1/* 2 * Copyright (c) 2004 Kungliga Tekniska H�gskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * 3. Neither the name of the Institute nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34/* $Id: krb5_ccapi.h 22090 2007-12-02 23:23:43Z lha $ */ 35 36#ifndef KRB5_CCAPI_H 37#define KRB5_CCAPI_H 1 38 39#include <krb5-types.h> 40 41enum { 42 cc_credentials_v5 = 2 43}; 44 45enum { 46 ccapi_version_3 = 3, 47 ccapi_version_4 = 4 48}; 49 50enum { 51 ccNoError = 0, 52 53 ccIteratorEnd = 201, 54 ccErrBadParam, 55 ccErrNoMem, 56 ccErrInvalidContext, 57 ccErrInvalidCCache, 58 59 ccErrInvalidString, /* 206 */ 60 ccErrInvalidCredentials, 61 ccErrInvalidCCacheIterator, 62 ccErrInvalidCredentialsIterator, 63 ccErrInvalidLock, 64 65 ccErrBadName, /* 211 */ 66 ccErrBadCredentialsVersion, 67 ccErrBadAPIVersion, 68 ccErrContextLocked, 69 ccErrContextUnlocked, 70 71 ccErrCCacheLocked, /* 216 */ 72 ccErrCCacheUnlocked, 73 ccErrBadLockType, 74 ccErrNeverDefault, 75 ccErrCredentialsNotFound, 76 77 ccErrCCacheNotFound, /* 221 */ 78 ccErrContextNotFound, 79 ccErrServerUnavailable, 80 ccErrServerInsecure, 81 ccErrServerCantBecomeUID, 82 83 ccErrTimeOffsetNotSet /* 226 */ 84}; 85 86typedef int32_t cc_int32; 87typedef uint32_t cc_uint32; 88typedef struct cc_context_t *cc_context_t; 89typedef struct cc_ccache_t *cc_ccache_t; 90typedef struct cc_ccache_iterator_t *cc_ccache_iterator_t; 91typedef struct cc_credentials_v5_t cc_credentials_v5_t; 92typedef struct cc_credentials_t *cc_credentials_t; 93typedef struct cc_credentials_iterator_t *cc_credentials_iterator_t; 94typedef struct cc_string_t *cc_string_t; 95typedef time_t cc_time_t; 96 97typedef struct cc_data { 98 cc_uint32 type; 99 cc_uint32 length; 100 void *data; 101} cc_data; 102 103struct cc_credentials_v5_t { 104 char *client; 105 char *server; 106 cc_data keyblock; 107 cc_time_t authtime; 108 cc_time_t starttime; 109 cc_time_t endtime; 110 cc_time_t renew_till; 111 cc_uint32 is_skey; 112 cc_uint32 ticket_flags; 113#define KRB5_CCAPI_TKT_FLG_FORWARDABLE 0x40000000 114#define KRB5_CCAPI_TKT_FLG_FORWARDED 0x20000000 115#define KRB5_CCAPI_TKT_FLG_PROXIABLE 0x10000000 116#define KRB5_CCAPI_TKT_FLG_PROXY 0x08000000 117#define KRB5_CCAPI_TKT_FLG_MAY_POSTDATE 0x04000000 118#define KRB5_CCAPI_TKT_FLG_POSTDATED 0x02000000 119#define KRB5_CCAPI_TKT_FLG_INVALID 0x01000000 120#define KRB5_CCAPI_TKT_FLG_RENEWABLE 0x00800000 121#define KRB5_CCAPI_TKT_FLG_INITIAL 0x00400000 122#define KRB5_CCAPI_TKT_FLG_PRE_AUTH 0x00200000 123#define KRB5_CCAPI_TKT_FLG_HW_AUTH 0x00100000 124#define KRB5_CCAPI_TKT_FLG_TRANSIT_POLICY_CHECKED 0x00080000 125#define KRB5_CCAPI_TKT_FLG_OK_AS_DELEGATE 0x00040000 126#define KRB5_CCAPI_TKT_FLG_ANONYMOUS 0x00020000 127 cc_data **addresses; 128 cc_data ticket; 129 cc_data second_ticket; 130 cc_data **authdata; 131}; 132 133 134typedef struct cc_string_functions { 135 cc_int32 (*release)(cc_string_t); 136} cc_string_functions; 137 138struct cc_string_t { 139 const char *data; 140 const cc_string_functions *func; 141}; 142 143typedef struct cc_credentials_union { 144 cc_int32 version; 145 union { 146 cc_credentials_v5_t* credentials_v5; 147 } credentials; 148} cc_credentials_union; 149 150struct cc_credentials_functions { 151 cc_int32 (*release)(cc_credentials_t); 152 cc_int32 (*compare)(cc_credentials_t, cc_credentials_t, cc_uint32*); 153}; 154 155struct cc_credentials_t { 156 const cc_credentials_union* data; 157 const struct cc_credentials_functions* func; 158}; 159 160struct cc_credentials_iterator_functions { 161 cc_int32 (*release)(cc_credentials_iterator_t); 162 cc_int32 (*next)(cc_credentials_iterator_t, cc_credentials_t*); 163}; 164 165struct cc_credentials_iterator_t { 166 const struct cc_credentials_iterator_functions *func; 167}; 168 169struct cc_ccache_iterator_functions { 170 cc_int32 (*release) (cc_ccache_iterator_t); 171 cc_int32 (*next)(cc_ccache_iterator_t, cc_ccache_t*); 172}; 173 174struct cc_ccache_iterator_t { 175 const struct cc_ccache_iterator_functions* func; 176}; 177 178typedef struct cc_ccache_functions { 179 cc_int32 (*release)(cc_ccache_t); 180 cc_int32 (*destroy)(cc_ccache_t); 181 cc_int32 (*set_default)(cc_ccache_t); 182 cc_int32 (*get_credentials_version)(cc_ccache_t, cc_uint32*); 183 cc_int32 (*get_name)(cc_ccache_t, cc_string_t*); 184 cc_int32 (*get_principal)(cc_ccache_t, cc_uint32, cc_string_t*); 185 cc_int32 (*set_principal)(cc_ccache_t, cc_uint32, const char*); 186 cc_int32 (*store_credentials)(cc_ccache_t, const cc_credentials_union*); 187 cc_int32 (*remove_credentials)(cc_ccache_t, cc_credentials_t); 188 cc_int32 (*new_credentials_iterator)(cc_ccache_t, 189 cc_credentials_iterator_t*); 190 cc_int32 (*move)(cc_ccache_t, cc_ccache_t); 191 cc_int32 (*lock)(cc_ccache_t, cc_uint32, cc_uint32); 192 cc_int32 (*unlock)(cc_ccache_t); 193 cc_int32 (*get_last_default_time)(cc_ccache_t, cc_time_t*); 194 cc_int32 (*get_change_time)(cc_ccache_t, cc_time_t*); 195 cc_int32 (*compare)(cc_ccache_t, cc_ccache_t, cc_uint32*); 196 cc_int32 (*get_kdc_time_offset)(cc_ccache_t, cc_int32, cc_time_t *); 197 cc_int32 (*set_kdc_time_offset)(cc_ccache_t, cc_int32, cc_time_t); 198 cc_int32 (*clear_kdc_time_offset)(cc_ccache_t, cc_int32); 199} cc_ccache_functions; 200 201struct cc_ccache_t { 202 const cc_ccache_functions *func; 203}; 204 205struct cc_context_functions { 206 cc_int32 (*release)(cc_context_t); 207 cc_int32 (*get_change_time)(cc_context_t, cc_time_t *); 208 cc_int32 (*get_default_ccache_name)(cc_context_t, cc_string_t*); 209 cc_int32 (*open_ccache)(cc_context_t, const char*, cc_ccache_t *); 210 cc_int32 (*open_default_ccache)(cc_context_t, cc_ccache_t*); 211 cc_int32 (*create_ccache)(cc_context_t,const char*, cc_uint32, 212 const char*, cc_ccache_t*); 213 cc_int32 (*create_default_ccache)(cc_context_t, cc_uint32, 214 const char*, cc_ccache_t*); 215 cc_int32 (*create_new_ccache)(cc_context_t, cc_uint32, 216 const char*, cc_ccache_t*); 217 cc_int32 (*new_ccache_iterator)(cc_context_t, cc_ccache_iterator_t*); 218 cc_int32 (*lock)(cc_context_t, cc_uint32, cc_uint32); 219 cc_int32 (*unlock)(cc_context_t); 220 cc_int32 (*compare)(cc_context_t, cc_context_t, cc_uint32*); 221}; 222 223struct cc_context_t { 224 const struct cc_context_functions* func; 225}; 226 227typedef cc_int32 228(*cc_initialize_func)(cc_context_t*, cc_int32, cc_int32 *, char const **); 229 230#endif /* KRB5_CCAPI_H */ 231