root/source4/heimdal/lib/krb5/krb5_locl.h

/* [<][>][^][v][top][bottom][index][help] */

INCLUDED FROM


   1 /*
   2  * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan
   3  * (Royal Institute of Technology, Stockholm, Sweden).
   4  * All rights reserved.
   5  *
   6  * Redistribution and use in source and binary forms, with or without
   7  * modification, are permitted provided that the following conditions
   8  * are met:
   9  *
  10  * 1. Redistributions of source code must retain the above copyright
  11  *    notice, this list of conditions and the following disclaimer.
  12  *
  13  * 2. Redistributions in binary form must reproduce the above copyright
  14  *    notice, this list of conditions and the following disclaimer in the
  15  *    documentation and/or other materials provided with the distribution.
  16  *
  17  * 3. Neither the name of the Institute nor the names of its contributors
  18  *    may be used to endorse or promote products derived from this software
  19  *    without specific prior written permission.
  20  *
  21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
  22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
  25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  31  * SUCH DAMAGE.
  32  */
  33 
  34 /* $Id$ */
  35 
  36 #ifndef __KRB5_LOCL_H__
  37 #define __KRB5_LOCL_H__
  38 
  39 #ifdef HAVE_CONFIG_H
  40 #include <config.h>
  41 #endif
  42 
  43 #include <errno.h>
  44 #include <ctype.h>
  45 #include <string.h>
  46 #include <stdio.h>
  47 #include <stdlib.h>
  48 #include <limits.h>
  49 
  50 #ifdef HAVE_SYS_TYPES_H
  51 #include <sys/types.h>
  52 #endif
  53 #ifdef HAVE_SYS_MMAN_H
  54 #include <sys/mman.h>
  55 #endif
  56 #ifdef HAVE_UNISTD_H
  57 #include <unistd.h>
  58 #endif
  59 #ifdef HAVE_FCNTL_H
  60 #include <fcntl.h>
  61 #endif
  62 
  63 #if defined(HAVE_SYS_IOCTL_H) && SunOS != 40
  64 #include <sys/ioctl.h>
  65 #endif
  66 #ifdef HAVE_PWD_H
  67 #undef _POSIX_PTHREAD_SEMANTICS
  68 /* This gets us the 5-arg getpwnam_r on Solaris 9.  */
  69 #define _POSIX_PTHREAD_SEMANTICS
  70 #include <pwd.h>
  71 #endif
  72 
  73 #ifdef HAVE_SYS_PARAM_H
  74 #include <sys/param.h>
  75 #endif
  76 #include <time.h>
  77 #ifdef HAVE_SYS_TIME_H
  78 #include <sys/time.h>
  79 #endif
  80 #ifdef HAVE_SYS_SELECT_H
  81 #include <sys/select.h>
  82 #endif
  83 #ifdef HAVE_SYS_SOCKET_H
  84 #include <sys/socket.h>
  85 #endif
  86 #ifdef HAVE_NETINET_IN_H
  87 #include <netinet/in.h>
  88 #endif
  89 #ifdef HAVE_NETINET_IN6_H
  90 #include <netinet/in6.h>
  91 #endif
  92 #ifdef HAVE_NETINET6_IN6_H
  93 #include <netinet6/in6.h>
  94 #endif
  95 #ifdef HAVE_NETDB_H
  96 #include <netdb.h>
  97 #endif
  98 #ifdef _AIX
  99 struct ether_addr;
 100 struct mbuf;
 101 struct sockaddr_dl;
 102 #endif
 103 #ifdef HAVE_ARPA_INET_H
 104 #include <arpa/inet.h>
 105 #endif
 106 #ifdef HAVE_ARPA_NAMESER_H
 107 #include <arpa/nameser.h>
 108 #endif
 109 #ifdef HAVE_SYS_UIO_H
 110 #include <sys/uio.h>
 111 #endif
 112 #ifdef HAVE_SYS_FILIO_H
 113 #include <sys/filio.h>
 114 #endif
 115 #ifdef HAVE_SYS_FILE_H
 116 #include <sys/file.h>
 117 #endif
 118 
 119 #define HEIMDAL_TEXTDOMAIN "heimdal_krb5"
 120 
 121 #ifdef HAVE_LIBINTL_H
 122 #include <libintl.h>
 123 #define N_(x,y) dgettext(HEIMDAL_TEXTDOMAIN, x)
 124 #else
 125 #define N_(x,y) (x)
 126 #define bindtextdomain(package, localedir)
 127 #endif
 128 
 129 
 130 #ifdef HAVE_CRYPT_H
 131 #undef des_encrypt
 132 #define des_encrypt wingless_pigs_mostly_fail_to_fly
 133 #include <crypt.h>
 134 #undef des_encrypt
 135 #endif
 136 
 137 #ifdef HAVE_DOOR_CREATE
 138 #include <door.h>
 139 #endif
 140 
 141 #include <roken.h>
 142 #include <parse_time.h>
 143 #include <base64.h>
 144 
 145 #include <wind.h>
 146 
 147 #define HC_DEPRECATED_CRYPTO
 148 #include "crypto-headers.h"
 149 
 150 
 151 #include <krb5_asn1.h>
 152 
 153 struct send_to_kdc;
 154 
 155 /* XXX glue for pkinit */
 156 struct krb5_pk_identity;
 157 struct krb5_pk_cert;
 158 struct ContentInfo;
 159 struct AlgorithmIdentifier;
 160 typedef struct krb5_pk_init_ctx_data *krb5_pk_init_ctx;
 161 struct krb5_dh_moduli;
 162 
 163 /* v4 glue */
 164 struct _krb5_krb_auth_data;
 165 
 166 #include <der.h>
 167 
 168 #include <krb5.h>
 169 #include <krb5_err.h>
 170 #include <asn1_err.h>
 171 #ifdef PKINIT
 172 #include <hx509.h>
 173 #endif
 174 #include <krb5-private.h>
 175 
 176 #include "heim_threads.h"
 177 
 178 #define ALLOC(X, N) (X) = calloc((N), sizeof(*(X)))
 179 #define ALLOC_SEQ(X, N) do { (X)->len = (N); ALLOC((X)->val, (N)); } while(0)
 180 
 181 /* should this be public? */
 182 #define KEYTAB_DEFAULT "FILE:" SYSCONFDIR "/krb5.keytab"
 183 #define KEYTAB_DEFAULT_MODIFY "FILE:" SYSCONFDIR "/krb5.keytab"
 184 
 185 #define MODULI_FILE SYSCONFDIR "/krb5.moduli"
 186 
 187 #ifndef O_BINARY
 188 #define O_BINARY 0
 189 #endif
 190 
 191 #ifndef O_CLOEXEC
 192 #define O_CLOEXEC 0
 193 #endif
 194 
 195 #ifndef SOCK_CLOEXEC
 196 #define SOCK_CLOEXEC 0
 197 #endif
 198 
 199 
 200 #define KRB5_BUFSIZ 1024
 201 
 202 typedef enum {
 203     KRB5_INIT_CREDS_TRISTATE_UNSET = 0,
 204     KRB5_INIT_CREDS_TRISTATE_TRUE,
 205     KRB5_INIT_CREDS_TRISTATE_FALSE
 206 } krb5_get_init_creds_tristate;
 207 
 208 struct _krb5_get_init_creds_opt_private {
 209     int refcount;
 210     /* ENC_TIMESTAMP */
 211     const char *password;
 212     krb5_s2k_proc key_proc;
 213     /* PA_PAC_REQUEST */
 214     krb5_get_init_creds_tristate req_pac;
 215     /* PKINIT */
 216     krb5_pk_init_ctx pk_init_ctx;
 217     KRB_ERROR *error;
 218     krb5_get_init_creds_tristate addressless;
 219     int flags;
 220 #define KRB5_INIT_CREDS_CANONICALIZE            1
 221 #define KRB5_INIT_CREDS_NO_C_CANON_CHECK        2
 222 };
 223 
 224 typedef struct krb5_context_data {
 225     krb5_enctype *etypes;
 226     krb5_enctype *etypes_des;
 227     char **default_realms;
 228     time_t max_skew;
 229     time_t kdc_timeout;
 230     unsigned max_retries;
 231     int32_t kdc_sec_offset;
 232     int32_t kdc_usec_offset;
 233     krb5_config_section *cf;
 234     struct et_list *et_list;
 235     struct krb5_log_facility *warn_dest;
 236     krb5_cc_ops *cc_ops;
 237     int num_cc_ops;
 238     const char *http_proxy;
 239     const char *time_fmt;
 240     krb5_boolean log_utc;
 241     const char *default_keytab;
 242     const char *default_keytab_modify;
 243     krb5_boolean use_admin_kdc;
 244     krb5_addresses *extra_addresses;
 245     krb5_boolean scan_interfaces;       /* `ifconfig -a' */
 246     krb5_boolean srv_lookup;            /* do SRV lookups */
 247     krb5_boolean srv_try_txt;           /* try TXT records also */
 248     int32_t fcache_vno;                 /* create cache files w/ this
 249                                            version */
 250     int num_kt_types;                   /* # of registered keytab types */
 251     struct krb5_keytab_data *kt_types;  /* registered keytab types */
 252     const char *date_fmt;
 253     char *error_string;
 254     krb5_error_code error_code;
 255     krb5_addresses *ignore_addresses;
 256     char *default_cc_name;
 257     char *default_cc_name_env;
 258     int default_cc_name_set;
 259     void *mutex;                        /* protects error_string/error_buf */
 260     int large_msg_size;
 261     int flags;
 262 #define KRB5_CTX_F_DNS_CANONICALIZE_HOSTNAME    1
 263 #define KRB5_CTX_F_CHECK_PAC                    2
 264     struct send_to_kdc *send_to_kdc;
 265 } krb5_context_data;
 266 
 267 #define KRB5_DEFAULT_CCNAME_FILE "FILE:/tmp/krb5cc_%{uid}"
 268 #define KRB5_DEFAULT_CCNAME_API "API:"
 269 #define KRB5_DEFAULT_CCNAME_KCM "KCM:%{uid}"
 270 
 271 #define EXTRACT_TICKET_ALLOW_CNAME_MISMATCH             1
 272 #define EXTRACT_TICKET_ALLOW_SERVER_MISMATCH            2
 273 #define EXTRACT_TICKET_MATCH_REALM                      4
 274 #define EXTRACT_TICKET_AS_REQ                           8
 275 
 276 /*
 277  * Configurable options
 278  */
 279 
 280 #ifndef KRB5_DEFAULT_CCTYPE
 281 #ifdef __APPLE__
 282 #define KRB5_DEFAULT_CCTYPE (&krb5_acc_ops)
 283 #else
 284 #define KRB5_DEFAULT_CCTYPE (&krb5_fcc_ops)
 285 #endif
 286 #endif
 287 
 288 #ifndef KRB5_ADDRESSLESS_DEFAULT
 289 #define KRB5_ADDRESSLESS_DEFAULT TRUE
 290 #endif
 291 
 292 #ifdef PKINIT
 293 
 294 struct krb5_pk_identity {
 295     hx509_context hx509ctx;
 296     hx509_verify_ctx verify_ctx;
 297     hx509_certs certs;
 298     hx509_certs anchors;
 299     hx509_certs certpool;
 300     hx509_revoke_ctx revokectx;
 301 };
 302 
 303 enum krb5_pk_type {
 304     PKINIT_WIN2K = 1,
 305     PKINIT_27 = 2
 306 };
 307 
 308 #endif /* PKINIT */
 309 
 310 #endif /* __KRB5_LOCL_H__ */

/* [<][>][^][v][top][bottom][index][help] */