 /* #define AP_OPTS_RESERVED 0x00000008 */ 720 /* #define AP_OPTS_RESERVED 0x00000004 */ 721 /* #define AP_OPTS_RESERVED 0x00000002 */ 722 #define AP_OPTS_USE_SUBKEY 0x00000001 723 724 #define AP_OPTS_WIRE_MASK 0xfffffff0 725 726 /* definitions for ad_type fields. */ 727 #define AD_TYPE_RESERVED 0x8000 728 #define AD_TYPE_EXTERNAL 0x4000 729 #define AD_TYPE_REGISTERED 0x2000 730 731 #define AD_TYPE_FIELD_TYPE_MASK 0x1fff 732 733 /* Ticket flags */ 734 /* flags are 32 bits; each host is responsible to put the 4 bytes 735 representing these bits into net order before transmission */ 736 /* #define TKT_FLG_RESERVED 0x80000000 */ 737 #define TKT_FLG_FORWARDABLE 0x40000000 738 #define TKT_FLG_FORWARDED 0x20000000 739 #define TKT_FLG_PROXIABLE 0x10000000 740 #define TKT_FLG_PROXY 0x08000000 741 #define TKT_FLG_MAY_POSTDATE 0x04000000 742 #define TKT_FLG_POSTDATED 0x02000000 743 #define TKT_FLG_INVALID 0x01000000 744 #define TKT_FLG_RENEWABLE 0x00800000 745 #define TKT_FLG_INITIAL 0x00400000 746 #define TKT_FLG_PRE_AUTH 0x00200000 747 #define TKT_FLG_HW_AUTH 0x00100000 748 #define TKT_FLG_TRANSIT_POLICY_CHECKED 0x00080000 749 #define TKT_FLG_OK_AS_DELEGATE 0x00040000 750 #define TKT_FLG_ANONYMOUS 0x00020000 751 /* #define TKT_FLG_RESERVED 0x00010000 */ 752 /* #define TKT_FLG_RESERVED 0x00008000 */ 753 /* #define TKT_FLG_RESERVED 0x00004000 */ 754 /* #define TKT_FLG_RESERVED 0x00002000 */ 755 /* #define TKT_FLG_RESERVED 0x00001000 */ 756 /* #define TKT_FLG_RESERVED 0x00000800 */ 757 /* #define TKT_FLG_RESERVED 0x00000400 */ 758 /* #define TKT_FLG_RESERVED 0x00000200 */ 759 /* #define TKT_FLG_RESERVED 0x00000100 */ 760 /* #define TKT_FLG_RESERVED 0x00000080 */ 761 /* #define TKT_FLG_RESERVED 0x00000040 */ 762 /* #define TKT_FLG_RESERVED 0x00000020 */ 763 /* #define TKT_FLG_RESERVED 0x00000010 */ 764 /* #define TKT_FLG_RESERVED 0x00000008 */ 765 /* #define TKT_FLG_RESERVED 0x00000004 */ 766 /* #define TKT_FLG_RESERVED 0x00000002 */ 767 /* #define TKT_FLG_RESERVED 0x00000001 */ 768 769 /* definitions for lr_type fields. */ 770 #define LR_TYPE_THIS_SERVER_ONLY 0x8000 771 772 #define LR_TYPE_INTERPRETATION_MASK 0x7fff 773 774 /* definitions for ad_type fields. */ 775 #define AD_TYPE_EXTERNAL 0x4000 776 #define AD_TYPE_REGISTERED 0x2000 777 778 #define AD_TYPE_FIELD_TYPE_MASK 0x1fff 779 #define AD_TYPE_INTERNAL_MASK 0x3fff 780 781 /* definitions for msec direction bit for KRB_SAFE, KRB_PRIV */ 782 #define MSEC_DIRBIT 0x8000 783 #define MSEC_VAL_MASK 0x7fff 784 785 /* 786 * end "fieldbits.h" 787 */ 788 789 /* 790 * begin "proto.h" 791 */ 792 793 /* Protocol version number */ 794 #define KRB5_PVNO 5 795 796 /* Message types */ 797 798 #define KRB5_AS_REQ ((krb5_msgtype)10) /* Req for initial authentication */ 799 #define KRB5_AS_REP ((krb5_msgtype)11) /* Response to KRB_AS_REQ request */ 800 #define KRB5_TGS_REQ ((krb5_msgtype)12) /* TGS request to server */ 801 #define KRB5_TGS_REP ((krb5_msgtype)13) /* Response to KRB_TGS_REQ req */ 802 #define KRB5_AP_REQ ((krb5_msgtype)14) /* application request to server */ 803 #define KRB5_AP_REP ((krb5_msgtype)15) /* Response to KRB_AP_REQ_MUTUAL */ 804 #define KRB5_SAFE ((krb5_msgtype)20) /* Safe application message */ 805 #define KRB5_PRIV ((krb5_msgtype)21) /* Private application message */ 806 #define KRB5_CRED ((krb5_msgtype)22) /* Credential forwarding message */ 807 #define KRB5_ERROR ((krb5_msgtype)30) /* Error response */ 808 809 /* LastReq types */ 810 #define KRB5_LRQ_NONE 0 811 #define KRB5_LRQ_ALL_LAST_TGT 1 812 #define KRB5_LRQ_ONE_LAST_TGT (-1) 813 #define KRB5_LRQ_ALL_LAST_INITIAL 2 814 #define KRB5_LRQ_ONE_LAST_INITIAL (-2) 815 #define KRB5_LRQ_ALL_LAST_TGT_ISSUED 3 816 #define KRB5_LRQ_ONE_LAST_TGT_ISSUED (-3) 817 #define KRB5_LRQ_ALL_LAST_RENEWAL 4 818 #define KRB5_LRQ_ONE_LAST_RENEWAL (-4) 819 #define KRB5_LRQ_ALL_LAST_REQ 5 820 #define KRB5_LRQ_ONE_LAST_REQ (-5) 821 #define KRB5_LRQ_ALL_PW_EXPTIME 6 822 #define KRB5_LRQ_ONE_PW_EXPTIME (-6) 823 824 825 /* PADATA types */ 826 #define KRB5_PADATA_NONE 0 827 #define KRB5_PADATA_AP_REQ 1 828 #define KRB5_PADATA_TGS_REQ KRB5_PADATA_AP_REQ 829 #define KRB5_PADATA_ENC_TIMESTAMP 2 830 #define KRB5_PADATA_PW_SALT 3 831 #if 0 /* Not used */ 832 #define KRB5_PADATA_ENC_ENCKEY 4 /* Key encrypted within itself */ 833 #endif 834 #define KRB5_PADATA_ENC_UNIX_TIME 5 /* timestamp encrypted in key */ 835 #define KRB5_PADATA_ENC_SANDIA_SECURID 6 /* SecurId passcode */ 836 #define KRB5_PADATA_SESAME 7 /* Sesame project */ 837 #define KRB5_PADATA_OSF_DCE 8 /* OSF DCE */ 838 #define KRB5_CYBERSAFE_SECUREID 9 /* Cybersafe */ 839 #define KRB5_PADATA_AFS3_SALT 10 /* Cygnus */ 840 #define KRB5_PADATA_ETYPE_INFO 11 /* Etype info for preauth */ 841 #define KRB5_PADATA_SAM_CHALLENGE 12 /* draft challenge system */ 842 #define KRB5_PADATA_SAM_RESPONSE 13 /* draft challenge system response */ 843 #define KRB5_PADATA_PK_AS_REQ 14 /* PKINIT */ 844 #define KRB5_PADATA_PK_AS_REP 15 /* PKINIT */ 845 #define KRB5_PADATA_ETYPE_INFO2 19 846 #define KRB5_PADATA_SAM_CHALLENGE_2 30 /* draft challenge system, updated */ 847 #define KRB5_PADATA_SAM_RESPONSE_2 31 /* draft challenge system, updated */ 848 849 #define KRB5_SAM_USE_SAD_AS_KEY 0x80000000 850 #define KRB5_SAM_SEND_ENCRYPTED_SAD 0x40000000 851 #define KRB5_SAM_MUST_PK_ENCRYPT_SAD 0x20000000 /* currently must be zero */ 852 853 /* Reserved for SPX pre-authentication. */ 854 #define KRB5_PADATA_DASS 16 855 856 /* Transited encoding types */ 857 #define KRB5_DOMAIN_X500_COMPRESS 1 858 859 /* alternate authentication types */ 860 #define KRB5_ALTAUTH_ATT_CHALLENGE_RESPONSE 64 861 862 /* authorization data types */ 863 #define KRB5_AUTHDATA_OSF_DCE 64 864 #define KRB5_AUTHDATA_SESAME 65 865 866 /* password change constants */ 867 868 #define KRB5_KPASSWD_SUCCESS 0 869 #define KRB5_KPASSWD_MALFORMED 1 870 #define KRB5_KPASSWD_HARDERROR 2 871 #define KRB5_KPASSWD_AUTHERROR 3 872 #define KRB5_KPASSWD_SOFTERROR 4 873 874 /* 875 * end "proto.h" 876 */ 877 878 /* Time set */ 879 typedef struct _krb5_ticket_times { 880 krb5_timestamp authtime; /* XXX ? should ktime in KDC_REP == authtime 881 in ticket? otherwise client can't get this */ 882 krb5_timestamp starttime; /* optional in ticket, if not present, 883 use authtime */ 884 krb5_timestamp endtime; 885 krb5_timestamp renew_till; 886 } krb5_ticket_times; 887 888 /* structure for auth data */ 889 typedef struct _krb5_authdata { 890 krb5_magic magic; 891 krb5_authdatatype ad_type; 892 unsigned int length; 893 krb5_octet *contents; 894 } krb5_authdata; 895 896 /* structure for transited encoding */ 897 typedef struct _krb5_transited { 898 krb5_magic magic; 899 krb5_octet tr_type; 900 krb5_data tr_contents; 901 } krb5_transited; 902 903 typedef struct _krb5_enc_tkt_part { 904 krb5_magic magic; 905 /* to-be-encrypted portion */ 906 krb5_flags flags; /* flags */ 907 krb5_keyblock *session; /* session key: includes enctype */ 908 krb5_principal client; /* client name/realm */ 909 krb5_transited transited; /* list of transited realms */ 910 krb5_ticket_times times; /* auth, start, end, renew_till */ 911 krb5_address * *caddrs; /* array of ptrs to addresses */ 912 krb5_authdata * *authorization_data; /* auth data */ 913 } krb5_enc_tkt_part; 914 915 typedef struct _krb5_ticket { 916 krb5_magic magic; 917 /* cleartext portion */ 918 krb5_principal server; /* server name/realm */ 919 krb5_enc_data enc_part; /* encryption type, kvno, encrypted 920 encoding */ 921 krb5_enc_tkt_part *enc_part2; /* ptr to decrypted version, if 922 available */ 923 } krb5_ticket; 924 925 /* the unencrypted version */ 926 typedef struct _krb5_authenticator { 927 krb5_magic magic; 928 krb5_principal client; /* client name/realm */ 929 krb5_checksum *checksum; /* checksum, includes type, optional */ 930 krb5_int32 cusec; /* client usec portion */ 931 krb5_timestamp ctime; /* client sec portion */ 932 krb5_keyblock *subkey; /* true session key, optional */ 933 krb5_ui_4 seq_number; /* sequence #, optional */ 934 krb5_authdata * *authorization_data; /* New add by Ari, auth data */ 935 } krb5_authenticator; 936 937 typedef struct _krb5_tkt_authent { 938 krb5_magic magic; 939 krb5_ticket *ticket; 940 krb5_authenticator *authenticator; 941 krb5_flags ap_options; 942 } krb5_tkt_authent; 943 944 /* credentials: Ticket, session key, etc. */ 945 typedef struct _krb5_creds { 946 krb5_magic magic; 947 krb5_principal client; /* client's principal identifier */ 948 krb5_principal server; /* server's principal identifier */ 949 krb5_keyblock keyblock; /* session encryption key info */ 950 krb5_ticket_times times; /* lifetime info */ 951 krb5_boolean is_skey; /* true if ticket is encrypted in 952 another ticket's skey */ 953 krb5_flags ticket_flags; /* flags in ticket */ 954 krb5_address * *addresses; /* addrs in ticket */ 955 krb5_data ticket; /* ticket string itself */ 956 krb5_data second_ticket; /* second ticket, if related to 957 ticket (via DUPLICATE-SKEY or 958 ENC-TKT-IN-SKEY) */ 959 krb5_authdata * *authdata; /* authorization data */ 960 } krb5_creds; 961 962 /* Last request fields */ 963 typedef struct _krb5_last_req_entry { 964 krb5_magic magic; 965 krb5_int32 lr_type; 966 krb5_timestamp value; 967 } krb5_last_req_entry; 968 969 /* pre-authentication data */ 970 typedef struct _krb5_pa_data { 971 krb5_magic magic; 972 krb5_preauthtype pa_type; 973 unsigned int length; 974 krb5_octet *contents; 975 } krb5_pa_data; 976 977 typedef struct _krb5_kdc_req { 978 krb5_magic magic; 979 krb5_msgtype msg_type; /* AS_REQ or TGS_REQ? */ 980 krb5_pa_data * *padata; /* e.g. encoded AP_REQ */ 981 /* real body */ 982 krb5_flags kdc_options; /* requested options */ 983 krb5_principal client; /* includes realm; optional */ 984 krb5_principal server; /* includes realm (only used if no 985 client) */ 986 krb5_timestamp from; /* requested starttime */ 987 krb5_timestamp till; /* requested endtime */ 988 krb5_timestamp rtime; /* (optional) requested renew_till */ 989 krb5_int32 nonce; /* nonce to match request/response */ 990 int nktypes; /* # of ktypes, must be positive */ 991 krb5_enctype *ktype; /* requested enctype(s) */ 992 krb5_address * *addresses; /* requested addresses, optional */ 993 krb5_enc_data authorization_data; /* encrypted auth data; OPTIONAL */ 994 krb5_authdata * *unenc_authdata; /* unencrypted auth data, 995 if available */ 996 krb5_ticket * *second_ticket;/* second ticket array; OPTIONAL */ 997 } krb5_kdc_req; 998 999 typedef struct _krb5_enc_kdc_rep_part { 1000 krb5_magic magic; 1001 /* encrypted part: */ 1002 krb5_msgtype msg_type; /* krb5 message type */ 1003 krb5_keyblock *session; /* session key */ 1004 krb5_last_req_entry * *last_req; /* array of ptrs to entries */ 1005 krb5_int32 nonce; /* nonce from request */ 1006 krb5_timestamp key_exp; /* expiration date */ 1007 krb5_flags flags; /* ticket flags */ 1008 krb5_ticket_times times; /* lifetime info */ 1009 krb5_principal server; /* server's principal identifier */ 1010 krb5_address * *caddrs; /* array of ptrs to addresses, 1011 optional */ 1012 } krb5_enc_kdc_rep_part; 1013 1014 typedef struct _krb5_kdc_rep { 1015 krb5_magic magic; 1016 /* cleartext part: */ 1017 krb5_msgtype msg_type; /* AS_REP or KDC_REP? */ 1018 krb5_pa_data * *padata; /* preauthentication data from KDC */ 1019 krb5_principal client; /* client's principal identifier */ 1020 krb5_ticket *ticket; /* ticket */ 1021 krb5_enc_data enc_part; /* encryption type, kvno, encrypted 1022 encoding */ 1023 krb5_enc_kdc_rep_part *enc_part2;/* unencrypted version, if available */ 1024 } krb5_kdc_rep; 1025 1026 /* error message structure */ 1027 typedef struct _krb5_error { 1028 krb5_magic magic; 1029 /* some of these may be meaningless in certain contexts */ 1030 krb5_timestamp ctime; /* client sec portion; optional */ 1031 krb5_int32 cusec; /* client usec portion; optional */ 1032 krb5_int32 susec; /* server usec portion */ 1033 krb5_timestamp stime; /* server sec portion */ 1034 krb5_ui_4 error; /* error code (protocol error #'s) */ 1035 krb5_principal client; /* client's principal identifier; 1036 optional */ 1037 krb5_principal server; /* server's principal identifier */ 1038 krb5_data text; /* descriptive text */ 1039 krb5_data e_data; /* additional error-describing data */ 1040 } krb5_error; 1041 1042 typedef struct _krb5_ap_req { 1043 krb5_magic magic; 1044 krb5_flags ap_options; /* requested options */ 1045 krb5_ticket *ticket; /* ticket */ 1046 krb5_enc_data authenticator; /* authenticator (already encrypted) */ 1047 } krb5_ap_req; 1048 1049 typedef struct _krb5_ap_rep { 1050 krb5_magic magic; 1051 krb5_enc_data enc_part; 1052 } krb5_ap_rep; 1053 1054 typedef struct _krb5_ap_rep_enc_part { 1055 krb5_magic magic; 1056 krb5_timestamp ctime; /* client time, seconds portion */ 1057 krb5_int32 cusec; /* client time, microseconds portion */ 1058 krb5_keyblock *subkey; /* true session key, optional */ 1059 krb5_ui_4 seq_number; /* sequence #, optional */ 1060 } krb5_ap_rep_enc_part; 1061 1062 typedef struct _krb5_response { 1063 krb5_magic magic; 1064 krb5_octet message_type; 1065 krb5_data response; 1066 krb5_int32 expected_nonce; /* The expected nonce for KDC_REP messages */ 1067 krb5_timestamp request_time; /* When we made the request */ 1068 } krb5_response; 1069 1070 typedef struct _krb5_safe { 1071 krb5_magic magic; 1072 krb5_data user_data; /* user data */ 1073 krb5_timestamp timestamp; /* client time, optional */ 1074 krb5_int32 usec; /* microsecond portion of time, 1075 optional */ 1076 krb5_ui_4 seq_number; /* sequence #, optional */ 1077 krb5_address *s_address; /* sender address */ 1078 krb5_address *r_address; /* recipient address, optional */ 1079 krb5_checksum *checksum; /* data integrity checksum */ 1080 } krb5_safe; 1081 1082 typedef struct _krb5_priv { 1083 krb5_magic magic; 1084 krb5_enc_data enc_part; /* encrypted part */ 1085 } krb5_priv; 1086 1087 typedef struct _krb5_priv_enc_part { 1088 krb5_magic magic; 1089 krb5_data user_data; /* user data */ 1090 krb5_timestamp timestamp; /* client time, optional */ 1091 krb5_int32 usec; /* microsecond portion of time, opt. */ 1092 krb5_ui_4 seq_number; /* sequence #, optional */ 1093 krb5_address *s_address; /* sender address */ 1094 krb5_address *r_address; /* recipient address, optional */ 1095 } krb5_priv_enc_part; 1096 1097 typedef struct _krb5_cred_info { 1098 krb5_magic magic; 1099 krb5_keyblock *session; /* session key used to encrypt */ 1100 /* ticket */ 1101 krb5_principal client; /* client name/realm, optional */ 1102 krb5_principal server; /* server name/realm, optional */ 1103 krb5_flags flags; /* ticket flags, optional */ 1104 krb5_ticket_times times; /* auth, start, end, renew_till, */ 1105 /* optional */ 1106 krb5_address * *caddrs; /* array of ptrs to addresses */ 1107 } krb5_cred_info; 1108 1109 typedef struct _krb5_cred_enc_part { 1110 krb5_magic magic; 1111 krb5_int32 nonce; /* nonce, optional */ 1112 krb5_timestamp timestamp; /* client time */ 1113 krb5_int32 usec; /* microsecond portion of time */ 1114 krb5_address *s_address; /* sender address, optional */ 1115 krb5_address *r_address; /* recipient address, optional */ 1116 krb5_cred_info * *ticket_info; 1117 } krb5_cred_enc_part; 1118 1119 typedef struct _krb5_cred { 1120 krb5_magic magic; 1121 krb5_ticket * *tickets; /* tickets */ 1122 krb5_enc_data enc_part; /* encrypted part */ 1123 krb5_cred_enc_part *enc_part2; /* unencrypted version, if available*/ 1124 } krb5_cred; 1125 1126 /* Sandia password generation structures */ 1127 typedef struct _passwd_phrase_element { 1128 krb5_magic magic; 1129 krb5_data *passwd; 1130 krb5_data *phrase; 1131 } passwd_phrase_element; 1132 1133 typedef struct _krb5_pwd_data { 1134 krb5_magic magic; 1135 int sequence_count; 1136 passwd_phrase_element * *element; 1137 } krb5_pwd_data; 1138 1139 /* these need to be here so the typedefs are available for the prototypes */ 1140 1141 /* 1142 * begin "safepriv.h" 1143 */ 1144 1145 #define KRB5_AUTH_CONTEXT_DO_TIME 0x00000001 1146 #define KRB5_AUTH_CONTEXT_RET_TIME 0x00000002 1147 #define KRB5_AUTH_CONTEXT_DO_SEQUENCE 0x00000004 1148 #define KRB5_AUTH_CONTEXT_RET_SEQUENCE 0x00000008 1149 #define KRB5_AUTH_CONTEXT_PERMIT_ALL 0x00000010 1150 #define KRB5_AUTH_CONTEXT_USE_SUBKEY 0x00000020 1151 1152 typedef struct krb5_replay_data { 1153 krb5_timestamp timestamp; 1154 krb5_int32 usec; 1155 krb5_int32 seq; 1156 } krb5_replay_data; 1157 1158 /* flags for krb5_auth_con_genaddrs() */ 1159 #define KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR 0x00000001 1160 #define KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR 0x00000002 1161 #define KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR 0x00000004 1162 #define KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR 0x00000008 1163 1164 /* type of function used as a callback to generate checksum data for 1165 * mk_req */ 1166 1167 typedef krb5_error_code 1168 (KRB5_CALLCONV * krb5_mk_req_checksum_func) ( 1169 krb5_context, 1170 krb5_auth_context, 1171 void *, 1172 krb5_data **); 1173 1174 1175 /* 1176 * end "safepriv.h" 1177 */ 1178 1179 1180 /* 1181 * begin "ccache.h" 1182 */ 1183 1184 typedef krb5_pointer krb5_cc_cursor; /* cursor for sequential lookup */ 1185 1186 typedef struct _krb5_ccache { 1187 krb5_magic magic; 1188 struct _krb5_cc_ops *ops; 1189 krb5_pointer data; 1190 } *krb5_ccache; 1191 1192 typedef struct _krb5_cc_ops { 1193 krb5_magic magic; 1194 char *prefix; 1195 char * (KRB5_CALLCONV *get_name) KRB5_NPROTOTYPE((krb5_context, krb5_ccache)); 1196 krb5_error_code (KRB5_CALLCONV *resolve) KRB5_NPROTOTYPE((krb5_context, krb5_ccache *, 1197 const char *)); 1198 krb5_error_code (KRB5_CALLCONV *gen_new) KRB5_NPROTOTYPE((krb5_context, krb5_ccache *)); 1199 krb5_error_code (KRB5_CALLCONV *init) KRB5_NPROTOTYPE((krb5_context, krb5_ccache, 1200 krb5_principal)); 1201 krb5_error_code (KRB5_CALLCONV *destroy) KRB5_NPROTOTYPE((krb5_context, krb5_ccache)); 1202 krb5_error_code (KRB5_CALLCONV *close) KRB5_NPROTOTYPE((krb5_context, krb5_ccache)); 1203 krb5_error_code (KRB5_CALLCONV *store) KRB5_NPROTOTYPE((krb5_context, krb5_ccache, 1204 krb5_creds *)); 1205 krb5_error_code (KRB5_CALLCONV *retrieve) KRB5_NPROTOTYPE((krb5_context, krb5_ccache, 1206 krb5_flags, krb5_creds *, 1207 krb5_creds *)); 1208 krb5_error_code (KRB5_CALLCONV *get_princ) KRB5_NPROTOTYPE((krb5_context, krb5_ccache, 1209 krb5_principal *)); 1210 krb5_error_code (KRB5_CALLCONV *get_first) KRB5_NPROTOTYPE((krb5_context, krb5_ccache, 1211 krb5_cc_cursor *)); 1212 krb5_error_code (KRB5_CALLCONV *get_next) KRB5_NPROTOTYPE((krb5_context, krb5_ccache, 1213 krb5_cc_cursor *, krb5_creds *)); 1214 krb5_error_code (KRB5_CALLCONV *end_get) KRB5_NPROTOTYPE((krb5_context, krb5_ccache, 1215 krb5_cc_cursor *)); 1216 krb5_error_code (KRB5_CALLCONV *remove_cred) KRB5_NPROTOTYPE((krb5_context, krb5_ccache, 1217 krb5_flags, krb5_creds *)); 1218 krb5_error_code (KRB5_CALLCONV *set_flags) KRB5_NPROTOTYPE((krb5_context, krb5_ccache, 1219 krb5_flags)); 1220 } krb5_cc_ops; 1221 1222 /* for retrieve_cred */ 1223 #define KRB5_TC_MATCH_TIMES 0x00000001 1224 #define KRB5_TC_MATCH_IS_SKEY 0x00000002 1225 #define KRB5_TC_MATCH_FLAGS 0x00000004 1226 #define KRB5_TC_MATCH_TIMES_EXACT 0x00000008 1227 #define KRB5_TC_MATCH_FLAGS_EXACT 0x00000010 1228 #define KRB5_TC_MATCH_AUTHDATA 0x00000020 1229 #define KRB5_TC_MATCH_SRV_NAMEONLY 0x00000040 1230 #define KRB5_TC_MATCH_2ND_TKT 0x00000080 1231 #define KRB5_TC_MATCH_KTYPE 0x00000100 1232 #define KRB5_TC_SUPPORTED_KTYPES 0x00000200 1233 1234 /* for set_flags and other functions */ 1235 #define KRB5_TC_OPENCLOSE 0x00000001 1236 1237 #define krb5_cc_initialize(context, cache, principal) krb5_x((cache)->ops->init,(context, cache, principal)) 1238 #define krb5_cc_gen_new(context, cache) krb5_x((*cache)->ops->gen_new,(context, cache)) 1239 #define krb5_cc_destroy(context, cache) krb5_x((cache)->ops->destroy,(context, cache)) 1240 #define krb5_cc_close(context, cache) krb5_x((cache)->ops->close,(context, cache)) 1241 #define krb5_cc_store_cred(context, cache, creds) krb5_x((cache)->ops->store,(context, cache, creds)) 1242 #define krb5_cc_retrieve_cred(context, cache, flags, mcreds, creds) krb5_x((cache)->ops->retrieve,(context, cache, flags, mcreds, creds)) 1243 #define krb5_cc_get_principal(context, cache, principal) krb5_x((cache)->ops->get_princ,(context, cache, principal)) 1244 #define krb5_cc_start_seq_get(context, cache, cursor) krb5_x((cache)->ops->get_first,(context, cache, cursor)) 1245 #define krb5_cc_next_cred(context, cache, cursor, creds) krb5_x((cache)->ops->get_next,(context, cache, cursor, creds)) 1246 #define krb5_cc_end_seq_get(context, cache, cursor) krb5_x((cache)->ops->end_get,(context, cache, cursor)) 1247 #define krb5_cc_remove_cred(context, cache, flags, creds) krb5_x((cache)->ops->remove_cred,(context, cache,flags, creds)) 1248 #define krb5_cc_set_flags(context, cache, flags) krb5_x((cache)->ops->set_flags,(context, cache, flags)) 1249 #define krb5_cc_get_name(context, cache) krb5_xc((cache)->ops->get_name,(context, cache)) 1250 #define krb5_cc_get_type(context, cache) ((cache)->ops->prefix) 1251 1252 extern krb5_cc_ops *krb5_cc_dfl_ops; 1253 1254 /* 1255 * end "ccache.h" 1256 */ 1257 1258 /* 1259 * begin "rcache.h" 1260 */ 1261 1262 typedef struct krb5_rc_st { 1263 krb5_magic magic; 1264 struct _krb5_rc_ops *ops; 1265 krb5_pointer data; 1266 } *krb5_rcache; 1267 1268 typedef struct _krb5_donot_replay { 1269 krb5_magic magic; 1270 char *server; /* null-terminated */ 1271 char *client; /* null-terminated */ 1272 krb5_int32 cusec; 1273 krb5_timestamp ctime; 1274 } krb5_donot_replay; 1275 1276 typedef struct _krb5_rc_ops { 1277 krb5_magic magic; 1278 char *type; 1279 krb5_error_code (KRB5_CALLCONV *init) 1280 KRB5_NPROTOTYPE((krb5_context, krb5_rcache,krb5_deltat)); /* create */ 1281 krb5_error_code (KRB5_CALLCONV *recover) 1282 KRB5_NPROTOTYPE((krb5_context, krb5_rcache)); /* open */ 1283 krb5_error_code (KRB5_CALLCONV *destroy) 1284 KRB5_NPROTOTYPE((krb5_context, krb5_rcache)); 1285 krb5_error_code (KRB5_CALLCONV *close) 1286 KRB5_NPROTOTYPE((krb5_context, krb5_rcache)); 1287 krb5_error_code (KRB5_CALLCONV *store) 1288 KRB5_NPROTOTYPE((krb5_context, krb5_rcache,krb5_donot_replay *)); 1289 krb5_error_code (KRB5_CALLCONV *expunge) 1290 KRB5_NPROTOTYPE((krb5_context, krb5_rcache)); 1291 krb5_error_code (KRB5_CALLCONV *get_span) 1292 KRB5_NPROTOTYPE((krb5_context, krb5_rcache,krb5_deltat *)); 1293 char *(KRB5_CALLCONV *get_name) 1294 KRB5_NPROTOTYPE((krb5_context, krb5_rcache)); 1295 krb5_error_code (KRB5_CALLCONV *resolve) 1296 KRB5_NPROTOTYPE((krb5_context, krb5_rcache, char *)); 1297 } krb5_rc_ops; 1298 1299 krb5_error_code krb5_rc_resolve 1300 KRB5_PROTOTYPE((krb5_context, krb5_rcache id, char *name)); 1301 krb5_error_code krb5_rc_default 1302 KRB5_PROTOTYPE((krb5_context, 1303 krb5_rcache *)); 1304 krb5_error_code krb5_rc_register_type 1305 KRB5_PROTOTYPE((krb5_context, 1306 krb5_rc_ops *)); 1307 krb5_error_code krb5_rc_resolve_full 1308 KRB5_PROTOTYPE((krb5_context, 1309 krb5_rcache *,char *)); 1310 char * krb5_rc_get_type 1311 KRB5_PROTOTYPE((krb5_context, 1312 krb5_rcache)); 1313 char * krb5_rc_default_name 1314 KRB5_PROTOTYPE((krb5_context)); 1315 krb5_error_code krb5_auth_to_rep 1316 KRB5_PROTOTYPE((krb5_context, 1317 krb5_tkt_authent *, 1318 krb5_donot_replay *)); 1319 1320 #define krb5_rc_initialize(context, id, span) krb5_x((id)->ops->init,(context, id, span)) 1321 #define krb5_rc_recover(context, id) krb5_x((id)->ops->recover,(context, id)) 1322 #define krb5_rc_destroy(context, id) krb5_x((id)->ops->destroy,(context, id)) 1323 #define krb5_rc_close(context, id) krb5_x((id)->ops->close,(context, id)) 1324 #define krb5_rc_store(context, id, dontreplay) krb5_x((id)->ops->store,(context, id, dontreplay)) 1325 #define krb5_rc_expunge(context, id) krb5_x((id)->ops->expunge,(context, id)) 1326 #define krb5_rc_get_lifespan(context, id, spanp) krb5_x((id)->ops->get_span,(context, id, spanp)) 1327 #define krb5_rc_get_name(context, id) krb5_xc((id)->ops->get_name,(context, id)) 1328 1329 extern krb5_rc_ops *krb5_rc_dfl_ops; 1330 1331 /* 1332 * end "rcache.h" 1333 */ 1334 1335 /* 1336 * begin "keytab.h" 1337 */ 1338 1339 1340 /* XXX */ 1341 #define MAX_KEYTAB_NAME_LEN 1100 /* Long enough for MAXPATHLEN + some extra */ 1342 1343 typedef krb5_pointer krb5_kt_cursor; /* XXX */ 1344 1345 typedef struct krb5_keytab_entry_st { 1346 krb5_magic magic; 1347 krb5_principal principal; /* principal of this key */ 1348 krb5_timestamp timestamp; /* time entry written to keytable */ 1349 krb5_kvno vno; /* key version number */ 1350 krb5_keyblock key; /* the secret key */ 1351 } krb5_keytab_entry; 1352 1353 1354 typedef struct _krb5_kt { 1355 krb5_magic magic; 1356 struct _krb5_kt_ops *ops; 1357 krb5_pointer data; 1358 } *krb5_keytab; 1359 1360 1361 typedef struct _krb5_kt_ops { 1362 krb5_magic magic; 1363 char *prefix; 1364 /* routines always present */ 1365 krb5_error_code (KRB5_CALLCONV *resolve) 1366 (krb5_context, 1367 krb5_const char *, 1368 krb5_keytab *); 1369 krb5_error_code (KRB5_CALLCONV *get_name) 1370 (krb5_context, 1371 krb5_keytab, 1372 char *, 1373 int); 1374 krb5_error_code (KRB5_CALLCONV *close) 1375 KRB5_NPROTOTYPE((krb5_context, 1376 krb5_keytab)); 1377 krb5_error_code (KRB5_CALLCONV *get) 1378 KRB5_NPROTOTYPE((krb5_context, 1379 krb5_keytab, 1380 krb5_const_principal, 1381 krb5_kvno, 1382 krb5_enctype, 1383 krb5_keytab_entry *)); 1384 krb5_error_code (KRB5_CALLCONV *start_seq_get) 1385 KRB5_NPROTOTYPE((krb5_context, 1386 krb5_keytab, 1387 krb5_kt_cursor *)); 1388 krb5_error_code (KRB5_CALLCONV *get_next) 1389 KRB5_NPROTOTYPE((krb5_context, 1390 krb5_keytab, 1391 krb5_keytab_entry *, 1392 krb5_kt_cursor *)); 1393 krb5_error_code (KRB5_CALLCONV *end_get) 1394 KRB5_NPROTOTYPE((krb5_context, 1395 krb5_keytab, 1396 krb5_kt_cursor *)); 1397 /* routines to be included on extended version (write routines) */ 1398 krb5_error_code (KRB5_CALLCONV *add) 1399 KRB5_NPROTOTYPE((krb5_context, 1400 krb5_keytab, 1401 krb5_keytab_entry *)); 1402 krb5_error_code (KRB5_CALLCONV *remove) 1403 KRB5_NPROTOTYPE((krb5_context, 1404 krb5_keytab, 1405 krb5_keytab_entry *)); 1406 1407 /* Handle for serializer */ 1408 void * serializer; 1409 } krb5_kt_ops; 1410 1411 #define krb5_kt_get_type(context, keytab) ((keytab)->ops->prefix) 1412 #define krb5_kt_get_name(context, keytab, name, namelen) krb5_x((keytab)->ops->get_name,(context, keytab,name,namelen)) 1413 #define krb5_kt_close(context, keytab) krb5_x((keytab)->ops->close,(context, keytab)) 1414 #define krb5_kt_get_entry(context, keytab, principal, vno, enctype, entry) krb5_x((keytab)->ops->get,(context, keytab, principal, vno, enctype, entry)) 1415 #define krb5_kt_start_seq_get(context, keytab, cursor) krb5_x((keytab)->ops->start_seq_get,(context, keytab, cursor)) 1416 #define krb5_kt_next_entry(context, keytab, entry, cursor) krb5_x((keytab)->ops->get_next,(context, keytab, entry, cursor)) 1417 #define krb5_kt_end_seq_get(context, keytab, cursor) krb5_x((keytab)->ops->end_get,(context, keytab, cursor)) 1418 /* remove and add are functions, so that they can return NOWRITE 1419 if not a writable keytab */ 1420 1421 1422 extern krb5_kt_ops krb5_kt_dfl_ops; 1423 1424 /* 1425 * end "keytab.h" 1426 */ 1427 1428 /* 1429 * begin "func-proto.h" 1430 */ 1431 1432 krb5_error_code KRB5_CALLCONV krb5_init_context 1433 KRB5_PROTOTYPE((krb5_context *)); 1434 krb5_error_code KRB5_CALLCONV krb5_init_secure_context 1435 KRB5_PROTOTYPE((krb5_context *)); 1436 void KRB5_CALLCONV krb5_free_context 1437 KRB5_PROTOTYPE((krb5_context)); 1438 1439 krb5_error_code krb5_init_ef_handle(krb5_context); 1440 krb5_error_code krb5_free_ef_handle(krb5_context); 1441 1442 krb5_boolean krb5_privacy_allowed(void); 1443 1444 krb5_error_code krb5_set_default_in_tkt_ktypes 1445 KRB5_PROTOTYPE((krb5_context, 1446 krb5_const krb5_enctype *)); 1447 krb5_error_code krb5_get_default_in_tkt_ktypes 1448 KRB5_PROTOTYPE((krb5_context, 1449 krb5_enctype **)); 1450 1451 krb5_error_code krb5_set_default_tgs_ktypes 1452 KRB5_PROTOTYPE((krb5_context, 1453 krb5_const krb5_enctype *)); 1454 krb5_error_code KRB5_CALLCONV 1455 krb5_set_default_tgs_enctypes 1456 (krb5_context, 1457 krb5_const krb5_enctype *); 1458 krb5_error_code KRB5_CALLCONV krb5_get_tgs_ktypes 1459 KRB5_PROTOTYPE((krb5_context, 1460 krb5_const_principal, 1461 krb5_enctype **)); 1462 1463 krb5_error_code krb5_get_permitted_enctypes 1464 KRB5_PROTOTYPE((krb5_context, krb5_enctype **)); 1465 void KRB5_CALLCONV krb5_free_ktypes 1466 KRB5_PROTOTYPE ((krb5_context, krb5_enctype *)); 1467 1468 krb5_boolean krb5_is_permitted_enctype 1469 KRB5_PROTOTYPE((krb5_context, krb5_enctype)); 1470 1471 /* libkrb.spec */ 1472 krb5_error_code krb5_kdc_rep_decrypt_proc 1473 KRB5_PROTOTYPE((krb5_context, 1474 krb5_const krb5_keyblock *, 1475 krb5_const_pointer, 1476 krb5_kdc_rep * )); 1477 krb5_error_code krb5_decrypt_tkt_part 1478 KRB5_PROTOTYPE((krb5_context, 1479 krb5_const krb5_keyblock *, 1480 krb5_ticket * )); 1481 krb5_error_code krb5_get_cred_from_kdc 1482 KRB5_PROTOTYPE((krb5_context, 1483 krb5_ccache, /* not const, as reading may save 1484 state */ 1485 krb5_creds *, 1486 krb5_creds **, 1487 krb5_creds *** )); 1488 krb5_error_code krb5_get_cred_from_kdc_validate 1489 KRB5_PROTOTYPE((krb5_context, 1490 krb5_ccache, /* not const, as reading may save 1491 state */ 1492 krb5_creds *, 1493 krb5_creds **, 1494 krb5_creds *** )); 1495 krb5_error_code krb5_get_cred_from_kdc_renew 1496 KRB5_PROTOTYPE((krb5_context, 1497 krb5_ccache, /* not const, as reading may save 1498 state */ 1499 krb5_creds *, 1500 krb5_creds **, 1501 krb5_creds *** )); 1502 void KRB5_CALLCONV krb5_free_tgt_creds 1503 KRB5_PROTOTYPE((krb5_context, 1504 krb5_creds ** )); /* XXX too hard to do with const */ 1505 1506 #define KRB5_GC_USER_USER 1 /* want user-user ticket */ 1507 #define KRB5_GC_CACHED 2 /* want cached ticket only */ 1508 1509 krb5_error_code KRB5_CALLCONV krb5_get_credentials 1510 KRB5_PROTOTYPE((krb5_context, 1511 krb5_const krb5_flags, 1512 krb5_ccache, 1513 krb5_creds *, 1514 krb5_creds * *)); 1515 krb5_error_code KRB5_CALLCONV krb5_get_credentials_validate 1516 KRB5_PROTOTYPE((krb5_context, 1517 krb5_const krb5_flags, 1518 krb5_ccache, 1519 krb5_creds *, 1520 krb5_creds * *)); 1521 krb5_error_code KRB5_CALLCONV krb5_get_credentials_renew 1522 KRB5_PROTOTYPE((krb5_context, 1523 krb5_const krb5_flags, 1524 krb5_ccache, 1525 krb5_creds *, 1526 krb5_creds * *)); 1527 krb5_error_code krb5_get_cred_via_tkt 1528 KRB5_PROTOTYPE((krb5_context, 1529 krb5_creds *, 1530 krb5_const krb5_flags, 1531 krb5_address * krb5_const *, 1532 krb5_creds *, 1533 krb5_creds **)); 1534 krb5_error_code KRB5_CALLCONV krb5_mk_req 1535 KRB5_PROTOTYPE((krb5_context, 1536 krb5_auth_context *, 1537 krb5_const krb5_flags, 1538 char *, 1539 char *, 1540 krb5_data *, 1541 krb5_ccache, 1542 krb5_data * )); 1543 krb5_error_code KRB5_CALLCONV krb5_mk_req_extended 1544 KRB5_PROTOTYPE((krb5_context, 1545 krb5_auth_context *, 1546 krb5_const krb5_flags, 1547 krb5_data *, 1548 krb5_creds *, 1549 krb5_data * )); 1550 krb5_error_code KRB5_CALLCONV krb5_mk_rep 1551 KRB5_PROTOTYPE((krb5_context, 1552 krb5_auth_context, 1553 krb5_data *)); 1554 krb5_error_code KRB5_CALLCONV krb5_rd_rep 1555 KRB5_PROTOTYPE((krb5_context, 1556 krb5_auth_context, 1557 krb5_const krb5_data *, 1558 krb5_ap_rep_enc_part * *)); 1559 krb5_error_code KRB5_CALLCONV krb5_mk_error 1560 KRB5_PROTOTYPE((krb5_context, 1561 krb5_const krb5_error *, 1562 krb5_data * )); 1563 krb5_error_code KRB5_CALLCONV krb5_rd_error 1564 KRB5_PROTOTYPE((krb5_context, 1565 krb5_const krb5_data *, 1566 krb5_error * * )); 1567 krb5_error_code KRB5_CALLCONV krb5_rd_safe 1568 KRB5_PROTOTYPE((krb5_context, 1569 krb5_auth_context, 1570 krb5_const krb5_data *, 1571 krb5_data *, 1572 krb5_replay_data *)); 1573 krb5_error_code KRB5_CALLCONV krb5_rd_priv 1574 KRB5_PROTOTYPE((krb5_context, 1575 krb5_auth_context, 1576 krb5_const krb5_data *, 1577 krb5_data *, 1578 krb5_replay_data *)); 1579 krb5_error_code KRB5_CALLCONV krb5_parse_name 1580 KRB5_PROTOTYPE((krb5_context, 1581 krb5_const char *, 1582 krb5_principal * )); 1583 krb5_error_code KRB5_CALLCONV krb5_unparse_name 1584 KRB5_PROTOTYPE((krb5_context, 1585 krb5_const_principal, 1586 char * * )); 1587 krb5_error_code KRB5_CALLCONV krb5_unparse_name_ext 1588 KRB5_PROTOTYPE((krb5_context, 1589 krb5_const_principal, 1590 char * *, 1591 int *)); 1592 1593 krb5_error_code KRB5_CALLCONV krb5_set_principal_realm 1594 KRB5_PROTOTYPE((krb5_context, krb5_principal, const char *)); 1595 1596 krb5_boolean krb5_address_search 1597 KRB5_PROTOTYPE((krb5_context, 1598 krb5_const krb5_address *, 1599 krb5_address * krb5_const *)); 1600 krb5_boolean krb5_address_compare 1601 KRB5_PROTOTYPE((krb5_context, 1602 krb5_const krb5_address *, 1603 krb5_const krb5_address *)); 1604 int krb5_address_order 1605 KRB5_PROTOTYPE((krb5_context, 1606 krb5_const krb5_address *, 1607 krb5_const krb5_address *)); 1608 krb5_boolean krb5_realm_compare 1609 KRB5_PROTOTYPE((krb5_context, 1610 krb5_const_principal, 1611 krb5_const_principal)); 1612 krb5_boolean KRB5_CALLCONV krb5_principal_compare 1613 KRB5_PROTOTYPE((krb5_context, 1614 krb5_const_principal, 1615 krb5_const_principal)); 1616 krb5_error_code KRB5_CALLCONV krb5_copy_keyblock 1617 KRB5_PROTOTYPE((krb5_context, 1618 krb5_const krb5_keyblock *, 1619 krb5_keyblock * *)); 1620 krb5_error_code KRB5_CALLCONV krb5_copy_keyblock_contents 1621 KRB5_PROTOTYPE((krb5_context, 1622 krb5_const krb5_keyblock *, 1623 krb5_keyblock *)); 1624 /* 1625 * Solaris Kerberos: 1626 * krb5_copy_keyblock_data is a new routine to hide the details 1627 * of a keyblock copy operation. 1628 */ 1629 krb5_error_code KRB5_CALLCONV krb5_copy_keyblock_data 1630 KRB5_PROTOTYPE((krb5_context, 1631 krb5_const krb5_keyblock *, 1632 krb5_keyblock *)); 1633 krb5_error_code KRB5_CALLCONV krb5_copy_creds 1634 KRB5_PROTOTYPE((krb5_context, 1635 krb5_const krb5_creds *, 1636 krb5_creds * *)); 1637 krb5_error_code KRB5_CALLCONV krb5_copy_data 1638 KRB5_PROTOTYPE((krb5_context, 1639 krb5_const krb5_data *, 1640 krb5_data * *)); 1641 krb5_error_code KRB5_CALLCONV krb5_copy_principal 1642 KRB5_PROTOTYPE((krb5_context, 1643 krb5_const_principal, 1644 krb5_principal *)); 1645 krb5_error_code KRB5_CALLCONV krb5_copy_addr 1646 KRB5_PROTOTYPE((krb5_context, 1647 const krb5_address *, 1648 krb5_address * *)); 1649 krb5_error_code KRB5_CALLCONV krb5_copy_addresses 1650 KRB5_PROTOTYPE((krb5_context, 1651 krb5_address * krb5_const *, 1652 krb5_address * * *)); 1653 krb5_error_code KRB5_CALLCONV krb5_copy_ticket 1654 KRB5_PROTOTYPE((krb5_context, 1655 krb5_const krb5_ticket *, 1656 krb5_ticket * *)); 1657 krb5_error_code KRB5_CALLCONV krb5_copy_authdata 1658 KRB5_PROTOTYPE((krb5_context, 1659 krb5_authdata * krb5_const *, 1660 krb5_authdata * * *)); 1661 krb5_error_code KRB5_CALLCONV krb5_copy_authenticator 1662 KRB5_PROTOTYPE((krb5_context, 1663 krb5_const krb5_authenticator *, 1664 krb5_authenticator * *)); 1665 krb5_error_code KRB5_CALLCONV krb5_copy_checksum 1666 KRB5_PROTOTYPE((krb5_context, 1667 krb5_const krb5_checksum *, 1668 krb5_checksum * *)); 1669 void krb5_init_ets 1670 KRB5_PROTOTYPE((krb5_context)); 1671 void krb5_free_ets 1672 KRB5_PROTOTYPE((krb5_context)); 1673 krb5_error_code krb5_generate_subkey 1674 KRB5_PROTOTYPE((krb5_context, 1675 krb5_const krb5_keyblock *, krb5_keyblock **)); 1676 krb5_error_code krb5_generate_seq_number 1677 KRB5_PROTOTYPE((krb5_context, 1678 krb5_const krb5_keyblock *, krb5_int32 *)); 1679 krb5_error_code KRB5_CALLCONV krb5_get_server_rcache 1680 KRB5_PROTOTYPE((krb5_context, 1681 krb5_const krb5_data *, krb5_rcache *)); 1682 krb5_error_code KRB5_CALLCONV_C krb5_build_principal_ext 1683 KRB5_STDARG_P((krb5_context, krb5_principal *, int, krb5_const char *, ...)); 1684 krb5_error_code krb5_build_principal 1685 KRB5_STDARG_P((krb5_context, krb5_principal *, int, krb5_const char *, ...)); 1686 #ifdef va_start 1687 /* XXX depending on varargs include file defining va_start... */ 1688 krb5_error_code krb5_build_principal_va 1689 KRB5_PROTOTYPE((krb5_context, 1690 krb5_principal *, int, krb5_const char *, va_list)); 1691 #endif 1692 1693 krb5_error_code KRB5_CALLCONV krb5_425_conv_principal 1694 KRB5_PROTOTYPE((krb5_context, 1695 krb5_const char *name, 1696 krb5_const char *instance, krb5_const char *realm, 1697 krb5_principal *princ)); 1698 1699 krb5_error_code KRB5_CALLCONV krb5_524_conv_principal 1700 KRB5_PROTOTYPE((krb5_context context, krb5_const krb5_principal princ, 1701 char *name, char *inst, char *realm)); 1702 1703 /* libkt.spec */ 1704 krb5_error_code KRB5_CALLCONV krb5_kt_register 1705 KRB5_PROTOTYPE((krb5_context, 1706 krb5_kt_ops * )); 1707 krb5_error_code KRB5_CALLCONV krb5_kt_resolve 1708 KRB5_PROTOTYPE((krb5_context, 1709 krb5_const char *, 1710 krb5_keytab * )); 1711 krb5_error_code KRB5_CALLCONV krb5_kt_default_name 1712 KRB5_PROTOTYPE((krb5_context, 1713 char *, 1714 int )); 1715 krb5_error_code KRB5_CALLCONV krb5_kt_default 1716 KRB5_PROTOTYPE((krb5_context, 1717 krb5_keytab * )); 1718 krb5_error_code KRB5_CALLCONV krb5_kt_free_entry 1719 KRB5_PROTOTYPE((krb5_context, 1720 krb5_keytab_entry * )); 1721 /* remove and add are functions, so that they can return NOWRITE 1722 if not a writable keytab */ 1723 krb5_error_code KRB5_CALLCONV krb5_kt_remove_entry 1724 KRB5_PROTOTYPE((krb5_context, 1725 krb5_keytab, 1726 krb5_keytab_entry * )); 1727 krb5_error_code KRB5_CALLCONV krb5_kt_add_entry 1728 KRB5_PROTOTYPE((krb5_context, 1729 krb5_keytab, 1730 krb5_keytab_entry * )); 1731 krb5_error_code krb5_principal2salt 1732 KRB5_PROTOTYPE((krb5_context, 1733 krb5_const_principal, krb5_data *)); 1734 krb5_error_code krb5_principal2salt_norealm 1735 KRB5_PROTOTYPE((krb5_context, 1736 krb5_const_principal, krb5_data *)); 1737 1738 /* librc.spec--see rcache.h */ 1739 1740 /* libcc.spec */ 1741 krb5_error_code KRB5_CALLCONV krb5_cc_resolve 1742 KRB5_PROTOTYPE((krb5_context, 1743 const char *, 1744 krb5_ccache * )); 1745 const char * KRB5_CALLCONV krb5_cc_default_name 1746 KRB5_PROTOTYPE((krb5_context)); 1747 krb5_error_code KRB5_CALLCONV krb5_cc_set_default_name 1748 KRB5_PROTOTYPE((krb5_context, const char *)); 1749 krb5_error_code KRB5_CALLCONV krb5_cc_default 1750 KRB5_PROTOTYPE((krb5_context, 1751 krb5_ccache *)); 1752 unsigned int KRB5_CALLCONV krb5_get_notification_message 1753 KRB5_PROTOTYPE((void)); 1754 1755 krb5_error_code KRB5_CALLCONV krb5_cc_copy_creds 1756 KRB5_PROTOTYPE((krb5_context context, 1757 krb5_ccache incc, 1758 krb5_ccache outcc)); 1759 1760 krb5_error_code krb5_cc_generate_new 1761 KRB5_PROTOTYPE((krb5_context, 1762 krb5_cc_ops *, 1763 krb5_ccache * )); 1764 1765 /* chk_trans.c */ 1766 krb5_error_code krb5_check_transited_list 1767 KRB5_PROTOTYPE((krb5_context, 1768 krb5_data *trans, const krb5_data *realm1, 1769 const krb5_data *realm2)); 1770 1771 /* free_rtree.c */ 1772 void krb5_free_realm_tree 1773 KRB5_PROTOTYPE((krb5_context, 1774 krb5_principal *)); 1775 1776 /* krb5_free.c */ 1777 void KRB5_CALLCONV krb5_free_principal 1778 KRB5_PROTOTYPE((krb5_context, krb5_principal )); 1779 void KRB5_CALLCONV krb5_free_authenticator 1780 KRB5_PROTOTYPE((krb5_context, krb5_authenticator * )); 1781 void KRB5_CALLCONV krb5_free_authenticator_contents 1782 KRB5_PROTOTYPE((krb5_context, krb5_authenticator * )); 1783 void KRB5_CALLCONV krb5_free_addresses 1784 KRB5_PROTOTYPE((krb5_context, krb5_address * * )); 1785 void KRB5_CALLCONV krb5_free_address 1786 KRB5_PROTOTYPE((krb5_context, krb5_address * )); 1787 void KRB5_CALLCONV krb5_free_authdata 1788 KRB5_PROTOTYPE((krb5_context, krb5_authdata * * )); 1789 void KRB5_CALLCONV krb5_free_enc_tkt_part 1790 KRB5_PROTOTYPE((krb5_context, krb5_enc_tkt_part * )); 1791 void KRB5_CALLCONV krb5_free_ticket 1792 KRB5_PROTOTYPE((krb5_context, krb5_ticket * )); 1793 void KRB5_CALLCONV krb5_free_tickets 1794 KRB5_PROTOTYPE((krb5_context, krb5_ticket * * )); 1795 void KRB5_CALLCONV krb5_free_kdc_req 1796 KRB5_PROTOTYPE((krb5_context, krb5_kdc_req * )); 1797 void KRB5_CALLCONV krb5_free_kdc_rep 1798 KRB5_PROTOTYPE((krb5_context, krb5_kdc_rep * )); 1799 void KRB5_CALLCONV krb5_free_last_req 1800 KRB5_PROTOTYPE((krb5_context, krb5_last_req_entry * * )); 1801 void KRB5_CALLCONV krb5_free_enc_kdc_rep_part 1802 KRB5_PROTOTYPE((krb5_context, krb5_enc_kdc_rep_part * )); 1803 void KRB5_CALLCONV krb5_free_error 1804 KRB5_PROTOTYPE((krb5_context, krb5_error * )); 1805 void KRB5_CALLCONV krb5_free_ap_req 1806 KRB5_PROTOTYPE((krb5_context, krb5_ap_req * )); 1807 void KRB5_CALLCONV krb5_free_ap_rep 1808 KRB5_PROTOTYPE((krb5_context, krb5_ap_rep * )); 1809 void KRB5_CALLCONV krb5_free_safe 1810 KRB5_PROTOTYPE((krb5_context, krb5_safe * )); 1811 void KRB5_CALLCONV krb5_free_priv 1812 KRB5_PROTOTYPE((krb5_context, krb5_priv * )); 1813 void KRB5_CALLCONV krb5_free_priv_enc_part 1814 KRB5_PROTOTYPE((krb5_context, krb5_priv_enc_part * )); 1815 void KRB5_CALLCONV krb5_free_cred 1816 KRB5_PROTOTYPE((krb5_context, krb5_cred *)); 1817 void KRB5_CALLCONV krb5_free_creds 1818 KRB5_PROTOTYPE((krb5_context, krb5_creds *)); 1819 void KRB5_CALLCONV krb5_free_cred_contents 1820 KRB5_PROTOTYPE((krb5_context, krb5_creds *)); 1821 void KRB5_CALLCONV krb5_free_cred_enc_part 1822 KRB5_PROTOTYPE((krb5_context, krb5_cred_enc_part *)); 1823 void KRB5_CALLCONV krb5_free_checksum 1824 KRB5_PROTOTYPE((krb5_context, krb5_checksum *)); 1825 void KRB5_CALLCONV krb5_free_checksum_contents 1826 KRB5_PROTOTYPE((krb5_context, krb5_checksum *)); 1827 void KRB5_CALLCONV krb5_free_keyblock 1828 KRB5_PROTOTYPE((krb5_context, krb5_keyblock *)); 1829 void KRB5_CALLCONV krb5_free_keyblock_contents 1830 KRB5_PROTOTYPE((krb5_context, krb5_keyblock *)); 1831 void KRB5_CALLCONV krb5_free_pa_data 1832 KRB5_PROTOTYPE((krb5_context, krb5_pa_data * *)); 1833 void KRB5_CALLCONV krb5_free_ap_rep_enc_part 1834 KRB5_PROTOTYPE((krb5_context, krb5_ap_rep_enc_part *)); 1835 void KRB5_CALLCONV krb5_free_tkt_authent 1836 KRB5_PROTOTYPE((krb5_context, krb5_tkt_authent *)); 1837 void KRB5_CALLCONV krb5_free_pwd_data 1838 KRB5_PROTOTYPE((krb5_context, krb5_pwd_data *)); 1839 void KRB5_CALLCONV krb5_free_pwd_sequences 1840 KRB5_PROTOTYPE((krb5_context, passwd_phrase_element * *)); 1841 void KRB5_CALLCONV krb5_free_data 1842 KRB5_PROTOTYPE((krb5_context, krb5_data *)); 1843 void KRB5_CALLCONV krb5_free_data_contents 1844 KRB5_PROTOTYPE((krb5_context, krb5_data *)); 1845 void KRB5_CALLCONV krb5_free_unparsed_name 1846 KRB5_PROTOTYPE((krb5_context, char *)); 1847 void KRB5_CALLCONV krb5_free_cksumtypes 1848 KRB5_PROTOTYPE((krb5_context, krb5_cksumtype *)); 1849 1850 /* From krb5/os but needed but by the outside world */ 1851 krb5_error_code KRB5_CALLCONV krb5_us_timeofday 1852 KRB5_PROTOTYPE((krb5_context, 1853 krb5_int32 *, 1854 krb5_int32 * )); 1855 krb5_error_code KRB5_CALLCONV krb5_timeofday 1856 KRB5_PROTOTYPE((krb5_context, 1857 krb5_int32 * )); 1858 /* get all the addresses of this host */ 1859 krb5_error_code KRB5_CALLCONV krb5_os_localaddr 1860 KRB5_PROTOTYPE((krb5_context, 1861 krb5_address * * *)); 1862 1863 int KRB5_CALLCONV foreach_localaddr 1864 KRB5_PROTOTYPE((void *, 1865 int (*pass1fn)(void *, struct sockaddr *), 1866 int (*betweenfn)(void *), 1867 int (*pass2fn)(void *, struct sockaddr *))); 1868 krb5_error_code KRB5_CALLCONV krb5_get_default_realm 1869 KRB5_PROTOTYPE((krb5_context, 1870 char * * )); 1871 krb5_error_code KRB5_CALLCONV krb5_set_default_realm 1872 KRB5_PROTOTYPE((krb5_context, 1873 krb5_const char * )); 1874 void KRB5_CALLCONV krb5_free_default_realm 1875 KRB5_PROTOTYPE((krb5_context, 1876 char * )); 1877 krb5_error_code KRB5_CALLCONV krb5_sname_to_principal 1878 KRB5_PROTOTYPE((krb5_context, 1879 krb5_const char *, 1880 krb5_const char *, 1881 krb5_int32, 1882 krb5_principal *)); 1883 1884 krb5_error_code krb5_set_config_files 1885 KRB5_PROTOTYPE ((krb5_context, krb5_const char * *)); 1886 1887 krb5_error_code krb5_secure_config_files 1888 KRB5_PROTOTYPE ((krb5_context)); 1889 1890 krb5_error_code KRB5_CALLCONV krb5_get_default_config_files 1891 KRB5_PROTOTYPE((char ***filenames)); 1892 1893 void KRB5_CALLCONV krb5_free_config_files 1894 KRB5_PROTOTYPE((char **filenames)); 1895 1896 #ifndef _KERNEL 1897 krb5_error_code KRB5_CALLCONV krb5_get_profile 1898 KRB5_PROTOTYPE((krb5_context, profile_t *)); 1899 #endif 1900 1901 krb5_error_code krb5_send_tgs 1902 KRB5_PROTOTYPE((krb5_context, 1903 krb5_const krb5_flags, 1904 krb5_const krb5_ticket_times *, 1905 krb5_const krb5_enctype *, 1906 krb5_const_principal, 1907 krb5_address * krb5_const *, 1908 krb5_authdata * krb5_const *, 1909 krb5_pa_data * krb5_const *, 1910 krb5_const krb5_data *, 1911 krb5_creds *, 1912 krb5_response * )); 1913 1914 krb5_error_code krb5_decode_kdc_rep 1915 KRB5_PROTOTYPE((krb5_context, 1916 krb5_data *, 1917 krb5_const krb5_keyblock *, 1918 krb5_kdc_rep ** )); 1919 1920 krb5_error_code KRB5_CALLCONV krb5_rd_req 1921 KRB5_PROTOTYPE((krb5_context, 1922 krb5_auth_context *, 1923 krb5_const krb5_data *, 1924 krb5_const_principal, 1925 krb5_keytab, 1926 krb5_flags *, 1927 krb5_ticket * *)); 1928 1929 krb5_error_code krb5_rd_req_decoded 1930 KRB5_PROTOTYPE((krb5_context, 1931 krb5_auth_context *, 1932 krb5_const krb5_ap_req *, 1933 krb5_const_principal, 1934 krb5_keytab, 1935 krb5_flags *, 1936 krb5_ticket **)); 1937 1938 krb5_error_code krb5_rd_req_decoded_anyflag 1939 KRB5_PROTOTYPE((krb5_context, 1940 krb5_auth_context *, 1941 krb5_const krb5_ap_req *, 1942 krb5_const_principal, 1943 krb5_keytab, 1944 krb5_flags *, 1945 krb5_ticket **)); 1946 1947 krb5_error_code KRB5_CALLCONV krb5_kt_read_service_key 1948 KRB5_PROTOTYPE((krb5_context, 1949 krb5_pointer, 1950 krb5_principal, 1951 krb5_kvno, 1952 krb5_enctype, 1953 krb5_keyblock * *)); 1954 krb5_error_code KRB5_CALLCONV krb5_mk_safe 1955 KRB5_PROTOTYPE((krb5_context, 1956 krb5_auth_context, 1957 krb5_const krb5_data *, 1958 krb5_data *, 1959 krb5_replay_data *)); 1960 krb5_error_code KRB5_CALLCONV krb5_mk_priv 1961 KRB5_PROTOTYPE((krb5_context, 1962 krb5_auth_context, 1963 krb5_const krb5_data *, 1964 krb5_data *, 1965 krb5_replay_data *)); 1966 krb5_error_code KRB5_CALLCONV krb5_cc_register 1967 KRB5_PROTOTYPE((krb5_context, 1968 krb5_cc_ops *, 1969 krb5_boolean )); 1970 1971 krb5_error_code KRB5_CALLCONV krb5_sendauth 1972 KRB5_PROTOTYPE((krb5_context, 1973 krb5_auth_context *, 1974 krb5_pointer, 1975 char *, 1976 krb5_principal, 1977 krb5_principal, 1978 krb5_flags, 1979 krb5_data *, 1980 krb5_creds *, 1981 krb5_ccache, 1982 krb5_error * *, 1983 krb5_ap_rep_enc_part * *, 1984 krb5_creds * *)); 1985 1986 krb5_error_code KRB5_CALLCONV krb5_recvauth 1987 KRB5_PROTOTYPE((krb5_context, 1988 krb5_auth_context *, 1989 krb5_pointer, 1990 char *, 1991 krb5_principal, 1992 krb5_int32, 1993 krb5_keytab, 1994 krb5_ticket * *)); 1995 krb5_error_code KRB5_CALLCONV krb5_recvauth_version 1996 KRB5_PROTOTYPE((krb5_context, 1997 krb5_auth_context *, 1998 krb5_pointer, 1999 krb5_principal, 2000 krb5_int32, 2001 krb5_keytab, 2002 krb5_ticket * *, 2003 krb5_data *)); 2004 2005 krb5_error_code krb5_walk_realm_tree 2006 KRB5_PROTOTYPE((krb5_context, 2007 krb5_const krb5_data *, 2008 krb5_const krb5_data *, 2009 krb5_principal **, 2010 int)); 2011 2012 krb5_error_code KRB5_CALLCONV krb5_mk_ncred 2013 KRB5_PROTOTYPE((krb5_context, 2014 krb5_auth_context, 2015 krb5_creds * *, 2016 krb5_data * *, 2017 krb5_replay_data *)); 2018 2019 krb5_error_code KRB5_CALLCONV krb5_mk_1cred 2020 KRB5_PROTOTYPE((krb5_context, 2021 krb5_auth_context, 2022 krb5_creds *, 2023 krb5_data * *, 2024 krb5_replay_data *)); 2025 2026 krb5_error_code KRB5_CALLCONV krb5_rd_cred 2027 KRB5_PROTOTYPE((krb5_context, 2028 krb5_auth_context, 2029 krb5_data *, 2030 krb5_creds * * *, 2031 krb5_replay_data *)); 2032 2033 krb5_error_code KRB5_CALLCONV krb5_fwd_tgt_creds 2034 KRB5_PROTOTYPE((krb5_context, 2035 krb5_auth_context, 2036 char *, 2037 krb5_principal, 2038 krb5_principal, 2039 krb5_ccache, 2040 int forwardable, 2041 krb5_data *)); 2042 2043 krb5_error_code KRB5_CALLCONV krb5_auth_con_init 2044 KRB5_PROTOTYPE((krb5_context, 2045 krb5_auth_context *)); 2046 2047 krb5_error_code KRB5_CALLCONV krb5_auth_con_free 2048 KRB5_PROTOTYPE((krb5_context, 2049 krb5_auth_context)); 2050 2051 krb5_error_code KRB5_CALLCONV krb5_auth_con_setflags 2052 KRB5_PROTOTYPE((krb5_context, 2053 krb5_auth_context, 2054 krb5_int32)); 2055 2056 krb5_error_code KRB5_CALLCONV krb5_auth_con_getflags 2057 KRB5_PROTOTYPE((krb5_context, 2058 krb5_auth_context, 2059 krb5_int32 *)); 2060 2061 krb5_error_code KRB5_CALLCONV 2062 krb5_auth_con_set_checksum_func (krb5_context, krb5_auth_context, 2063 krb5_mk_req_checksum_func, void *); 2064 2065 krb5_error_code KRB5_CALLCONV 2066 krb5_auth_con_get_checksum_func( krb5_context, krb5_auth_context, 2067 krb5_mk_req_checksum_func *, void **); 2068 2069 krb5_error_code krb5_auth_con_setaddrs 2070 KRB5_PROTOTYPE((krb5_context, 2071 krb5_auth_context, 2072 krb5_address *, 2073 krb5_address *)); 2074 2075 krb5_error_code krb5_auth_con_getaddrs 2076 KRB5_PROTOTYPE((krb5_context, 2077 krb5_auth_context, 2078 krb5_address **, 2079 krb5_address **)); 2080 2081 krb5_error_code krb5_auth_con_setports 2082 KRB5_PROTOTYPE((krb5_context, 2083 krb5_auth_context, 2084 krb5_address *, 2085 krb5_address *)); 2086 2087 krb5_error_code KRB5_CALLCONV krb5_auth_con_setuseruserkey 2088 KRB5_PROTOTYPE((krb5_context, 2089 krb5_auth_context, 2090 krb5_keyblock *)); 2091 2092 krb5_error_code KRB5_CALLCONV krb5_auth_con_getkey 2093 KRB5_PROTOTYPE((krb5_context, 2094 krb5_auth_context, 2095 krb5_keyblock **)); 2096 2097 krb5_error_code KRB5_CALLCONV krb5_auth_con_getsendsubkey( 2098 krb5_context, krb5_auth_context, krb5_keyblock **); 2099 2100 krb5_error_code KRB5_CALLCONV krb5_auth_con_getrecvsubkey( 2101 krb5_context, krb5_auth_context, krb5_keyblock **); 2102 2103 krb5_error_code KRB5_CALLCONV krb5_auth_con_setsendsubkey( 2104 krb5_context, krb5_auth_context, krb5_keyblock *); 2105 2106 krb5_error_code KRB5_CALLCONV krb5_auth_con_setrecvsubkey( 2107 krb5_context, krb5_auth_context, krb5_keyblock *); 2108 2109 krb5_error_code KRB5_CALLCONV krb5_auth_con_getlocalsubkey 2110 KRB5_PROTOTYPE((krb5_context, 2111 krb5_auth_context, 2112 krb5_keyblock * *)); 2113 2114 krb5_error_code KRB5_CALLCONV krb5_auth_con_set_req_cksumtype 2115 KRB5_PROTOTYPE((krb5_context, 2116 krb5_auth_context, 2117 krb5_cksumtype)); 2118 2119 krb5_error_code krb5_auth_con_set_safe_cksumtype 2120 KRB5_PROTOTYPE((krb5_context, 2121 krb5_auth_context, 2122 krb5_cksumtype)); 2123 2124 krb5_error_code krb5_auth_con_getcksumtype 2125 KRB5_PROTOTYPE((krb5_context, 2126 krb5_auth_context, 2127 krb5_cksumtype *)); 2128 2129 krb5_error_code KRB5_CALLCONV krb5_auth_con_getlocalseqnumber 2130 KRB5_PROTOTYPE((krb5_context, 2131 krb5_auth_context, 2132 krb5_int32 *)); 2133 2134 krb5_error_code KRB5_CALLCONV krb5_auth_con_getremoteseqnumber 2135 KRB5_PROTOTYPE((krb5_context, 2136 krb5_auth_context, 2137 krb5_int32 *)); 2138 2139 krb5_error_code krb5_auth_con_initivector 2140 KRB5_PROTOTYPE((krb5_context, 2141 krb5_auth_context)); 2142 2143 krb5_error_code krb5_auth_con_setivector 2144 KRB5_PROTOTYPE((krb5_context, 2145 krb5_auth_context, 2146 krb5_pointer)); 2147 2148 krb5_error_code krb5_auth_con_getivector 2149 KRB5_PROTOTYPE((krb5_context, 2150 krb5_auth_context, 2151 krb5_pointer *)); 2152 2153 krb5_error_code KRB5_CALLCONV krb5_auth_con_setrcache 2154 KRB5_PROTOTYPE((krb5_context, 2155 krb5_auth_context, 2156 krb5_rcache)); 2157 2158 krb5_error_code krb5_auth_con_getrcache 2159 KRB5_PROTOTYPE((krb5_context, 2160 krb5_auth_context, 2161 krb5_rcache *)); 2162 2163 krb5_error_code KRB5_CALLCONV krb5_auth_con_getauthenticator 2164 KRB5_PROTOTYPE((krb5_context, 2165 krb5_auth_context, 2166 krb5_authenticator * *)); 2167 2168 krb5_error_code KRB5_CALLCONV krb5_auth_con_getremotesubkey 2169 KRB5_PROTOTYPE((krb5_context, 2170 krb5_auth_context, 2171 krb5_keyblock * *)); 2172 2173 #define KRB5_REALM_BRANCH_CHAR '.' 2174 2175 /* 2176 * end "func-proto.h" 2177 */ 2178 2179 /* 2180 * begin stuff from libos.h 2181 */ 2182 2183 krb5_error_code KRB5_CALLCONV krb5_read_password 2184 KRB5_PROTOTYPE((krb5_context, 2185 const char *, 2186 const char *, 2187 char *, 2188 unsigned int * )); 2189 krb5_error_code krb5_aname_to_localname 2190 KRB5_PROTOTYPE((krb5_context, 2191 krb5_const_principal, 2192 const int, 2193 char * )); 2194 krb5_error_code KRB5_CALLCONV krb5_get_host_realm 2195 KRB5_PROTOTYPE((krb5_context, 2196 const char *, 2197 char * * * )); 2198 krb5_error_code KRB5_CALLCONV krb5_free_host_realm 2199 KRB5_PROTOTYPE((krb5_context, 2200 char * const * )); 2201 krb5_error_code KRB5_CALLCONV krb5_get_realm_domain 2202 KRB5_PROTOTYPE((krb5_context, 2203 const char *, 2204 char ** )); 2205 krb5_boolean KRB5_CALLCONV krb5_kuserok 2206 KRB5_PROTOTYPE((krb5_context, 2207 krb5_principal, const char *)); 2208 krb5_error_code KRB5_CALLCONV krb5_auth_con_genaddrs 2209 KRB5_PROTOTYPE((krb5_context, 2210 krb5_auth_context, 2211 int, int)); 2212 krb5_error_code krb5_gen_portaddr 2213 KRB5_PROTOTYPE((krb5_context, 2214 const krb5_address *, 2215 krb5_const_pointer, 2216 krb5_address **)); 2217 krb5_error_code krb5_make_fulladdr 2218 KRB5_PROTOTYPE((krb5_context, 2219 krb5_address *, 2220 krb5_address *, 2221 krb5_address *)); 2222 2223 krb5_error_code krb5_os_hostaddr 2224 KRB5_PROTOTYPE((krb5_context, const char *, krb5_address ***)); 2225 2226 krb5_error_code krb5_set_real_time 2227 KRB5_PROTOTYPE((krb5_context, krb5_int32, krb5_int32)); 2228 krb5_error_code krb5_set_debugging_time 2229 KRB5_PROTOTYPE((krb5_context, krb5_int32, krb5_int32)); 2230 krb5_error_code krb5_use_natural_time 2231 KRB5_PROTOTYPE((krb5_context)); 2232 krb5_error_code krb5_get_time_offsets 2233 KRB5_PROTOTYPE((krb5_context, krb5_int32 *, krb5_int32 *)); 2234 krb5_error_code krb5_set_time_offsets 2235 KRB5_PROTOTYPE((krb5_context, krb5_int32, krb5_int32)); 2236 2237 /* str_conv.c */ 2238 krb5_error_code KRB5_CALLCONV krb5_string_to_enctype 2239 KRB5_PROTOTYPE((char *, krb5_enctype *)); 2240 krb5_error_code KRB5_CALLCONV krb5_string_to_salttype 2241 KRB5_PROTOTYPE((char *, krb5_int32 *)); 2242 krb5_error_code KRB5_CALLCONV krb5_string_to_cksumtype 2243 KRB5_PROTOTYPE((char *, krb5_cksumtype *)); 2244 krb5_error_code KRB5_CALLCONV krb5_string_to_timestamp 2245 KRB5_PROTOTYPE((char *, krb5_timestamp *)); 2246 krb5_error_code KRB5_CALLCONV krb5_string_to_deltat 2247 KRB5_PROTOTYPE((char *, krb5_deltat *)); 2248 krb5_error_code KRB5_CALLCONV krb5_enctype_to_string 2249 KRB5_PROTOTYPE((krb5_enctype, char *, size_t)); 2250 krb5_error_code KRB5_CALLCONV krb5_salttype_to_string 2251 KRB5_PROTOTYPE((krb5_int32, char *, size_t)); 2252 krb5_error_code KRB5_CALLCONV krb5_cksumtype_to_string 2253 KRB5_PROTOTYPE((krb5_cksumtype, char *, size_t)); 2254 krb5_error_code KRB5_CALLCONV krb5_timestamp_to_string 2255 KRB5_PROTOTYPE((krb5_timestamp, char *, size_t)); 2256 krb5_error_code KRB5_CALLCONV krb5_timestamp_to_sfstring 2257 KRB5_PROTOTYPE((krb5_timestamp, char *, size_t, char *)); 2258 krb5_error_code KRB5_CALLCONV krb5_deltat_to_string 2259 KRB5_PROTOTYPE((krb5_deltat, char *, size_t)); 2260 2261 /* 2262 * end stuff from libos.h 2263 */ 2264 2265 /* 2266 * begin "k5-free.h" 2267 */ 2268 2269 /* to keep lint happy */ 2270 #ifdef _KERNEL 2271 #define krb5_xfree_wrap(val,n) kmem_free((char *)(val),n) 2272 #else 2273 #define krb5_xfree_wrap(val,n) free((char *)(val)) 2274 #define krb5_xfree(val) free((char *)(val)) 2275 #endif 2276 2277 /* 2278 * end "k5-free.h" 2279 */ 2280 2281 /* The name of the Kerberos ticket granting service... and its size */ 2282 #define KRB5_TGS_NAME "krbtgt" 2283 #define KRB5_TGS_NAME_SIZE 6 2284 2285 /* flags for recvauth */ 2286 #define KRB5_RECVAUTH_SKIP_VERSION 0x0001 2287 #define KRB5_RECVAUTH_BADAUTHVERS 0x0002 2288 2289 /* initial ticket api functions */ 2290 2291 typedef struct _krb5_prompt { 2292 char *prompt; 2293 int hidden; 2294 krb5_data *reply; 2295 } krb5_prompt; 2296 2297 typedef krb5_error_code (KRB5_CALLCONV *krb5_prompter_fct)(krb5_context context, 2298 void *data, 2299 const char *name, 2300 const char *banner, 2301 int num_prompts, 2302 krb5_prompt prompts[]); 2303 2304 2305 krb5_error_code KRB5_CALLCONV 2306 krb5_prompter_posix 2307 KRB5_PROTOTYPE((krb5_context context, 2308 void *data, 2309 const char *name, 2310 const char *banner, 2311 int num_prompts, 2312 krb5_prompt prompts[])); 2313 2314 typedef struct _krb5_get_init_creds_opt { 2315 krb5_flags flags; 2316 krb5_deltat tkt_life; 2317 krb5_deltat renew_life; 2318 int forwardable; 2319 int proxiable; 2320 krb5_enctype *etype_list; 2321 int etype_list_length; 2322 krb5_address **address_list; 2323 krb5_preauthtype *preauth_list; 2324 int preauth_list_length; 2325 krb5_data *salt; 2326 } krb5_get_init_creds_opt; 2327 2328 #define KRB5_GET_INIT_CREDS_OPT_TKT_LIFE 0x0001 2329 #define KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE 0x0002 2330 #define KRB5_GET_INIT_CREDS_OPT_FORWARDABLE 0x0004 2331 #define KRB5_GET_INIT_CREDS_OPT_PROXIABLE 0x0008 2332 #define KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST 0x0010 2333 #define KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST 0x0020 2334 #define KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST 0x0040 2335 #define KRB5_GET_INIT_CREDS_OPT_SALT 0x0080 2336 2337 void KRB5_CALLCONV 2338 krb5_get_init_creds_opt_init 2339 KRB5_PROTOTYPE((krb5_get_init_creds_opt *opt)); 2340 2341 void KRB5_CALLCONV 2342 krb5_get_init_creds_opt_set_tkt_life 2343 KRB5_PROTOTYPE((krb5_get_init_creds_opt *opt, 2344 krb5_deltat tkt_life)); 2345 2346 void KRB5_CALLCONV 2347 krb5_get_init_creds_opt_set_renew_life 2348 KRB5_PROTOTYPE((krb5_get_init_creds_opt *opt, 2349 krb5_deltat renew_life)); 2350 2351 void KRB5_CALLCONV 2352 krb5_get_init_creds_opt_set_forwardable 2353 KRB5_PROTOTYPE((krb5_get_init_creds_opt *opt, 2354 int forwardable)); 2355 2356 void KRB5_CALLCONV 2357 krb5_get_init_creds_opt_set_proxiable 2358 KRB5_PROTOTYPE((krb5_get_init_creds_opt *opt, 2359 int proxiable)); 2360 2361 void KRB5_CALLCONV 2362 krb5_get_init_creds_opt_set_etype_list 2363 KRB5_PROTOTYPE((krb5_get_init_creds_opt *opt, 2364 krb5_enctype *etype_list, 2365 int etype_list_length)); 2366 2367 void KRB5_CALLCONV 2368 krb5_get_init_creds_opt_set_address_list 2369 KRB5_PROTOTYPE((krb5_get_init_creds_opt *opt, 2370 krb5_address **addresses)); 2371 2372 void KRB5_CALLCONV 2373 krb5_get_init_creds_opt_set_preauth_list 2374 KRB5_PROTOTYPE((krb5_get_init_creds_opt *opt, 2375 krb5_preauthtype *preauth_list, 2376 int preauth_list_length)); 2377 2378 void KRB5_CALLCONV 2379 krb5_get_init_creds_opt_set_salt 2380 KRB5_PROTOTYPE((krb5_get_init_creds_opt *opt, 2381 krb5_data *salt)); 2382 2383 krb5_error_code KRB5_CALLCONV 2384 krb5_get_init_creds_password 2385 KRB5_PROTOTYPE((krb5_context context, 2386 krb5_creds *creds, 2387 krb5_principal client, 2388 char *password, 2389 krb5_prompter_fct prompter, 2390 void *data, 2391 krb5_deltat start_time, 2392 char *in_tkt_service, 2393 krb5_get_init_creds_opt *options)); 2394 2395 krb5_error_code KRB5_CALLCONV 2396 krb5_get_init_creds_keytab 2397 KRB5_PROTOTYPE((krb5_context context, 2398 krb5_creds *creds, 2399 krb5_principal client, 2400 krb5_keytab arg_keytab, 2401 krb5_deltat start_time, 2402 char *in_tkt_service, 2403 krb5_get_init_creds_opt *options)); 2404 2405 typedef struct _krb5_verify_init_creds_opt { 2406 krb5_flags flags; 2407 int ap_req_nofail; 2408 } krb5_verify_init_creds_opt; 2409 2410 #define KRB5_VERIFY_INIT_CREDS_OPT_AP_REQ_NOFAIL 0x0001 2411 2412 void KRB5_CALLCONV 2413 krb5_verify_init_creds_opt_init 2414 KRB5_PROTOTYPE((krb5_verify_init_creds_opt *options)); 2415 void KRB5_CALLCONV 2416 krb5_verify_init_creds_opt_set_ap_req_nofail 2417 KRB5_PROTOTYPE((krb5_verify_init_creds_opt *options, 2418 int ap_req_nofail)); 2419 2420 krb5_error_code KRB5_CALLCONV 2421 krb5_verify_init_creds 2422 KRB5_PROTOTYPE((krb5_context context, 2423 krb5_creds *creds, 2424 krb5_principal ap_req_server, 2425 krb5_keytab ap_req_keytab, 2426 krb5_ccache *ccache, 2427 krb5_verify_init_creds_opt *options)); 2428 2429 krb5_error_code KRB5_CALLCONV 2430 krb5_get_validated_creds 2431 KRB5_PROTOTYPE((krb5_context context, 2432 krb5_creds *creds, 2433 krb5_principal client, 2434 krb5_ccache ccache, 2435 char *in_tkt_service)); 2436 2437 krb5_error_code KRB5_CALLCONV 2438 krb5_get_renewed_creds 2439 KRB5_PROTOTYPE((krb5_context context, 2440 krb5_creds *creds, 2441 krb5_principal client, 2442 krb5_ccache ccache, 2443 char *in_tkt_service)); 2444 2445 krb5_error_code KRB5_CALLCONV 2446 krb5_decode_ticket 2447 KRB5_PROTOTYPE((const krb5_data *code, 2448 krb5_ticket **rep)); 2449 2450 void KRB5_CALLCONV 2451 krb5_appdefault_string 2452 KRB5_PROTOTYPE((krb5_context context, 2453 const char *appname, 2454 const krb5_data *realm, 2455 const char *option, 2456 const char *default_value, 2457 char ** ret_value)); 2458 2459 void KRB5_CALLCONV 2460 krb5_appdefault_boolean 2461 KRB5_PROTOTYPE((krb5_context context, 2462 const char *appname, 2463 const krb5_data *realm, 2464 const char *option, 2465 int default_value, 2466 int *ret_value)); 2467 2468 /* 2469 * The realm iterator functions 2470 */ 2471 2472 krb5_error_code KRB5_CALLCONV krb5_realm_iterator_create 2473 KRB5_PROTOTYPE((krb5_context context, void **iter_p)); 2474 2475 krb5_error_code KRB5_CALLCONV krb5_realm_iterator 2476 KRB5_PROTOTYPE((krb5_context context, void **iter_p, char **ret_realm)); 2477 2478 void KRB5_CALLCONV krb5_realm_iterator_free 2479 KRB5_PROTOTYPE((krb5_context context, void **iter_p)); 2480 2481 void KRB5_CALLCONV krb5_free_realm_string 2482 KRB5_PROTOTYPE((krb5_context context, char *str)); 2483 2484 /* 2485 * Prompter enhancements 2486 */ 2487 2488 #define KRB5_PROMPT_TYPE_PASSWORD 0x1 2489 #define KRB5_PROMPT_TYPE_NEW_PASSWORD 0x2 2490 #define KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN 0x3 2491 #define KRB5_PROMPT_TYPE_PREAUTH 0x4 2492 2493 typedef krb5_int32 krb5_prompt_type; 2494 2495 krb5_prompt_type* KRB5_CALLCONV krb5_get_prompt_types 2496 (krb5_context context); 2497 2498 #endif /* KRB5_GENERAL__ */ 2499 2500 2501 /* 2502 * krb5_err.h: 2503 * This file is automatically generated; please do not edit it. 2504 */ 2505 2506 #define KRB5KDC_ERR_NONE (-1765328384L) 2507 #define KRB5KDC_ERR_NAME_EXP (-1765328383L) 2508 #define KRB5KDC_ERR_SERVICE_EXP (-1765328382L) 2509 #define KRB5KDC_ERR_BAD_PVNO (-1765328381L) 2510 #define KRB5KDC_ERR_C_OLD_MAST_KVNO (-1765328380L) 2511 #define KRB5KDC_ERR_S_OLD_MAST_KVNO (-1765328379L) 2512 #define KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN (-1765328378L) 2513 #define KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN (-1765328377L) 2514 #define KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE (-1765328376L) 2515 #define KRB5KDC_ERR_NULL_KEY (-1765328375L) 2516 #define KRB5KDC_ERR_CANNOT_POSTDATE (-1765328374L) 2517 #define KRB5KDC_ERR_NEVER_VALID (-1765328373L) 2518 #define KRB5KDC_ERR_POLICY (-1765328372L) 2519 #define KRB5KDC_ERR_BADOPTION (-1765328371L) 2520 #define KRB5KDC_ERR_ETYPE_NOSUPP (-1765328370L) 2521 #define KRB5KDC_ERR_SUMTYPE_NOSUPP (-1765328369L) 2522 #define KRB5KDC_ERR_PADATA_TYPE_NOSUPP (-1765328368L) 2523 #define KRB5KDC_ERR_TRTYPE_NOSUPP (-1765328367L) 2524 #define KRB5KDC_ERR_CLIENT_REVOKED (-1765328366L) 2525 #define KRB5KDC_ERR_SERVICE_REVOKED (-1765328365L) 2526 #define KRB5KDC_ERR_TGT_REVOKED (-1765328364L) 2527 #define KRB5KDC_ERR_CLIENT_NOTYET (-1765328363L) 2528 #define KRB5KDC_ERR_SERVICE_NOTYET (-1765328362L) 2529 #define KRB5KDC_ERR_KEY_EXP (-1765328361L) 2530 #define KRB5KDC_ERR_PREAUTH_FAILED (-1765328360L) 2531 #define KRB5KDC_ERR_PREAUTH_REQUIRED (-1765328359L) 2532 #define KRB5KDC_ERR_SERVER_NOMATCH (-1765328358L) 2533 #define KRB5PLACEHOLD_27 (-1765328357L) 2534 #define KRB5PLACEHOLD_28 (-1765328356L) 2535 #define KRB5PLACEHOLD_29 (-1765328355L) 2536 #define KRB5PLACEHOLD_30 (-1765328354L) 2537 #define KRB5KRB_AP_ERR_BAD_INTEGRITY (-1765328353L) 2538 #define KRB5KRB_AP_ERR_TKT_EXPIRED (-1765328352L) 2539 #define KRB5KRB_AP_ERR_TKT_NYV (-1765328351L) 2540 #define KRB5KRB_AP_ERR_REPEAT (-1765328350L) 2541 #define KRB5KRB_AP_ERR_NOT_US (-1765328349L) 2542 #define KRB5KRB_AP_ERR_BADMATCH (-1765328348L) 2543 #define KRB5KRB_AP_ERR_SKEW (-1765328347L) 2544 #define KRB5KRB_AP_ERR_BADADDR (-1765328346L) 2545 #define KRB5KRB_AP_ERR_BADVERSION (-1765328345L) 2546 #define KRB5KRB_AP_ERR_MSG_TYPE (-1765328344L) 2547 #define KRB5KRB_AP_ERR_MODIFIED (-1765328343L) 2548 #define KRB5KRB_AP_ERR_BADORDER (-1765328342L) 2549 #define KRB5KRB_AP_ERR_ILL_CR_TKT (-1765328341L) 2550 #define KRB5KRB_AP_ERR_BADKEYVER (-1765328340L) 2551 #define KRB5KRB_AP_ERR_NOKEY (-1765328339L) 2552 #define KRB5KRB_AP_ERR_MUT_FAIL (-1765328338L) 2553 #define KRB5KRB_AP_ERR_BADDIRECTION (-1765328337L) 2554 #define KRB5KRB_AP_ERR_METHOD (-1765328336L) 2555 #define KRB5KRB_AP_ERR_BADSEQ (-1765328335L) 2556 #define KRB5KRB_AP_ERR_INAPP_CKSUM (-1765328334L) 2557 #define KRB5PLACEHOLD_51 (-1765328333L) 2558 #define KRB5PLACEHOLD_52 (-1765328332L) 2559 #define KRB5PLACEHOLD_53 (-1765328331L) 2560 #define KRB5PLACEHOLD_54 (-1765328330L) 2561 #define KRB5PLACEHOLD_55 (-1765328329L) 2562 #define KRB5PLACEHOLD_56 (-1765328328L) 2563 #define KRB5PLACEHOLD_57 (-1765328327L) 2564 #define KRB5PLACEHOLD_58 (-1765328326L) 2565 #define KRB5PLACEHOLD_59 (-1765328325L) 2566 #define KRB5KRB_ERR_GENERIC (-1765328324L) 2567 #define KRB5KRB_ERR_FIELD_TOOLONG (-1765328323L) 2568 #define KRB5PLACEHOLD_62 (-1765328322L) 2569 #define KRB5PLACEHOLD_63 (-1765328321L) 2570 #define KRB5PLACEHOLD_64 (-1765328320L) 2571 #define KRB5PLACEHOLD_65 (-1765328319L) 2572 #define KRB5PLACEHOLD_66 (-1765328318L) 2573 #define KRB5PLACEHOLD_67 (-1765328317L) 2574 #define KRB5PLACEHOLD_68 (-1765328316L) 2575 #define KRB5PLACEHOLD_69 (-1765328315L) 2576 #define KRB5PLACEHOLD_70 (-1765328314L) 2577 #define KRB5PLACEHOLD_71 (-1765328313L) 2578 #define KRB5PLACEHOLD_72 (-1765328312L) 2579 #define KRB5PLACEHOLD_73 (-1765328311L) 2580 #define KRB5PLACEHOLD_74 (-1765328310L) 2581 #define KRB5PLACEHOLD_75 (-1765328309L) 2582 #define KRB5PLACEHOLD_76 (-1765328308L) 2583 #define KRB5PLACEHOLD_77 (-1765328307L) 2584 #define KRB5PLACEHOLD_78 (-1765328306L) 2585 #define KRB5PLACEHOLD_79 (-1765328305L) 2586 #define KRB5PLACEHOLD_80 (-1765328304L) 2587 #define KRB5PLACEHOLD_81 (-1765328303L) 2588 #define KRB5PLACEHOLD_82 (-1765328302L) 2589 #define KRB5PLACEHOLD_83 (-1765328301L) 2590 #define KRB5PLACEHOLD_84 (-1765328300L) 2591 #define KRB5PLACEHOLD_85 (-1765328299L) 2592 #define KRB5PLACEHOLD_86 (-1765328298L) 2593 #define KRB5PLACEHOLD_87 (-1765328297L) 2594 #define KRB5PLACEHOLD_88 (-1765328296L) 2595 #define KRB5PLACEHOLD_89 (-1765328295L) 2596 #define KRB5PLACEHOLD_90 (-1765328294L) 2597 #define KRB5PLACEHOLD_91 (-1765328293L) 2598 #define KRB5PLACEHOLD_92 (-1765328292L) 2599 #define KRB5PLACEHOLD_93 (-1765328291L) 2600 #define KRB5PLACEHOLD_94 (-1765328290L) 2601 #define KRB5PLACEHOLD_95 (-1765328289L) 2602 #define KRB5PLACEHOLD_96 (-1765328288L) 2603 #define KRB5PLACEHOLD_97 (-1765328287L) 2604 #define KRB5PLACEHOLD_98 (-1765328286L) 2605 #define KRB5PLACEHOLD_99 (-1765328285L) 2606 #define KRB5PLACEHOLD_100 (-1765328284L) 2607 #define KRB5PLACEHOLD_101 (-1765328283L) 2608 #define KRB5PLACEHOLD_102 (-1765328282L) 2609 #define KRB5PLACEHOLD_103 (-1765328281L) 2610 #define KRB5PLACEHOLD_104 (-1765328280L) 2611 #define KRB5PLACEHOLD_105 (-1765328279L) 2612 #define KRB5PLACEHOLD_106 (-1765328278L) 2613 #define KRB5PLACEHOLD_107 (-1765328277L) 2614 #define KRB5PLACEHOLD_108 (-1765328276L) 2615 #define KRB5PLACEHOLD_109 (-1765328275L) 2616 #define KRB5PLACEHOLD_110 (-1765328274L) 2617 #define KRB5PLACEHOLD_111 (-1765328273L) 2618 #define KRB5PLACEHOLD_112 (-1765328272L) 2619 #define KRB5PLACEHOLD_113 (-1765328271L) 2620 #define KRB5PLACEHOLD_114 (-1765328270L) 2621 #define KRB5PLACEHOLD_115 (-1765328269L) 2622 #define KRB5PLACEHOLD_116 (-1765328268L) 2623 #define KRB5PLACEHOLD_117 (-1765328267L) 2624 #define KRB5PLACEHOLD_118 (-1765328266L) 2625 #define KRB5PLACEHOLD_119 (-1765328265L) 2626 #define KRB5PLACEHOLD_120 (-1765328264L) 2627 #define KRB5PLACEHOLD_121 (-1765328263L) 2628 #define KRB5PLACEHOLD_122 (-1765328262L) 2629 #define KRB5PLACEHOLD_123 (-1765328261L) 2630 #define KRB5PLACEHOLD_124 (-1765328260L) 2631 #define KRB5PLACEHOLD_125 (-1765328259L) 2632 #define KRB5PLACEHOLD_126 (-1765328258L) 2633 #define KRB5PLACEHOLD_127 (-1765328257L) 2634 #define KRB5_ERR_RCSID (-1765328256L) 2635 #define KRB5_LIBOS_BADLOCKFLAG (-1765328255L) 2636 #define KRB5_LIBOS_CANTREADPWD (-1765328254L) 2637 #define KRB5_LIBOS_BADPWDMATCH (-1765328253L) 2638 #define KRB5_LIBOS_PWDINTR (-1765328252L) 2639 #define KRB5_PARSE_ILLCHAR (-1765328251L) 2640 #define KRB5_PARSE_MALFORMED (-1765328250L) 2641 #define KRB5_CONFIG_CANTOPEN (-1765328249L) 2642 #define KRB5_CONFIG_BADFORMAT (-1765328248L) 2643 #define KRB5_CONFIG_NOTENUFSPACE (-1765328247L) 2644 #define KRB5_BADMSGTYPE (-1765328246L) 2645 #define KRB5_CC_BADNAME (-1765328245L) 2646 #define KRB5_CC_UNKNOWN_TYPE (-1765328244L) 2647 #define KRB5_CC_NOTFOUND (-1765328243L) 2648 #define KRB5_CC_END (-1765328242L) 2649 #define KRB5_NO_TKT_SUPPLIED (-1765328241L) 2650 #define KRB5KRB_AP_WRONG_PRINC (-1765328240L) 2651 #define KRB5KRB_AP_ERR_TKT_INVALID (-1765328239L) 2652 #define KRB5_PRINC_NOMATCH (-1765328238L) 2653 #define KRB5_KDCREP_MODIFIED (-1765328237L) 2654 #define KRB5_KDCREP_SKEW (-1765328236L) 2655 #define KRB5_IN_TKT_REALM_MISMATCH (-1765328235L) 2656 #define KRB5_PROG_ETYPE_NOSUPP (-1765328234L) 2657 #define KRB5_PROG_KEYTYPE_NOSUPP (-1765328233L) 2658 #define KRB5_WRONG_ETYPE (-1765328232L) 2659 #define KRB5_PROG_SUMTYPE_NOSUPP (-1765328231L) 2660 #define KRB5_REALM_UNKNOWN (-1765328230L) 2661 #define KRB5_SERVICE_UNKNOWN (-1765328229L) 2662 #define KRB5_KDC_UNREACH (-1765328228L) 2663 #define KRB5_NO_LOCALNAME (-1765328227L) 2664 #define KRB5_MUTUAL_FAILED (-1765328226L) 2665 #define KRB5_RC_TYPE_EXISTS (-1765328225L) 2666 #define KRB5_RC_MALLOC (-1765328224L) 2667 #define KRB5_RC_TYPE_NOTFOUND (-1765328223L) 2668 #define KRB5_RC_UNKNOWN (-1765328222L) 2669 #define KRB5_RC_REPLAY (-1765328221L) 2670 #define KRB5_RC_IO (-1765328220L) 2671 #define KRB5_RC_NOIO (-1765328219L) 2672 #define KRB5_RC_PARSE (-1765328218L) 2673 #define KRB5_RC_IO_EOF (-1765328217L) 2674 #define KRB5_RC_IO_MALLOC (-1765328216L) 2675 #define KRB5_RC_IO_PERM (-1765328215L) 2676 #define KRB5_RC_IO_IO (-1765328214L) 2677 #define KRB5_RC_IO_UNKNOWN (-1765328213L) 2678 #define KRB5_RC_IO_SPACE (-1765328212L) 2679 #define KRB5_TRANS_CANTOPEN (-1765328211L) 2680 #define KRB5_TRANS_BADFORMAT (-1765328210L) 2681 #define KRB5_LNAME_CANTOPEN (-1765328209L) 2682 #define KRB5_LNAME_NOTRANS (-1765328208L) 2683 #define KRB5_LNAME_BADFORMAT (-1765328207L) 2684 #define KRB5_CRYPTO_INTERNAL (-1765328206L) 2685 #define KRB5_KT_BADNAME (-1765328205L) 2686 #define KRB5_KT_UNKNOWN_TYPE (-1765328204L) 2687 #define KRB5_KT_NOTFOUND (-1765328203L) 2688 #define KRB5_KT_END (-1765328202L) 2689 #define KRB5_KT_NOWRITE (-1765328201L) 2690 #define KRB5_KT_IOERR (-1765328200L) 2691 #define KRB5_NO_TKT_IN_RLM (-1765328199L) 2692 #define KRB5DES_BAD_KEYPAR (-1765328198L) 2693 #define KRB5DES_WEAK_KEY (-1765328197L) 2694 #define KRB5_BAD_ENCTYPE (-1765328196L) 2695 #define KRB5_BAD_KEYSIZE (-1765328195L) 2696 #define KRB5_BAD_MSIZE (-1765328194L) 2697 #define KRB5_CC_TYPE_EXISTS (-1765328193L) 2698 #define KRB5_KT_TYPE_EXISTS (-1765328192L) 2699 #define KRB5_CC_IO (-1765328191L) 2700 #define KRB5_FCC_PERM (-1765328190L) 2701 #define KRB5_FCC_NOFILE (-1765328189L) 2702 #define KRB5_FCC_INTERNAL (-1765328188L) 2703 #define KRB5_CC_WRITE (-1765328187L) 2704 #define KRB5_CC_NOMEM (-1765328186L) 2705 #define KRB5_CC_FORMAT (-1765328185L) 2706 #define KRB5_CC_NOT_KTYPE (-1765328184L) 2707 #define KRB5_INVALID_FLAGS (-1765328183L) 2708 #define KRB5_NO_2ND_TKT (-1765328182L) 2709 #define KRB5_NOCREDS_SUPPLIED (-1765328181L) 2710 #define KRB5_SENDAUTH_BADAUTHVERS (-1765328180L) 2711 #define KRB5_SENDAUTH_BADAPPLVERS (-1765328179L) 2712 #define KRB5_SENDAUTH_BADRESPONSE (-1765328178L) 2713 #define KRB5_SENDAUTH_REJECTED (-1765328177L) 2714 #define KRB5_PREAUTH_BAD_TYPE (-1765328176L) 2715 #define KRB5_PREAUTH_NO_KEY (-1765328175L) 2716 #define KRB5_PREAUTH_FAILED (-1765328174L) 2717 #define KRB5_RCACHE_BADVNO (-1765328173L) 2718 #define KRB5_CCACHE_BADVNO (-1765328172L) 2719 #define KRB5_KEYTAB_BADVNO (-1765328171L) 2720 #define KRB5_PROG_ATYPE_NOSUPP (-1765328170L) 2721 #define KRB5_RC_REQUIRED (-1765328169L) 2722 #define KRB5_ERR_BAD_HOSTNAME (-1765328168L) 2723 #define KRB5_ERR_HOST_REALM_UNKNOWN (-1765328167L) 2724 #define KRB5_SNAME_UNSUPP_NAMETYPE (-1765328166L) 2725 #define KRB5KRB_AP_ERR_V4_REPLY (-1765328165L) 2726 #define KRB5_REALM_CANT_RESOLVE (-1765328164L) 2727 #define KRB5_TKT_NOT_FORWARDABLE (-1765328163L) 2728 #define KRB5_FWD_BAD_PRINCIPAL (-1765328162L) 2729 #define KRB5_GET_IN_TKT_LOOP (-1765328161L) 2730 #define KRB5_CONFIG_NODEFREALM (-1765328160L) 2731 #define KRB5_SAM_UNSUPPORTED (-1765328159L) 2732 #define KRB5_SAM_INVALID_ETYPE (-1765328158L) 2733 #define KRB5_SAM_NO_CHECKSUM (-1765328157L) 2734 #define KRB5_SAM_BAD_CHECKSUM (-1765328156L) 2735 #define KRB5_KT_NAME_TOOLONG (-1765328155L) 2736 #define KRB5_KT_KVNONOTFOUND (-1765328154L) 2737 #define KRB5_APPL_EXPIRED (-1765328153L) 2738 #define KRB5_LIB_EXPIRED (-1765328152L) 2739 #define KRB5_CHPW_PWDNULL (-1765328151L) 2740 #define KRB5_CHPW_FAIL (-1765328150L) 2741 #define KRB5_KT_FORMAT (-1765328149L) 2742 #define KRB5_NOPERM_ETYPE (-1765328148L) 2743 #define KRB5_CONFIG_ETYPE_NOSUPP (-1765328147L) 2744 #define KRB5_OBSOLETE_FN (-1765328146L) 2745 #define KRB5_EAI_FAIL (-1765328145L) 2746 #define KRB5_EAI_NODATA (-1765328144L) 2747 #define KRB5_EAI_NONAME (-1765328143L) 2748 #define KRB5_EAI_SERVICE (-1765328142L) 2749 #define KRB5_ERR_NUMERIC_REALM (-1765328141L) 2750 #define KRB5_ERR_BAD_S2K_PARAMS (-1765328140L) 2751 #define KRB5_ERR_NO_SERVICE (-1765328139L) 2752 #define KRB5_CC_READONLY (-1765328138L) 2753 #define KRB5_CC_NOSUPP (-1765328137L) 2754 2755 /* NOTE! error values should not collide */ 2756 /* XXX Note KRB5_RC_BADNAME and KRB5_CONF_NOT_CONFIGURED are Solaris specific */ 2757 #define KRB5_RC_BADNAME (-1765328136L) 2758 #define KRB5_CONF_NOT_CONFIGURED (-1765328135L) 2759 #ifdef _KERNEL 2760 /* XXX Note KRB5_KEF_ERROR and PKCS_ERR are Solaris specific */ 2761 #define KRB5_KEF_ERROR (-1765328134L) 2762 #else 2763 #define PKCS_ERR (-1765328134L) 2764 #endif /* _KERNEL */ 2765 #define ERROR_TABLE_BASE_krb5 (-1765328384L) 2766 2767 /* for compatibility with older versions... */ 2768 #define krb5_err_base ERROR_TABLE_BASE_krb5 2769 /* 2770 * kdb5_err.h: 2771 * This file is automatically generated; please do not edit it. 2772 */ 2773 #define KRB5_KDB_RCSID (-1780008448L) 2774 #define KRB5_KDB_INUSE (-1780008447L) 2775 #define KRB5_KDB_UK_SERROR (-1780008446L) 2776 #define KRB5_KDB_UK_RERROR (-1780008445L) 2777 #define KRB5_KDB_UNAUTH (-1780008444L) 2778 #define KRB5_KDB_NOENTRY (-1780008443L) 2779 #define KRB5_KDB_ILL_WILDCARD (-1780008442L) 2780 #define KRB5_KDB_DB_INUSE (-1780008441L) 2781 #define KRB5_KDB_DB_CHANGED (-1780008440L) 2782 #define KRB5_KDB_TRUNCATED_RECORD (-1780008439L) 2783 #define KRB5_KDB_RECURSIVELOCK (-1780008438L) 2784 #define KRB5_KDB_NOTLOCKED (-1780008437L) 2785 #define KRB5_KDB_BADLOCKMODE (-1780008436L) 2786 #define KRB5_KDB_DBNOTINITED (-1780008435L) 2787 #define KRB5_KDB_DBINITED (-1780008434L) 2788 #define KRB5_KDB_ILLDIRECTION (-1780008433L) 2789 #define KRB5_KDB_NOMASTERKEY (-1780008432L) 2790 #define KRB5_KDB_BADMASTERKEY (-1780008431L) 2791 #define KRB5_KDB_INVALIDKEYSIZE (-1780008430L) 2792 #define KRB5_KDB_CANTREAD_STORED (-1780008429L) 2793 #define KRB5_KDB_BADSTORED_MKEY (-1780008428L) 2794 #define KRB5_KDB_CANTLOCK_DB (-1780008427L) 2795 #define KRB5_KDB_DB_CORRUPT (-1780008426L) 2796 #define KRB5_KDB_BAD_VERSION (-1780008425L) 2797 #define KRB5_KDB_BAD_SALTTYPE (-1780008424L) 2798 #define KRB5_KDB_BAD_ENCTYPE (-1780008423L) 2799 #define KRB5_KDB_BAD_CREATEFLAGS (-1780008422L) 2800 #define KRB5_KDB_NO_PERMITTED_KEY (-1780008421L) 2801 #define KRB5_KDB_NO_MATCHING_KEY (-1780008420L) 2802 /* 2803 * Incremental propagation error codes 2804 */ 2805 #define KRB5_LOG_CONV (-1780008419L) 2806 #define KRB5_LOG_UNSTABLE (-1780008418L) 2807 #define KRB5_LOG_CORRUPT (-1780008417L) 2808 #define KRB5_LOG_ERROR (-1780008416L) 2809 #define ERROR_TABLE_BASE_kdb5 (-1780008448L) 2810 2811 /* for compatibility with older versions... */ 2812 #define kdb5_err_base ERROR_TABLE_BASE_kdb5 2813 /* 2814 * kv5m_err.h: 2815 * This file is automatically generated; please do not edit it. 2816 */ 2817 #define KV5M_NONE (-1760647424L) 2818 #define KV5M_PRINCIPAL (-1760647423L) 2819 #define KV5M_DATA (-1760647422L) 2820 #define KV5M_KEYBLOCK (-1760647421L) 2821 #define KV5M_CHECKSUM (-1760647420L) 2822 #define KV5M_ENCRYPT_BLOCK (-1760647419L) 2823 #define KV5M_ENC_DATA (-1760647418L) 2824 #define KV5M_CRYPTOSYSTEM_ENTRY (-1760647417L) 2825 #define KV5M_CS_TABLE_ENTRY (-1760647416L) 2826 #define KV5M_CHECKSUM_ENTRY (-1760647415L) 2827 #define KV5M_AUTHDATA (-1760647414L) 2828 #define KV5M_TRANSITED (-1760647413L) 2829 #define KV5M_ENC_TKT_PART (-1760647412L) 2830 #define KV5M_TICKET (-1760647411L) 2831 #define KV5M_AUTHENTICATOR (-1760647410L) 2832 #define KV5M_TKT_AUTHENT (-1760647409L) 2833 #define KV5M_CREDS (-1760647408L) 2834 #define KV5M_LAST_REQ_ENTRY (-1760647407L) 2835 #define KV5M_PA_DATA (-1760647406L) 2836 #define KV5M_KDC_REQ (-1760647405L) 2837 #define KV5M_ENC_KDC_REP_PART (-1760647404L) 2838 #define KV5M_KDC_REP (-1760647403L) 2839 #define KV5M_ERROR (-1760647402L) 2840 #define KV5M_AP_REQ (-1760647401L) 2841 #define KV5M_AP_REP (-1760647400L) 2842 #define KV5M_AP_REP_ENC_PART (-1760647399L) 2843 #define KV5M_RESPONSE (-1760647398L) 2844 #define KV5M_SAFE (-1760647397L) 2845 #define KV5M_PRIV (-1760647396L) 2846 #define KV5M_PRIV_ENC_PART (-1760647395L) 2847 #define KV5M_CRED (-1760647394L) 2848 #define KV5M_CRED_INFO (-1760647393L) 2849 #define KV5M_CRED_ENC_PART (-1760647392L) 2850 #define KV5M_PWD_DATA (-1760647391L) 2851 #define KV5M_ADDRESS (-1760647390L) 2852 #define KV5M_KEYTAB_ENTRY (-1760647389L) 2853 #define KV5M_CONTEXT (-1760647388L) 2854 #define KV5M_OS_CONTEXT (-1760647387L) 2855 #define KV5M_ALT_METHOD (-1760647386L) 2856 #define KV5M_ETYPE_INFO_ENTRY (-1760647385L) 2857 #define KV5M_DB_CONTEXT (-1760647384L) 2858 #define KV5M_AUTH_CONTEXT (-1760647383L) 2859 #define KV5M_KEYTAB (-1760647382L) 2860 #define KV5M_RCACHE (-1760647381L) 2861 #define KV5M_CCACHE (-1760647380L) 2862 #define KV5M_PREAUTH_OPS (-1760647379L) 2863 #define KV5M_SAM_CHALLENGE (-1760647378L) 2864 #define KV5M_SAM_KEY (-1760647377L) 2865 #define KV5M_ENC_SAM_RESPONSE_ENC (-1760647376L) 2866 #define KV5M_ENC_SAM_RESPONSE_ENC_2 (-1760647374L) 2867 #define KV5M_SAM_RESPONSE (-1760647373L) 2868 #define KV5M_SAM_RESPONSE_2 (-1760647372L) 2869 #define KV5M_PREDICTED_SAM_RESPONSE (-1760647371L) 2870 #define KV5M_PASSWD_PHRASE_ELEMENT (-1760647370L) 2871 #define KV5M_GSS_OID (-1760647369L) 2872 #define KV5M_GSS_QUEUE (-1760647368L) 2873 #define ERROR_TABLE_BASE_kv5m (-1760647424L) 2874 2875 /* for compatibility with older versions... */ 2876 #define kv5m_err_base ERROR_TABLE_BASE_kv5m 2877 /* 2878 * asn1_err.h: 2879 * This file is automatically generated; please do not edit it. 2880 */ 2881 #define ASN1_BAD_TIMEFORMAT (1859794432L) 2882 #define ASN1_MISSING_FIELD (1859794433L) 2883 #define ASN1_MISPLACED_FIELD (1859794434L) 2884 #define ASN1_TYPE_MISMATCH (1859794435L) 2885 #define ASN1_OVERFLOW (1859794436L) 2886 #define ASN1_OVERRUN (1859794437L) 2887 #define ASN1_BAD_ID (1859794438L) 2888 #define ASN1_BAD_LENGTH (1859794439L) 2889 #define ASN1_BAD_FORMAT (1859794440L) 2890 #define ASN1_PARSE_ERROR (1859794441L) 2891 #define ASN1_BAD_GMTIME (1859794442L) 2892 #define ASN1_MISMATCH_INDEF (1859794443L) 2893 #define ASN1_MISSING_EOC (1859794444L) 2894 #define ERROR_TABLE_BASE_asn1 (1859794432L) 2895 2896 /* for compatibility with older versions... */ 2897 #define asn1_err_base ERROR_TABLE_BASE_asn1 2898 2899 #ifdef __cplusplus 2900 } 2901 #endif 2902 2903 #endif /* _KRB5_H */ 2904