/*
*/
/* This is the prologue to krb5.h */
/* Unfortunately some of these defines are compiler dependent */
#ifndef _KRB5_H
#define _KRB5_H
#ifdef _LP64
#else
#endif
/* End of prologue section */
/*
*
* Copyright 1989,1990,1995,2001, 2003 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. Furthermore if you modify this software you must label
* your software as modified software and not distribute it in such a
* fashion that it might be confused with the original M.I.T. software.
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*
*
* General definitions for Kerberos version 5.
*/
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
* All rights reserved.
*
* Export of this software from the United States of America may require
* a specific license from the United States Government. It is the
* responsibility of any person or organization contemplating export to
* obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of FundsXpress. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. FundsXpress makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
#ifndef KRB5_GENERAL__
#define KRB5_GENERAL__
#ifdef _KERNEL
/*
* Just to be safe lets make sure the buffers are zero'ed after
* malloc() as some code assumes this is the case. To avoid warnings
* of duplicated defines let remove the old one if present.
*/
#ifdef MALLOC
#endif
#else /* !_KERNEL */
#include <stdlib.h>
#include <thread.h>
#include <synch.h>
#include <security/cryptoki.h>
#include <limits.h> /* for *_MAX */
#endif /* _KERNEL */
/* By default, do not expose deprecated interfaces. */
/* SUNW14resync - we need to enable this for rlogind and such */
#ifndef KRB5_DEPRECATED
#endif
/* Do not expose private interfaces. Build system will override. */
/* SUNW14resync - for the Solaris build we set it to 1 here */
#ifndef KRB5_PRIVATE
#endif
# include <TargetConditionals.h>
# if TARGET_RT_MAC_CFM
# error "Use KfM 4.0 SDK headers for CFM compilation."
# endif
#endif
#include <win-mac.h>
#endif
#ifndef KRB5_CONFIG__
#ifndef KRB5_CALLCONV
#define KRB5_CALLCONV
#define KRB5_CALLCONV_C
#endif /* !KRB5_CALLCONV */
#endif /* !KRB5_CONFIG__ */
#ifndef KRB5_CALLCONV_WRONG
#define KRB5_CALLCONV_WRONG
#endif
/* SUNW14resync XXX */
#ifndef THREEPARAMOPEN
#endif
/*
* Solaris Kerberos:
* Samba needs a couple of these interfaces so old crypto is enabled.
*/
#define KRB5_OLD_CRYPTO
#ifndef KRB5INT_BEGIN_DECLS
#if defined(__cplusplus)
#define KRB5INT_END_DECLS }
#else
#define KRB5INT_BEGIN_DECLS
#define KRB5INT_END_DECLS
#endif
#endif
#if TARGET_OS_MAC
#endif
/* from profile.h */
struct _profile_t;
/* typedef struct _profile_t *profile_t; */
/*
* begin wordsize.h
*/
/*
* Word-size related definition.
*/
typedef unsigned char krb5_octet;
#if INT_MAX == 0x7fff
typedef int krb5_int16;
typedef unsigned int krb5_ui_2;
typedef short krb5_int16;
typedef unsigned short krb5_ui_2;
#else
#endif
#if INT_MAX == 0x7fffffffL
typedef int krb5_int32;
typedef unsigned int krb5_ui_4;
typedef long krb5_int32;
typedef unsigned long krb5_ui_4;
typedef short krb5_int32;
typedef unsigned short krb5_ui_4;
#else
#endif
/* this strange form is necessary since - is a unary operator, not a sign
indicator */
/* this strange form is necessary since - is a unary operator, not a sign
indicator */
/*
* end wordsize.h
*/
/*
* begin "base-defs.h"
*/
/*
* Basic definitions for Kerberos V5 library
*/
#ifndef FALSE
#define FALSE 0
#endif
#ifndef TRUE
#endif
typedef unsigned int krb5_boolean;
typedef unsigned int krb5_msgtype;
typedef unsigned int krb5_kvno;
typedef struct _krb5_data {
unsigned int length;
char *data;
} krb5_data;
typedef struct _krb5_octet_data {
unsigned int length;
/*
* Hack length for crypto library to use the afs_string_to_key It is
* equivalent to -1 without possible sign extension
* We also overload for an unset salt type length - which is also -1, but
* hey, why not....
*/
typedef void * krb5_pointer;
typedef void const * krb5_const_pointer;
typedef struct krb5_principal_data {
/*
* Per V5 spec on definition of principal types
*/
/* Name type not known */
#define KRB5_NT_UNKNOWN 0
/* Just the name of the principal as in DCE, or for users */
/* Service and other unique instance (krbtgt) */
/* Service with host name as instance (telnet, rcommands) */
/* Service with host as remaining components */
/* Unique ID */
/* PKINIT */
/* Name in form of SMTP email name */
/* Windows 2000 UPN */
/* Windows 2000 UPN and SID */
/* NT 4 style name */
/* NT 4 style name and SID */
/* constant version thereof: */
: NULL)
/*
* Constants for realm referrals.
*/
/*
* Referral-specific functions.
*/
/*
* end "base-defs.h"
*/
/*
* begin "hostaddr.h"
*/
/* structure for address */
typedef struct _krb5_address {
unsigned int length;
} krb5_address;
/* per Kerberos v5 protocol spec */
/* not yet in the spec... */
/* macros to determine if a type is a local type */
/*
* end "hostaddr.h"
*/
struct _krb5_context;
struct _krb5_auth_context;
struct _krb5_cryptosystem_entry;
/* SUNW EF (I assume) crypto mods ... */
struct _krb5_keyblock;
/*
* keyblocks will contain a list of derived keys,
* this structure will contain the derived key data.
*/
typedef struct _dk_node {
} krb5_dk_node;
/*
* begin "encryption.h"
*/
typedef struct _krb5_keyblock {
unsigned int length;
#ifdef _KERNEL
#else
#endif /* _KERNEL */
typedef struct _krb5_checksum {
unsigned int length;
typedef struct _krb5_encrypt_block {
this. it was a pointer, but it
doesn't have to be. gross. */
typedef struct _krb5_enc_data {
/* per Kerberos v5 protocol spec */
/* XXX deprecated? */
/* des-mac-k */
/* rsa-md4-des-k */
/* The following are entropy source designations. Whenever
* krb5_C_random_add_entropy is called, one of these source ids is passed
* in. This allows the library to better estimate bits of
* entropy in the sample and to keep track of what sources of entropy have
* contributed enough entropy. Sources marked internal MUST NOT be
* used by applications outside the Kerberos library
*/
enum {
/*This source should be used carefully; data in this category
* should be from a third party trusted to give random bits
* For example keys issued by the KDC in the application server.
*/
};
#ifndef krb5_roundup
/* round x up to nearest multiple of y */
#endif /* roundup */
/* macro function definitions to help clean up code */
#ifndef _KERNEL
#else
#endif
const krb5_keyblock *, krb5_keyusage,
krb5_data *);
const krb5_keyblock *, krb5_data *);
/* Register a new entropy sample with the PRNG. may cause
* the PRNG to be reseeded, although this is not guaranteed. See previous randsource definitions
* for information on how each source should be used.
*/
/*
* Collect entropy from the OS if possible. strong requests that as strong
* of a source of entropy as available be used. Setting strong may
* increase the probability of blocking and should not be used for normal
* applications. Good uses include seeding the PRNG for kadmind
* and realm setup.
* If successful is non-null, then successful is set to 1 if the OS provided
* entropy else zero.
*/
#if 0 /* SUNW14resync - not used in Solaris */
#endif
krb5_keyblock *key);
krb5_keyblock *key);
const krb5_checksum *cksum,
/* XXX need to register these */
/* Defined in hardware preauth draft */
/* Defined in KDC referrals draft */
#if KRB5_PRIVATE
/* Use the above four instead. */
#endif
#ifdef KRB5_OLD_CRYPTO
/*
* old cryptosystem routine prototypes. These are now layered
* on top of the functions above.
*/
const krb5_keyblock * key);
const krb5_encrypt_block * eblock,
const krb5_encrypt_block * eblock,
const krb5_keyblock * keyblock,
krb5_pointer * ptr);
const krb5_encrypt_block * eblock,
krb5_pointer * ptr);
const krb5_encrypt_block * eblock,
krb5_keyblock ** keyblock);
const krb5_encrypt_block * eblock);
const krb5_checksum * cksum,
#if KRB5_PRIVATE
(size_t, krb5_pointer);
#endif
#endif /* KRB5_OLD_CRYPTO */
/*
* end "encryption.h"
*/
/*
* begin "fieldbits.h"
*/
/* kdc_options for kdc_request */
/* options is 32 bits; each host is responsible to put the 4 bytes
representing these bits into net order before transmission */
/* #define KDC_OPT_RESERVED 0x80000000 */
/* #define KDC_OPT_UNUSED 0x01000000 */
/* #define KDC_OPT_UNUSED 0x00400000 */
/* #define KDC_OPT_RESERVED 0x00200000 */
/* #define KDC_OPT_RESERVED 0x00100000 */
/* #define KDC_OPT_RESERVED 0x00080000 */
/* #define KDC_OPT_RESERVED 0x00040000 */
/* #define KDC_OPT_RESERVED 0x00008000 */
/* #define KDC_OPT_RESERVED 0x00004000 */
/* #define KDC_OPT_RESERVED 0x00002000 */
/* #define KDC_OPT_RESERVED 0x00001000 */
/* #define KDC_OPT_RESERVED 0x00000800 */
/* #define KDC_OPT_RESERVED 0x00000400 */
/* #define KDC_OPT_RESERVED 0x00000200 */
/* #define KDC_OPT_RESERVED 0x00000100 */
/* #define KDC_OPT_RESERVED 0x00000080 */
/* #define KDC_OPT_RESERVED 0x00000040 */
/* #define KDC_OPT_UNUSED 0x00000004 */
/*
* Mask of ticket flags in the TGT which should be converted into KDC
* options when using the TGT to get derivitive tickets.
*
* New mask = KDC_OPT_FORWARDABLE | KDC_OPT_PROXIABLE |
* KDC_OPT_ALLOW_POSTDATE | KDC_OPT_RENEWABLE
*/
/* definitions for ap_options fields */
/* ap_options are 32 bits; each host is responsible to put the 4 bytes
representing these bits into net order before transmission */
/* #define AP_OPTS_RESERVED 0x10000000 */
/* #define AP_OPTS_RESERVED 0x08000000 */
/* #define AP_OPTS_RESERVED 0x04000000 */
/* #define AP_OPTS_RESERVED 0x02000000 */
/* #define AP_OPTS_RESERVED 0x01000000 */
/* #define AP_OPTS_RESERVED 0x00800000 */
/* #define AP_OPTS_RESERVED 0x00400000 */
/* #define AP_OPTS_RESERVED 0x00200000 */
/* #define AP_OPTS_RESERVED 0x00100000 */
/* #define AP_OPTS_RESERVED 0x00080000 */
/* #define AP_OPTS_RESERVED 0x00040000 */
/* #define AP_OPTS_RESERVED 0x00020000 */
/* #define AP_OPTS_RESERVED 0x00010000 */
/* #define AP_OPTS_RESERVED 0x00008000 */
/* #define AP_OPTS_RESERVED 0x00004000 */
/* #define AP_OPTS_RESERVED 0x00002000 */
/* #define AP_OPTS_RESERVED 0x00001000 */
/* #define AP_OPTS_RESERVED 0x00000800 */
/* #define AP_OPTS_RESERVED 0x00000400 */
/* #define AP_OPTS_RESERVED 0x00000200 */
/* #define AP_OPTS_RESERVED 0x00000100 */
/* #define AP_OPTS_RESERVED 0x00000080 */
/* #define AP_OPTS_RESERVED 0x00000040 */
/* #define AP_OPTS_RESERVED 0x00000020 */
/* #define AP_OPTS_RESERVED 0x00000010 */
/* #define AP_OPTS_RESERVED 0x00000008 */
/* #define AP_OPTS_RESERVED 0x00000004 */
/* #define AP_OPTS_RESERVED 0x00000002 */
/* definitions for ad_type fields. */
/* Ticket flags */
/* flags are 32 bits; each host is responsible to put the 4 bytes
representing these bits into net order before transmission */
/* #define TKT_FLG_RESERVED 0x80000000 */
/* #define TKT_FLG_RESERVED 0x00010000 */
/* #define TKT_FLG_RESERVED 0x00008000 */
/* #define TKT_FLG_RESERVED 0x00004000 */
/* #define TKT_FLG_RESERVED 0x00002000 */
/* #define TKT_FLG_RESERVED 0x00001000 */
/* #define TKT_FLG_RESERVED 0x00000800 */
/* #define TKT_FLG_RESERVED 0x00000400 */
/* #define TKT_FLG_RESERVED 0x00000200 */
/* #define TKT_FLG_RESERVED 0x00000100 */
/* #define TKT_FLG_RESERVED 0x00000080 */
/* #define TKT_FLG_RESERVED 0x00000040 */
/* #define TKT_FLG_RESERVED 0x00000020 */
/* #define TKT_FLG_RESERVED 0x00000010 */
/* #define TKT_FLG_RESERVED 0x00000008 */
/* #define TKT_FLG_RESERVED 0x00000004 */
/* #define TKT_FLG_RESERVED 0x00000002 */
/* #define TKT_FLG_RESERVED 0x00000001 */
/* definitions for lr_type fields. */
/* definitions for ad_type fields. */
/* definitions for msec direction bit for KRB_SAFE, KRB_PRIV */
/*
* end "fieldbits.h"
*/
/*
* begin "proto.h"
*/
/* Protocol version number */
/* Message types */
/* LastReq types */
#define KRB5_LRQ_NONE 0
/* PADATA types */
#define KRB5_PADATA_NONE 0
#if 0 /* Not used */
#endif
/* Reserved for SPX pre-authentication. */
/* Transited encoding types */
/* alternate authentication types */
/* authorization data types */
/* password change constants */
#define KRB5_KPASSWD_SUCCESS 0
/* These are Microsoft's extensions in RFC 3244, and it looks like
they'll become standardized, possibly with other additions. */
/*
* end "proto.h"
*/
/* Time set */
typedef struct _krb5_ticket_times {
in ticket? otherwise client can't get this */
use authtime */
/* structure for auth data */
typedef struct _krb5_authdata {
unsigned int length;
/* structure for transited encoding */
typedef struct _krb5_transited {
typedef struct _krb5_enc_tkt_part {
/* to-be-encrypted portion */
typedef struct _krb5_ticket {
/* cleartext portion */
encoding */
available */
} krb5_ticket;
/* the unencrypted version */
typedef struct _krb5_authenticator {
typedef struct _krb5_tkt_authent {
/* credentials: Ticket, session key, etc. */
typedef struct _krb5_creds {
another ticket's skey */
ticket (via DUPLICATE-SKEY or
ENC-TKT-IN-SKEY) */
} krb5_creds;
/* Last request fields */
typedef struct _krb5_last_req_entry {
/* pre-authentication data */
typedef struct _krb5_pa_data {
unsigned int length;
} krb5_pa_data;
typedef struct _krb5_kdc_req {
/* real body */
client) */
if available */
} krb5_kdc_req;
typedef struct _krb5_enc_kdc_rep_part {
/* encrypted part: */
optional */
typedef struct _krb5_kdc_rep {
/* cleartext part: */
encoding */
} krb5_kdc_rep;
/* error message structure */
typedef struct _krb5_error {
/* some of these may be meaningless in certain contexts */
optional */
} krb5_error;
typedef struct _krb5_ap_req {
} krb5_ap_req;
typedef struct _krb5_ap_rep {
} krb5_ap_rep;
typedef struct _krb5_ap_rep_enc_part {
typedef struct _krb5_response {
typedef struct _krb5_cred_info {
/* ticket */
/* optional */
typedef struct _krb5_cred_enc_part {
typedef struct _krb5_cred {
} krb5_cred;
/* Sandia password generation structures */
typedef struct _passwd_phrase_element {
typedef struct _krb5_pwd_data {
int sequence_count;
/* these need to be here so the typedefs are available for the prototypes */
typedef struct _krb5_pa_svr_referral_data {
/* Referred name, only realm is required */
typedef struct _krb5_pa_server_referral_data {
typedef struct _krb5_pa_pac_req {
/* TRUE if a PAC should be included in TGS-REP */
/*
* begin "safepriv.h"
*/
typedef struct krb5_replay_data {
/* flags for krb5_auth_con_genaddrs() */
/* type of function used as a callback to generate checksum data for
* mk_req */
typedef krb5_error_code
krb5_data **);
/*
* end "safepriv.h"
*/
/*
* begin "ccache.h"
*/
struct _krb5_ccache;
struct _krb5_cc_ops;
/* for retrieve_cred */
/* for set_flags and other functions */
krb5_creds *creds);
krb5_creds *creds);
krb5_creds *creds);
const char * KRB5_CALLCONV
/* SUNW14resync - add_cred.c needs this func */
const char * KRB5_CALLCONV
const char *type,
const char *hint,
krb5_ccache *id);
/*
* end "ccache.h"
*/
/*
* begin "rcache.h"
*/
struct krb5_rc_st;
/*
* end "rcache.h"
*/
/*
* begin "keytab.h"
*/
/* XXX */
typedef struct krb5_keytab_entry_st {
#if KRB5_PRIVATE
struct _krb5_kt_ops;
} *krb5_keytab;
#else
struct _krb5_kt;
#endif
char * KRB5_CALLCONV
unsigned int namelen);
/* Solaris Kerberos */
/*
* end "keytab.h"
*/
/*
* begin "func-proto.h"
*/
/* Solaris Kerberos */
krb5_boolean krb5_privacy_allowed(void);
/*
* Solaris Kerberos:
* krb5_copy_keyblock_data is a new routine to hide the details
* of a keyblock copy operation.
*/
const krb5_keyblock *,
krb5_keyblock *);
(krb5_context *);
(krb5_context *);
(krb5_context);
#if KRB5_PRIVATE
const krb5_enctype *);
krb5_enctype **);
const krb5_enctype *);
#endif
const krb5_enctype *);
#if KRB5_PRIVATE
krb5_enctype **);
#endif
(krb5_context, krb5_enctype **);
#if KRB5_PRIVATE
(krb5_context, krb5_enctype *);
#endif
/* libkrb.spec */
#if KRB5_PRIVATE
const krb5_keyblock *,
krb5_kdc_rep * );
const krb5_keyblock *,
krb5_ticket * );
krb5_ccache, /* not const, as reading may save
state */
krb5_creds *,
krb5_creds **,
krb5_creds *** );
krb5_ccache, /* not const, as reading may save
state */
krb5_creds *,
krb5_creds **,
krb5_creds *** );
krb5_ccache, /* not const, as reading may save
state */
krb5_creds *,
krb5_creds **,
krb5_creds *** );
#endif
krb5_creds **); /* XXX too hard to do with const */
krb5_creds *,
krb5_creds **);
krb5_creds *,
krb5_creds **);
krb5_creds *,
krb5_creds **);
#if KRB5_PRIVATE
krb5_creds *,
krb5_address * const *,
krb5_creds *,
krb5_creds **);
#endif
char *,
char *,
krb5_data *,
krb5_data * );
krb5_data *,
krb5_creds *,
krb5_data * );
krb5_data *);
const krb5_data *,
krb5_ap_rep_enc_part **);
const krb5_error *,
krb5_data * );
const krb5_data *,
krb5_error ** );
const krb5_data *,
krb5_data *,
krb5_replay_data *);
const krb5_data *,
krb5_data *,
krb5_replay_data *);
const char *,
krb5_principal * );
const char *,
int,
krb5_principal * );
char ** );
char **,
unsigned int *);
int,
char **);
int,
char **,
unsigned int *);
(krb5_context, krb5_principal, const char *);
const krb5_address *,
krb5_address * const *);
const krb5_address *,
const krb5_address *);
const krb5_address *,
const krb5_address *);
/* Initialize a new keyblock and allocate storage
* for the contents of the key, which will be freed along
* with the keyblock when krb5_free_keyblock is called.
* It is legal to pass in a length of 0, in which
* case contents are left unallocated.
*/
/*
* Solaris Kerberos
* Start - keyblock API (MIT will ship this also in a future release)
*/
/*
* Similiar to krb5_init_keyblock but this routine expects the
* keyblock to already be allocated.
*/
unsigned int,
krb5_keyblock *);
(krb5_keyblock *);
unsigned int KRB5_CALLCONV krb5_get_key_length
(krb5_keyblock *);
(krb5_keyblock *);
(krb5_keyblock *,
(krb5_keyblock *,
krb5_octet *);
(krb5_keyblock *,
unsigned int);
/*
* Solaris Kerberos
* End - keyblock API
*/
const krb5_keyblock *,
krb5_keyblock **);
const krb5_keyblock *,
krb5_keyblock *);
const krb5_creds *,
krb5_creds **);
const krb5_data *,
krb5_data **);
krb5_principal *);
#if KRB5_PRIVATE
const krb5_address *,
krb5_address **);
#endif
krb5_address * const *,
krb5_address ***);
const krb5_ticket *,
krb5_ticket **);
krb5_authdata * const *,
krb5_authdata ***);
krb5_authdata * const *,
krb5_authdata *const *,
krb5_authdata ***);
/* Merge two authdata arrays, such as the array from a ticket
* and authenticator */
const krb5_authenticator *,
krb5_authenticator **);
const krb5_checksum *,
krb5_checksum **);
#if KRB5_PRIVATE
void krb5_init_ets
(krb5_context);
void krb5_free_ets
(krb5_context);
const krb5_keyblock *, krb5_keyblock **);
const krb5_keyblock *, krb5_ui_4 *);
#endif
const krb5_data *, krb5_rcache *);
(krb5_context, krb5_principal *, unsigned int, const char *, ...);
(krb5_context, krb5_principal *, unsigned int, const char *, ...);
#ifdef va_start
/* XXX depending on varargs include file defining va_start... */
krb5_principal, unsigned int, const char *, va_list);
#endif
const char *name,
struct credentials;
struct credentials *v4creds);
#if KRB5_DEPRECATED
#define krb524_init_ets(x) (0)
#endif
/* libkt.spec */
#if KRB5_PRIVATE
const struct _krb5_kt_ops * );
#endif
const char *,
krb5_keytab * );
char *,
int );
krb5_keytab * );
krb5_keytab_entry * );
#if KRB5_PRIVATE
/* use krb5_free_keytab_entry_contents instead */
krb5_keytab_entry * );
#endif
/* remove and add are functions, so that they can return NOWRITE
if not a writable keytab */
krb5_keytab_entry * );
krb5_keytab_entry * );
#if KRB5_PRIVATE
#endif
/* libcc.spec */
const char *,
krb5_ccache * );
const char * KRB5_CALLCONV krb5_cc_default_name
(krb5_context);
(krb5_context, const char *);
krb5_ccache *);
#if KRB5_PRIVATE
unsigned int KRB5_CALLCONV krb5_get_notification_message
(void);
#endif
/* chk_trans.c */
#if KRB5_PRIVATE
#endif
/* free_rtree.c */
#if KRB5_PRIVATE
void krb5_free_realm_tree
krb5_principal *);
#endif
/* krb5_free.c */
(krb5_context, krb5_authenticator * );
#if KRB5_PRIVATE
(krb5_context, krb5_authenticator * );
#endif
(krb5_context, krb5_address ** );
#if KRB5_PRIVATE
(krb5_context, krb5_address * );
#endif
(krb5_context, krb5_authdata ** );
#if KRB5_PRIVATE
(krb5_context, krb5_enc_tkt_part * );
#endif
(krb5_context, krb5_ticket * );
#if KRB5_PRIVATE
(krb5_context, krb5_ticket ** );
(krb5_context, krb5_kdc_req * );
(krb5_context, krb5_kdc_rep * );
(krb5_context, krb5_last_req_entry ** );
#endif
(krb5_context, krb5_error * );
#if KRB5_PRIVATE
(krb5_context, krb5_ap_req * );
(krb5_context, krb5_ap_rep * );
(krb5_context, krb5_cred *);
#endif
(krb5_context, krb5_creds *);
(krb5_context, krb5_creds *);
#if KRB5_PRIVATE
#endif
(krb5_context, krb5_checksum *);
(krb5_context, krb5_checksum *);
(krb5_context, krb5_keyblock *);
(krb5_context, krb5_keyblock *);
#if KRB5_PRIVATE
(krb5_context, krb5_pa_data **);
#endif
#if KRB5_PRIVATE
(krb5_context, krb5_tkt_authent *);
(krb5_context, krb5_pwd_data *);
#endif
(krb5_context, krb5_data *);
(krb5_context, krb5_data *);
(krb5_context, char *);
(krb5_context, krb5_cksumtype *);
krb5_int32 *,
krb5_int32 * );
krb5_int32 * );
/* get all the addresses of this host */
krb5_address ***);
char ** );
const char * );
char * );
const char *,
const char *,
krb5_principal *);
#if KRB5_PRIVATE
(krb5_context, const char **);
(char ***filenames);
(char **filenames);
#endif
#if KRB5_PRIVATE
const krb5_ticket_times *,
const krb5_enctype *,
krb5_address * const *,
krb5_authdata * const *,
krb5_pa_data * const *,
const krb5_data *,
krb5_creds *,
krb5_response * );
const krb5_ticket_times *,
const krb5_enctype *,
krb5_address * const *,
krb5_authdata * const *,
krb5_pa_data * const *,
const krb5_data *,
krb5_creds *,
krb5_response * ,
char **);
#endif
#if KRB5_DEPRECATED
krb5_address * const *,
krb5_enctype *,
krb5_error_code ( * )(krb5_context,
krb5_data *,
krb5_keyblock **),
krb5_error_code ( * )(krb5_context,
const krb5_keyblock *,
krb5_kdc_rep * ),
krb5_creds *,
krb5_kdc_rep ** );
krb5_address * const *,
krb5_enctype *,
const char *,
krb5_creds *,
krb5_kdc_rep ** );
krb5_address * const *,
krb5_enctype *,
const krb5_keyblock *,
krb5_creds *,
krb5_kdc_rep ** );
krb5_address * const *,
krb5_enctype *,
krb5_creds *,
krb5_kdc_rep ** );
#endif /* KRB5_DEPRECATED */
#if KRB5_PRIVATE
krb5_data *,
const krb5_keyblock *,
krb5_kdc_rep ** );
#endif
const krb5_data *,
krb5_flags *,
krb5_ticket **);
#if KRB5_PRIVATE
const krb5_ap_req *,
krb5_flags *,
krb5_ticket **);
const krb5_ap_req *,
krb5_flags *,
krb5_ticket **);
#endif
krb5_keyblock **);
const krb5_data *,
krb5_data *,
krb5_replay_data *);
const krb5_data *,
krb5_data *,
krb5_replay_data *);
#if KRB5_PRIVATE
krb5_cc_ops *,
krb5_boolean );
#endif
char *,
krb5_data *,
krb5_creds *,
krb5_error **,
krb5_creds **);
char *,
krb5_ticket **);
krb5_ticket **,
krb5_data *);
#if KRB5_PRIVATE
const krb5_data *,
const krb5_data *,
krb5_principal **,
int);
#endif
krb5_creds **,
krb5_data **,
krb5_replay_data *);
krb5_creds *,
krb5_data **,
krb5_replay_data *);
krb5_data *,
krb5_creds ***,
krb5_replay_data *);
char *,
int forwardable,
krb5_data *);
krb5_int32 *);
krb5_mk_req_checksum_func, void *);
krb5_mk_req_checksum_func *, void **);
krb5_address *,
krb5_address *);
krb5_address **,
krb5_address **);
krb5_address *,
krb5_address *);
krb5_keyblock *);
krb5_keyblock **);
#if KRB5_DEPRECATED
krb5_keyblock **);
krb5_keyblock **);
#endif
#if KRB5_PRIVATE
#endif
krb5_int32 *);
krb5_int32 *);
#if KRB5_DEPRECATED
#endif
#if KRB5_PRIVATE
krb5_pointer *);
#endif
krb5_rcache *);
#if KRB5_PRIVATE
const krb5_enctype *);
krb5_enctype **);
#endif
krb5_authenticator **);
/*
* end "func-proto.h"
*/
/*
* begin stuff from libos.h
*/
#if KRB5_PRIVATE
int krb5_net_read (krb5_context, int , char *, int);
int krb5_net_write (krb5_context, int , const char *, int);
#endif
const char *,
const char *,
char *,
unsigned int * );
int,
char * );
const char *,
char *** );
krb5_data *,
char *** );
char * const * );
#if KRB5_PRIVATE
const char *,
char ** );
#endif
krb5_principal, const char *);
int, int);
#if KRB5_PRIVATE
const krb5_address *,
krb5_address **);
const krb5_address *,
const char *,
char **);
krb5_address *,
krb5_address *,
krb5_address *);
#endif
#if KRB5_PRIVATE
(krb5_context);
#endif
#if KRB5_PRIVATE
#endif
/* str_conv.c */
(char *, krb5_enctype *);
(char *, krb5_int32 *);
(char *, krb5_cksumtype *);
(char *, krb5_timestamp *);
(char *, krb5_deltat *);
(krb5_enctype, char *, size_t);
/* Solaris Kerberos */
(krb5_enctype, char *, size_t);
(krb5_int32, char *, size_t);
(krb5_cksumtype, char *, size_t);
(krb5_timestamp, char *, size_t);
(krb5_timestamp, char *, size_t, char *);
(krb5_deltat, char *, size_t);
/*
* end stuff from libos.h
*/
/*
* begin "k5-free.h"
*/
/* to keep lint happy */
#ifdef _KERNEL
#else
#endif
/*
* end "k5-free.h"
*/
/* The name of the Kerberos ticket granting service... and its size */
/* flags for recvauth */
/* initial ticket api functions */
typedef struct _krb5_prompt {
char *prompt;
int hidden;
} krb5_prompt;
void *data,
const char *name,
const char *banner,
int num_prompts,
krb5_prompt prompts[]);
void *data,
const char *name,
const char *banner,
int num_prompts,
krb5_prompt prompts[]);
typedef struct _krb5_get_init_creds_opt {
int forwardable;
int proxiable;
int etype_list_length;
int preauth_list_length;
void KRB5_CALLCONV
void KRB5_CALLCONV
void KRB5_CALLCONV
void KRB5_CALLCONV
void KRB5_CALLCONV
int forwardable);
void KRB5_CALLCONV
int proxiable);
void KRB5_CALLCONV
int etype_list_length);
void KRB5_CALLCONV
void KRB5_CALLCONV
int preauth_list_length);
void KRB5_CALLCONV
void KRB5_CALLCONV
int prompt);
typedef struct _krb5_gic_opt_pa_data {
char *attr;
char *value;
/*
* This function allows the caller to supply options to preauth
* plugins. Preauth plugin modules are given a chance to look
* at each option at the time this function is called in ordre
* to check the validity of the option.
* The 'opt' pointer supplied to this function must have been
* obtained using krb5_get_init_creds_opt_alloc()
*/
const char *attr,
const char *value);
char *password,
void *data,
char *in_tkt_service,
char *in_tkt_service,
typedef struct _krb5_verify_init_creds_opt {
int ap_req_nofail;
void KRB5_CALLCONV
void KRB5_CALLCONV
int ap_req_nofail);
char *in_tkt_service);
char *in_tkt_service);
krb5_ticket **rep);
void KRB5_CALLCONV
const char *appname,
const char *option,
const char *default_value,
char ** ret_value);
void KRB5_CALLCONV
const char *appname,
const char *option,
int default_value,
int *ret_value);
#if KRB5_PRIVATE
/*
* The realm iterator functions
*/
#endif
/*
* The realm iterator functions
*/
/*
* Prompter enhancements
*/
/* Error reporting */
void KRB5_CALLCONV_C
#ifdef va_start
void KRB5_CALLCONV
#endif
/*
* The behavior of krb5_get_error_message is only defined the first
* time it is called after a failed call to a krb5 function using the
* same context, and only when the error code passed in is the same as
* that returned by the krb5 function. Future versions may return the
* same string for the second and following calls.
*
* The string returned by this function must be freed using
* krb5_free_error_message.
*/
const char * KRB5_CALLCONV
void KRB5_CALLCONV
krb5_free_error_message (krb5_context, const char *);
void KRB5_CALLCONV
const krb5_authdata *container,
krb5_authdata ***authdata);
krb5_authdata * const*authdata,
krb5_authdata ***container);
/*
* Windows PAC
*/
struct krb5_pac_data;
void KRB5_CALLCONV
const void *ptr,
const krb5_keyblock *server,
const krb5_keyblock *privsvr);
#if TARGET_OS_MAC
#endif
/* Don't use this! We're going to phase it out. It's just here to keep
applications from breaking right away. */
#define krb5_const const
#endif /* KRB5_GENERAL__ */
/*
* Solaris Kerberos: the following differs from the MIT krb5.hin as that file is
* krb5.h is manually edited.
*/
/*
* krb5_err.h:
* This file is automatically generated; please do not edit it.
*/
/* NOTE! error values should not collide */
/* XXX Note KRB5_RC_BADNAME and KRB5_CONF_NOT_CONFIGURED are Solaris specific */
#ifdef _KERNEL
/* XXX Note KRB5_KEF_ERROR and PKCS_ERR are Solaris specific */
#else
#define PKCS_ERR (-1765328134L)
#endif /* _KERNEL */
/* SUNW17PACresync */
/* for compatibility with older versions... */
/*
* kdb5_err.h:
* This file is automatically generated; please do not edit it.
*/
/*
* Incremental propagation error codes
*/
/* for compatibility with older versions... */
/*
* kv5m_err.h:
* This file is automatically generated; please do not edit it.
*/
/* for compatibility with older versions... */
/*
* asn1_err.h:
* This file is automatically generated; please do not edit it.
*/
/* for compatibility with older versions... */
#endif /* _KRB5_H */