1*ebfedea0SLionel Sambuc /* $NetBSD: krb5-v4compat.h,v 1.1.1.2 2011/04/14 14:09:22 elric Exp $ */ 2*ebfedea0SLionel Sambuc 3*ebfedea0SLionel Sambuc /* 4*ebfedea0SLionel Sambuc * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan 5*ebfedea0SLionel Sambuc * (Royal Institute of Technology, Stockholm, Sweden). 6*ebfedea0SLionel Sambuc * All rights reserved. 7*ebfedea0SLionel Sambuc * 8*ebfedea0SLionel Sambuc * Redistribution and use in source and binary forms, with or without 9*ebfedea0SLionel Sambuc * modification, are permitted provided that the following conditions 10*ebfedea0SLionel Sambuc * are met: 11*ebfedea0SLionel Sambuc * 12*ebfedea0SLionel Sambuc * 1. Redistributions of source code must retain the above copyright 13*ebfedea0SLionel Sambuc * notice, this list of conditions and the following disclaimer. 14*ebfedea0SLionel Sambuc * 15*ebfedea0SLionel Sambuc * 2. Redistributions in binary form must reproduce the above copyright 16*ebfedea0SLionel Sambuc * notice, this list of conditions and the following disclaimer in the 17*ebfedea0SLionel Sambuc * documentation and/or other materials provided with the distribution. 18*ebfedea0SLionel Sambuc * 19*ebfedea0SLionel Sambuc * 3. Neither the name of the Institute nor the names of its contributors 20*ebfedea0SLionel Sambuc * may be used to endorse or promote products derived from this software 21*ebfedea0SLionel Sambuc * without specific prior written permission. 22*ebfedea0SLionel Sambuc * 23*ebfedea0SLionel Sambuc * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 24*ebfedea0SLionel Sambuc * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25*ebfedea0SLionel Sambuc * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26*ebfedea0SLionel Sambuc * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 27*ebfedea0SLionel Sambuc * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28*ebfedea0SLionel Sambuc * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29*ebfedea0SLionel Sambuc * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30*ebfedea0SLionel Sambuc * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31*ebfedea0SLionel Sambuc * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32*ebfedea0SLionel Sambuc * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33*ebfedea0SLionel Sambuc * SUCH DAMAGE. 34*ebfedea0SLionel Sambuc */ 35*ebfedea0SLionel Sambuc 36*ebfedea0SLionel Sambuc /* Id */ 37*ebfedea0SLionel Sambuc 38*ebfedea0SLionel Sambuc #ifndef __KRB5_V4COMPAT_H__ 39*ebfedea0SLionel Sambuc #define __KRB5_V4COMPAT_H__ 40*ebfedea0SLionel Sambuc 41*ebfedea0SLionel Sambuc #include <krb5/krb_err.h> 42*ebfedea0SLionel Sambuc 43*ebfedea0SLionel Sambuc /* 44*ebfedea0SLionel Sambuc * This file must only be included with v4 compat glue stuff in 45*ebfedea0SLionel Sambuc * heimdal sources. 46*ebfedea0SLionel Sambuc * 47*ebfedea0SLionel Sambuc * It MUST NOT be installed. 48*ebfedea0SLionel Sambuc */ 49*ebfedea0SLionel Sambuc 50*ebfedea0SLionel Sambuc #define KRB_PROT_VERSION 4 51*ebfedea0SLionel Sambuc 52*ebfedea0SLionel Sambuc #define AUTH_MSG_KDC_REQUEST (1<<1) 53*ebfedea0SLionel Sambuc #define AUTH_MSG_KDC_REPLY (2<<1) 54*ebfedea0SLionel Sambuc #define AUTH_MSG_APPL_REQUEST (3<<1) 55*ebfedea0SLionel Sambuc #define AUTH_MSG_APPL_REQUEST_MUTUAL (4<<1) 56*ebfedea0SLionel Sambuc #define AUTH_MSG_ERR_REPLY (5<<1) 57*ebfedea0SLionel Sambuc #define AUTH_MSG_PRIVATE (6<<1) 58*ebfedea0SLionel Sambuc #define AUTH_MSG_SAFE (7<<1) 59*ebfedea0SLionel Sambuc #define AUTH_MSG_APPL_ERR (8<<1) 60*ebfedea0SLionel Sambuc #define AUTH_MSG_KDC_FORWARD (9<<1) 61*ebfedea0SLionel Sambuc #define AUTH_MSG_KDC_RENEW (10<<1) 62*ebfedea0SLionel Sambuc #define AUTH_MSG_DIE (63<<1) 63*ebfedea0SLionel Sambuc 64*ebfedea0SLionel Sambuc /* General definitions */ 65*ebfedea0SLionel Sambuc #define KSUCCESS 0 66*ebfedea0SLionel Sambuc #define KFAILURE 255 67*ebfedea0SLionel Sambuc 68*ebfedea0SLionel Sambuc /* */ 69*ebfedea0SLionel Sambuc 70*ebfedea0SLionel Sambuc #define MAX_KTXT_LEN 1250 71*ebfedea0SLionel Sambuc 72*ebfedea0SLionel Sambuc #define ANAME_SZ 40 73*ebfedea0SLionel Sambuc #define REALM_SZ 40 74*ebfedea0SLionel Sambuc #define SNAME_SZ 40 75*ebfedea0SLionel Sambuc #define INST_SZ 40 76*ebfedea0SLionel Sambuc 77*ebfedea0SLionel Sambuc struct ktext { 78*ebfedea0SLionel Sambuc unsigned int length; /* Length of the text */ 79*ebfedea0SLionel Sambuc unsigned char dat[MAX_KTXT_LEN]; /* The data itself */ 80*ebfedea0SLionel Sambuc uint32_t mbz; /* zero to catch runaway strings */ 81*ebfedea0SLionel Sambuc }; 82*ebfedea0SLionel Sambuc 83*ebfedea0SLionel Sambuc struct credentials { 84*ebfedea0SLionel Sambuc char service[ANAME_SZ]; /* Service name */ 85*ebfedea0SLionel Sambuc char instance[INST_SZ]; /* Instance */ 86*ebfedea0SLionel Sambuc char realm[REALM_SZ]; /* Auth domain */ 87*ebfedea0SLionel Sambuc char session[8]; /* Session key */ 88*ebfedea0SLionel Sambuc int lifetime; /* Lifetime */ 89*ebfedea0SLionel Sambuc int kvno; /* Key version number */ 90*ebfedea0SLionel Sambuc struct ktext ticket_st; /* The ticket itself */ 91*ebfedea0SLionel Sambuc int32_t issue_date; /* The issue time */ 92*ebfedea0SLionel Sambuc char pname[ANAME_SZ]; /* Principal's name */ 93*ebfedea0SLionel Sambuc char pinst[INST_SZ]; /* Principal's instance */ 94*ebfedea0SLionel Sambuc }; 95*ebfedea0SLionel Sambuc 96*ebfedea0SLionel Sambuc #define TKTLIFENUMFIXED 64 97*ebfedea0SLionel Sambuc #define TKTLIFEMINFIXED 0x80 98*ebfedea0SLionel Sambuc #define TKTLIFEMAXFIXED 0xBF 99*ebfedea0SLionel Sambuc #define TKTLIFENOEXPIRE 0xFF 100*ebfedea0SLionel Sambuc #define MAXTKTLIFETIME (30*24*3600) /* 30 days */ 101*ebfedea0SLionel Sambuc #ifndef NEVERDATE 102*ebfedea0SLionel Sambuc #define NEVERDATE ((time_t)0x7fffffffL) 103*ebfedea0SLionel Sambuc #endif 104*ebfedea0SLionel Sambuc 105*ebfedea0SLionel Sambuc #define KERB_ERR_NULL_KEY 10 106*ebfedea0SLionel Sambuc 107*ebfedea0SLionel Sambuc #define CLOCK_SKEW 5*60 108*ebfedea0SLionel Sambuc 109*ebfedea0SLionel Sambuc #ifndef TKT_ROOT 110*ebfedea0SLionel Sambuc #ifdef KRB5_USE_PATH_TOKENS 111*ebfedea0SLionel Sambuc #define TKT_ROOT "%{TEMP}/tkt" 112*ebfedea0SLionel Sambuc #else 113*ebfedea0SLionel Sambuc #define TKT_ROOT "/tmp/tkt" 114*ebfedea0SLionel Sambuc #endif 115*ebfedea0SLionel Sambuc #endif 116*ebfedea0SLionel Sambuc 117*ebfedea0SLionel Sambuc struct _krb5_krb_auth_data { 118*ebfedea0SLionel Sambuc int8_t k_flags; /* Flags from ticket */ 119*ebfedea0SLionel Sambuc char *pname; /* Principal's name */ 120*ebfedea0SLionel Sambuc char *pinst; /* His Instance */ 121*ebfedea0SLionel Sambuc char *prealm; /* His Realm */ 122*ebfedea0SLionel Sambuc uint32_t checksum; /* Data checksum (opt) */ 123*ebfedea0SLionel Sambuc krb5_keyblock session; /* Session Key */ 124*ebfedea0SLionel Sambuc unsigned char life; /* Life of ticket */ 125*ebfedea0SLionel Sambuc uint32_t time_sec; /* Time ticket issued */ 126*ebfedea0SLionel Sambuc uint32_t address; /* Address in ticket */ 127*ebfedea0SLionel Sambuc }; 128*ebfedea0SLionel Sambuc 129*ebfedea0SLionel Sambuc KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL 130*ebfedea0SLionel Sambuc _krb5_krb_life_to_time (int, int); 131*ebfedea0SLionel Sambuc 132*ebfedea0SLionel Sambuc KRB5_LIB_FUNCTION int KRB5_LIB_CALL 133*ebfedea0SLionel Sambuc _krb5_krb_time_to_life (time_t, time_t); 134*ebfedea0SLionel Sambuc 135*ebfedea0SLionel Sambuc KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 136*ebfedea0SLionel Sambuc _krb5_krb_tf_setup (krb5_context, struct credentials *, 137*ebfedea0SLionel Sambuc const char *, int); 138*ebfedea0SLionel Sambuc 139*ebfedea0SLionel Sambuc KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 140*ebfedea0SLionel Sambuc _krb5_krb_dest_tkt(krb5_context, const char *); 141*ebfedea0SLionel Sambuc 142*ebfedea0SLionel Sambuc #define krb_time_to_life _krb5_krb_time_to_life 143*ebfedea0SLionel Sambuc #define krb_life_to_time _krb5_krb_life_to_time 144*ebfedea0SLionel Sambuc 145*ebfedea0SLionel Sambuc #endif /* __KRB5_V4COMPAT_H__ */ 146