1*0a6a1f1dSLionel Sambuc /* $NetBSD: windc_plugin.h,v 1.1.1.3 2014/04/24 12:45:27 pettai Exp $ */ 2ebfedea0SLionel Sambuc 3ebfedea0SLionel Sambuc /* 4ebfedea0SLionel Sambuc * Copyright (c) 2006 Kungliga Tekniska Högskolan 5ebfedea0SLionel Sambuc * (Royal Institute of Technology, Stockholm, Sweden). 6ebfedea0SLionel Sambuc * All rights reserved. 7ebfedea0SLionel Sambuc * 8ebfedea0SLionel Sambuc * Redistribution and use in source and binary forms, with or without 9ebfedea0SLionel Sambuc * modification, are permitted provided that the following conditions 10ebfedea0SLionel Sambuc * are met: 11ebfedea0SLionel Sambuc * 12ebfedea0SLionel Sambuc * 1. Redistributions of source code must retain the above copyright 13ebfedea0SLionel Sambuc * notice, this list of conditions and the following disclaimer. 14ebfedea0SLionel Sambuc * 15ebfedea0SLionel Sambuc * 2. Redistributions in binary form must reproduce the above copyright 16ebfedea0SLionel Sambuc * notice, this list of conditions and the following disclaimer in the 17ebfedea0SLionel Sambuc * documentation and/or other materials provided with the distribution. 18ebfedea0SLionel Sambuc * 19ebfedea0SLionel Sambuc * 3. Neither the name of the Institute nor the names of its contributors 20ebfedea0SLionel Sambuc * may be used to endorse or promote products derived from this software 21ebfedea0SLionel Sambuc * without specific prior written permission. 22ebfedea0SLionel Sambuc * 23ebfedea0SLionel Sambuc * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 24ebfedea0SLionel Sambuc * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25ebfedea0SLionel Sambuc * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26ebfedea0SLionel Sambuc * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 27ebfedea0SLionel Sambuc * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28ebfedea0SLionel Sambuc * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29ebfedea0SLionel Sambuc * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30ebfedea0SLionel Sambuc * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31ebfedea0SLionel Sambuc * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32ebfedea0SLionel Sambuc * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33ebfedea0SLionel Sambuc * SUCH DAMAGE. 34ebfedea0SLionel Sambuc */ 35ebfedea0SLionel Sambuc 36ebfedea0SLionel Sambuc /* Id */ 37ebfedea0SLionel Sambuc 38ebfedea0SLionel Sambuc #ifndef HEIMDAL_KRB5_PAC_PLUGIN_H 39ebfedea0SLionel Sambuc #define HEIMDAL_KRB5_PAC_PLUGIN_H 1 40ebfedea0SLionel Sambuc 41ebfedea0SLionel Sambuc #include <krb5/krb5.h> 42ebfedea0SLionel Sambuc 43ebfedea0SLionel Sambuc /* 44ebfedea0SLionel Sambuc * The PAC generate function should allocate a krb5_pac using 45ebfedea0SLionel Sambuc * krb5_pac_init and fill in the PAC structure for the principal using 46ebfedea0SLionel Sambuc * krb5_pac_add_buffer. 47ebfedea0SLionel Sambuc * 48ebfedea0SLionel Sambuc * The PAC verify function should verify all components in the PAC 49ebfedea0SLionel Sambuc * using krb5_pac_get_types and krb5_pac_get_buffer for all types. 50ebfedea0SLionel Sambuc * 51ebfedea0SLionel Sambuc * Check client access function check if the client is authorized. 52ebfedea0SLionel Sambuc */ 53ebfedea0SLionel Sambuc 54ebfedea0SLionel Sambuc struct hdb_entry_ex; 55ebfedea0SLionel Sambuc 56ebfedea0SLionel Sambuc typedef krb5_error_code 57ebfedea0SLionel Sambuc (*krb5plugin_windc_pac_generate)(void *, krb5_context, 58ebfedea0SLionel Sambuc struct hdb_entry_ex *, krb5_pac *); 59ebfedea0SLionel Sambuc 60ebfedea0SLionel Sambuc typedef krb5_error_code 61ebfedea0SLionel Sambuc (*krb5plugin_windc_pac_verify)(void *, krb5_context, 62*0a6a1f1dSLionel Sambuc const krb5_principal, /* new ticket client */ 63*0a6a1f1dSLionel Sambuc const krb5_principal, /* delegation proxy */ 64*0a6a1f1dSLionel Sambuc struct hdb_entry_ex *,/* client */ 65*0a6a1f1dSLionel Sambuc struct hdb_entry_ex *,/* server */ 66*0a6a1f1dSLionel Sambuc struct hdb_entry_ex *,/* krbtgt */ 67ebfedea0SLionel Sambuc krb5_pac *); 68ebfedea0SLionel Sambuc 69ebfedea0SLionel Sambuc typedef krb5_error_code 70ebfedea0SLionel Sambuc (*krb5plugin_windc_client_access)( 71ebfedea0SLionel Sambuc void *, krb5_context, 72ebfedea0SLionel Sambuc krb5_kdc_configuration *config, 73ebfedea0SLionel Sambuc hdb_entry_ex *, const char *, 74ebfedea0SLionel Sambuc hdb_entry_ex *, const char *, 75ebfedea0SLionel Sambuc KDC_REQ *, krb5_data *); 76ebfedea0SLionel Sambuc 77ebfedea0SLionel Sambuc 78*0a6a1f1dSLionel Sambuc #define KRB5_WINDC_PLUGIN_MINOR 6 79*0a6a1f1dSLionel Sambuc #define KRB5_WINDC_PLUGING_MINOR KRB5_WINDC_PLUGIN_MINOR 80ebfedea0SLionel Sambuc 81ebfedea0SLionel Sambuc typedef struct krb5plugin_windc_ftable { 82ebfedea0SLionel Sambuc int minor_version; 83ebfedea0SLionel Sambuc krb5_error_code (*init)(krb5_context, void **); 84ebfedea0SLionel Sambuc void (*fini)(void *); 85ebfedea0SLionel Sambuc krb5plugin_windc_pac_generate pac_generate; 86ebfedea0SLionel Sambuc krb5plugin_windc_pac_verify pac_verify; 87ebfedea0SLionel Sambuc krb5plugin_windc_client_access client_access; 88ebfedea0SLionel Sambuc } krb5plugin_windc_ftable; 89ebfedea0SLionel Sambuc 90ebfedea0SLionel Sambuc #endif /* HEIMDAL_KRB5_PAC_PLUGIN_H */ 91ebfedea0SLionel Sambuc 92